diff options
Diffstat (limited to 'crypto')
35 files changed, 16296 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig new file mode 100644 index 000000000000..536754faf4d2 --- /dev/null +++ b/crypto/Kconfig | |||
@@ -0,0 +1,292 @@ | |||
1 | # | ||
2 | # Cryptographic API Configuration | ||
3 | # | ||
4 | |||
5 | menu "Cryptographic options" | ||
6 | |||
7 | config CRYPTO | ||
8 | bool "Cryptographic API" | ||
9 | help | ||
10 | This option provides the core Cryptographic API. | ||
11 | |||
12 | config CRYPTO_HMAC | ||
13 | bool "HMAC support" | ||
14 | depends on CRYPTO | ||
15 | help | ||
16 | HMAC: Keyed-Hashing for Message Authentication (RFC2104). | ||
17 | This is required for IPSec. | ||
18 | |||
19 | config CRYPTO_NULL | ||
20 | tristate "Null algorithms" | ||
21 | depends on CRYPTO | ||
22 | help | ||
23 | These are 'Null' algorithms, used by IPsec, which do nothing. | ||
24 | |||
25 | config CRYPTO_MD4 | ||
26 | tristate "MD4 digest algorithm" | ||
27 | depends on CRYPTO | ||
28 | help | ||
29 | MD4 message digest algorithm (RFC1320). | ||
30 | |||
31 | config CRYPTO_MD5 | ||
32 | tristate "MD5 digest algorithm" | ||
33 | depends on CRYPTO | ||
34 | help | ||
35 | MD5 message digest algorithm (RFC1321). | ||
36 | |||
37 | config CRYPTO_SHA1 | ||
38 | tristate "SHA1 digest algorithm" | ||
39 | depends on CRYPTO | ||
40 | help | ||
41 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). | ||
42 | |||
43 | config CRYPTO_SHA1_Z990 | ||
44 | tristate "SHA1 digest algorithm for IBM zSeries z990" | ||
45 | depends on CRYPTO && ARCH_S390 | ||
46 | help | ||
47 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). | ||
48 | |||
49 | config CRYPTO_SHA256 | ||
50 | tristate "SHA256 digest algorithm" | ||
51 | depends on CRYPTO | ||
52 | help | ||
53 | SHA256 secure hash standard (DFIPS 180-2). | ||
54 | |||
55 | This version of SHA implements a 256 bit hash with 128 bits of | ||
56 | security against collision attacks. | ||
57 | |||
58 | config CRYPTO_SHA512 | ||
59 | tristate "SHA384 and SHA512 digest algorithms" | ||
60 | depends on CRYPTO | ||
61 | help | ||
62 | SHA512 secure hash standard (DFIPS 180-2). | ||
63 | |||
64 | This version of SHA implements a 512 bit hash with 256 bits of | ||
65 | security against collision attacks. | ||
66 | |||
67 | This code also includes SHA-384, a 384 bit hash with 192 bits | ||
68 | of security against collision attacks. | ||
69 | |||
70 | config CRYPTO_WP512 | ||
71 | tristate "Whirlpool digest algorithms" | ||
72 | depends on CRYPTO | ||
73 | help | ||
74 | Whirlpool hash algorithm 512, 384 and 256-bit hashes | ||
75 | |||
76 | Whirlpool-512 is part of the NESSIE cryptographic primitives. | ||
77 | Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard | ||
78 | |||
79 | See also: | ||
80 | <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> | ||
81 | |||
82 | config CRYPTO_TGR192 | ||
83 | tristate "Tiger digest algorithms" | ||
84 | depends on CRYPTO | ||
85 | help | ||
86 | Tiger hash algorithm 192, 160 and 128-bit hashes | ||
87 | |||
88 | Tiger is a hash function optimized for 64-bit processors while | ||
89 | still having decent performance on 32-bit processors. | ||
90 | Tiger was developed by Ross Anderson and Eli Biham. | ||
91 | |||
92 | See also: | ||
93 | <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. | ||
94 | |||
95 | config CRYPTO_DES | ||
96 | tristate "DES and Triple DES EDE cipher algorithms" | ||
97 | depends on CRYPTO | ||
98 | help | ||
99 | DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). | ||
100 | |||
101 | config CRYPTO_DES_Z990 | ||
102 | tristate "DES and Triple DES cipher algorithms for IBM zSeries z990" | ||
103 | depends on CRYPTO && ARCH_S390 | ||
104 | help | ||
105 | DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). | ||
106 | |||
107 | config CRYPTO_BLOWFISH | ||
108 | tristate "Blowfish cipher algorithm" | ||
109 | depends on CRYPTO | ||
110 | help | ||
111 | Blowfish cipher algorithm, by Bruce Schneier. | ||
112 | |||
113 | This is a variable key length cipher which can use keys from 32 | ||
114 | bits to 448 bits in length. It's fast, simple and specifically | ||
115 | designed for use on "large microprocessors". | ||
116 | |||
117 | See also: | ||
118 | <http://www.schneier.com/blowfish.html> | ||
119 | |||
120 | config CRYPTO_TWOFISH | ||
121 | tristate "Twofish cipher algorithm" | ||
122 | depends on CRYPTO | ||
123 | help | ||
124 | Twofish cipher algorithm. | ||
125 | |||
126 | Twofish was submitted as an AES (Advanced Encryption Standard) | ||
127 | candidate cipher by researchers at CounterPane Systems. It is a | ||
128 | 16 round block cipher supporting key sizes of 128, 192, and 256 | ||
129 | bits. | ||
130 | |||
131 | See also: | ||
132 | <http://www.schneier.com/twofish.html> | ||
133 | |||
134 | config CRYPTO_SERPENT | ||
135 | tristate "Serpent cipher algorithm" | ||
136 | depends on CRYPTO | ||
137 | help | ||
138 | Serpent cipher algorithm, by Anderson, Biham & Knudsen. | ||
139 | |||
140 | Keys are allowed to be from 0 to 256 bits in length, in steps | ||
141 | of 8 bits. Also includes the 'Tnepres' algorithm, a reversed | ||
142 | variant of Serpent for compatibility with old kerneli code. | ||
143 | |||
144 | See also: | ||
145 | <http://www.cl.cam.ac.uk/~rja14/serpent.html> | ||
146 | |||
147 | config CRYPTO_AES | ||
148 | tristate "AES cipher algorithms" | ||
149 | depends on CRYPTO && !(X86 && !X86_64) | ||
150 | help | ||
151 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | ||
152 | algorithm. | ||
153 | |||
154 | Rijndael appears to be consistently a very good performer in | ||
155 | both hardware and software across a wide range of computing | ||
156 | environments regardless of its use in feedback or non-feedback | ||
157 | modes. Its key setup time is excellent, and its key agility is | ||
158 | good. Rijndael's very low memory requirements make it very well | ||
159 | suited for restricted-space environments, in which it also | ||
160 | demonstrates excellent performance. Rijndael's operations are | ||
161 | among the easiest to defend against power and timing attacks. | ||
162 | |||
163 | The AES specifies three key sizes: 128, 192 and 256 bits | ||
164 | |||
165 | See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. | ||
166 | |||
167 | config CRYPTO_AES_586 | ||
168 | tristate "AES cipher algorithms (i586)" | ||
169 | depends on CRYPTO && (X86 && !X86_64) | ||
170 | help | ||
171 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | ||
172 | algorithm. | ||
173 | |||
174 | Rijndael appears to be consistently a very good performer in | ||
175 | both hardware and software across a wide range of computing | ||
176 | environments regardless of its use in feedback or non-feedback | ||
177 | modes. Its key setup time is excellent, and its key agility is | ||
178 | good. Rijndael's very low memory requirements make it very well | ||
179 | suited for restricted-space environments, in which it also | ||
180 | demonstrates excellent performance. Rijndael's operations are | ||
181 | among the easiest to defend against power and timing attacks. | ||
182 | |||
183 | The AES specifies three key sizes: 128, 192 and 256 bits | ||
184 | |||
185 | See <http://csrc.nist.gov/encryption/aes/> for more information. | ||
186 | |||
187 | config CRYPTO_CAST5 | ||
188 | tristate "CAST5 (CAST-128) cipher algorithm" | ||
189 | depends on CRYPTO | ||
190 | help | ||
191 | The CAST5 encryption algorithm (synonymous with CAST-128) is | ||
192 | described in RFC2144. | ||
193 | |||
194 | config CRYPTO_CAST6 | ||
195 | tristate "CAST6 (CAST-256) cipher algorithm" | ||
196 | depends on CRYPTO | ||
197 | help | ||
198 | The CAST6 encryption algorithm (synonymous with CAST-256) is | ||
199 | described in RFC2612. | ||
200 | |||
201 | config CRYPTO_TEA | ||
202 | tristate "TEA and XTEA cipher algorithms" | ||
203 | depends on CRYPTO | ||
204 | help | ||
205 | TEA cipher algorithm. | ||
206 | |||
207 | Tiny Encryption Algorithm is a simple cipher that uses | ||
208 | many rounds for security. It is very fast and uses | ||
209 | little memory. | ||
210 | |||
211 | Xtendend Tiny Encryption Algorithm is a modification to | ||
212 | the TEA algorithm to address a potential key weakness | ||
213 | in the TEA algorithm. | ||
214 | |||
215 | config CRYPTO_ARC4 | ||
216 | tristate "ARC4 cipher algorithm" | ||
217 | depends on CRYPTO | ||
218 | help | ||
219 | ARC4 cipher algorithm. | ||
220 | |||
221 | ARC4 is a stream cipher using keys ranging from 8 bits to 2048 | ||
222 | bits in length. This algorithm is required for driver-based | ||
223 | WEP, but it should not be for other purposes because of the | ||
224 | weakness of the algorithm. | ||
225 | |||
226 | config CRYPTO_KHAZAD | ||
227 | tristate "Khazad cipher algorithm" | ||
228 | depends on CRYPTO | ||
229 | help | ||
230 | Khazad cipher algorithm. | ||
231 | |||
232 | Khazad was a finalist in the initial NESSIE competition. It is | ||
233 | an algorithm optimized for 64-bit processors with good performance | ||
234 | on 32-bit processors. Khazad uses an 128 bit key size. | ||
235 | |||
236 | See also: | ||
237 | <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> | ||
238 | |||
239 | config CRYPTO_ANUBIS | ||
240 | tristate "Anubis cipher algorithm" | ||
241 | depends on CRYPTO | ||
242 | help | ||
243 | Anubis cipher algorithm. | ||
244 | |||
245 | Anubis is a variable key length cipher which can use keys from | ||
246 | 128 bits to 320 bits in length. It was evaluated as a entrant | ||
247 | in the NESSIE competition. | ||
248 | |||
249 | See also: | ||
250 | <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> | ||
251 | <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> | ||
252 | |||
253 | |||
254 | config CRYPTO_DEFLATE | ||
255 | tristate "Deflate compression algorithm" | ||
256 | depends on CRYPTO | ||
257 | select ZLIB_INFLATE | ||
258 | select ZLIB_DEFLATE | ||
259 | help | ||
260 | This is the Deflate algorithm (RFC1951), specified for use in | ||
261 | IPSec with the IPCOMP protocol (RFC3173, RFC2394). | ||
262 | |||
263 | You will most probably want this if using IPSec. | ||
264 | |||
265 | config CRYPTO_MICHAEL_MIC | ||
266 | tristate "Michael MIC keyed digest algorithm" | ||
267 | depends on CRYPTO | ||
268 | help | ||
269 | Michael MIC is used for message integrity protection in TKIP | ||
270 | (IEEE 802.11i). This algorithm is required for TKIP, but it | ||
271 | should not be used for other purposes because of the weakness | ||
272 | of the algorithm. | ||
273 | |||
274 | config CRYPTO_CRC32C | ||
275 | tristate "CRC32c CRC algorithm" | ||
276 | depends on CRYPTO | ||
277 | select LIBCRC32C | ||
278 | help | ||
279 | Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used | ||
280 | by iSCSI for header and data digests and by others. | ||
281 | See Castagnoli93. This implementation uses lib/libcrc32c. | ||
282 | Module will be crc32c. | ||
283 | |||
284 | config CRYPTO_TEST | ||
285 | tristate "Testing module" | ||
286 | depends on CRYPTO | ||
287 | help | ||
288 | Quick & dirty crypto test module. | ||
289 | |||
290 | source "drivers/crypto/Kconfig" | ||
291 | endmenu | ||
292 | |||
diff --git a/crypto/Makefile b/crypto/Makefile new file mode 100644 index 000000000000..d287b9e60c47 --- /dev/null +++ b/crypto/Makefile | |||
@@ -0,0 +1,34 @@ | |||
1 | # | ||
2 | # Cryptographic API | ||
3 | # | ||
4 | |||
5 | proc-crypto-$(CONFIG_PROC_FS) = proc.o | ||
6 | |||
7 | obj-$(CONFIG_CRYPTO) += api.o scatterwalk.o cipher.o digest.o compress.o \ | ||
8 | $(proc-crypto-y) | ||
9 | |||
10 | obj-$(CONFIG_CRYPTO_HMAC) += hmac.o | ||
11 | obj-$(CONFIG_CRYPTO_NULL) += crypto_null.o | ||
12 | obj-$(CONFIG_CRYPTO_MD4) += md4.o | ||
13 | obj-$(CONFIG_CRYPTO_MD5) += md5.o | ||
14 | obj-$(CONFIG_CRYPTO_SHA1) += sha1.o | ||
15 | obj-$(CONFIG_CRYPTO_SHA256) += sha256.o | ||
16 | obj-$(CONFIG_CRYPTO_SHA512) += sha512.o | ||
17 | obj-$(CONFIG_CRYPTO_WP512) += wp512.o | ||
18 | obj-$(CONFIG_CRYPTO_TGR192) += tgr192.o | ||
19 | obj-$(CONFIG_CRYPTO_DES) += des.o | ||
20 | obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o | ||
21 | obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o | ||
22 | obj-$(CONFIG_CRYPTO_SERPENT) += serpent.o | ||
23 | obj-$(CONFIG_CRYPTO_AES) += aes.o | ||
24 | obj-$(CONFIG_CRYPTO_CAST5) += cast5.o | ||
25 | obj-$(CONFIG_CRYPTO_CAST6) += cast6.o | ||
26 | obj-$(CONFIG_CRYPTO_ARC4) += arc4.o | ||
27 | obj-$(CONFIG_CRYPTO_TEA) += tea.o | ||
28 | obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o | ||
29 | obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o | ||
30 | obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o | ||
31 | obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o | ||
32 | obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o | ||
33 | |||
34 | obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o | ||
diff --git a/crypto/aes.c b/crypto/aes.c new file mode 100644 index 000000000000..d0dd7c3c5278 --- /dev/null +++ b/crypto/aes.c | |||
@@ -0,0 +1,451 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * AES Cipher Algorithm. | ||
5 | * | ||
6 | * Based on Brian Gladman's code. | ||
7 | * | ||
8 | * Linux developers: | ||
9 | * Alexander Kjeldaas <astor@fast.no> | ||
10 | * Herbert Valerio Riedel <hvr@hvrlab.org> | ||
11 | * Kyle McMartin <kyle@debian.org> | ||
12 | * Adam J. Richter <adam@yggdrasil.com> (conversion to 2.5 API). | ||
13 | * | ||
14 | * This program is free software; you can redistribute it and/or modify | ||
15 | * it under the terms of the GNU General Public License as published by | ||
16 | * the Free Software Foundation; either version 2 of the License, or | ||
17 | * (at your option) any later version. | ||
18 | * | ||
19 | * --------------------------------------------------------------------------- | ||
20 | * Copyright (c) 2002, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK. | ||
21 | * All rights reserved. | ||
22 | * | ||
23 | * LICENSE TERMS | ||
24 | * | ||
25 | * The free distribution and use of this software in both source and binary | ||
26 | * form is allowed (with or without changes) provided that: | ||
27 | * | ||
28 | * 1. distributions of this source code include the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer; | ||
30 | * | ||
31 | * 2. distributions in binary form include the above copyright | ||
32 | * notice, this list of conditions and the following disclaimer | ||
33 | * in the documentation and/or other associated materials; | ||
34 | * | ||
35 | * 3. the copyright holder's name is not used to endorse products | ||
36 | * built using this software without specific written permission. | ||
37 | * | ||
38 | * ALTERNATIVELY, provided that this notice is retained in full, this product | ||
39 | * may be distributed under the terms of the GNU General Public License (GPL), | ||
40 | * in which case the provisions of the GPL apply INSTEAD OF those given above. | ||
41 | * | ||
42 | * DISCLAIMER | ||
43 | * | ||
44 | * This software is provided 'as is' with no explicit or implied warranties | ||
45 | * in respect of its properties, including, but not limited to, correctness | ||
46 | * and/or fitness for purpose. | ||
47 | * --------------------------------------------------------------------------- | ||
48 | */ | ||
49 | |||
50 | /* Some changes from the Gladman version: | ||
51 | s/RIJNDAEL(e_key)/E_KEY/g | ||
52 | s/RIJNDAEL(d_key)/D_KEY/g | ||
53 | */ | ||
54 | |||
55 | #include <linux/module.h> | ||
56 | #include <linux/init.h> | ||
57 | #include <linux/types.h> | ||
58 | #include <linux/errno.h> | ||
59 | #include <linux/crypto.h> | ||
60 | #include <asm/byteorder.h> | ||
61 | |||
62 | #define AES_MIN_KEY_SIZE 16 | ||
63 | #define AES_MAX_KEY_SIZE 32 | ||
64 | |||
65 | #define AES_BLOCK_SIZE 16 | ||
66 | |||
67 | /* | ||
68 | * #define byte(x, nr) ((unsigned char)((x) >> (nr*8))) | ||
69 | */ | ||
70 | inline static u8 | ||
71 | byte(const u32 x, const unsigned n) | ||
72 | { | ||
73 | return x >> (n << 3); | ||
74 | } | ||
75 | |||
76 | #define u32_in(x) le32_to_cpu(*(const u32 *)(x)) | ||
77 | #define u32_out(to, from) (*(u32 *)(to) = cpu_to_le32(from)) | ||
78 | |||
79 | struct aes_ctx { | ||
80 | int key_length; | ||
81 | u32 E[60]; | ||
82 | u32 D[60]; | ||
83 | }; | ||
84 | |||
85 | #define E_KEY ctx->E | ||
86 | #define D_KEY ctx->D | ||
87 | |||
88 | static u8 pow_tab[256] __initdata; | ||
89 | static u8 log_tab[256] __initdata; | ||
90 | static u8 sbx_tab[256] __initdata; | ||
91 | static u8 isb_tab[256] __initdata; | ||
92 | static u32 rco_tab[10]; | ||
93 | static u32 ft_tab[4][256]; | ||
94 | static u32 it_tab[4][256]; | ||
95 | |||
96 | static u32 fl_tab[4][256]; | ||
97 | static u32 il_tab[4][256]; | ||
98 | |||
99 | static inline u8 __init | ||
100 | f_mult (u8 a, u8 b) | ||
101 | { | ||
102 | u8 aa = log_tab[a], cc = aa + log_tab[b]; | ||
103 | |||
104 | return pow_tab[cc + (cc < aa ? 1 : 0)]; | ||
105 | } | ||
106 | |||
107 | #define ff_mult(a,b) (a && b ? f_mult(a, b) : 0) | ||
108 | |||
109 | #define f_rn(bo, bi, n, k) \ | ||
110 | bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ | ||
111 | ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | ||
112 | ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
113 | ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | ||
114 | |||
115 | #define i_rn(bo, bi, n, k) \ | ||
116 | bo[n] = it_tab[0][byte(bi[n],0)] ^ \ | ||
117 | it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | ||
118 | it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
119 | it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | ||
120 | |||
121 | #define ls_box(x) \ | ||
122 | ( fl_tab[0][byte(x, 0)] ^ \ | ||
123 | fl_tab[1][byte(x, 1)] ^ \ | ||
124 | fl_tab[2][byte(x, 2)] ^ \ | ||
125 | fl_tab[3][byte(x, 3)] ) | ||
126 | |||
127 | #define f_rl(bo, bi, n, k) \ | ||
128 | bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ | ||
129 | fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | ||
130 | fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
131 | fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | ||
132 | |||
133 | #define i_rl(bo, bi, n, k) \ | ||
134 | bo[n] = il_tab[0][byte(bi[n],0)] ^ \ | ||
135 | il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | ||
136 | il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
137 | il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | ||
138 | |||
139 | static void __init | ||
140 | gen_tabs (void) | ||
141 | { | ||
142 | u32 i, t; | ||
143 | u8 p, q; | ||
144 | |||
145 | /* log and power tables for GF(2**8) finite field with | ||
146 | 0x011b as modular polynomial - the simplest primitive | ||
147 | root is 0x03, used here to generate the tables */ | ||
148 | |||
149 | for (i = 0, p = 1; i < 256; ++i) { | ||
150 | pow_tab[i] = (u8) p; | ||
151 | log_tab[p] = (u8) i; | ||
152 | |||
153 | p ^= (p << 1) ^ (p & 0x80 ? 0x01b : 0); | ||
154 | } | ||
155 | |||
156 | log_tab[1] = 0; | ||
157 | |||
158 | for (i = 0, p = 1; i < 10; ++i) { | ||
159 | rco_tab[i] = p; | ||
160 | |||
161 | p = (p << 1) ^ (p & 0x80 ? 0x01b : 0); | ||
162 | } | ||
163 | |||
164 | for (i = 0; i < 256; ++i) { | ||
165 | p = (i ? pow_tab[255 - log_tab[i]] : 0); | ||
166 | q = ((p >> 7) | (p << 1)) ^ ((p >> 6) | (p << 2)); | ||
167 | p ^= 0x63 ^ q ^ ((q >> 6) | (q << 2)); | ||
168 | sbx_tab[i] = p; | ||
169 | isb_tab[p] = (u8) i; | ||
170 | } | ||
171 | |||
172 | for (i = 0; i < 256; ++i) { | ||
173 | p = sbx_tab[i]; | ||
174 | |||
175 | t = p; | ||
176 | fl_tab[0][i] = t; | ||
177 | fl_tab[1][i] = rol32(t, 8); | ||
178 | fl_tab[2][i] = rol32(t, 16); | ||
179 | fl_tab[3][i] = rol32(t, 24); | ||
180 | |||
181 | t = ((u32) ff_mult (2, p)) | | ||
182 | ((u32) p << 8) | | ||
183 | ((u32) p << 16) | ((u32) ff_mult (3, p) << 24); | ||
184 | |||
185 | ft_tab[0][i] = t; | ||
186 | ft_tab[1][i] = rol32(t, 8); | ||
187 | ft_tab[2][i] = rol32(t, 16); | ||
188 | ft_tab[3][i] = rol32(t, 24); | ||
189 | |||
190 | p = isb_tab[i]; | ||
191 | |||
192 | t = p; | ||
193 | il_tab[0][i] = t; | ||
194 | il_tab[1][i] = rol32(t, 8); | ||
195 | il_tab[2][i] = rol32(t, 16); | ||
196 | il_tab[3][i] = rol32(t, 24); | ||
197 | |||
198 | t = ((u32) ff_mult (14, p)) | | ||
199 | ((u32) ff_mult (9, p) << 8) | | ||
200 | ((u32) ff_mult (13, p) << 16) | | ||
201 | ((u32) ff_mult (11, p) << 24); | ||
202 | |||
203 | it_tab[0][i] = t; | ||
204 | it_tab[1][i] = rol32(t, 8); | ||
205 | it_tab[2][i] = rol32(t, 16); | ||
206 | it_tab[3][i] = rol32(t, 24); | ||
207 | } | ||
208 | } | ||
209 | |||
210 | #define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) | ||
211 | |||
212 | #define imix_col(y,x) \ | ||
213 | u = star_x(x); \ | ||
214 | v = star_x(u); \ | ||
215 | w = star_x(v); \ | ||
216 | t = w ^ (x); \ | ||
217 | (y) = u ^ v ^ w; \ | ||
218 | (y) ^= ror32(u ^ t, 8) ^ \ | ||
219 | ror32(v ^ t, 16) ^ \ | ||
220 | ror32(t,24) | ||
221 | |||
222 | /* initialise the key schedule from the user supplied key */ | ||
223 | |||
224 | #define loop4(i) \ | ||
225 | { t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ | ||
226 | t ^= E_KEY[4 * i]; E_KEY[4 * i + 4] = t; \ | ||
227 | t ^= E_KEY[4 * i + 1]; E_KEY[4 * i + 5] = t; \ | ||
228 | t ^= E_KEY[4 * i + 2]; E_KEY[4 * i + 6] = t; \ | ||
229 | t ^= E_KEY[4 * i + 3]; E_KEY[4 * i + 7] = t; \ | ||
230 | } | ||
231 | |||
232 | #define loop6(i) \ | ||
233 | { t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ | ||
234 | t ^= E_KEY[6 * i]; E_KEY[6 * i + 6] = t; \ | ||
235 | t ^= E_KEY[6 * i + 1]; E_KEY[6 * i + 7] = t; \ | ||
236 | t ^= E_KEY[6 * i + 2]; E_KEY[6 * i + 8] = t; \ | ||
237 | t ^= E_KEY[6 * i + 3]; E_KEY[6 * i + 9] = t; \ | ||
238 | t ^= E_KEY[6 * i + 4]; E_KEY[6 * i + 10] = t; \ | ||
239 | t ^= E_KEY[6 * i + 5]; E_KEY[6 * i + 11] = t; \ | ||
240 | } | ||
241 | |||
242 | #define loop8(i) \ | ||
243 | { t = ror32(t, 8); ; t = ls_box(t) ^ rco_tab[i]; \ | ||
244 | t ^= E_KEY[8 * i]; E_KEY[8 * i + 8] = t; \ | ||
245 | t ^= E_KEY[8 * i + 1]; E_KEY[8 * i + 9] = t; \ | ||
246 | t ^= E_KEY[8 * i + 2]; E_KEY[8 * i + 10] = t; \ | ||
247 | t ^= E_KEY[8 * i + 3]; E_KEY[8 * i + 11] = t; \ | ||
248 | t = E_KEY[8 * i + 4] ^ ls_box(t); \ | ||
249 | E_KEY[8 * i + 12] = t; \ | ||
250 | t ^= E_KEY[8 * i + 5]; E_KEY[8 * i + 13] = t; \ | ||
251 | t ^= E_KEY[8 * i + 6]; E_KEY[8 * i + 14] = t; \ | ||
252 | t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \ | ||
253 | } | ||
254 | |||
255 | static int | ||
256 | aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) | ||
257 | { | ||
258 | struct aes_ctx *ctx = ctx_arg; | ||
259 | u32 i, t, u, v, w; | ||
260 | |||
261 | if (key_len != 16 && key_len != 24 && key_len != 32) { | ||
262 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
263 | return -EINVAL; | ||
264 | } | ||
265 | |||
266 | ctx->key_length = key_len; | ||
267 | |||
268 | E_KEY[0] = u32_in (in_key); | ||
269 | E_KEY[1] = u32_in (in_key + 4); | ||
270 | E_KEY[2] = u32_in (in_key + 8); | ||
271 | E_KEY[3] = u32_in (in_key + 12); | ||
272 | |||
273 | switch (key_len) { | ||
274 | case 16: | ||
275 | t = E_KEY[3]; | ||
276 | for (i = 0; i < 10; ++i) | ||
277 | loop4 (i); | ||
278 | break; | ||
279 | |||
280 | case 24: | ||
281 | E_KEY[4] = u32_in (in_key + 16); | ||
282 | t = E_KEY[5] = u32_in (in_key + 20); | ||
283 | for (i = 0; i < 8; ++i) | ||
284 | loop6 (i); | ||
285 | break; | ||
286 | |||
287 | case 32: | ||
288 | E_KEY[4] = u32_in (in_key + 16); | ||
289 | E_KEY[5] = u32_in (in_key + 20); | ||
290 | E_KEY[6] = u32_in (in_key + 24); | ||
291 | t = E_KEY[7] = u32_in (in_key + 28); | ||
292 | for (i = 0; i < 7; ++i) | ||
293 | loop8 (i); | ||
294 | break; | ||
295 | } | ||
296 | |||
297 | D_KEY[0] = E_KEY[0]; | ||
298 | D_KEY[1] = E_KEY[1]; | ||
299 | D_KEY[2] = E_KEY[2]; | ||
300 | D_KEY[3] = E_KEY[3]; | ||
301 | |||
302 | for (i = 4; i < key_len + 24; ++i) { | ||
303 | imix_col (D_KEY[i], E_KEY[i]); | ||
304 | } | ||
305 | |||
306 | return 0; | ||
307 | } | ||
308 | |||
309 | /* encrypt a block of text */ | ||
310 | |||
311 | #define f_nround(bo, bi, k) \ | ||
312 | f_rn(bo, bi, 0, k); \ | ||
313 | f_rn(bo, bi, 1, k); \ | ||
314 | f_rn(bo, bi, 2, k); \ | ||
315 | f_rn(bo, bi, 3, k); \ | ||
316 | k += 4 | ||
317 | |||
318 | #define f_lround(bo, bi, k) \ | ||
319 | f_rl(bo, bi, 0, k); \ | ||
320 | f_rl(bo, bi, 1, k); \ | ||
321 | f_rl(bo, bi, 2, k); \ | ||
322 | f_rl(bo, bi, 3, k) | ||
323 | |||
324 | static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) | ||
325 | { | ||
326 | const struct aes_ctx *ctx = ctx_arg; | ||
327 | u32 b0[4], b1[4]; | ||
328 | const u32 *kp = E_KEY + 4; | ||
329 | |||
330 | b0[0] = u32_in (in) ^ E_KEY[0]; | ||
331 | b0[1] = u32_in (in + 4) ^ E_KEY[1]; | ||
332 | b0[2] = u32_in (in + 8) ^ E_KEY[2]; | ||
333 | b0[3] = u32_in (in + 12) ^ E_KEY[3]; | ||
334 | |||
335 | if (ctx->key_length > 24) { | ||
336 | f_nround (b1, b0, kp); | ||
337 | f_nround (b0, b1, kp); | ||
338 | } | ||
339 | |||
340 | if (ctx->key_length > 16) { | ||
341 | f_nround (b1, b0, kp); | ||
342 | f_nround (b0, b1, kp); | ||
343 | } | ||
344 | |||
345 | f_nround (b1, b0, kp); | ||
346 | f_nround (b0, b1, kp); | ||
347 | f_nround (b1, b0, kp); | ||
348 | f_nround (b0, b1, kp); | ||
349 | f_nround (b1, b0, kp); | ||
350 | f_nround (b0, b1, kp); | ||
351 | f_nround (b1, b0, kp); | ||
352 | f_nround (b0, b1, kp); | ||
353 | f_nround (b1, b0, kp); | ||
354 | f_lround (b0, b1, kp); | ||
355 | |||
356 | u32_out (out, b0[0]); | ||
357 | u32_out (out + 4, b0[1]); | ||
358 | u32_out (out + 8, b0[2]); | ||
359 | u32_out (out + 12, b0[3]); | ||
360 | } | ||
361 | |||
362 | /* decrypt a block of text */ | ||
363 | |||
364 | #define i_nround(bo, bi, k) \ | ||
365 | i_rn(bo, bi, 0, k); \ | ||
366 | i_rn(bo, bi, 1, k); \ | ||
367 | i_rn(bo, bi, 2, k); \ | ||
368 | i_rn(bo, bi, 3, k); \ | ||
369 | k -= 4 | ||
370 | |||
371 | #define i_lround(bo, bi, k) \ | ||
372 | i_rl(bo, bi, 0, k); \ | ||
373 | i_rl(bo, bi, 1, k); \ | ||
374 | i_rl(bo, bi, 2, k); \ | ||
375 | i_rl(bo, bi, 3, k) | ||
376 | |||
377 | static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) | ||
378 | { | ||
379 | const struct aes_ctx *ctx = ctx_arg; | ||
380 | u32 b0[4], b1[4]; | ||
381 | const int key_len = ctx->key_length; | ||
382 | const u32 *kp = D_KEY + key_len + 20; | ||
383 | |||
384 | b0[0] = u32_in (in) ^ E_KEY[key_len + 24]; | ||
385 | b0[1] = u32_in (in + 4) ^ E_KEY[key_len + 25]; | ||
386 | b0[2] = u32_in (in + 8) ^ E_KEY[key_len + 26]; | ||
387 | b0[3] = u32_in (in + 12) ^ E_KEY[key_len + 27]; | ||
388 | |||
389 | if (key_len > 24) { | ||
390 | i_nround (b1, b0, kp); | ||
391 | i_nround (b0, b1, kp); | ||
392 | } | ||
393 | |||
394 | if (key_len > 16) { | ||
395 | i_nround (b1, b0, kp); | ||
396 | i_nround (b0, b1, kp); | ||
397 | } | ||
398 | |||
399 | i_nround (b1, b0, kp); | ||
400 | i_nround (b0, b1, kp); | ||
401 | i_nround (b1, b0, kp); | ||
402 | i_nround (b0, b1, kp); | ||
403 | i_nround (b1, b0, kp); | ||
404 | i_nround (b0, b1, kp); | ||
405 | i_nround (b1, b0, kp); | ||
406 | i_nround (b0, b1, kp); | ||
407 | i_nround (b1, b0, kp); | ||
408 | i_lround (b0, b1, kp); | ||
409 | |||
410 | u32_out (out, b0[0]); | ||
411 | u32_out (out + 4, b0[1]); | ||
412 | u32_out (out + 8, b0[2]); | ||
413 | u32_out (out + 12, b0[3]); | ||
414 | } | ||
415 | |||
416 | |||
417 | static struct crypto_alg aes_alg = { | ||
418 | .cra_name = "aes", | ||
419 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
420 | .cra_blocksize = AES_BLOCK_SIZE, | ||
421 | .cra_ctxsize = sizeof(struct aes_ctx), | ||
422 | .cra_module = THIS_MODULE, | ||
423 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), | ||
424 | .cra_u = { | ||
425 | .cipher = { | ||
426 | .cia_min_keysize = AES_MIN_KEY_SIZE, | ||
427 | .cia_max_keysize = AES_MAX_KEY_SIZE, | ||
428 | .cia_setkey = aes_set_key, | ||
429 | .cia_encrypt = aes_encrypt, | ||
430 | .cia_decrypt = aes_decrypt | ||
431 | } | ||
432 | } | ||
433 | }; | ||
434 | |||
435 | static int __init aes_init(void) | ||
436 | { | ||
437 | gen_tabs(); | ||
438 | return crypto_register_alg(&aes_alg); | ||
439 | } | ||
440 | |||
441 | static void __exit aes_fini(void) | ||
442 | { | ||
443 | crypto_unregister_alg(&aes_alg); | ||
444 | } | ||
445 | |||
446 | module_init(aes_init); | ||
447 | module_exit(aes_fini); | ||
448 | |||
449 | MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm"); | ||
450 | MODULE_LICENSE("Dual BSD/GPL"); | ||
451 | |||
diff --git a/crypto/anubis.c b/crypto/anubis.c new file mode 100644 index 000000000000..3925eb0133cb --- /dev/null +++ b/crypto/anubis.c | |||
@@ -0,0 +1,719 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Anubis Algorithm | ||
5 | * | ||
6 | * The Anubis algorithm was developed by Paulo S. L. M. Barreto and | ||
7 | * Vincent Rijmen. | ||
8 | * | ||
9 | * See | ||
10 | * | ||
11 | * P.S.L.M. Barreto, V. Rijmen, | ||
12 | * ``The Anubis block cipher,'' | ||
13 | * NESSIE submission, 2000. | ||
14 | * | ||
15 | * This software implements the "tweaked" version of Anubis. | ||
16 | * Only the S-box and (consequently) the rounds constants have been | ||
17 | * changed. | ||
18 | * | ||
19 | * The original authors have disclaimed all copyright interest in this | ||
20 | * code and thus put it in the public domain. The subsequent authors | ||
21 | * have put this under the GNU General Public License. | ||
22 | * | ||
23 | * By Aaron Grothe ajgrothe@yahoo.com, October 28, 2004 | ||
24 | * | ||
25 | * This program is free software; you can redistribute it and/or modify | ||
26 | * it under the terms of the GNU General Public License as published by | ||
27 | * the Free Software Foundation; either version 2 of the License, or | ||
28 | * (at your option) any later version. | ||
29 | * | ||
30 | */ | ||
31 | |||
32 | #include <linux/init.h> | ||
33 | #include <linux/module.h> | ||
34 | #include <linux/mm.h> | ||
35 | #include <asm/scatterlist.h> | ||
36 | #include <linux/crypto.h> | ||
37 | |||
38 | #define ANUBIS_MIN_KEY_SIZE 16 | ||
39 | #define ANUBIS_MAX_KEY_SIZE 40 | ||
40 | #define ANUBIS_BLOCK_SIZE 16 | ||
41 | #define ANUBIS_MAX_N 10 | ||
42 | #define ANUBIS_MAX_ROUNDS (8 + ANUBIS_MAX_N) | ||
43 | |||
44 | struct anubis_ctx { | ||
45 | int key_len; // in bits | ||
46 | int R; | ||
47 | u32 E[ANUBIS_MAX_ROUNDS + 1][4]; | ||
48 | u32 D[ANUBIS_MAX_ROUNDS + 1][4]; | ||
49 | }; | ||
50 | |||
51 | static const u32 T0[256] = { | ||
52 | 0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U, | ||
53 | 0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U, | ||
54 | 0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U, | ||
55 | 0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U, | ||
56 | 0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU, | ||
57 | 0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U, | ||
58 | 0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U, | ||
59 | 0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U, | ||
60 | 0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU, | ||
61 | 0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U, | ||
62 | 0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U, | ||
63 | 0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU, | ||
64 | 0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U, | ||
65 | 0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U, | ||
66 | 0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U, | ||
67 | 0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U, | ||
68 | 0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U, | ||
69 | 0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U, | ||
70 | 0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U, | ||
71 | 0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U, | ||
72 | 0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U, | ||
73 | 0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U, | ||
74 | 0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U, | ||
75 | 0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U, | ||
76 | 0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU, | ||
77 | 0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU, | ||
78 | 0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU, | ||
79 | 0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U, | ||
80 | 0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU, | ||
81 | 0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU, | ||
82 | 0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U, | ||
83 | 0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U, | ||
84 | 0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U, | ||
85 | 0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U, | ||
86 | 0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U, | ||
87 | 0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U, | ||
88 | 0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU, | ||
89 | 0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU, | ||
90 | 0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU, | ||
91 | 0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU, | ||
92 | 0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU, | ||
93 | 0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU, | ||
94 | 0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU, | ||
95 | 0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U, | ||
96 | 0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU, | ||
97 | 0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U, | ||
98 | 0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU, | ||
99 | 0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU, | ||
100 | 0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U, | ||
101 | 0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U, | ||
102 | 0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U, | ||
103 | 0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU, | ||
104 | 0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU, | ||
105 | 0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U, | ||
106 | 0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U, | ||
107 | 0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U, | ||
108 | 0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U, | ||
109 | 0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU, | ||
110 | 0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU, | ||
111 | 0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U, | ||
112 | 0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU, | ||
113 | 0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU, | ||
114 | 0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU, | ||
115 | 0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U, | ||
116 | }; | ||
117 | |||
118 | static const u32 T1[256] = { | ||
119 | 0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU, | ||
120 | 0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U, | ||
121 | 0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U, | ||
122 | 0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU, | ||
123 | 0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U, | ||
124 | 0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U, | ||
125 | 0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU, | ||
126 | 0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U, | ||
127 | 0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U, | ||
128 | 0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U, | ||
129 | 0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU, | ||
130 | 0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U, | ||
131 | 0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U, | ||
132 | 0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U, | ||
133 | 0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U, | ||
134 | 0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU, | ||
135 | 0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U, | ||
136 | 0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U, | ||
137 | 0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU, | ||
138 | 0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU, | ||
139 | 0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U, | ||
140 | 0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U, | ||
141 | 0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U, | ||
142 | 0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U, | ||
143 | 0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U, | ||
144 | 0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU, | ||
145 | 0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U, | ||
146 | 0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U, | ||
147 | 0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U, | ||
148 | 0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU, | ||
149 | 0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U, | ||
150 | 0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U, | ||
151 | 0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU, | ||
152 | 0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U, | ||
153 | 0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU, | ||
154 | 0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU, | ||
155 | 0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU, | ||
156 | 0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U, | ||
157 | 0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU, | ||
158 | 0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU, | ||
159 | 0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU, | ||
160 | 0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U, | ||
161 | 0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U, | ||
162 | 0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U, | ||
163 | 0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U, | ||
164 | 0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U, | ||
165 | 0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U, | ||
166 | 0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU, | ||
167 | 0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U, | ||
168 | 0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U, | ||
169 | 0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U, | ||
170 | 0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U, | ||
171 | 0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U, | ||
172 | 0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU, | ||
173 | 0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U, | ||
174 | 0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U, | ||
175 | 0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U, | ||
176 | 0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U, | ||
177 | 0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU, | ||
178 | 0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU, | ||
179 | 0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U, | ||
180 | 0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU, | ||
181 | 0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U, | ||
182 | 0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U, | ||
183 | }; | ||
184 | |||
185 | static const u32 T2[256] = { | ||
186 | 0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U, | ||
187 | 0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU, | ||
188 | 0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U, | ||
189 | 0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U, | ||
190 | 0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU, | ||
191 | 0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U, | ||
192 | 0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU, | ||
193 | 0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U, | ||
194 | 0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU, | ||
195 | 0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU, | ||
196 | 0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U, | ||
197 | 0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U, | ||
198 | 0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U, | ||
199 | 0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU, | ||
200 | 0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U, | ||
201 | 0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U, | ||
202 | 0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U, | ||
203 | 0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U, | ||
204 | 0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU, | ||
205 | 0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU, | ||
206 | 0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U, | ||
207 | 0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU, | ||
208 | 0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU, | ||
209 | 0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U, | ||
210 | 0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU, | ||
211 | 0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U, | ||
212 | 0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U, | ||
213 | 0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU, | ||
214 | 0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U, | ||
215 | 0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U, | ||
216 | 0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU, | ||
217 | 0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U, | ||
218 | 0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU, | ||
219 | 0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U, | ||
220 | 0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU, | ||
221 | 0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U, | ||
222 | 0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U, | ||
223 | 0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U, | ||
224 | 0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U, | ||
225 | 0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U, | ||
226 | 0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U, | ||
227 | 0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U, | ||
228 | 0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U, | ||
229 | 0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU, | ||
230 | 0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU, | ||
231 | 0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU, | ||
232 | 0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU, | ||
233 | 0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U, | ||
234 | 0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U, | ||
235 | 0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U, | ||
236 | 0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U, | ||
237 | 0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU, | ||
238 | 0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU, | ||
239 | 0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U, | ||
240 | 0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U, | ||
241 | 0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU, | ||
242 | 0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U, | ||
243 | 0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU, | ||
244 | 0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U, | ||
245 | 0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U, | ||
246 | 0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU, | ||
247 | 0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U, | ||
248 | 0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU, | ||
249 | 0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U, | ||
250 | }; | ||
251 | |||
252 | static const u32 T3[256] = { | ||
253 | 0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U, | ||
254 | 0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU, | ||
255 | 0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU, | ||
256 | 0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU, | ||
257 | 0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U, | ||
258 | 0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U, | ||
259 | 0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U, | ||
260 | 0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU, | ||
261 | 0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU, | ||
262 | 0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU, | ||
263 | 0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U, | ||
264 | 0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U, | ||
265 | 0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U, | ||
266 | 0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU, | ||
267 | 0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU, | ||
268 | 0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU, | ||
269 | 0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU, | ||
270 | 0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU, | ||
271 | 0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U, | ||
272 | 0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU, | ||
273 | 0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U, | ||
274 | 0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U, | ||
275 | 0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U, | ||
276 | 0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U, | ||
277 | 0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U, | ||
278 | 0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU, | ||
279 | 0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU, | ||
280 | 0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U, | ||
281 | 0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U, | ||
282 | 0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U, | ||
283 | 0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U, | ||
284 | 0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU, | ||
285 | 0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U, | ||
286 | 0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU, | ||
287 | 0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U, | ||
288 | 0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U, | ||
289 | 0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU, | ||
290 | 0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U, | ||
291 | 0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U, | ||
292 | 0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU, | ||
293 | 0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U, | ||
294 | 0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U, | ||
295 | 0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU, | ||
296 | 0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU, | ||
297 | 0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U, | ||
298 | 0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU, | ||
299 | 0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U, | ||
300 | 0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU, | ||
301 | 0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U, | ||
302 | 0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U, | ||
303 | 0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U, | ||
304 | 0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U, | ||
305 | 0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U, | ||
306 | 0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU, | ||
307 | 0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU, | ||
308 | 0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U, | ||
309 | 0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U, | ||
310 | 0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U, | ||
311 | 0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U, | ||
312 | 0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U, | ||
313 | 0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU, | ||
314 | 0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U, | ||
315 | 0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU, | ||
316 | 0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U, | ||
317 | }; | ||
318 | |||
319 | static const u32 T4[256] = { | ||
320 | 0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U, | ||
321 | 0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU, | ||
322 | 0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU, | ||
323 | 0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU, | ||
324 | 0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U, | ||
325 | 0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U, | ||
326 | 0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U, | ||
327 | 0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU, | ||
328 | 0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU, | ||
329 | 0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU, | ||
330 | 0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U, | ||
331 | 0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U, | ||
332 | 0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U, | ||
333 | 0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU, | ||
334 | 0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU, | ||
335 | 0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU, | ||
336 | 0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU, | ||
337 | 0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU, | ||
338 | 0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U, | ||
339 | 0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU, | ||
340 | 0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U, | ||
341 | 0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U, | ||
342 | 0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U, | ||
343 | 0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U, | ||
344 | 0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U, | ||
345 | 0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU, | ||
346 | 0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU, | ||
347 | 0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U, | ||
348 | 0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U, | ||
349 | 0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U, | ||
350 | 0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U, | ||
351 | 0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU, | ||
352 | 0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U, | ||
353 | 0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU, | ||
354 | 0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U, | ||
355 | 0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U, | ||
356 | 0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU, | ||
357 | 0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U, | ||
358 | 0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U, | ||
359 | 0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU, | ||
360 | 0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U, | ||
361 | 0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U, | ||
362 | 0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU, | ||
363 | 0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU, | ||
364 | 0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U, | ||
365 | 0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU, | ||
366 | 0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U, | ||
367 | 0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU, | ||
368 | 0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U, | ||
369 | 0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U, | ||
370 | 0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U, | ||
371 | 0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U, | ||
372 | 0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U, | ||
373 | 0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU, | ||
374 | 0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU, | ||
375 | 0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U, | ||
376 | 0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U, | ||
377 | 0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U, | ||
378 | 0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U, | ||
379 | 0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U, | ||
380 | 0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU, | ||
381 | 0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U, | ||
382 | 0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU, | ||
383 | 0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U, | ||
384 | }; | ||
385 | |||
386 | static const u32 T5[256] = { | ||
387 | 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, | ||
388 | 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, | ||
389 | 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, | ||
390 | 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, | ||
391 | 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, | ||
392 | 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, | ||
393 | 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, | ||
394 | 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, | ||
395 | 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, | ||
396 | 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, | ||
397 | 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, | ||
398 | 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, | ||
399 | 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, | ||
400 | 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, | ||
401 | 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, | ||
402 | 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, | ||
403 | 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, | ||
404 | 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, | ||
405 | 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, | ||
406 | 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, | ||
407 | 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, | ||
408 | 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, | ||
409 | 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, | ||
410 | 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, | ||
411 | 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, | ||
412 | 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, | ||
413 | 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, | ||
414 | 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, | ||
415 | 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, | ||
416 | 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, | ||
417 | 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, | ||
418 | 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, | ||
419 | 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, | ||
420 | 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, | ||
421 | 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, | ||
422 | 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, | ||
423 | 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, | ||
424 | 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, | ||
425 | 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, | ||
426 | 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, | ||
427 | 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, | ||
428 | 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, | ||
429 | 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, | ||
430 | 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, | ||
431 | 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, | ||
432 | 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, | ||
433 | 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, | ||
434 | 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, | ||
435 | 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, | ||
436 | 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, | ||
437 | 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, | ||
438 | 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, | ||
439 | 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, | ||
440 | 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, | ||
441 | 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, | ||
442 | 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, | ||
443 | 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, | ||
444 | 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, | ||
445 | 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, | ||
446 | 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, | ||
447 | 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, | ||
448 | 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, | ||
449 | 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, | ||
450 | 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, | ||
451 | }; | ||
452 | |||
453 | static const u32 rc[] = { | ||
454 | 0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU, | ||
455 | 0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU, | ||
456 | 0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U, | ||
457 | 0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU, | ||
458 | 0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U, | ||
459 | }; | ||
460 | |||
461 | static int anubis_setkey(void *ctx_arg, const u8 *in_key, | ||
462 | unsigned int key_len, u32 *flags) | ||
463 | { | ||
464 | |||
465 | int N, R, i, pos, r; | ||
466 | u32 kappa[ANUBIS_MAX_N]; | ||
467 | u32 inter[ANUBIS_MAX_N]; | ||
468 | |||
469 | struct anubis_ctx *ctx = ctx_arg; | ||
470 | |||
471 | switch (key_len) | ||
472 | { | ||
473 | case 16: case 20: case 24: case 28: | ||
474 | case 32: case 36: case 40: | ||
475 | break; | ||
476 | default: | ||
477 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
478 | return - EINVAL; | ||
479 | } | ||
480 | |||
481 | ctx->key_len = key_len * 8; | ||
482 | N = ctx->key_len >> 5; | ||
483 | ctx->R = R = 8 + N; | ||
484 | |||
485 | /* * map cipher key to initial key state (mu): */ | ||
486 | for (i = 0, pos = 0; i < N; i++, pos += 4) { | ||
487 | kappa[i] = | ||
488 | (in_key[pos ] << 24) ^ | ||
489 | (in_key[pos + 1] << 16) ^ | ||
490 | (in_key[pos + 2] << 8) ^ | ||
491 | (in_key[pos + 3] ); | ||
492 | } | ||
493 | |||
494 | /* | ||
495 | * generate R + 1 round keys: | ||
496 | */ | ||
497 | for (r = 0; r <= R; r++) { | ||
498 | u32 K0, K1, K2, K3; | ||
499 | /* | ||
500 | * generate r-th round key K^r: | ||
501 | */ | ||
502 | K0 = T4[(kappa[N - 1] >> 24) ]; | ||
503 | K1 = T4[(kappa[N - 1] >> 16) & 0xff]; | ||
504 | K2 = T4[(kappa[N - 1] >> 8) & 0xff]; | ||
505 | K3 = T4[(kappa[N - 1] ) & 0xff]; | ||
506 | for (i = N - 2; i >= 0; i--) { | ||
507 | K0 = T4[(kappa[i] >> 24) ] ^ | ||
508 | (T5[(K0 >> 24) ] & 0xff000000U) ^ | ||
509 | (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^ | ||
510 | (T5[(K0 >> 8) & 0xff] & 0x0000ff00U) ^ | ||
511 | (T5[(K0 ) & 0xff] & 0x000000ffU); | ||
512 | K1 = T4[(kappa[i] >> 16) & 0xff] ^ | ||
513 | (T5[(K1 >> 24) ] & 0xff000000U) ^ | ||
514 | (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^ | ||
515 | (T5[(K1 >> 8) & 0xff] & 0x0000ff00U) ^ | ||
516 | (T5[(K1 ) & 0xff] & 0x000000ffU); | ||
517 | K2 = T4[(kappa[i] >> 8) & 0xff] ^ | ||
518 | (T5[(K2 >> 24) ] & 0xff000000U) ^ | ||
519 | (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^ | ||
520 | (T5[(K2 >> 8) & 0xff] & 0x0000ff00U) ^ | ||
521 | (T5[(K2 ) & 0xff] & 0x000000ffU); | ||
522 | K3 = T4[(kappa[i] ) & 0xff] ^ | ||
523 | (T5[(K3 >> 24) ] & 0xff000000U) ^ | ||
524 | (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^ | ||
525 | (T5[(K3 >> 8) & 0xff] & 0x0000ff00U) ^ | ||
526 | (T5[(K3 ) & 0xff] & 0x000000ffU); | ||
527 | } | ||
528 | |||
529 | ctx->E[r][0] = K0; | ||
530 | ctx->E[r][1] = K1; | ||
531 | ctx->E[r][2] = K2; | ||
532 | ctx->E[r][3] = K3; | ||
533 | |||
534 | /* | ||
535 | * compute kappa^{r+1} from kappa^r: | ||
536 | */ | ||
537 | if (r == R) { | ||
538 | break; | ||
539 | } | ||
540 | for (i = 0; i < N; i++) { | ||
541 | int j = i; | ||
542 | inter[i] = T0[(kappa[j--] >> 24) ]; | ||
543 | if (j < 0) j = N - 1; | ||
544 | inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; | ||
545 | if (j < 0) j = N - 1; | ||
546 | inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; | ||
547 | if (j < 0) j = N - 1; | ||
548 | inter[i] ^= T3[(kappa[j ] ) & 0xff]; | ||
549 | } | ||
550 | kappa[0] = inter[0] ^ rc[r]; | ||
551 | for (i = 1; i < N; i++) { | ||
552 | kappa[i] = inter[i]; | ||
553 | } | ||
554 | } | ||
555 | |||
556 | /* | ||
557 | * generate inverse key schedule: K'^0 = K^R, K'^R = | ||
558 | * K^0, K'^r = theta(K^{R-r}): | ||
559 | */ | ||
560 | for (i = 0; i < 4; i++) { | ||
561 | ctx->D[0][i] = ctx->E[R][i]; | ||
562 | ctx->D[R][i] = ctx->E[0][i]; | ||
563 | } | ||
564 | for (r = 1; r < R; r++) { | ||
565 | for (i = 0; i < 4; i++) { | ||
566 | u32 v = ctx->E[R - r][i]; | ||
567 | ctx->D[r][i] = | ||
568 | T0[T4[(v >> 24) ] & 0xff] ^ | ||
569 | T1[T4[(v >> 16) & 0xff] & 0xff] ^ | ||
570 | T2[T4[(v >> 8) & 0xff] & 0xff] ^ | ||
571 | T3[T4[(v ) & 0xff] & 0xff]; | ||
572 | } | ||
573 | } | ||
574 | |||
575 | return 0; | ||
576 | } | ||
577 | |||
578 | static void anubis_crypt(u32 roundKey[ANUBIS_MAX_ROUNDS + 1][4], | ||
579 | u8 *ciphertext, const u8 *plaintext, const int R) | ||
580 | { | ||
581 | int i, pos, r; | ||
582 | u32 state[4]; | ||
583 | u32 inter[4]; | ||
584 | |||
585 | /* | ||
586 | * map plaintext block to cipher state (mu) | ||
587 | * and add initial round key (sigma[K^0]): | ||
588 | */ | ||
589 | for (i = 0, pos = 0; i < 4; i++, pos += 4) { | ||
590 | state[i] = | ||
591 | (plaintext[pos ] << 24) ^ | ||
592 | (plaintext[pos + 1] << 16) ^ | ||
593 | (plaintext[pos + 2] << 8) ^ | ||
594 | (plaintext[pos + 3] ) ^ | ||
595 | roundKey[0][i]; | ||
596 | } | ||
597 | |||
598 | /* | ||
599 | * R - 1 full rounds: | ||
600 | */ | ||
601 | |||
602 | for (r = 1; r < R; r++) { | ||
603 | inter[0] = | ||
604 | T0[(state[0] >> 24) ] ^ | ||
605 | T1[(state[1] >> 24) ] ^ | ||
606 | T2[(state[2] >> 24) ] ^ | ||
607 | T3[(state[3] >> 24) ] ^ | ||
608 | roundKey[r][0]; | ||
609 | inter[1] = | ||
610 | T0[(state[0] >> 16) & 0xff] ^ | ||
611 | T1[(state[1] >> 16) & 0xff] ^ | ||
612 | T2[(state[2] >> 16) & 0xff] ^ | ||
613 | T3[(state[3] >> 16) & 0xff] ^ | ||
614 | roundKey[r][1]; | ||
615 | inter[2] = | ||
616 | T0[(state[0] >> 8) & 0xff] ^ | ||
617 | T1[(state[1] >> 8) & 0xff] ^ | ||
618 | T2[(state[2] >> 8) & 0xff] ^ | ||
619 | T3[(state[3] >> 8) & 0xff] ^ | ||
620 | roundKey[r][2]; | ||
621 | inter[3] = | ||
622 | T0[(state[0] ) & 0xff] ^ | ||
623 | T1[(state[1] ) & 0xff] ^ | ||
624 | T2[(state[2] ) & 0xff] ^ | ||
625 | T3[(state[3] ) & 0xff] ^ | ||
626 | roundKey[r][3]; | ||
627 | state[0] = inter[0]; | ||
628 | state[1] = inter[1]; | ||
629 | state[2] = inter[2]; | ||
630 | state[3] = inter[3]; | ||
631 | } | ||
632 | |||
633 | /* | ||
634 | * last round: | ||
635 | */ | ||
636 | |||
637 | inter[0] = | ||
638 | (T0[(state[0] >> 24) ] & 0xff000000U) ^ | ||
639 | (T1[(state[1] >> 24) ] & 0x00ff0000U) ^ | ||
640 | (T2[(state[2] >> 24) ] & 0x0000ff00U) ^ | ||
641 | (T3[(state[3] >> 24) ] & 0x000000ffU) ^ | ||
642 | roundKey[R][0]; | ||
643 | inter[1] = | ||
644 | (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^ | ||
645 | (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^ | ||
646 | (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^ | ||
647 | (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^ | ||
648 | roundKey[R][1]; | ||
649 | inter[2] = | ||
650 | (T0[(state[0] >> 8) & 0xff] & 0xff000000U) ^ | ||
651 | (T1[(state[1] >> 8) & 0xff] & 0x00ff0000U) ^ | ||
652 | (T2[(state[2] >> 8) & 0xff] & 0x0000ff00U) ^ | ||
653 | (T3[(state[3] >> 8) & 0xff] & 0x000000ffU) ^ | ||
654 | roundKey[R][2]; | ||
655 | inter[3] = | ||
656 | (T0[(state[0] ) & 0xff] & 0xff000000U) ^ | ||
657 | (T1[(state[1] ) & 0xff] & 0x00ff0000U) ^ | ||
658 | (T2[(state[2] ) & 0xff] & 0x0000ff00U) ^ | ||
659 | (T3[(state[3] ) & 0xff] & 0x000000ffU) ^ | ||
660 | roundKey[R][3]; | ||
661 | |||
662 | /* | ||
663 | * map cipher state to ciphertext block (mu^{-1}): | ||
664 | */ | ||
665 | |||
666 | for (i = 0, pos = 0; i < 4; i++, pos += 4) { | ||
667 | u32 w = inter[i]; | ||
668 | ciphertext[pos ] = (u8)(w >> 24); | ||
669 | ciphertext[pos + 1] = (u8)(w >> 16); | ||
670 | ciphertext[pos + 2] = (u8)(w >> 8); | ||
671 | ciphertext[pos + 3] = (u8)(w ); | ||
672 | } | ||
673 | } | ||
674 | |||
675 | static void anubis_encrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
676 | { | ||
677 | struct anubis_ctx *ctx = ctx_arg; | ||
678 | anubis_crypt(ctx->E, dst, src, ctx->R); | ||
679 | } | ||
680 | |||
681 | static void anubis_decrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
682 | { | ||
683 | struct anubis_ctx *ctx = ctx_arg; | ||
684 | anubis_crypt(ctx->D, dst, src, ctx->R); | ||
685 | } | ||
686 | |||
687 | static struct crypto_alg anubis_alg = { | ||
688 | .cra_name = "anubis", | ||
689 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
690 | .cra_blocksize = ANUBIS_BLOCK_SIZE, | ||
691 | .cra_ctxsize = sizeof (struct anubis_ctx), | ||
692 | .cra_module = THIS_MODULE, | ||
693 | .cra_list = LIST_HEAD_INIT(anubis_alg.cra_list), | ||
694 | .cra_u = { .cipher = { | ||
695 | .cia_min_keysize = ANUBIS_MIN_KEY_SIZE, | ||
696 | .cia_max_keysize = ANUBIS_MAX_KEY_SIZE, | ||
697 | .cia_setkey = anubis_setkey, | ||
698 | .cia_encrypt = anubis_encrypt, | ||
699 | .cia_decrypt = anubis_decrypt } } | ||
700 | }; | ||
701 | |||
702 | static int __init init(void) | ||
703 | { | ||
704 | int ret = 0; | ||
705 | |||
706 | ret = crypto_register_alg(&anubis_alg); | ||
707 | return ret; | ||
708 | } | ||
709 | |||
710 | static void __exit fini(void) | ||
711 | { | ||
712 | crypto_unregister_alg(&anubis_alg); | ||
713 | } | ||
714 | |||
715 | module_init(init); | ||
716 | module_exit(fini); | ||
717 | |||
718 | MODULE_LICENSE("GPL"); | ||
719 | MODULE_DESCRIPTION("Anubis Cryptographic Algorithm"); | ||
diff --git a/crypto/api.c b/crypto/api.c new file mode 100644 index 000000000000..394169a8577d --- /dev/null +++ b/crypto/api.c | |||
@@ -0,0 +1,233 @@ | |||
1 | /* | ||
2 | * Scatterlist Cryptographic API. | ||
3 | * | ||
4 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
5 | * Copyright (c) 2002 David S. Miller (davem@redhat.com) | ||
6 | * | ||
7 | * Portions derived from Cryptoapi, by Alexander Kjeldaas <astor@fast.no> | ||
8 | * and Nettle, by Niels Möller. | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | * | ||
15 | */ | ||
16 | #include <linux/init.h> | ||
17 | #include <linux/crypto.h> | ||
18 | #include <linux/errno.h> | ||
19 | #include <linux/rwsem.h> | ||
20 | #include <linux/slab.h> | ||
21 | #include "internal.h" | ||
22 | |||
23 | LIST_HEAD(crypto_alg_list); | ||
24 | DECLARE_RWSEM(crypto_alg_sem); | ||
25 | |||
26 | static inline int crypto_alg_get(struct crypto_alg *alg) | ||
27 | { | ||
28 | return try_module_get(alg->cra_module); | ||
29 | } | ||
30 | |||
31 | static inline void crypto_alg_put(struct crypto_alg *alg) | ||
32 | { | ||
33 | module_put(alg->cra_module); | ||
34 | } | ||
35 | |||
36 | struct crypto_alg *crypto_alg_lookup(const char *name) | ||
37 | { | ||
38 | struct crypto_alg *q, *alg = NULL; | ||
39 | |||
40 | if (!name) | ||
41 | return NULL; | ||
42 | |||
43 | down_read(&crypto_alg_sem); | ||
44 | |||
45 | list_for_each_entry(q, &crypto_alg_list, cra_list) { | ||
46 | if (!(strcmp(q->cra_name, name))) { | ||
47 | if (crypto_alg_get(q)) | ||
48 | alg = q; | ||
49 | break; | ||
50 | } | ||
51 | } | ||
52 | |||
53 | up_read(&crypto_alg_sem); | ||
54 | return alg; | ||
55 | } | ||
56 | |||
57 | static int crypto_init_flags(struct crypto_tfm *tfm, u32 flags) | ||
58 | { | ||
59 | tfm->crt_flags = 0; | ||
60 | |||
61 | switch (crypto_tfm_alg_type(tfm)) { | ||
62 | case CRYPTO_ALG_TYPE_CIPHER: | ||
63 | return crypto_init_cipher_flags(tfm, flags); | ||
64 | |||
65 | case CRYPTO_ALG_TYPE_DIGEST: | ||
66 | return crypto_init_digest_flags(tfm, flags); | ||
67 | |||
68 | case CRYPTO_ALG_TYPE_COMPRESS: | ||
69 | return crypto_init_compress_flags(tfm, flags); | ||
70 | |||
71 | default: | ||
72 | break; | ||
73 | } | ||
74 | |||
75 | BUG(); | ||
76 | return -EINVAL; | ||
77 | } | ||
78 | |||
79 | static int crypto_init_ops(struct crypto_tfm *tfm) | ||
80 | { | ||
81 | switch (crypto_tfm_alg_type(tfm)) { | ||
82 | case CRYPTO_ALG_TYPE_CIPHER: | ||
83 | return crypto_init_cipher_ops(tfm); | ||
84 | |||
85 | case CRYPTO_ALG_TYPE_DIGEST: | ||
86 | return crypto_init_digest_ops(tfm); | ||
87 | |||
88 | case CRYPTO_ALG_TYPE_COMPRESS: | ||
89 | return crypto_init_compress_ops(tfm); | ||
90 | |||
91 | default: | ||
92 | break; | ||
93 | } | ||
94 | |||
95 | BUG(); | ||
96 | return -EINVAL; | ||
97 | } | ||
98 | |||
99 | static void crypto_exit_ops(struct crypto_tfm *tfm) | ||
100 | { | ||
101 | switch (crypto_tfm_alg_type(tfm)) { | ||
102 | case CRYPTO_ALG_TYPE_CIPHER: | ||
103 | crypto_exit_cipher_ops(tfm); | ||
104 | break; | ||
105 | |||
106 | case CRYPTO_ALG_TYPE_DIGEST: | ||
107 | crypto_exit_digest_ops(tfm); | ||
108 | break; | ||
109 | |||
110 | case CRYPTO_ALG_TYPE_COMPRESS: | ||
111 | crypto_exit_compress_ops(tfm); | ||
112 | break; | ||
113 | |||
114 | default: | ||
115 | BUG(); | ||
116 | |||
117 | } | ||
118 | } | ||
119 | |||
120 | struct crypto_tfm *crypto_alloc_tfm(const char *name, u32 flags) | ||
121 | { | ||
122 | struct crypto_tfm *tfm = NULL; | ||
123 | struct crypto_alg *alg; | ||
124 | |||
125 | alg = crypto_alg_mod_lookup(name); | ||
126 | if (alg == NULL) | ||
127 | goto out; | ||
128 | |||
129 | tfm = kmalloc(sizeof(*tfm) + alg->cra_ctxsize, GFP_KERNEL); | ||
130 | if (tfm == NULL) | ||
131 | goto out_put; | ||
132 | |||
133 | memset(tfm, 0, sizeof(*tfm) + alg->cra_ctxsize); | ||
134 | |||
135 | tfm->__crt_alg = alg; | ||
136 | |||
137 | if (crypto_init_flags(tfm, flags)) | ||
138 | goto out_free_tfm; | ||
139 | |||
140 | if (crypto_init_ops(tfm)) { | ||
141 | crypto_exit_ops(tfm); | ||
142 | goto out_free_tfm; | ||
143 | } | ||
144 | |||
145 | goto out; | ||
146 | |||
147 | out_free_tfm: | ||
148 | kfree(tfm); | ||
149 | tfm = NULL; | ||
150 | out_put: | ||
151 | crypto_alg_put(alg); | ||
152 | out: | ||
153 | return tfm; | ||
154 | } | ||
155 | |||
156 | void crypto_free_tfm(struct crypto_tfm *tfm) | ||
157 | { | ||
158 | struct crypto_alg *alg = tfm->__crt_alg; | ||
159 | int size = sizeof(*tfm) + alg->cra_ctxsize; | ||
160 | |||
161 | crypto_exit_ops(tfm); | ||
162 | crypto_alg_put(alg); | ||
163 | memset(tfm, 0, size); | ||
164 | kfree(tfm); | ||
165 | } | ||
166 | |||
167 | int crypto_register_alg(struct crypto_alg *alg) | ||
168 | { | ||
169 | int ret = 0; | ||
170 | struct crypto_alg *q; | ||
171 | |||
172 | down_write(&crypto_alg_sem); | ||
173 | |||
174 | list_for_each_entry(q, &crypto_alg_list, cra_list) { | ||
175 | if (!(strcmp(q->cra_name, alg->cra_name))) { | ||
176 | ret = -EEXIST; | ||
177 | goto out; | ||
178 | } | ||
179 | } | ||
180 | |||
181 | list_add_tail(&alg->cra_list, &crypto_alg_list); | ||
182 | out: | ||
183 | up_write(&crypto_alg_sem); | ||
184 | return ret; | ||
185 | } | ||
186 | |||
187 | int crypto_unregister_alg(struct crypto_alg *alg) | ||
188 | { | ||
189 | int ret = -ENOENT; | ||
190 | struct crypto_alg *q; | ||
191 | |||
192 | BUG_ON(!alg->cra_module); | ||
193 | |||
194 | down_write(&crypto_alg_sem); | ||
195 | list_for_each_entry(q, &crypto_alg_list, cra_list) { | ||
196 | if (alg == q) { | ||
197 | list_del(&alg->cra_list); | ||
198 | ret = 0; | ||
199 | goto out; | ||
200 | } | ||
201 | } | ||
202 | out: | ||
203 | up_write(&crypto_alg_sem); | ||
204 | return ret; | ||
205 | } | ||
206 | |||
207 | int crypto_alg_available(const char *name, u32 flags) | ||
208 | { | ||
209 | int ret = 0; | ||
210 | struct crypto_alg *alg = crypto_alg_mod_lookup(name); | ||
211 | |||
212 | if (alg) { | ||
213 | crypto_alg_put(alg); | ||
214 | ret = 1; | ||
215 | } | ||
216 | |||
217 | return ret; | ||
218 | } | ||
219 | |||
220 | static int __init init_crypto(void) | ||
221 | { | ||
222 | printk(KERN_INFO "Initializing Cryptographic API\n"); | ||
223 | crypto_init_proc(); | ||
224 | return 0; | ||
225 | } | ||
226 | |||
227 | __initcall(init_crypto); | ||
228 | |||
229 | EXPORT_SYMBOL_GPL(crypto_register_alg); | ||
230 | EXPORT_SYMBOL_GPL(crypto_unregister_alg); | ||
231 | EXPORT_SYMBOL_GPL(crypto_alloc_tfm); | ||
232 | EXPORT_SYMBOL_GPL(crypto_free_tfm); | ||
233 | EXPORT_SYMBOL_GPL(crypto_alg_available); | ||
diff --git a/crypto/arc4.c b/crypto/arc4.c new file mode 100644 index 000000000000..9efbcaae88a1 --- /dev/null +++ b/crypto/arc4.c | |||
@@ -0,0 +1,103 @@ | |||
1 | /* | ||
2 | * Cryptographic API | ||
3 | * | ||
4 | * ARC4 Cipher Algorithm | ||
5 | * | ||
6 | * Jon Oberheide <jon@oberheide.org> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify | ||
9 | * it under the terms of the GNU General Public License as published by | ||
10 | * the Free Software Foundation; either version 2 of the License, or | ||
11 | * (at your option) any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/module.h> | ||
15 | #include <linux/init.h> | ||
16 | #include <linux/crypto.h> | ||
17 | |||
18 | #define ARC4_MIN_KEY_SIZE 1 | ||
19 | #define ARC4_MAX_KEY_SIZE 256 | ||
20 | #define ARC4_BLOCK_SIZE 1 | ||
21 | |||
22 | struct arc4_ctx { | ||
23 | u8 S[256]; | ||
24 | u8 x, y; | ||
25 | }; | ||
26 | |||
27 | static int arc4_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) | ||
28 | { | ||
29 | struct arc4_ctx *ctx = ctx_arg; | ||
30 | int i, j = 0, k = 0; | ||
31 | |||
32 | ctx->x = 1; | ||
33 | ctx->y = 0; | ||
34 | |||
35 | for(i = 0; i < 256; i++) | ||
36 | ctx->S[i] = i; | ||
37 | |||
38 | for(i = 0; i < 256; i++) | ||
39 | { | ||
40 | u8 a = ctx->S[i]; | ||
41 | j = (j + in_key[k] + a) & 0xff; | ||
42 | ctx->S[i] = ctx->S[j]; | ||
43 | ctx->S[j] = a; | ||
44 | if(++k >= key_len) | ||
45 | k = 0; | ||
46 | } | ||
47 | |||
48 | return 0; | ||
49 | } | ||
50 | |||
51 | static void arc4_crypt(void *ctx_arg, u8 *out, const u8 *in) | ||
52 | { | ||
53 | struct arc4_ctx *ctx = ctx_arg; | ||
54 | |||
55 | u8 *const S = ctx->S; | ||
56 | u8 x = ctx->x; | ||
57 | u8 y = ctx->y; | ||
58 | u8 a, b; | ||
59 | |||
60 | a = S[x]; | ||
61 | y = (y + a) & 0xff; | ||
62 | b = S[y]; | ||
63 | S[x] = b; | ||
64 | S[y] = a; | ||
65 | x = (x + 1) & 0xff; | ||
66 | *out++ = *in ^ S[(a + b) & 0xff]; | ||
67 | |||
68 | ctx->x = x; | ||
69 | ctx->y = y; | ||
70 | } | ||
71 | |||
72 | static struct crypto_alg arc4_alg = { | ||
73 | .cra_name = "arc4", | ||
74 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
75 | .cra_blocksize = ARC4_BLOCK_SIZE, | ||
76 | .cra_ctxsize = sizeof(struct arc4_ctx), | ||
77 | .cra_module = THIS_MODULE, | ||
78 | .cra_list = LIST_HEAD_INIT(arc4_alg.cra_list), | ||
79 | .cra_u = { .cipher = { | ||
80 | .cia_min_keysize = ARC4_MIN_KEY_SIZE, | ||
81 | .cia_max_keysize = ARC4_MAX_KEY_SIZE, | ||
82 | .cia_setkey = arc4_set_key, | ||
83 | .cia_encrypt = arc4_crypt, | ||
84 | .cia_decrypt = arc4_crypt } } | ||
85 | }; | ||
86 | |||
87 | static int __init arc4_init(void) | ||
88 | { | ||
89 | return crypto_register_alg(&arc4_alg); | ||
90 | } | ||
91 | |||
92 | |||
93 | static void __exit arc4_exit(void) | ||
94 | { | ||
95 | crypto_unregister_alg(&arc4_alg); | ||
96 | } | ||
97 | |||
98 | module_init(arc4_init); | ||
99 | module_exit(arc4_exit); | ||
100 | |||
101 | MODULE_LICENSE("GPL"); | ||
102 | MODULE_DESCRIPTION("ARC4 Cipher Algorithm"); | ||
103 | MODULE_AUTHOR("Jon Oberheide <jon@oberheide.org>"); | ||
diff --git a/crypto/blowfish.c b/crypto/blowfish.c new file mode 100644 index 000000000000..a8b29d54e7d8 --- /dev/null +++ b/crypto/blowfish.c | |||
@@ -0,0 +1,478 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Blowfish Cipher Algorithm, by Bruce Schneier. | ||
5 | * http://www.counterpane.com/blowfish.html | ||
6 | * | ||
7 | * Adapted from Kerneli implementation. | ||
8 | * | ||
9 | * Copyright (c) Herbert Valerio Riedel <hvr@hvrlab.org> | ||
10 | * Copyright (c) Kyle McMartin <kyle@debian.org> | ||
11 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
12 | * | ||
13 | * This program is free software; you can redistribute it and/or modify | ||
14 | * it under the terms of the GNU General Public License as published by | ||
15 | * the Free Software Foundation; either version 2 of the License, or | ||
16 | * (at your option) any later version. | ||
17 | * | ||
18 | */ | ||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/mm.h> | ||
22 | #include <asm/scatterlist.h> | ||
23 | #include <linux/crypto.h> | ||
24 | |||
25 | #define BF_BLOCK_SIZE 8 | ||
26 | #define BF_MIN_KEY_SIZE 4 | ||
27 | #define BF_MAX_KEY_SIZE 56 | ||
28 | |||
29 | struct bf_ctx { | ||
30 | u32 p[18]; | ||
31 | u32 s[1024]; | ||
32 | }; | ||
33 | |||
34 | static const u32 bf_pbox[16 + 2] = { | ||
35 | 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, | ||
36 | 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, | ||
37 | 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, | ||
38 | 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, | ||
39 | 0x9216d5d9, 0x8979fb1b, | ||
40 | }; | ||
41 | |||
42 | static const u32 bf_sbox[256 * 4] = { | ||
43 | 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, | ||
44 | 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, | ||
45 | 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, | ||
46 | 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, | ||
47 | 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, | ||
48 | 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, | ||
49 | 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, | ||
50 | 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, | ||
51 | 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, | ||
52 | 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, | ||
53 | 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, | ||
54 | 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, | ||
55 | 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, | ||
56 | 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, | ||
57 | 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, | ||
58 | 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, | ||
59 | 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, | ||
60 | 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, | ||
61 | 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, | ||
62 | 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, | ||
63 | 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, | ||
64 | 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, | ||
65 | 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, | ||
66 | 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, | ||
67 | 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, | ||
68 | 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, | ||
69 | 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, | ||
70 | 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, | ||
71 | 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, | ||
72 | 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, | ||
73 | 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, | ||
74 | 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, | ||
75 | 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, | ||
76 | 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, | ||
77 | 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, | ||
78 | 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, | ||
79 | 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, | ||
80 | 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, | ||
81 | 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, | ||
82 | 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, | ||
83 | 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, | ||
84 | 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, | ||
85 | 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, | ||
86 | 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, | ||
87 | 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, | ||
88 | 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, | ||
89 | 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, | ||
90 | 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, | ||
91 | 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, | ||
92 | 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, | ||
93 | 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, | ||
94 | 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, | ||
95 | 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, | ||
96 | 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, | ||
97 | 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, | ||
98 | 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, | ||
99 | 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, | ||
100 | 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, | ||
101 | 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, | ||
102 | 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, | ||
103 | 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, | ||
104 | 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, | ||
105 | 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, | ||
106 | 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a, | ||
107 | 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, | ||
108 | 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, | ||
109 | 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, | ||
110 | 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, | ||
111 | 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, | ||
112 | 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, | ||
113 | 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, | ||
114 | 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, | ||
115 | 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, | ||
116 | 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, | ||
117 | 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, | ||
118 | 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, | ||
119 | 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, | ||
120 | 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, | ||
121 | 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, | ||
122 | 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, | ||
123 | 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, | ||
124 | 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, | ||
125 | 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, | ||
126 | 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, | ||
127 | 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, | ||
128 | 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, | ||
129 | 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, | ||
130 | 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, | ||
131 | 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, | ||
132 | 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, | ||
133 | 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, | ||
134 | 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, | ||
135 | 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, | ||
136 | 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, | ||
137 | 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, | ||
138 | 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, | ||
139 | 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, | ||
140 | 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, | ||
141 | 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, | ||
142 | 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, | ||
143 | 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, | ||
144 | 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, | ||
145 | 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, | ||
146 | 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, | ||
147 | 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, | ||
148 | 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, | ||
149 | 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, | ||
150 | 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, | ||
151 | 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, | ||
152 | 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, | ||
153 | 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, | ||
154 | 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, | ||
155 | 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, | ||
156 | 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, | ||
157 | 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, | ||
158 | 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, | ||
159 | 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, | ||
160 | 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, | ||
161 | 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, | ||
162 | 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, | ||
163 | 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, | ||
164 | 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, | ||
165 | 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, | ||
166 | 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, | ||
167 | 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, | ||
168 | 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, | ||
169 | 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, | ||
170 | 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7, | ||
171 | 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, | ||
172 | 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, | ||
173 | 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, | ||
174 | 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, | ||
175 | 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, | ||
176 | 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, | ||
177 | 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, | ||
178 | 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, | ||
179 | 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, | ||
180 | 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, | ||
181 | 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, | ||
182 | 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, | ||
183 | 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, | ||
184 | 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, | ||
185 | 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, | ||
186 | 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, | ||
187 | 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, | ||
188 | 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, | ||
189 | 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, | ||
190 | 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, | ||
191 | 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, | ||
192 | 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, | ||
193 | 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, | ||
194 | 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, | ||
195 | 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, | ||
196 | 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, | ||
197 | 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, | ||
198 | 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, | ||
199 | 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, | ||
200 | 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, | ||
201 | 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, | ||
202 | 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, | ||
203 | 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, | ||
204 | 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, | ||
205 | 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, | ||
206 | 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, | ||
207 | 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, | ||
208 | 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, | ||
209 | 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, | ||
210 | 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, | ||
211 | 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, | ||
212 | 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, | ||
213 | 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, | ||
214 | 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, | ||
215 | 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, | ||
216 | 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, | ||
217 | 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, | ||
218 | 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, | ||
219 | 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, | ||
220 | 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, | ||
221 | 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, | ||
222 | 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, | ||
223 | 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, | ||
224 | 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, | ||
225 | 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, | ||
226 | 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, | ||
227 | 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, | ||
228 | 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, | ||
229 | 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, | ||
230 | 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, | ||
231 | 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, | ||
232 | 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, | ||
233 | 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, | ||
234 | 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0, | ||
235 | 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, | ||
236 | 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, | ||
237 | 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, | ||
238 | 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, | ||
239 | 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, | ||
240 | 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, | ||
241 | 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, | ||
242 | 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, | ||
243 | 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, | ||
244 | 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, | ||
245 | 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, | ||
246 | 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, | ||
247 | 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, | ||
248 | 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, | ||
249 | 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, | ||
250 | 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, | ||
251 | 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, | ||
252 | 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, | ||
253 | 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, | ||
254 | 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, | ||
255 | 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, | ||
256 | 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, | ||
257 | 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, | ||
258 | 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, | ||
259 | 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, | ||
260 | 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, | ||
261 | 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, | ||
262 | 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, | ||
263 | 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, | ||
264 | 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, | ||
265 | 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, | ||
266 | 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, | ||
267 | 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, | ||
268 | 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, | ||
269 | 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, | ||
270 | 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, | ||
271 | 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, | ||
272 | 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, | ||
273 | 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, | ||
274 | 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, | ||
275 | 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, | ||
276 | 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, | ||
277 | 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, | ||
278 | 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, | ||
279 | 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, | ||
280 | 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, | ||
281 | 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, | ||
282 | 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, | ||
283 | 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, | ||
284 | 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, | ||
285 | 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, | ||
286 | 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, | ||
287 | 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, | ||
288 | 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, | ||
289 | 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, | ||
290 | 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, | ||
291 | 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, | ||
292 | 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, | ||
293 | 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, | ||
294 | 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, | ||
295 | 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, | ||
296 | 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, | ||
297 | 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, | ||
298 | 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6, | ||
299 | }; | ||
300 | |||
301 | /* | ||
302 | * Round loop unrolling macros, S is a pointer to a S-Box array | ||
303 | * organized in 4 unsigned longs at a row. | ||
304 | */ | ||
305 | #define GET32_3(x) (((x) & 0xff)) | ||
306 | #define GET32_2(x) (((x) >> (8)) & (0xff)) | ||
307 | #define GET32_1(x) (((x) >> (16)) & (0xff)) | ||
308 | #define GET32_0(x) (((x) >> (24)) & (0xff)) | ||
309 | |||
310 | #define bf_F(x) (((S[GET32_0(x)] + S[256 + GET32_1(x)]) ^ \ | ||
311 | S[512 + GET32_2(x)]) + S[768 + GET32_3(x)]) | ||
312 | |||
313 | #define ROUND(a, b, n) b ^= P[n]; a ^= bf_F (b) | ||
314 | |||
315 | /* | ||
316 | * The blowfish encipher, processes 64-bit blocks. | ||
317 | * NOTE: This function MUSTN'T respect endianess | ||
318 | */ | ||
319 | static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src) | ||
320 | { | ||
321 | const u32 *P = bctx->p; | ||
322 | const u32 *S = bctx->s; | ||
323 | u32 yl = src[0]; | ||
324 | u32 yr = src[1]; | ||
325 | |||
326 | ROUND(yr, yl, 0); | ||
327 | ROUND(yl, yr, 1); | ||
328 | ROUND(yr, yl, 2); | ||
329 | ROUND(yl, yr, 3); | ||
330 | ROUND(yr, yl, 4); | ||
331 | ROUND(yl, yr, 5); | ||
332 | ROUND(yr, yl, 6); | ||
333 | ROUND(yl, yr, 7); | ||
334 | ROUND(yr, yl, 8); | ||
335 | ROUND(yl, yr, 9); | ||
336 | ROUND(yr, yl, 10); | ||
337 | ROUND(yl, yr, 11); | ||
338 | ROUND(yr, yl, 12); | ||
339 | ROUND(yl, yr, 13); | ||
340 | ROUND(yr, yl, 14); | ||
341 | ROUND(yl, yr, 15); | ||
342 | |||
343 | yl ^= P[16]; | ||
344 | yr ^= P[17]; | ||
345 | |||
346 | dst[0] = yr; | ||
347 | dst[1] = yl; | ||
348 | } | ||
349 | |||
350 | static void bf_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
351 | { | ||
352 | const __be32 *in_blk = (const __be32 *)src; | ||
353 | __be32 *const out_blk = (__be32 *)dst; | ||
354 | u32 in32[2], out32[2]; | ||
355 | |||
356 | in32[0] = be32_to_cpu(in_blk[0]); | ||
357 | in32[1] = be32_to_cpu(in_blk[1]); | ||
358 | encrypt_block(ctx, out32, in32); | ||
359 | out_blk[0] = cpu_to_be32(out32[0]); | ||
360 | out_blk[1] = cpu_to_be32(out32[1]); | ||
361 | } | ||
362 | |||
363 | static void bf_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
364 | { | ||
365 | const __be32 *in_blk = (const __be32 *)src; | ||
366 | __be32 *const out_blk = (__be32 *)dst; | ||
367 | const u32 *P = ((struct bf_ctx *)ctx)->p; | ||
368 | const u32 *S = ((struct bf_ctx *)ctx)->s; | ||
369 | u32 yl = be32_to_cpu(in_blk[0]); | ||
370 | u32 yr = be32_to_cpu(in_blk[1]); | ||
371 | |||
372 | ROUND(yr, yl, 17); | ||
373 | ROUND(yl, yr, 16); | ||
374 | ROUND(yr, yl, 15); | ||
375 | ROUND(yl, yr, 14); | ||
376 | ROUND(yr, yl, 13); | ||
377 | ROUND(yl, yr, 12); | ||
378 | ROUND(yr, yl, 11); | ||
379 | ROUND(yl, yr, 10); | ||
380 | ROUND(yr, yl, 9); | ||
381 | ROUND(yl, yr, 8); | ||
382 | ROUND(yr, yl, 7); | ||
383 | ROUND(yl, yr, 6); | ||
384 | ROUND(yr, yl, 5); | ||
385 | ROUND(yl, yr, 4); | ||
386 | ROUND(yr, yl, 3); | ||
387 | ROUND(yl, yr, 2); | ||
388 | |||
389 | yl ^= P[1]; | ||
390 | yr ^= P[0]; | ||
391 | |||
392 | out_blk[0] = cpu_to_be32(yr); | ||
393 | out_blk[1] = cpu_to_be32(yl); | ||
394 | } | ||
395 | |||
396 | /* | ||
397 | * Calculates the blowfish S and P boxes for encryption and decryption. | ||
398 | */ | ||
399 | static int bf_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags) | ||
400 | { | ||
401 | short i, j, count; | ||
402 | u32 data[2], temp; | ||
403 | u32 *P = ((struct bf_ctx *)ctx)->p; | ||
404 | u32 *S = ((struct bf_ctx *)ctx)->s; | ||
405 | |||
406 | /* Copy the initialization s-boxes */ | ||
407 | for (i = 0, count = 0; i < 256; i++) | ||
408 | for (j = 0; j < 4; j++, count++) | ||
409 | S[count] = bf_sbox[count]; | ||
410 | |||
411 | /* Set the p-boxes */ | ||
412 | for (i = 0; i < 16 + 2; i++) | ||
413 | P[i] = bf_pbox[i]; | ||
414 | |||
415 | /* Actual subkey generation */ | ||
416 | for (j = 0, i = 0; i < 16 + 2; i++) { | ||
417 | temp = (((u32 )key[j] << 24) | | ||
418 | ((u32 )key[(j + 1) % keylen] << 16) | | ||
419 | ((u32 )key[(j + 2) % keylen] << 8) | | ||
420 | ((u32 )key[(j + 3) % keylen])); | ||
421 | |||
422 | P[i] = P[i] ^ temp; | ||
423 | j = (j + 4) % keylen; | ||
424 | } | ||
425 | |||
426 | data[0] = 0x00000000; | ||
427 | data[1] = 0x00000000; | ||
428 | |||
429 | for (i = 0; i < 16 + 2; i += 2) { | ||
430 | encrypt_block((struct bf_ctx *)ctx, data, data); | ||
431 | |||
432 | P[i] = data[0]; | ||
433 | P[i + 1] = data[1]; | ||
434 | } | ||
435 | |||
436 | for (i = 0; i < 4; i++) { | ||
437 | for (j = 0, count = i * 256; j < 256; j += 2, count += 2) { | ||
438 | encrypt_block((struct bf_ctx *)ctx, data, data); | ||
439 | |||
440 | S[count] = data[0]; | ||
441 | S[count + 1] = data[1]; | ||
442 | } | ||
443 | } | ||
444 | |||
445 | /* Bruce says not to bother with the weak key check. */ | ||
446 | return 0; | ||
447 | } | ||
448 | |||
449 | static struct crypto_alg alg = { | ||
450 | .cra_name = "blowfish", | ||
451 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
452 | .cra_blocksize = BF_BLOCK_SIZE, | ||
453 | .cra_ctxsize = sizeof(struct bf_ctx), | ||
454 | .cra_module = THIS_MODULE, | ||
455 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
456 | .cra_u = { .cipher = { | ||
457 | .cia_min_keysize = BF_MIN_KEY_SIZE, | ||
458 | .cia_max_keysize = BF_MAX_KEY_SIZE, | ||
459 | .cia_setkey = bf_setkey, | ||
460 | .cia_encrypt = bf_encrypt, | ||
461 | .cia_decrypt = bf_decrypt } } | ||
462 | }; | ||
463 | |||
464 | static int __init init(void) | ||
465 | { | ||
466 | return crypto_register_alg(&alg); | ||
467 | } | ||
468 | |||
469 | static void __exit fini(void) | ||
470 | { | ||
471 | crypto_unregister_alg(&alg); | ||
472 | } | ||
473 | |||
474 | module_init(init); | ||
475 | module_exit(fini); | ||
476 | |||
477 | MODULE_LICENSE("GPL"); | ||
478 | MODULE_DESCRIPTION("Blowfish Cipher Algorithm"); | ||
diff --git a/crypto/cast5.c b/crypto/cast5.c new file mode 100644 index 000000000000..bc42f42b4fe3 --- /dev/null +++ b/crypto/cast5.c | |||
@@ -0,0 +1,848 @@ | |||
1 | /* Kernel cryptographic api. | ||
2 | * cast5.c - Cast5 cipher algorithm (rfc2144). | ||
3 | * | ||
4 | * Derived from GnuPG implementation of cast5. | ||
5 | * | ||
6 | * Major Changes. | ||
7 | * Complete conformance to rfc2144. | ||
8 | * Supports key size from 40 to 128 bits. | ||
9 | * | ||
10 | * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. | ||
11 | * Copyright (C) 2003 Kartikey Mahendra Bhatt <kartik_me@hotmail.com>. | ||
12 | * | ||
13 | * This program is free software; you can redistribute it and/or modify it | ||
14 | * under the terms of GNU General Public License as published by the Free | ||
15 | * Software Foundation; either version 2 of the License, or (at your option) | ||
16 | * any later version. | ||
17 | * | ||
18 | * You should have received a copy of the GNU General Public License | ||
19 | * along with this program; if not, write to the Free Software | ||
20 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA | ||
21 | */ | ||
22 | |||
23 | |||
24 | #include <linux/init.h> | ||
25 | #include <linux/crypto.h> | ||
26 | #include <linux/module.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/string.h> | ||
29 | |||
30 | #define CAST5_BLOCK_SIZE 8 | ||
31 | #define CAST5_MIN_KEY_SIZE 5 | ||
32 | #define CAST5_MAX_KEY_SIZE 16 | ||
33 | |||
34 | struct cast5_ctx { | ||
35 | u32 Km[16]; | ||
36 | u8 Kr[16]; | ||
37 | int rr; /* rr?number of rounds = 16:number of rounds = 12; (rfc 2144) */ | ||
38 | }; | ||
39 | |||
40 | |||
41 | static const u32 s1[256] = { | ||
42 | 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, | ||
43 | 0x9c004dd3, 0x6003e540, 0xcf9fc949, | ||
44 | 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, | ||
45 | 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, | ||
46 | 0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, | ||
47 | 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, | ||
48 | 0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, | ||
49 | 0xaa54166b, 0x22568e3a, 0xa2d341d0, | ||
50 | 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, | ||
51 | 0x4a97c1d8, 0x527644b7, 0xb5f437a7, | ||
52 | 0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, | ||
53 | 0x90ecf52e, 0x22b0c054, 0xbc8e5935, | ||
54 | 0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, | ||
55 | 0xe93b159f, 0xb48ee411, 0x4bff345d, | ||
56 | 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, | ||
57 | 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, | ||
58 | 0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, | ||
59 | 0xc59c5319, 0xb949e354, 0xb04669fe, | ||
60 | 0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, | ||
61 | 0x6a390493, 0xe63d37e0, 0x2a54f6b3, | ||
62 | 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, | ||
63 | 0xf61b1891, 0xbb72275e, 0xaa508167, | ||
64 | 0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, | ||
65 | 0xa2d1936b, 0x2ad286af, 0xaa56d291, | ||
66 | 0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, | ||
67 | 0x73e2bb14, 0xa0bebc3c, 0x54623779, | ||
68 | 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, | ||
69 | 0x89fe78e6, 0x3fab0950, 0x325ff6c2, | ||
70 | 0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, | ||
71 | 0x380782d5, 0xc7fa5cf6, 0x8ac31511, | ||
72 | 0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, | ||
73 | 0x051ef495, 0xaa573b04, 0x4a805d8d, | ||
74 | 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, | ||
75 | 0x50afd341, 0xa7c13275, 0x915a0bf5, | ||
76 | 0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, | ||
77 | 0xab85c5f3, 0x1b55db94, 0xaad4e324, | ||
78 | 0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, | ||
79 | 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, | ||
80 | 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, | ||
81 | 0x22513f1e, 0xaa51a79b, 0x2ad344cc, | ||
82 | 0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, | ||
83 | 0x032268d4, 0xc9600acc, 0xce387e6d, | ||
84 | 0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, | ||
85 | 0x4736f464, 0x5ad328d8, 0xb347cc96, | ||
86 | 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, | ||
87 | 0xbfc5fe4a, 0xa70aec10, 0xac39570a, | ||
88 | 0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, | ||
89 | 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, | ||
90 | 0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, | ||
91 | 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, | ||
92 | 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, | ||
93 | 0x51c85f4d, 0x56907596, 0xa5bb15e6, | ||
94 | 0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, | ||
95 | 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, | ||
96 | 0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, | ||
97 | 0x700b45e1, 0xd5ea50f1, 0x85a92872, | ||
98 | 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, | ||
99 | 0x0cd0ede7, 0x26470db8, 0xf881814c, | ||
100 | 0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, | ||
101 | 0xab838653, 0x6e2f1e23, 0x83719c9e, | ||
102 | 0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, | ||
103 | 0xe1e696ff, 0xb141ab08, 0x7cca89b9, | ||
104 | 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, | ||
105 | 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf | ||
106 | }; | ||
107 | static const u32 s2[256] = { | ||
108 | 0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, | ||
109 | 0xeec5207a, 0x55889c94, 0x72fc0651, | ||
110 | 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, | ||
111 | 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, | ||
112 | 0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, | ||
113 | 0xef944459, 0xba83ccb3, 0xe0c3cdfb, | ||
114 | 0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, | ||
115 | 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, | ||
116 | 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, | ||
117 | 0x77e83f4e, 0x79929269, 0x24fa9f7b, | ||
118 | 0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, | ||
119 | 0x0d554b63, 0x5d681121, 0xc866c359, | ||
120 | 0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, | ||
121 | 0x39f7627f, 0x361e3084, 0xe4eb573b, | ||
122 | 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, | ||
123 | 0x99847ab4, 0xa0e3df79, 0xba6cf38c, | ||
124 | 0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, | ||
125 | 0x8f458c74, 0xd9e0a227, 0x4ec73a34, | ||
126 | 0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, | ||
127 | 0x1d804366, 0x721d9bfd, 0xa58684bb, | ||
128 | 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, | ||
129 | 0x27e19ba5, 0xd5a6c252, 0xe49754bd, | ||
130 | 0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, | ||
131 | 0xe0b56714, 0x21f043b7, 0xe5d05860, | ||
132 | 0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, | ||
133 | 0x68561be6, 0x83ca6b94, 0x2d6ed23b, | ||
134 | 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, | ||
135 | 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, | ||
136 | 0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, | ||
137 | 0xb96726d1, 0x8049a7e8, 0x22b7da7b, | ||
138 | 0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, | ||
139 | 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, | ||
140 | 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, | ||
141 | 0xe3214517, 0xb4542835, 0x9f63293c, | ||
142 | 0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, | ||
143 | 0x30a22c95, 0x31a70850, 0x60930f13, | ||
144 | 0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, | ||
145 | 0xa02b1741, 0x7cbad9a2, 0x2180036f, | ||
146 | 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, | ||
147 | 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, | ||
148 | 0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, | ||
149 | 0x846a3bae, 0x8ff77888, 0xee5d60f6, | ||
150 | 0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, | ||
151 | 0x157fd7fa, 0xef8579cc, 0xd152de58, | ||
152 | 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, | ||
153 | 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, | ||
154 | 0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, | ||
155 | 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, | ||
156 | 0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, | ||
157 | 0x301e16e6, 0x273be979, 0xb0ffeaa6, | ||
158 | 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, | ||
159 | 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, | ||
160 | 0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, | ||
161 | 0x1a513742, 0xef6828bc, 0x520365d6, | ||
162 | 0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, | ||
163 | 0x5eea29cb, 0x145892f5, 0x91584f7f, | ||
164 | 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, | ||
165 | 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, | ||
166 | 0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, | ||
167 | 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, | ||
168 | 0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, | ||
169 | 0xa345415e, 0x5c038323, 0x3e5d3bb9, | ||
170 | 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, | ||
171 | 0x73bfbe70, 0x83877605, 0x4523ecf1 | ||
172 | }; | ||
173 | static const u32 s3[256] = { | ||
174 | 0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, | ||
175 | 0x369fe44b, 0x8c1fc644, 0xaececa90, | ||
176 | 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, | ||
177 | 0xf0ad0548, 0xe13c8d83, 0x927010d5, | ||
178 | 0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, | ||
179 | 0xfade82e0, 0xa067268b, 0x8272792e, | ||
180 | 0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, | ||
181 | 0x825b1bfd, 0x9255c5ed, 0x1257a240, | ||
182 | 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, | ||
183 | 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, | ||
184 | 0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, | ||
185 | 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, | ||
186 | 0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, | ||
187 | 0x4a012d6e, 0xc5884a28, 0xccc36f71, | ||
188 | 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, | ||
189 | 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, | ||
190 | 0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, | ||
191 | 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, | ||
192 | 0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, | ||
193 | 0x1eac5790, 0x796fb449, 0x8252dc15, | ||
194 | 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, | ||
195 | 0xe83ec305, 0x4f91751a, 0x925669c2, | ||
196 | 0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, | ||
197 | 0x927985b2, 0x8276dbcb, 0x02778176, | ||
198 | 0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, | ||
199 | 0x340ce5c8, 0x96bbb682, 0x93b4b148, | ||
200 | 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, | ||
201 | 0x8437aa88, 0x7d29dc96, 0x2756d3dc, | ||
202 | 0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, | ||
203 | 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, | ||
204 | 0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, | ||
205 | 0xbda8229c, 0x127dadaa, 0x438a074e, | ||
206 | 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, | ||
207 | 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, | ||
208 | 0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, | ||
209 | 0x76a2e214, 0xb9a40368, 0x925d958f, | ||
210 | 0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, | ||
211 | 0x193cbcfa, 0x27627545, 0x825cf47a, | ||
212 | 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, | ||
213 | 0x8272a972, 0x9270c4a8, 0x127de50b, | ||
214 | 0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, | ||
215 | 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, | ||
216 | 0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, | ||
217 | 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, | ||
218 | 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, | ||
219 | 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, | ||
220 | 0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, | ||
221 | 0x7c34671c, 0x02717ef6, 0x4feb5536, | ||
222 | 0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, | ||
223 | 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, | ||
224 | 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, | ||
225 | 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, | ||
226 | 0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, | ||
227 | 0x856302e0, 0x72dbd92b, 0xee971b69, | ||
228 | 0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, | ||
229 | 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, | ||
230 | 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, | ||
231 | 0x0ff0443d, 0x606e6dc6, 0x60543a49, | ||
232 | 0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, | ||
233 | 0x68458425, 0x99833be5, 0x600d457d, | ||
234 | 0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, | ||
235 | 0x9c305a00, 0x52bce688, 0x1b03588a, | ||
236 | 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, | ||
237 | 0xa133c501, 0xe9d3531c, 0xee353783 | ||
238 | }; | ||
239 | static const u32 s4[256] = { | ||
240 | 0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, | ||
241 | 0x64ad8c57, 0x85510443, 0xfa020ed1, | ||
242 | 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, | ||
243 | 0x6497b7b1, 0xf3641f63, 0x241e4adf, | ||
244 | 0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, | ||
245 | 0xc0a5374f, 0x1d2d00d9, 0x24147b15, | ||
246 | 0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, | ||
247 | 0x0c13fefe, 0x081b08ca, 0x05170121, | ||
248 | 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, | ||
249 | 0x06df4261, 0xbb9e9b8a, 0x7293ea25, | ||
250 | 0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, | ||
251 | 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, | ||
252 | 0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, | ||
253 | 0x11b638e1, 0x72500e03, 0xf80eb2bb, | ||
254 | 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, | ||
255 | 0x6920318f, 0x081dbb99, 0xffc304a5, | ||
256 | 0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, | ||
257 | 0x9f926f91, 0x9f46222f, 0x3991467d, | ||
258 | 0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, | ||
259 | 0x3fb6180c, 0x18f8931e, 0x281658e6, | ||
260 | 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, | ||
261 | 0x79098b02, 0xe4eabb81, 0x28123b23, | ||
262 | 0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, | ||
263 | 0x0014377b, 0x041e8ac8, 0x09114003, | ||
264 | 0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, | ||
265 | 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, | ||
266 | 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, | ||
267 | 0x56c8c391, 0x6b65811c, 0x5e146119, | ||
268 | 0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, | ||
269 | 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, | ||
270 | 0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, | ||
271 | 0xeca1d7c7, 0x041afa32, 0x1d16625a, | ||
272 | 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, | ||
273 | 0xc70b8b46, 0xd9e66a48, 0x56e55a79, | ||
274 | 0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, | ||
275 | 0xedda04eb, 0x17a9be04, 0x2c18f4df, | ||
276 | 0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, | ||
277 | 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, | ||
278 | 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, | ||
279 | 0x0418f2c8, 0x001a96a6, 0x0d1526ab, | ||
280 | 0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, | ||
281 | 0x311170a7, 0x3e9b640c, 0xcc3e10d7, | ||
282 | 0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, | ||
283 | 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, | ||
284 | 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, | ||
285 | 0xb4be31cd, 0xd8782806, 0x12a3a4e2, | ||
286 | 0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, | ||
287 | 0x9711aac5, 0x001d7b95, 0x82e5e7d2, | ||
288 | 0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, | ||
289 | 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, | ||
290 | 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, | ||
291 | 0x0ce454a9, 0xd60acd86, 0x015f1919, | ||
292 | 0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, | ||
293 | 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, | ||
294 | 0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, | ||
295 | 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, | ||
296 | 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, | ||
297 | 0x296b299e, 0x492fc295, 0x9266beab, | ||
298 | 0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, | ||
299 | 0xf65324e6, 0x6afce36c, 0x0316cc04, | ||
300 | 0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, | ||
301 | 0x932bcdf6, 0xb657c34d, 0x4edfd282, | ||
302 | 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, | ||
303 | 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2 | ||
304 | }; | ||
305 | static const u32 s5[256] = { | ||
306 | 0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, | ||
307 | 0x1dd358f5, 0x44dd9d44, 0x1731167f, | ||
308 | 0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, | ||
309 | 0x386381cb, 0xacf6243a, 0x69befd7a, | ||
310 | 0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, | ||
311 | 0x15b0a848, 0xe68b18cb, 0x4caadeff, | ||
312 | 0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, | ||
313 | 0x248eb6fb, 0x8dba1cfe, 0x41a99b02, | ||
314 | 0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, | ||
315 | 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, | ||
316 | 0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, | ||
317 | 0x8709e6b0, 0xd7e07156, 0x4e29fea7, | ||
318 | 0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, | ||
319 | 0x578535f2, 0x2261be02, 0xd642a0c9, | ||
320 | 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, | ||
321 | 0xc8adedb3, 0x28a87fc9, 0x3d959981, | ||
322 | 0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, | ||
323 | 0x4fb96976, 0x90c79505, 0xb0a8a774, | ||
324 | 0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, | ||
325 | 0x0ec50966, 0xdfdd55bc, 0x29de0655, | ||
326 | 0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, | ||
327 | 0x524755f4, 0x03b63cc9, 0x0cc844b2, | ||
328 | 0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, | ||
329 | 0x64ee2d7e, 0xcddbb1da, 0x01c94910, | ||
330 | 0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, | ||
331 | 0x50f5b616, 0xf24766e3, 0x8eca36c1, | ||
332 | 0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, | ||
333 | 0x3063fcdf, 0xb6f589de, 0xec2941da, | ||
334 | 0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, | ||
335 | 0xc1bacb7f, 0xe5ff550f, 0xb6083049, | ||
336 | 0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, | ||
337 | 0x9e0885f9, 0x68cb3e47, 0x086c010f, | ||
338 | 0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, | ||
339 | 0xcbb3d550, 0x1793084d, 0xb0d70eba, | ||
340 | 0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, | ||
341 | 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, | ||
342 | 0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, | ||
343 | 0x05687715, 0x646c6bd7, 0x44904db3, | ||
344 | 0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, | ||
345 | 0x2cb6356a, 0x85808573, 0x4991f840, | ||
346 | 0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, | ||
347 | 0xc1092910, 0x8bc95fc6, 0x7d869cf4, | ||
348 | 0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, | ||
349 | 0x7d161bba, 0x9cad9010, 0xaf462ba2, | ||
350 | 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, | ||
351 | 0x176d486f, 0x097c13ea, 0x631da5c7, | ||
352 | 0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, | ||
353 | 0x6e5dd2f3, 0x20936079, 0x459b80a5, | ||
354 | 0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, | ||
355 | 0xf6721b2c, 0x1ad2fff3, 0x8c25404e, | ||
356 | 0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, | ||
357 | 0x75922283, 0x784d6b17, 0x58ebb16e, | ||
358 | 0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, | ||
359 | 0xaaf47556, 0x5f46b02a, 0x2b092801, | ||
360 | 0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, | ||
361 | 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, | ||
362 | 0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, | ||
363 | 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, | ||
364 | 0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, | ||
365 | 0x17e3fe2a, 0x24b79767, 0xf5a96b20, | ||
366 | 0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, | ||
367 | 0xeeb9491d, 0x34010718, 0xbb30cab8, | ||
368 | 0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, | ||
369 | 0xb1534546, 0x6d47de08, 0xefe9e7d4 | ||
370 | }; | ||
371 | static const u32 s6[256] = { | ||
372 | 0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, | ||
373 | 0x016843b4, 0xeced5cbc, 0x325553ac, | ||
374 | 0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, | ||
375 | 0xde5ebe39, 0xf38ff732, 0x8989b138, | ||
376 | 0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, | ||
377 | 0x4e23e33c, 0x79cbd7cc, 0x48a14367, | ||
378 | 0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, | ||
379 | 0x09a8486f, 0xa888614a, 0x2900af98, | ||
380 | 0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, | ||
381 | 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, | ||
382 | 0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, | ||
383 | 0x4c7f4448, 0xdab5d440, 0x6dba0ec3, | ||
384 | 0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, | ||
385 | 0x64bdb941, 0x2c0e636a, 0xba7dd9cd, | ||
386 | 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, | ||
387 | 0xb88153e2, 0x08a19866, 0x1ae2eac8, | ||
388 | 0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, | ||
389 | 0x9aea3906, 0xefe8c36e, 0xf890cdd9, | ||
390 | 0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, | ||
391 | 0x221db3a6, 0x9a69a02f, 0x68818a54, | ||
392 | 0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, | ||
393 | 0xcf222ebf, 0x25ac6f48, 0xa9a99387, | ||
394 | 0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, | ||
395 | 0xe8a11be9, 0x4980740d, 0xc8087dfc, | ||
396 | 0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, | ||
397 | 0x9528cd89, 0xfd339fed, 0xb87834bf, | ||
398 | 0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, | ||
399 | 0x57f55ec5, 0xe2220abe, 0xd2916ebf, | ||
400 | 0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, | ||
401 | 0xa8dc8af0, 0x7345c106, 0xf41e232f, | ||
402 | 0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, | ||
403 | 0x692573e4, 0xe9a9d848, 0xf3160289, | ||
404 | 0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, | ||
405 | 0x4576698d, 0xb6fad407, 0x592af950, | ||
406 | 0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, | ||
407 | 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, | ||
408 | 0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, | ||
409 | 0x48b9d585, 0xdc049441, 0xc8098f9b, | ||
410 | 0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, | ||
411 | 0x890072d6, 0x28207682, 0xa9a9f7be, | ||
412 | 0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, | ||
413 | 0x1f8fb214, 0xd372cf08, 0xcc3c4a13, | ||
414 | 0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, | ||
415 | 0xb6c85283, 0x3cc2acfb, 0x3fc06976, | ||
416 | 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, | ||
417 | 0x513021a5, 0x6c5b68b7, 0x822f8aa0, | ||
418 | 0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, | ||
419 | 0x0c5ec241, 0x8809286c, 0xf592d891, | ||
420 | 0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, | ||
421 | 0xb173ecc0, 0xbc60b42a, 0x953498da, | ||
422 | 0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, | ||
423 | 0x257f0c3d, 0x9348af49, 0x361400bc, | ||
424 | 0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, | ||
425 | 0xda41e7f9, 0xc25ad33a, 0x54f4a084, | ||
426 | 0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, | ||
427 | 0xb6f6deaf, 0x3a479c3a, 0x5302da25, | ||
428 | 0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, | ||
429 | 0x44136c76, 0x0404a8c8, 0xb8e5a121, | ||
430 | 0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, | ||
431 | 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5, | ||
432 | 0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, | ||
433 | 0xf544edeb, 0xb0e93524, 0xbebb8fbd, | ||
434 | 0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, | ||
435 | 0xa65b1db8, 0x851c97bd, 0xd675cf2f | ||
436 | }; | ||
437 | static const u32 s7[256] = { | ||
438 | 0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, | ||
439 | 0xab9bc912, 0xde6008a1, 0x2028da1f, | ||
440 | 0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, | ||
441 | 0xb232e75c, 0x4b3695f2, 0xb28707de, | ||
442 | 0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, | ||
443 | 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, | ||
444 | 0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, | ||
445 | 0xbaeeadf4, 0x1286becf, 0xb6eacb19, | ||
446 | 0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, | ||
447 | 0x28136086, 0x0bd8dfa8, 0x356d1cf2, | ||
448 | 0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, | ||
449 | 0xeb12ff82, 0xe3486911, 0xd34d7516, | ||
450 | 0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, | ||
451 | 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88, | ||
452 | 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, | ||
453 | 0x4437f107, 0xb6e79962, 0x42d2d816, | ||
454 | 0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, | ||
455 | 0xf9583745, 0xcf19df58, 0xbec3f756, | ||
456 | 0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, | ||
457 | 0x38bc46e9, 0xc6e6fa14, 0xbae8584a, | ||
458 | 0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, | ||
459 | 0xaff60ff4, 0xea2c4e6d, 0x16e39264, | ||
460 | 0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, | ||
461 | 0xb2856e6e, 0x1aec3ca9, 0xbe838688, | ||
462 | 0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, | ||
463 | 0x61fe033c, 0x16746233, 0x3c034c28, | ||
464 | 0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, | ||
465 | 0x1626a49f, 0xeed82b29, 0x1d382fe3, | ||
466 | 0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, | ||
467 | 0xd45230c7, 0x2bd1408b, 0x60c03eb7, | ||
468 | 0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, | ||
469 | 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, | ||
470 | 0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, | ||
471 | 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, | ||
472 | 0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, | ||
473 | 0x79d34217, 0x021a718d, 0x9ac6336a, | ||
474 | 0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, | ||
475 | 0x4eeb8476, 0x488dcf25, 0x36c9d566, | ||
476 | 0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, | ||
477 | 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, | ||
478 | 0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, | ||
479 | 0x2b9f4fd5, 0x625aba82, 0x6a017962, | ||
480 | 0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, | ||
481 | 0xe32dbf9a, 0x058745b9, 0x3453dc1e, | ||
482 | 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, | ||
483 | 0x19de7eae, 0x053e561a, 0x15ad6f8c, | ||
484 | 0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, | ||
485 | 0x58d4f2ae, 0x9ea294fb, 0x52cf564c, | ||
486 | 0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, | ||
487 | 0xa1e7160e, 0xe4f2dfa6, 0x693ed285, | ||
488 | 0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, | ||
489 | 0x3d321c5d, 0xc3f5e194, 0x4b269301, | ||
490 | 0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, | ||
491 | 0x296693f4, 0x3d1fce6f, 0xc61e45be, | ||
492 | 0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, | ||
493 | 0xb5229301, 0xcfd2a87f, 0x60aeb767, | ||
494 | 0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, | ||
495 | 0x589dd390, 0x5479f8e6, 0x1cb8d647, | ||
496 | 0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, | ||
497 | 0x462e1b78, 0x6580f87e, 0xf3817914, | ||
498 | 0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, | ||
499 | 0x3d40f021, 0xc3c0bdae, 0x4958c24c, | ||
500 | 0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, | ||
501 | 0x94e01be8, 0x90716f4b, 0x954b8aa3 | ||
502 | }; | ||
503 | static const u32 sb8[256] = { | ||
504 | 0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, | ||
505 | 0xe6c1121b, 0x0e241600, 0x052ce8b5, | ||
506 | 0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, | ||
507 | 0x76e38111, 0xb12def3a, 0x37ddddfc, | ||
508 | 0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, | ||
509 | 0xb4d137cf, 0xb44e79f0, 0x049eedfd, | ||
510 | 0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, | ||
511 | 0x3f8f95e7, 0x72df191b, 0x7580330d, | ||
512 | 0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, | ||
513 | 0x02e7d1ca, 0x53571dae, 0x7a3182a2, | ||
514 | 0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, | ||
515 | 0xce949ad4, 0xb84769ad, 0x965bd862, | ||
516 | 0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, | ||
517 | 0xc28ec4b8, 0x57e8726e, 0x647a78fc, | ||
518 | 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, | ||
519 | 0xae63aff2, 0x7e8bd632, 0x70108c0c, | ||
520 | 0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, | ||
521 | 0x06918548, 0x58cb7e07, 0x3b74ef2e, | ||
522 | 0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, | ||
523 | 0x19b47a38, 0x424f7618, 0x35856039, | ||
524 | 0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, | ||
525 | 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, | ||
526 | 0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, | ||
527 | 0x3dd00db3, 0x708f8f34, 0x77d51b42, | ||
528 | 0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, | ||
529 | 0x3e378160, 0x7895cda5, 0x859c15a5, | ||
530 | 0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, | ||
531 | 0x31842e7b, 0x24259fd7, 0xf8bef472, | ||
532 | 0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, | ||
533 | 0xe2506d3d, 0x4f9b12ea, 0xf215f225, | ||
534 | 0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, | ||
535 | 0xea7a6e98, 0x7cd16efc, 0x1436876c, | ||
536 | 0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, | ||
537 | 0x92ecbae6, 0xdd67016d, 0x151682eb, | ||
538 | 0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, | ||
539 | 0xe139673b, 0xefa63fb8, 0x71873054, | ||
540 | 0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, | ||
541 | 0x844a1be5, 0xbae7dfdc, 0x42cbda70, | ||
542 | 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, | ||
543 | 0x79d130a4, 0x3486ebfb, 0x33d3cddc, | ||
544 | 0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, | ||
545 | 0xc5c8b37e, 0x0d809ea2, 0x398feb7c, | ||
546 | 0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, | ||
547 | 0x37df932b, 0xc4248289, 0xacf3ebc3, | ||
548 | 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, | ||
549 | 0x5e410fab, 0xb48a2465, 0x2eda7fa4, | ||
550 | 0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, | ||
551 | 0xdb485694, 0x38d7e5b2, 0x57720101, | ||
552 | 0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, | ||
553 | 0x7523d24a, 0xe0779695, 0xf9c17a8f, | ||
554 | 0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, | ||
555 | 0xad1163ed, 0xea7b5965, 0x1a00726e, | ||
556 | 0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, | ||
557 | 0x9eedc364, 0x22ebe6a8, 0xcee7d28a, | ||
558 | 0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, | ||
559 | 0x8951570f, 0xdf09822b, 0xbd691a6c, | ||
560 | 0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, | ||
561 | 0x0d771c2b, 0x67cdb156, 0x350d8384, | ||
562 | 0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, | ||
563 | 0x8360d87b, 0x1fa98b0c, 0x1149382c, | ||
564 | 0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, | ||
565 | 0x0d2059d1, 0xa466bb1e, 0xf8da0a82, | ||
566 | 0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, | ||
567 | 0xeaee6801, 0x8db2a283, 0xea8bf59e | ||
568 | }; | ||
569 | |||
570 | #define F1(D,m,r) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ | ||
571 | (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) | ||
572 | #define F2(D,m,r) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ | ||
573 | (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) | ||
574 | #define F3(D,m,r) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ | ||
575 | (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) | ||
576 | |||
577 | |||
578 | static void cast5_encrypt(void *ctx, u8 * outbuf, const u8 * inbuf) | ||
579 | { | ||
580 | struct cast5_ctx *c = (struct cast5_ctx *) ctx; | ||
581 | u32 l, r, t; | ||
582 | u32 I; /* used by the Fx macros */ | ||
583 | u32 *Km; | ||
584 | u8 *Kr; | ||
585 | |||
586 | Km = c->Km; | ||
587 | Kr = c->Kr; | ||
588 | |||
589 | /* (L0,R0) <-- (m1...m64). (Split the plaintext into left and | ||
590 | * right 32-bit halves L0 = m1...m32 and R0 = m33...m64.) | ||
591 | */ | ||
592 | l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; | ||
593 | r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; | ||
594 | |||
595 | /* (16 rounds) for i from 1 to 16, compute Li and Ri as follows: | ||
596 | * Li = Ri-1; | ||
597 | * Ri = Li-1 ^ f(Ri-1,Kmi,Kri), where f is defined in Section 2.2 | ||
598 | * Rounds 1, 4, 7, 10, 13, and 16 use f function Type 1. | ||
599 | * Rounds 2, 5, 8, 11, and 14 use f function Type 2. | ||
600 | * Rounds 3, 6, 9, 12, and 15 use f function Type 3. | ||
601 | */ | ||
602 | |||
603 | if (!(c->rr)) { | ||
604 | t = l; l = r; r = t ^ F1(r, Km[0], Kr[0]); | ||
605 | t = l; l = r; r = t ^ F2(r, Km[1], Kr[1]); | ||
606 | t = l; l = r; r = t ^ F3(r, Km[2], Kr[2]); | ||
607 | t = l; l = r; r = t ^ F1(r, Km[3], Kr[3]); | ||
608 | t = l; l = r; r = t ^ F2(r, Km[4], Kr[4]); | ||
609 | t = l; l = r; r = t ^ F3(r, Km[5], Kr[5]); | ||
610 | t = l; l = r; r = t ^ F1(r, Km[6], Kr[6]); | ||
611 | t = l; l = r; r = t ^ F2(r, Km[7], Kr[7]); | ||
612 | t = l; l = r; r = t ^ F3(r, Km[8], Kr[8]); | ||
613 | t = l; l = r; r = t ^ F1(r, Km[9], Kr[9]); | ||
614 | t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]); | ||
615 | t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]); | ||
616 | t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]); | ||
617 | t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]); | ||
618 | t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]); | ||
619 | t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]); | ||
620 | } else { | ||
621 | t = l; l = r; r = t ^ F1(r, Km[0], Kr[0]); | ||
622 | t = l; l = r; r = t ^ F2(r, Km[1], Kr[1]); | ||
623 | t = l; l = r; r = t ^ F3(r, Km[2], Kr[2]); | ||
624 | t = l; l = r; r = t ^ F1(r, Km[3], Kr[3]); | ||
625 | t = l; l = r; r = t ^ F2(r, Km[4], Kr[4]); | ||
626 | t = l; l = r; r = t ^ F3(r, Km[5], Kr[5]); | ||
627 | t = l; l = r; r = t ^ F1(r, Km[6], Kr[6]); | ||
628 | t = l; l = r; r = t ^ F2(r, Km[7], Kr[7]); | ||
629 | t = l; l = r; r = t ^ F3(r, Km[8], Kr[8]); | ||
630 | t = l; l = r; r = t ^ F1(r, Km[9], Kr[9]); | ||
631 | t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]); | ||
632 | t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]); | ||
633 | } | ||
634 | |||
635 | /* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and | ||
636 | * concatenate to form the ciphertext.) */ | ||
637 | outbuf[0] = (r >> 24) & 0xff; | ||
638 | outbuf[1] = (r >> 16) & 0xff; | ||
639 | outbuf[2] = (r >> 8) & 0xff; | ||
640 | outbuf[3] = r & 0xff; | ||
641 | outbuf[4] = (l >> 24) & 0xff; | ||
642 | outbuf[5] = (l >> 16) & 0xff; | ||
643 | outbuf[6] = (l >> 8) & 0xff; | ||
644 | outbuf[7] = l & 0xff; | ||
645 | } | ||
646 | |||
647 | static void cast5_decrypt(void *ctx, u8 * outbuf, const u8 * inbuf) | ||
648 | { | ||
649 | struct cast5_ctx *c = (struct cast5_ctx *) ctx; | ||
650 | u32 l, r, t; | ||
651 | u32 I; | ||
652 | u32 *Km; | ||
653 | u8 *Kr; | ||
654 | |||
655 | Km = c->Km; | ||
656 | Kr = c->Kr; | ||
657 | |||
658 | l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; | ||
659 | r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; | ||
660 | |||
661 | if (!(c->rr)) { | ||
662 | t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]); | ||
663 | t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]); | ||
664 | t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]); | ||
665 | t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]); | ||
666 | t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]); | ||
667 | t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]); | ||
668 | t = l; l = r; r = t ^ F1(r, Km[9], Kr[9]); | ||
669 | t = l; l = r; r = t ^ F3(r, Km[8], Kr[8]); | ||
670 | t = l; l = r; r = t ^ F2(r, Km[7], Kr[7]); | ||
671 | t = l; l = r; r = t ^ F1(r, Km[6], Kr[6]); | ||
672 | t = l; l = r; r = t ^ F3(r, Km[5], Kr[5]); | ||
673 | t = l; l = r; r = t ^ F2(r, Km[4], Kr[4]); | ||
674 | t = l; l = r; r = t ^ F1(r, Km[3], Kr[3]); | ||
675 | t = l; l = r; r = t ^ F3(r, Km[2], Kr[2]); | ||
676 | t = l; l = r; r = t ^ F2(r, Km[1], Kr[1]); | ||
677 | t = l; l = r; r = t ^ F1(r, Km[0], Kr[0]); | ||
678 | } else { | ||
679 | t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]); | ||
680 | t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]); | ||
681 | t = l; l = r; r = t ^ F1(r, Km[9], Kr[9]); | ||
682 | t = l; l = r; r = t ^ F3(r, Km[8], Kr[8]); | ||
683 | t = l; l = r; r = t ^ F2(r, Km[7], Kr[7]); | ||
684 | t = l; l = r; r = t ^ F1(r, Km[6], Kr[6]); | ||
685 | t = l; l = r; r = t ^ F3(r, Km[5], Kr[5]); | ||
686 | t = l; l = r; r = t ^ F2(r, Km[4], Kr[4]); | ||
687 | t = l; l = r; r = t ^ F1(r, Km[3], Kr[3]); | ||
688 | t = l; l = r; r = t ^ F3(r, Km[2], Kr[2]); | ||
689 | t = l; l = r; r = t ^ F2(r, Km[1], Kr[1]); | ||
690 | t = l; l = r; r = t ^ F1(r, Km[0], Kr[0]); | ||
691 | } | ||
692 | |||
693 | outbuf[0] = (r >> 24) & 0xff; | ||
694 | outbuf[1] = (r >> 16) & 0xff; | ||
695 | outbuf[2] = (r >> 8) & 0xff; | ||
696 | outbuf[3] = r & 0xff; | ||
697 | outbuf[4] = (l >> 24) & 0xff; | ||
698 | outbuf[5] = (l >> 16) & 0xff; | ||
699 | outbuf[6] = (l >> 8) & 0xff; | ||
700 | outbuf[7] = l & 0xff; | ||
701 | } | ||
702 | |||
703 | static void key_schedule(u32 * x, u32 * z, u32 * k) | ||
704 | { | ||
705 | |||
706 | #define xi(i) ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff) | ||
707 | #define zi(i) ((z[(i)/4] >> (8*(3-((i)%4)))) & 0xff) | ||
708 | |||
709 | z[0] = x[0] ^ s5[xi(13)] ^ s6[xi(15)] ^ s7[xi(12)] ^ sb8[xi(14)] ^ | ||
710 | s7[xi(8)]; | ||
711 | z[1] = x[2] ^ s5[zi(0)] ^ s6[zi(2)] ^ s7[zi(1)] ^ sb8[zi(3)] ^ | ||
712 | sb8[xi(10)]; | ||
713 | z[2] = x[3] ^ s5[zi(7)] ^ s6[zi(6)] ^ s7[zi(5)] ^ sb8[zi(4)] ^ | ||
714 | s5[xi(9)]; | ||
715 | z[3] = x[1] ^ s5[zi(10)] ^ s6[zi(9)] ^ s7[zi(11)] ^ sb8[zi(8)] ^ | ||
716 | s6[xi(11)]; | ||
717 | k[0] = s5[zi(8)] ^ s6[zi(9)] ^ s7[zi(7)] ^ sb8[zi(6)] ^ s5[zi(2)]; | ||
718 | k[1] = s5[zi(10)] ^ s6[zi(11)] ^ s7[zi(5)] ^ sb8[zi(4)] ^ | ||
719 | s6[zi(6)]; | ||
720 | k[2] = s5[zi(12)] ^ s6[zi(13)] ^ s7[zi(3)] ^ sb8[zi(2)] ^ | ||
721 | s7[zi(9)]; | ||
722 | k[3] = s5[zi(14)] ^ s6[zi(15)] ^ s7[zi(1)] ^ sb8[zi(0)] ^ | ||
723 | sb8[zi(12)]; | ||
724 | |||
725 | x[0] = z[2] ^ s5[zi(5)] ^ s6[zi(7)] ^ s7[zi(4)] ^ sb8[zi(6)] ^ | ||
726 | s7[zi(0)]; | ||
727 | x[1] = z[0] ^ s5[xi(0)] ^ s6[xi(2)] ^ s7[xi(1)] ^ sb8[xi(3)] ^ | ||
728 | sb8[zi(2)]; | ||
729 | x[2] = z[1] ^ s5[xi(7)] ^ s6[xi(6)] ^ s7[xi(5)] ^ sb8[xi(4)] ^ | ||
730 | s5[zi(1)]; | ||
731 | x[3] = z[3] ^ s5[xi(10)] ^ s6[xi(9)] ^ s7[xi(11)] ^ sb8[xi(8)] ^ | ||
732 | s6[zi(3)]; | ||
733 | k[4] = s5[xi(3)] ^ s6[xi(2)] ^ s7[xi(12)] ^ sb8[xi(13)] ^ | ||
734 | s5[xi(8)]; | ||
735 | k[5] = s5[xi(1)] ^ s6[xi(0)] ^ s7[xi(14)] ^ sb8[xi(15)] ^ | ||
736 | s6[xi(13)]; | ||
737 | k[6] = s5[xi(7)] ^ s6[xi(6)] ^ s7[xi(8)] ^ sb8[xi(9)] ^ s7[xi(3)]; | ||
738 | k[7] = s5[xi(5)] ^ s6[xi(4)] ^ s7[xi(10)] ^ sb8[xi(11)] ^ | ||
739 | sb8[xi(7)]; | ||
740 | |||
741 | z[0] = x[0] ^ s5[xi(13)] ^ s6[xi(15)] ^ s7[xi(12)] ^ sb8[xi(14)] ^ | ||
742 | s7[xi(8)]; | ||
743 | z[1] = x[2] ^ s5[zi(0)] ^ s6[zi(2)] ^ s7[zi(1)] ^ sb8[zi(3)] ^ | ||
744 | sb8[xi(10)]; | ||
745 | z[2] = x[3] ^ s5[zi(7)] ^ s6[zi(6)] ^ s7[zi(5)] ^ sb8[zi(4)] ^ | ||
746 | s5[xi(9)]; | ||
747 | z[3] = x[1] ^ s5[zi(10)] ^ s6[zi(9)] ^ s7[zi(11)] ^ sb8[zi(8)] ^ | ||
748 | s6[xi(11)]; | ||
749 | k[8] = s5[zi(3)] ^ s6[zi(2)] ^ s7[zi(12)] ^ sb8[zi(13)] ^ | ||
750 | s5[zi(9)]; | ||
751 | k[9] = s5[zi(1)] ^ s6[zi(0)] ^ s7[zi(14)] ^ sb8[zi(15)] ^ | ||
752 | s6[zi(12)]; | ||
753 | k[10] = s5[zi(7)] ^ s6[zi(6)] ^ s7[zi(8)] ^ sb8[zi(9)] ^ s7[zi(2)]; | ||
754 | k[11] = s5[zi(5)] ^ s6[zi(4)] ^ s7[zi(10)] ^ sb8[zi(11)] ^ | ||
755 | sb8[zi(6)]; | ||
756 | |||
757 | x[0] = z[2] ^ s5[zi(5)] ^ s6[zi(7)] ^ s7[zi(4)] ^ sb8[zi(6)] ^ | ||
758 | s7[zi(0)]; | ||
759 | x[1] = z[0] ^ s5[xi(0)] ^ s6[xi(2)] ^ s7[xi(1)] ^ sb8[xi(3)] ^ | ||
760 | sb8[zi(2)]; | ||
761 | x[2] = z[1] ^ s5[xi(7)] ^ s6[xi(6)] ^ s7[xi(5)] ^ sb8[xi(4)] ^ | ||
762 | s5[zi(1)]; | ||
763 | x[3] = z[3] ^ s5[xi(10)] ^ s6[xi(9)] ^ s7[xi(11)] ^ sb8[xi(8)] ^ | ||
764 | s6[zi(3)]; | ||
765 | k[12] = s5[xi(8)] ^ s6[xi(9)] ^ s7[xi(7)] ^ sb8[xi(6)] ^ s5[xi(3)]; | ||
766 | k[13] = s5[xi(10)] ^ s6[xi(11)] ^ s7[xi(5)] ^ sb8[xi(4)] ^ | ||
767 | s6[xi(7)]; | ||
768 | k[14] = s5[xi(12)] ^ s6[xi(13)] ^ s7[xi(3)] ^ sb8[xi(2)] ^ | ||
769 | s7[xi(8)]; | ||
770 | k[15] = s5[xi(14)] ^ s6[xi(15)] ^ s7[xi(1)] ^ sb8[xi(0)] ^ | ||
771 | sb8[xi(13)]; | ||
772 | |||
773 | #undef xi | ||
774 | #undef zi | ||
775 | } | ||
776 | |||
777 | |||
778 | static int | ||
779 | cast5_setkey(void *ctx, const u8 * key, unsigned key_len, u32 * flags) | ||
780 | { | ||
781 | int i; | ||
782 | u32 x[4]; | ||
783 | u32 z[4]; | ||
784 | u32 k[16]; | ||
785 | u8 p_key[16]; | ||
786 | struct cast5_ctx *c = (struct cast5_ctx *) ctx; | ||
787 | |||
788 | if (key_len < 5 || key_len > 16) { | ||
789 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
790 | return -EINVAL; | ||
791 | } | ||
792 | |||
793 | c->rr = key_len <= 10 ? 1 : 0; | ||
794 | |||
795 | memset(p_key, 0, 16); | ||
796 | memcpy(p_key, key, key_len); | ||
797 | |||
798 | |||
799 | x[0] = p_key[0] << 24 | p_key[1] << 16 | p_key[2] << 8 | p_key[3]; | ||
800 | x[1] = p_key[4] << 24 | p_key[5] << 16 | p_key[6] << 8 | p_key[7]; | ||
801 | x[2] = | ||
802 | p_key[8] << 24 | p_key[9] << 16 | p_key[10] << 8 | p_key[11]; | ||
803 | x[3] = | ||
804 | p_key[12] << 24 | p_key[13] << 16 | p_key[14] << 8 | p_key[15]; | ||
805 | |||
806 | key_schedule(x, z, k); | ||
807 | for (i = 0; i < 16; i++) | ||
808 | c->Km[i] = k[i]; | ||
809 | key_schedule(x, z, k); | ||
810 | for (i = 0; i < 16; i++) | ||
811 | c->Kr[i] = k[i] & 0x1f; | ||
812 | return 0; | ||
813 | } | ||
814 | |||
815 | static struct crypto_alg alg = { | ||
816 | .cra_name = "cast5", | ||
817 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
818 | .cra_blocksize = CAST5_BLOCK_SIZE, | ||
819 | .cra_ctxsize = sizeof(struct cast5_ctx), | ||
820 | .cra_module = THIS_MODULE, | ||
821 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
822 | .cra_u = { | ||
823 | .cipher = { | ||
824 | .cia_min_keysize = CAST5_MIN_KEY_SIZE, | ||
825 | .cia_max_keysize = CAST5_MAX_KEY_SIZE, | ||
826 | .cia_setkey = cast5_setkey, | ||
827 | .cia_encrypt = cast5_encrypt, | ||
828 | .cia_decrypt = cast5_decrypt | ||
829 | } | ||
830 | } | ||
831 | }; | ||
832 | |||
833 | static int __init init(void) | ||
834 | { | ||
835 | return crypto_register_alg(&alg); | ||
836 | } | ||
837 | |||
838 | static void __exit fini(void) | ||
839 | { | ||
840 | crypto_unregister_alg(&alg); | ||
841 | } | ||
842 | |||
843 | module_init(init); | ||
844 | module_exit(fini); | ||
845 | |||
846 | MODULE_LICENSE("GPL"); | ||
847 | MODULE_DESCRIPTION("Cast5 Cipher Algorithm"); | ||
848 | |||
diff --git a/crypto/cast6.c b/crypto/cast6.c new file mode 100644 index 000000000000..3eb081073423 --- /dev/null +++ b/crypto/cast6.c | |||
@@ -0,0 +1,560 @@ | |||
1 | /* Kernel cryptographic api. | ||
2 | * cast6.c - Cast6 cipher algorithm [rfc2612]. | ||
3 | * | ||
4 | * CAST-256 (*cast6*) is a DES like Substitution-Permutation Network (SPN) | ||
5 | * cryptosystem built upon the CAST-128 (*cast5*) [rfc2144] encryption | ||
6 | * algorithm. | ||
7 | * | ||
8 | * Copyright (C) 2003 Kartikey Mahendra Bhatt <kartik_me@hotmail.com>. | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | * | ||
15 | * You should have received a copy of the GNU General Public License | ||
16 | * along with this program; if not, write to the Free Software | ||
17 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA | ||
18 | */ | ||
19 | |||
20 | |||
21 | #include <linux/init.h> | ||
22 | #include <linux/crypto.h> | ||
23 | #include <linux/module.h> | ||
24 | #include <linux/errno.h> | ||
25 | #include <linux/string.h> | ||
26 | |||
27 | #define CAST6_BLOCK_SIZE 16 | ||
28 | #define CAST6_MIN_KEY_SIZE 16 | ||
29 | #define CAST6_MAX_KEY_SIZE 32 | ||
30 | |||
31 | struct cast6_ctx { | ||
32 | u32 Km[12][4]; | ||
33 | u8 Kr[12][4]; | ||
34 | }; | ||
35 | |||
36 | #define F1(D,r,m) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ | ||
37 | (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) | ||
38 | #define F2(D,r,m) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ | ||
39 | (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) | ||
40 | #define F3(D,r,m) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ | ||
41 | (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) | ||
42 | |||
43 | static const u32 s1[256] = { | ||
44 | 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, | ||
45 | 0x9c004dd3, 0x6003e540, 0xcf9fc949, | ||
46 | 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, | ||
47 | 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, | ||
48 | 0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, | ||
49 | 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, | ||
50 | 0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, | ||
51 | 0xaa54166b, 0x22568e3a, 0xa2d341d0, | ||
52 | 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, | ||
53 | 0x4a97c1d8, 0x527644b7, 0xb5f437a7, | ||
54 | 0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, | ||
55 | 0x90ecf52e, 0x22b0c054, 0xbc8e5935, | ||
56 | 0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, | ||
57 | 0xe93b159f, 0xb48ee411, 0x4bff345d, | ||
58 | 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, | ||
59 | 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, | ||
60 | 0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, | ||
61 | 0xc59c5319, 0xb949e354, 0xb04669fe, | ||
62 | 0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, | ||
63 | 0x6a390493, 0xe63d37e0, 0x2a54f6b3, | ||
64 | 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, | ||
65 | 0xf61b1891, 0xbb72275e, 0xaa508167, | ||
66 | 0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, | ||
67 | 0xa2d1936b, 0x2ad286af, 0xaa56d291, | ||
68 | 0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, | ||
69 | 0x73e2bb14, 0xa0bebc3c, 0x54623779, | ||
70 | 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, | ||
71 | 0x89fe78e6, 0x3fab0950, 0x325ff6c2, | ||
72 | 0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, | ||
73 | 0x380782d5, 0xc7fa5cf6, 0x8ac31511, | ||
74 | 0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, | ||
75 | 0x051ef495, 0xaa573b04, 0x4a805d8d, | ||
76 | 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, | ||
77 | 0x50afd341, 0xa7c13275, 0x915a0bf5, | ||
78 | 0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, | ||
79 | 0xab85c5f3, 0x1b55db94, 0xaad4e324, | ||
80 | 0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, | ||
81 | 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, | ||
82 | 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, | ||
83 | 0x22513f1e, 0xaa51a79b, 0x2ad344cc, | ||
84 | 0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, | ||
85 | 0x032268d4, 0xc9600acc, 0xce387e6d, | ||
86 | 0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, | ||
87 | 0x4736f464, 0x5ad328d8, 0xb347cc96, | ||
88 | 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, | ||
89 | 0xbfc5fe4a, 0xa70aec10, 0xac39570a, | ||
90 | 0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, | ||
91 | 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, | ||
92 | 0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, | ||
93 | 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, | ||
94 | 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, | ||
95 | 0x51c85f4d, 0x56907596, 0xa5bb15e6, | ||
96 | 0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, | ||
97 | 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, | ||
98 | 0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, | ||
99 | 0x700b45e1, 0xd5ea50f1, 0x85a92872, | ||
100 | 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, | ||
101 | 0x0cd0ede7, 0x26470db8, 0xf881814c, | ||
102 | 0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, | ||
103 | 0xab838653, 0x6e2f1e23, 0x83719c9e, | ||
104 | 0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, | ||
105 | 0xe1e696ff, 0xb141ab08, 0x7cca89b9, | ||
106 | 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, | ||
107 | 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf | ||
108 | }; | ||
109 | |||
110 | static const u32 s2[256] = { | ||
111 | 0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, | ||
112 | 0xeec5207a, 0x55889c94, 0x72fc0651, | ||
113 | 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, | ||
114 | 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, | ||
115 | 0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, | ||
116 | 0xef944459, 0xba83ccb3, 0xe0c3cdfb, | ||
117 | 0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, | ||
118 | 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, | ||
119 | 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, | ||
120 | 0x77e83f4e, 0x79929269, 0x24fa9f7b, | ||
121 | 0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, | ||
122 | 0x0d554b63, 0x5d681121, 0xc866c359, | ||
123 | 0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, | ||
124 | 0x39f7627f, 0x361e3084, 0xe4eb573b, | ||
125 | 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, | ||
126 | 0x99847ab4, 0xa0e3df79, 0xba6cf38c, | ||
127 | 0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, | ||
128 | 0x8f458c74, 0xd9e0a227, 0x4ec73a34, | ||
129 | 0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, | ||
130 | 0x1d804366, 0x721d9bfd, 0xa58684bb, | ||
131 | 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, | ||
132 | 0x27e19ba5, 0xd5a6c252, 0xe49754bd, | ||
133 | 0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, | ||
134 | 0xe0b56714, 0x21f043b7, 0xe5d05860, | ||
135 | 0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, | ||
136 | 0x68561be6, 0x83ca6b94, 0x2d6ed23b, | ||
137 | 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, | ||
138 | 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, | ||
139 | 0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, | ||
140 | 0xb96726d1, 0x8049a7e8, 0x22b7da7b, | ||
141 | 0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, | ||
142 | 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, | ||
143 | 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, | ||
144 | 0xe3214517, 0xb4542835, 0x9f63293c, | ||
145 | 0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, | ||
146 | 0x30a22c95, 0x31a70850, 0x60930f13, | ||
147 | 0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, | ||
148 | 0xa02b1741, 0x7cbad9a2, 0x2180036f, | ||
149 | 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, | ||
150 | 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, | ||
151 | 0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, | ||
152 | 0x846a3bae, 0x8ff77888, 0xee5d60f6, | ||
153 | 0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, | ||
154 | 0x157fd7fa, 0xef8579cc, 0xd152de58, | ||
155 | 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, | ||
156 | 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, | ||
157 | 0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, | ||
158 | 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, | ||
159 | 0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, | ||
160 | 0x301e16e6, 0x273be979, 0xb0ffeaa6, | ||
161 | 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, | ||
162 | 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, | ||
163 | 0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, | ||
164 | 0x1a513742, 0xef6828bc, 0x520365d6, | ||
165 | 0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, | ||
166 | 0x5eea29cb, 0x145892f5, 0x91584f7f, | ||
167 | 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, | ||
168 | 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, | ||
169 | 0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, | ||
170 | 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, | ||
171 | 0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, | ||
172 | 0xa345415e, 0x5c038323, 0x3e5d3bb9, | ||
173 | 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, | ||
174 | 0x73bfbe70, 0x83877605, 0x4523ecf1 | ||
175 | }; | ||
176 | |||
177 | static const u32 s3[256] = { | ||
178 | 0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, | ||
179 | 0x369fe44b, 0x8c1fc644, 0xaececa90, | ||
180 | 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, | ||
181 | 0xf0ad0548, 0xe13c8d83, 0x927010d5, | ||
182 | 0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, | ||
183 | 0xfade82e0, 0xa067268b, 0x8272792e, | ||
184 | 0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, | ||
185 | 0x825b1bfd, 0x9255c5ed, 0x1257a240, | ||
186 | 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, | ||
187 | 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, | ||
188 | 0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, | ||
189 | 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, | ||
190 | 0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, | ||
191 | 0x4a012d6e, 0xc5884a28, 0xccc36f71, | ||
192 | 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, | ||
193 | 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, | ||
194 | 0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, | ||
195 | 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, | ||
196 | 0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, | ||
197 | 0x1eac5790, 0x796fb449, 0x8252dc15, | ||
198 | 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, | ||
199 | 0xe83ec305, 0x4f91751a, 0x925669c2, | ||
200 | 0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, | ||
201 | 0x927985b2, 0x8276dbcb, 0x02778176, | ||
202 | 0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, | ||
203 | 0x340ce5c8, 0x96bbb682, 0x93b4b148, | ||
204 | 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, | ||
205 | 0x8437aa88, 0x7d29dc96, 0x2756d3dc, | ||
206 | 0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, | ||
207 | 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, | ||
208 | 0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, | ||
209 | 0xbda8229c, 0x127dadaa, 0x438a074e, | ||
210 | 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, | ||
211 | 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, | ||
212 | 0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, | ||
213 | 0x76a2e214, 0xb9a40368, 0x925d958f, | ||
214 | 0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, | ||
215 | 0x193cbcfa, 0x27627545, 0x825cf47a, | ||
216 | 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, | ||
217 | 0x8272a972, 0x9270c4a8, 0x127de50b, | ||
218 | 0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, | ||
219 | 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, | ||
220 | 0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, | ||
221 | 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, | ||
222 | 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, | ||
223 | 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, | ||
224 | 0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, | ||
225 | 0x7c34671c, 0x02717ef6, 0x4feb5536, | ||
226 | 0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, | ||
227 | 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, | ||
228 | 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, | ||
229 | 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, | ||
230 | 0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, | ||
231 | 0x856302e0, 0x72dbd92b, 0xee971b69, | ||
232 | 0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, | ||
233 | 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, | ||
234 | 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, | ||
235 | 0x0ff0443d, 0x606e6dc6, 0x60543a49, | ||
236 | 0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, | ||
237 | 0x68458425, 0x99833be5, 0x600d457d, | ||
238 | 0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, | ||
239 | 0x9c305a00, 0x52bce688, 0x1b03588a, | ||
240 | 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, | ||
241 | 0xa133c501, 0xe9d3531c, 0xee353783 | ||
242 | }; | ||
243 | |||
244 | static const u32 s4[256] = { | ||
245 | 0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, | ||
246 | 0x64ad8c57, 0x85510443, 0xfa020ed1, | ||
247 | 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, | ||
248 | 0x6497b7b1, 0xf3641f63, 0x241e4adf, | ||
249 | 0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, | ||
250 | 0xc0a5374f, 0x1d2d00d9, 0x24147b15, | ||
251 | 0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, | ||
252 | 0x0c13fefe, 0x081b08ca, 0x05170121, | ||
253 | 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, | ||
254 | 0x06df4261, 0xbb9e9b8a, 0x7293ea25, | ||
255 | 0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, | ||
256 | 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, | ||
257 | 0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, | ||
258 | 0x11b638e1, 0x72500e03, 0xf80eb2bb, | ||
259 | 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, | ||
260 | 0x6920318f, 0x081dbb99, 0xffc304a5, | ||
261 | 0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, | ||
262 | 0x9f926f91, 0x9f46222f, 0x3991467d, | ||
263 | 0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, | ||
264 | 0x3fb6180c, 0x18f8931e, 0x281658e6, | ||
265 | 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, | ||
266 | 0x79098b02, 0xe4eabb81, 0x28123b23, | ||
267 | 0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, | ||
268 | 0x0014377b, 0x041e8ac8, 0x09114003, | ||
269 | 0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, | ||
270 | 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, | ||
271 | 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, | ||
272 | 0x56c8c391, 0x6b65811c, 0x5e146119, | ||
273 | 0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, | ||
274 | 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, | ||
275 | 0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, | ||
276 | 0xeca1d7c7, 0x041afa32, 0x1d16625a, | ||
277 | 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, | ||
278 | 0xc70b8b46, 0xd9e66a48, 0x56e55a79, | ||
279 | 0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, | ||
280 | 0xedda04eb, 0x17a9be04, 0x2c18f4df, | ||
281 | 0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, | ||
282 | 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, | ||
283 | 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, | ||
284 | 0x0418f2c8, 0x001a96a6, 0x0d1526ab, | ||
285 | 0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, | ||
286 | 0x311170a7, 0x3e9b640c, 0xcc3e10d7, | ||
287 | 0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, | ||
288 | 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, | ||
289 | 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, | ||
290 | 0xb4be31cd, 0xd8782806, 0x12a3a4e2, | ||
291 | 0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, | ||
292 | 0x9711aac5, 0x001d7b95, 0x82e5e7d2, | ||
293 | 0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, | ||
294 | 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, | ||
295 | 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, | ||
296 | 0x0ce454a9, 0xd60acd86, 0x015f1919, | ||
297 | 0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, | ||
298 | 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, | ||
299 | 0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, | ||
300 | 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, | ||
301 | 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, | ||
302 | 0x296b299e, 0x492fc295, 0x9266beab, | ||
303 | 0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, | ||
304 | 0xf65324e6, 0x6afce36c, 0x0316cc04, | ||
305 | 0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, | ||
306 | 0x932bcdf6, 0xb657c34d, 0x4edfd282, | ||
307 | 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, | ||
308 | 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2 | ||
309 | }; | ||
310 | |||
311 | static const u32 Tm[24][8] = { | ||
312 | { 0x5a827999, 0xc95c653a, 0x383650db, 0xa7103c7c, 0x15ea281d, | ||
313 | 0x84c413be, 0xf39dff5f, 0x6277eb00 } , | ||
314 | { 0xd151d6a1, 0x402bc242, 0xaf05ade3, 0x1ddf9984, 0x8cb98525, | ||
315 | 0xfb9370c6, 0x6a6d5c67, 0xd9474808 } , | ||
316 | { 0x482133a9, 0xb6fb1f4a, 0x25d50aeb, 0x94aef68c, 0x0388e22d, | ||
317 | 0x7262cdce, 0xe13cb96f, 0x5016a510 } , | ||
318 | { 0xbef090b1, 0x2dca7c52, 0x9ca467f3, 0x0b7e5394, 0x7a583f35, | ||
319 | 0xe9322ad6, 0x580c1677, 0xc6e60218 } , | ||
320 | { 0x35bfedb9, 0xa499d95a, 0x1373c4fb, 0x824db09c, 0xf1279c3d, | ||
321 | 0x600187de, 0xcedb737f, 0x3db55f20 } , | ||
322 | { 0xac8f4ac1, 0x1b693662, 0x8a432203, 0xf91d0da4, 0x67f6f945, | ||
323 | 0xd6d0e4e6, 0x45aad087, 0xb484bc28 } , | ||
324 | { 0x235ea7c9, 0x9238936a, 0x01127f0b, 0x6fec6aac, 0xdec6564d, | ||
325 | 0x4da041ee, 0xbc7a2d8f, 0x2b541930 } , | ||
326 | { 0x9a2e04d1, 0x0907f072, 0x77e1dc13, 0xe6bbc7b4, 0x5595b355, | ||
327 | 0xc46f9ef6, 0x33498a97, 0xa2237638 } , | ||
328 | { 0x10fd61d9, 0x7fd74d7a, 0xeeb1391b, 0x5d8b24bc, 0xcc65105d, | ||
329 | 0x3b3efbfe, 0xaa18e79f, 0x18f2d340 } , | ||
330 | { 0x87ccbee1, 0xf6a6aa82, 0x65809623, 0xd45a81c4, 0x43346d65, | ||
331 | 0xb20e5906, 0x20e844a7, 0x8fc23048 } , | ||
332 | { 0xfe9c1be9, 0x6d76078a, 0xdc4ff32b, 0x4b29decc, 0xba03ca6d, | ||
333 | 0x28ddb60e, 0x97b7a1af, 0x06918d50 } , | ||
334 | { 0x756b78f1, 0xe4456492, 0x531f5033, 0xc1f93bd4, 0x30d32775, | ||
335 | 0x9fad1316, 0x0e86feb7, 0x7d60ea58 } , | ||
336 | { 0xec3ad5f9, 0x5b14c19a, 0xc9eead3b, 0x38c898dc, 0xa7a2847d, | ||
337 | 0x167c701e, 0x85565bbf, 0xf4304760 } , | ||
338 | { 0x630a3301, 0xd1e41ea2, 0x40be0a43, 0xaf97f5e4, 0x1e71e185, | ||
339 | 0x8d4bcd26, 0xfc25b8c7, 0x6affa468 } , | ||
340 | { 0xd9d99009, 0x48b37baa, 0xb78d674b, 0x266752ec, 0x95413e8d, | ||
341 | 0x041b2a2e, 0x72f515cf, 0xe1cf0170 } , | ||
342 | { 0x50a8ed11, 0xbf82d8b2, 0x2e5cc453, 0x9d36aff4, 0x0c109b95, | ||
343 | 0x7aea8736, 0xe9c472d7, 0x589e5e78 } , | ||
344 | { 0xc7784a19, 0x365235ba, 0xa52c215b, 0x14060cfc, 0x82dff89d, | ||
345 | 0xf1b9e43e, 0x6093cfdf, 0xcf6dbb80 } , | ||
346 | { 0x3e47a721, 0xad2192c2, 0x1bfb7e63, 0x8ad56a04, 0xf9af55a5, | ||
347 | 0x68894146, 0xd7632ce7, 0x463d1888 } , | ||
348 | { 0xb5170429, 0x23f0efca, 0x92cadb6b, 0x01a4c70c, 0x707eb2ad, | ||
349 | 0xdf589e4e, 0x4e3289ef, 0xbd0c7590 } , | ||
350 | { 0x2be66131, 0x9ac04cd2, 0x099a3873, 0x78742414, 0xe74e0fb5, | ||
351 | 0x5627fb56, 0xc501e6f7, 0x33dbd298 } , | ||
352 | { 0xa2b5be39, 0x118fa9da, 0x8069957b, 0xef43811c, 0x5e1d6cbd, | ||
353 | 0xccf7585e, 0x3bd143ff, 0xaaab2fa0 } , | ||
354 | { 0x19851b41, 0x885f06e2, 0xf738f283, 0x6612de24, 0xd4ecc9c5, | ||
355 | 0x43c6b566, 0xb2a0a107, 0x217a8ca8 } , | ||
356 | { 0x90547849, 0xff2e63ea, 0x6e084f8b, 0xdce23b2c, 0x4bbc26cd, | ||
357 | 0xba96126e, 0x296ffe0f, 0x9849e9b0 } , | ||
358 | { 0x0723d551, 0x75fdc0f2, 0xe4d7ac93, 0x53b19834, 0xc28b83d5, | ||
359 | 0x31656f76, 0xa03f5b17, 0x0f1946b8 } | ||
360 | }; | ||
361 | |||
362 | static const u8 Tr[4][8] = { | ||
363 | { 0x13, 0x04, 0x15, 0x06, 0x17, 0x08, 0x19, 0x0a } , | ||
364 | { 0x1b, 0x0c, 0x1d, 0x0e, 0x1f, 0x10, 0x01, 0x12 } , | ||
365 | { 0x03, 0x14, 0x05, 0x16, 0x07, 0x18, 0x09, 0x1a } , | ||
366 | { 0x0b, 0x1c, 0x0d, 0x1e, 0x0f, 0x00, 0x11, 0x02 } | ||
367 | }; | ||
368 | |||
369 | /* forward octave */ | ||
370 | static inline void W(u32 *key, unsigned int i) { | ||
371 | u32 I; | ||
372 | key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]); | ||
373 | key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]); | ||
374 | key[4] ^= F3(key[5], Tr[i % 4][2], Tm[i][2]); | ||
375 | key[3] ^= F1(key[4], Tr[i % 4][3], Tm[i][3]); | ||
376 | key[2] ^= F2(key[3], Tr[i % 4][4], Tm[i][4]); | ||
377 | key[1] ^= F3(key[2], Tr[i % 4][5], Tm[i][5]); | ||
378 | key[0] ^= F1(key[1], Tr[i % 4][6], Tm[i][6]); | ||
379 | key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]); | ||
380 | } | ||
381 | |||
382 | static int | ||
383 | cast6_setkey(void *ctx, const u8 * in_key, unsigned key_len, u32 * flags) | ||
384 | { | ||
385 | int i; | ||
386 | u32 key[8]; | ||
387 | u8 p_key[32]; /* padded key */ | ||
388 | struct cast6_ctx *c = (struct cast6_ctx *) ctx; | ||
389 | |||
390 | if (key_len < 16 || key_len > 32 || key_len % 4 != 0) { | ||
391 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
392 | return -EINVAL; | ||
393 | } | ||
394 | |||
395 | memset (p_key, 0, 32); | ||
396 | memcpy (p_key, in_key, key_len); | ||
397 | |||
398 | key[0] = p_key[0] << 24 | p_key[1] << 16 | p_key[2] << 8 | p_key[3]; /* A */ | ||
399 | key[1] = p_key[4] << 24 | p_key[5] << 16 | p_key[6] << 8 | p_key[7]; /* B */ | ||
400 | key[2] = p_key[8] << 24 | p_key[9] << 16 | p_key[10] << 8 | p_key[11]; /* C */ | ||
401 | key[3] = p_key[12] << 24 | p_key[13] << 16 | p_key[14] << 8 | p_key[15]; /* D */ | ||
402 | key[4] = p_key[16] << 24 | p_key[17] << 16 | p_key[18] << 8 | p_key[19]; /* E */ | ||
403 | key[5] = p_key[20] << 24 | p_key[21] << 16 | p_key[22] << 8 | p_key[23]; /* F */ | ||
404 | key[6] = p_key[24] << 24 | p_key[25] << 16 | p_key[26] << 8 | p_key[27]; /* G */ | ||
405 | key[7] = p_key[28] << 24 | p_key[29] << 16 | p_key[30] << 8 | p_key[31]; /* H */ | ||
406 | |||
407 | |||
408 | |||
409 | for (i = 0; i < 12; i++) { | ||
410 | W (key, 2 * i); | ||
411 | W (key, 2 * i + 1); | ||
412 | |||
413 | c->Kr[i][0] = key[0] & 0x1f; | ||
414 | c->Kr[i][1] = key[2] & 0x1f; | ||
415 | c->Kr[i][2] = key[4] & 0x1f; | ||
416 | c->Kr[i][3] = key[6] & 0x1f; | ||
417 | |||
418 | c->Km[i][0] = key[7]; | ||
419 | c->Km[i][1] = key[5]; | ||
420 | c->Km[i][2] = key[3]; | ||
421 | c->Km[i][3] = key[1]; | ||
422 | } | ||
423 | |||
424 | return 0; | ||
425 | } | ||
426 | |||
427 | /*forward quad round*/ | ||
428 | static inline void Q (u32 * block, u8 * Kr, u32 * Km) { | ||
429 | u32 I; | ||
430 | block[2] ^= F1(block[3], Kr[0], Km[0]); | ||
431 | block[1] ^= F2(block[2], Kr[1], Km[1]); | ||
432 | block[0] ^= F3(block[1], Kr[2], Km[2]); | ||
433 | block[3] ^= F1(block[0], Kr[3], Km[3]); | ||
434 | } | ||
435 | |||
436 | /*reverse quad round*/ | ||
437 | static inline void QBAR (u32 * block, u8 * Kr, u32 * Km) { | ||
438 | u32 I; | ||
439 | block[3] ^= F1(block[0], Kr[3], Km[3]); | ||
440 | block[0] ^= F3(block[1], Kr[2], Km[2]); | ||
441 | block[1] ^= F2(block[2], Kr[1], Km[1]); | ||
442 | block[2] ^= F1(block[3], Kr[0], Km[0]); | ||
443 | } | ||
444 | |||
445 | static void cast6_encrypt (void * ctx, u8 * outbuf, const u8 * inbuf) { | ||
446 | struct cast6_ctx * c = (struct cast6_ctx *)ctx; | ||
447 | u32 block[4]; | ||
448 | u32 * Km; | ||
449 | u8 * Kr; | ||
450 | |||
451 | block[0] = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; | ||
452 | block[1] = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; | ||
453 | block[2] = inbuf[8] << 24 | inbuf[9] << 16 | inbuf[10] << 8 | inbuf[11]; | ||
454 | block[3] = inbuf[12] << 24 | inbuf[13] << 16 | inbuf[14] << 8 | inbuf[15]; | ||
455 | |||
456 | Km = c->Km[0]; Kr = c->Kr[0]; Q (block, Kr, Km); | ||
457 | Km = c->Km[1]; Kr = c->Kr[1]; Q (block, Kr, Km); | ||
458 | Km = c->Km[2]; Kr = c->Kr[2]; Q (block, Kr, Km); | ||
459 | Km = c->Km[3]; Kr = c->Kr[3]; Q (block, Kr, Km); | ||
460 | Km = c->Km[4]; Kr = c->Kr[4]; Q (block, Kr, Km); | ||
461 | Km = c->Km[5]; Kr = c->Kr[5]; Q (block, Kr, Km); | ||
462 | Km = c->Km[6]; Kr = c->Kr[6]; QBAR (block, Kr, Km); | ||
463 | Km = c->Km[7]; Kr = c->Kr[7]; QBAR (block, Kr, Km); | ||
464 | Km = c->Km[8]; Kr = c->Kr[8]; QBAR (block, Kr, Km); | ||
465 | Km = c->Km[9]; Kr = c->Kr[9]; QBAR (block, Kr, Km); | ||
466 | Km = c->Km[10]; Kr = c->Kr[10]; QBAR (block, Kr, Km); | ||
467 | Km = c->Km[11]; Kr = c->Kr[11]; QBAR (block, Kr, Km); | ||
468 | |||
469 | outbuf[0] = (block[0] >> 24) & 0xff; | ||
470 | outbuf[1] = (block[0] >> 16) & 0xff; | ||
471 | outbuf[2] = (block[0] >> 8) & 0xff; | ||
472 | outbuf[3] = block[0] & 0xff; | ||
473 | outbuf[4] = (block[1] >> 24) & 0xff; | ||
474 | outbuf[5] = (block[1] >> 16) & 0xff; | ||
475 | outbuf[6] = (block[1] >> 8) & 0xff; | ||
476 | outbuf[7] = block[1] & 0xff; | ||
477 | outbuf[8] = (block[2] >> 24) & 0xff; | ||
478 | outbuf[9] = (block[2] >> 16) & 0xff; | ||
479 | outbuf[10] = (block[2] >> 8) & 0xff; | ||
480 | outbuf[11] = block[2] & 0xff; | ||
481 | outbuf[12] = (block[3] >> 24) & 0xff; | ||
482 | outbuf[13] = (block[3] >> 16) & 0xff; | ||
483 | outbuf[14] = (block[3] >> 8) & 0xff; | ||
484 | outbuf[15] = block[3] & 0xff; | ||
485 | } | ||
486 | |||
487 | static void cast6_decrypt (void * ctx, u8 * outbuf, const u8 * inbuf) { | ||
488 | struct cast6_ctx * c = (struct cast6_ctx *)ctx; | ||
489 | u32 block[4]; | ||
490 | u32 * Km; | ||
491 | u8 * Kr; | ||
492 | |||
493 | block[0] = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; | ||
494 | block[1] = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; | ||
495 | block[2] = inbuf[8] << 24 | inbuf[9] << 16 | inbuf[10] << 8 | inbuf[11]; | ||
496 | block[3] = inbuf[12] << 24 | inbuf[13] << 16 | inbuf[14] << 8 | inbuf[15]; | ||
497 | |||
498 | Km = c->Km[11]; Kr = c->Kr[11]; Q (block, Kr, Km); | ||
499 | Km = c->Km[10]; Kr = c->Kr[10]; Q (block, Kr, Km); | ||
500 | Km = c->Km[9]; Kr = c->Kr[9]; Q (block, Kr, Km); | ||
501 | Km = c->Km[8]; Kr = c->Kr[8]; Q (block, Kr, Km); | ||
502 | Km = c->Km[7]; Kr = c->Kr[7]; Q (block, Kr, Km); | ||
503 | Km = c->Km[6]; Kr = c->Kr[6]; Q (block, Kr, Km); | ||
504 | Km = c->Km[5]; Kr = c->Kr[5]; QBAR (block, Kr, Km); | ||
505 | Km = c->Km[4]; Kr = c->Kr[4]; QBAR (block, Kr, Km); | ||
506 | Km = c->Km[3]; Kr = c->Kr[3]; QBAR (block, Kr, Km); | ||
507 | Km = c->Km[2]; Kr = c->Kr[2]; QBAR (block, Kr, Km); | ||
508 | Km = c->Km[1]; Kr = c->Kr[1]; QBAR (block, Kr, Km); | ||
509 | Km = c->Km[0]; Kr = c->Kr[0]; QBAR (block, Kr, Km); | ||
510 | |||
511 | outbuf[0] = (block[0] >> 24) & 0xff; | ||
512 | outbuf[1] = (block[0] >> 16) & 0xff; | ||
513 | outbuf[2] = (block[0] >> 8) & 0xff; | ||
514 | outbuf[3] = block[0] & 0xff; | ||
515 | outbuf[4] = (block[1] >> 24) & 0xff; | ||
516 | outbuf[5] = (block[1] >> 16) & 0xff; | ||
517 | outbuf[6] = (block[1] >> 8) & 0xff; | ||
518 | outbuf[7] = block[1] & 0xff; | ||
519 | outbuf[8] = (block[2] >> 24) & 0xff; | ||
520 | outbuf[9] = (block[2] >> 16) & 0xff; | ||
521 | outbuf[10] = (block[2] >> 8) & 0xff; | ||
522 | outbuf[11] = block[2] & 0xff; | ||
523 | outbuf[12] = (block[3] >> 24) & 0xff; | ||
524 | outbuf[13] = (block[3] >> 16) & 0xff; | ||
525 | outbuf[14] = (block[3] >> 8) & 0xff; | ||
526 | outbuf[15] = block[3] & 0xff; | ||
527 | } | ||
528 | |||
529 | static struct crypto_alg alg = { | ||
530 | .cra_name = "cast6", | ||
531 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
532 | .cra_blocksize = CAST6_BLOCK_SIZE, | ||
533 | .cra_ctxsize = sizeof(struct cast6_ctx), | ||
534 | .cra_module = THIS_MODULE, | ||
535 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
536 | .cra_u = { | ||
537 | .cipher = { | ||
538 | .cia_min_keysize = CAST6_MIN_KEY_SIZE, | ||
539 | .cia_max_keysize = CAST6_MAX_KEY_SIZE, | ||
540 | .cia_setkey = cast6_setkey, | ||
541 | .cia_encrypt = cast6_encrypt, | ||
542 | .cia_decrypt = cast6_decrypt} | ||
543 | } | ||
544 | }; | ||
545 | |||
546 | static int __init init(void) | ||
547 | { | ||
548 | return crypto_register_alg(&alg); | ||
549 | } | ||
550 | |||
551 | static void __exit fini(void) | ||
552 | { | ||
553 | crypto_unregister_alg(&alg); | ||
554 | } | ||
555 | |||
556 | module_init(init); | ||
557 | module_exit(fini); | ||
558 | |||
559 | MODULE_LICENSE("GPL"); | ||
560 | MODULE_DESCRIPTION("Cast6 Cipher Algorithm"); | ||
diff --git a/crypto/cipher.c b/crypto/cipher.c new file mode 100644 index 000000000000..f434ce7c2d0b --- /dev/null +++ b/crypto/cipher.c | |||
@@ -0,0 +1,341 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Cipher operations. | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/compiler.h> | ||
15 | #include <linux/kernel.h> | ||
16 | #include <linux/crypto.h> | ||
17 | #include <linux/errno.h> | ||
18 | #include <linux/mm.h> | ||
19 | #include <linux/slab.h> | ||
20 | #include <linux/string.h> | ||
21 | #include <asm/scatterlist.h> | ||
22 | #include "internal.h" | ||
23 | #include "scatterwalk.h" | ||
24 | |||
25 | typedef void (cryptfn_t)(void *, u8 *, const u8 *); | ||
26 | typedef void (procfn_t)(struct crypto_tfm *, u8 *, | ||
27 | u8*, cryptfn_t, void *); | ||
28 | |||
29 | static inline void xor_64(u8 *a, const u8 *b) | ||
30 | { | ||
31 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
32 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
33 | } | ||
34 | |||
35 | static inline void xor_128(u8 *a, const u8 *b) | ||
36 | { | ||
37 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
38 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
39 | ((u32 *)a)[2] ^= ((u32 *)b)[2]; | ||
40 | ((u32 *)a)[3] ^= ((u32 *)b)[3]; | ||
41 | } | ||
42 | |||
43 | static inline void *prepare_src(struct scatter_walk *walk, int bsize, | ||
44 | void *tmp, int in_place) | ||
45 | { | ||
46 | void *src = walk->data; | ||
47 | int n = bsize; | ||
48 | |||
49 | if (unlikely(scatterwalk_across_pages(walk, bsize))) { | ||
50 | src = tmp; | ||
51 | n = scatterwalk_copychunks(src, walk, bsize, 0); | ||
52 | } | ||
53 | scatterwalk_advance(walk, n); | ||
54 | return src; | ||
55 | } | ||
56 | |||
57 | static inline void *prepare_dst(struct scatter_walk *walk, int bsize, | ||
58 | void *tmp, int in_place) | ||
59 | { | ||
60 | void *dst = walk->data; | ||
61 | |||
62 | if (unlikely(scatterwalk_across_pages(walk, bsize)) || in_place) | ||
63 | dst = tmp; | ||
64 | return dst; | ||
65 | } | ||
66 | |||
67 | static inline void complete_src(struct scatter_walk *walk, int bsize, | ||
68 | void *src, int in_place) | ||
69 | { | ||
70 | } | ||
71 | |||
72 | static inline void complete_dst(struct scatter_walk *walk, int bsize, | ||
73 | void *dst, int in_place) | ||
74 | { | ||
75 | int n = bsize; | ||
76 | |||
77 | if (unlikely(scatterwalk_across_pages(walk, bsize))) | ||
78 | n = scatterwalk_copychunks(dst, walk, bsize, 1); | ||
79 | else if (in_place) | ||
80 | memcpy(walk->data, dst, bsize); | ||
81 | scatterwalk_advance(walk, n); | ||
82 | } | ||
83 | |||
84 | /* | ||
85 | * Generic encrypt/decrypt wrapper for ciphers, handles operations across | ||
86 | * multiple page boundaries by using temporary blocks. In user context, | ||
87 | * the kernel is given a chance to schedule us once per block. | ||
88 | */ | ||
89 | static int crypt(struct crypto_tfm *tfm, | ||
90 | struct scatterlist *dst, | ||
91 | struct scatterlist *src, | ||
92 | unsigned int nbytes, cryptfn_t crfn, | ||
93 | procfn_t prfn, void *info) | ||
94 | { | ||
95 | struct scatter_walk walk_in, walk_out; | ||
96 | const unsigned int bsize = crypto_tfm_alg_blocksize(tfm); | ||
97 | u8 tmp_src[bsize]; | ||
98 | u8 tmp_dst[bsize]; | ||
99 | |||
100 | if (!nbytes) | ||
101 | return 0; | ||
102 | |||
103 | if (nbytes % bsize) { | ||
104 | tfm->crt_flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN; | ||
105 | return -EINVAL; | ||
106 | } | ||
107 | |||
108 | scatterwalk_start(&walk_in, src); | ||
109 | scatterwalk_start(&walk_out, dst); | ||
110 | |||
111 | for(;;) { | ||
112 | u8 *src_p, *dst_p; | ||
113 | int in_place; | ||
114 | |||
115 | scatterwalk_map(&walk_in, 0); | ||
116 | scatterwalk_map(&walk_out, 1); | ||
117 | |||
118 | in_place = scatterwalk_samebuf(&walk_in, &walk_out); | ||
119 | |||
120 | do { | ||
121 | src_p = prepare_src(&walk_in, bsize, tmp_src, | ||
122 | in_place); | ||
123 | dst_p = prepare_dst(&walk_out, bsize, tmp_dst, | ||
124 | in_place); | ||
125 | |||
126 | prfn(tfm, dst_p, src_p, crfn, info); | ||
127 | |||
128 | complete_src(&walk_in, bsize, src_p, in_place); | ||
129 | complete_dst(&walk_out, bsize, dst_p, in_place); | ||
130 | |||
131 | nbytes -= bsize; | ||
132 | } while (nbytes && | ||
133 | !scatterwalk_across_pages(&walk_in, bsize) && | ||
134 | !scatterwalk_across_pages(&walk_out, bsize)); | ||
135 | |||
136 | scatterwalk_done(&walk_in, 0, nbytes); | ||
137 | scatterwalk_done(&walk_out, 1, nbytes); | ||
138 | |||
139 | if (!nbytes) | ||
140 | return 0; | ||
141 | |||
142 | crypto_yield(tfm); | ||
143 | } | ||
144 | } | ||
145 | |||
146 | static void cbc_process_encrypt(struct crypto_tfm *tfm, u8 *dst, u8 *src, | ||
147 | cryptfn_t fn, void *info) | ||
148 | { | ||
149 | u8 *iv = info; | ||
150 | |||
151 | tfm->crt_u.cipher.cit_xor_block(iv, src); | ||
152 | fn(crypto_tfm_ctx(tfm), dst, iv); | ||
153 | memcpy(iv, dst, crypto_tfm_alg_blocksize(tfm)); | ||
154 | } | ||
155 | |||
156 | static void cbc_process_decrypt(struct crypto_tfm *tfm, u8 *dst, u8 *src, | ||
157 | cryptfn_t fn, void *info) | ||
158 | { | ||
159 | u8 *iv = info; | ||
160 | |||
161 | fn(crypto_tfm_ctx(tfm), dst, src); | ||
162 | tfm->crt_u.cipher.cit_xor_block(dst, iv); | ||
163 | memcpy(iv, src, crypto_tfm_alg_blocksize(tfm)); | ||
164 | } | ||
165 | |||
166 | static void ecb_process(struct crypto_tfm *tfm, u8 *dst, u8 *src, | ||
167 | cryptfn_t fn, void *info) | ||
168 | { | ||
169 | fn(crypto_tfm_ctx(tfm), dst, src); | ||
170 | } | ||
171 | |||
172 | static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) | ||
173 | { | ||
174 | struct cipher_alg *cia = &tfm->__crt_alg->cra_cipher; | ||
175 | |||
176 | if (keylen < cia->cia_min_keysize || keylen > cia->cia_max_keysize) { | ||
177 | tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
178 | return -EINVAL; | ||
179 | } else | ||
180 | return cia->cia_setkey(crypto_tfm_ctx(tfm), key, keylen, | ||
181 | &tfm->crt_flags); | ||
182 | } | ||
183 | |||
184 | static int ecb_encrypt(struct crypto_tfm *tfm, | ||
185 | struct scatterlist *dst, | ||
186 | struct scatterlist *src, unsigned int nbytes) | ||
187 | { | ||
188 | return crypt(tfm, dst, src, nbytes, | ||
189 | tfm->__crt_alg->cra_cipher.cia_encrypt, | ||
190 | ecb_process, NULL); | ||
191 | } | ||
192 | |||
193 | static int ecb_decrypt(struct crypto_tfm *tfm, | ||
194 | struct scatterlist *dst, | ||
195 | struct scatterlist *src, | ||
196 | unsigned int nbytes) | ||
197 | { | ||
198 | return crypt(tfm, dst, src, nbytes, | ||
199 | tfm->__crt_alg->cra_cipher.cia_decrypt, | ||
200 | ecb_process, NULL); | ||
201 | } | ||
202 | |||
203 | static int cbc_encrypt(struct crypto_tfm *tfm, | ||
204 | struct scatterlist *dst, | ||
205 | struct scatterlist *src, | ||
206 | unsigned int nbytes) | ||
207 | { | ||
208 | return crypt(tfm, dst, src, nbytes, | ||
209 | tfm->__crt_alg->cra_cipher.cia_encrypt, | ||
210 | cbc_process_encrypt, tfm->crt_cipher.cit_iv); | ||
211 | } | ||
212 | |||
213 | static int cbc_encrypt_iv(struct crypto_tfm *tfm, | ||
214 | struct scatterlist *dst, | ||
215 | struct scatterlist *src, | ||
216 | unsigned int nbytes, u8 *iv) | ||
217 | { | ||
218 | return crypt(tfm, dst, src, nbytes, | ||
219 | tfm->__crt_alg->cra_cipher.cia_encrypt, | ||
220 | cbc_process_encrypt, iv); | ||
221 | } | ||
222 | |||
223 | static int cbc_decrypt(struct crypto_tfm *tfm, | ||
224 | struct scatterlist *dst, | ||
225 | struct scatterlist *src, | ||
226 | unsigned int nbytes) | ||
227 | { | ||
228 | return crypt(tfm, dst, src, nbytes, | ||
229 | tfm->__crt_alg->cra_cipher.cia_decrypt, | ||
230 | cbc_process_decrypt, tfm->crt_cipher.cit_iv); | ||
231 | } | ||
232 | |||
233 | static int cbc_decrypt_iv(struct crypto_tfm *tfm, | ||
234 | struct scatterlist *dst, | ||
235 | struct scatterlist *src, | ||
236 | unsigned int nbytes, u8 *iv) | ||
237 | { | ||
238 | return crypt(tfm, dst, src, nbytes, | ||
239 | tfm->__crt_alg->cra_cipher.cia_decrypt, | ||
240 | cbc_process_decrypt, iv); | ||
241 | } | ||
242 | |||
243 | static int nocrypt(struct crypto_tfm *tfm, | ||
244 | struct scatterlist *dst, | ||
245 | struct scatterlist *src, | ||
246 | unsigned int nbytes) | ||
247 | { | ||
248 | return -ENOSYS; | ||
249 | } | ||
250 | |||
251 | static int nocrypt_iv(struct crypto_tfm *tfm, | ||
252 | struct scatterlist *dst, | ||
253 | struct scatterlist *src, | ||
254 | unsigned int nbytes, u8 *iv) | ||
255 | { | ||
256 | return -ENOSYS; | ||
257 | } | ||
258 | |||
259 | int crypto_init_cipher_flags(struct crypto_tfm *tfm, u32 flags) | ||
260 | { | ||
261 | u32 mode = flags & CRYPTO_TFM_MODE_MASK; | ||
262 | |||
263 | tfm->crt_cipher.cit_mode = mode ? mode : CRYPTO_TFM_MODE_ECB; | ||
264 | if (flags & CRYPTO_TFM_REQ_WEAK_KEY) | ||
265 | tfm->crt_flags = CRYPTO_TFM_REQ_WEAK_KEY; | ||
266 | |||
267 | return 0; | ||
268 | } | ||
269 | |||
270 | int crypto_init_cipher_ops(struct crypto_tfm *tfm) | ||
271 | { | ||
272 | int ret = 0; | ||
273 | struct cipher_tfm *ops = &tfm->crt_cipher; | ||
274 | |||
275 | ops->cit_setkey = setkey; | ||
276 | |||
277 | switch (tfm->crt_cipher.cit_mode) { | ||
278 | case CRYPTO_TFM_MODE_ECB: | ||
279 | ops->cit_encrypt = ecb_encrypt; | ||
280 | ops->cit_decrypt = ecb_decrypt; | ||
281 | break; | ||
282 | |||
283 | case CRYPTO_TFM_MODE_CBC: | ||
284 | ops->cit_encrypt = cbc_encrypt; | ||
285 | ops->cit_decrypt = cbc_decrypt; | ||
286 | ops->cit_encrypt_iv = cbc_encrypt_iv; | ||
287 | ops->cit_decrypt_iv = cbc_decrypt_iv; | ||
288 | break; | ||
289 | |||
290 | case CRYPTO_TFM_MODE_CFB: | ||
291 | ops->cit_encrypt = nocrypt; | ||
292 | ops->cit_decrypt = nocrypt; | ||
293 | ops->cit_encrypt_iv = nocrypt_iv; | ||
294 | ops->cit_decrypt_iv = nocrypt_iv; | ||
295 | break; | ||
296 | |||
297 | case CRYPTO_TFM_MODE_CTR: | ||
298 | ops->cit_encrypt = nocrypt; | ||
299 | ops->cit_decrypt = nocrypt; | ||
300 | ops->cit_encrypt_iv = nocrypt_iv; | ||
301 | ops->cit_decrypt_iv = nocrypt_iv; | ||
302 | break; | ||
303 | |||
304 | default: | ||
305 | BUG(); | ||
306 | } | ||
307 | |||
308 | if (ops->cit_mode == CRYPTO_TFM_MODE_CBC) { | ||
309 | |||
310 | switch (crypto_tfm_alg_blocksize(tfm)) { | ||
311 | case 8: | ||
312 | ops->cit_xor_block = xor_64; | ||
313 | break; | ||
314 | |||
315 | case 16: | ||
316 | ops->cit_xor_block = xor_128; | ||
317 | break; | ||
318 | |||
319 | default: | ||
320 | printk(KERN_WARNING "%s: block size %u not supported\n", | ||
321 | crypto_tfm_alg_name(tfm), | ||
322 | crypto_tfm_alg_blocksize(tfm)); | ||
323 | ret = -EINVAL; | ||
324 | goto out; | ||
325 | } | ||
326 | |||
327 | ops->cit_ivsize = crypto_tfm_alg_blocksize(tfm); | ||
328 | ops->cit_iv = kmalloc(ops->cit_ivsize, GFP_KERNEL); | ||
329 | if (ops->cit_iv == NULL) | ||
330 | ret = -ENOMEM; | ||
331 | } | ||
332 | |||
333 | out: | ||
334 | return ret; | ||
335 | } | ||
336 | |||
337 | void crypto_exit_cipher_ops(struct crypto_tfm *tfm) | ||
338 | { | ||
339 | if (tfm->crt_cipher.cit_iv) | ||
340 | kfree(tfm->crt_cipher.cit_iv); | ||
341 | } | ||
diff --git a/crypto/compress.c b/crypto/compress.c new file mode 100644 index 000000000000..eb36d9364da3 --- /dev/null +++ b/crypto/compress.c | |||
@@ -0,0 +1,63 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Compression operations. | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/types.h> | ||
15 | #include <linux/crypto.h> | ||
16 | #include <linux/errno.h> | ||
17 | #include <asm/scatterlist.h> | ||
18 | #include <linux/string.h> | ||
19 | #include "internal.h" | ||
20 | |||
21 | static int crypto_compress(struct crypto_tfm *tfm, | ||
22 | const u8 *src, unsigned int slen, | ||
23 | u8 *dst, unsigned int *dlen) | ||
24 | { | ||
25 | return tfm->__crt_alg->cra_compress.coa_compress(crypto_tfm_ctx(tfm), | ||
26 | src, slen, dst, | ||
27 | dlen); | ||
28 | } | ||
29 | |||
30 | static int crypto_decompress(struct crypto_tfm *tfm, | ||
31 | const u8 *src, unsigned int slen, | ||
32 | u8 *dst, unsigned int *dlen) | ||
33 | { | ||
34 | return tfm->__crt_alg->cra_compress.coa_decompress(crypto_tfm_ctx(tfm), | ||
35 | src, slen, dst, | ||
36 | dlen); | ||
37 | } | ||
38 | |||
39 | int crypto_init_compress_flags(struct crypto_tfm *tfm, u32 flags) | ||
40 | { | ||
41 | return flags ? -EINVAL : 0; | ||
42 | } | ||
43 | |||
44 | int crypto_init_compress_ops(struct crypto_tfm *tfm) | ||
45 | { | ||
46 | int ret = 0; | ||
47 | struct compress_tfm *ops = &tfm->crt_compress; | ||
48 | |||
49 | ret = tfm->__crt_alg->cra_compress.coa_init(crypto_tfm_ctx(tfm)); | ||
50 | if (ret) | ||
51 | goto out; | ||
52 | |||
53 | ops->cot_compress = crypto_compress; | ||
54 | ops->cot_decompress = crypto_decompress; | ||
55 | |||
56 | out: | ||
57 | return ret; | ||
58 | } | ||
59 | |||
60 | void crypto_exit_compress_ops(struct crypto_tfm *tfm) | ||
61 | { | ||
62 | tfm->__crt_alg->cra_compress.coa_exit(crypto_tfm_ctx(tfm)); | ||
63 | } | ||
diff --git a/crypto/crc32c.c b/crypto/crc32c.c new file mode 100644 index 000000000000..256956cd9377 --- /dev/null +++ b/crypto/crc32c.c | |||
@@ -0,0 +1,110 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * CRC32C chksum | ||
5 | * | ||
6 | * This module file is a wrapper to invoke the lib/crc32c routines. | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/init.h> | ||
15 | #include <linux/module.h> | ||
16 | #include <linux/string.h> | ||
17 | #include <linux/crypto.h> | ||
18 | #include <linux/crc32c.h> | ||
19 | #include <asm/byteorder.h> | ||
20 | |||
21 | #define CHKSUM_BLOCK_SIZE 32 | ||
22 | #define CHKSUM_DIGEST_SIZE 4 | ||
23 | |||
24 | struct chksum_ctx { | ||
25 | u32 crc; | ||
26 | }; | ||
27 | |||
28 | /* | ||
29 | * Steps through buffer one byte at at time, calculates reflected | ||
30 | * crc using table. | ||
31 | */ | ||
32 | |||
33 | static void chksum_init(void *ctx) | ||
34 | { | ||
35 | struct chksum_ctx *mctx = ctx; | ||
36 | |||
37 | mctx->crc = ~(u32)0; /* common usage */ | ||
38 | } | ||
39 | |||
40 | /* | ||
41 | * Setting the seed allows arbitrary accumulators and flexible XOR policy | ||
42 | * If your algorithm starts with ~0, then XOR with ~0 before you set | ||
43 | * the seed. | ||
44 | */ | ||
45 | static int chksum_setkey(void *ctx, const u8 *key, unsigned int keylen, | ||
46 | u32 *flags) | ||
47 | { | ||
48 | struct chksum_ctx *mctx = ctx; | ||
49 | |||
50 | if (keylen != sizeof(mctx->crc)) { | ||
51 | if (flags) | ||
52 | *flags = CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
53 | return -EINVAL; | ||
54 | } | ||
55 | mctx->crc = __cpu_to_le32(*(u32 *)key); | ||
56 | return 0; | ||
57 | } | ||
58 | |||
59 | static void chksum_update(void *ctx, const u8 *data, unsigned int length) | ||
60 | { | ||
61 | struct chksum_ctx *mctx = ctx; | ||
62 | u32 mcrc; | ||
63 | |||
64 | mcrc = crc32c(mctx->crc, data, (size_t)length); | ||
65 | |||
66 | mctx->crc = mcrc; | ||
67 | } | ||
68 | |||
69 | static void chksum_final(void *ctx, u8 *out) | ||
70 | { | ||
71 | struct chksum_ctx *mctx = ctx; | ||
72 | u32 mcrc = (mctx->crc ^ ~(u32)0); | ||
73 | |||
74 | *(u32 *)out = __le32_to_cpu(mcrc); | ||
75 | } | ||
76 | |||
77 | static struct crypto_alg alg = { | ||
78 | .cra_name = "crc32c", | ||
79 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
80 | .cra_blocksize = CHKSUM_BLOCK_SIZE, | ||
81 | .cra_ctxsize = sizeof(struct chksum_ctx), | ||
82 | .cra_module = THIS_MODULE, | ||
83 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
84 | .cra_u = { | ||
85 | .digest = { | ||
86 | .dia_digestsize= CHKSUM_DIGEST_SIZE, | ||
87 | .dia_setkey = chksum_setkey, | ||
88 | .dia_init = chksum_init, | ||
89 | .dia_update = chksum_update, | ||
90 | .dia_final = chksum_final | ||
91 | } | ||
92 | } | ||
93 | }; | ||
94 | |||
95 | static int __init init(void) | ||
96 | { | ||
97 | return crypto_register_alg(&alg); | ||
98 | } | ||
99 | |||
100 | static void __exit fini(void) | ||
101 | { | ||
102 | crypto_unregister_alg(&alg); | ||
103 | } | ||
104 | |||
105 | module_init(init); | ||
106 | module_exit(fini); | ||
107 | |||
108 | MODULE_AUTHOR("Clay Haapala <chaapala@cisco.com>"); | ||
109 | MODULE_DESCRIPTION("CRC32c (Castagnoli) calculations wrapper for lib/crc32c"); | ||
110 | MODULE_LICENSE("GPL"); | ||
diff --git a/crypto/crypto_null.c b/crypto/crypto_null.c new file mode 100644 index 000000000000..f691d31fa9ee --- /dev/null +++ b/crypto/crypto_null.c | |||
@@ -0,0 +1,137 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Null algorithms, aka Much Ado About Nothing. | ||
5 | * | ||
6 | * These are needed for IPsec, and may be useful in general for | ||
7 | * testing & debugging. | ||
8 | * | ||
9 | * The null cipher is compliant with RFC2410. | ||
10 | * | ||
11 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
12 | * | ||
13 | * This program is free software; you can redistribute it and/or modify | ||
14 | * it under the terms of the GNU General Public License as published by | ||
15 | * the Free Software Foundation; either version 2 of the License, or | ||
16 | * (at your option) any later version. | ||
17 | * | ||
18 | */ | ||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/mm.h> | ||
22 | #include <asm/scatterlist.h> | ||
23 | #include <linux/crypto.h> | ||
24 | |||
25 | #define NULL_KEY_SIZE 0 | ||
26 | #define NULL_BLOCK_SIZE 1 | ||
27 | #define NULL_DIGEST_SIZE 0 | ||
28 | |||
29 | static int null_compress(void *ctx, const u8 *src, unsigned int slen, | ||
30 | u8 *dst, unsigned int *dlen) | ||
31 | { return 0; } | ||
32 | |||
33 | static int null_decompress(void *ctx, const u8 *src, unsigned int slen, | ||
34 | u8 *dst, unsigned int *dlen) | ||
35 | { return 0; } | ||
36 | |||
37 | static void null_init(void *ctx) | ||
38 | { } | ||
39 | |||
40 | static void null_update(void *ctx, const u8 *data, unsigned int len) | ||
41 | { } | ||
42 | |||
43 | static void null_final(void *ctx, u8 *out) | ||
44 | { } | ||
45 | |||
46 | static int null_setkey(void *ctx, const u8 *key, | ||
47 | unsigned int keylen, u32 *flags) | ||
48 | { return 0; } | ||
49 | |||
50 | static void null_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
51 | { } | ||
52 | |||
53 | static void null_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
54 | { } | ||
55 | |||
56 | static struct crypto_alg compress_null = { | ||
57 | .cra_name = "compress_null", | ||
58 | .cra_flags = CRYPTO_ALG_TYPE_COMPRESS, | ||
59 | .cra_blocksize = NULL_BLOCK_SIZE, | ||
60 | .cra_ctxsize = 0, | ||
61 | .cra_module = THIS_MODULE, | ||
62 | .cra_list = LIST_HEAD_INIT(compress_null.cra_list), | ||
63 | .cra_u = { .compress = { | ||
64 | .coa_compress = null_compress, | ||
65 | .coa_decompress = null_decompress } } | ||
66 | }; | ||
67 | |||
68 | static struct crypto_alg digest_null = { | ||
69 | .cra_name = "digest_null", | ||
70 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
71 | .cra_blocksize = NULL_BLOCK_SIZE, | ||
72 | .cra_ctxsize = 0, | ||
73 | .cra_module = THIS_MODULE, | ||
74 | .cra_list = LIST_HEAD_INIT(digest_null.cra_list), | ||
75 | .cra_u = { .digest = { | ||
76 | .dia_digestsize = NULL_DIGEST_SIZE, | ||
77 | .dia_init = null_init, | ||
78 | .dia_update = null_update, | ||
79 | .dia_final = null_final } } | ||
80 | }; | ||
81 | |||
82 | static struct crypto_alg cipher_null = { | ||
83 | .cra_name = "cipher_null", | ||
84 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
85 | .cra_blocksize = NULL_BLOCK_SIZE, | ||
86 | .cra_ctxsize = 0, | ||
87 | .cra_module = THIS_MODULE, | ||
88 | .cra_list = LIST_HEAD_INIT(cipher_null.cra_list), | ||
89 | .cra_u = { .cipher = { | ||
90 | .cia_min_keysize = NULL_KEY_SIZE, | ||
91 | .cia_max_keysize = NULL_KEY_SIZE, | ||
92 | .cia_setkey = null_setkey, | ||
93 | .cia_encrypt = null_encrypt, | ||
94 | .cia_decrypt = null_decrypt } } | ||
95 | }; | ||
96 | |||
97 | MODULE_ALIAS("compress_null"); | ||
98 | MODULE_ALIAS("digest_null"); | ||
99 | MODULE_ALIAS("cipher_null"); | ||
100 | |||
101 | static int __init init(void) | ||
102 | { | ||
103 | int ret = 0; | ||
104 | |||
105 | ret = crypto_register_alg(&cipher_null); | ||
106 | if (ret < 0) | ||
107 | goto out; | ||
108 | |||
109 | ret = crypto_register_alg(&digest_null); | ||
110 | if (ret < 0) { | ||
111 | crypto_unregister_alg(&cipher_null); | ||
112 | goto out; | ||
113 | } | ||
114 | |||
115 | ret = crypto_register_alg(&compress_null); | ||
116 | if (ret < 0) { | ||
117 | crypto_unregister_alg(&digest_null); | ||
118 | crypto_unregister_alg(&cipher_null); | ||
119 | goto out; | ||
120 | } | ||
121 | |||
122 | out: | ||
123 | return ret; | ||
124 | } | ||
125 | |||
126 | static void __exit fini(void) | ||
127 | { | ||
128 | crypto_unregister_alg(&compress_null); | ||
129 | crypto_unregister_alg(&digest_null); | ||
130 | crypto_unregister_alg(&cipher_null); | ||
131 | } | ||
132 | |||
133 | module_init(init); | ||
134 | module_exit(fini); | ||
135 | |||
136 | MODULE_LICENSE("GPL"); | ||
137 | MODULE_DESCRIPTION("Null Cryptographic Algorithms"); | ||
diff --git a/crypto/deflate.c b/crypto/deflate.c new file mode 100644 index 000000000000..77d7655d316a --- /dev/null +++ b/crypto/deflate.c | |||
@@ -0,0 +1,223 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Deflate algorithm (RFC 1951), implemented here primarily for use | ||
5 | * by IPCOMP (RFC 3173 & RFC 2394). | ||
6 | * | ||
7 | * Copyright (c) 2003 James Morris <jmorris@intercode.com.au> | ||
8 | * | ||
9 | * This program is free software; you can redistribute it and/or modify it | ||
10 | * under the terms of the GNU General Public License as published by the Free | ||
11 | * Software Foundation; either version 2 of the License, or (at your option) | ||
12 | * any later version. | ||
13 | * | ||
14 | * FIXME: deflate transforms will require up to a total of about 436k of kernel | ||
15 | * memory on i386 (390k for compression, the rest for decompression), as the | ||
16 | * current zlib kernel code uses a worst case pre-allocation system by default. | ||
17 | * This needs to be fixed so that the amount of memory required is properly | ||
18 | * related to the winbits and memlevel parameters. | ||
19 | * | ||
20 | * The default winbits of 11 should suit most packets, and it may be something | ||
21 | * to configure on a per-tfm basis in the future. | ||
22 | * | ||
23 | * Currently, compression history is not maintained between tfm calls, as | ||
24 | * it is not needed for IPCOMP and keeps the code simpler. It can be | ||
25 | * implemented if someone wants it. | ||
26 | */ | ||
27 | #include <linux/init.h> | ||
28 | #include <linux/module.h> | ||
29 | #include <linux/crypto.h> | ||
30 | #include <linux/zlib.h> | ||
31 | #include <linux/vmalloc.h> | ||
32 | #include <linux/interrupt.h> | ||
33 | #include <linux/mm.h> | ||
34 | #include <linux/net.h> | ||
35 | #include <linux/slab.h> | ||
36 | |||
37 | #define DEFLATE_DEF_LEVEL Z_DEFAULT_COMPRESSION | ||
38 | #define DEFLATE_DEF_WINBITS 11 | ||
39 | #define DEFLATE_DEF_MEMLEVEL MAX_MEM_LEVEL | ||
40 | |||
41 | struct deflate_ctx { | ||
42 | struct z_stream_s comp_stream; | ||
43 | struct z_stream_s decomp_stream; | ||
44 | }; | ||
45 | |||
46 | static int deflate_comp_init(struct deflate_ctx *ctx) | ||
47 | { | ||
48 | int ret = 0; | ||
49 | struct z_stream_s *stream = &ctx->comp_stream; | ||
50 | |||
51 | stream->workspace = vmalloc(zlib_deflate_workspacesize()); | ||
52 | if (!stream->workspace ) { | ||
53 | ret = -ENOMEM; | ||
54 | goto out; | ||
55 | } | ||
56 | memset(stream->workspace, 0, zlib_deflate_workspacesize()); | ||
57 | ret = zlib_deflateInit2(stream, DEFLATE_DEF_LEVEL, Z_DEFLATED, | ||
58 | -DEFLATE_DEF_WINBITS, DEFLATE_DEF_MEMLEVEL, | ||
59 | Z_DEFAULT_STRATEGY); | ||
60 | if (ret != Z_OK) { | ||
61 | ret = -EINVAL; | ||
62 | goto out_free; | ||
63 | } | ||
64 | out: | ||
65 | return ret; | ||
66 | out_free: | ||
67 | vfree(stream->workspace); | ||
68 | goto out; | ||
69 | } | ||
70 | |||
71 | static int deflate_decomp_init(struct deflate_ctx *ctx) | ||
72 | { | ||
73 | int ret = 0; | ||
74 | struct z_stream_s *stream = &ctx->decomp_stream; | ||
75 | |||
76 | stream->workspace = kmalloc(zlib_inflate_workspacesize(), GFP_KERNEL); | ||
77 | if (!stream->workspace ) { | ||
78 | ret = -ENOMEM; | ||
79 | goto out; | ||
80 | } | ||
81 | memset(stream->workspace, 0, zlib_inflate_workspacesize()); | ||
82 | ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS); | ||
83 | if (ret != Z_OK) { | ||
84 | ret = -EINVAL; | ||
85 | goto out_free; | ||
86 | } | ||
87 | out: | ||
88 | return ret; | ||
89 | out_free: | ||
90 | kfree(stream->workspace); | ||
91 | goto out; | ||
92 | } | ||
93 | |||
94 | static void deflate_comp_exit(struct deflate_ctx *ctx) | ||
95 | { | ||
96 | vfree(ctx->comp_stream.workspace); | ||
97 | } | ||
98 | |||
99 | static void deflate_decomp_exit(struct deflate_ctx *ctx) | ||
100 | { | ||
101 | kfree(ctx->decomp_stream.workspace); | ||
102 | } | ||
103 | |||
104 | static int deflate_init(void *ctx) | ||
105 | { | ||
106 | int ret; | ||
107 | |||
108 | ret = deflate_comp_init(ctx); | ||
109 | if (ret) | ||
110 | goto out; | ||
111 | ret = deflate_decomp_init(ctx); | ||
112 | if (ret) | ||
113 | deflate_comp_exit(ctx); | ||
114 | out: | ||
115 | return ret; | ||
116 | } | ||
117 | |||
118 | static void deflate_exit(void *ctx) | ||
119 | { | ||
120 | deflate_comp_exit(ctx); | ||
121 | deflate_decomp_exit(ctx); | ||
122 | } | ||
123 | |||
124 | static int deflate_compress(void *ctx, const u8 *src, unsigned int slen, | ||
125 | u8 *dst, unsigned int *dlen) | ||
126 | { | ||
127 | int ret = 0; | ||
128 | struct deflate_ctx *dctx = ctx; | ||
129 | struct z_stream_s *stream = &dctx->comp_stream; | ||
130 | |||
131 | ret = zlib_deflateReset(stream); | ||
132 | if (ret != Z_OK) { | ||
133 | ret = -EINVAL; | ||
134 | goto out; | ||
135 | } | ||
136 | |||
137 | stream->next_in = (u8 *)src; | ||
138 | stream->avail_in = slen; | ||
139 | stream->next_out = (u8 *)dst; | ||
140 | stream->avail_out = *dlen; | ||
141 | |||
142 | ret = zlib_deflate(stream, Z_FINISH); | ||
143 | if (ret != Z_STREAM_END) { | ||
144 | ret = -EINVAL; | ||
145 | goto out; | ||
146 | } | ||
147 | ret = 0; | ||
148 | *dlen = stream->total_out; | ||
149 | out: | ||
150 | return ret; | ||
151 | } | ||
152 | |||
153 | static int deflate_decompress(void *ctx, const u8 *src, unsigned int slen, | ||
154 | u8 *dst, unsigned int *dlen) | ||
155 | { | ||
156 | |||
157 | int ret = 0; | ||
158 | struct deflate_ctx *dctx = ctx; | ||
159 | struct z_stream_s *stream = &dctx->decomp_stream; | ||
160 | |||
161 | ret = zlib_inflateReset(stream); | ||
162 | if (ret != Z_OK) { | ||
163 | ret = -EINVAL; | ||
164 | goto out; | ||
165 | } | ||
166 | |||
167 | stream->next_in = (u8 *)src; | ||
168 | stream->avail_in = slen; | ||
169 | stream->next_out = (u8 *)dst; | ||
170 | stream->avail_out = *dlen; | ||
171 | |||
172 | ret = zlib_inflate(stream, Z_SYNC_FLUSH); | ||
173 | /* | ||
174 | * Work around a bug in zlib, which sometimes wants to taste an extra | ||
175 | * byte when being used in the (undocumented) raw deflate mode. | ||
176 | * (From USAGI). | ||
177 | */ | ||
178 | if (ret == Z_OK && !stream->avail_in && stream->avail_out) { | ||
179 | u8 zerostuff = 0; | ||
180 | stream->next_in = &zerostuff; | ||
181 | stream->avail_in = 1; | ||
182 | ret = zlib_inflate(stream, Z_FINISH); | ||
183 | } | ||
184 | if (ret != Z_STREAM_END) { | ||
185 | ret = -EINVAL; | ||
186 | goto out; | ||
187 | } | ||
188 | ret = 0; | ||
189 | *dlen = stream->total_out; | ||
190 | out: | ||
191 | return ret; | ||
192 | } | ||
193 | |||
194 | static struct crypto_alg alg = { | ||
195 | .cra_name = "deflate", | ||
196 | .cra_flags = CRYPTO_ALG_TYPE_COMPRESS, | ||
197 | .cra_ctxsize = sizeof(struct deflate_ctx), | ||
198 | .cra_module = THIS_MODULE, | ||
199 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
200 | .cra_u = { .compress = { | ||
201 | .coa_init = deflate_init, | ||
202 | .coa_exit = deflate_exit, | ||
203 | .coa_compress = deflate_compress, | ||
204 | .coa_decompress = deflate_decompress } } | ||
205 | }; | ||
206 | |||
207 | static int __init init(void) | ||
208 | { | ||
209 | return crypto_register_alg(&alg); | ||
210 | } | ||
211 | |||
212 | static void __exit fini(void) | ||
213 | { | ||
214 | crypto_unregister_alg(&alg); | ||
215 | } | ||
216 | |||
217 | module_init(init); | ||
218 | module_exit(fini); | ||
219 | |||
220 | MODULE_LICENSE("GPL"); | ||
221 | MODULE_DESCRIPTION("Deflate Compression Algorithm for IPCOMP"); | ||
222 | MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); | ||
223 | |||
diff --git a/crypto/des.c b/crypto/des.c new file mode 100644 index 000000000000..1c7e6de9356c --- /dev/null +++ b/crypto/des.c | |||
@@ -0,0 +1,1299 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * DES & Triple DES EDE Cipher Algorithms. | ||
5 | * | ||
6 | * Originally released as descore by Dana L. How <how@isl.stanford.edu>. | ||
7 | * Modified by Raimar Falke <rf13@inf.tu-dresden.de> for the Linux-Kernel. | ||
8 | * Derived from Cryptoapi and Nettle implementations, adapted for in-place | ||
9 | * scatterlist interface. Changed LGPL to GPL per section 3 of the LGPL. | ||
10 | * | ||
11 | * Copyright (c) 1992 Dana L. How. | ||
12 | * Copyright (c) Raimar Falke <rf13@inf.tu-dresden.de> | ||
13 | * Copyright (c) Gisle Sælensminde <gisle@ii.uib.no> | ||
14 | * Copyright (C) 2001 Niels Möller. | ||
15 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
16 | * | ||
17 | * This program is free software; you can redistribute it and/or modify | ||
18 | * it under the terms of the GNU General Public License as published by | ||
19 | * the Free Software Foundation; either version 2 of the License, or | ||
20 | * (at your option) any later version. | ||
21 | * | ||
22 | */ | ||
23 | #include <linux/init.h> | ||
24 | #include <linux/module.h> | ||
25 | #include <linux/mm.h> | ||
26 | #include <linux/errno.h> | ||
27 | #include <asm/scatterlist.h> | ||
28 | #include <linux/crypto.h> | ||
29 | |||
30 | #define DES_KEY_SIZE 8 | ||
31 | #define DES_EXPKEY_WORDS 32 | ||
32 | #define DES_BLOCK_SIZE 8 | ||
33 | |||
34 | #define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE) | ||
35 | #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) | ||
36 | #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE | ||
37 | |||
38 | #define ROR(d,c,o) ((d) = (d) >> (c) | (d) << (o)) | ||
39 | |||
40 | struct des_ctx { | ||
41 | u8 iv[DES_BLOCK_SIZE]; | ||
42 | u32 expkey[DES_EXPKEY_WORDS]; | ||
43 | }; | ||
44 | |||
45 | struct des3_ede_ctx { | ||
46 | u8 iv[DES_BLOCK_SIZE]; | ||
47 | u32 expkey[DES3_EDE_EXPKEY_WORDS]; | ||
48 | }; | ||
49 | |||
50 | static const u32 des_keymap[] = { | ||
51 | 0x02080008, 0x02082000, 0x00002008, 0x00000000, | ||
52 | 0x02002000, 0x00080008, 0x02080000, 0x02082008, | ||
53 | 0x00000008, 0x02000000, 0x00082000, 0x00002008, | ||
54 | 0x00082008, 0x02002008, 0x02000008, 0x02080000, | ||
55 | 0x00002000, 0x00082008, 0x00080008, 0x02002000, | ||
56 | 0x02082008, 0x02000008, 0x00000000, 0x00082000, | ||
57 | 0x02000000, 0x00080000, 0x02002008, 0x02080008, | ||
58 | 0x00080000, 0x00002000, 0x02082000, 0x00000008, | ||
59 | 0x00080000, 0x00002000, 0x02000008, 0x02082008, | ||
60 | 0x00002008, 0x02000000, 0x00000000, 0x00082000, | ||
61 | 0x02080008, 0x02002008, 0x02002000, 0x00080008, | ||
62 | 0x02082000, 0x00000008, 0x00080008, 0x02002000, | ||
63 | 0x02082008, 0x00080000, 0x02080000, 0x02000008, | ||
64 | 0x00082000, 0x00002008, 0x02002008, 0x02080000, | ||
65 | 0x00000008, 0x02082000, 0x00082008, 0x00000000, | ||
66 | 0x02000000, 0x02080008, 0x00002000, 0x00082008, | ||
67 | |||
68 | 0x08000004, 0x00020004, 0x00000000, 0x08020200, | ||
69 | 0x00020004, 0x00000200, 0x08000204, 0x00020000, | ||
70 | 0x00000204, 0x08020204, 0x00020200, 0x08000000, | ||
71 | 0x08000200, 0x08000004, 0x08020000, 0x00020204, | ||
72 | 0x00020000, 0x08000204, 0x08020004, 0x00000000, | ||
73 | 0x00000200, 0x00000004, 0x08020200, 0x08020004, | ||
74 | 0x08020204, 0x08020000, 0x08000000, 0x00000204, | ||
75 | 0x00000004, 0x00020200, 0x00020204, 0x08000200, | ||
76 | 0x00000204, 0x08000000, 0x08000200, 0x00020204, | ||
77 | 0x08020200, 0x00020004, 0x00000000, 0x08000200, | ||
78 | 0x08000000, 0x00000200, 0x08020004, 0x00020000, | ||
79 | 0x00020004, 0x08020204, 0x00020200, 0x00000004, | ||
80 | 0x08020204, 0x00020200, 0x00020000, 0x08000204, | ||
81 | 0x08000004, 0x08020000, 0x00020204, 0x00000000, | ||
82 | 0x00000200, 0x08000004, 0x08000204, 0x08020200, | ||
83 | 0x08020000, 0x00000204, 0x00000004, 0x08020004, | ||
84 | |||
85 | 0x80040100, 0x01000100, 0x80000000, 0x81040100, | ||
86 | 0x00000000, 0x01040000, 0x81000100, 0x80040000, | ||
87 | 0x01040100, 0x81000000, 0x01000000, 0x80000100, | ||
88 | 0x81000000, 0x80040100, 0x00040000, 0x01000000, | ||
89 | 0x81040000, 0x00040100, 0x00000100, 0x80000000, | ||
90 | 0x00040100, 0x81000100, 0x01040000, 0x00000100, | ||
91 | 0x80000100, 0x00000000, 0x80040000, 0x01040100, | ||
92 | 0x01000100, 0x81040000, 0x81040100, 0x00040000, | ||
93 | 0x81040000, 0x80000100, 0x00040000, 0x81000000, | ||
94 | 0x00040100, 0x01000100, 0x80000000, 0x01040000, | ||
95 | 0x81000100, 0x00000000, 0x00000100, 0x80040000, | ||
96 | 0x00000000, 0x81040000, 0x01040100, 0x00000100, | ||
97 | 0x01000000, 0x81040100, 0x80040100, 0x00040000, | ||
98 | 0x81040100, 0x80000000, 0x01000100, 0x80040100, | ||
99 | 0x80040000, 0x00040100, 0x01040000, 0x81000100, | ||
100 | 0x80000100, 0x01000000, 0x81000000, 0x01040100, | ||
101 | |||
102 | 0x04010801, 0x00000000, 0x00010800, 0x04010000, | ||
103 | 0x04000001, 0x00000801, 0x04000800, 0x00010800, | ||
104 | 0x00000800, 0x04010001, 0x00000001, 0x04000800, | ||
105 | 0x00010001, 0x04010800, 0x04010000, 0x00000001, | ||
106 | 0x00010000, 0x04000801, 0x04010001, 0x00000800, | ||
107 | 0x00010801, 0x04000000, 0x00000000, 0x00010001, | ||
108 | 0x04000801, 0x00010801, 0x04010800, 0x04000001, | ||
109 | 0x04000000, 0x00010000, 0x00000801, 0x04010801, | ||
110 | 0x00010001, 0x04010800, 0x04000800, 0x00010801, | ||
111 | 0x04010801, 0x00010001, 0x04000001, 0x00000000, | ||
112 | 0x04000000, 0x00000801, 0x00010000, 0x04010001, | ||
113 | 0x00000800, 0x04000000, 0x00010801, 0x04000801, | ||
114 | 0x04010800, 0x00000800, 0x00000000, 0x04000001, | ||
115 | 0x00000001, 0x04010801, 0x00010800, 0x04010000, | ||
116 | 0x04010001, 0x00010000, 0x00000801, 0x04000800, | ||
117 | 0x04000801, 0x00000001, 0x04010000, 0x00010800, | ||
118 | |||
119 | 0x00000400, 0x00000020, 0x00100020, 0x40100000, | ||
120 | 0x40100420, 0x40000400, 0x00000420, 0x00000000, | ||
121 | 0x00100000, 0x40100020, 0x40000020, 0x00100400, | ||
122 | 0x40000000, 0x00100420, 0x00100400, 0x40000020, | ||
123 | 0x40100020, 0x00000400, 0x40000400, 0x40100420, | ||
124 | 0x00000000, 0x00100020, 0x40100000, 0x00000420, | ||
125 | 0x40100400, 0x40000420, 0x00100420, 0x40000000, | ||
126 | 0x40000420, 0x40100400, 0x00000020, 0x00100000, | ||
127 | 0x40000420, 0x00100400, 0x40100400, 0x40000020, | ||
128 | 0x00000400, 0x00000020, 0x00100000, 0x40100400, | ||
129 | 0x40100020, 0x40000420, 0x00000420, 0x00000000, | ||
130 | 0x00000020, 0x40100000, 0x40000000, 0x00100020, | ||
131 | 0x00000000, 0x40100020, 0x00100020, 0x00000420, | ||
132 | 0x40000020, 0x00000400, 0x40100420, 0x00100000, | ||
133 | 0x00100420, 0x40000000, 0x40000400, 0x40100420, | ||
134 | 0x40100000, 0x00100420, 0x00100400, 0x40000400, | ||
135 | |||
136 | 0x00800000, 0x00001000, 0x00000040, 0x00801042, | ||
137 | 0x00801002, 0x00800040, 0x00001042, 0x00801000, | ||
138 | 0x00001000, 0x00000002, 0x00800002, 0x00001040, | ||
139 | 0x00800042, 0x00801002, 0x00801040, 0x00000000, | ||
140 | 0x00001040, 0x00800000, 0x00001002, 0x00000042, | ||
141 | 0x00800040, 0x00001042, 0x00000000, 0x00800002, | ||
142 | 0x00000002, 0x00800042, 0x00801042, 0x00001002, | ||
143 | 0x00801000, 0x00000040, 0x00000042, 0x00801040, | ||
144 | 0x00801040, 0x00800042, 0x00001002, 0x00801000, | ||
145 | 0x00001000, 0x00000002, 0x00800002, 0x00800040, | ||
146 | 0x00800000, 0x00001040, 0x00801042, 0x00000000, | ||
147 | 0x00001042, 0x00800000, 0x00000040, 0x00001002, | ||
148 | 0x00800042, 0x00000040, 0x00000000, 0x00801042, | ||
149 | 0x00801002, 0x00801040, 0x00000042, 0x00001000, | ||
150 | 0x00001040, 0x00801002, 0x00800040, 0x00000042, | ||
151 | 0x00000002, 0x00001042, 0x00801000, 0x00800002, | ||
152 | |||
153 | 0x10400000, 0x00404010, 0x00000010, 0x10400010, | ||
154 | 0x10004000, 0x00400000, 0x10400010, 0x00004010, | ||
155 | 0x00400010, 0x00004000, 0x00404000, 0x10000000, | ||
156 | 0x10404010, 0x10000010, 0x10000000, 0x10404000, | ||
157 | 0x00000000, 0x10004000, 0x00404010, 0x00000010, | ||
158 | 0x10000010, 0x10404010, 0x00004000, 0x10400000, | ||
159 | 0x10404000, 0x00400010, 0x10004010, 0x00404000, | ||
160 | 0x00004010, 0x00000000, 0x00400000, 0x10004010, | ||
161 | 0x00404010, 0x00000010, 0x10000000, 0x00004000, | ||
162 | 0x10000010, 0x10004000, 0x00404000, 0x10400010, | ||
163 | 0x00000000, 0x00404010, 0x00004010, 0x10404000, | ||
164 | 0x10004000, 0x00400000, 0x10404010, 0x10000000, | ||
165 | 0x10004010, 0x10400000, 0x00400000, 0x10404010, | ||
166 | 0x00004000, 0x00400010, 0x10400010, 0x00004010, | ||
167 | 0x00400010, 0x00000000, 0x10404000, 0x10000010, | ||
168 | 0x10400000, 0x10004010, 0x00000010, 0x00404000, | ||
169 | |||
170 | 0x00208080, 0x00008000, 0x20200000, 0x20208080, | ||
171 | 0x00200000, 0x20008080, 0x20008000, 0x20200000, | ||
172 | 0x20008080, 0x00208080, 0x00208000, 0x20000080, | ||
173 | 0x20200080, 0x00200000, 0x00000000, 0x20008000, | ||
174 | 0x00008000, 0x20000000, 0x00200080, 0x00008080, | ||
175 | 0x20208080, 0x00208000, 0x20000080, 0x00200080, | ||
176 | 0x20000000, 0x00000080, 0x00008080, 0x20208000, | ||
177 | 0x00000080, 0x20200080, 0x20208000, 0x00000000, | ||
178 | 0x00000000, 0x20208080, 0x00200080, 0x20008000, | ||
179 | 0x00208080, 0x00008000, 0x20000080, 0x00200080, | ||
180 | 0x20208000, 0x00000080, 0x00008080, 0x20200000, | ||
181 | 0x20008080, 0x20000000, 0x20200000, 0x00208000, | ||
182 | 0x20208080, 0x00008080, 0x00208000, 0x20200080, | ||
183 | 0x00200000, 0x20000080, 0x20008000, 0x00000000, | ||
184 | 0x00008000, 0x00200000, 0x20200080, 0x00208080, | ||
185 | 0x20000000, 0x20208000, 0x00000080, 0x20008080, | ||
186 | }; | ||
187 | |||
188 | static const u8 rotors[] = { | ||
189 | 34, 13, 5, 46, 47, 18, 32, 41, 11, 53, 33, 20, | ||
190 | 14, 36, 30, 24, 49, 2, 15, 37, 42, 50, 0, 21, | ||
191 | 38, 48, 6, 26, 39, 4, 52, 25, 12, 27, 31, 40, | ||
192 | 1, 17, 28, 29, 23, 51, 35, 7, 3, 22, 9, 43, | ||
193 | |||
194 | 41, 20, 12, 53, 54, 25, 39, 48, 18, 31, 40, 27, | ||
195 | 21, 43, 37, 0, 1, 9, 22, 44, 49, 2, 7, 28, | ||
196 | 45, 55, 13, 33, 46, 11, 6, 32, 19, 34, 38, 47, | ||
197 | 8, 24, 35, 36, 30, 3, 42, 14, 10, 29, 16, 50, | ||
198 | |||
199 | 55, 34, 26, 38, 11, 39, 53, 5, 32, 45, 54, 41, | ||
200 | 35, 2, 51, 14, 15, 23, 36, 3, 8, 16, 21, 42, | ||
201 | 6, 12, 27, 47, 31, 25, 20, 46, 33, 48, 52, 4, | ||
202 | 22, 7, 49, 50, 44, 17, 1, 28, 24, 43, 30, 9, | ||
203 | |||
204 | 12, 48, 40, 52, 25, 53, 38, 19, 46, 6, 11, 55, | ||
205 | 49, 16, 10, 28, 29, 37, 50, 17, 22, 30, 35, 1, | ||
206 | 20, 26, 41, 4, 45, 39, 34, 31, 47, 5, 13, 18, | ||
207 | 36, 21, 8, 9, 3, 0, 15, 42, 7, 2, 44, 23, | ||
208 | |||
209 | 26, 5, 54, 13, 39, 38, 52, 33, 31, 20, 25, 12, | ||
210 | 8, 30, 24, 42, 43, 51, 9, 0, 36, 44, 49, 15, | ||
211 | 34, 40, 55, 18, 6, 53, 48, 45, 4, 19, 27, 32, | ||
212 | 50, 35, 22, 23, 17, 14, 29, 1, 21, 16, 3, 37, | ||
213 | |||
214 | 40, 19, 11, 27, 53, 52, 13, 47, 45, 34, 39, 26, | ||
215 | 22, 44, 7, 1, 2, 10, 23, 14, 50, 3, 8, 29, | ||
216 | 48, 54, 12, 32, 20, 38, 5, 6, 18, 33, 41, 46, | ||
217 | 9, 49, 36, 37, 0, 28, 43, 15, 35, 30, 17, 51, | ||
218 | |||
219 | 54, 33, 25, 41, 38, 13, 27, 4, 6, 48, 53, 40, | ||
220 | 36, 3, 21, 15, 16, 24, 37, 28, 9, 17, 22, 43, | ||
221 | 5, 11, 26, 46, 34, 52, 19, 20, 32, 47, 55, 31, | ||
222 | 23, 8, 50, 51, 14, 42, 2, 29, 49, 44, 0, 10, | ||
223 | |||
224 | 11, 47, 39, 55, 52, 27, 41, 18, 20, 5, 38, 54, | ||
225 | 50, 17, 35, 29, 30, 7, 51, 42, 23, 0, 36, 2, | ||
226 | 19, 25, 40, 31, 48, 13, 33, 34, 46, 4, 12, 45, | ||
227 | 37, 22, 9, 10, 28, 1, 16, 43, 8, 3, 14, 24, | ||
228 | |||
229 | 18, 54, 46, 5, 6, 34, 48, 25, 27, 12, 45, 4, | ||
230 | 2, 24, 42, 36, 37, 14, 3, 49, 30, 7, 43, 9, | ||
231 | 26, 32, 47, 38, 55, 20, 40, 41, 53, 11, 19, 52, | ||
232 | 44, 29, 16, 17, 35, 8, 23, 50, 15, 10, 21, 0, | ||
233 | |||
234 | 32, 11, 31, 19, 20, 48, 5, 39, 41, 26, 6, 18, | ||
235 | 16, 7, 1, 50, 51, 28, 17, 8, 44, 21, 2, 23, | ||
236 | 40, 46, 4, 52, 12, 34, 54, 55, 38, 25, 33, 13, | ||
237 | 3, 43, 30, 0, 49, 22, 37, 9, 29, 24, 35, 14, | ||
238 | |||
239 | 46, 25, 45, 33, 34, 5, 19, 53, 55, 40, 20, 32, | ||
240 | 30, 21, 15, 9, 10, 42, 0, 22, 3, 35, 16, 37, | ||
241 | 54, 31, 18, 13, 26, 48, 11, 12, 52, 39, 47, 27, | ||
242 | 17, 2, 44, 14, 8, 36, 51, 23, 43, 7, 49, 28, | ||
243 | |||
244 | 31, 39, 6, 47, 48, 19, 33, 38, 12, 54, 34, 46, | ||
245 | 44, 35, 29, 23, 24, 1, 14, 36, 17, 49, 30, 51, | ||
246 | 11, 45, 32, 27, 40, 5, 25, 26, 13, 53, 4, 41, | ||
247 | 0, 16, 3, 28, 22, 50, 10, 37, 2, 21, 8, 42, | ||
248 | |||
249 | 45, 53, 20, 4, 5, 33, 47, 52, 26, 11, 48, 31, | ||
250 | 3, 49, 43, 37, 7, 15, 28, 50, 0, 8, 44, 10, | ||
251 | 25, 6, 46, 41, 54, 19, 39, 40, 27, 38, 18, 55, | ||
252 | 14, 30, 17, 42, 36, 9, 24, 51, 16, 35, 22, 1, | ||
253 | |||
254 | 6, 38, 34, 18, 19, 47, 4, 13, 40, 25, 5, 45, | ||
255 | 17, 8, 2, 51, 21, 29, 42, 9, 14, 22, 3, 24, | ||
256 | 39, 20, 31, 55, 11, 33, 53, 54, 41, 52, 32, 12, | ||
257 | 28, 44, 0, 1, 50, 23, 7, 10, 30, 49, 36, 15, | ||
258 | |||
259 | 20, 52, 48, 32, 33, 4, 18, 27, 54, 39, 19, 6, | ||
260 | 0, 22, 16, 10, 35, 43, 1, 23, 28, 36, 17, 7, | ||
261 | 53, 34, 45, 12, 25, 47, 38, 11, 55, 13, 46, 26, | ||
262 | 42, 3, 14, 15, 9, 37, 21, 24, 44, 8, 50, 29, | ||
263 | |||
264 | 27, 6, 55, 39, 40, 11, 25, 34, 4, 46, 26, 13, | ||
265 | 7, 29, 23, 17, 42, 50, 8, 30, 35, 43, 24, 14, | ||
266 | 31, 41, 52, 19, 32, 54, 45, 18, 5, 20, 53, 33, | ||
267 | 49, 10, 21, 22, 16, 44, 28, 0, 51, 15, 2, 36, | ||
268 | }; | ||
269 | |||
270 | static const u8 parity[] = { | ||
271 | 8,1,0,8,0,8,8,0,0,8,8,0,8,0,2,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,3, | ||
272 | 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8, | ||
273 | 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8, | ||
274 | 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0, | ||
275 | 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8, | ||
276 | 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0, | ||
277 | 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0, | ||
278 | 4,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,5,0,8,0,8,8,0,0,8,8,0,8,0,6,8, | ||
279 | }; | ||
280 | |||
281 | |||
282 | static void des_small_fips_encrypt(u32 *expkey, u8 *dst, const u8 *src) | ||
283 | { | ||
284 | u32 x, y, z; | ||
285 | |||
286 | x = src[7]; | ||
287 | x <<= 8; | ||
288 | x |= src[6]; | ||
289 | x <<= 8; | ||
290 | x |= src[5]; | ||
291 | x <<= 8; | ||
292 | x |= src[4]; | ||
293 | y = src[3]; | ||
294 | y <<= 8; | ||
295 | y |= src[2]; | ||
296 | y <<= 8; | ||
297 | y |= src[1]; | ||
298 | y <<= 8; | ||
299 | y |= src[0]; | ||
300 | z = ((x >> 004) ^ y) & 0x0F0F0F0FL; | ||
301 | x ^= z << 004; | ||
302 | y ^= z; | ||
303 | z = ((y >> 020) ^ x) & 0x0000FFFFL; | ||
304 | y ^= z << 020; | ||
305 | x ^= z; | ||
306 | z = ((x >> 002) ^ y) & 0x33333333L; | ||
307 | x ^= z << 002; | ||
308 | y ^= z; | ||
309 | z = ((y >> 010) ^ x) & 0x00FF00FFL; | ||
310 | y ^= z << 010; | ||
311 | x ^= z; | ||
312 | x = x >> 1 | x << 31; | ||
313 | z = (x ^ y) & 0x55555555L; | ||
314 | y ^= z; | ||
315 | x ^= z; | ||
316 | y = y >> 1 | y << 31; | ||
317 | z = expkey[0]; | ||
318 | z ^= y; | ||
319 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
320 | z >>= 8; | ||
321 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
322 | z >>= 8; | ||
323 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
324 | z >>= 8; | ||
325 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
326 | z = expkey[1]; | ||
327 | z ^= y; | ||
328 | z = z << 4 | z >> 28; | ||
329 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
330 | z >>= 8; | ||
331 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
332 | z >>= 8; | ||
333 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
334 | z >>= 8; | ||
335 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
336 | z = expkey[2]; | ||
337 | z ^= x; | ||
338 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
339 | z >>= 8; | ||
340 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
341 | z >>= 8; | ||
342 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
343 | z >>= 8; | ||
344 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
345 | z = expkey[3]; | ||
346 | z ^= x; | ||
347 | z = z << 4 | z >> 28; | ||
348 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
349 | z >>= 8; | ||
350 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
351 | z >>= 8; | ||
352 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
353 | z >>= 8; | ||
354 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
355 | z = expkey[4]; | ||
356 | z ^= y; | ||
357 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
358 | z >>= 8; | ||
359 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
360 | z >>= 8; | ||
361 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
362 | z >>= 8; | ||
363 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
364 | z = expkey[5]; | ||
365 | z ^= y; | ||
366 | z = z << 4 | z >> 28; | ||
367 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
368 | z >>= 8; | ||
369 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
370 | z >>= 8; | ||
371 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
372 | z >>= 8; | ||
373 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
374 | z = expkey[6]; | ||
375 | z ^= x; | ||
376 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
377 | z >>= 8; | ||
378 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
379 | z >>= 8; | ||
380 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
381 | z >>= 8; | ||
382 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
383 | z = expkey[7]; | ||
384 | z ^= x; | ||
385 | z = z << 4 | z >> 28; | ||
386 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
387 | z >>= 8; | ||
388 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
389 | z >>= 8; | ||
390 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
391 | z >>= 8; | ||
392 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
393 | z = expkey[8]; | ||
394 | z ^= y; | ||
395 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
396 | z >>= 8; | ||
397 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
398 | z >>= 8; | ||
399 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
400 | z >>= 8; | ||
401 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
402 | z = expkey[9]; | ||
403 | z ^= y; | ||
404 | z = z << 4 | z >> 28; | ||
405 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
406 | z >>= 8; | ||
407 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
408 | z >>= 8; | ||
409 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
410 | z >>= 8; | ||
411 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
412 | z = expkey[10]; | ||
413 | z ^= x; | ||
414 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
415 | z >>= 8; | ||
416 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
417 | z >>= 8; | ||
418 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
419 | z >>= 8; | ||
420 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
421 | z = expkey[11]; | ||
422 | z ^= x; | ||
423 | z = z << 4 | z >> 28; | ||
424 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
425 | z >>= 8; | ||
426 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
427 | z >>= 8; | ||
428 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
429 | z >>= 8; | ||
430 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
431 | z = expkey[12]; | ||
432 | z ^= y; | ||
433 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
434 | z >>= 8; | ||
435 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
436 | z >>= 8; | ||
437 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
438 | z >>= 8; | ||
439 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
440 | z = expkey[13]; | ||
441 | z ^= y; | ||
442 | z = z << 4 | z >> 28; | ||
443 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
444 | z >>= 8; | ||
445 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
446 | z >>= 8; | ||
447 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
448 | z >>= 8; | ||
449 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
450 | z = expkey[14]; | ||
451 | z ^= x; | ||
452 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
453 | z >>= 8; | ||
454 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
455 | z >>= 8; | ||
456 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
457 | z >>= 8; | ||
458 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
459 | z = expkey[15]; | ||
460 | z ^= x; | ||
461 | z = z << 4 | z >> 28; | ||
462 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
463 | z >>= 8; | ||
464 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
465 | z >>= 8; | ||
466 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
467 | z >>= 8; | ||
468 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
469 | z = expkey[16]; | ||
470 | z ^= y; | ||
471 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
472 | z >>= 8; | ||
473 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
474 | z >>= 8; | ||
475 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
476 | z >>= 8; | ||
477 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
478 | z = expkey[17]; | ||
479 | z ^= y; | ||
480 | z = z << 4 | z >> 28; | ||
481 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
482 | z >>= 8; | ||
483 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
484 | z >>= 8; | ||
485 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
486 | z >>= 8; | ||
487 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
488 | z = expkey[18]; | ||
489 | z ^= x; | ||
490 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
491 | z >>= 8; | ||
492 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
493 | z >>= 8; | ||
494 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
495 | z >>= 8; | ||
496 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
497 | z = expkey[19]; | ||
498 | z ^= x; | ||
499 | z = z << 4 | z >> 28; | ||
500 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
501 | z >>= 8; | ||
502 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
503 | z >>= 8; | ||
504 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
505 | z >>= 8; | ||
506 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
507 | z = expkey[20]; | ||
508 | z ^= y; | ||
509 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
510 | z >>= 8; | ||
511 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
512 | z >>= 8; | ||
513 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
514 | z >>= 8; | ||
515 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
516 | z = expkey[21]; | ||
517 | z ^= y; | ||
518 | z = z << 4 | z >> 28; | ||
519 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
520 | z >>= 8; | ||
521 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
522 | z >>= 8; | ||
523 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
524 | z >>= 8; | ||
525 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
526 | z = expkey[22]; | ||
527 | z ^= x; | ||
528 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
529 | z >>= 8; | ||
530 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
531 | z >>= 8; | ||
532 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
533 | z >>= 8; | ||
534 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
535 | z = expkey[23]; | ||
536 | z ^= x; | ||
537 | z = z << 4 | z >> 28; | ||
538 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
539 | z >>= 8; | ||
540 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
541 | z >>= 8; | ||
542 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
543 | z >>= 8; | ||
544 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
545 | z = expkey[24]; | ||
546 | z ^= y; | ||
547 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
548 | z >>= 8; | ||
549 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
550 | z >>= 8; | ||
551 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
552 | z >>= 8; | ||
553 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
554 | z = expkey[25]; | ||
555 | z ^= y; | ||
556 | z = z << 4 | z >> 28; | ||
557 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
558 | z >>= 8; | ||
559 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
560 | z >>= 8; | ||
561 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
562 | z >>= 8; | ||
563 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
564 | z = expkey[26]; | ||
565 | z ^= x; | ||
566 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
567 | z >>= 8; | ||
568 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
569 | z >>= 8; | ||
570 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
571 | z >>= 8; | ||
572 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
573 | z = expkey[27]; | ||
574 | z ^= x; | ||
575 | z = z << 4 | z >> 28; | ||
576 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
577 | z >>= 8; | ||
578 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
579 | z >>= 8; | ||
580 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
581 | z >>= 8; | ||
582 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
583 | z = expkey[28]; | ||
584 | z ^= y; | ||
585 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
586 | z >>= 8; | ||
587 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
588 | z >>= 8; | ||
589 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
590 | z >>= 8; | ||
591 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
592 | z = expkey[29]; | ||
593 | z ^= y; | ||
594 | z = z << 4 | z >> 28; | ||
595 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
596 | z >>= 8; | ||
597 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
598 | z >>= 8; | ||
599 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
600 | z >>= 8; | ||
601 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
602 | z = expkey[30]; | ||
603 | z ^= x; | ||
604 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
605 | z >>= 8; | ||
606 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
607 | z >>= 8; | ||
608 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
609 | z >>= 8; | ||
610 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
611 | z = expkey[31]; | ||
612 | z ^= x; | ||
613 | z = z << 4 | z >> 28; | ||
614 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
615 | z >>= 8; | ||
616 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
617 | z >>= 8; | ||
618 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
619 | z >>= 8; | ||
620 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
621 | x = x << 1 | x >> 31; | ||
622 | z = (x ^ y) & 0x55555555L; | ||
623 | y ^= z; | ||
624 | x ^= z; | ||
625 | y = y << 1 | y >> 31; | ||
626 | z = ((x >> 010) ^ y) & 0x00FF00FFL; | ||
627 | x ^= z << 010; | ||
628 | y ^= z; | ||
629 | z = ((y >> 002) ^ x) & 0x33333333L; | ||
630 | y ^= z << 002; | ||
631 | x ^= z; | ||
632 | z = ((x >> 020) ^ y) & 0x0000FFFFL; | ||
633 | x ^= z << 020; | ||
634 | y ^= z; | ||
635 | z = ((y >> 004) ^ x) & 0x0F0F0F0FL; | ||
636 | y ^= z << 004; | ||
637 | x ^= z; | ||
638 | dst[0] = x; | ||
639 | x >>= 8; | ||
640 | dst[1] = x; | ||
641 | x >>= 8; | ||
642 | dst[2] = x; | ||
643 | x >>= 8; | ||
644 | dst[3] = x; | ||
645 | dst[4] = y; | ||
646 | y >>= 8; | ||
647 | dst[5] = y; | ||
648 | y >>= 8; | ||
649 | dst[6] = y; | ||
650 | y >>= 8; | ||
651 | dst[7] = y; | ||
652 | } | ||
653 | |||
654 | static void des_small_fips_decrypt(u32 *expkey, u8 *dst, const u8 *src) | ||
655 | { | ||
656 | u32 x, y, z; | ||
657 | |||
658 | x = src[7]; | ||
659 | x <<= 8; | ||
660 | x |= src[6]; | ||
661 | x <<= 8; | ||
662 | x |= src[5]; | ||
663 | x <<= 8; | ||
664 | x |= src[4]; | ||
665 | y = src[3]; | ||
666 | y <<= 8; | ||
667 | y |= src[2]; | ||
668 | y <<= 8; | ||
669 | y |= src[1]; | ||
670 | y <<= 8; | ||
671 | y |= src[0]; | ||
672 | z = ((x >> 004) ^ y) & 0x0F0F0F0FL; | ||
673 | x ^= z << 004; | ||
674 | y ^= z; | ||
675 | z = ((y >> 020) ^ x) & 0x0000FFFFL; | ||
676 | y ^= z << 020; | ||
677 | x ^= z; | ||
678 | z = ((x >> 002) ^ y) & 0x33333333L; | ||
679 | x ^= z << 002; | ||
680 | y ^= z; | ||
681 | z = ((y >> 010) ^ x) & 0x00FF00FFL; | ||
682 | y ^= z << 010; | ||
683 | x ^= z; | ||
684 | x = x >> 1 | x << 31; | ||
685 | z = (x ^ y) & 0x55555555L; | ||
686 | y ^= z; | ||
687 | x ^= z; | ||
688 | y = y >> 1 | y << 31; | ||
689 | z = expkey[31]; | ||
690 | z ^= y; | ||
691 | z = z << 4 | z >> 28; | ||
692 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
693 | z >>= 8; | ||
694 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
695 | z >>= 8; | ||
696 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
697 | z >>= 8; | ||
698 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
699 | z = expkey[30]; | ||
700 | z ^= y; | ||
701 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
702 | z >>= 8; | ||
703 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
704 | z >>= 8; | ||
705 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
706 | z >>= 8; | ||
707 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
708 | z = expkey[29]; | ||
709 | z ^= x; | ||
710 | z = z << 4 | z >> 28; | ||
711 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
712 | z >>= 8; | ||
713 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
714 | z >>= 8; | ||
715 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
716 | z >>= 8; | ||
717 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
718 | z = expkey[28]; | ||
719 | z ^= x; | ||
720 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
721 | z >>= 8; | ||
722 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
723 | z >>= 8; | ||
724 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
725 | z >>= 8; | ||
726 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
727 | z = expkey[27]; | ||
728 | z ^= y; | ||
729 | z = z << 4 | z >> 28; | ||
730 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
731 | z >>= 8; | ||
732 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
733 | z >>= 8; | ||
734 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
735 | z >>= 8; | ||
736 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
737 | z = expkey[26]; | ||
738 | z ^= y; | ||
739 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
740 | z >>= 8; | ||
741 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
742 | z >>= 8; | ||
743 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
744 | z >>= 8; | ||
745 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
746 | z = expkey[25]; | ||
747 | z ^= x; | ||
748 | z = z << 4 | z >> 28; | ||
749 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
750 | z >>= 8; | ||
751 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
752 | z >>= 8; | ||
753 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
754 | z >>= 8; | ||
755 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
756 | z = expkey[24]; | ||
757 | z ^= x; | ||
758 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
759 | z >>= 8; | ||
760 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
761 | z >>= 8; | ||
762 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
763 | z >>= 8; | ||
764 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
765 | z = expkey[23]; | ||
766 | z ^= y; | ||
767 | z = z << 4 | z >> 28; | ||
768 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
769 | z >>= 8; | ||
770 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
771 | z >>= 8; | ||
772 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
773 | z >>= 8; | ||
774 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
775 | z = expkey[22]; | ||
776 | z ^= y; | ||
777 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
778 | z >>= 8; | ||
779 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
780 | z >>= 8; | ||
781 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
782 | z >>= 8; | ||
783 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
784 | z = expkey[21]; | ||
785 | z ^= x; | ||
786 | z = z << 4 | z >> 28; | ||
787 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
788 | z >>= 8; | ||
789 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
790 | z >>= 8; | ||
791 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
792 | z >>= 8; | ||
793 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
794 | z = expkey[20]; | ||
795 | z ^= x; | ||
796 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
797 | z >>= 8; | ||
798 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
799 | z >>= 8; | ||
800 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
801 | z >>= 8; | ||
802 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
803 | z = expkey[19]; | ||
804 | z ^= y; | ||
805 | z = z << 4 | z >> 28; | ||
806 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
807 | z >>= 8; | ||
808 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
809 | z >>= 8; | ||
810 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
811 | z >>= 8; | ||
812 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
813 | z = expkey[18]; | ||
814 | z ^= y; | ||
815 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
816 | z >>= 8; | ||
817 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
818 | z >>= 8; | ||
819 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
820 | z >>= 8; | ||
821 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
822 | z = expkey[17]; | ||
823 | z ^= x; | ||
824 | z = z << 4 | z >> 28; | ||
825 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
826 | z >>= 8; | ||
827 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
828 | z >>= 8; | ||
829 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
830 | z >>= 8; | ||
831 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
832 | z = expkey[16]; | ||
833 | z ^= x; | ||
834 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
835 | z >>= 8; | ||
836 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
837 | z >>= 8; | ||
838 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
839 | z >>= 8; | ||
840 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
841 | z = expkey[15]; | ||
842 | z ^= y; | ||
843 | z = z << 4 | z >> 28; | ||
844 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
845 | z >>= 8; | ||
846 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
847 | z >>= 8; | ||
848 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
849 | z >>= 8; | ||
850 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
851 | z = expkey[14]; | ||
852 | z ^= y; | ||
853 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
854 | z >>= 8; | ||
855 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
856 | z >>= 8; | ||
857 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
858 | z >>= 8; | ||
859 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
860 | z = expkey[13]; | ||
861 | z ^= x; | ||
862 | z = z << 4 | z >> 28; | ||
863 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
864 | z >>= 8; | ||
865 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
866 | z >>= 8; | ||
867 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
868 | z >>= 8; | ||
869 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
870 | z = expkey[12]; | ||
871 | z ^= x; | ||
872 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
873 | z >>= 8; | ||
874 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
875 | z >>= 8; | ||
876 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
877 | z >>= 8; | ||
878 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
879 | z = expkey[11]; | ||
880 | z ^= y; | ||
881 | z = z << 4 | z >> 28; | ||
882 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
883 | z >>= 8; | ||
884 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
885 | z >>= 8; | ||
886 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
887 | z >>= 8; | ||
888 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
889 | z = expkey[10]; | ||
890 | z ^= y; | ||
891 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
892 | z >>= 8; | ||
893 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
894 | z >>= 8; | ||
895 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
896 | z >>= 8; | ||
897 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
898 | z = expkey[9]; | ||
899 | z ^= x; | ||
900 | z = z << 4 | z >> 28; | ||
901 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
902 | z >>= 8; | ||
903 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
904 | z >>= 8; | ||
905 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
906 | z >>= 8; | ||
907 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
908 | z = expkey[8]; | ||
909 | z ^= x; | ||
910 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
911 | z >>= 8; | ||
912 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
913 | z >>= 8; | ||
914 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
915 | z >>= 8; | ||
916 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
917 | z = expkey[7]; | ||
918 | z ^= y; | ||
919 | z = z << 4 | z >> 28; | ||
920 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
921 | z >>= 8; | ||
922 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
923 | z >>= 8; | ||
924 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
925 | z >>= 8; | ||
926 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
927 | z = expkey[6]; | ||
928 | z ^= y; | ||
929 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
930 | z >>= 8; | ||
931 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
932 | z >>= 8; | ||
933 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
934 | z >>= 8; | ||
935 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
936 | z = expkey[5]; | ||
937 | z ^= x; | ||
938 | z = z << 4 | z >> 28; | ||
939 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
940 | z >>= 8; | ||
941 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
942 | z >>= 8; | ||
943 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
944 | z >>= 8; | ||
945 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
946 | z = expkey[4]; | ||
947 | z ^= x; | ||
948 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
949 | z >>= 8; | ||
950 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
951 | z >>= 8; | ||
952 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
953 | z >>= 8; | ||
954 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
955 | z = expkey[3]; | ||
956 | z ^= y; | ||
957 | z = z << 4 | z >> 28; | ||
958 | x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
959 | z >>= 8; | ||
960 | x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
961 | z >>= 8; | ||
962 | x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
963 | z >>= 8; | ||
964 | x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
965 | z = expkey[2]; | ||
966 | z ^= y; | ||
967 | x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
968 | z >>= 8; | ||
969 | x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
970 | z >>= 8; | ||
971 | x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
972 | z >>= 8; | ||
973 | x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
974 | z = expkey[1]; | ||
975 | z ^= x; | ||
976 | z = z << 4 | z >> 28; | ||
977 | y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z)); | ||
978 | z >>= 8; | ||
979 | y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z)); | ||
980 | z >>= 8; | ||
981 | y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z)); | ||
982 | z >>= 8; | ||
983 | y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z)); | ||
984 | z = expkey[0]; | ||
985 | z ^= x; | ||
986 | y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z)); | ||
987 | z >>= 8; | ||
988 | y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z)); | ||
989 | z >>= 8; | ||
990 | y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z)); | ||
991 | z >>= 8; | ||
992 | y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z)); | ||
993 | x = x << 1 | x >> 31; | ||
994 | z = (x ^ y) & 0x55555555L; | ||
995 | y ^= z; | ||
996 | x ^= z; | ||
997 | y = y << 1 | y >> 31; | ||
998 | z = ((x >> 010) ^ y) & 0x00FF00FFL; | ||
999 | x ^= z << 010; | ||
1000 | y ^= z; | ||
1001 | z = ((y >> 002) ^ x) & 0x33333333L; | ||
1002 | y ^= z << 002; | ||
1003 | x ^= z; | ||
1004 | z = ((x >> 020) ^ y) & 0x0000FFFFL; | ||
1005 | x ^= z << 020; | ||
1006 | y ^= z; | ||
1007 | z = ((y >> 004) ^ x) & 0x0F0F0F0FL; | ||
1008 | y ^= z << 004; | ||
1009 | x ^= z; | ||
1010 | dst[0] = x; | ||
1011 | x >>= 8; | ||
1012 | dst[1] = x; | ||
1013 | x >>= 8; | ||
1014 | dst[2] = x; | ||
1015 | x >>= 8; | ||
1016 | dst[3] = x; | ||
1017 | dst[4] = y; | ||
1018 | y >>= 8; | ||
1019 | dst[5] = y; | ||
1020 | y >>= 8; | ||
1021 | dst[6] = y; | ||
1022 | y >>= 8; | ||
1023 | dst[7] = y; | ||
1024 | } | ||
1025 | |||
1026 | /* | ||
1027 | * RFC2451: Weak key checks SHOULD be performed. | ||
1028 | */ | ||
1029 | static int setkey(u32 *expkey, const u8 *key, unsigned int keylen, u32 *flags) | ||
1030 | { | ||
1031 | const u8 *k; | ||
1032 | u8 *b0, *b1; | ||
1033 | u32 n, w; | ||
1034 | u8 bits0[56], bits1[56]; | ||
1035 | |||
1036 | n = parity[key[0]]; n <<= 4; | ||
1037 | n |= parity[key[1]]; n <<= 4; | ||
1038 | n |= parity[key[2]]; n <<= 4; | ||
1039 | n |= parity[key[3]]; n <<= 4; | ||
1040 | n |= parity[key[4]]; n <<= 4; | ||
1041 | n |= parity[key[5]]; n <<= 4; | ||
1042 | n |= parity[key[6]]; n <<= 4; | ||
1043 | n |= parity[key[7]]; | ||
1044 | w = 0x88888888L; | ||
1045 | |||
1046 | if ((*flags & CRYPTO_TFM_REQ_WEAK_KEY) | ||
1047 | && !((n - (w >> 3)) & w)) { /* 1 in 10^10 keys passes this test */ | ||
1048 | if (n < 0x41415151) { | ||
1049 | if (n < 0x31312121) { | ||
1050 | if (n < 0x14141515) { | ||
1051 | /* 01 01 01 01 01 01 01 01 */ | ||
1052 | if (n == 0x11111111) goto weak; | ||
1053 | /* 01 1F 01 1F 01 0E 01 0E */ | ||
1054 | if (n == 0x13131212) goto weak; | ||
1055 | } else { | ||
1056 | /* 01 E0 01 E0 01 F1 01 F1 */ | ||
1057 | if (n == 0x14141515) goto weak; | ||
1058 | /* 01 FE 01 FE 01 FE 01 FE */ | ||
1059 | if (n == 0x16161616) goto weak; | ||
1060 | } | ||
1061 | } else { | ||
1062 | if (n < 0x34342525) { | ||
1063 | /* 1F 01 1F 01 0E 01 0E 01 */ | ||
1064 | if (n == 0x31312121) goto weak; | ||
1065 | /* 1F 1F 1F 1F 0E 0E 0E 0E (?) */ | ||
1066 | if (n == 0x33332222) goto weak; | ||
1067 | } else { | ||
1068 | /* 1F E0 1F E0 0E F1 0E F1 */ | ||
1069 | if (n == 0x34342525) goto weak; | ||
1070 | /* 1F FE 1F FE 0E FE 0E FE */ | ||
1071 | if (n == 0x36362626) goto weak; | ||
1072 | } | ||
1073 | } | ||
1074 | } else { | ||
1075 | if (n < 0x61616161) { | ||
1076 | if (n < 0x44445555) { | ||
1077 | /* E0 01 E0 01 F1 01 F1 01 */ | ||
1078 | if (n == 0x41415151) goto weak; | ||
1079 | /* E0 1F E0 1F F1 0E F1 0E */ | ||
1080 | if (n == 0x43435252) goto weak; | ||
1081 | } else { | ||
1082 | /* E0 E0 E0 E0 F1 F1 F1 F1 (?) */ | ||
1083 | if (n == 0x44445555) goto weak; | ||
1084 | /* E0 FE E0 FE F1 FE F1 FE */ | ||
1085 | if (n == 0x46465656) goto weak; | ||
1086 | } | ||
1087 | } else { | ||
1088 | if (n < 0x64646565) { | ||
1089 | /* FE 01 FE 01 FE 01 FE 01 */ | ||
1090 | if (n == 0x61616161) goto weak; | ||
1091 | /* FE 1F FE 1F FE 0E FE 0E */ | ||
1092 | if (n == 0x63636262) goto weak; | ||
1093 | } else { | ||
1094 | /* FE E0 FE E0 FE F1 FE F1 */ | ||
1095 | if (n == 0x64646565) goto weak; | ||
1096 | /* FE FE FE FE FE FE FE FE */ | ||
1097 | if (n == 0x66666666) goto weak; | ||
1098 | } | ||
1099 | } | ||
1100 | } | ||
1101 | |||
1102 | goto not_weak; | ||
1103 | weak: | ||
1104 | *flags |= CRYPTO_TFM_RES_WEAK_KEY; | ||
1105 | return -EINVAL; | ||
1106 | } | ||
1107 | |||
1108 | not_weak: | ||
1109 | |||
1110 | /* explode the bits */ | ||
1111 | n = 56; | ||
1112 | b0 = bits0; | ||
1113 | b1 = bits1; | ||
1114 | |||
1115 | do { | ||
1116 | w = (256 | *key++) << 2; | ||
1117 | do { | ||
1118 | --n; | ||
1119 | b1[n] = 8 & w; | ||
1120 | w >>= 1; | ||
1121 | b0[n] = 4 & w; | ||
1122 | } while ( w >= 16 ); | ||
1123 | } while ( n ); | ||
1124 | |||
1125 | /* put the bits in the correct places */ | ||
1126 | n = 16; | ||
1127 | k = rotors; | ||
1128 | |||
1129 | do { | ||
1130 | w = (b1[k[ 0 ]] | b0[k[ 1 ]]) << 4; | ||
1131 | w |= (b1[k[ 2 ]] | b0[k[ 3 ]]) << 2; | ||
1132 | w |= b1[k[ 4 ]] | b0[k[ 5 ]]; | ||
1133 | w <<= 8; | ||
1134 | w |= (b1[k[ 6 ]] | b0[k[ 7 ]]) << 4; | ||
1135 | w |= (b1[k[ 8 ]] | b0[k[ 9 ]]) << 2; | ||
1136 | w |= b1[k[10 ]] | b0[k[11 ]]; | ||
1137 | w <<= 8; | ||
1138 | w |= (b1[k[12 ]] | b0[k[13 ]]) << 4; | ||
1139 | w |= (b1[k[14 ]] | b0[k[15 ]]) << 2; | ||
1140 | w |= b1[k[16 ]] | b0[k[17 ]]; | ||
1141 | w <<= 8; | ||
1142 | w |= (b1[k[18 ]] | b0[k[19 ]]) << 4; | ||
1143 | w |= (b1[k[20 ]] | b0[k[21 ]]) << 2; | ||
1144 | w |= b1[k[22 ]] | b0[k[23 ]]; | ||
1145 | expkey[0] = w; | ||
1146 | |||
1147 | w = (b1[k[ 0+24]] | b0[k[ 1+24]]) << 4; | ||
1148 | w |= (b1[k[ 2+24]] | b0[k[ 3+24]]) << 2; | ||
1149 | w |= b1[k[ 4+24]] | b0[k[ 5+24]]; | ||
1150 | w <<= 8; | ||
1151 | w |= (b1[k[ 6+24]] | b0[k[ 7+24]]) << 4; | ||
1152 | w |= (b1[k[ 8+24]] | b0[k[ 9+24]]) << 2; | ||
1153 | w |= b1[k[10+24]] | b0[k[11+24]]; | ||
1154 | w <<= 8; | ||
1155 | w |= (b1[k[12+24]] | b0[k[13+24]]) << 4; | ||
1156 | w |= (b1[k[14+24]] | b0[k[15+24]]) << 2; | ||
1157 | w |= b1[k[16+24]] | b0[k[17+24]]; | ||
1158 | w <<= 8; | ||
1159 | w |= (b1[k[18+24]] | b0[k[19+24]]) << 4; | ||
1160 | w |= (b1[k[20+24]] | b0[k[21+24]]) << 2; | ||
1161 | w |= b1[k[22+24]] | b0[k[23+24]]; | ||
1162 | |||
1163 | ROR(w, 4, 28); /* could be eliminated */ | ||
1164 | expkey[1] = w; | ||
1165 | |||
1166 | k += 48; | ||
1167 | expkey += 2; | ||
1168 | } while (--n); | ||
1169 | |||
1170 | return 0; | ||
1171 | } | ||
1172 | |||
1173 | static int des_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags) | ||
1174 | { | ||
1175 | return setkey(((struct des_ctx *)ctx)->expkey, key, keylen, flags); | ||
1176 | } | ||
1177 | |||
1178 | static void des_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
1179 | { | ||
1180 | des_small_fips_encrypt(((struct des_ctx *)ctx)->expkey, dst, src); | ||
1181 | } | ||
1182 | |||
1183 | static void des_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
1184 | { | ||
1185 | des_small_fips_decrypt(((struct des_ctx *)ctx)->expkey, dst, src); | ||
1186 | } | ||
1187 | |||
1188 | /* | ||
1189 | * RFC2451: | ||
1190 | * | ||
1191 | * For DES-EDE3, there is no known need to reject weak or | ||
1192 | * complementation keys. Any weakness is obviated by the use of | ||
1193 | * multiple keys. | ||
1194 | * | ||
1195 | * However, if the first two or last two independent 64-bit keys are | ||
1196 | * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the | ||
1197 | * same as DES. Implementers MUST reject keys that exhibit this | ||
1198 | * property. | ||
1199 | * | ||
1200 | */ | ||
1201 | static int des3_ede_setkey(void *ctx, const u8 *key, | ||
1202 | unsigned int keylen, u32 *flags) | ||
1203 | { | ||
1204 | unsigned int i, off; | ||
1205 | struct des3_ede_ctx *dctx = ctx; | ||
1206 | |||
1207 | if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) && | ||
1208 | memcmp(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2], | ||
1209 | DES_KEY_SIZE))) { | ||
1210 | |||
1211 | *flags |= CRYPTO_TFM_RES_BAD_KEY_SCHED; | ||
1212 | return -EINVAL; | ||
1213 | } | ||
1214 | |||
1215 | for (i = 0, off = 0; i < 3; i++, off += DES_EXPKEY_WORDS, | ||
1216 | key += DES_KEY_SIZE) { | ||
1217 | int ret = setkey(&dctx->expkey[off], key, DES_KEY_SIZE, flags); | ||
1218 | if (ret < 0) | ||
1219 | return ret; | ||
1220 | } | ||
1221 | return 0; | ||
1222 | } | ||
1223 | |||
1224 | static void des3_ede_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
1225 | { | ||
1226 | struct des3_ede_ctx *dctx = ctx; | ||
1227 | |||
1228 | des_small_fips_encrypt(dctx->expkey, dst, src); | ||
1229 | des_small_fips_decrypt(&dctx->expkey[DES_EXPKEY_WORDS], dst, dst); | ||
1230 | des_small_fips_encrypt(&dctx->expkey[DES_EXPKEY_WORDS * 2], dst, dst); | ||
1231 | } | ||
1232 | |||
1233 | static void des3_ede_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
1234 | { | ||
1235 | struct des3_ede_ctx *dctx = ctx; | ||
1236 | |||
1237 | des_small_fips_decrypt(&dctx->expkey[DES_EXPKEY_WORDS * 2], dst, src); | ||
1238 | des_small_fips_encrypt(&dctx->expkey[DES_EXPKEY_WORDS], dst, dst); | ||
1239 | des_small_fips_decrypt(dctx->expkey, dst, dst); | ||
1240 | } | ||
1241 | |||
1242 | static struct crypto_alg des_alg = { | ||
1243 | .cra_name = "des", | ||
1244 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
1245 | .cra_blocksize = DES_BLOCK_SIZE, | ||
1246 | .cra_ctxsize = sizeof(struct des_ctx), | ||
1247 | .cra_module = THIS_MODULE, | ||
1248 | .cra_list = LIST_HEAD_INIT(des_alg.cra_list), | ||
1249 | .cra_u = { .cipher = { | ||
1250 | .cia_min_keysize = DES_KEY_SIZE, | ||
1251 | .cia_max_keysize = DES_KEY_SIZE, | ||
1252 | .cia_setkey = des_setkey, | ||
1253 | .cia_encrypt = des_encrypt, | ||
1254 | .cia_decrypt = des_decrypt } } | ||
1255 | }; | ||
1256 | |||
1257 | static struct crypto_alg des3_ede_alg = { | ||
1258 | .cra_name = "des3_ede", | ||
1259 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
1260 | .cra_blocksize = DES3_EDE_BLOCK_SIZE, | ||
1261 | .cra_ctxsize = sizeof(struct des3_ede_ctx), | ||
1262 | .cra_module = THIS_MODULE, | ||
1263 | .cra_list = LIST_HEAD_INIT(des3_ede_alg.cra_list), | ||
1264 | .cra_u = { .cipher = { | ||
1265 | .cia_min_keysize = DES3_EDE_KEY_SIZE, | ||
1266 | .cia_max_keysize = DES3_EDE_KEY_SIZE, | ||
1267 | .cia_setkey = des3_ede_setkey, | ||
1268 | .cia_encrypt = des3_ede_encrypt, | ||
1269 | .cia_decrypt = des3_ede_decrypt } } | ||
1270 | }; | ||
1271 | |||
1272 | MODULE_ALIAS("des3_ede"); | ||
1273 | |||
1274 | static int __init init(void) | ||
1275 | { | ||
1276 | int ret = 0; | ||
1277 | |||
1278 | ret = crypto_register_alg(&des_alg); | ||
1279 | if (ret < 0) | ||
1280 | goto out; | ||
1281 | |||
1282 | ret = crypto_register_alg(&des3_ede_alg); | ||
1283 | if (ret < 0) | ||
1284 | crypto_unregister_alg(&des_alg); | ||
1285 | out: | ||
1286 | return ret; | ||
1287 | } | ||
1288 | |||
1289 | static void __exit fini(void) | ||
1290 | { | ||
1291 | crypto_unregister_alg(&des3_ede_alg); | ||
1292 | crypto_unregister_alg(&des_alg); | ||
1293 | } | ||
1294 | |||
1295 | module_init(init); | ||
1296 | module_exit(fini); | ||
1297 | |||
1298 | MODULE_LICENSE("GPL"); | ||
1299 | MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms"); | ||
diff --git a/crypto/digest.c b/crypto/digest.c new file mode 100644 index 000000000000..d9b6ac9dbf8d --- /dev/null +++ b/crypto/digest.c | |||
@@ -0,0 +1,107 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Digest operations. | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/crypto.h> | ||
15 | #include <linux/mm.h> | ||
16 | #include <linux/errno.h> | ||
17 | #include <linux/highmem.h> | ||
18 | #include <asm/scatterlist.h> | ||
19 | #include "internal.h" | ||
20 | |||
21 | static void init(struct crypto_tfm *tfm) | ||
22 | { | ||
23 | tfm->__crt_alg->cra_digest.dia_init(crypto_tfm_ctx(tfm)); | ||
24 | } | ||
25 | |||
26 | static void update(struct crypto_tfm *tfm, | ||
27 | struct scatterlist *sg, unsigned int nsg) | ||
28 | { | ||
29 | unsigned int i; | ||
30 | |||
31 | for (i = 0; i < nsg; i++) { | ||
32 | |||
33 | struct page *pg = sg[i].page; | ||
34 | unsigned int offset = sg[i].offset; | ||
35 | unsigned int l = sg[i].length; | ||
36 | |||
37 | do { | ||
38 | unsigned int bytes_from_page = min(l, ((unsigned int) | ||
39 | (PAGE_SIZE)) - | ||
40 | offset); | ||
41 | char *p = crypto_kmap(pg, 0) + offset; | ||
42 | |||
43 | tfm->__crt_alg->cra_digest.dia_update | ||
44 | (crypto_tfm_ctx(tfm), p, | ||
45 | bytes_from_page); | ||
46 | crypto_kunmap(p, 0); | ||
47 | crypto_yield(tfm); | ||
48 | offset = 0; | ||
49 | pg++; | ||
50 | l -= bytes_from_page; | ||
51 | } while (l > 0); | ||
52 | } | ||
53 | } | ||
54 | |||
55 | static void final(struct crypto_tfm *tfm, u8 *out) | ||
56 | { | ||
57 | tfm->__crt_alg->cra_digest.dia_final(crypto_tfm_ctx(tfm), out); | ||
58 | } | ||
59 | |||
60 | static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) | ||
61 | { | ||
62 | u32 flags; | ||
63 | if (tfm->__crt_alg->cra_digest.dia_setkey == NULL) | ||
64 | return -ENOSYS; | ||
65 | return tfm->__crt_alg->cra_digest.dia_setkey(crypto_tfm_ctx(tfm), | ||
66 | key, keylen, &flags); | ||
67 | } | ||
68 | |||
69 | static void digest(struct crypto_tfm *tfm, | ||
70 | struct scatterlist *sg, unsigned int nsg, u8 *out) | ||
71 | { | ||
72 | unsigned int i; | ||
73 | |||
74 | tfm->crt_digest.dit_init(tfm); | ||
75 | |||
76 | for (i = 0; i < nsg; i++) { | ||
77 | char *p = crypto_kmap(sg[i].page, 0) + sg[i].offset; | ||
78 | tfm->__crt_alg->cra_digest.dia_update(crypto_tfm_ctx(tfm), | ||
79 | p, sg[i].length); | ||
80 | crypto_kunmap(p, 0); | ||
81 | crypto_yield(tfm); | ||
82 | } | ||
83 | crypto_digest_final(tfm, out); | ||
84 | } | ||
85 | |||
86 | int crypto_init_digest_flags(struct crypto_tfm *tfm, u32 flags) | ||
87 | { | ||
88 | return flags ? -EINVAL : 0; | ||
89 | } | ||
90 | |||
91 | int crypto_init_digest_ops(struct crypto_tfm *tfm) | ||
92 | { | ||
93 | struct digest_tfm *ops = &tfm->crt_digest; | ||
94 | |||
95 | ops->dit_init = init; | ||
96 | ops->dit_update = update; | ||
97 | ops->dit_final = final; | ||
98 | ops->dit_digest = digest; | ||
99 | ops->dit_setkey = setkey; | ||
100 | |||
101 | return crypto_alloc_hmac_block(tfm); | ||
102 | } | ||
103 | |||
104 | void crypto_exit_digest_ops(struct crypto_tfm *tfm) | ||
105 | { | ||
106 | crypto_free_hmac_block(tfm); | ||
107 | } | ||
diff --git a/crypto/hmac.c b/crypto/hmac.c new file mode 100644 index 000000000000..847df9263e16 --- /dev/null +++ b/crypto/hmac.c | |||
@@ -0,0 +1,134 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * HMAC: Keyed-Hashing for Message Authentication (RFC2104). | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * | ||
8 | * The HMAC implementation is derived from USAGI. | ||
9 | * Copyright (c) 2002 Kazunori Miyazawa <miyazawa@linux-ipv6.org> / USAGI | ||
10 | * | ||
11 | * This program is free software; you can redistribute it and/or modify it | ||
12 | * under the terms of the GNU General Public License as published by the Free | ||
13 | * Software Foundation; either version 2 of the License, or (at your option) | ||
14 | * any later version. | ||
15 | * | ||
16 | */ | ||
17 | #include <linux/crypto.h> | ||
18 | #include <linux/mm.h> | ||
19 | #include <linux/highmem.h> | ||
20 | #include <linux/slab.h> | ||
21 | #include <asm/scatterlist.h> | ||
22 | #include "internal.h" | ||
23 | |||
24 | static void hash_key(struct crypto_tfm *tfm, u8 *key, unsigned int keylen) | ||
25 | { | ||
26 | struct scatterlist tmp; | ||
27 | |||
28 | tmp.page = virt_to_page(key); | ||
29 | tmp.offset = offset_in_page(key); | ||
30 | tmp.length = keylen; | ||
31 | crypto_digest_digest(tfm, &tmp, 1, key); | ||
32 | |||
33 | } | ||
34 | |||
35 | int crypto_alloc_hmac_block(struct crypto_tfm *tfm) | ||
36 | { | ||
37 | int ret = 0; | ||
38 | |||
39 | BUG_ON(!crypto_tfm_alg_blocksize(tfm)); | ||
40 | |||
41 | tfm->crt_digest.dit_hmac_block = kmalloc(crypto_tfm_alg_blocksize(tfm), | ||
42 | GFP_KERNEL); | ||
43 | if (tfm->crt_digest.dit_hmac_block == NULL) | ||
44 | ret = -ENOMEM; | ||
45 | |||
46 | return ret; | ||
47 | |||
48 | } | ||
49 | |||
50 | void crypto_free_hmac_block(struct crypto_tfm *tfm) | ||
51 | { | ||
52 | if (tfm->crt_digest.dit_hmac_block) | ||
53 | kfree(tfm->crt_digest.dit_hmac_block); | ||
54 | } | ||
55 | |||
56 | void crypto_hmac_init(struct crypto_tfm *tfm, u8 *key, unsigned int *keylen) | ||
57 | { | ||
58 | unsigned int i; | ||
59 | struct scatterlist tmp; | ||
60 | char *ipad = tfm->crt_digest.dit_hmac_block; | ||
61 | |||
62 | if (*keylen > crypto_tfm_alg_blocksize(tfm)) { | ||
63 | hash_key(tfm, key, *keylen); | ||
64 | *keylen = crypto_tfm_alg_digestsize(tfm); | ||
65 | } | ||
66 | |||
67 | memset(ipad, 0, crypto_tfm_alg_blocksize(tfm)); | ||
68 | memcpy(ipad, key, *keylen); | ||
69 | |||
70 | for (i = 0; i < crypto_tfm_alg_blocksize(tfm); i++) | ||
71 | ipad[i] ^= 0x36; | ||
72 | |||
73 | tmp.page = virt_to_page(ipad); | ||
74 | tmp.offset = offset_in_page(ipad); | ||
75 | tmp.length = crypto_tfm_alg_blocksize(tfm); | ||
76 | |||
77 | crypto_digest_init(tfm); | ||
78 | crypto_digest_update(tfm, &tmp, 1); | ||
79 | } | ||
80 | |||
81 | void crypto_hmac_update(struct crypto_tfm *tfm, | ||
82 | struct scatterlist *sg, unsigned int nsg) | ||
83 | { | ||
84 | crypto_digest_update(tfm, sg, nsg); | ||
85 | } | ||
86 | |||
87 | void crypto_hmac_final(struct crypto_tfm *tfm, u8 *key, | ||
88 | unsigned int *keylen, u8 *out) | ||
89 | { | ||
90 | unsigned int i; | ||
91 | struct scatterlist tmp; | ||
92 | char *opad = tfm->crt_digest.dit_hmac_block; | ||
93 | |||
94 | if (*keylen > crypto_tfm_alg_blocksize(tfm)) { | ||
95 | hash_key(tfm, key, *keylen); | ||
96 | *keylen = crypto_tfm_alg_digestsize(tfm); | ||
97 | } | ||
98 | |||
99 | crypto_digest_final(tfm, out); | ||
100 | |||
101 | memset(opad, 0, crypto_tfm_alg_blocksize(tfm)); | ||
102 | memcpy(opad, key, *keylen); | ||
103 | |||
104 | for (i = 0; i < crypto_tfm_alg_blocksize(tfm); i++) | ||
105 | opad[i] ^= 0x5c; | ||
106 | |||
107 | tmp.page = virt_to_page(opad); | ||
108 | tmp.offset = offset_in_page(opad); | ||
109 | tmp.length = crypto_tfm_alg_blocksize(tfm); | ||
110 | |||
111 | crypto_digest_init(tfm); | ||
112 | crypto_digest_update(tfm, &tmp, 1); | ||
113 | |||
114 | tmp.page = virt_to_page(out); | ||
115 | tmp.offset = offset_in_page(out); | ||
116 | tmp.length = crypto_tfm_alg_digestsize(tfm); | ||
117 | |||
118 | crypto_digest_update(tfm, &tmp, 1); | ||
119 | crypto_digest_final(tfm, out); | ||
120 | } | ||
121 | |||
122 | void crypto_hmac(struct crypto_tfm *tfm, u8 *key, unsigned int *keylen, | ||
123 | struct scatterlist *sg, unsigned int nsg, u8 *out) | ||
124 | { | ||
125 | crypto_hmac_init(tfm, key, keylen); | ||
126 | crypto_hmac_update(tfm, sg, nsg); | ||
127 | crypto_hmac_final(tfm, key, keylen, out); | ||
128 | } | ||
129 | |||
130 | EXPORT_SYMBOL_GPL(crypto_hmac_init); | ||
131 | EXPORT_SYMBOL_GPL(crypto_hmac_update); | ||
132 | EXPORT_SYMBOL_GPL(crypto_hmac_final); | ||
133 | EXPORT_SYMBOL_GPL(crypto_hmac); | ||
134 | |||
diff --git a/crypto/internal.h b/crypto/internal.h new file mode 100644 index 000000000000..e68e43886d3c --- /dev/null +++ b/crypto/internal.h | |||
@@ -0,0 +1,92 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify it | ||
7 | * under the terms of the GNU General Public License as published by the Free | ||
8 | * Software Foundation; either version 2 of the License, or (at your option) | ||
9 | * any later version. | ||
10 | * | ||
11 | */ | ||
12 | #ifndef _CRYPTO_INTERNAL_H | ||
13 | #define _CRYPTO_INTERNAL_H | ||
14 | #include <linux/crypto.h> | ||
15 | #include <linux/mm.h> | ||
16 | #include <linux/highmem.h> | ||
17 | #include <linux/interrupt.h> | ||
18 | #include <linux/init.h> | ||
19 | #include <linux/kmod.h> | ||
20 | #include <asm/kmap_types.h> | ||
21 | |||
22 | extern enum km_type crypto_km_types[]; | ||
23 | |||
24 | static inline enum km_type crypto_kmap_type(int out) | ||
25 | { | ||
26 | return crypto_km_types[(in_softirq() ? 2 : 0) + out]; | ||
27 | } | ||
28 | |||
29 | static inline void *crypto_kmap(struct page *page, int out) | ||
30 | { | ||
31 | return kmap_atomic(page, crypto_kmap_type(out)); | ||
32 | } | ||
33 | |||
34 | static inline void crypto_kunmap(void *vaddr, int out) | ||
35 | { | ||
36 | kunmap_atomic(vaddr, crypto_kmap_type(out)); | ||
37 | } | ||
38 | |||
39 | static inline void crypto_yield(struct crypto_tfm *tfm) | ||
40 | { | ||
41 | if (!in_softirq()) | ||
42 | cond_resched(); | ||
43 | } | ||
44 | |||
45 | static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm) | ||
46 | { | ||
47 | return (void *)&tfm[1]; | ||
48 | } | ||
49 | |||
50 | struct crypto_alg *crypto_alg_lookup(const char *name); | ||
51 | |||
52 | /* A far more intelligent version of this is planned. For now, just | ||
53 | * try an exact match on the name of the algorithm. */ | ||
54 | static inline struct crypto_alg *crypto_alg_mod_lookup(const char *name) | ||
55 | { | ||
56 | return try_then_request_module(crypto_alg_lookup(name), name); | ||
57 | } | ||
58 | |||
59 | #ifdef CONFIG_CRYPTO_HMAC | ||
60 | int crypto_alloc_hmac_block(struct crypto_tfm *tfm); | ||
61 | void crypto_free_hmac_block(struct crypto_tfm *tfm); | ||
62 | #else | ||
63 | static inline int crypto_alloc_hmac_block(struct crypto_tfm *tfm) | ||
64 | { | ||
65 | return 0; | ||
66 | } | ||
67 | |||
68 | static inline void crypto_free_hmac_block(struct crypto_tfm *tfm) | ||
69 | { } | ||
70 | #endif | ||
71 | |||
72 | #ifdef CONFIG_PROC_FS | ||
73 | void __init crypto_init_proc(void); | ||
74 | #else | ||
75 | static inline void crypto_init_proc(void) | ||
76 | { } | ||
77 | #endif | ||
78 | |||
79 | int crypto_init_digest_flags(struct crypto_tfm *tfm, u32 flags); | ||
80 | int crypto_init_cipher_flags(struct crypto_tfm *tfm, u32 flags); | ||
81 | int crypto_init_compress_flags(struct crypto_tfm *tfm, u32 flags); | ||
82 | |||
83 | int crypto_init_digest_ops(struct crypto_tfm *tfm); | ||
84 | int crypto_init_cipher_ops(struct crypto_tfm *tfm); | ||
85 | int crypto_init_compress_ops(struct crypto_tfm *tfm); | ||
86 | |||
87 | void crypto_exit_digest_ops(struct crypto_tfm *tfm); | ||
88 | void crypto_exit_cipher_ops(struct crypto_tfm *tfm); | ||
89 | void crypto_exit_compress_ops(struct crypto_tfm *tfm); | ||
90 | |||
91 | #endif /* _CRYPTO_INTERNAL_H */ | ||
92 | |||
diff --git a/crypto/khazad.c b/crypto/khazad.c new file mode 100644 index 000000000000..738cb0dd1e7c --- /dev/null +++ b/crypto/khazad.c | |||
@@ -0,0 +1,915 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Khazad Algorithm | ||
5 | * | ||
6 | * The Khazad algorithm was developed by Paulo S. L. M. Barreto and | ||
7 | * Vincent Rijmen. It was a finalist in the NESSIE encryption contest. | ||
8 | * | ||
9 | * The original authors have disclaimed all copyright interest in this | ||
10 | * code and thus put it in the public domain. The subsequent authors | ||
11 | * have put this under the GNU General Public License. | ||
12 | * | ||
13 | * By Aaron Grothe ajgrothe@yahoo.com, August 1, 2004 | ||
14 | * | ||
15 | * This program is free software; you can redistribute it and/or modify | ||
16 | * it under the terms of the GNU General Public License as published by | ||
17 | * the Free Software Foundation; either version 2 of the License, or | ||
18 | * (at your option) any later version. | ||
19 | * | ||
20 | */ | ||
21 | |||
22 | #include <linux/init.h> | ||
23 | #include <linux/module.h> | ||
24 | #include <linux/mm.h> | ||
25 | #include <asm/scatterlist.h> | ||
26 | #include <linux/crypto.h> | ||
27 | |||
28 | #define KHAZAD_KEY_SIZE 16 | ||
29 | #define KHAZAD_BLOCK_SIZE 8 | ||
30 | #define KHAZAD_ROUNDS 8 | ||
31 | |||
32 | struct khazad_ctx { | ||
33 | u64 E[KHAZAD_ROUNDS + 1]; | ||
34 | u64 D[KHAZAD_ROUNDS + 1]; | ||
35 | }; | ||
36 | |||
37 | static const u64 T0[256] = { | ||
38 | 0xbad3d268bbb96a01ULL, 0x54fc4d19e59a66b1ULL, 0x2f71bc93e26514cdULL, | ||
39 | 0x749ccdb925871b51ULL, 0x53f55102f7a257a4ULL, 0xd3686bb8d0d6be03ULL, | ||
40 | 0xd26b6fbdd6deb504ULL, 0x4dd72964b35285feULL, 0x50f05d0dfdba4aadULL, | ||
41 | 0xace98a26cf09e063ULL, 0x8d8a0e83091c9684ULL, 0xbfdcc679a5914d1aULL, | ||
42 | 0x7090ddad3da7374dULL, 0x52f65507f1aa5ca3ULL, 0x9ab352c87ba417e1ULL, | ||
43 | 0x4cd42d61b55a8ef9ULL, 0xea238f65460320acULL, 0xd56273a6c4e68411ULL, | ||
44 | 0x97a466f155cc68c2ULL, 0xd16e63b2dcc6a80dULL, 0x3355ccffaa85d099ULL, | ||
45 | 0x51f35908fbb241aaULL, 0x5bed712ac7e20f9cULL, 0xa6f7a204f359ae55ULL, | ||
46 | 0xde7f5f81febec120ULL, 0x48d83d75ad7aa2e5ULL, 0xa8e59a32d729cc7fULL, | ||
47 | 0x99b65ec771bc0ae8ULL, 0xdb704b90e096e63bULL, 0x3256c8faac8ddb9eULL, | ||
48 | 0xb7c4e65195d11522ULL, 0xfc19d72b32b3aaceULL, 0xe338ab48704b7393ULL, | ||
49 | 0x9ebf42dc63843bfdULL, 0x91ae7eef41fc52d0ULL, 0x9bb056cd7dac1ce6ULL, | ||
50 | 0xe23baf4d76437894ULL, 0xbbd0d66dbdb16106ULL, 0x41c319589b32f1daULL, | ||
51 | 0x6eb2a5cb7957e517ULL, 0xa5f2ae0bf941b35cULL, 0xcb400bc08016564bULL, | ||
52 | 0x6bbdb1da677fc20cULL, 0x95a26efb59dc7eccULL, 0xa1febe1fe1619f40ULL, | ||
53 | 0xf308eb1810cbc3e3ULL, 0xb1cefe4f81e12f30ULL, 0x0206080a0c10160eULL, | ||
54 | 0xcc4917db922e675eULL, 0xc45137f3a26e3f66ULL, 0x1d2774694ee8cf53ULL, | ||
55 | 0x143c504478a09c6cULL, 0xc3582be8b0560e73ULL, 0x63a591f2573f9a34ULL, | ||
56 | 0xda734f95e69eed3cULL, 0x5de76934d3d2358eULL, 0x5fe1613edfc22380ULL, | ||
57 | 0xdc79578bf2aed72eULL, 0x7d87e99413cf486eULL, 0xcd4a13de94266c59ULL, | ||
58 | 0x7f81e19e1fdf5e60ULL, 0x5aee752fc1ea049bULL, 0x6cb4adc17547f319ULL, | ||
59 | 0x5ce46d31d5da3e89ULL, 0xf704fb0c08ebefffULL, 0x266a98bed42d47f2ULL, | ||
60 | 0xff1cdb2438abb7c7ULL, 0xed2a937e543b11b9ULL, 0xe825876f4a1336a2ULL, | ||
61 | 0x9dba4ed3699c26f4ULL, 0x6fb1a1ce7f5fee10ULL, 0x8e8f028c03048b8dULL, | ||
62 | 0x192b647d56c8e34fULL, 0xa0fdba1ae7699447ULL, 0xf00de7171ad3deeaULL, | ||
63 | 0x89861e97113cba98ULL, 0x0f113c332278692dULL, 0x07091c1b12383115ULL, | ||
64 | 0xafec8629c511fd6aULL, 0xfb10cb30208b9bdbULL, 0x0818202830405838ULL, | ||
65 | 0x153f54417ea8976bULL, 0x0d1734392e687f23ULL, 0x040c101418202c1cULL, | ||
66 | 0x0103040506080b07ULL, 0x64ac8de94507ab21ULL, 0xdf7c5b84f8b6ca27ULL, | ||
67 | 0x769ac5b329970d5fULL, 0x798bf9800bef6472ULL, 0xdd7a538ef4a6dc29ULL, | ||
68 | 0x3d47f4c98ef5b2b3ULL, 0x163a584e74b08a62ULL, 0x3f41fcc382e5a4bdULL, | ||
69 | 0x3759dcebb2a5fc85ULL, 0x6db7a9c4734ff81eULL, 0x3848e0d890dd95a8ULL, | ||
70 | 0xb9d6de67b1a17708ULL, 0x7395d1a237bf2a44ULL, 0xe926836a4c1b3da5ULL, | ||
71 | 0x355fd4e1beb5ea8bULL, 0x55ff491ce3926db6ULL, 0x7193d9a83baf3c4aULL, | ||
72 | 0x7b8df18a07ff727cULL, 0x8c890a860f149d83ULL, 0x7296d5a731b72143ULL, | ||
73 | 0x88851a921734b19fULL, 0xf607ff090ee3e4f8ULL, 0x2a7ea882fc4d33d6ULL, | ||
74 | 0x3e42f8c684edafbaULL, 0x5ee2653bd9ca2887ULL, 0x27699cbbd2254cf5ULL, | ||
75 | 0x46ca0543890ac0cfULL, 0x0c14303c28607424ULL, 0x65af89ec430fa026ULL, | ||
76 | 0x68b8bdd56d67df05ULL, 0x61a399f85b2f8c3aULL, 0x03050c0f0a181d09ULL, | ||
77 | 0xc15e23e2bc46187dULL, 0x57f94116ef827bb8ULL, 0xd6677fa9cefe9918ULL, | ||
78 | 0xd976439aec86f035ULL, 0x58e87d25cdfa1295ULL, 0xd875479fea8efb32ULL, | ||
79 | 0x66aa85e34917bd2fULL, 0xd7647bacc8f6921fULL, 0x3a4ee8d29ccd83a6ULL, | ||
80 | 0xc84507cf8a0e4b42ULL, 0x3c44f0cc88fdb9b4ULL, 0xfa13cf35268390dcULL, | ||
81 | 0x96a762f453c463c5ULL, 0xa7f4a601f551a552ULL, 0x98b55ac277b401efULL, | ||
82 | 0xec29977b52331abeULL, 0xb8d5da62b7a97c0fULL, 0xc7543bfca876226fULL, | ||
83 | 0xaeef822cc319f66dULL, 0x69bbb9d06b6fd402ULL, 0x4bdd317aa762bfecULL, | ||
84 | 0xabe0963ddd31d176ULL, 0xa9e69e37d121c778ULL, 0x67a981e64f1fb628ULL, | ||
85 | 0x0a1e28223c504e36ULL, 0x47c901468f02cbc8ULL, 0xf20bef1d16c3c8e4ULL, | ||
86 | 0xb5c2ee5b99c1032cULL, 0x226688aacc0d6beeULL, 0xe532b356647b4981ULL, | ||
87 | 0xee2f9f715e230cb0ULL, 0xbedfc27ca399461dULL, 0x2b7dac87fa4538d1ULL, | ||
88 | 0x819e3ebf217ce2a0ULL, 0x1236485a6c90a67eULL, 0x839836b52d6cf4aeULL, | ||
89 | 0x1b2d6c775ad8f541ULL, 0x0e1238362470622aULL, 0x23658cafca0560e9ULL, | ||
90 | 0xf502f30604fbf9f1ULL, 0x45cf094c8312ddc6ULL, 0x216384a5c61576e7ULL, | ||
91 | 0xce4f1fd19e3e7150ULL, 0x49db3970ab72a9e2ULL, 0x2c74b09ce87d09c4ULL, | ||
92 | 0xf916c33a2c9b8dd5ULL, 0xe637bf596e635488ULL, 0xb6c7e25493d91e25ULL, | ||
93 | 0x2878a088f05d25d8ULL, 0x17395c4b72b88165ULL, 0x829b32b02b64ffa9ULL, | ||
94 | 0x1a2e68725cd0fe46ULL, 0x8b80169d1d2cac96ULL, 0xfe1fdf213ea3bcc0ULL, | ||
95 | 0x8a8312981b24a791ULL, 0x091b242d3648533fULL, 0xc94603ca8c064045ULL, | ||
96 | 0x879426a1354cd8b2ULL, 0x4ed2256bb94a98f7ULL, 0xe13ea3427c5b659dULL, | ||
97 | 0x2e72b896e46d1fcaULL, 0xe431b75362734286ULL, 0xe03da7477a536e9aULL, | ||
98 | 0xeb208b60400b2babULL, 0x90ad7aea47f459d7ULL, 0xa4f1aa0eff49b85bULL, | ||
99 | 0x1e22786644f0d25aULL, 0x85922eab395ccebcULL, 0x60a09dfd5d27873dULL, | ||
100 | 0x0000000000000000ULL, 0x256f94b1de355afbULL, 0xf401f70302f3f2f6ULL, | ||
101 | 0xf10ee3121cdbd5edULL, 0x94a16afe5fd475cbULL, 0x0b1d2c273a584531ULL, | ||
102 | 0xe734bb5c686b5f8fULL, 0x759fc9bc238f1056ULL, 0xef2c9b74582b07b7ULL, | ||
103 | 0x345cd0e4b8bde18cULL, 0x3153c4f5a695c697ULL, 0xd46177a3c2ee8f16ULL, | ||
104 | 0xd06d67b7dacea30aULL, 0x869722a43344d3b5ULL, 0x7e82e59b19d75567ULL, | ||
105 | 0xadea8e23c901eb64ULL, 0xfd1ad32e34bba1c9ULL, 0x297ba48df6552edfULL, | ||
106 | 0x3050c0f0a09dcd90ULL, 0x3b4decd79ac588a1ULL, 0x9fbc46d9658c30faULL, | ||
107 | 0xf815c73f2a9386d2ULL, 0xc6573ff9ae7e2968ULL, 0x13354c5f6a98ad79ULL, | ||
108 | 0x060a181e14303a12ULL, 0x050f14111e28271bULL, 0xc55233f6a4663461ULL, | ||
109 | 0x113344556688bb77ULL, 0x7799c1b62f9f0658ULL, 0x7c84ed9115c74369ULL, | ||
110 | 0x7a8ef58f01f7797bULL, 0x7888fd850de76f75ULL, 0x365ad8eeb4adf782ULL, | ||
111 | 0x1c24706c48e0c454ULL, 0x394be4dd96d59eafULL, 0x59eb7920cbf21992ULL, | ||
112 | 0x1828607850c0e848ULL, 0x56fa4513e98a70bfULL, 0xb3c8f6458df1393eULL, | ||
113 | 0xb0cdfa4a87e92437ULL, 0x246c90b4d83d51fcULL, 0x206080a0c01d7de0ULL, | ||
114 | 0xb2cbf2408bf93239ULL, 0x92ab72e04be44fd9ULL, 0xa3f8b615ed71894eULL, | ||
115 | 0xc05d27e7ba4e137aULL, 0x44cc0d49851ad6c1ULL, 0x62a695f751379133ULL, | ||
116 | 0x103040506080b070ULL, 0xb4c1ea5e9fc9082bULL, 0x84912aae3f54c5bbULL, | ||
117 | 0x43c511529722e7d4ULL, 0x93a876e54dec44deULL, 0xc25b2fedb65e0574ULL, | ||
118 | 0x4ade357fa16ab4ebULL, 0xbddace73a9815b14ULL, 0x8f8c0689050c808aULL, | ||
119 | 0x2d77b499ee7502c3ULL, 0xbcd9ca76af895013ULL, 0x9cb94ad66f942df3ULL, | ||
120 | 0x6abeb5df6177c90bULL, 0x40c01d5d9d3afaddULL, 0xcf4c1bd498367a57ULL, | ||
121 | 0xa2fbb210eb798249ULL, 0x809d3aba2774e9a7ULL, 0x4fd1216ebf4293f0ULL, | ||
122 | 0x1f217c6342f8d95dULL, 0xca430fc5861e5d4cULL, 0xaae39238db39da71ULL, | ||
123 | 0x42c61557912aecd3ULL | ||
124 | }; | ||
125 | |||
126 | static const u64 T1[256] = { | ||
127 | 0xd3ba68d2b9bb016aULL, 0xfc54194d9ae5b166ULL, 0x712f93bc65e2cd14ULL, | ||
128 | 0x9c74b9cd8725511bULL, 0xf5530251a2f7a457ULL, 0x68d3b86bd6d003beULL, | ||
129 | 0x6bd2bd6fded604b5ULL, 0xd74d642952b3fe85ULL, 0xf0500d5dbafdad4aULL, | ||
130 | 0xe9ac268a09cf63e0ULL, 0x8a8d830e1c098496ULL, 0xdcbf79c691a51a4dULL, | ||
131 | 0x9070addda73d4d37ULL, 0xf6520755aaf1a35cULL, 0xb39ac852a47be117ULL, | ||
132 | 0xd44c612d5ab5f98eULL, 0x23ea658f0346ac20ULL, 0x62d5a673e6c41184ULL, | ||
133 | 0xa497f166cc55c268ULL, 0x6ed1b263c6dc0da8ULL, 0x5533ffcc85aa99d0ULL, | ||
134 | 0xf3510859b2fbaa41ULL, 0xed5b2a71e2c79c0fULL, 0xf7a604a259f355aeULL, | ||
135 | 0x7fde815fbefe20c1ULL, 0xd848753d7aade5a2ULL, 0xe5a8329a29d77fccULL, | ||
136 | 0xb699c75ebc71e80aULL, 0x70db904b96e03be6ULL, 0x5632fac88dac9edbULL, | ||
137 | 0xc4b751e6d1952215ULL, 0x19fc2bd7b332ceaaULL, 0x38e348ab4b709373ULL, | ||
138 | 0xbf9edc428463fd3bULL, 0xae91ef7efc41d052ULL, 0xb09bcd56ac7de61cULL, | ||
139 | 0x3be24daf43769478ULL, 0xd0bb6dd6b1bd0661ULL, 0xc3415819329bdaf1ULL, | ||
140 | 0xb26ecba5577917e5ULL, 0xf2a50bae41f95cb3ULL, 0x40cbc00b16804b56ULL, | ||
141 | 0xbd6bdab17f670cc2ULL, 0xa295fb6edc59cc7eULL, 0xfea11fbe61e1409fULL, | ||
142 | 0x08f318ebcb10e3c3ULL, 0xceb14ffee181302fULL, 0x06020a08100c0e16ULL, | ||
143 | 0x49ccdb172e925e67ULL, 0x51c4f3376ea2663fULL, 0x271d6974e84e53cfULL, | ||
144 | 0x3c144450a0786c9cULL, 0x58c3e82b56b0730eULL, 0xa563f2913f57349aULL, | ||
145 | 0x73da954f9ee63cedULL, 0xe75d3469d2d38e35ULL, 0xe15f3e61c2df8023ULL, | ||
146 | 0x79dc8b57aef22ed7ULL, 0x877d94e9cf136e48ULL, 0x4acdde132694596cULL, | ||
147 | 0x817f9ee1df1f605eULL, 0xee5a2f75eac19b04ULL, 0xb46cc1ad477519f3ULL, | ||
148 | 0xe45c316ddad5893eULL, 0x04f70cfbeb08ffefULL, 0x6a26be982dd4f247ULL, | ||
149 | 0x1cff24dbab38c7b7ULL, 0x2aed7e933b54b911ULL, 0x25e86f87134aa236ULL, | ||
150 | 0xba9dd34e9c69f426ULL, 0xb16fcea15f7f10eeULL, 0x8f8e8c0204038d8bULL, | ||
151 | 0x2b197d64c8564fe3ULL, 0xfda01aba69e74794ULL, 0x0df017e7d31aeadeULL, | ||
152 | 0x8689971e3c1198baULL, 0x110f333c78222d69ULL, 0x09071b1c38121531ULL, | ||
153 | 0xecaf298611c56afdULL, 0x10fb30cb8b20db9bULL, 0x1808282040303858ULL, | ||
154 | 0x3f154154a87e6b97ULL, 0x170d3934682e237fULL, 0x0c04141020181c2cULL, | ||
155 | 0x030105040806070bULL, 0xac64e98d074521abULL, 0x7cdf845bb6f827caULL, | ||
156 | 0x9a76b3c597295f0dULL, 0x8b7980f9ef0b7264ULL, 0x7add8e53a6f429dcULL, | ||
157 | 0x473dc9f4f58eb3b2ULL, 0x3a164e58b074628aULL, 0x413fc3fce582bda4ULL, | ||
158 | 0x5937ebdca5b285fcULL, 0xb76dc4a94f731ef8ULL, 0x4838d8e0dd90a895ULL, | ||
159 | 0xd6b967dea1b10877ULL, 0x9573a2d1bf37442aULL, 0x26e96a831b4ca53dULL, | ||
160 | 0x5f35e1d4b5be8beaULL, 0xff551c4992e3b66dULL, 0x9371a8d9af3b4a3cULL, | ||
161 | 0x8d7b8af1ff077c72ULL, 0x898c860a140f839dULL, 0x9672a7d5b7314321ULL, | ||
162 | 0x8588921a34179fb1ULL, 0x07f609ffe30ef8e4ULL, 0x7e2a82a84dfcd633ULL, | ||
163 | 0x423ec6f8ed84baafULL, 0xe25e3b65cad98728ULL, 0x6927bb9c25d2f54cULL, | ||
164 | 0xca4643050a89cfc0ULL, 0x140c3c3060282474ULL, 0xaf65ec890f4326a0ULL, | ||
165 | 0xb868d5bd676d05dfULL, 0xa361f8992f5b3a8cULL, 0x05030f0c180a091dULL, | ||
166 | 0x5ec1e22346bc7d18ULL, 0xf957164182efb87bULL, 0x67d6a97ffece1899ULL, | ||
167 | 0x76d99a4386ec35f0ULL, 0xe858257dfacd9512ULL, 0x75d89f478eea32fbULL, | ||
168 | 0xaa66e38517492fbdULL, 0x64d7ac7bf6c81f92ULL, 0x4e3ad2e8cd9ca683ULL, | ||
169 | 0x45c8cf070e8a424bULL, 0x443cccf0fd88b4b9ULL, 0x13fa35cf8326dc90ULL, | ||
170 | 0xa796f462c453c563ULL, 0xf4a701a651f552a5ULL, 0xb598c25ab477ef01ULL, | ||
171 | 0x29ec7b973352be1aULL, 0xd5b862daa9b70f7cULL, 0x54c7fc3b76a86f22ULL, | ||
172 | 0xefae2c8219c36df6ULL, 0xbb69d0b96f6b02d4ULL, 0xdd4b7a3162a7ecbfULL, | ||
173 | 0xe0ab3d9631dd76d1ULL, 0xe6a9379e21d178c7ULL, 0xa967e6811f4f28b6ULL, | ||
174 | 0x1e0a2228503c364eULL, 0xc9474601028fc8cbULL, 0x0bf21defc316e4c8ULL, | ||
175 | 0xc2b55beec1992c03ULL, 0x6622aa880dccee6bULL, 0x32e556b37b648149ULL, | ||
176 | 0x2fee719f235eb00cULL, 0xdfbe7cc299a31d46ULL, 0x7d2b87ac45fad138ULL, | ||
177 | 0x9e81bf3e7c21a0e2ULL, 0x36125a48906c7ea6ULL, 0x9883b5366c2daef4ULL, | ||
178 | 0x2d1b776cd85a41f5ULL, 0x120e363870242a62ULL, 0x6523af8c05cae960ULL, | ||
179 | 0x02f506f3fb04f1f9ULL, 0xcf454c091283c6ddULL, 0x6321a58415c6e776ULL, | ||
180 | 0x4fced11f3e9e5071ULL, 0xdb49703972abe2a9ULL, 0x742c9cb07de8c409ULL, | ||
181 | 0x16f93ac39b2cd58dULL, 0x37e659bf636e8854ULL, 0xc7b654e2d993251eULL, | ||
182 | 0x782888a05df0d825ULL, 0x39174b5cb8726581ULL, 0x9b82b032642ba9ffULL, | ||
183 | 0x2e1a7268d05c46feULL, 0x808b9d162c1d96acULL, 0x1ffe21dfa33ec0bcULL, | ||
184 | 0x838a9812241b91a7ULL, 0x1b092d2448363f53ULL, 0x46c9ca03068c4540ULL, | ||
185 | 0x9487a1264c35b2d8ULL, 0xd24e6b254ab9f798ULL, 0x3ee142a35b7c9d65ULL, | ||
186 | 0x722e96b86de4ca1fULL, 0x31e453b773628642ULL, 0x3de047a7537a9a6eULL, | ||
187 | 0x20eb608b0b40ab2bULL, 0xad90ea7af447d759ULL, 0xf1a40eaa49ff5bb8ULL, | ||
188 | 0x221e6678f0445ad2ULL, 0x9285ab2e5c39bcceULL, 0xa060fd9d275d3d87ULL, | ||
189 | 0x0000000000000000ULL, 0x6f25b19435defb5aULL, 0x01f403f7f302f6f2ULL, | ||
190 | 0x0ef112e3db1cedd5ULL, 0xa194fe6ad45fcb75ULL, 0x1d0b272c583a3145ULL, | ||
191 | 0x34e75cbb6b688f5fULL, 0x9f75bcc98f235610ULL, 0x2cef749b2b58b707ULL, | ||
192 | 0x5c34e4d0bdb88ce1ULL, 0x5331f5c495a697c6ULL, 0x61d4a377eec2168fULL, | ||
193 | 0x6dd0b767ceda0aa3ULL, 0x9786a4224433b5d3ULL, 0x827e9be5d7196755ULL, | ||
194 | 0xeaad238e01c964ebULL, 0x1afd2ed3bb34c9a1ULL, 0x7b298da455f6df2eULL, | ||
195 | 0x5030f0c09da090cdULL, 0x4d3bd7ecc59aa188ULL, 0xbc9fd9468c65fa30ULL, | ||
196 | 0x15f83fc7932ad286ULL, 0x57c6f93f7eae6829ULL, 0x35135f4c986a79adULL, | ||
197 | 0x0a061e183014123aULL, 0x0f051114281e1b27ULL, 0x52c5f63366a46134ULL, | ||
198 | 0x33115544886677bbULL, 0x9977b6c19f2f5806ULL, 0x847c91edc7156943ULL, | ||
199 | 0x8e7a8ff5f7017b79ULL, 0x887885fde70d756fULL, 0x5a36eed8adb482f7ULL, | ||
200 | 0x241c6c70e04854c4ULL, 0x4b39dde4d596af9eULL, 0xeb592079f2cb9219ULL, | ||
201 | 0x28187860c05048e8ULL, 0xfa5613458ae9bf70ULL, 0xc8b345f6f18d3e39ULL, | ||
202 | 0xcdb04afae9873724ULL, 0x6c24b4903dd8fc51ULL, 0x6020a0801dc0e07dULL, | ||
203 | 0xcbb240f2f98b3932ULL, 0xab92e072e44bd94fULL, 0xf8a315b671ed4e89ULL, | ||
204 | 0x5dc0e7274eba7a13ULL, 0xcc44490d1a85c1d6ULL, 0xa662f79537513391ULL, | ||
205 | 0x30105040806070b0ULL, 0xc1b45eeac99f2b08ULL, 0x9184ae2a543fbbc5ULL, | ||
206 | 0xc54352112297d4e7ULL, 0xa893e576ec4dde44ULL, 0x5bc2ed2f5eb67405ULL, | ||
207 | 0xde4a7f356aa1ebb4ULL, 0xdabd73ce81a9145bULL, 0x8c8f89060c058a80ULL, | ||
208 | 0x772d99b475eec302ULL, 0xd9bc76ca89af1350ULL, 0xb99cd64a946ff32dULL, | ||
209 | 0xbe6adfb577610bc9ULL, 0xc0405d1d3a9dddfaULL, 0x4ccfd41b3698577aULL, | ||
210 | 0xfba210b279eb4982ULL, 0x9d80ba3a7427a7e9ULL, 0xd14f6e2142bff093ULL, | ||
211 | 0x211f637cf8425dd9ULL, 0x43cac50f1e864c5dULL, 0xe3aa389239db71daULL, | ||
212 | 0xc64257152a91d3ecULL | ||
213 | }; | ||
214 | |||
215 | static const u64 T2[256] = { | ||
216 | 0xd268bad36a01bbb9ULL, 0x4d1954fc66b1e59aULL, 0xbc932f7114cde265ULL, | ||
217 | 0xcdb9749c1b512587ULL, 0x510253f557a4f7a2ULL, 0x6bb8d368be03d0d6ULL, | ||
218 | 0x6fbdd26bb504d6deULL, 0x29644dd785feb352ULL, 0x5d0d50f04aadfdbaULL, | ||
219 | 0x8a26ace9e063cf09ULL, 0x0e838d8a9684091cULL, 0xc679bfdc4d1aa591ULL, | ||
220 | 0xddad7090374d3da7ULL, 0x550752f65ca3f1aaULL, 0x52c89ab317e17ba4ULL, | ||
221 | 0x2d614cd48ef9b55aULL, 0x8f65ea2320ac4603ULL, 0x73a6d5628411c4e6ULL, | ||
222 | 0x66f197a468c255ccULL, 0x63b2d16ea80ddcc6ULL, 0xccff3355d099aa85ULL, | ||
223 | 0x590851f341aafbb2ULL, 0x712a5bed0f9cc7e2ULL, 0xa204a6f7ae55f359ULL, | ||
224 | 0x5f81de7fc120febeULL, 0x3d7548d8a2e5ad7aULL, 0x9a32a8e5cc7fd729ULL, | ||
225 | 0x5ec799b60ae871bcULL, 0x4b90db70e63be096ULL, 0xc8fa3256db9eac8dULL, | ||
226 | 0xe651b7c4152295d1ULL, 0xd72bfc19aace32b3ULL, 0xab48e3387393704bULL, | ||
227 | 0x42dc9ebf3bfd6384ULL, 0x7eef91ae52d041fcULL, 0x56cd9bb01ce67dacULL, | ||
228 | 0xaf4de23b78947643ULL, 0xd66dbbd06106bdb1ULL, 0x195841c3f1da9b32ULL, | ||
229 | 0xa5cb6eb2e5177957ULL, 0xae0ba5f2b35cf941ULL, 0x0bc0cb40564b8016ULL, | ||
230 | 0xb1da6bbdc20c677fULL, 0x6efb95a27ecc59dcULL, 0xbe1fa1fe9f40e161ULL, | ||
231 | 0xeb18f308c3e310cbULL, 0xfe4fb1ce2f3081e1ULL, 0x080a0206160e0c10ULL, | ||
232 | 0x17dbcc49675e922eULL, 0x37f3c4513f66a26eULL, 0x74691d27cf534ee8ULL, | ||
233 | 0x5044143c9c6c78a0ULL, 0x2be8c3580e73b056ULL, 0x91f263a59a34573fULL, | ||
234 | 0x4f95da73ed3ce69eULL, 0x69345de7358ed3d2ULL, 0x613e5fe12380dfc2ULL, | ||
235 | 0x578bdc79d72ef2aeULL, 0xe9947d87486e13cfULL, 0x13decd4a6c599426ULL, | ||
236 | 0xe19e7f815e601fdfULL, 0x752f5aee049bc1eaULL, 0xadc16cb4f3197547ULL, | ||
237 | 0x6d315ce43e89d5daULL, 0xfb0cf704efff08ebULL, 0x98be266a47f2d42dULL, | ||
238 | 0xdb24ff1cb7c738abULL, 0x937eed2a11b9543bULL, 0x876fe82536a24a13ULL, | ||
239 | 0x4ed39dba26f4699cULL, 0xa1ce6fb1ee107f5fULL, 0x028c8e8f8b8d0304ULL, | ||
240 | 0x647d192be34f56c8ULL, 0xba1aa0fd9447e769ULL, 0xe717f00ddeea1ad3ULL, | ||
241 | 0x1e978986ba98113cULL, 0x3c330f11692d2278ULL, 0x1c1b070931151238ULL, | ||
242 | 0x8629afecfd6ac511ULL, 0xcb30fb109bdb208bULL, 0x2028081858383040ULL, | ||
243 | 0x5441153f976b7ea8ULL, 0x34390d177f232e68ULL, 0x1014040c2c1c1820ULL, | ||
244 | 0x040501030b070608ULL, 0x8de964acab214507ULL, 0x5b84df7cca27f8b6ULL, | ||
245 | 0xc5b3769a0d5f2997ULL, 0xf980798b64720befULL, 0x538edd7adc29f4a6ULL, | ||
246 | 0xf4c93d47b2b38ef5ULL, 0x584e163a8a6274b0ULL, 0xfcc33f41a4bd82e5ULL, | ||
247 | 0xdceb3759fc85b2a5ULL, 0xa9c46db7f81e734fULL, 0xe0d8384895a890ddULL, | ||
248 | 0xde67b9d67708b1a1ULL, 0xd1a273952a4437bfULL, 0x836ae9263da54c1bULL, | ||
249 | 0xd4e1355fea8bbeb5ULL, 0x491c55ff6db6e392ULL, 0xd9a871933c4a3bafULL, | ||
250 | 0xf18a7b8d727c07ffULL, 0x0a868c899d830f14ULL, 0xd5a77296214331b7ULL, | ||
251 | 0x1a928885b19f1734ULL, 0xff09f607e4f80ee3ULL, 0xa8822a7e33d6fc4dULL, | ||
252 | 0xf8c63e42afba84edULL, 0x653b5ee22887d9caULL, 0x9cbb27694cf5d225ULL, | ||
253 | 0x054346cac0cf890aULL, 0x303c0c1474242860ULL, 0x89ec65afa026430fULL, | ||
254 | 0xbdd568b8df056d67ULL, 0x99f861a38c3a5b2fULL, 0x0c0f03051d090a18ULL, | ||
255 | 0x23e2c15e187dbc46ULL, 0x411657f97bb8ef82ULL, 0x7fa9d6679918cefeULL, | ||
256 | 0x439ad976f035ec86ULL, 0x7d2558e81295cdfaULL, 0x479fd875fb32ea8eULL, | ||
257 | 0x85e366aabd2f4917ULL, 0x7bacd764921fc8f6ULL, 0xe8d23a4e83a69ccdULL, | ||
258 | 0x07cfc8454b428a0eULL, 0xf0cc3c44b9b488fdULL, 0xcf35fa1390dc2683ULL, | ||
259 | 0x62f496a763c553c4ULL, 0xa601a7f4a552f551ULL, 0x5ac298b501ef77b4ULL, | ||
260 | 0x977bec291abe5233ULL, 0xda62b8d57c0fb7a9ULL, 0x3bfcc754226fa876ULL, | ||
261 | 0x822caeeff66dc319ULL, 0xb9d069bbd4026b6fULL, 0x317a4bddbfeca762ULL, | ||
262 | 0x963dabe0d176dd31ULL, 0x9e37a9e6c778d121ULL, 0x81e667a9b6284f1fULL, | ||
263 | 0x28220a1e4e363c50ULL, 0x014647c9cbc88f02ULL, 0xef1df20bc8e416c3ULL, | ||
264 | 0xee5bb5c2032c99c1ULL, 0x88aa22666beecc0dULL, 0xb356e5324981647bULL, | ||
265 | 0x9f71ee2f0cb05e23ULL, 0xc27cbedf461da399ULL, 0xac872b7d38d1fa45ULL, | ||
266 | 0x3ebf819ee2a0217cULL, 0x485a1236a67e6c90ULL, 0x36b58398f4ae2d6cULL, | ||
267 | 0x6c771b2df5415ad8ULL, 0x38360e12622a2470ULL, 0x8caf236560e9ca05ULL, | ||
268 | 0xf306f502f9f104fbULL, 0x094c45cfddc68312ULL, 0x84a5216376e7c615ULL, | ||
269 | 0x1fd1ce4f71509e3eULL, 0x397049dba9e2ab72ULL, 0xb09c2c7409c4e87dULL, | ||
270 | 0xc33af9168dd52c9bULL, 0xbf59e63754886e63ULL, 0xe254b6c71e2593d9ULL, | ||
271 | 0xa088287825d8f05dULL, 0x5c4b1739816572b8ULL, 0x32b0829bffa92b64ULL, | ||
272 | 0x68721a2efe465cd0ULL, 0x169d8b80ac961d2cULL, 0xdf21fe1fbcc03ea3ULL, | ||
273 | 0x12988a83a7911b24ULL, 0x242d091b533f3648ULL, 0x03cac94640458c06ULL, | ||
274 | 0x26a18794d8b2354cULL, 0x256b4ed298f7b94aULL, 0xa342e13e659d7c5bULL, | ||
275 | 0xb8962e721fcae46dULL, 0xb753e43142866273ULL, 0xa747e03d6e9a7a53ULL, | ||
276 | 0x8b60eb202bab400bULL, 0x7aea90ad59d747f4ULL, 0xaa0ea4f1b85bff49ULL, | ||
277 | 0x78661e22d25a44f0ULL, 0x2eab8592cebc395cULL, 0x9dfd60a0873d5d27ULL, | ||
278 | 0x0000000000000000ULL, 0x94b1256f5afbde35ULL, 0xf703f401f2f602f3ULL, | ||
279 | 0xe312f10ed5ed1cdbULL, 0x6afe94a175cb5fd4ULL, 0x2c270b1d45313a58ULL, | ||
280 | 0xbb5ce7345f8f686bULL, 0xc9bc759f1056238fULL, 0x9b74ef2c07b7582bULL, | ||
281 | 0xd0e4345ce18cb8bdULL, 0xc4f53153c697a695ULL, 0x77a3d4618f16c2eeULL, | ||
282 | 0x67b7d06da30adaceULL, 0x22a48697d3b53344ULL, 0xe59b7e82556719d7ULL, | ||
283 | 0x8e23adeaeb64c901ULL, 0xd32efd1aa1c934bbULL, 0xa48d297b2edff655ULL, | ||
284 | 0xc0f03050cd90a09dULL, 0xecd73b4d88a19ac5ULL, 0x46d99fbc30fa658cULL, | ||
285 | 0xc73ff81586d22a93ULL, 0x3ff9c6572968ae7eULL, 0x4c5f1335ad796a98ULL, | ||
286 | 0x181e060a3a121430ULL, 0x1411050f271b1e28ULL, 0x33f6c5523461a466ULL, | ||
287 | 0x44551133bb776688ULL, 0xc1b6779906582f9fULL, 0xed917c84436915c7ULL, | ||
288 | 0xf58f7a8e797b01f7ULL, 0xfd8578886f750de7ULL, 0xd8ee365af782b4adULL, | ||
289 | 0x706c1c24c45448e0ULL, 0xe4dd394b9eaf96d5ULL, 0x792059eb1992cbf2ULL, | ||
290 | 0x60781828e84850c0ULL, 0x451356fa70bfe98aULL, 0xf645b3c8393e8df1ULL, | ||
291 | 0xfa4ab0cd243787e9ULL, 0x90b4246c51fcd83dULL, 0x80a020607de0c01dULL, | ||
292 | 0xf240b2cb32398bf9ULL, 0x72e092ab4fd94be4ULL, 0xb615a3f8894eed71ULL, | ||
293 | 0x27e7c05d137aba4eULL, 0x0d4944ccd6c1851aULL, 0x95f762a691335137ULL, | ||
294 | 0x40501030b0706080ULL, 0xea5eb4c1082b9fc9ULL, 0x2aae8491c5bb3f54ULL, | ||
295 | 0x115243c5e7d49722ULL, 0x76e593a844de4decULL, 0x2fedc25b0574b65eULL, | ||
296 | 0x357f4adeb4eba16aULL, 0xce73bdda5b14a981ULL, 0x06898f8c808a050cULL, | ||
297 | 0xb4992d7702c3ee75ULL, 0xca76bcd95013af89ULL, 0x4ad69cb92df36f94ULL, | ||
298 | 0xb5df6abec90b6177ULL, 0x1d5d40c0fadd9d3aULL, 0x1bd4cf4c7a579836ULL, | ||
299 | 0xb210a2fb8249eb79ULL, 0x3aba809de9a72774ULL, 0x216e4fd193f0bf42ULL, | ||
300 | 0x7c631f21d95d42f8ULL, 0x0fc5ca435d4c861eULL, 0x9238aae3da71db39ULL, | ||
301 | 0x155742c6ecd3912aULL | ||
302 | }; | ||
303 | |||
304 | static const u64 T3[256] = { | ||
305 | 0x68d2d3ba016ab9bbULL, 0x194dfc54b1669ae5ULL, 0x93bc712fcd1465e2ULL, | ||
306 | 0xb9cd9c74511b8725ULL, 0x0251f553a457a2f7ULL, 0xb86b68d303bed6d0ULL, | ||
307 | 0xbd6f6bd204b5ded6ULL, 0x6429d74dfe8552b3ULL, 0x0d5df050ad4abafdULL, | ||
308 | 0x268ae9ac63e009cfULL, 0x830e8a8d84961c09ULL, 0x79c6dcbf1a4d91a5ULL, | ||
309 | 0xaddd90704d37a73dULL, 0x0755f652a35caaf1ULL, 0xc852b39ae117a47bULL, | ||
310 | 0x612dd44cf98e5ab5ULL, 0x658f23eaac200346ULL, 0xa67362d51184e6c4ULL, | ||
311 | 0xf166a497c268cc55ULL, 0xb2636ed10da8c6dcULL, 0xffcc553399d085aaULL, | ||
312 | 0x0859f351aa41b2fbULL, 0x2a71ed5b9c0fe2c7ULL, 0x04a2f7a655ae59f3ULL, | ||
313 | 0x815f7fde20c1befeULL, 0x753dd848e5a27aadULL, 0x329ae5a87fcc29d7ULL, | ||
314 | 0xc75eb699e80abc71ULL, 0x904b70db3be696e0ULL, 0xfac856329edb8dacULL, | ||
315 | 0x51e6c4b72215d195ULL, 0x2bd719fcceaab332ULL, 0x48ab38e393734b70ULL, | ||
316 | 0xdc42bf9efd3b8463ULL, 0xef7eae91d052fc41ULL, 0xcd56b09be61cac7dULL, | ||
317 | 0x4daf3be294784376ULL, 0x6dd6d0bb0661b1bdULL, 0x5819c341daf1329bULL, | ||
318 | 0xcba5b26e17e55779ULL, 0x0baef2a55cb341f9ULL, 0xc00b40cb4b561680ULL, | ||
319 | 0xdab1bd6b0cc27f67ULL, 0xfb6ea295cc7edc59ULL, 0x1fbefea1409f61e1ULL, | ||
320 | 0x18eb08f3e3c3cb10ULL, 0x4ffeceb1302fe181ULL, 0x0a0806020e16100cULL, | ||
321 | 0xdb1749cc5e672e92ULL, 0xf33751c4663f6ea2ULL, 0x6974271d53cfe84eULL, | ||
322 | 0x44503c146c9ca078ULL, 0xe82b58c3730e56b0ULL, 0xf291a563349a3f57ULL, | ||
323 | 0x954f73da3ced9ee6ULL, 0x3469e75d8e35d2d3ULL, 0x3e61e15f8023c2dfULL, | ||
324 | 0x8b5779dc2ed7aef2ULL, 0x94e9877d6e48cf13ULL, 0xde134acd596c2694ULL, | ||
325 | 0x9ee1817f605edf1fULL, 0x2f75ee5a9b04eac1ULL, 0xc1adb46c19f34775ULL, | ||
326 | 0x316de45c893edad5ULL, 0x0cfb04f7ffefeb08ULL, 0xbe986a26f2472dd4ULL, | ||
327 | 0x24db1cffc7b7ab38ULL, 0x7e932aedb9113b54ULL, 0x6f8725e8a236134aULL, | ||
328 | 0xd34eba9df4269c69ULL, 0xcea1b16f10ee5f7fULL, 0x8c028f8e8d8b0403ULL, | ||
329 | 0x7d642b194fe3c856ULL, 0x1abafda0479469e7ULL, 0x17e70df0eaded31aULL, | ||
330 | 0x971e868998ba3c11ULL, 0x333c110f2d697822ULL, 0x1b1c090715313812ULL, | ||
331 | 0x2986ecaf6afd11c5ULL, 0x30cb10fbdb9b8b20ULL, 0x2820180838584030ULL, | ||
332 | 0x41543f156b97a87eULL, 0x3934170d237f682eULL, 0x14100c041c2c2018ULL, | ||
333 | 0x05040301070b0806ULL, 0xe98dac6421ab0745ULL, 0x845b7cdf27cab6f8ULL, | ||
334 | 0xb3c59a765f0d9729ULL, 0x80f98b797264ef0bULL, 0x8e537add29dca6f4ULL, | ||
335 | 0xc9f4473db3b2f58eULL, 0x4e583a16628ab074ULL, 0xc3fc413fbda4e582ULL, | ||
336 | 0xebdc593785fca5b2ULL, 0xc4a9b76d1ef84f73ULL, 0xd8e04838a895dd90ULL, | ||
337 | 0x67ded6b90877a1b1ULL, 0xa2d19573442abf37ULL, 0x6a8326e9a53d1b4cULL, | ||
338 | 0xe1d45f358beab5beULL, 0x1c49ff55b66d92e3ULL, 0xa8d993714a3caf3bULL, | ||
339 | 0x8af18d7b7c72ff07ULL, 0x860a898c839d140fULL, 0xa7d596724321b731ULL, | ||
340 | 0x921a85889fb13417ULL, 0x09ff07f6f8e4e30eULL, 0x82a87e2ad6334dfcULL, | ||
341 | 0xc6f8423ebaafed84ULL, 0x3b65e25e8728cad9ULL, 0xbb9c6927f54c25d2ULL, | ||
342 | 0x4305ca46cfc00a89ULL, 0x3c30140c24746028ULL, 0xec89af6526a00f43ULL, | ||
343 | 0xd5bdb86805df676dULL, 0xf899a3613a8c2f5bULL, 0x0f0c0503091d180aULL, | ||
344 | 0xe2235ec17d1846bcULL, 0x1641f957b87b82efULL, 0xa97f67d61899feceULL, | ||
345 | 0x9a4376d935f086ecULL, 0x257de8589512facdULL, 0x9f4775d832fb8eeaULL, | ||
346 | 0xe385aa662fbd1749ULL, 0xac7b64d71f92f6c8ULL, 0xd2e84e3aa683cd9cULL, | ||
347 | 0xcf0745c8424b0e8aULL, 0xccf0443cb4b9fd88ULL, 0x35cf13fadc908326ULL, | ||
348 | 0xf462a796c563c453ULL, 0x01a6f4a752a551f5ULL, 0xc25ab598ef01b477ULL, | ||
349 | 0x7b9729ecbe1a3352ULL, 0x62dad5b80f7ca9b7ULL, 0xfc3b54c76f2276a8ULL, | ||
350 | 0x2c82efae6df619c3ULL, 0xd0b9bb6902d46f6bULL, 0x7a31dd4becbf62a7ULL, | ||
351 | 0x3d96e0ab76d131ddULL, 0x379ee6a978c721d1ULL, 0xe681a96728b61f4fULL, | ||
352 | 0x22281e0a364e503cULL, 0x4601c947c8cb028fULL, 0x1def0bf2e4c8c316ULL, | ||
353 | 0x5beec2b52c03c199ULL, 0xaa886622ee6b0dccULL, 0x56b332e581497b64ULL, | ||
354 | 0x719f2feeb00c235eULL, 0x7cc2dfbe1d4699a3ULL, 0x87ac7d2bd13845faULL, | ||
355 | 0xbf3e9e81a0e27c21ULL, 0x5a4836127ea6906cULL, 0xb5369883aef46c2dULL, | ||
356 | 0x776c2d1b41f5d85aULL, 0x3638120e2a627024ULL, 0xaf8c6523e96005caULL, | ||
357 | 0x06f302f5f1f9fb04ULL, 0x4c09cf45c6dd1283ULL, 0xa5846321e77615c6ULL, | ||
358 | 0xd11f4fce50713e9eULL, 0x7039db49e2a972abULL, 0x9cb0742cc4097de8ULL, | ||
359 | 0x3ac316f9d58d9b2cULL, 0x59bf37e68854636eULL, 0x54e2c7b6251ed993ULL, | ||
360 | 0x88a07828d8255df0ULL, 0x4b5c39176581b872ULL, 0xb0329b82a9ff642bULL, | ||
361 | 0x72682e1a46fed05cULL, 0x9d16808b96ac2c1dULL, 0x21df1ffec0bca33eULL, | ||
362 | 0x9812838a91a7241bULL, 0x2d241b093f534836ULL, 0xca0346c94540068cULL, | ||
363 | 0xa1269487b2d84c35ULL, 0x6b25d24ef7984ab9ULL, 0x42a33ee19d655b7cULL, | ||
364 | 0x96b8722eca1f6de4ULL, 0x53b731e486427362ULL, 0x47a73de09a6e537aULL, | ||
365 | 0x608b20ebab2b0b40ULL, 0xea7aad90d759f447ULL, 0x0eaaf1a45bb849ffULL, | ||
366 | 0x6678221e5ad2f044ULL, 0xab2e9285bcce5c39ULL, 0xfd9da0603d87275dULL, | ||
367 | 0x0000000000000000ULL, 0xb1946f25fb5a35deULL, 0x03f701f4f6f2f302ULL, | ||
368 | 0x12e30ef1edd5db1cULL, 0xfe6aa194cb75d45fULL, 0x272c1d0b3145583aULL, | ||
369 | 0x5cbb34e78f5f6b68ULL, 0xbcc99f7556108f23ULL, 0x749b2cefb7072b58ULL, | ||
370 | 0xe4d05c348ce1bdb8ULL, 0xf5c4533197c695a6ULL, 0xa37761d4168feec2ULL, | ||
371 | 0xb7676dd00aa3cedaULL, 0xa4229786b5d34433ULL, 0x9be5827e6755d719ULL, | ||
372 | 0x238eeaad64eb01c9ULL, 0x2ed31afdc9a1bb34ULL, 0x8da47b29df2e55f6ULL, | ||
373 | 0xf0c0503090cd9da0ULL, 0xd7ec4d3ba188c59aULL, 0xd946bc9ffa308c65ULL, | ||
374 | 0x3fc715f8d286932aULL, 0xf93f57c668297eaeULL, 0x5f4c351379ad986aULL, | ||
375 | 0x1e180a06123a3014ULL, 0x11140f051b27281eULL, 0xf63352c5613466a4ULL, | ||
376 | 0x5544331177bb8866ULL, 0xb6c1997758069f2fULL, 0x91ed847c6943c715ULL, | ||
377 | 0x8ff58e7a7b79f701ULL, 0x85fd8878756fe70dULL, 0xeed85a3682f7adb4ULL, | ||
378 | 0x6c70241c54c4e048ULL, 0xdde44b39af9ed596ULL, 0x2079eb599219f2cbULL, | ||
379 | 0x7860281848e8c050ULL, 0x1345fa56bf708ae9ULL, 0x45f6c8b33e39f18dULL, | ||
380 | 0x4afacdb03724e987ULL, 0xb4906c24fc513dd8ULL, 0xa0806020e07d1dc0ULL, | ||
381 | 0x40f2cbb23932f98bULL, 0xe072ab92d94fe44bULL, 0x15b6f8a34e8971edULL, | ||
382 | 0xe7275dc07a134ebaULL, 0x490dcc44c1d61a85ULL, 0xf795a66233913751ULL, | ||
383 | 0x5040301070b08060ULL, 0x5eeac1b42b08c99fULL, 0xae2a9184bbc5543fULL, | ||
384 | 0x5211c543d4e72297ULL, 0xe576a893de44ec4dULL, 0xed2f5bc274055eb6ULL, | ||
385 | 0x7f35de4aebb46aa1ULL, 0x73cedabd145b81a9ULL, 0x89068c8f8a800c05ULL, | ||
386 | 0x99b4772dc30275eeULL, 0x76cad9bc135089afULL, 0xd64ab99cf32d946fULL, | ||
387 | 0xdfb5be6a0bc97761ULL, 0x5d1dc040ddfa3a9dULL, 0xd41b4ccf577a3698ULL, | ||
388 | 0x10b2fba2498279ebULL, 0xba3a9d80a7e97427ULL, 0x6e21d14ff09342bfULL, | ||
389 | 0x637c211f5dd9f842ULL, 0xc50f43ca4c5d1e86ULL, 0x3892e3aa71da39dbULL, | ||
390 | 0x5715c642d3ec2a91ULL | ||
391 | }; | ||
392 | |||
393 | static const u64 T4[256] = { | ||
394 | 0xbbb96a01bad3d268ULL, 0xe59a66b154fc4d19ULL, 0xe26514cd2f71bc93ULL, | ||
395 | 0x25871b51749ccdb9ULL, 0xf7a257a453f55102ULL, 0xd0d6be03d3686bb8ULL, | ||
396 | 0xd6deb504d26b6fbdULL, 0xb35285fe4dd72964ULL, 0xfdba4aad50f05d0dULL, | ||
397 | 0xcf09e063ace98a26ULL, 0x091c96848d8a0e83ULL, 0xa5914d1abfdcc679ULL, | ||
398 | 0x3da7374d7090ddadULL, 0xf1aa5ca352f65507ULL, 0x7ba417e19ab352c8ULL, | ||
399 | 0xb55a8ef94cd42d61ULL, 0x460320acea238f65ULL, 0xc4e68411d56273a6ULL, | ||
400 | 0x55cc68c297a466f1ULL, 0xdcc6a80dd16e63b2ULL, 0xaa85d0993355ccffULL, | ||
401 | 0xfbb241aa51f35908ULL, 0xc7e20f9c5bed712aULL, 0xf359ae55a6f7a204ULL, | ||
402 | 0xfebec120de7f5f81ULL, 0xad7aa2e548d83d75ULL, 0xd729cc7fa8e59a32ULL, | ||
403 | 0x71bc0ae899b65ec7ULL, 0xe096e63bdb704b90ULL, 0xac8ddb9e3256c8faULL, | ||
404 | 0x95d11522b7c4e651ULL, 0x32b3aacefc19d72bULL, 0x704b7393e338ab48ULL, | ||
405 | 0x63843bfd9ebf42dcULL, 0x41fc52d091ae7eefULL, 0x7dac1ce69bb056cdULL, | ||
406 | 0x76437894e23baf4dULL, 0xbdb16106bbd0d66dULL, 0x9b32f1da41c31958ULL, | ||
407 | 0x7957e5176eb2a5cbULL, 0xf941b35ca5f2ae0bULL, 0x8016564bcb400bc0ULL, | ||
408 | 0x677fc20c6bbdb1daULL, 0x59dc7ecc95a26efbULL, 0xe1619f40a1febe1fULL, | ||
409 | 0x10cbc3e3f308eb18ULL, 0x81e12f30b1cefe4fULL, 0x0c10160e0206080aULL, | ||
410 | 0x922e675ecc4917dbULL, 0xa26e3f66c45137f3ULL, 0x4ee8cf531d277469ULL, | ||
411 | 0x78a09c6c143c5044ULL, 0xb0560e73c3582be8ULL, 0x573f9a3463a591f2ULL, | ||
412 | 0xe69eed3cda734f95ULL, 0xd3d2358e5de76934ULL, 0xdfc223805fe1613eULL, | ||
413 | 0xf2aed72edc79578bULL, 0x13cf486e7d87e994ULL, 0x94266c59cd4a13deULL, | ||
414 | 0x1fdf5e607f81e19eULL, 0xc1ea049b5aee752fULL, 0x7547f3196cb4adc1ULL, | ||
415 | 0xd5da3e895ce46d31ULL, 0x08ebeffff704fb0cULL, 0xd42d47f2266a98beULL, | ||
416 | 0x38abb7c7ff1cdb24ULL, 0x543b11b9ed2a937eULL, 0x4a1336a2e825876fULL, | ||
417 | 0x699c26f49dba4ed3ULL, 0x7f5fee106fb1a1ceULL, 0x03048b8d8e8f028cULL, | ||
418 | 0x56c8e34f192b647dULL, 0xe7699447a0fdba1aULL, 0x1ad3deeaf00de717ULL, | ||
419 | 0x113cba9889861e97ULL, 0x2278692d0f113c33ULL, 0x1238311507091c1bULL, | ||
420 | 0xc511fd6aafec8629ULL, 0x208b9bdbfb10cb30ULL, 0x3040583808182028ULL, | ||
421 | 0x7ea8976b153f5441ULL, 0x2e687f230d173439ULL, 0x18202c1c040c1014ULL, | ||
422 | 0x06080b0701030405ULL, 0x4507ab2164ac8de9ULL, 0xf8b6ca27df7c5b84ULL, | ||
423 | 0x29970d5f769ac5b3ULL, 0x0bef6472798bf980ULL, 0xf4a6dc29dd7a538eULL, | ||
424 | 0x8ef5b2b33d47f4c9ULL, 0x74b08a62163a584eULL, 0x82e5a4bd3f41fcc3ULL, | ||
425 | 0xb2a5fc853759dcebULL, 0x734ff81e6db7a9c4ULL, 0x90dd95a83848e0d8ULL, | ||
426 | 0xb1a17708b9d6de67ULL, 0x37bf2a447395d1a2ULL, 0x4c1b3da5e926836aULL, | ||
427 | 0xbeb5ea8b355fd4e1ULL, 0xe3926db655ff491cULL, 0x3baf3c4a7193d9a8ULL, | ||
428 | 0x07ff727c7b8df18aULL, 0x0f149d838c890a86ULL, 0x31b721437296d5a7ULL, | ||
429 | 0x1734b19f88851a92ULL, 0x0ee3e4f8f607ff09ULL, 0xfc4d33d62a7ea882ULL, | ||
430 | 0x84edafba3e42f8c6ULL, 0xd9ca28875ee2653bULL, 0xd2254cf527699cbbULL, | ||
431 | 0x890ac0cf46ca0543ULL, 0x286074240c14303cULL, 0x430fa02665af89ecULL, | ||
432 | 0x6d67df0568b8bdd5ULL, 0x5b2f8c3a61a399f8ULL, 0x0a181d0903050c0fULL, | ||
433 | 0xbc46187dc15e23e2ULL, 0xef827bb857f94116ULL, 0xcefe9918d6677fa9ULL, | ||
434 | 0xec86f035d976439aULL, 0xcdfa129558e87d25ULL, 0xea8efb32d875479fULL, | ||
435 | 0x4917bd2f66aa85e3ULL, 0xc8f6921fd7647bacULL, 0x9ccd83a63a4ee8d2ULL, | ||
436 | 0x8a0e4b42c84507cfULL, 0x88fdb9b43c44f0ccULL, 0x268390dcfa13cf35ULL, | ||
437 | 0x53c463c596a762f4ULL, 0xf551a552a7f4a601ULL, 0x77b401ef98b55ac2ULL, | ||
438 | 0x52331abeec29977bULL, 0xb7a97c0fb8d5da62ULL, 0xa876226fc7543bfcULL, | ||
439 | 0xc319f66daeef822cULL, 0x6b6fd40269bbb9d0ULL, 0xa762bfec4bdd317aULL, | ||
440 | 0xdd31d176abe0963dULL, 0xd121c778a9e69e37ULL, 0x4f1fb62867a981e6ULL, | ||
441 | 0x3c504e360a1e2822ULL, 0x8f02cbc847c90146ULL, 0x16c3c8e4f20bef1dULL, | ||
442 | 0x99c1032cb5c2ee5bULL, 0xcc0d6bee226688aaULL, 0x647b4981e532b356ULL, | ||
443 | 0x5e230cb0ee2f9f71ULL, 0xa399461dbedfc27cULL, 0xfa4538d12b7dac87ULL, | ||
444 | 0x217ce2a0819e3ebfULL, 0x6c90a67e1236485aULL, 0x2d6cf4ae839836b5ULL, | ||
445 | 0x5ad8f5411b2d6c77ULL, 0x2470622a0e123836ULL, 0xca0560e923658cafULL, | ||
446 | 0x04fbf9f1f502f306ULL, 0x8312ddc645cf094cULL, 0xc61576e7216384a5ULL, | ||
447 | 0x9e3e7150ce4f1fd1ULL, 0xab72a9e249db3970ULL, 0xe87d09c42c74b09cULL, | ||
448 | 0x2c9b8dd5f916c33aULL, 0x6e635488e637bf59ULL, 0x93d91e25b6c7e254ULL, | ||
449 | 0xf05d25d82878a088ULL, 0x72b8816517395c4bULL, 0x2b64ffa9829b32b0ULL, | ||
450 | 0x5cd0fe461a2e6872ULL, 0x1d2cac968b80169dULL, 0x3ea3bcc0fe1fdf21ULL, | ||
451 | 0x1b24a7918a831298ULL, 0x3648533f091b242dULL, 0x8c064045c94603caULL, | ||
452 | 0x354cd8b2879426a1ULL, 0xb94a98f74ed2256bULL, 0x7c5b659de13ea342ULL, | ||
453 | 0xe46d1fca2e72b896ULL, 0x62734286e431b753ULL, 0x7a536e9ae03da747ULL, | ||
454 | 0x400b2babeb208b60ULL, 0x47f459d790ad7aeaULL, 0xff49b85ba4f1aa0eULL, | ||
455 | 0x44f0d25a1e227866ULL, 0x395ccebc85922eabULL, 0x5d27873d60a09dfdULL, | ||
456 | 0x0000000000000000ULL, 0xde355afb256f94b1ULL, 0x02f3f2f6f401f703ULL, | ||
457 | 0x1cdbd5edf10ee312ULL, 0x5fd475cb94a16afeULL, 0x3a5845310b1d2c27ULL, | ||
458 | 0x686b5f8fe734bb5cULL, 0x238f1056759fc9bcULL, 0x582b07b7ef2c9b74ULL, | ||
459 | 0xb8bde18c345cd0e4ULL, 0xa695c6973153c4f5ULL, 0xc2ee8f16d46177a3ULL, | ||
460 | 0xdacea30ad06d67b7ULL, 0x3344d3b5869722a4ULL, 0x19d755677e82e59bULL, | ||
461 | 0xc901eb64adea8e23ULL, 0x34bba1c9fd1ad32eULL, 0xf6552edf297ba48dULL, | ||
462 | 0xa09dcd903050c0f0ULL, 0x9ac588a13b4decd7ULL, 0x658c30fa9fbc46d9ULL, | ||
463 | 0x2a9386d2f815c73fULL, 0xae7e2968c6573ff9ULL, 0x6a98ad7913354c5fULL, | ||
464 | 0x14303a12060a181eULL, 0x1e28271b050f1411ULL, 0xa4663461c55233f6ULL, | ||
465 | 0x6688bb7711334455ULL, 0x2f9f06587799c1b6ULL, 0x15c743697c84ed91ULL, | ||
466 | 0x01f7797b7a8ef58fULL, 0x0de76f757888fd85ULL, 0xb4adf782365ad8eeULL, | ||
467 | 0x48e0c4541c24706cULL, 0x96d59eaf394be4ddULL, 0xcbf2199259eb7920ULL, | ||
468 | 0x50c0e84818286078ULL, 0xe98a70bf56fa4513ULL, 0x8df1393eb3c8f645ULL, | ||
469 | 0x87e92437b0cdfa4aULL, 0xd83d51fc246c90b4ULL, 0xc01d7de0206080a0ULL, | ||
470 | 0x8bf93239b2cbf240ULL, 0x4be44fd992ab72e0ULL, 0xed71894ea3f8b615ULL, | ||
471 | 0xba4e137ac05d27e7ULL, 0x851ad6c144cc0d49ULL, 0x5137913362a695f7ULL, | ||
472 | 0x6080b07010304050ULL, 0x9fc9082bb4c1ea5eULL, 0x3f54c5bb84912aaeULL, | ||
473 | 0x9722e7d443c51152ULL, 0x4dec44de93a876e5ULL, 0xb65e0574c25b2fedULL, | ||
474 | 0xa16ab4eb4ade357fULL, 0xa9815b14bddace73ULL, 0x050c808a8f8c0689ULL, | ||
475 | 0xee7502c32d77b499ULL, 0xaf895013bcd9ca76ULL, 0x6f942df39cb94ad6ULL, | ||
476 | 0x6177c90b6abeb5dfULL, 0x9d3afadd40c01d5dULL, 0x98367a57cf4c1bd4ULL, | ||
477 | 0xeb798249a2fbb210ULL, 0x2774e9a7809d3abaULL, 0xbf4293f04fd1216eULL, | ||
478 | 0x42f8d95d1f217c63ULL, 0x861e5d4cca430fc5ULL, 0xdb39da71aae39238ULL, | ||
479 | 0x912aecd342c61557ULL | ||
480 | }; | ||
481 | |||
482 | static const u64 T5[256] = { | ||
483 | 0xb9bb016ad3ba68d2ULL, 0x9ae5b166fc54194dULL, 0x65e2cd14712f93bcULL, | ||
484 | 0x8725511b9c74b9cdULL, 0xa2f7a457f5530251ULL, 0xd6d003be68d3b86bULL, | ||
485 | 0xded604b56bd2bd6fULL, 0x52b3fe85d74d6429ULL, 0xbafdad4af0500d5dULL, | ||
486 | 0x09cf63e0e9ac268aULL, 0x1c0984968a8d830eULL, 0x91a51a4ddcbf79c6ULL, | ||
487 | 0xa73d4d379070adddULL, 0xaaf1a35cf6520755ULL, 0xa47be117b39ac852ULL, | ||
488 | 0x5ab5f98ed44c612dULL, 0x0346ac2023ea658fULL, 0xe6c4118462d5a673ULL, | ||
489 | 0xcc55c268a497f166ULL, 0xc6dc0da86ed1b263ULL, 0x85aa99d05533ffccULL, | ||
490 | 0xb2fbaa41f3510859ULL, 0xe2c79c0fed5b2a71ULL, 0x59f355aef7a604a2ULL, | ||
491 | 0xbefe20c17fde815fULL, 0x7aade5a2d848753dULL, 0x29d77fcce5a8329aULL, | ||
492 | 0xbc71e80ab699c75eULL, 0x96e03be670db904bULL, 0x8dac9edb5632fac8ULL, | ||
493 | 0xd1952215c4b751e6ULL, 0xb332ceaa19fc2bd7ULL, 0x4b70937338e348abULL, | ||
494 | 0x8463fd3bbf9edc42ULL, 0xfc41d052ae91ef7eULL, 0xac7de61cb09bcd56ULL, | ||
495 | 0x437694783be24dafULL, 0xb1bd0661d0bb6dd6ULL, 0x329bdaf1c3415819ULL, | ||
496 | 0x577917e5b26ecba5ULL, 0x41f95cb3f2a50baeULL, 0x16804b5640cbc00bULL, | ||
497 | 0x7f670cc2bd6bdab1ULL, 0xdc59cc7ea295fb6eULL, 0x61e1409ffea11fbeULL, | ||
498 | 0xcb10e3c308f318ebULL, 0xe181302fceb14ffeULL, 0x100c0e1606020a08ULL, | ||
499 | 0x2e925e6749ccdb17ULL, 0x6ea2663f51c4f337ULL, 0xe84e53cf271d6974ULL, | ||
500 | 0xa0786c9c3c144450ULL, 0x56b0730e58c3e82bULL, 0x3f57349aa563f291ULL, | ||
501 | 0x9ee63ced73da954fULL, 0xd2d38e35e75d3469ULL, 0xc2df8023e15f3e61ULL, | ||
502 | 0xaef22ed779dc8b57ULL, 0xcf136e48877d94e9ULL, 0x2694596c4acdde13ULL, | ||
503 | 0xdf1f605e817f9ee1ULL, 0xeac19b04ee5a2f75ULL, 0x477519f3b46cc1adULL, | ||
504 | 0xdad5893ee45c316dULL, 0xeb08ffef04f70cfbULL, 0x2dd4f2476a26be98ULL, | ||
505 | 0xab38c7b71cff24dbULL, 0x3b54b9112aed7e93ULL, 0x134aa23625e86f87ULL, | ||
506 | 0x9c69f426ba9dd34eULL, 0x5f7f10eeb16fcea1ULL, 0x04038d8b8f8e8c02ULL, | ||
507 | 0xc8564fe32b197d64ULL, 0x69e74794fda01abaULL, 0xd31aeade0df017e7ULL, | ||
508 | 0x3c1198ba8689971eULL, 0x78222d69110f333cULL, 0x3812153109071b1cULL, | ||
509 | 0x11c56afdecaf2986ULL, 0x8b20db9b10fb30cbULL, 0x4030385818082820ULL, | ||
510 | 0xa87e6b973f154154ULL, 0x682e237f170d3934ULL, 0x20181c2c0c041410ULL, | ||
511 | 0x0806070b03010504ULL, 0x074521abac64e98dULL, 0xb6f827ca7cdf845bULL, | ||
512 | 0x97295f0d9a76b3c5ULL, 0xef0b72648b7980f9ULL, 0xa6f429dc7add8e53ULL, | ||
513 | 0xf58eb3b2473dc9f4ULL, 0xb074628a3a164e58ULL, 0xe582bda4413fc3fcULL, | ||
514 | 0xa5b285fc5937ebdcULL, 0x4f731ef8b76dc4a9ULL, 0xdd90a8954838d8e0ULL, | ||
515 | 0xa1b10877d6b967deULL, 0xbf37442a9573a2d1ULL, 0x1b4ca53d26e96a83ULL, | ||
516 | 0xb5be8bea5f35e1d4ULL, 0x92e3b66dff551c49ULL, 0xaf3b4a3c9371a8d9ULL, | ||
517 | 0xff077c728d7b8af1ULL, 0x140f839d898c860aULL, 0xb73143219672a7d5ULL, | ||
518 | 0x34179fb18588921aULL, 0xe30ef8e407f609ffULL, 0x4dfcd6337e2a82a8ULL, | ||
519 | 0xed84baaf423ec6f8ULL, 0xcad98728e25e3b65ULL, 0x25d2f54c6927bb9cULL, | ||
520 | 0x0a89cfc0ca464305ULL, 0x60282474140c3c30ULL, 0x0f4326a0af65ec89ULL, | ||
521 | 0x676d05dfb868d5bdULL, 0x2f5b3a8ca361f899ULL, 0x180a091d05030f0cULL, | ||
522 | 0x46bc7d185ec1e223ULL, 0x82efb87bf9571641ULL, 0xfece189967d6a97fULL, | ||
523 | 0x86ec35f076d99a43ULL, 0xfacd9512e858257dULL, 0x8eea32fb75d89f47ULL, | ||
524 | 0x17492fbdaa66e385ULL, 0xf6c81f9264d7ac7bULL, 0xcd9ca6834e3ad2e8ULL, | ||
525 | 0x0e8a424b45c8cf07ULL, 0xfd88b4b9443cccf0ULL, 0x8326dc9013fa35cfULL, | ||
526 | 0xc453c563a796f462ULL, 0x51f552a5f4a701a6ULL, 0xb477ef01b598c25aULL, | ||
527 | 0x3352be1a29ec7b97ULL, 0xa9b70f7cd5b862daULL, 0x76a86f2254c7fc3bULL, | ||
528 | 0x19c36df6efae2c82ULL, 0x6f6b02d4bb69d0b9ULL, 0x62a7ecbfdd4b7a31ULL, | ||
529 | 0x31dd76d1e0ab3d96ULL, 0x21d178c7e6a9379eULL, 0x1f4f28b6a967e681ULL, | ||
530 | 0x503c364e1e0a2228ULL, 0x028fc8cbc9474601ULL, 0xc316e4c80bf21defULL, | ||
531 | 0xc1992c03c2b55beeULL, 0x0dccee6b6622aa88ULL, 0x7b64814932e556b3ULL, | ||
532 | 0x235eb00c2fee719fULL, 0x99a31d46dfbe7cc2ULL, 0x45fad1387d2b87acULL, | ||
533 | 0x7c21a0e29e81bf3eULL, 0x906c7ea636125a48ULL, 0x6c2daef49883b536ULL, | ||
534 | 0xd85a41f52d1b776cULL, 0x70242a62120e3638ULL, 0x05cae9606523af8cULL, | ||
535 | 0xfb04f1f902f506f3ULL, 0x1283c6ddcf454c09ULL, 0x15c6e7766321a584ULL, | ||
536 | 0x3e9e50714fced11fULL, 0x72abe2a9db497039ULL, 0x7de8c409742c9cb0ULL, | ||
537 | 0x9b2cd58d16f93ac3ULL, 0x636e885437e659bfULL, 0xd993251ec7b654e2ULL, | ||
538 | 0x5df0d825782888a0ULL, 0xb872658139174b5cULL, 0x642ba9ff9b82b032ULL, | ||
539 | 0xd05c46fe2e1a7268ULL, 0x2c1d96ac808b9d16ULL, 0xa33ec0bc1ffe21dfULL, | ||
540 | 0x241b91a7838a9812ULL, 0x48363f531b092d24ULL, 0x068c454046c9ca03ULL, | ||
541 | 0x4c35b2d89487a126ULL, 0x4ab9f798d24e6b25ULL, 0x5b7c9d653ee142a3ULL, | ||
542 | 0x6de4ca1f722e96b8ULL, 0x7362864231e453b7ULL, 0x537a9a6e3de047a7ULL, | ||
543 | 0x0b40ab2b20eb608bULL, 0xf447d759ad90ea7aULL, 0x49ff5bb8f1a40eaaULL, | ||
544 | 0xf0445ad2221e6678ULL, 0x5c39bcce9285ab2eULL, 0x275d3d87a060fd9dULL, | ||
545 | 0x0000000000000000ULL, 0x35defb5a6f25b194ULL, 0xf302f6f201f403f7ULL, | ||
546 | 0xdb1cedd50ef112e3ULL, 0xd45fcb75a194fe6aULL, 0x583a31451d0b272cULL, | ||
547 | 0x6b688f5f34e75cbbULL, 0x8f2356109f75bcc9ULL, 0x2b58b7072cef749bULL, | ||
548 | 0xbdb88ce15c34e4d0ULL, 0x95a697c65331f5c4ULL, 0xeec2168f61d4a377ULL, | ||
549 | 0xceda0aa36dd0b767ULL, 0x4433b5d39786a422ULL, 0xd7196755827e9be5ULL, | ||
550 | 0x01c964ebeaad238eULL, 0xbb34c9a11afd2ed3ULL, 0x55f6df2e7b298da4ULL, | ||
551 | 0x9da090cd5030f0c0ULL, 0xc59aa1884d3bd7ecULL, 0x8c65fa30bc9fd946ULL, | ||
552 | 0x932ad28615f83fc7ULL, 0x7eae682957c6f93fULL, 0x986a79ad35135f4cULL, | ||
553 | 0x3014123a0a061e18ULL, 0x281e1b270f051114ULL, 0x66a4613452c5f633ULL, | ||
554 | 0x886677bb33115544ULL, 0x9f2f58069977b6c1ULL, 0xc7156943847c91edULL, | ||
555 | 0xf7017b798e7a8ff5ULL, 0xe70d756f887885fdULL, 0xadb482f75a36eed8ULL, | ||
556 | 0xe04854c4241c6c70ULL, 0xd596af9e4b39dde4ULL, 0xf2cb9219eb592079ULL, | ||
557 | 0xc05048e828187860ULL, 0x8ae9bf70fa561345ULL, 0xf18d3e39c8b345f6ULL, | ||
558 | 0xe9873724cdb04afaULL, 0x3dd8fc516c24b490ULL, 0x1dc0e07d6020a080ULL, | ||
559 | 0xf98b3932cbb240f2ULL, 0xe44bd94fab92e072ULL, 0x71ed4e89f8a315b6ULL, | ||
560 | 0x4eba7a135dc0e727ULL, 0x1a85c1d6cc44490dULL, 0x37513391a662f795ULL, | ||
561 | 0x806070b030105040ULL, 0xc99f2b08c1b45eeaULL, 0x543fbbc59184ae2aULL, | ||
562 | 0x2297d4e7c5435211ULL, 0xec4dde44a893e576ULL, 0x5eb674055bc2ed2fULL, | ||
563 | 0x6aa1ebb4de4a7f35ULL, 0x81a9145bdabd73ceULL, 0x0c058a808c8f8906ULL, | ||
564 | 0x75eec302772d99b4ULL, 0x89af1350d9bc76caULL, 0x946ff32db99cd64aULL, | ||
565 | 0x77610bc9be6adfb5ULL, 0x3a9dddfac0405d1dULL, 0x3698577a4ccfd41bULL, | ||
566 | 0x79eb4982fba210b2ULL, 0x7427a7e99d80ba3aULL, 0x42bff093d14f6e21ULL, | ||
567 | 0xf8425dd9211f637cULL, 0x1e864c5d43cac50fULL, 0x39db71dae3aa3892ULL, | ||
568 | 0x2a91d3ecc6425715ULL | ||
569 | }; | ||
570 | |||
571 | static const u64 T6[256] = { | ||
572 | 0x6a01bbb9d268bad3ULL, 0x66b1e59a4d1954fcULL, 0x14cde265bc932f71ULL, | ||
573 | 0x1b512587cdb9749cULL, 0x57a4f7a2510253f5ULL, 0xbe03d0d66bb8d368ULL, | ||
574 | 0xb504d6de6fbdd26bULL, 0x85feb35229644dd7ULL, 0x4aadfdba5d0d50f0ULL, | ||
575 | 0xe063cf098a26ace9ULL, 0x9684091c0e838d8aULL, 0x4d1aa591c679bfdcULL, | ||
576 | 0x374d3da7ddad7090ULL, 0x5ca3f1aa550752f6ULL, 0x17e17ba452c89ab3ULL, | ||
577 | 0x8ef9b55a2d614cd4ULL, 0x20ac46038f65ea23ULL, 0x8411c4e673a6d562ULL, | ||
578 | 0x68c255cc66f197a4ULL, 0xa80ddcc663b2d16eULL, 0xd099aa85ccff3355ULL, | ||
579 | 0x41aafbb2590851f3ULL, 0x0f9cc7e2712a5bedULL, 0xae55f359a204a6f7ULL, | ||
580 | 0xc120febe5f81de7fULL, 0xa2e5ad7a3d7548d8ULL, 0xcc7fd7299a32a8e5ULL, | ||
581 | 0x0ae871bc5ec799b6ULL, 0xe63be0964b90db70ULL, 0xdb9eac8dc8fa3256ULL, | ||
582 | 0x152295d1e651b7c4ULL, 0xaace32b3d72bfc19ULL, 0x7393704bab48e338ULL, | ||
583 | 0x3bfd638442dc9ebfULL, 0x52d041fc7eef91aeULL, 0x1ce67dac56cd9bb0ULL, | ||
584 | 0x78947643af4de23bULL, 0x6106bdb1d66dbbd0ULL, 0xf1da9b32195841c3ULL, | ||
585 | 0xe5177957a5cb6eb2ULL, 0xb35cf941ae0ba5f2ULL, 0x564b80160bc0cb40ULL, | ||
586 | 0xc20c677fb1da6bbdULL, 0x7ecc59dc6efb95a2ULL, 0x9f40e161be1fa1feULL, | ||
587 | 0xc3e310cbeb18f308ULL, 0x2f3081e1fe4fb1ceULL, 0x160e0c10080a0206ULL, | ||
588 | 0x675e922e17dbcc49ULL, 0x3f66a26e37f3c451ULL, 0xcf534ee874691d27ULL, | ||
589 | 0x9c6c78a05044143cULL, 0x0e73b0562be8c358ULL, 0x9a34573f91f263a5ULL, | ||
590 | 0xed3ce69e4f95da73ULL, 0x358ed3d269345de7ULL, 0x2380dfc2613e5fe1ULL, | ||
591 | 0xd72ef2ae578bdc79ULL, 0x486e13cfe9947d87ULL, 0x6c59942613decd4aULL, | ||
592 | 0x5e601fdfe19e7f81ULL, 0x049bc1ea752f5aeeULL, 0xf3197547adc16cb4ULL, | ||
593 | 0x3e89d5da6d315ce4ULL, 0xefff08ebfb0cf704ULL, 0x47f2d42d98be266aULL, | ||
594 | 0xb7c738abdb24ff1cULL, 0x11b9543b937eed2aULL, 0x36a24a13876fe825ULL, | ||
595 | 0x26f4699c4ed39dbaULL, 0xee107f5fa1ce6fb1ULL, 0x8b8d0304028c8e8fULL, | ||
596 | 0xe34f56c8647d192bULL, 0x9447e769ba1aa0fdULL, 0xdeea1ad3e717f00dULL, | ||
597 | 0xba98113c1e978986ULL, 0x692d22783c330f11ULL, 0x311512381c1b0709ULL, | ||
598 | 0xfd6ac5118629afecULL, 0x9bdb208bcb30fb10ULL, 0x5838304020280818ULL, | ||
599 | 0x976b7ea85441153fULL, 0x7f232e6834390d17ULL, 0x2c1c18201014040cULL, | ||
600 | 0x0b07060804050103ULL, 0xab2145078de964acULL, 0xca27f8b65b84df7cULL, | ||
601 | 0x0d5f2997c5b3769aULL, 0x64720beff980798bULL, 0xdc29f4a6538edd7aULL, | ||
602 | 0xb2b38ef5f4c93d47ULL, 0x8a6274b0584e163aULL, 0xa4bd82e5fcc33f41ULL, | ||
603 | 0xfc85b2a5dceb3759ULL, 0xf81e734fa9c46db7ULL, 0x95a890dde0d83848ULL, | ||
604 | 0x7708b1a1de67b9d6ULL, 0x2a4437bfd1a27395ULL, 0x3da54c1b836ae926ULL, | ||
605 | 0xea8bbeb5d4e1355fULL, 0x6db6e392491c55ffULL, 0x3c4a3bafd9a87193ULL, | ||
606 | 0x727c07fff18a7b8dULL, 0x9d830f140a868c89ULL, 0x214331b7d5a77296ULL, | ||
607 | 0xb19f17341a928885ULL, 0xe4f80ee3ff09f607ULL, 0x33d6fc4da8822a7eULL, | ||
608 | 0xafba84edf8c63e42ULL, 0x2887d9ca653b5ee2ULL, 0x4cf5d2259cbb2769ULL, | ||
609 | 0xc0cf890a054346caULL, 0x74242860303c0c14ULL, 0xa026430f89ec65afULL, | ||
610 | 0xdf056d67bdd568b8ULL, 0x8c3a5b2f99f861a3ULL, 0x1d090a180c0f0305ULL, | ||
611 | 0x187dbc4623e2c15eULL, 0x7bb8ef82411657f9ULL, 0x9918cefe7fa9d667ULL, | ||
612 | 0xf035ec86439ad976ULL, 0x1295cdfa7d2558e8ULL, 0xfb32ea8e479fd875ULL, | ||
613 | 0xbd2f491785e366aaULL, 0x921fc8f67bacd764ULL, 0x83a69ccde8d23a4eULL, | ||
614 | 0x4b428a0e07cfc845ULL, 0xb9b488fdf0cc3c44ULL, 0x90dc2683cf35fa13ULL, | ||
615 | 0x63c553c462f496a7ULL, 0xa552f551a601a7f4ULL, 0x01ef77b45ac298b5ULL, | ||
616 | 0x1abe5233977bec29ULL, 0x7c0fb7a9da62b8d5ULL, 0x226fa8763bfcc754ULL, | ||
617 | 0xf66dc319822caeefULL, 0xd4026b6fb9d069bbULL, 0xbfeca762317a4bddULL, | ||
618 | 0xd176dd31963dabe0ULL, 0xc778d1219e37a9e6ULL, 0xb6284f1f81e667a9ULL, | ||
619 | 0x4e363c5028220a1eULL, 0xcbc88f02014647c9ULL, 0xc8e416c3ef1df20bULL, | ||
620 | 0x032c99c1ee5bb5c2ULL, 0x6beecc0d88aa2266ULL, 0x4981647bb356e532ULL, | ||
621 | 0x0cb05e239f71ee2fULL, 0x461da399c27cbedfULL, 0x38d1fa45ac872b7dULL, | ||
622 | 0xe2a0217c3ebf819eULL, 0xa67e6c90485a1236ULL, 0xf4ae2d6c36b58398ULL, | ||
623 | 0xf5415ad86c771b2dULL, 0x622a247038360e12ULL, 0x60e9ca058caf2365ULL, | ||
624 | 0xf9f104fbf306f502ULL, 0xddc68312094c45cfULL, 0x76e7c61584a52163ULL, | ||
625 | 0x71509e3e1fd1ce4fULL, 0xa9e2ab72397049dbULL, 0x09c4e87db09c2c74ULL, | ||
626 | 0x8dd52c9bc33af916ULL, 0x54886e63bf59e637ULL, 0x1e2593d9e254b6c7ULL, | ||
627 | 0x25d8f05da0882878ULL, 0x816572b85c4b1739ULL, 0xffa92b6432b0829bULL, | ||
628 | 0xfe465cd068721a2eULL, 0xac961d2c169d8b80ULL, 0xbcc03ea3df21fe1fULL, | ||
629 | 0xa7911b2412988a83ULL, 0x533f3648242d091bULL, 0x40458c0603cac946ULL, | ||
630 | 0xd8b2354c26a18794ULL, 0x98f7b94a256b4ed2ULL, 0x659d7c5ba342e13eULL, | ||
631 | 0x1fcae46db8962e72ULL, 0x42866273b753e431ULL, 0x6e9a7a53a747e03dULL, | ||
632 | 0x2bab400b8b60eb20ULL, 0x59d747f47aea90adULL, 0xb85bff49aa0ea4f1ULL, | ||
633 | 0xd25a44f078661e22ULL, 0xcebc395c2eab8592ULL, 0x873d5d279dfd60a0ULL, | ||
634 | 0x0000000000000000ULL, 0x5afbde3594b1256fULL, 0xf2f602f3f703f401ULL, | ||
635 | 0xd5ed1cdbe312f10eULL, 0x75cb5fd46afe94a1ULL, 0x45313a582c270b1dULL, | ||
636 | 0x5f8f686bbb5ce734ULL, 0x1056238fc9bc759fULL, 0x07b7582b9b74ef2cULL, | ||
637 | 0xe18cb8bdd0e4345cULL, 0xc697a695c4f53153ULL, 0x8f16c2ee77a3d461ULL, | ||
638 | 0xa30adace67b7d06dULL, 0xd3b5334422a48697ULL, 0x556719d7e59b7e82ULL, | ||
639 | 0xeb64c9018e23adeaULL, 0xa1c934bbd32efd1aULL, 0x2edff655a48d297bULL, | ||
640 | 0xcd90a09dc0f03050ULL, 0x88a19ac5ecd73b4dULL, 0x30fa658c46d99fbcULL, | ||
641 | 0x86d22a93c73ff815ULL, 0x2968ae7e3ff9c657ULL, 0xad796a984c5f1335ULL, | ||
642 | 0x3a121430181e060aULL, 0x271b1e281411050fULL, 0x3461a46633f6c552ULL, | ||
643 | 0xbb77668844551133ULL, 0x06582f9fc1b67799ULL, 0x436915c7ed917c84ULL, | ||
644 | 0x797b01f7f58f7a8eULL, 0x6f750de7fd857888ULL, 0xf782b4add8ee365aULL, | ||
645 | 0xc45448e0706c1c24ULL, 0x9eaf96d5e4dd394bULL, 0x1992cbf2792059ebULL, | ||
646 | 0xe84850c060781828ULL, 0x70bfe98a451356faULL, 0x393e8df1f645b3c8ULL, | ||
647 | 0x243787e9fa4ab0cdULL, 0x51fcd83d90b4246cULL, 0x7de0c01d80a02060ULL, | ||
648 | 0x32398bf9f240b2cbULL, 0x4fd94be472e092abULL, 0x894eed71b615a3f8ULL, | ||
649 | 0x137aba4e27e7c05dULL, 0xd6c1851a0d4944ccULL, 0x9133513795f762a6ULL, | ||
650 | 0xb070608040501030ULL, 0x082b9fc9ea5eb4c1ULL, 0xc5bb3f542aae8491ULL, | ||
651 | 0xe7d49722115243c5ULL, 0x44de4dec76e593a8ULL, 0x0574b65e2fedc25bULL, | ||
652 | 0xb4eba16a357f4adeULL, 0x5b14a981ce73bddaULL, 0x808a050c06898f8cULL, | ||
653 | 0x02c3ee75b4992d77ULL, 0x5013af89ca76bcd9ULL, 0x2df36f944ad69cb9ULL, | ||
654 | 0xc90b6177b5df6abeULL, 0xfadd9d3a1d5d40c0ULL, 0x7a5798361bd4cf4cULL, | ||
655 | 0x8249eb79b210a2fbULL, 0xe9a727743aba809dULL, 0x93f0bf42216e4fd1ULL, | ||
656 | 0xd95d42f87c631f21ULL, 0x5d4c861e0fc5ca43ULL, 0xda71db399238aae3ULL, | ||
657 | 0xecd3912a155742c6ULL | ||
658 | }; | ||
659 | |||
660 | static const u64 T7[256] = { | ||
661 | 0x016ab9bb68d2d3baULL, 0xb1669ae5194dfc54ULL, 0xcd1465e293bc712fULL, | ||
662 | 0x511b8725b9cd9c74ULL, 0xa457a2f70251f553ULL, 0x03bed6d0b86b68d3ULL, | ||
663 | 0x04b5ded6bd6f6bd2ULL, 0xfe8552b36429d74dULL, 0xad4abafd0d5df050ULL, | ||
664 | 0x63e009cf268ae9acULL, 0x84961c09830e8a8dULL, 0x1a4d91a579c6dcbfULL, | ||
665 | 0x4d37a73daddd9070ULL, 0xa35caaf10755f652ULL, 0xe117a47bc852b39aULL, | ||
666 | 0xf98e5ab5612dd44cULL, 0xac200346658f23eaULL, 0x1184e6c4a67362d5ULL, | ||
667 | 0xc268cc55f166a497ULL, 0x0da8c6dcb2636ed1ULL, 0x99d085aaffcc5533ULL, | ||
668 | 0xaa41b2fb0859f351ULL, 0x9c0fe2c72a71ed5bULL, 0x55ae59f304a2f7a6ULL, | ||
669 | 0x20c1befe815f7fdeULL, 0xe5a27aad753dd848ULL, 0x7fcc29d7329ae5a8ULL, | ||
670 | 0xe80abc71c75eb699ULL, 0x3be696e0904b70dbULL, 0x9edb8dacfac85632ULL, | ||
671 | 0x2215d19551e6c4b7ULL, 0xceaab3322bd719fcULL, 0x93734b7048ab38e3ULL, | ||
672 | 0xfd3b8463dc42bf9eULL, 0xd052fc41ef7eae91ULL, 0xe61cac7dcd56b09bULL, | ||
673 | 0x947843764daf3be2ULL, 0x0661b1bd6dd6d0bbULL, 0xdaf1329b5819c341ULL, | ||
674 | 0x17e55779cba5b26eULL, 0x5cb341f90baef2a5ULL, 0x4b561680c00b40cbULL, | ||
675 | 0x0cc27f67dab1bd6bULL, 0xcc7edc59fb6ea295ULL, 0x409f61e11fbefea1ULL, | ||
676 | 0xe3c3cb1018eb08f3ULL, 0x302fe1814ffeceb1ULL, 0x0e16100c0a080602ULL, | ||
677 | 0x5e672e92db1749ccULL, 0x663f6ea2f33751c4ULL, 0x53cfe84e6974271dULL, | ||
678 | 0x6c9ca07844503c14ULL, 0x730e56b0e82b58c3ULL, 0x349a3f57f291a563ULL, | ||
679 | 0x3ced9ee6954f73daULL, 0x8e35d2d33469e75dULL, 0x8023c2df3e61e15fULL, | ||
680 | 0x2ed7aef28b5779dcULL, 0x6e48cf1394e9877dULL, 0x596c2694de134acdULL, | ||
681 | 0x605edf1f9ee1817fULL, 0x9b04eac12f75ee5aULL, 0x19f34775c1adb46cULL, | ||
682 | 0x893edad5316de45cULL, 0xffefeb080cfb04f7ULL, 0xf2472dd4be986a26ULL, | ||
683 | 0xc7b7ab3824db1cffULL, 0xb9113b547e932aedULL, 0xa236134a6f8725e8ULL, | ||
684 | 0xf4269c69d34eba9dULL, 0x10ee5f7fcea1b16fULL, 0x8d8b04038c028f8eULL, | ||
685 | 0x4fe3c8567d642b19ULL, 0x479469e71abafda0ULL, 0xeaded31a17e70df0ULL, | ||
686 | 0x98ba3c11971e8689ULL, 0x2d697822333c110fULL, 0x153138121b1c0907ULL, | ||
687 | 0x6afd11c52986ecafULL, 0xdb9b8b2030cb10fbULL, 0x3858403028201808ULL, | ||
688 | 0x6b97a87e41543f15ULL, 0x237f682e3934170dULL, 0x1c2c201814100c04ULL, | ||
689 | 0x070b080605040301ULL, 0x21ab0745e98dac64ULL, 0x27cab6f8845b7cdfULL, | ||
690 | 0x5f0d9729b3c59a76ULL, 0x7264ef0b80f98b79ULL, 0x29dca6f48e537addULL, | ||
691 | 0xb3b2f58ec9f4473dULL, 0x628ab0744e583a16ULL, 0xbda4e582c3fc413fULL, | ||
692 | 0x85fca5b2ebdc5937ULL, 0x1ef84f73c4a9b76dULL, 0xa895dd90d8e04838ULL, | ||
693 | 0x0877a1b167ded6b9ULL, 0x442abf37a2d19573ULL, 0xa53d1b4c6a8326e9ULL, | ||
694 | 0x8beab5bee1d45f35ULL, 0xb66d92e31c49ff55ULL, 0x4a3caf3ba8d99371ULL, | ||
695 | 0x7c72ff078af18d7bULL, 0x839d140f860a898cULL, 0x4321b731a7d59672ULL, | ||
696 | 0x9fb13417921a8588ULL, 0xf8e4e30e09ff07f6ULL, 0xd6334dfc82a87e2aULL, | ||
697 | 0xbaafed84c6f8423eULL, 0x8728cad93b65e25eULL, 0xf54c25d2bb9c6927ULL, | ||
698 | 0xcfc00a894305ca46ULL, 0x247460283c30140cULL, 0x26a00f43ec89af65ULL, | ||
699 | 0x05df676dd5bdb868ULL, 0x3a8c2f5bf899a361ULL, 0x091d180a0f0c0503ULL, | ||
700 | 0x7d1846bce2235ec1ULL, 0xb87b82ef1641f957ULL, 0x1899fecea97f67d6ULL, | ||
701 | 0x35f086ec9a4376d9ULL, 0x9512facd257de858ULL, 0x32fb8eea9f4775d8ULL, | ||
702 | 0x2fbd1749e385aa66ULL, 0x1f92f6c8ac7b64d7ULL, 0xa683cd9cd2e84e3aULL, | ||
703 | 0x424b0e8acf0745c8ULL, 0xb4b9fd88ccf0443cULL, 0xdc90832635cf13faULL, | ||
704 | 0xc563c453f462a796ULL, 0x52a551f501a6f4a7ULL, 0xef01b477c25ab598ULL, | ||
705 | 0xbe1a33527b9729ecULL, 0x0f7ca9b762dad5b8ULL, 0x6f2276a8fc3b54c7ULL, | ||
706 | 0x6df619c32c82efaeULL, 0x02d46f6bd0b9bb69ULL, 0xecbf62a77a31dd4bULL, | ||
707 | 0x76d131dd3d96e0abULL, 0x78c721d1379ee6a9ULL, 0x28b61f4fe681a967ULL, | ||
708 | 0x364e503c22281e0aULL, 0xc8cb028f4601c947ULL, 0xe4c8c3161def0bf2ULL, | ||
709 | 0x2c03c1995beec2b5ULL, 0xee6b0dccaa886622ULL, 0x81497b6456b332e5ULL, | ||
710 | 0xb00c235e719f2feeULL, 0x1d4699a37cc2dfbeULL, 0xd13845fa87ac7d2bULL, | ||
711 | 0xa0e27c21bf3e9e81ULL, 0x7ea6906c5a483612ULL, 0xaef46c2db5369883ULL, | ||
712 | 0x41f5d85a776c2d1bULL, 0x2a6270243638120eULL, 0xe96005caaf8c6523ULL, | ||
713 | 0xf1f9fb0406f302f5ULL, 0xc6dd12834c09cf45ULL, 0xe77615c6a5846321ULL, | ||
714 | 0x50713e9ed11f4fceULL, 0xe2a972ab7039db49ULL, 0xc4097de89cb0742cULL, | ||
715 | 0xd58d9b2c3ac316f9ULL, 0x8854636e59bf37e6ULL, 0x251ed99354e2c7b6ULL, | ||
716 | 0xd8255df088a07828ULL, 0x6581b8724b5c3917ULL, 0xa9ff642bb0329b82ULL, | ||
717 | 0x46fed05c72682e1aULL, 0x96ac2c1d9d16808bULL, 0xc0bca33e21df1ffeULL, | ||
718 | 0x91a7241b9812838aULL, 0x3f5348362d241b09ULL, 0x4540068cca0346c9ULL, | ||
719 | 0xb2d84c35a1269487ULL, 0xf7984ab96b25d24eULL, 0x9d655b7c42a33ee1ULL, | ||
720 | 0xca1f6de496b8722eULL, 0x8642736253b731e4ULL, 0x9a6e537a47a73de0ULL, | ||
721 | 0xab2b0b40608b20ebULL, 0xd759f447ea7aad90ULL, 0x5bb849ff0eaaf1a4ULL, | ||
722 | 0x5ad2f0446678221eULL, 0xbcce5c39ab2e9285ULL, 0x3d87275dfd9da060ULL, | ||
723 | 0x0000000000000000ULL, 0xfb5a35deb1946f25ULL, 0xf6f2f30203f701f4ULL, | ||
724 | 0xedd5db1c12e30ef1ULL, 0xcb75d45ffe6aa194ULL, 0x3145583a272c1d0bULL, | ||
725 | 0x8f5f6b685cbb34e7ULL, 0x56108f23bcc99f75ULL, 0xb7072b58749b2cefULL, | ||
726 | 0x8ce1bdb8e4d05c34ULL, 0x97c695a6f5c45331ULL, 0x168feec2a37761d4ULL, | ||
727 | 0x0aa3cedab7676dd0ULL, 0xb5d34433a4229786ULL, 0x6755d7199be5827eULL, | ||
728 | 0x64eb01c9238eeaadULL, 0xc9a1bb342ed31afdULL, 0xdf2e55f68da47b29ULL, | ||
729 | 0x90cd9da0f0c05030ULL, 0xa188c59ad7ec4d3bULL, 0xfa308c65d946bc9fULL, | ||
730 | 0xd286932a3fc715f8ULL, 0x68297eaef93f57c6ULL, 0x79ad986a5f4c3513ULL, | ||
731 | 0x123a30141e180a06ULL, 0x1b27281e11140f05ULL, 0x613466a4f63352c5ULL, | ||
732 | 0x77bb886655443311ULL, 0x58069f2fb6c19977ULL, 0x6943c71591ed847cULL, | ||
733 | 0x7b79f7018ff58e7aULL, 0x756fe70d85fd8878ULL, 0x82f7adb4eed85a36ULL, | ||
734 | 0x54c4e0486c70241cULL, 0xaf9ed596dde44b39ULL, 0x9219f2cb2079eb59ULL, | ||
735 | 0x48e8c05078602818ULL, 0xbf708ae91345fa56ULL, 0x3e39f18d45f6c8b3ULL, | ||
736 | 0x3724e9874afacdb0ULL, 0xfc513dd8b4906c24ULL, 0xe07d1dc0a0806020ULL, | ||
737 | 0x3932f98b40f2cbb2ULL, 0xd94fe44be072ab92ULL, 0x4e8971ed15b6f8a3ULL, | ||
738 | 0x7a134ebae7275dc0ULL, 0xc1d61a85490dcc44ULL, 0x33913751f795a662ULL, | ||
739 | 0x70b0806050403010ULL, 0x2b08c99f5eeac1b4ULL, 0xbbc5543fae2a9184ULL, | ||
740 | 0xd4e722975211c543ULL, 0xde44ec4de576a893ULL, 0x74055eb6ed2f5bc2ULL, | ||
741 | 0xebb46aa17f35de4aULL, 0x145b81a973cedabdULL, 0x8a800c0589068c8fULL, | ||
742 | 0xc30275ee99b4772dULL, 0x135089af76cad9bcULL, 0xf32d946fd64ab99cULL, | ||
743 | 0x0bc97761dfb5be6aULL, 0xddfa3a9d5d1dc040ULL, 0x577a3698d41b4ccfULL, | ||
744 | 0x498279eb10b2fba2ULL, 0xa7e97427ba3a9d80ULL, 0xf09342bf6e21d14fULL, | ||
745 | 0x5dd9f842637c211fULL, 0x4c5d1e86c50f43caULL, 0x71da39db3892e3aaULL, | ||
746 | 0xd3ec2a915715c642ULL | ||
747 | }; | ||
748 | |||
749 | static const u64 c[KHAZAD_ROUNDS + 1] = { | ||
750 | 0xba542f7453d3d24dULL, 0x50ac8dbf70529a4cULL, 0xead597d133515ba6ULL, | ||
751 | 0xde48a899db32b7fcULL, 0xe39e919be2bb416eULL, 0xa5cb6b95a1f3b102ULL, | ||
752 | 0xccc41d14c363da5dULL, 0x5fdc7dcd7f5a6c5cULL, 0xf726ffede89d6f8eULL | ||
753 | }; | ||
754 | |||
755 | static int khazad_setkey(void *ctx_arg, const u8 *in_key, | ||
756 | unsigned int key_len, u32 *flags) | ||
757 | { | ||
758 | |||
759 | struct khazad_ctx *ctx = ctx_arg; | ||
760 | int r; | ||
761 | const u64 *S = T7; | ||
762 | u64 K2, K1; | ||
763 | |||
764 | if (key_len != 16) | ||
765 | { | ||
766 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
767 | return -EINVAL; | ||
768 | } | ||
769 | |||
770 | K2 = ((u64)in_key[ 0] << 56) ^ | ||
771 | ((u64)in_key[ 1] << 48) ^ | ||
772 | ((u64)in_key[ 2] << 40) ^ | ||
773 | ((u64)in_key[ 3] << 32) ^ | ||
774 | ((u64)in_key[ 4] << 24) ^ | ||
775 | ((u64)in_key[ 5] << 16) ^ | ||
776 | ((u64)in_key[ 6] << 8) ^ | ||
777 | ((u64)in_key[ 7] ); | ||
778 | K1 = ((u64)in_key[ 8] << 56) ^ | ||
779 | ((u64)in_key[ 9] << 48) ^ | ||
780 | ((u64)in_key[10] << 40) ^ | ||
781 | ((u64)in_key[11] << 32) ^ | ||
782 | ((u64)in_key[12] << 24) ^ | ||
783 | ((u64)in_key[13] << 16) ^ | ||
784 | ((u64)in_key[14] << 8) ^ | ||
785 | ((u64)in_key[15] ); | ||
786 | |||
787 | /* setup the encrypt key */ | ||
788 | for (r = 0; r <= KHAZAD_ROUNDS; r++) { | ||
789 | ctx->E[r] = T0[(int)(K1 >> 56) ] ^ | ||
790 | T1[(int)(K1 >> 48) & 0xff] ^ | ||
791 | T2[(int)(K1 >> 40) & 0xff] ^ | ||
792 | T3[(int)(K1 >> 32) & 0xff] ^ | ||
793 | T4[(int)(K1 >> 24) & 0xff] ^ | ||
794 | T5[(int)(K1 >> 16) & 0xff] ^ | ||
795 | T6[(int)(K1 >> 8) & 0xff] ^ | ||
796 | T7[(int)(K1 ) & 0xff] ^ | ||
797 | c[r] ^ K2; | ||
798 | K2 = K1; | ||
799 | K1 = ctx->E[r]; | ||
800 | } | ||
801 | /* Setup the decrypt key */ | ||
802 | ctx->D[0] = ctx->E[KHAZAD_ROUNDS]; | ||
803 | for (r = 1; r < KHAZAD_ROUNDS; r++) { | ||
804 | K1 = ctx->E[KHAZAD_ROUNDS - r]; | ||
805 | ctx->D[r] = T0[(int)S[(int)(K1 >> 56) ] & 0xff] ^ | ||
806 | T1[(int)S[(int)(K1 >> 48) & 0xff] & 0xff] ^ | ||
807 | T2[(int)S[(int)(K1 >> 40) & 0xff] & 0xff] ^ | ||
808 | T3[(int)S[(int)(K1 >> 32) & 0xff] & 0xff] ^ | ||
809 | T4[(int)S[(int)(K1 >> 24) & 0xff] & 0xff] ^ | ||
810 | T5[(int)S[(int)(K1 >> 16) & 0xff] & 0xff] ^ | ||
811 | T6[(int)S[(int)(K1 >> 8) & 0xff] & 0xff] ^ | ||
812 | T7[(int)S[(int)(K1 ) & 0xff] & 0xff]; | ||
813 | } | ||
814 | ctx->D[KHAZAD_ROUNDS] = ctx->E[0]; | ||
815 | |||
816 | return 0; | ||
817 | |||
818 | } | ||
819 | |||
820 | static void khazad_crypt(const u64 roundKey[KHAZAD_ROUNDS + 1], | ||
821 | u8 *ciphertext, const u8 *plaintext) | ||
822 | { | ||
823 | |||
824 | int r; | ||
825 | u64 state; | ||
826 | |||
827 | state = ((u64)plaintext[0] << 56) ^ | ||
828 | ((u64)plaintext[1] << 48) ^ | ||
829 | ((u64)plaintext[2] << 40) ^ | ||
830 | ((u64)plaintext[3] << 32) ^ | ||
831 | ((u64)plaintext[4] << 24) ^ | ||
832 | ((u64)plaintext[5] << 16) ^ | ||
833 | ((u64)plaintext[6] << 8) ^ | ||
834 | ((u64)plaintext[7] ) ^ | ||
835 | roundKey[0]; | ||
836 | |||
837 | for (r = 1; r < KHAZAD_ROUNDS; r++) { | ||
838 | state = T0[(int)(state >> 56) ] ^ | ||
839 | T1[(int)(state >> 48) & 0xff] ^ | ||
840 | T2[(int)(state >> 40) & 0xff] ^ | ||
841 | T3[(int)(state >> 32) & 0xff] ^ | ||
842 | T4[(int)(state >> 24) & 0xff] ^ | ||
843 | T5[(int)(state >> 16) & 0xff] ^ | ||
844 | T6[(int)(state >> 8) & 0xff] ^ | ||
845 | T7[(int)(state ) & 0xff] ^ | ||
846 | roundKey[r]; | ||
847 | } | ||
848 | |||
849 | state = (T0[(int)(state >> 56) ] & 0xff00000000000000ULL) ^ | ||
850 | (T1[(int)(state >> 48) & 0xff] & 0x00ff000000000000ULL) ^ | ||
851 | (T2[(int)(state >> 40) & 0xff] & 0x0000ff0000000000ULL) ^ | ||
852 | (T3[(int)(state >> 32) & 0xff] & 0x000000ff00000000ULL) ^ | ||
853 | (T4[(int)(state >> 24) & 0xff] & 0x00000000ff000000ULL) ^ | ||
854 | (T5[(int)(state >> 16) & 0xff] & 0x0000000000ff0000ULL) ^ | ||
855 | (T6[(int)(state >> 8) & 0xff] & 0x000000000000ff00ULL) ^ | ||
856 | (T7[(int)(state ) & 0xff] & 0x00000000000000ffULL) ^ | ||
857 | roundKey[KHAZAD_ROUNDS]; | ||
858 | |||
859 | ciphertext[0] = (u8)(state >> 56); | ||
860 | ciphertext[1] = (u8)(state >> 48); | ||
861 | ciphertext[2] = (u8)(state >> 40); | ||
862 | ciphertext[3] = (u8)(state >> 32); | ||
863 | ciphertext[4] = (u8)(state >> 24); | ||
864 | ciphertext[5] = (u8)(state >> 16); | ||
865 | ciphertext[6] = (u8)(state >> 8); | ||
866 | ciphertext[7] = (u8)(state ); | ||
867 | |||
868 | } | ||
869 | |||
870 | static void khazad_encrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
871 | { | ||
872 | struct khazad_ctx *ctx = ctx_arg; | ||
873 | khazad_crypt(ctx->E, dst, src); | ||
874 | } | ||
875 | |||
876 | static void khazad_decrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
877 | { | ||
878 | struct khazad_ctx *ctx = ctx_arg; | ||
879 | khazad_crypt(ctx->D, dst, src); | ||
880 | } | ||
881 | |||
882 | static struct crypto_alg khazad_alg = { | ||
883 | .cra_name = "khazad", | ||
884 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
885 | .cra_blocksize = KHAZAD_BLOCK_SIZE, | ||
886 | .cra_ctxsize = sizeof (struct khazad_ctx), | ||
887 | .cra_module = THIS_MODULE, | ||
888 | .cra_list = LIST_HEAD_INIT(khazad_alg.cra_list), | ||
889 | .cra_u = { .cipher = { | ||
890 | .cia_min_keysize = KHAZAD_KEY_SIZE, | ||
891 | .cia_max_keysize = KHAZAD_KEY_SIZE, | ||
892 | .cia_setkey = khazad_setkey, | ||
893 | .cia_encrypt = khazad_encrypt, | ||
894 | .cia_decrypt = khazad_decrypt } } | ||
895 | }; | ||
896 | |||
897 | static int __init init(void) | ||
898 | { | ||
899 | int ret = 0; | ||
900 | |||
901 | ret = crypto_register_alg(&khazad_alg); | ||
902 | return ret; | ||
903 | } | ||
904 | |||
905 | static void __exit fini(void) | ||
906 | { | ||
907 | crypto_unregister_alg(&khazad_alg); | ||
908 | } | ||
909 | |||
910 | |||
911 | module_init(init); | ||
912 | module_exit(fini); | ||
913 | |||
914 | MODULE_LICENSE("GPL"); | ||
915 | MODULE_DESCRIPTION("Khazad Cryptographic Algorithm"); | ||
diff --git a/crypto/md4.c b/crypto/md4.c new file mode 100644 index 000000000000..bef6a9e5ac9b --- /dev/null +++ b/crypto/md4.c | |||
@@ -0,0 +1,250 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * MD4 Message Digest Algorithm (RFC1320). | ||
5 | * | ||
6 | * Implementation derived from Andrew Tridgell and Steve French's | ||
7 | * CIFS MD4 implementation, and the cryptoapi implementation | ||
8 | * originally based on the public domain implementation written | ||
9 | * by Colin Plumb in 1993. | ||
10 | * | ||
11 | * Copyright (c) Andrew Tridgell 1997-1998. | ||
12 | * Modified by Steve French (sfrench@us.ibm.com) 2002 | ||
13 | * Copyright (c) Cryptoapi developers. | ||
14 | * Copyright (c) 2002 David S. Miller (davem@redhat.com) | ||
15 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
16 | * | ||
17 | * This program is free software; you can redistribute it and/or modify | ||
18 | * it under the terms of the GNU General Public License as published by | ||
19 | * the Free Software Foundation; either version 2 of the License, or | ||
20 | * (at your option) any later version. | ||
21 | * | ||
22 | */ | ||
23 | #include <linux/init.h> | ||
24 | #include <linux/crypto.h> | ||
25 | #include <linux/kernel.h> | ||
26 | #include <linux/string.h> | ||
27 | #include <asm/byteorder.h> | ||
28 | |||
29 | #define MD4_DIGEST_SIZE 16 | ||
30 | #define MD4_HMAC_BLOCK_SIZE 64 | ||
31 | #define MD4_BLOCK_WORDS 16 | ||
32 | #define MD4_HASH_WORDS 4 | ||
33 | |||
34 | struct md4_ctx { | ||
35 | u32 hash[MD4_HASH_WORDS]; | ||
36 | u32 block[MD4_BLOCK_WORDS]; | ||
37 | u64 byte_count; | ||
38 | }; | ||
39 | |||
40 | static inline u32 lshift(u32 x, unsigned int s) | ||
41 | { | ||
42 | x &= 0xFFFFFFFF; | ||
43 | return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s)); | ||
44 | } | ||
45 | |||
46 | static inline u32 F(u32 x, u32 y, u32 z) | ||
47 | { | ||
48 | return (x & y) | ((~x) & z); | ||
49 | } | ||
50 | |||
51 | static inline u32 G(u32 x, u32 y, u32 z) | ||
52 | { | ||
53 | return (x & y) | (x & z) | (y & z); | ||
54 | } | ||
55 | |||
56 | static inline u32 H(u32 x, u32 y, u32 z) | ||
57 | { | ||
58 | return x ^ y ^ z; | ||
59 | } | ||
60 | |||
61 | #define ROUND1(a,b,c,d,k,s) (a = lshift(a + F(b,c,d) + k, s)) | ||
62 | #define ROUND2(a,b,c,d,k,s) (a = lshift(a + G(b,c,d) + k + (u32)0x5A827999,s)) | ||
63 | #define ROUND3(a,b,c,d,k,s) (a = lshift(a + H(b,c,d) + k + (u32)0x6ED9EBA1,s)) | ||
64 | |||
65 | /* XXX: this stuff can be optimized */ | ||
66 | static inline void le32_to_cpu_array(u32 *buf, unsigned int words) | ||
67 | { | ||
68 | while (words--) { | ||
69 | __le32_to_cpus(buf); | ||
70 | buf++; | ||
71 | } | ||
72 | } | ||
73 | |||
74 | static inline void cpu_to_le32_array(u32 *buf, unsigned int words) | ||
75 | { | ||
76 | while (words--) { | ||
77 | __cpu_to_le32s(buf); | ||
78 | buf++; | ||
79 | } | ||
80 | } | ||
81 | |||
82 | static void md4_transform(u32 *hash, u32 const *in) | ||
83 | { | ||
84 | u32 a, b, c, d; | ||
85 | |||
86 | a = hash[0]; | ||
87 | b = hash[1]; | ||
88 | c = hash[2]; | ||
89 | d = hash[3]; | ||
90 | |||
91 | ROUND1(a, b, c, d, in[0], 3); | ||
92 | ROUND1(d, a, b, c, in[1], 7); | ||
93 | ROUND1(c, d, a, b, in[2], 11); | ||
94 | ROUND1(b, c, d, a, in[3], 19); | ||
95 | ROUND1(a, b, c, d, in[4], 3); | ||
96 | ROUND1(d, a, b, c, in[5], 7); | ||
97 | ROUND1(c, d, a, b, in[6], 11); | ||
98 | ROUND1(b, c, d, a, in[7], 19); | ||
99 | ROUND1(a, b, c, d, in[8], 3); | ||
100 | ROUND1(d, a, b, c, in[9], 7); | ||
101 | ROUND1(c, d, a, b, in[10], 11); | ||
102 | ROUND1(b, c, d, a, in[11], 19); | ||
103 | ROUND1(a, b, c, d, in[12], 3); | ||
104 | ROUND1(d, a, b, c, in[13], 7); | ||
105 | ROUND1(c, d, a, b, in[14], 11); | ||
106 | ROUND1(b, c, d, a, in[15], 19); | ||
107 | |||
108 | ROUND2(a, b, c, d,in[ 0], 3); | ||
109 | ROUND2(d, a, b, c, in[4], 5); | ||
110 | ROUND2(c, d, a, b, in[8], 9); | ||
111 | ROUND2(b, c, d, a, in[12], 13); | ||
112 | ROUND2(a, b, c, d, in[1], 3); | ||
113 | ROUND2(d, a, b, c, in[5], 5); | ||
114 | ROUND2(c, d, a, b, in[9], 9); | ||
115 | ROUND2(b, c, d, a, in[13], 13); | ||
116 | ROUND2(a, b, c, d, in[2], 3); | ||
117 | ROUND2(d, a, b, c, in[6], 5); | ||
118 | ROUND2(c, d, a, b, in[10], 9); | ||
119 | ROUND2(b, c, d, a, in[14], 13); | ||
120 | ROUND2(a, b, c, d, in[3], 3); | ||
121 | ROUND2(d, a, b, c, in[7], 5); | ||
122 | ROUND2(c, d, a, b, in[11], 9); | ||
123 | ROUND2(b, c, d, a, in[15], 13); | ||
124 | |||
125 | ROUND3(a, b, c, d,in[ 0], 3); | ||
126 | ROUND3(d, a, b, c, in[8], 9); | ||
127 | ROUND3(c, d, a, b, in[4], 11); | ||
128 | ROUND3(b, c, d, a, in[12], 15); | ||
129 | ROUND3(a, b, c, d, in[2], 3); | ||
130 | ROUND3(d, a, b, c, in[10], 9); | ||
131 | ROUND3(c, d, a, b, in[6], 11); | ||
132 | ROUND3(b, c, d, a, in[14], 15); | ||
133 | ROUND3(a, b, c, d, in[1], 3); | ||
134 | ROUND3(d, a, b, c, in[9], 9); | ||
135 | ROUND3(c, d, a, b, in[5], 11); | ||
136 | ROUND3(b, c, d, a, in[13], 15); | ||
137 | ROUND3(a, b, c, d, in[3], 3); | ||
138 | ROUND3(d, a, b, c, in[11], 9); | ||
139 | ROUND3(c, d, a, b, in[7], 11); | ||
140 | ROUND3(b, c, d, a, in[15], 15); | ||
141 | |||
142 | hash[0] += a; | ||
143 | hash[1] += b; | ||
144 | hash[2] += c; | ||
145 | hash[3] += d; | ||
146 | } | ||
147 | |||
148 | static inline void md4_transform_helper(struct md4_ctx *ctx) | ||
149 | { | ||
150 | le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32)); | ||
151 | md4_transform(ctx->hash, ctx->block); | ||
152 | } | ||
153 | |||
154 | static void md4_init(void *ctx) | ||
155 | { | ||
156 | struct md4_ctx *mctx = ctx; | ||
157 | |||
158 | mctx->hash[0] = 0x67452301; | ||
159 | mctx->hash[1] = 0xefcdab89; | ||
160 | mctx->hash[2] = 0x98badcfe; | ||
161 | mctx->hash[3] = 0x10325476; | ||
162 | mctx->byte_count = 0; | ||
163 | } | ||
164 | |||
165 | static void md4_update(void *ctx, const u8 *data, unsigned int len) | ||
166 | { | ||
167 | struct md4_ctx *mctx = ctx; | ||
168 | const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f); | ||
169 | |||
170 | mctx->byte_count += len; | ||
171 | |||
172 | if (avail > len) { | ||
173 | memcpy((char *)mctx->block + (sizeof(mctx->block) - avail), | ||
174 | data, len); | ||
175 | return; | ||
176 | } | ||
177 | |||
178 | memcpy((char *)mctx->block + (sizeof(mctx->block) - avail), | ||
179 | data, avail); | ||
180 | |||
181 | md4_transform_helper(mctx); | ||
182 | data += avail; | ||
183 | len -= avail; | ||
184 | |||
185 | while (len >= sizeof(mctx->block)) { | ||
186 | memcpy(mctx->block, data, sizeof(mctx->block)); | ||
187 | md4_transform_helper(mctx); | ||
188 | data += sizeof(mctx->block); | ||
189 | len -= sizeof(mctx->block); | ||
190 | } | ||
191 | |||
192 | memcpy(mctx->block, data, len); | ||
193 | } | ||
194 | |||
195 | static void md4_final(void *ctx, u8 *out) | ||
196 | { | ||
197 | struct md4_ctx *mctx = ctx; | ||
198 | const unsigned int offset = mctx->byte_count & 0x3f; | ||
199 | char *p = (char *)mctx->block + offset; | ||
200 | int padding = 56 - (offset + 1); | ||
201 | |||
202 | *p++ = 0x80; | ||
203 | if (padding < 0) { | ||
204 | memset(p, 0x00, padding + sizeof (u64)); | ||
205 | md4_transform_helper(mctx); | ||
206 | p = (char *)mctx->block; | ||
207 | padding = 56; | ||
208 | } | ||
209 | |||
210 | memset(p, 0, padding); | ||
211 | mctx->block[14] = mctx->byte_count << 3; | ||
212 | mctx->block[15] = mctx->byte_count >> 29; | ||
213 | le32_to_cpu_array(mctx->block, (sizeof(mctx->block) - | ||
214 | sizeof(u64)) / sizeof(u32)); | ||
215 | md4_transform(mctx->hash, mctx->block); | ||
216 | cpu_to_le32_array(mctx->hash, sizeof(mctx->hash) / sizeof(u32)); | ||
217 | memcpy(out, mctx->hash, sizeof(mctx->hash)); | ||
218 | memset(mctx, 0, sizeof(*mctx)); | ||
219 | } | ||
220 | |||
221 | static struct crypto_alg alg = { | ||
222 | .cra_name = "md4", | ||
223 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
224 | .cra_blocksize = MD4_HMAC_BLOCK_SIZE, | ||
225 | .cra_ctxsize = sizeof(struct md4_ctx), | ||
226 | .cra_module = THIS_MODULE, | ||
227 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
228 | .cra_u = { .digest = { | ||
229 | .dia_digestsize = MD4_DIGEST_SIZE, | ||
230 | .dia_init = md4_init, | ||
231 | .dia_update = md4_update, | ||
232 | .dia_final = md4_final } } | ||
233 | }; | ||
234 | |||
235 | static int __init init(void) | ||
236 | { | ||
237 | return crypto_register_alg(&alg); | ||
238 | } | ||
239 | |||
240 | static void __exit fini(void) | ||
241 | { | ||
242 | crypto_unregister_alg(&alg); | ||
243 | } | ||
244 | |||
245 | module_init(init); | ||
246 | module_exit(fini); | ||
247 | |||
248 | MODULE_LICENSE("GPL"); | ||
249 | MODULE_DESCRIPTION("MD4 Message Digest Algorithm"); | ||
250 | |||
diff --git a/crypto/md5.c b/crypto/md5.c new file mode 100644 index 000000000000..1ed45f9c263e --- /dev/null +++ b/crypto/md5.c | |||
@@ -0,0 +1,244 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * MD5 Message Digest Algorithm (RFC1321). | ||
5 | * | ||
6 | * Derived from cryptoapi implementation, originally based on the | ||
7 | * public domain implementation written by Colin Plumb in 1993. | ||
8 | * | ||
9 | * Copyright (c) Cryptoapi developers. | ||
10 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
11 | * | ||
12 | * This program is free software; you can redistribute it and/or modify it | ||
13 | * under the terms of the GNU General Public License as published by the Free | ||
14 | * Software Foundation; either version 2 of the License, or (at your option) | ||
15 | * any later version. | ||
16 | * | ||
17 | */ | ||
18 | #include <linux/init.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/string.h> | ||
21 | #include <linux/crypto.h> | ||
22 | #include <asm/byteorder.h> | ||
23 | |||
24 | #define MD5_DIGEST_SIZE 16 | ||
25 | #define MD5_HMAC_BLOCK_SIZE 64 | ||
26 | #define MD5_BLOCK_WORDS 16 | ||
27 | #define MD5_HASH_WORDS 4 | ||
28 | |||
29 | #define F1(x, y, z) (z ^ (x & (y ^ z))) | ||
30 | #define F2(x, y, z) F1(z, x, y) | ||
31 | #define F3(x, y, z) (x ^ y ^ z) | ||
32 | #define F4(x, y, z) (y ^ (x | ~z)) | ||
33 | |||
34 | #define MD5STEP(f, w, x, y, z, in, s) \ | ||
35 | (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x) | ||
36 | |||
37 | struct md5_ctx { | ||
38 | u32 hash[MD5_HASH_WORDS]; | ||
39 | u32 block[MD5_BLOCK_WORDS]; | ||
40 | u64 byte_count; | ||
41 | }; | ||
42 | |||
43 | static void md5_transform(u32 *hash, u32 const *in) | ||
44 | { | ||
45 | u32 a, b, c, d; | ||
46 | |||
47 | a = hash[0]; | ||
48 | b = hash[1]; | ||
49 | c = hash[2]; | ||
50 | d = hash[3]; | ||
51 | |||
52 | MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); | ||
53 | MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); | ||
54 | MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); | ||
55 | MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); | ||
56 | MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); | ||
57 | MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); | ||
58 | MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); | ||
59 | MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); | ||
60 | MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); | ||
61 | MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); | ||
62 | MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); | ||
63 | MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); | ||
64 | MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); | ||
65 | MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); | ||
66 | MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); | ||
67 | MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); | ||
68 | |||
69 | MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); | ||
70 | MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); | ||
71 | MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); | ||
72 | MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); | ||
73 | MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); | ||
74 | MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); | ||
75 | MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); | ||
76 | MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); | ||
77 | MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); | ||
78 | MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); | ||
79 | MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); | ||
80 | MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); | ||
81 | MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); | ||
82 | MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); | ||
83 | MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); | ||
84 | MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); | ||
85 | |||
86 | MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); | ||
87 | MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); | ||
88 | MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); | ||
89 | MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); | ||
90 | MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); | ||
91 | MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); | ||
92 | MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); | ||
93 | MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); | ||
94 | MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); | ||
95 | MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); | ||
96 | MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); | ||
97 | MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); | ||
98 | MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); | ||
99 | MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); | ||
100 | MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); | ||
101 | MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); | ||
102 | |||
103 | MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); | ||
104 | MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); | ||
105 | MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); | ||
106 | MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); | ||
107 | MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); | ||
108 | MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); | ||
109 | MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); | ||
110 | MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); | ||
111 | MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); | ||
112 | MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); | ||
113 | MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); | ||
114 | MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); | ||
115 | MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); | ||
116 | MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); | ||
117 | MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); | ||
118 | MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); | ||
119 | |||
120 | hash[0] += a; | ||
121 | hash[1] += b; | ||
122 | hash[2] += c; | ||
123 | hash[3] += d; | ||
124 | } | ||
125 | |||
126 | /* XXX: this stuff can be optimized */ | ||
127 | static inline void le32_to_cpu_array(u32 *buf, unsigned int words) | ||
128 | { | ||
129 | while (words--) { | ||
130 | __le32_to_cpus(buf); | ||
131 | buf++; | ||
132 | } | ||
133 | } | ||
134 | |||
135 | static inline void cpu_to_le32_array(u32 *buf, unsigned int words) | ||
136 | { | ||
137 | while (words--) { | ||
138 | __cpu_to_le32s(buf); | ||
139 | buf++; | ||
140 | } | ||
141 | } | ||
142 | |||
143 | static inline void md5_transform_helper(struct md5_ctx *ctx) | ||
144 | { | ||
145 | le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32)); | ||
146 | md5_transform(ctx->hash, ctx->block); | ||
147 | } | ||
148 | |||
149 | static void md5_init(void *ctx) | ||
150 | { | ||
151 | struct md5_ctx *mctx = ctx; | ||
152 | |||
153 | mctx->hash[0] = 0x67452301; | ||
154 | mctx->hash[1] = 0xefcdab89; | ||
155 | mctx->hash[2] = 0x98badcfe; | ||
156 | mctx->hash[3] = 0x10325476; | ||
157 | mctx->byte_count = 0; | ||
158 | } | ||
159 | |||
160 | static void md5_update(void *ctx, const u8 *data, unsigned int len) | ||
161 | { | ||
162 | struct md5_ctx *mctx = ctx; | ||
163 | const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f); | ||
164 | |||
165 | mctx->byte_count += len; | ||
166 | |||
167 | if (avail > len) { | ||
168 | memcpy((char *)mctx->block + (sizeof(mctx->block) - avail), | ||
169 | data, len); | ||
170 | return; | ||
171 | } | ||
172 | |||
173 | memcpy((char *)mctx->block + (sizeof(mctx->block) - avail), | ||
174 | data, avail); | ||
175 | |||
176 | md5_transform_helper(mctx); | ||
177 | data += avail; | ||
178 | len -= avail; | ||
179 | |||
180 | while (len >= sizeof(mctx->block)) { | ||
181 | memcpy(mctx->block, data, sizeof(mctx->block)); | ||
182 | md5_transform_helper(mctx); | ||
183 | data += sizeof(mctx->block); | ||
184 | len -= sizeof(mctx->block); | ||
185 | } | ||
186 | |||
187 | memcpy(mctx->block, data, len); | ||
188 | } | ||
189 | |||
190 | static void md5_final(void *ctx, u8 *out) | ||
191 | { | ||
192 | struct md5_ctx *mctx = ctx; | ||
193 | const unsigned int offset = mctx->byte_count & 0x3f; | ||
194 | char *p = (char *)mctx->block + offset; | ||
195 | int padding = 56 - (offset + 1); | ||
196 | |||
197 | *p++ = 0x80; | ||
198 | if (padding < 0) { | ||
199 | memset(p, 0x00, padding + sizeof (u64)); | ||
200 | md5_transform_helper(mctx); | ||
201 | p = (char *)mctx->block; | ||
202 | padding = 56; | ||
203 | } | ||
204 | |||
205 | memset(p, 0, padding); | ||
206 | mctx->block[14] = mctx->byte_count << 3; | ||
207 | mctx->block[15] = mctx->byte_count >> 29; | ||
208 | le32_to_cpu_array(mctx->block, (sizeof(mctx->block) - | ||
209 | sizeof(u64)) / sizeof(u32)); | ||
210 | md5_transform(mctx->hash, mctx->block); | ||
211 | cpu_to_le32_array(mctx->hash, sizeof(mctx->hash) / sizeof(u32)); | ||
212 | memcpy(out, mctx->hash, sizeof(mctx->hash)); | ||
213 | memset(mctx, 0, sizeof(*mctx)); | ||
214 | } | ||
215 | |||
216 | static struct crypto_alg alg = { | ||
217 | .cra_name = "md5", | ||
218 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
219 | .cra_blocksize = MD5_HMAC_BLOCK_SIZE, | ||
220 | .cra_ctxsize = sizeof(struct md5_ctx), | ||
221 | .cra_module = THIS_MODULE, | ||
222 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
223 | .cra_u = { .digest = { | ||
224 | .dia_digestsize = MD5_DIGEST_SIZE, | ||
225 | .dia_init = md5_init, | ||
226 | .dia_update = md5_update, | ||
227 | .dia_final = md5_final } } | ||
228 | }; | ||
229 | |||
230 | static int __init init(void) | ||
231 | { | ||
232 | return crypto_register_alg(&alg); | ||
233 | } | ||
234 | |||
235 | static void __exit fini(void) | ||
236 | { | ||
237 | crypto_unregister_alg(&alg); | ||
238 | } | ||
239 | |||
240 | module_init(init); | ||
241 | module_exit(fini); | ||
242 | |||
243 | MODULE_LICENSE("GPL"); | ||
244 | MODULE_DESCRIPTION("MD5 Message Digest Algorithm"); | ||
diff --git a/crypto/michael_mic.c b/crypto/michael_mic.c new file mode 100644 index 000000000000..a470bcb3693e --- /dev/null +++ b/crypto/michael_mic.c | |||
@@ -0,0 +1,181 @@ | |||
1 | /* | ||
2 | * Cryptographic API | ||
3 | * | ||
4 | * Michael MIC (IEEE 802.11i/TKIP) keyed digest | ||
5 | * | ||
6 | * Copyright (c) 2004 Jouni Malinen <jkmaline@cc.hut.fi> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify | ||
9 | * it under the terms of the GNU General Public License version 2 as | ||
10 | * published by the Free Software Foundation. | ||
11 | */ | ||
12 | |||
13 | #include <linux/init.h> | ||
14 | #include <linux/module.h> | ||
15 | #include <linux/string.h> | ||
16 | #include <linux/crypto.h> | ||
17 | |||
18 | |||
19 | struct michael_mic_ctx { | ||
20 | u8 pending[4]; | ||
21 | size_t pending_len; | ||
22 | |||
23 | u32 l, r; | ||
24 | }; | ||
25 | |||
26 | |||
27 | static inline u32 xswap(u32 val) | ||
28 | { | ||
29 | return ((val & 0x00ff00ff) << 8) | ((val & 0xff00ff00) >> 8); | ||
30 | } | ||
31 | |||
32 | |||
33 | #define michael_block(l, r) \ | ||
34 | do { \ | ||
35 | r ^= rol32(l, 17); \ | ||
36 | l += r; \ | ||
37 | r ^= xswap(l); \ | ||
38 | l += r; \ | ||
39 | r ^= rol32(l, 3); \ | ||
40 | l += r; \ | ||
41 | r ^= ror32(l, 2); \ | ||
42 | l += r; \ | ||
43 | } while (0) | ||
44 | |||
45 | |||
46 | static inline u32 get_le32(const u8 *p) | ||
47 | { | ||
48 | return p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); | ||
49 | } | ||
50 | |||
51 | |||
52 | static inline void put_le32(u8 *p, u32 v) | ||
53 | { | ||
54 | p[0] = v; | ||
55 | p[1] = v >> 8; | ||
56 | p[2] = v >> 16; | ||
57 | p[3] = v >> 24; | ||
58 | } | ||
59 | |||
60 | |||
61 | static void michael_init(void *ctx) | ||
62 | { | ||
63 | struct michael_mic_ctx *mctx = ctx; | ||
64 | mctx->pending_len = 0; | ||
65 | } | ||
66 | |||
67 | |||
68 | static void michael_update(void *ctx, const u8 *data, unsigned int len) | ||
69 | { | ||
70 | struct michael_mic_ctx *mctx = ctx; | ||
71 | |||
72 | if (mctx->pending_len) { | ||
73 | int flen = 4 - mctx->pending_len; | ||
74 | if (flen > len) | ||
75 | flen = len; | ||
76 | memcpy(&mctx->pending[mctx->pending_len], data, flen); | ||
77 | mctx->pending_len += flen; | ||
78 | data += flen; | ||
79 | len -= flen; | ||
80 | |||
81 | if (mctx->pending_len < 4) | ||
82 | return; | ||
83 | |||
84 | mctx->l ^= get_le32(mctx->pending); | ||
85 | michael_block(mctx->l, mctx->r); | ||
86 | mctx->pending_len = 0; | ||
87 | } | ||
88 | |||
89 | while (len >= 4) { | ||
90 | mctx->l ^= get_le32(data); | ||
91 | michael_block(mctx->l, mctx->r); | ||
92 | data += 4; | ||
93 | len -= 4; | ||
94 | } | ||
95 | |||
96 | if (len > 0) { | ||
97 | mctx->pending_len = len; | ||
98 | memcpy(mctx->pending, data, len); | ||
99 | } | ||
100 | } | ||
101 | |||
102 | |||
103 | static void michael_final(void *ctx, u8 *out) | ||
104 | { | ||
105 | struct michael_mic_ctx *mctx = ctx; | ||
106 | u8 *data = mctx->pending; | ||
107 | |||
108 | /* Last block and padding (0x5a, 4..7 x 0) */ | ||
109 | switch (mctx->pending_len) { | ||
110 | case 0: | ||
111 | mctx->l ^= 0x5a; | ||
112 | break; | ||
113 | case 1: | ||
114 | mctx->l ^= data[0] | 0x5a00; | ||
115 | break; | ||
116 | case 2: | ||
117 | mctx->l ^= data[0] | (data[1] << 8) | 0x5a0000; | ||
118 | break; | ||
119 | case 3: | ||
120 | mctx->l ^= data[0] | (data[1] << 8) | (data[2] << 16) | | ||
121 | 0x5a000000; | ||
122 | break; | ||
123 | } | ||
124 | michael_block(mctx->l, mctx->r); | ||
125 | /* l ^= 0; */ | ||
126 | michael_block(mctx->l, mctx->r); | ||
127 | |||
128 | put_le32(out, mctx->l); | ||
129 | put_le32(out + 4, mctx->r); | ||
130 | } | ||
131 | |||
132 | |||
133 | static int michael_setkey(void *ctx, const u8 *key, unsigned int keylen, | ||
134 | u32 *flags) | ||
135 | { | ||
136 | struct michael_mic_ctx *mctx = ctx; | ||
137 | if (keylen != 8) { | ||
138 | if (flags) | ||
139 | *flags = CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
140 | return -EINVAL; | ||
141 | } | ||
142 | mctx->l = get_le32(key); | ||
143 | mctx->r = get_le32(key + 4); | ||
144 | return 0; | ||
145 | } | ||
146 | |||
147 | |||
148 | static struct crypto_alg michael_mic_alg = { | ||
149 | .cra_name = "michael_mic", | ||
150 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
151 | .cra_blocksize = 8, | ||
152 | .cra_ctxsize = sizeof(struct michael_mic_ctx), | ||
153 | .cra_module = THIS_MODULE, | ||
154 | .cra_list = LIST_HEAD_INIT(michael_mic_alg.cra_list), | ||
155 | .cra_u = { .digest = { | ||
156 | .dia_digestsize = 8, | ||
157 | .dia_init = michael_init, | ||
158 | .dia_update = michael_update, | ||
159 | .dia_final = michael_final, | ||
160 | .dia_setkey = michael_setkey } } | ||
161 | }; | ||
162 | |||
163 | |||
164 | static int __init michael_mic_init(void) | ||
165 | { | ||
166 | return crypto_register_alg(&michael_mic_alg); | ||
167 | } | ||
168 | |||
169 | |||
170 | static void __exit michael_mic_exit(void) | ||
171 | { | ||
172 | crypto_unregister_alg(&michael_mic_alg); | ||
173 | } | ||
174 | |||
175 | |||
176 | module_init(michael_mic_init); | ||
177 | module_exit(michael_mic_exit); | ||
178 | |||
179 | MODULE_LICENSE("GPL v2"); | ||
180 | MODULE_DESCRIPTION("Michael MIC"); | ||
181 | MODULE_AUTHOR("Jouni Malinen <jkmaline@cc.hut.fi>"); | ||
diff --git a/crypto/proc.c b/crypto/proc.c new file mode 100644 index 000000000000..630ba91c08f1 --- /dev/null +++ b/crypto/proc.c | |||
@@ -0,0 +1,112 @@ | |||
1 | /* | ||
2 | * Scatterlist Cryptographic API. | ||
3 | * | ||
4 | * Procfs information. | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | #include <linux/init.h> | ||
15 | #include <linux/crypto.h> | ||
16 | #include <linux/rwsem.h> | ||
17 | #include <linux/proc_fs.h> | ||
18 | #include <linux/seq_file.h> | ||
19 | #include "internal.h" | ||
20 | |||
21 | extern struct list_head crypto_alg_list; | ||
22 | extern struct rw_semaphore crypto_alg_sem; | ||
23 | |||
24 | static void *c_start(struct seq_file *m, loff_t *pos) | ||
25 | { | ||
26 | struct list_head *v; | ||
27 | loff_t n = *pos; | ||
28 | |||
29 | down_read(&crypto_alg_sem); | ||
30 | list_for_each(v, &crypto_alg_list) | ||
31 | if (!n--) | ||
32 | return list_entry(v, struct crypto_alg, cra_list); | ||
33 | return NULL; | ||
34 | } | ||
35 | |||
36 | static void *c_next(struct seq_file *m, void *p, loff_t *pos) | ||
37 | { | ||
38 | struct list_head *v = p; | ||
39 | |||
40 | (*pos)++; | ||
41 | v = v->next; | ||
42 | return (v == &crypto_alg_list) ? | ||
43 | NULL : list_entry(v, struct crypto_alg, cra_list); | ||
44 | } | ||
45 | |||
46 | static void c_stop(struct seq_file *m, void *p) | ||
47 | { | ||
48 | up_read(&crypto_alg_sem); | ||
49 | } | ||
50 | |||
51 | static int c_show(struct seq_file *m, void *p) | ||
52 | { | ||
53 | struct crypto_alg *alg = (struct crypto_alg *)p; | ||
54 | |||
55 | seq_printf(m, "name : %s\n", alg->cra_name); | ||
56 | seq_printf(m, "module : %s\n", module_name(alg->cra_module)); | ||
57 | |||
58 | switch (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) { | ||
59 | case CRYPTO_ALG_TYPE_CIPHER: | ||
60 | seq_printf(m, "type : cipher\n"); | ||
61 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | ||
62 | seq_printf(m, "min keysize : %u\n", | ||
63 | alg->cra_cipher.cia_min_keysize); | ||
64 | seq_printf(m, "max keysize : %u\n", | ||
65 | alg->cra_cipher.cia_max_keysize); | ||
66 | break; | ||
67 | |||
68 | case CRYPTO_ALG_TYPE_DIGEST: | ||
69 | seq_printf(m, "type : digest\n"); | ||
70 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | ||
71 | seq_printf(m, "digestsize : %u\n", | ||
72 | alg->cra_digest.dia_digestsize); | ||
73 | break; | ||
74 | case CRYPTO_ALG_TYPE_COMPRESS: | ||
75 | seq_printf(m, "type : compression\n"); | ||
76 | break; | ||
77 | default: | ||
78 | seq_printf(m, "type : unknown\n"); | ||
79 | break; | ||
80 | } | ||
81 | |||
82 | seq_putc(m, '\n'); | ||
83 | return 0; | ||
84 | } | ||
85 | |||
86 | static struct seq_operations crypto_seq_ops = { | ||
87 | .start = c_start, | ||
88 | .next = c_next, | ||
89 | .stop = c_stop, | ||
90 | .show = c_show | ||
91 | }; | ||
92 | |||
93 | static int crypto_info_open(struct inode *inode, struct file *file) | ||
94 | { | ||
95 | return seq_open(file, &crypto_seq_ops); | ||
96 | } | ||
97 | |||
98 | static struct file_operations proc_crypto_ops = { | ||
99 | .open = crypto_info_open, | ||
100 | .read = seq_read, | ||
101 | .llseek = seq_lseek, | ||
102 | .release = seq_release | ||
103 | }; | ||
104 | |||
105 | void __init crypto_init_proc(void) | ||
106 | { | ||
107 | struct proc_dir_entry *proc; | ||
108 | |||
109 | proc = create_proc_entry("crypto", 0, NULL); | ||
110 | if (proc) | ||
111 | proc->proc_fops = &proc_crypto_ops; | ||
112 | } | ||
diff --git a/crypto/scatterwalk.c b/crypto/scatterwalk.c new file mode 100644 index 000000000000..50c9461e8cc6 --- /dev/null +++ b/crypto/scatterwalk.c | |||
@@ -0,0 +1,115 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Cipher operations. | ||
5 | * | ||
6 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
7 | * 2002 Adam J. Richter <adam@yggdrasil.com> | ||
8 | * 2004 Jean-Luc Cooke <jlcooke@certainkey.com> | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | * | ||
15 | */ | ||
16 | #include <linux/kernel.h> | ||
17 | #include <linux/mm.h> | ||
18 | #include <linux/pagemap.h> | ||
19 | #include <linux/highmem.h> | ||
20 | #include <asm/bug.h> | ||
21 | #include <asm/scatterlist.h> | ||
22 | #include "internal.h" | ||
23 | #include "scatterwalk.h" | ||
24 | |||
25 | enum km_type crypto_km_types[] = { | ||
26 | KM_USER0, | ||
27 | KM_USER1, | ||
28 | KM_SOFTIRQ0, | ||
29 | KM_SOFTIRQ1, | ||
30 | }; | ||
31 | |||
32 | static void memcpy_dir(void *buf, void *sgdata, size_t nbytes, int out) | ||
33 | { | ||
34 | if (out) | ||
35 | memcpy(sgdata, buf, nbytes); | ||
36 | else | ||
37 | memcpy(buf, sgdata, nbytes); | ||
38 | } | ||
39 | |||
40 | void scatterwalk_start(struct scatter_walk *walk, struct scatterlist *sg) | ||
41 | { | ||
42 | unsigned int rest_of_page; | ||
43 | |||
44 | walk->sg = sg; | ||
45 | |||
46 | walk->page = sg->page; | ||
47 | walk->len_this_segment = sg->length; | ||
48 | |||
49 | BUG_ON(!sg->length); | ||
50 | |||
51 | rest_of_page = PAGE_CACHE_SIZE - (sg->offset & (PAGE_CACHE_SIZE - 1)); | ||
52 | walk->len_this_page = min(sg->length, rest_of_page); | ||
53 | walk->offset = sg->offset; | ||
54 | } | ||
55 | |||
56 | void scatterwalk_map(struct scatter_walk *walk, int out) | ||
57 | { | ||
58 | walk->data = crypto_kmap(walk->page, out) + walk->offset; | ||
59 | } | ||
60 | |||
61 | static inline void scatterwalk_unmap(struct scatter_walk *walk, int out) | ||
62 | { | ||
63 | /* walk->data may be pointing the first byte of the next page; | ||
64 | however, we know we transfered at least one byte. So, | ||
65 | walk->data - 1 will be a virtual address in the mapped page. */ | ||
66 | crypto_kunmap(walk->data - 1, out); | ||
67 | } | ||
68 | |||
69 | static void scatterwalk_pagedone(struct scatter_walk *walk, int out, | ||
70 | unsigned int more) | ||
71 | { | ||
72 | if (out) | ||
73 | flush_dcache_page(walk->page); | ||
74 | |||
75 | if (more) { | ||
76 | walk->len_this_segment -= walk->len_this_page; | ||
77 | |||
78 | if (walk->len_this_segment) { | ||
79 | walk->page++; | ||
80 | walk->len_this_page = min(walk->len_this_segment, | ||
81 | (unsigned)PAGE_CACHE_SIZE); | ||
82 | walk->offset = 0; | ||
83 | } | ||
84 | else | ||
85 | scatterwalk_start(walk, sg_next(walk->sg)); | ||
86 | } | ||
87 | } | ||
88 | |||
89 | void scatterwalk_done(struct scatter_walk *walk, int out, int more) | ||
90 | { | ||
91 | scatterwalk_unmap(walk, out); | ||
92 | if (walk->len_this_page == 0 || !more) | ||
93 | scatterwalk_pagedone(walk, out, more); | ||
94 | } | ||
95 | |||
96 | /* | ||
97 | * Do not call this unless the total length of all of the fragments | ||
98 | * has been verified as multiple of the block size. | ||
99 | */ | ||
100 | int scatterwalk_copychunks(void *buf, struct scatter_walk *walk, | ||
101 | size_t nbytes, int out) | ||
102 | { | ||
103 | do { | ||
104 | memcpy_dir(buf, walk->data, walk->len_this_page, out); | ||
105 | buf += walk->len_this_page; | ||
106 | nbytes -= walk->len_this_page; | ||
107 | |||
108 | scatterwalk_unmap(walk, out); | ||
109 | scatterwalk_pagedone(walk, out, 1); | ||
110 | scatterwalk_map(walk, out); | ||
111 | } while (nbytes > walk->len_this_page); | ||
112 | |||
113 | memcpy_dir(buf, walk->data, nbytes, out); | ||
114 | return nbytes; | ||
115 | } | ||
diff --git a/crypto/scatterwalk.h b/crypto/scatterwalk.h new file mode 100644 index 000000000000..02aa56c649b4 --- /dev/null +++ b/crypto/scatterwalk.h | |||
@@ -0,0 +1,63 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
5 | * Copyright (c) 2002 Adam J. Richter <adam@yggdrasil.com> | ||
6 | * Copyright (c) 2004 Jean-Luc Cooke <jlcooke@certainkey.com> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | |||
15 | #ifndef _CRYPTO_SCATTERWALK_H | ||
16 | #define _CRYPTO_SCATTERWALK_H | ||
17 | #include <linux/mm.h> | ||
18 | #include <asm/scatterlist.h> | ||
19 | |||
20 | struct scatter_walk { | ||
21 | struct scatterlist *sg; | ||
22 | struct page *page; | ||
23 | void *data; | ||
24 | unsigned int len_this_page; | ||
25 | unsigned int len_this_segment; | ||
26 | unsigned int offset; | ||
27 | }; | ||
28 | |||
29 | /* Define sg_next is an inline routine now in case we want to change | ||
30 | scatterlist to a linked list later. */ | ||
31 | static inline struct scatterlist *sg_next(struct scatterlist *sg) | ||
32 | { | ||
33 | return sg + 1; | ||
34 | } | ||
35 | |||
36 | static inline int scatterwalk_samebuf(struct scatter_walk *walk_in, | ||
37 | struct scatter_walk *walk_out) | ||
38 | { | ||
39 | return walk_in->page == walk_out->page && | ||
40 | walk_in->offset == walk_out->offset; | ||
41 | } | ||
42 | |||
43 | static inline int scatterwalk_across_pages(struct scatter_walk *walk, | ||
44 | unsigned int nbytes) | ||
45 | { | ||
46 | return nbytes > walk->len_this_page; | ||
47 | } | ||
48 | |||
49 | static inline void scatterwalk_advance(struct scatter_walk *walk, | ||
50 | unsigned int nbytes) | ||
51 | { | ||
52 | walk->data += nbytes; | ||
53 | walk->offset += nbytes; | ||
54 | walk->len_this_page -= nbytes; | ||
55 | walk->len_this_segment -= nbytes; | ||
56 | } | ||
57 | |||
58 | void scatterwalk_start(struct scatter_walk *walk, struct scatterlist *sg); | ||
59 | int scatterwalk_copychunks(void *buf, struct scatter_walk *walk, size_t nbytes, int out); | ||
60 | void scatterwalk_map(struct scatter_walk *walk, int out); | ||
61 | void scatterwalk_done(struct scatter_walk *walk, int out, int more); | ||
62 | |||
63 | #endif /* _CRYPTO_SCATTERWALK_H */ | ||
diff --git a/crypto/serpent.c b/crypto/serpent.c new file mode 100644 index 000000000000..7d152e89016f --- /dev/null +++ b/crypto/serpent.c | |||
@@ -0,0 +1,593 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Serpent Cipher Algorithm. | ||
5 | * | ||
6 | * Copyright (C) 2002 Dag Arne Osvik <osvik@ii.uib.no> | ||
7 | * 2003 Herbert Valerio Riedel <hvr@gnu.org> | ||
8 | * | ||
9 | * Added tnepres support: Ruben Jesus Garcia Hernandez <ruben@ugr.es>, 18.10.2004 | ||
10 | * Based on code by hvr | ||
11 | * | ||
12 | * This program is free software; you can redistribute it and/or modify | ||
13 | * it under the terms of the GNU General Public License as published by | ||
14 | * the Free Software Foundation; either version 2 of the License, or | ||
15 | * (at your option) any later version. | ||
16 | */ | ||
17 | |||
18 | #include <linux/init.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/errno.h> | ||
21 | #include <asm/byteorder.h> | ||
22 | #include <linux/crypto.h> | ||
23 | |||
24 | /* Key is padded to the maximum of 256 bits before round key generation. | ||
25 | * Any key length <= 256 bits (32 bytes) is allowed by the algorithm. | ||
26 | */ | ||
27 | |||
28 | #define SERPENT_MIN_KEY_SIZE 0 | ||
29 | #define SERPENT_MAX_KEY_SIZE 32 | ||
30 | #define SERPENT_EXPKEY_WORDS 132 | ||
31 | #define SERPENT_BLOCK_SIZE 16 | ||
32 | |||
33 | #define PHI 0x9e3779b9UL | ||
34 | |||
35 | #define keyiter(a,b,c,d,i,j) \ | ||
36 | b ^= d; b ^= c; b ^= a; b ^= PHI ^ i; b = rol32(b,11); k[j] = b; | ||
37 | |||
38 | #define loadkeys(x0,x1,x2,x3,i) \ | ||
39 | x0=k[i]; x1=k[i+1]; x2=k[i+2]; x3=k[i+3]; | ||
40 | |||
41 | #define storekeys(x0,x1,x2,x3,i) \ | ||
42 | k[i]=x0; k[i+1]=x1; k[i+2]=x2; k[i+3]=x3; | ||
43 | |||
44 | #define K(x0,x1,x2,x3,i) \ | ||
45 | x3 ^= k[4*(i)+3]; x2 ^= k[4*(i)+2]; \ | ||
46 | x1 ^= k[4*(i)+1]; x0 ^= k[4*(i)+0]; | ||
47 | |||
48 | #define LK(x0,x1,x2,x3,x4,i) \ | ||
49 | x0=rol32(x0,13);\ | ||
50 | x2=rol32(x2,3); x1 ^= x0; x4 = x0 << 3; \ | ||
51 | x3 ^= x2; x1 ^= x2; \ | ||
52 | x1=rol32(x1,1); x3 ^= x4; \ | ||
53 | x3=rol32(x3,7); x4 = x1; \ | ||
54 | x0 ^= x1; x4 <<= 7; x2 ^= x3; \ | ||
55 | x0 ^= x3; x2 ^= x4; x3 ^= k[4*i+3]; \ | ||
56 | x1 ^= k[4*i+1]; x0=rol32(x0,5); x2=rol32(x2,22);\ | ||
57 | x0 ^= k[4*i+0]; x2 ^= k[4*i+2]; | ||
58 | |||
59 | #define KL(x0,x1,x2,x3,x4,i) \ | ||
60 | x0 ^= k[4*i+0]; x1 ^= k[4*i+1]; x2 ^= k[4*i+2]; \ | ||
61 | x3 ^= k[4*i+3]; x0=ror32(x0,5); x2=ror32(x2,22);\ | ||
62 | x4 = x1; x2 ^= x3; x0 ^= x3; \ | ||
63 | x4 <<= 7; x0 ^= x1; x1=ror32(x1,1); \ | ||
64 | x2 ^= x4; x3=ror32(x3,7); x4 = x0 << 3; \ | ||
65 | x1 ^= x0; x3 ^= x4; x0=ror32(x0,13);\ | ||
66 | x1 ^= x2; x3 ^= x2; x2=ror32(x2,3); | ||
67 | |||
68 | #define S0(x0,x1,x2,x3,x4) \ | ||
69 | x4 = x3; \ | ||
70 | x3 |= x0; x0 ^= x4; x4 ^= x2; \ | ||
71 | x4 =~ x4; x3 ^= x1; x1 &= x0; \ | ||
72 | x1 ^= x4; x2 ^= x0; x0 ^= x3; \ | ||
73 | x4 |= x0; x0 ^= x2; x2 &= x1; \ | ||
74 | x3 ^= x2; x1 =~ x1; x2 ^= x4; \ | ||
75 | x1 ^= x2; | ||
76 | |||
77 | #define S1(x0,x1,x2,x3,x4) \ | ||
78 | x4 = x1; \ | ||
79 | x1 ^= x0; x0 ^= x3; x3 =~ x3; \ | ||
80 | x4 &= x1; x0 |= x1; x3 ^= x2; \ | ||
81 | x0 ^= x3; x1 ^= x3; x3 ^= x4; \ | ||
82 | x1 |= x4; x4 ^= x2; x2 &= x0; \ | ||
83 | x2 ^= x1; x1 |= x0; x0 =~ x0; \ | ||
84 | x0 ^= x2; x4 ^= x1; | ||
85 | |||
86 | #define S2(x0,x1,x2,x3,x4) \ | ||
87 | x3 =~ x3; \ | ||
88 | x1 ^= x0; x4 = x0; x0 &= x2; \ | ||
89 | x0 ^= x3; x3 |= x4; x2 ^= x1; \ | ||
90 | x3 ^= x1; x1 &= x0; x0 ^= x2; \ | ||
91 | x2 &= x3; x3 |= x1; x0 =~ x0; \ | ||
92 | x3 ^= x0; x4 ^= x0; x0 ^= x2; \ | ||
93 | x1 |= x2; | ||
94 | |||
95 | #define S3(x0,x1,x2,x3,x4) \ | ||
96 | x4 = x1; \ | ||
97 | x1 ^= x3; x3 |= x0; x4 &= x0; \ | ||
98 | x0 ^= x2; x2 ^= x1; x1 &= x3; \ | ||
99 | x2 ^= x3; x0 |= x4; x4 ^= x3; \ | ||
100 | x1 ^= x0; x0 &= x3; x3 &= x4; \ | ||
101 | x3 ^= x2; x4 |= x1; x2 &= x1; \ | ||
102 | x4 ^= x3; x0 ^= x3; x3 ^= x2; | ||
103 | |||
104 | #define S4(x0,x1,x2,x3,x4) \ | ||
105 | x4 = x3; \ | ||
106 | x3 &= x0; x0 ^= x4; \ | ||
107 | x3 ^= x2; x2 |= x4; x0 ^= x1; \ | ||
108 | x4 ^= x3; x2 |= x0; \ | ||
109 | x2 ^= x1; x1 &= x0; \ | ||
110 | x1 ^= x4; x4 &= x2; x2 ^= x3; \ | ||
111 | x4 ^= x0; x3 |= x1; x1 =~ x1; \ | ||
112 | x3 ^= x0; | ||
113 | |||
114 | #define S5(x0,x1,x2,x3,x4) \ | ||
115 | x4 = x1; x1 |= x0; \ | ||
116 | x2 ^= x1; x3 =~ x3; x4 ^= x0; \ | ||
117 | x0 ^= x2; x1 &= x4; x4 |= x3; \ | ||
118 | x4 ^= x0; x0 &= x3; x1 ^= x3; \ | ||
119 | x3 ^= x2; x0 ^= x1; x2 &= x4; \ | ||
120 | x1 ^= x2; x2 &= x0; \ | ||
121 | x3 ^= x2; | ||
122 | |||
123 | #define S6(x0,x1,x2,x3,x4) \ | ||
124 | x4 = x1; \ | ||
125 | x3 ^= x0; x1 ^= x2; x2 ^= x0; \ | ||
126 | x0 &= x3; x1 |= x3; x4 =~ x4; \ | ||
127 | x0 ^= x1; x1 ^= x2; \ | ||
128 | x3 ^= x4; x4 ^= x0; x2 &= x0; \ | ||
129 | x4 ^= x1; x2 ^= x3; x3 &= x1; \ | ||
130 | x3 ^= x0; x1 ^= x2; | ||
131 | |||
132 | #define S7(x0,x1,x2,x3,x4) \ | ||
133 | x1 =~ x1; \ | ||
134 | x4 = x1; x0 =~ x0; x1 &= x2; \ | ||
135 | x1 ^= x3; x3 |= x4; x4 ^= x2; \ | ||
136 | x2 ^= x3; x3 ^= x0; x0 |= x1; \ | ||
137 | x2 &= x0; x0 ^= x4; x4 ^= x3; \ | ||
138 | x3 &= x0; x4 ^= x1; \ | ||
139 | x2 ^= x4; x3 ^= x1; x4 |= x0; \ | ||
140 | x4 ^= x1; | ||
141 | |||
142 | #define SI0(x0,x1,x2,x3,x4) \ | ||
143 | x4 = x3; x1 ^= x0; \ | ||
144 | x3 |= x1; x4 ^= x1; x0 =~ x0; \ | ||
145 | x2 ^= x3; x3 ^= x0; x0 &= x1; \ | ||
146 | x0 ^= x2; x2 &= x3; x3 ^= x4; \ | ||
147 | x2 ^= x3; x1 ^= x3; x3 &= x0; \ | ||
148 | x1 ^= x0; x0 ^= x2; x4 ^= x3; | ||
149 | |||
150 | #define SI1(x0,x1,x2,x3,x4) \ | ||
151 | x1 ^= x3; x4 = x0; \ | ||
152 | x0 ^= x2; x2 =~ x2; x4 |= x1; \ | ||
153 | x4 ^= x3; x3 &= x1; x1 ^= x2; \ | ||
154 | x2 &= x4; x4 ^= x1; x1 |= x3; \ | ||
155 | x3 ^= x0; x2 ^= x0; x0 |= x4; \ | ||
156 | x2 ^= x4; x1 ^= x0; \ | ||
157 | x4 ^= x1; | ||
158 | |||
159 | #define SI2(x0,x1,x2,x3,x4) \ | ||
160 | x2 ^= x1; x4 = x3; x3 =~ x3; \ | ||
161 | x3 |= x2; x2 ^= x4; x4 ^= x0; \ | ||
162 | x3 ^= x1; x1 |= x2; x2 ^= x0; \ | ||
163 | x1 ^= x4; x4 |= x3; x2 ^= x3; \ | ||
164 | x4 ^= x2; x2 &= x1; \ | ||
165 | x2 ^= x3; x3 ^= x4; x4 ^= x0; | ||
166 | |||
167 | #define SI3(x0,x1,x2,x3,x4) \ | ||
168 | x2 ^= x1; \ | ||
169 | x4 = x1; x1 &= x2; \ | ||
170 | x1 ^= x0; x0 |= x4; x4 ^= x3; \ | ||
171 | x0 ^= x3; x3 |= x1; x1 ^= x2; \ | ||
172 | x1 ^= x3; x0 ^= x2; x2 ^= x3; \ | ||
173 | x3 &= x1; x1 ^= x0; x0 &= x2; \ | ||
174 | x4 ^= x3; x3 ^= x0; x0 ^= x1; | ||
175 | |||
176 | #define SI4(x0,x1,x2,x3,x4) \ | ||
177 | x2 ^= x3; x4 = x0; x0 &= x1; \ | ||
178 | x0 ^= x2; x2 |= x3; x4 =~ x4; \ | ||
179 | x1 ^= x0; x0 ^= x2; x2 &= x4; \ | ||
180 | x2 ^= x0; x0 |= x4; \ | ||
181 | x0 ^= x3; x3 &= x2; \ | ||
182 | x4 ^= x3; x3 ^= x1; x1 &= x0; \ | ||
183 | x4 ^= x1; x0 ^= x3; | ||
184 | |||
185 | #define SI5(x0,x1,x2,x3,x4) \ | ||
186 | x4 = x1; x1 |= x2; \ | ||
187 | x2 ^= x4; x1 ^= x3; x3 &= x4; \ | ||
188 | x2 ^= x3; x3 |= x0; x0 =~ x0; \ | ||
189 | x3 ^= x2; x2 |= x0; x4 ^= x1; \ | ||
190 | x2 ^= x4; x4 &= x0; x0 ^= x1; \ | ||
191 | x1 ^= x3; x0 &= x2; x2 ^= x3; \ | ||
192 | x0 ^= x2; x2 ^= x4; x4 ^= x3; | ||
193 | |||
194 | #define SI6(x0,x1,x2,x3,x4) \ | ||
195 | x0 ^= x2; \ | ||
196 | x4 = x0; x0 &= x3; x2 ^= x3; \ | ||
197 | x0 ^= x2; x3 ^= x1; x2 |= x4; \ | ||
198 | x2 ^= x3; x3 &= x0; x0 =~ x0; \ | ||
199 | x3 ^= x1; x1 &= x2; x4 ^= x0; \ | ||
200 | x3 ^= x4; x4 ^= x2; x0 ^= x1; \ | ||
201 | x2 ^= x0; | ||
202 | |||
203 | #define SI7(x0,x1,x2,x3,x4) \ | ||
204 | x4 = x3; x3 &= x0; x0 ^= x2; \ | ||
205 | x2 |= x4; x4 ^= x1; x0 =~ x0; \ | ||
206 | x1 |= x3; x4 ^= x0; x0 &= x2; \ | ||
207 | x0 ^= x1; x1 &= x2; x3 ^= x2; \ | ||
208 | x4 ^= x3; x2 &= x3; x3 |= x0; \ | ||
209 | x1 ^= x4; x3 ^= x4; x4 &= x0; \ | ||
210 | x4 ^= x2; | ||
211 | |||
212 | struct serpent_ctx { | ||
213 | u8 iv[SERPENT_BLOCK_SIZE]; | ||
214 | u32 expkey[SERPENT_EXPKEY_WORDS]; | ||
215 | }; | ||
216 | |||
217 | |||
218 | static int serpent_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags) | ||
219 | { | ||
220 | u32 *k = ((struct serpent_ctx *)ctx)->expkey; | ||
221 | u8 *k8 = (u8 *)k; | ||
222 | u32 r0,r1,r2,r3,r4; | ||
223 | int i; | ||
224 | |||
225 | if ((keylen < SERPENT_MIN_KEY_SIZE) | ||
226 | || (keylen > SERPENT_MAX_KEY_SIZE)) | ||
227 | { | ||
228 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
229 | return -EINVAL; | ||
230 | } | ||
231 | |||
232 | /* Copy key, add padding */ | ||
233 | |||
234 | for (i = 0; i < keylen; ++i) | ||
235 | k8[i] = key[i]; | ||
236 | if (i < SERPENT_MAX_KEY_SIZE) | ||
237 | k8[i++] = 1; | ||
238 | while (i < SERPENT_MAX_KEY_SIZE) | ||
239 | k8[i++] = 0; | ||
240 | |||
241 | /* Expand key using polynomial */ | ||
242 | |||
243 | r0 = le32_to_cpu(k[3]); | ||
244 | r1 = le32_to_cpu(k[4]); | ||
245 | r2 = le32_to_cpu(k[5]); | ||
246 | r3 = le32_to_cpu(k[6]); | ||
247 | r4 = le32_to_cpu(k[7]); | ||
248 | |||
249 | keyiter(le32_to_cpu(k[0]),r0,r4,r2,0,0); | ||
250 | keyiter(le32_to_cpu(k[1]),r1,r0,r3,1,1); | ||
251 | keyiter(le32_to_cpu(k[2]),r2,r1,r4,2,2); | ||
252 | keyiter(le32_to_cpu(k[3]),r3,r2,r0,3,3); | ||
253 | keyiter(le32_to_cpu(k[4]),r4,r3,r1,4,4); | ||
254 | keyiter(le32_to_cpu(k[5]),r0,r4,r2,5,5); | ||
255 | keyiter(le32_to_cpu(k[6]),r1,r0,r3,6,6); | ||
256 | keyiter(le32_to_cpu(k[7]),r2,r1,r4,7,7); | ||
257 | |||
258 | keyiter(k[ 0],r3,r2,r0, 8, 8); keyiter(k[ 1],r4,r3,r1, 9, 9); | ||
259 | keyiter(k[ 2],r0,r4,r2, 10, 10); keyiter(k[ 3],r1,r0,r3, 11, 11); | ||
260 | keyiter(k[ 4],r2,r1,r4, 12, 12); keyiter(k[ 5],r3,r2,r0, 13, 13); | ||
261 | keyiter(k[ 6],r4,r3,r1, 14, 14); keyiter(k[ 7],r0,r4,r2, 15, 15); | ||
262 | keyiter(k[ 8],r1,r0,r3, 16, 16); keyiter(k[ 9],r2,r1,r4, 17, 17); | ||
263 | keyiter(k[ 10],r3,r2,r0, 18, 18); keyiter(k[ 11],r4,r3,r1, 19, 19); | ||
264 | keyiter(k[ 12],r0,r4,r2, 20, 20); keyiter(k[ 13],r1,r0,r3, 21, 21); | ||
265 | keyiter(k[ 14],r2,r1,r4, 22, 22); keyiter(k[ 15],r3,r2,r0, 23, 23); | ||
266 | keyiter(k[ 16],r4,r3,r1, 24, 24); keyiter(k[ 17],r0,r4,r2, 25, 25); | ||
267 | keyiter(k[ 18],r1,r0,r3, 26, 26); keyiter(k[ 19],r2,r1,r4, 27, 27); | ||
268 | keyiter(k[ 20],r3,r2,r0, 28, 28); keyiter(k[ 21],r4,r3,r1, 29, 29); | ||
269 | keyiter(k[ 22],r0,r4,r2, 30, 30); keyiter(k[ 23],r1,r0,r3, 31, 31); | ||
270 | |||
271 | k += 50; | ||
272 | |||
273 | keyiter(k[-26],r2,r1,r4, 32,-18); keyiter(k[-25],r3,r2,r0, 33,-17); | ||
274 | keyiter(k[-24],r4,r3,r1, 34,-16); keyiter(k[-23],r0,r4,r2, 35,-15); | ||
275 | keyiter(k[-22],r1,r0,r3, 36,-14); keyiter(k[-21],r2,r1,r4, 37,-13); | ||
276 | keyiter(k[-20],r3,r2,r0, 38,-12); keyiter(k[-19],r4,r3,r1, 39,-11); | ||
277 | keyiter(k[-18],r0,r4,r2, 40,-10); keyiter(k[-17],r1,r0,r3, 41, -9); | ||
278 | keyiter(k[-16],r2,r1,r4, 42, -8); keyiter(k[-15],r3,r2,r0, 43, -7); | ||
279 | keyiter(k[-14],r4,r3,r1, 44, -6); keyiter(k[-13],r0,r4,r2, 45, -5); | ||
280 | keyiter(k[-12],r1,r0,r3, 46, -4); keyiter(k[-11],r2,r1,r4, 47, -3); | ||
281 | keyiter(k[-10],r3,r2,r0, 48, -2); keyiter(k[ -9],r4,r3,r1, 49, -1); | ||
282 | keyiter(k[ -8],r0,r4,r2, 50, 0); keyiter(k[ -7],r1,r0,r3, 51, 1); | ||
283 | keyiter(k[ -6],r2,r1,r4, 52, 2); keyiter(k[ -5],r3,r2,r0, 53, 3); | ||
284 | keyiter(k[ -4],r4,r3,r1, 54, 4); keyiter(k[ -3],r0,r4,r2, 55, 5); | ||
285 | keyiter(k[ -2],r1,r0,r3, 56, 6); keyiter(k[ -1],r2,r1,r4, 57, 7); | ||
286 | keyiter(k[ 0],r3,r2,r0, 58, 8); keyiter(k[ 1],r4,r3,r1, 59, 9); | ||
287 | keyiter(k[ 2],r0,r4,r2, 60, 10); keyiter(k[ 3],r1,r0,r3, 61, 11); | ||
288 | keyiter(k[ 4],r2,r1,r4, 62, 12); keyiter(k[ 5],r3,r2,r0, 63, 13); | ||
289 | keyiter(k[ 6],r4,r3,r1, 64, 14); keyiter(k[ 7],r0,r4,r2, 65, 15); | ||
290 | keyiter(k[ 8],r1,r0,r3, 66, 16); keyiter(k[ 9],r2,r1,r4, 67, 17); | ||
291 | keyiter(k[ 10],r3,r2,r0, 68, 18); keyiter(k[ 11],r4,r3,r1, 69, 19); | ||
292 | keyiter(k[ 12],r0,r4,r2, 70, 20); keyiter(k[ 13],r1,r0,r3, 71, 21); | ||
293 | keyiter(k[ 14],r2,r1,r4, 72, 22); keyiter(k[ 15],r3,r2,r0, 73, 23); | ||
294 | keyiter(k[ 16],r4,r3,r1, 74, 24); keyiter(k[ 17],r0,r4,r2, 75, 25); | ||
295 | keyiter(k[ 18],r1,r0,r3, 76, 26); keyiter(k[ 19],r2,r1,r4, 77, 27); | ||
296 | keyiter(k[ 20],r3,r2,r0, 78, 28); keyiter(k[ 21],r4,r3,r1, 79, 29); | ||
297 | keyiter(k[ 22],r0,r4,r2, 80, 30); keyiter(k[ 23],r1,r0,r3, 81, 31); | ||
298 | |||
299 | k += 50; | ||
300 | |||
301 | keyiter(k[-26],r2,r1,r4, 82,-18); keyiter(k[-25],r3,r2,r0, 83,-17); | ||
302 | keyiter(k[-24],r4,r3,r1, 84,-16); keyiter(k[-23],r0,r4,r2, 85,-15); | ||
303 | keyiter(k[-22],r1,r0,r3, 86,-14); keyiter(k[-21],r2,r1,r4, 87,-13); | ||
304 | keyiter(k[-20],r3,r2,r0, 88,-12); keyiter(k[-19],r4,r3,r1, 89,-11); | ||
305 | keyiter(k[-18],r0,r4,r2, 90,-10); keyiter(k[-17],r1,r0,r3, 91, -9); | ||
306 | keyiter(k[-16],r2,r1,r4, 92, -8); keyiter(k[-15],r3,r2,r0, 93, -7); | ||
307 | keyiter(k[-14],r4,r3,r1, 94, -6); keyiter(k[-13],r0,r4,r2, 95, -5); | ||
308 | keyiter(k[-12],r1,r0,r3, 96, -4); keyiter(k[-11],r2,r1,r4, 97, -3); | ||
309 | keyiter(k[-10],r3,r2,r0, 98, -2); keyiter(k[ -9],r4,r3,r1, 99, -1); | ||
310 | keyiter(k[ -8],r0,r4,r2,100, 0); keyiter(k[ -7],r1,r0,r3,101, 1); | ||
311 | keyiter(k[ -6],r2,r1,r4,102, 2); keyiter(k[ -5],r3,r2,r0,103, 3); | ||
312 | keyiter(k[ -4],r4,r3,r1,104, 4); keyiter(k[ -3],r0,r4,r2,105, 5); | ||
313 | keyiter(k[ -2],r1,r0,r3,106, 6); keyiter(k[ -1],r2,r1,r4,107, 7); | ||
314 | keyiter(k[ 0],r3,r2,r0,108, 8); keyiter(k[ 1],r4,r3,r1,109, 9); | ||
315 | keyiter(k[ 2],r0,r4,r2,110, 10); keyiter(k[ 3],r1,r0,r3,111, 11); | ||
316 | keyiter(k[ 4],r2,r1,r4,112, 12); keyiter(k[ 5],r3,r2,r0,113, 13); | ||
317 | keyiter(k[ 6],r4,r3,r1,114, 14); keyiter(k[ 7],r0,r4,r2,115, 15); | ||
318 | keyiter(k[ 8],r1,r0,r3,116, 16); keyiter(k[ 9],r2,r1,r4,117, 17); | ||
319 | keyiter(k[ 10],r3,r2,r0,118, 18); keyiter(k[ 11],r4,r3,r1,119, 19); | ||
320 | keyiter(k[ 12],r0,r4,r2,120, 20); keyiter(k[ 13],r1,r0,r3,121, 21); | ||
321 | keyiter(k[ 14],r2,r1,r4,122, 22); keyiter(k[ 15],r3,r2,r0,123, 23); | ||
322 | keyiter(k[ 16],r4,r3,r1,124, 24); keyiter(k[ 17],r0,r4,r2,125, 25); | ||
323 | keyiter(k[ 18],r1,r0,r3,126, 26); keyiter(k[ 19],r2,r1,r4,127, 27); | ||
324 | keyiter(k[ 20],r3,r2,r0,128, 28); keyiter(k[ 21],r4,r3,r1,129, 29); | ||
325 | keyiter(k[ 22],r0,r4,r2,130, 30); keyiter(k[ 23],r1,r0,r3,131, 31); | ||
326 | |||
327 | /* Apply S-boxes */ | ||
328 | |||
329 | S3(r3,r4,r0,r1,r2); storekeys(r1,r2,r4,r3, 28); loadkeys(r1,r2,r4,r3, 24); | ||
330 | S4(r1,r2,r4,r3,r0); storekeys(r2,r4,r3,r0, 24); loadkeys(r2,r4,r3,r0, 20); | ||
331 | S5(r2,r4,r3,r0,r1); storekeys(r1,r2,r4,r0, 20); loadkeys(r1,r2,r4,r0, 16); | ||
332 | S6(r1,r2,r4,r0,r3); storekeys(r4,r3,r2,r0, 16); loadkeys(r4,r3,r2,r0, 12); | ||
333 | S7(r4,r3,r2,r0,r1); storekeys(r1,r2,r0,r4, 12); loadkeys(r1,r2,r0,r4, 8); | ||
334 | S0(r1,r2,r0,r4,r3); storekeys(r0,r2,r4,r1, 8); loadkeys(r0,r2,r4,r1, 4); | ||
335 | S1(r0,r2,r4,r1,r3); storekeys(r3,r4,r1,r0, 4); loadkeys(r3,r4,r1,r0, 0); | ||
336 | S2(r3,r4,r1,r0,r2); storekeys(r2,r4,r3,r0, 0); loadkeys(r2,r4,r3,r0, -4); | ||
337 | S3(r2,r4,r3,r0,r1); storekeys(r0,r1,r4,r2, -4); loadkeys(r0,r1,r4,r2, -8); | ||
338 | S4(r0,r1,r4,r2,r3); storekeys(r1,r4,r2,r3, -8); loadkeys(r1,r4,r2,r3,-12); | ||
339 | S5(r1,r4,r2,r3,r0); storekeys(r0,r1,r4,r3,-12); loadkeys(r0,r1,r4,r3,-16); | ||
340 | S6(r0,r1,r4,r3,r2); storekeys(r4,r2,r1,r3,-16); loadkeys(r4,r2,r1,r3,-20); | ||
341 | S7(r4,r2,r1,r3,r0); storekeys(r0,r1,r3,r4,-20); loadkeys(r0,r1,r3,r4,-24); | ||
342 | S0(r0,r1,r3,r4,r2); storekeys(r3,r1,r4,r0,-24); loadkeys(r3,r1,r4,r0,-28); | ||
343 | k -= 50; | ||
344 | S1(r3,r1,r4,r0,r2); storekeys(r2,r4,r0,r3, 22); loadkeys(r2,r4,r0,r3, 18); | ||
345 | S2(r2,r4,r0,r3,r1); storekeys(r1,r4,r2,r3, 18); loadkeys(r1,r4,r2,r3, 14); | ||
346 | S3(r1,r4,r2,r3,r0); storekeys(r3,r0,r4,r1, 14); loadkeys(r3,r0,r4,r1, 10); | ||
347 | S4(r3,r0,r4,r1,r2); storekeys(r0,r4,r1,r2, 10); loadkeys(r0,r4,r1,r2, 6); | ||
348 | S5(r0,r4,r1,r2,r3); storekeys(r3,r0,r4,r2, 6); loadkeys(r3,r0,r4,r2, 2); | ||
349 | S6(r3,r0,r4,r2,r1); storekeys(r4,r1,r0,r2, 2); loadkeys(r4,r1,r0,r2, -2); | ||
350 | S7(r4,r1,r0,r2,r3); storekeys(r3,r0,r2,r4, -2); loadkeys(r3,r0,r2,r4, -6); | ||
351 | S0(r3,r0,r2,r4,r1); storekeys(r2,r0,r4,r3, -6); loadkeys(r2,r0,r4,r3,-10); | ||
352 | S1(r2,r0,r4,r3,r1); storekeys(r1,r4,r3,r2,-10); loadkeys(r1,r4,r3,r2,-14); | ||
353 | S2(r1,r4,r3,r2,r0); storekeys(r0,r4,r1,r2,-14); loadkeys(r0,r4,r1,r2,-18); | ||
354 | S3(r0,r4,r1,r2,r3); storekeys(r2,r3,r4,r0,-18); loadkeys(r2,r3,r4,r0,-22); | ||
355 | k -= 50; | ||
356 | S4(r2,r3,r4,r0,r1); storekeys(r3,r4,r0,r1, 28); loadkeys(r3,r4,r0,r1, 24); | ||
357 | S5(r3,r4,r0,r1,r2); storekeys(r2,r3,r4,r1, 24); loadkeys(r2,r3,r4,r1, 20); | ||
358 | S6(r2,r3,r4,r1,r0); storekeys(r4,r0,r3,r1, 20); loadkeys(r4,r0,r3,r1, 16); | ||
359 | S7(r4,r0,r3,r1,r2); storekeys(r2,r3,r1,r4, 16); loadkeys(r2,r3,r1,r4, 12); | ||
360 | S0(r2,r3,r1,r4,r0); storekeys(r1,r3,r4,r2, 12); loadkeys(r1,r3,r4,r2, 8); | ||
361 | S1(r1,r3,r4,r2,r0); storekeys(r0,r4,r2,r1, 8); loadkeys(r0,r4,r2,r1, 4); | ||
362 | S2(r0,r4,r2,r1,r3); storekeys(r3,r4,r0,r1, 4); loadkeys(r3,r4,r0,r1, 0); | ||
363 | S3(r3,r4,r0,r1,r2); storekeys(r1,r2,r4,r3, 0); | ||
364 | |||
365 | return 0; | ||
366 | } | ||
367 | |||
368 | static void serpent_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
369 | { | ||
370 | const u32 | ||
371 | *k = ((struct serpent_ctx *)ctx)->expkey, | ||
372 | *s = (const u32 *)src; | ||
373 | u32 *d = (u32 *)dst, | ||
374 | r0, r1, r2, r3, r4; | ||
375 | |||
376 | /* | ||
377 | * Note: The conversions between u8* and u32* might cause trouble | ||
378 | * on architectures with stricter alignment rules than x86 | ||
379 | */ | ||
380 | |||
381 | r0 = le32_to_cpu(s[0]); | ||
382 | r1 = le32_to_cpu(s[1]); | ||
383 | r2 = le32_to_cpu(s[2]); | ||
384 | r3 = le32_to_cpu(s[3]); | ||
385 | |||
386 | K(r0,r1,r2,r3,0); | ||
387 | S0(r0,r1,r2,r3,r4); LK(r2,r1,r3,r0,r4,1); | ||
388 | S1(r2,r1,r3,r0,r4); LK(r4,r3,r0,r2,r1,2); | ||
389 | S2(r4,r3,r0,r2,r1); LK(r1,r3,r4,r2,r0,3); | ||
390 | S3(r1,r3,r4,r2,r0); LK(r2,r0,r3,r1,r4,4); | ||
391 | S4(r2,r0,r3,r1,r4); LK(r0,r3,r1,r4,r2,5); | ||
392 | S5(r0,r3,r1,r4,r2); LK(r2,r0,r3,r4,r1,6); | ||
393 | S6(r2,r0,r3,r4,r1); LK(r3,r1,r0,r4,r2,7); | ||
394 | S7(r3,r1,r0,r4,r2); LK(r2,r0,r4,r3,r1,8); | ||
395 | S0(r2,r0,r4,r3,r1); LK(r4,r0,r3,r2,r1,9); | ||
396 | S1(r4,r0,r3,r2,r1); LK(r1,r3,r2,r4,r0,10); | ||
397 | S2(r1,r3,r2,r4,r0); LK(r0,r3,r1,r4,r2,11); | ||
398 | S3(r0,r3,r1,r4,r2); LK(r4,r2,r3,r0,r1,12); | ||
399 | S4(r4,r2,r3,r0,r1); LK(r2,r3,r0,r1,r4,13); | ||
400 | S5(r2,r3,r0,r1,r4); LK(r4,r2,r3,r1,r0,14); | ||
401 | S6(r4,r2,r3,r1,r0); LK(r3,r0,r2,r1,r4,15); | ||
402 | S7(r3,r0,r2,r1,r4); LK(r4,r2,r1,r3,r0,16); | ||
403 | S0(r4,r2,r1,r3,r0); LK(r1,r2,r3,r4,r0,17); | ||
404 | S1(r1,r2,r3,r4,r0); LK(r0,r3,r4,r1,r2,18); | ||
405 | S2(r0,r3,r4,r1,r2); LK(r2,r3,r0,r1,r4,19); | ||
406 | S3(r2,r3,r0,r1,r4); LK(r1,r4,r3,r2,r0,20); | ||
407 | S4(r1,r4,r3,r2,r0); LK(r4,r3,r2,r0,r1,21); | ||
408 | S5(r4,r3,r2,r0,r1); LK(r1,r4,r3,r0,r2,22); | ||
409 | S6(r1,r4,r3,r0,r2); LK(r3,r2,r4,r0,r1,23); | ||
410 | S7(r3,r2,r4,r0,r1); LK(r1,r4,r0,r3,r2,24); | ||
411 | S0(r1,r4,r0,r3,r2); LK(r0,r4,r3,r1,r2,25); | ||
412 | S1(r0,r4,r3,r1,r2); LK(r2,r3,r1,r0,r4,26); | ||
413 | S2(r2,r3,r1,r0,r4); LK(r4,r3,r2,r0,r1,27); | ||
414 | S3(r4,r3,r2,r0,r1); LK(r0,r1,r3,r4,r2,28); | ||
415 | S4(r0,r1,r3,r4,r2); LK(r1,r3,r4,r2,r0,29); | ||
416 | S5(r1,r3,r4,r2,r0); LK(r0,r1,r3,r2,r4,30); | ||
417 | S6(r0,r1,r3,r2,r4); LK(r3,r4,r1,r2,r0,31); | ||
418 | S7(r3,r4,r1,r2,r0); K(r0,r1,r2,r3,32); | ||
419 | |||
420 | d[0] = cpu_to_le32(r0); | ||
421 | d[1] = cpu_to_le32(r1); | ||
422 | d[2] = cpu_to_le32(r2); | ||
423 | d[3] = cpu_to_le32(r3); | ||
424 | } | ||
425 | |||
426 | static void serpent_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
427 | { | ||
428 | const u32 | ||
429 | *k = ((struct serpent_ctx *)ctx)->expkey, | ||
430 | *s = (const u32 *)src; | ||
431 | u32 *d = (u32 *)dst, | ||
432 | r0, r1, r2, r3, r4; | ||
433 | |||
434 | r0 = le32_to_cpu(s[0]); | ||
435 | r1 = le32_to_cpu(s[1]); | ||
436 | r2 = le32_to_cpu(s[2]); | ||
437 | r3 = le32_to_cpu(s[3]); | ||
438 | |||
439 | K(r0,r1,r2,r3,32); | ||
440 | SI7(r0,r1,r2,r3,r4); KL(r1,r3,r0,r4,r2,31); | ||
441 | SI6(r1,r3,r0,r4,r2); KL(r0,r2,r4,r1,r3,30); | ||
442 | SI5(r0,r2,r4,r1,r3); KL(r2,r3,r0,r4,r1,29); | ||
443 | SI4(r2,r3,r0,r4,r1); KL(r2,r0,r1,r4,r3,28); | ||
444 | SI3(r2,r0,r1,r4,r3); KL(r1,r2,r3,r4,r0,27); | ||
445 | SI2(r1,r2,r3,r4,r0); KL(r2,r0,r4,r3,r1,26); | ||
446 | SI1(r2,r0,r4,r3,r1); KL(r1,r0,r4,r3,r2,25); | ||
447 | SI0(r1,r0,r4,r3,r2); KL(r4,r2,r0,r1,r3,24); | ||
448 | SI7(r4,r2,r0,r1,r3); KL(r2,r1,r4,r3,r0,23); | ||
449 | SI6(r2,r1,r4,r3,r0); KL(r4,r0,r3,r2,r1,22); | ||
450 | SI5(r4,r0,r3,r2,r1); KL(r0,r1,r4,r3,r2,21); | ||
451 | SI4(r0,r1,r4,r3,r2); KL(r0,r4,r2,r3,r1,20); | ||
452 | SI3(r0,r4,r2,r3,r1); KL(r2,r0,r1,r3,r4,19); | ||
453 | SI2(r2,r0,r1,r3,r4); KL(r0,r4,r3,r1,r2,18); | ||
454 | SI1(r0,r4,r3,r1,r2); KL(r2,r4,r3,r1,r0,17); | ||
455 | SI0(r2,r4,r3,r1,r0); KL(r3,r0,r4,r2,r1,16); | ||
456 | SI7(r3,r0,r4,r2,r1); KL(r0,r2,r3,r1,r4,15); | ||
457 | SI6(r0,r2,r3,r1,r4); KL(r3,r4,r1,r0,r2,14); | ||
458 | SI5(r3,r4,r1,r0,r2); KL(r4,r2,r3,r1,r0,13); | ||
459 | SI4(r4,r2,r3,r1,r0); KL(r4,r3,r0,r1,r2,12); | ||
460 | SI3(r4,r3,r0,r1,r2); KL(r0,r4,r2,r1,r3,11); | ||
461 | SI2(r0,r4,r2,r1,r3); KL(r4,r3,r1,r2,r0,10); | ||
462 | SI1(r4,r3,r1,r2,r0); KL(r0,r3,r1,r2,r4,9); | ||
463 | SI0(r0,r3,r1,r2,r4); KL(r1,r4,r3,r0,r2,8); | ||
464 | SI7(r1,r4,r3,r0,r2); KL(r4,r0,r1,r2,r3,7); | ||
465 | SI6(r4,r0,r1,r2,r3); KL(r1,r3,r2,r4,r0,6); | ||
466 | SI5(r1,r3,r2,r4,r0); KL(r3,r0,r1,r2,r4,5); | ||
467 | SI4(r3,r0,r1,r2,r4); KL(r3,r1,r4,r2,r0,4); | ||
468 | SI3(r3,r1,r4,r2,r0); KL(r4,r3,r0,r2,r1,3); | ||
469 | SI2(r4,r3,r0,r2,r1); KL(r3,r1,r2,r0,r4,2); | ||
470 | SI1(r3,r1,r2,r0,r4); KL(r4,r1,r2,r0,r3,1); | ||
471 | SI0(r4,r1,r2,r0,r3); K(r2,r3,r1,r4,0); | ||
472 | |||
473 | d[0] = cpu_to_le32(r2); | ||
474 | d[1] = cpu_to_le32(r3); | ||
475 | d[2] = cpu_to_le32(r1); | ||
476 | d[3] = cpu_to_le32(r4); | ||
477 | } | ||
478 | |||
479 | static struct crypto_alg serpent_alg = { | ||
480 | .cra_name = "serpent", | ||
481 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
482 | .cra_blocksize = SERPENT_BLOCK_SIZE, | ||
483 | .cra_ctxsize = sizeof(struct serpent_ctx), | ||
484 | .cra_module = THIS_MODULE, | ||
485 | .cra_list = LIST_HEAD_INIT(serpent_alg.cra_list), | ||
486 | .cra_u = { .cipher = { | ||
487 | .cia_min_keysize = SERPENT_MIN_KEY_SIZE, | ||
488 | .cia_max_keysize = SERPENT_MAX_KEY_SIZE, | ||
489 | .cia_setkey = serpent_setkey, | ||
490 | .cia_encrypt = serpent_encrypt, | ||
491 | .cia_decrypt = serpent_decrypt } } | ||
492 | }; | ||
493 | |||
494 | static int tnepres_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags) | ||
495 | { | ||
496 | u8 rev_key[SERPENT_MAX_KEY_SIZE]; | ||
497 | int i; | ||
498 | |||
499 | if ((keylen < SERPENT_MIN_KEY_SIZE) | ||
500 | || (keylen > SERPENT_MAX_KEY_SIZE)) { | ||
501 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
502 | return -EINVAL; | ||
503 | } | ||
504 | |||
505 | for (i = 0; i < keylen; ++i) | ||
506 | rev_key[keylen - i - 1] = key[i]; | ||
507 | |||
508 | return serpent_setkey(ctx, rev_key, keylen, flags); | ||
509 | } | ||
510 | |||
511 | static void tnepres_encrypt(void *ctx, u8 *dst, const u8 *src) | ||
512 | { | ||
513 | const u32 * const s = (const u32 * const)src; | ||
514 | u32 * const d = (u32 * const)dst; | ||
515 | |||
516 | u32 rs[4], rd[4]; | ||
517 | |||
518 | rs[0] = swab32(s[3]); | ||
519 | rs[1] = swab32(s[2]); | ||
520 | rs[2] = swab32(s[1]); | ||
521 | rs[3] = swab32(s[0]); | ||
522 | |||
523 | serpent_encrypt(ctx, (u8 *)rd, (u8 *)rs); | ||
524 | |||
525 | d[0] = swab32(rd[3]); | ||
526 | d[1] = swab32(rd[2]); | ||
527 | d[2] = swab32(rd[1]); | ||
528 | d[3] = swab32(rd[0]); | ||
529 | } | ||
530 | |||
531 | static void tnepres_decrypt(void *ctx, u8 *dst, const u8 *src) | ||
532 | { | ||
533 | const u32 * const s = (const u32 * const)src; | ||
534 | u32 * const d = (u32 * const)dst; | ||
535 | |||
536 | u32 rs[4], rd[4]; | ||
537 | |||
538 | rs[0] = swab32(s[3]); | ||
539 | rs[1] = swab32(s[2]); | ||
540 | rs[2] = swab32(s[1]); | ||
541 | rs[3] = swab32(s[0]); | ||
542 | |||
543 | serpent_decrypt(ctx, (u8 *)rd, (u8 *)rs); | ||
544 | |||
545 | d[0] = swab32(rd[3]); | ||
546 | d[1] = swab32(rd[2]); | ||
547 | d[2] = swab32(rd[1]); | ||
548 | d[3] = swab32(rd[0]); | ||
549 | } | ||
550 | |||
551 | static struct crypto_alg tnepres_alg = { | ||
552 | .cra_name = "tnepres", | ||
553 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
554 | .cra_blocksize = SERPENT_BLOCK_SIZE, | ||
555 | .cra_ctxsize = sizeof(struct serpent_ctx), | ||
556 | .cra_module = THIS_MODULE, | ||
557 | .cra_list = LIST_HEAD_INIT(serpent_alg.cra_list), | ||
558 | .cra_u = { .cipher = { | ||
559 | .cia_min_keysize = SERPENT_MIN_KEY_SIZE, | ||
560 | .cia_max_keysize = SERPENT_MAX_KEY_SIZE, | ||
561 | .cia_setkey = tnepres_setkey, | ||
562 | .cia_encrypt = tnepres_encrypt, | ||
563 | .cia_decrypt = tnepres_decrypt } } | ||
564 | }; | ||
565 | |||
566 | static int __init init(void) | ||
567 | { | ||
568 | int ret = crypto_register_alg(&serpent_alg); | ||
569 | |||
570 | if (ret) | ||
571 | return ret; | ||
572 | |||
573 | ret = crypto_register_alg(&tnepres_alg); | ||
574 | |||
575 | if (ret) | ||
576 | crypto_unregister_alg(&serpent_alg); | ||
577 | |||
578 | return ret; | ||
579 | } | ||
580 | |||
581 | static void __exit fini(void) | ||
582 | { | ||
583 | crypto_unregister_alg(&tnepres_alg); | ||
584 | crypto_unregister_alg(&serpent_alg); | ||
585 | } | ||
586 | |||
587 | module_init(init); | ||
588 | module_exit(fini); | ||
589 | |||
590 | MODULE_LICENSE("GPL"); | ||
591 | MODULE_DESCRIPTION("Serpent and tnepres (kerneli compatible serpent reversed) Cipher Algorithm"); | ||
592 | MODULE_AUTHOR("Dag Arne Osvik <osvik@ii.uib.no>"); | ||
593 | MODULE_ALIAS("tnepres"); | ||
diff --git a/crypto/sha1.c b/crypto/sha1.c new file mode 100644 index 000000000000..4016f3b8ce9b --- /dev/null +++ b/crypto/sha1.c | |||
@@ -0,0 +1,139 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * SHA1 Secure Hash Algorithm. | ||
5 | * | ||
6 | * Derived from cryptoapi implementation, adapted for in-place | ||
7 | * scatterlist interface. | ||
8 | * | ||
9 | * Copyright (c) Alan Smithee. | ||
10 | * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> | ||
11 | * Copyright (c) Jean-Francois Dive <jef@linuxbe.org> | ||
12 | * | ||
13 | * This program is free software; you can redistribute it and/or modify it | ||
14 | * under the terms of the GNU General Public License as published by the Free | ||
15 | * Software Foundation; either version 2 of the License, or (at your option) | ||
16 | * any later version. | ||
17 | * | ||
18 | */ | ||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/mm.h> | ||
22 | #include <linux/crypto.h> | ||
23 | #include <linux/cryptohash.h> | ||
24 | #include <asm/scatterlist.h> | ||
25 | #include <asm/byteorder.h> | ||
26 | |||
27 | #define SHA1_DIGEST_SIZE 20 | ||
28 | #define SHA1_HMAC_BLOCK_SIZE 64 | ||
29 | |||
30 | struct sha1_ctx { | ||
31 | u64 count; | ||
32 | u32 state[5]; | ||
33 | u8 buffer[64]; | ||
34 | }; | ||
35 | |||
36 | static void sha1_init(void *ctx) | ||
37 | { | ||
38 | struct sha1_ctx *sctx = ctx; | ||
39 | static const struct sha1_ctx initstate = { | ||
40 | 0, | ||
41 | { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 }, | ||
42 | { 0, } | ||
43 | }; | ||
44 | |||
45 | *sctx = initstate; | ||
46 | } | ||
47 | |||
48 | static void sha1_update(void *ctx, const u8 *data, unsigned int len) | ||
49 | { | ||
50 | struct sha1_ctx *sctx = ctx; | ||
51 | unsigned int i, j; | ||
52 | u32 temp[SHA_WORKSPACE_WORDS]; | ||
53 | |||
54 | j = (sctx->count >> 3) & 0x3f; | ||
55 | sctx->count += len << 3; | ||
56 | |||
57 | if ((j + len) > 63) { | ||
58 | memcpy(&sctx->buffer[j], data, (i = 64-j)); | ||
59 | sha_transform(sctx->state, sctx->buffer, temp); | ||
60 | for ( ; i + 63 < len; i += 64) { | ||
61 | sha_transform(sctx->state, &data[i], temp); | ||
62 | } | ||
63 | j = 0; | ||
64 | } | ||
65 | else i = 0; | ||
66 | memset(temp, 0, sizeof(temp)); | ||
67 | memcpy(&sctx->buffer[j], &data[i], len - i); | ||
68 | } | ||
69 | |||
70 | |||
71 | /* Add padding and return the message digest. */ | ||
72 | static void sha1_final(void* ctx, u8 *out) | ||
73 | { | ||
74 | struct sha1_ctx *sctx = ctx; | ||
75 | u32 i, j, index, padlen; | ||
76 | u64 t; | ||
77 | u8 bits[8] = { 0, }; | ||
78 | static const u8 padding[64] = { 0x80, }; | ||
79 | |||
80 | t = sctx->count; | ||
81 | bits[7] = 0xff & t; t>>=8; | ||
82 | bits[6] = 0xff & t; t>>=8; | ||
83 | bits[5] = 0xff & t; t>>=8; | ||
84 | bits[4] = 0xff & t; t>>=8; | ||
85 | bits[3] = 0xff & t; t>>=8; | ||
86 | bits[2] = 0xff & t; t>>=8; | ||
87 | bits[1] = 0xff & t; t>>=8; | ||
88 | bits[0] = 0xff & t; | ||
89 | |||
90 | /* Pad out to 56 mod 64 */ | ||
91 | index = (sctx->count >> 3) & 0x3f; | ||
92 | padlen = (index < 56) ? (56 - index) : ((64+56) - index); | ||
93 | sha1_update(sctx, padding, padlen); | ||
94 | |||
95 | /* Append length */ | ||
96 | sha1_update(sctx, bits, sizeof bits); | ||
97 | |||
98 | /* Store state in digest */ | ||
99 | for (i = j = 0; i < 5; i++, j += 4) { | ||
100 | u32 t2 = sctx->state[i]; | ||
101 | out[j+3] = t2 & 0xff; t2>>=8; | ||
102 | out[j+2] = t2 & 0xff; t2>>=8; | ||
103 | out[j+1] = t2 & 0xff; t2>>=8; | ||
104 | out[j ] = t2 & 0xff; | ||
105 | } | ||
106 | |||
107 | /* Wipe context */ | ||
108 | memset(sctx, 0, sizeof *sctx); | ||
109 | } | ||
110 | |||
111 | static struct crypto_alg alg = { | ||
112 | .cra_name = "sha1", | ||
113 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
114 | .cra_blocksize = SHA1_HMAC_BLOCK_SIZE, | ||
115 | .cra_ctxsize = sizeof(struct sha1_ctx), | ||
116 | .cra_module = THIS_MODULE, | ||
117 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
118 | .cra_u = { .digest = { | ||
119 | .dia_digestsize = SHA1_DIGEST_SIZE, | ||
120 | .dia_init = sha1_init, | ||
121 | .dia_update = sha1_update, | ||
122 | .dia_final = sha1_final } } | ||
123 | }; | ||
124 | |||
125 | static int __init init(void) | ||
126 | { | ||
127 | return crypto_register_alg(&alg); | ||
128 | } | ||
129 | |||
130 | static void __exit fini(void) | ||
131 | { | ||
132 | crypto_unregister_alg(&alg); | ||
133 | } | ||
134 | |||
135 | module_init(init); | ||
136 | module_exit(fini); | ||
137 | |||
138 | MODULE_LICENSE("GPL"); | ||
139 | MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm"); | ||
diff --git a/crypto/sha256.c b/crypto/sha256.c new file mode 100644 index 000000000000..c78da50a9b7a --- /dev/null +++ b/crypto/sha256.c | |||
@@ -0,0 +1,349 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * SHA-256, as specified in | ||
5 | * http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf | ||
6 | * | ||
7 | * SHA-256 code by Jean-Luc Cooke <jlcooke@certainkey.com>. | ||
8 | * | ||
9 | * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> | ||
10 | * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> | ||
11 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
12 | * | ||
13 | * This program is free software; you can redistribute it and/or modify it | ||
14 | * under the terms of the GNU General Public License as published by the Free | ||
15 | * Software Foundation; either version 2 of the License, or (at your option) | ||
16 | * any later version. | ||
17 | * | ||
18 | */ | ||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/mm.h> | ||
22 | #include <linux/crypto.h> | ||
23 | #include <asm/scatterlist.h> | ||
24 | #include <asm/byteorder.h> | ||
25 | |||
26 | #define SHA256_DIGEST_SIZE 32 | ||
27 | #define SHA256_HMAC_BLOCK_SIZE 64 | ||
28 | |||
29 | struct sha256_ctx { | ||
30 | u32 count[2]; | ||
31 | u32 state[8]; | ||
32 | u8 buf[128]; | ||
33 | }; | ||
34 | |||
35 | static inline u32 Ch(u32 x, u32 y, u32 z) | ||
36 | { | ||
37 | return z ^ (x & (y ^ z)); | ||
38 | } | ||
39 | |||
40 | static inline u32 Maj(u32 x, u32 y, u32 z) | ||
41 | { | ||
42 | return (x & y) | (z & (x | y)); | ||
43 | } | ||
44 | |||
45 | #define e0(x) (ror32(x, 2) ^ ror32(x,13) ^ ror32(x,22)) | ||
46 | #define e1(x) (ror32(x, 6) ^ ror32(x,11) ^ ror32(x,25)) | ||
47 | #define s0(x) (ror32(x, 7) ^ ror32(x,18) ^ (x >> 3)) | ||
48 | #define s1(x) (ror32(x,17) ^ ror32(x,19) ^ (x >> 10)) | ||
49 | |||
50 | #define H0 0x6a09e667 | ||
51 | #define H1 0xbb67ae85 | ||
52 | #define H2 0x3c6ef372 | ||
53 | #define H3 0xa54ff53a | ||
54 | #define H4 0x510e527f | ||
55 | #define H5 0x9b05688c | ||
56 | #define H6 0x1f83d9ab | ||
57 | #define H7 0x5be0cd19 | ||
58 | |||
59 | static inline void LOAD_OP(int I, u32 *W, const u8 *input) | ||
60 | { | ||
61 | W[I] = __be32_to_cpu( ((__be32*)(input))[I] ); | ||
62 | } | ||
63 | |||
64 | static inline void BLEND_OP(int I, u32 *W) | ||
65 | { | ||
66 | W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; | ||
67 | } | ||
68 | |||
69 | static void sha256_transform(u32 *state, const u8 *input) | ||
70 | { | ||
71 | u32 a, b, c, d, e, f, g, h, t1, t2; | ||
72 | u32 W[64]; | ||
73 | int i; | ||
74 | |||
75 | /* load the input */ | ||
76 | for (i = 0; i < 16; i++) | ||
77 | LOAD_OP(i, W, input); | ||
78 | |||
79 | /* now blend */ | ||
80 | for (i = 16; i < 64; i++) | ||
81 | BLEND_OP(i, W); | ||
82 | |||
83 | /* load the state into our registers */ | ||
84 | a=state[0]; b=state[1]; c=state[2]; d=state[3]; | ||
85 | e=state[4]; f=state[5]; g=state[6]; h=state[7]; | ||
86 | |||
87 | /* now iterate */ | ||
88 | t1 = h + e1(e) + Ch(e,f,g) + 0x428a2f98 + W[ 0]; | ||
89 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
90 | t1 = g + e1(d) + Ch(d,e,f) + 0x71374491 + W[ 1]; | ||
91 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
92 | t1 = f + e1(c) + Ch(c,d,e) + 0xb5c0fbcf + W[ 2]; | ||
93 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
94 | t1 = e + e1(b) + Ch(b,c,d) + 0xe9b5dba5 + W[ 3]; | ||
95 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
96 | t1 = d + e1(a) + Ch(a,b,c) + 0x3956c25b + W[ 4]; | ||
97 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
98 | t1 = c + e1(h) + Ch(h,a,b) + 0x59f111f1 + W[ 5]; | ||
99 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
100 | t1 = b + e1(g) + Ch(g,h,a) + 0x923f82a4 + W[ 6]; | ||
101 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
102 | t1 = a + e1(f) + Ch(f,g,h) + 0xab1c5ed5 + W[ 7]; | ||
103 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
104 | |||
105 | t1 = h + e1(e) + Ch(e,f,g) + 0xd807aa98 + W[ 8]; | ||
106 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
107 | t1 = g + e1(d) + Ch(d,e,f) + 0x12835b01 + W[ 9]; | ||
108 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
109 | t1 = f + e1(c) + Ch(c,d,e) + 0x243185be + W[10]; | ||
110 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
111 | t1 = e + e1(b) + Ch(b,c,d) + 0x550c7dc3 + W[11]; | ||
112 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
113 | t1 = d + e1(a) + Ch(a,b,c) + 0x72be5d74 + W[12]; | ||
114 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
115 | t1 = c + e1(h) + Ch(h,a,b) + 0x80deb1fe + W[13]; | ||
116 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
117 | t1 = b + e1(g) + Ch(g,h,a) + 0x9bdc06a7 + W[14]; | ||
118 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
119 | t1 = a + e1(f) + Ch(f,g,h) + 0xc19bf174 + W[15]; | ||
120 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
121 | |||
122 | t1 = h + e1(e) + Ch(e,f,g) + 0xe49b69c1 + W[16]; | ||
123 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
124 | t1 = g + e1(d) + Ch(d,e,f) + 0xefbe4786 + W[17]; | ||
125 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
126 | t1 = f + e1(c) + Ch(c,d,e) + 0x0fc19dc6 + W[18]; | ||
127 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
128 | t1 = e + e1(b) + Ch(b,c,d) + 0x240ca1cc + W[19]; | ||
129 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
130 | t1 = d + e1(a) + Ch(a,b,c) + 0x2de92c6f + W[20]; | ||
131 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
132 | t1 = c + e1(h) + Ch(h,a,b) + 0x4a7484aa + W[21]; | ||
133 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
134 | t1 = b + e1(g) + Ch(g,h,a) + 0x5cb0a9dc + W[22]; | ||
135 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
136 | t1 = a + e1(f) + Ch(f,g,h) + 0x76f988da + W[23]; | ||
137 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
138 | |||
139 | t1 = h + e1(e) + Ch(e,f,g) + 0x983e5152 + W[24]; | ||
140 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
141 | t1 = g + e1(d) + Ch(d,e,f) + 0xa831c66d + W[25]; | ||
142 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
143 | t1 = f + e1(c) + Ch(c,d,e) + 0xb00327c8 + W[26]; | ||
144 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
145 | t1 = e + e1(b) + Ch(b,c,d) + 0xbf597fc7 + W[27]; | ||
146 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
147 | t1 = d + e1(a) + Ch(a,b,c) + 0xc6e00bf3 + W[28]; | ||
148 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
149 | t1 = c + e1(h) + Ch(h,a,b) + 0xd5a79147 + W[29]; | ||
150 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
151 | t1 = b + e1(g) + Ch(g,h,a) + 0x06ca6351 + W[30]; | ||
152 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
153 | t1 = a + e1(f) + Ch(f,g,h) + 0x14292967 + W[31]; | ||
154 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
155 | |||
156 | t1 = h + e1(e) + Ch(e,f,g) + 0x27b70a85 + W[32]; | ||
157 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
158 | t1 = g + e1(d) + Ch(d,e,f) + 0x2e1b2138 + W[33]; | ||
159 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
160 | t1 = f + e1(c) + Ch(c,d,e) + 0x4d2c6dfc + W[34]; | ||
161 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
162 | t1 = e + e1(b) + Ch(b,c,d) + 0x53380d13 + W[35]; | ||
163 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
164 | t1 = d + e1(a) + Ch(a,b,c) + 0x650a7354 + W[36]; | ||
165 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
166 | t1 = c + e1(h) + Ch(h,a,b) + 0x766a0abb + W[37]; | ||
167 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
168 | t1 = b + e1(g) + Ch(g,h,a) + 0x81c2c92e + W[38]; | ||
169 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
170 | t1 = a + e1(f) + Ch(f,g,h) + 0x92722c85 + W[39]; | ||
171 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
172 | |||
173 | t1 = h + e1(e) + Ch(e,f,g) + 0xa2bfe8a1 + W[40]; | ||
174 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
175 | t1 = g + e1(d) + Ch(d,e,f) + 0xa81a664b + W[41]; | ||
176 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
177 | t1 = f + e1(c) + Ch(c,d,e) + 0xc24b8b70 + W[42]; | ||
178 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
179 | t1 = e + e1(b) + Ch(b,c,d) + 0xc76c51a3 + W[43]; | ||
180 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
181 | t1 = d + e1(a) + Ch(a,b,c) + 0xd192e819 + W[44]; | ||
182 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
183 | t1 = c + e1(h) + Ch(h,a,b) + 0xd6990624 + W[45]; | ||
184 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
185 | t1 = b + e1(g) + Ch(g,h,a) + 0xf40e3585 + W[46]; | ||
186 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
187 | t1 = a + e1(f) + Ch(f,g,h) + 0x106aa070 + W[47]; | ||
188 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
189 | |||
190 | t1 = h + e1(e) + Ch(e,f,g) + 0x19a4c116 + W[48]; | ||
191 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
192 | t1 = g + e1(d) + Ch(d,e,f) + 0x1e376c08 + W[49]; | ||
193 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
194 | t1 = f + e1(c) + Ch(c,d,e) + 0x2748774c + W[50]; | ||
195 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
196 | t1 = e + e1(b) + Ch(b,c,d) + 0x34b0bcb5 + W[51]; | ||
197 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
198 | t1 = d + e1(a) + Ch(a,b,c) + 0x391c0cb3 + W[52]; | ||
199 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
200 | t1 = c + e1(h) + Ch(h,a,b) + 0x4ed8aa4a + W[53]; | ||
201 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
202 | t1 = b + e1(g) + Ch(g,h,a) + 0x5b9cca4f + W[54]; | ||
203 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
204 | t1 = a + e1(f) + Ch(f,g,h) + 0x682e6ff3 + W[55]; | ||
205 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
206 | |||
207 | t1 = h + e1(e) + Ch(e,f,g) + 0x748f82ee + W[56]; | ||
208 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
209 | t1 = g + e1(d) + Ch(d,e,f) + 0x78a5636f + W[57]; | ||
210 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
211 | t1 = f + e1(c) + Ch(c,d,e) + 0x84c87814 + W[58]; | ||
212 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
213 | t1 = e + e1(b) + Ch(b,c,d) + 0x8cc70208 + W[59]; | ||
214 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
215 | t1 = d + e1(a) + Ch(a,b,c) + 0x90befffa + W[60]; | ||
216 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
217 | t1 = c + e1(h) + Ch(h,a,b) + 0xa4506ceb + W[61]; | ||
218 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
219 | t1 = b + e1(g) + Ch(g,h,a) + 0xbef9a3f7 + W[62]; | ||
220 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
221 | t1 = a + e1(f) + Ch(f,g,h) + 0xc67178f2 + W[63]; | ||
222 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
223 | |||
224 | state[0] += a; state[1] += b; state[2] += c; state[3] += d; | ||
225 | state[4] += e; state[5] += f; state[6] += g; state[7] += h; | ||
226 | |||
227 | /* clear any sensitive info... */ | ||
228 | a = b = c = d = e = f = g = h = t1 = t2 = 0; | ||
229 | memset(W, 0, 64 * sizeof(u32)); | ||
230 | } | ||
231 | |||
232 | static void sha256_init(void *ctx) | ||
233 | { | ||
234 | struct sha256_ctx *sctx = ctx; | ||
235 | sctx->state[0] = H0; | ||
236 | sctx->state[1] = H1; | ||
237 | sctx->state[2] = H2; | ||
238 | sctx->state[3] = H3; | ||
239 | sctx->state[4] = H4; | ||
240 | sctx->state[5] = H5; | ||
241 | sctx->state[6] = H6; | ||
242 | sctx->state[7] = H7; | ||
243 | sctx->count[0] = sctx->count[1] = 0; | ||
244 | memset(sctx->buf, 0, sizeof(sctx->buf)); | ||
245 | } | ||
246 | |||
247 | static void sha256_update(void *ctx, const u8 *data, unsigned int len) | ||
248 | { | ||
249 | struct sha256_ctx *sctx = ctx; | ||
250 | unsigned int i, index, part_len; | ||
251 | |||
252 | /* Compute number of bytes mod 128 */ | ||
253 | index = (unsigned int)((sctx->count[0] >> 3) & 0x3f); | ||
254 | |||
255 | /* Update number of bits */ | ||
256 | if ((sctx->count[0] += (len << 3)) < (len << 3)) { | ||
257 | sctx->count[1]++; | ||
258 | sctx->count[1] += (len >> 29); | ||
259 | } | ||
260 | |||
261 | part_len = 64 - index; | ||
262 | |||
263 | /* Transform as many times as possible. */ | ||
264 | if (len >= part_len) { | ||
265 | memcpy(&sctx->buf[index], data, part_len); | ||
266 | sha256_transform(sctx->state, sctx->buf); | ||
267 | |||
268 | for (i = part_len; i + 63 < len; i += 64) | ||
269 | sha256_transform(sctx->state, &data[i]); | ||
270 | index = 0; | ||
271 | } else { | ||
272 | i = 0; | ||
273 | } | ||
274 | |||
275 | /* Buffer remaining input */ | ||
276 | memcpy(&sctx->buf[index], &data[i], len-i); | ||
277 | } | ||
278 | |||
279 | static void sha256_final(void* ctx, u8 *out) | ||
280 | { | ||
281 | struct sha256_ctx *sctx = ctx; | ||
282 | u8 bits[8]; | ||
283 | unsigned int index, pad_len, t; | ||
284 | int i, j; | ||
285 | static const u8 padding[64] = { 0x80, }; | ||
286 | |||
287 | /* Save number of bits */ | ||
288 | t = sctx->count[0]; | ||
289 | bits[7] = t; t >>= 8; | ||
290 | bits[6] = t; t >>= 8; | ||
291 | bits[5] = t; t >>= 8; | ||
292 | bits[4] = t; | ||
293 | t = sctx->count[1]; | ||
294 | bits[3] = t; t >>= 8; | ||
295 | bits[2] = t; t >>= 8; | ||
296 | bits[1] = t; t >>= 8; | ||
297 | bits[0] = t; | ||
298 | |||
299 | /* Pad out to 56 mod 64. */ | ||
300 | index = (sctx->count[0] >> 3) & 0x3f; | ||
301 | pad_len = (index < 56) ? (56 - index) : ((64+56) - index); | ||
302 | sha256_update(sctx, padding, pad_len); | ||
303 | |||
304 | /* Append length (before padding) */ | ||
305 | sha256_update(sctx, bits, 8); | ||
306 | |||
307 | /* Store state in digest */ | ||
308 | for (i = j = 0; i < 8; i++, j += 4) { | ||
309 | t = sctx->state[i]; | ||
310 | out[j+3] = t; t >>= 8; | ||
311 | out[j+2] = t; t >>= 8; | ||
312 | out[j+1] = t; t >>= 8; | ||
313 | out[j ] = t; | ||
314 | } | ||
315 | |||
316 | /* Zeroize sensitive information. */ | ||
317 | memset(sctx, 0, sizeof(*sctx)); | ||
318 | } | ||
319 | |||
320 | |||
321 | static struct crypto_alg alg = { | ||
322 | .cra_name = "sha256", | ||
323 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
324 | .cra_blocksize = SHA256_HMAC_BLOCK_SIZE, | ||
325 | .cra_ctxsize = sizeof(struct sha256_ctx), | ||
326 | .cra_module = THIS_MODULE, | ||
327 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
328 | .cra_u = { .digest = { | ||
329 | .dia_digestsize = SHA256_DIGEST_SIZE, | ||
330 | .dia_init = sha256_init, | ||
331 | .dia_update = sha256_update, | ||
332 | .dia_final = sha256_final } } | ||
333 | }; | ||
334 | |||
335 | static int __init init(void) | ||
336 | { | ||
337 | return crypto_register_alg(&alg); | ||
338 | } | ||
339 | |||
340 | static void __exit fini(void) | ||
341 | { | ||
342 | crypto_unregister_alg(&alg); | ||
343 | } | ||
344 | |||
345 | module_init(init); | ||
346 | module_exit(fini); | ||
347 | |||
348 | MODULE_LICENSE("GPL"); | ||
349 | MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm"); | ||
diff --git a/crypto/sha512.c b/crypto/sha512.c new file mode 100644 index 000000000000..c663438322e9 --- /dev/null +++ b/crypto/sha512.c | |||
@@ -0,0 +1,362 @@ | |||
1 | /* SHA-512 code by Jean-Luc Cooke <jlcooke@certainkey.com> | ||
2 | * | ||
3 | * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> | ||
4 | * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> | ||
5 | * Copyright (c) 2003 Kyle McMartin <kyle@debian.org> | ||
6 | * | ||
7 | * This program is free software; you can redistribute it and/or modify it | ||
8 | * under the terms of the GNU General Public License as published by the | ||
9 | * Free Software Foundation; either version 2, or (at your option) any | ||
10 | * later version. | ||
11 | * | ||
12 | */ | ||
13 | |||
14 | #include <linux/kernel.h> | ||
15 | #include <linux/module.h> | ||
16 | |||
17 | #include <linux/mm.h> | ||
18 | #include <linux/init.h> | ||
19 | #include <linux/crypto.h> | ||
20 | |||
21 | #include <asm/scatterlist.h> | ||
22 | #include <asm/byteorder.h> | ||
23 | |||
24 | #define SHA384_DIGEST_SIZE 48 | ||
25 | #define SHA512_DIGEST_SIZE 64 | ||
26 | #define SHA384_HMAC_BLOCK_SIZE 96 | ||
27 | #define SHA512_HMAC_BLOCK_SIZE 128 | ||
28 | |||
29 | struct sha512_ctx { | ||
30 | u64 state[8]; | ||
31 | u32 count[4]; | ||
32 | u8 buf[128]; | ||
33 | u64 W[80]; | ||
34 | }; | ||
35 | |||
36 | static inline u64 Ch(u64 x, u64 y, u64 z) | ||
37 | { | ||
38 | return z ^ (x & (y ^ z)); | ||
39 | } | ||
40 | |||
41 | static inline u64 Maj(u64 x, u64 y, u64 z) | ||
42 | { | ||
43 | return (x & y) | (z & (x | y)); | ||
44 | } | ||
45 | |||
46 | static inline u64 RORu64(u64 x, u64 y) | ||
47 | { | ||
48 | return (x >> y) | (x << (64 - y)); | ||
49 | } | ||
50 | |||
51 | static const u64 sha512_K[80] = { | ||
52 | 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, | ||
53 | 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, | ||
54 | 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, | ||
55 | 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, | ||
56 | 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, | ||
57 | 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, | ||
58 | 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, | ||
59 | 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, | ||
60 | 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, | ||
61 | 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, | ||
62 | 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, | ||
63 | 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, | ||
64 | 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, | ||
65 | 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, | ||
66 | 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, | ||
67 | 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, | ||
68 | 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, | ||
69 | 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, | ||
70 | 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, | ||
71 | 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, | ||
72 | 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, | ||
73 | 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, | ||
74 | 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, | ||
75 | 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, | ||
76 | 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, | ||
77 | 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, | ||
78 | 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL, | ||
79 | }; | ||
80 | |||
81 | #define e0(x) (RORu64(x,28) ^ RORu64(x,34) ^ RORu64(x,39)) | ||
82 | #define e1(x) (RORu64(x,14) ^ RORu64(x,18) ^ RORu64(x,41)) | ||
83 | #define s0(x) (RORu64(x, 1) ^ RORu64(x, 8) ^ (x >> 7)) | ||
84 | #define s1(x) (RORu64(x,19) ^ RORu64(x,61) ^ (x >> 6)) | ||
85 | |||
86 | /* H* initial state for SHA-512 */ | ||
87 | #define H0 0x6a09e667f3bcc908ULL | ||
88 | #define H1 0xbb67ae8584caa73bULL | ||
89 | #define H2 0x3c6ef372fe94f82bULL | ||
90 | #define H3 0xa54ff53a5f1d36f1ULL | ||
91 | #define H4 0x510e527fade682d1ULL | ||
92 | #define H5 0x9b05688c2b3e6c1fULL | ||
93 | #define H6 0x1f83d9abfb41bd6bULL | ||
94 | #define H7 0x5be0cd19137e2179ULL | ||
95 | |||
96 | /* H'* initial state for SHA-384 */ | ||
97 | #define HP0 0xcbbb9d5dc1059ed8ULL | ||
98 | #define HP1 0x629a292a367cd507ULL | ||
99 | #define HP2 0x9159015a3070dd17ULL | ||
100 | #define HP3 0x152fecd8f70e5939ULL | ||
101 | #define HP4 0x67332667ffc00b31ULL | ||
102 | #define HP5 0x8eb44a8768581511ULL | ||
103 | #define HP6 0xdb0c2e0d64f98fa7ULL | ||
104 | #define HP7 0x47b5481dbefa4fa4ULL | ||
105 | |||
106 | static inline void LOAD_OP(int I, u64 *W, const u8 *input) | ||
107 | { | ||
108 | W[I] = __be64_to_cpu( ((__be64*)(input))[I] ); | ||
109 | } | ||
110 | |||
111 | static inline void BLEND_OP(int I, u64 *W) | ||
112 | { | ||
113 | W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; | ||
114 | } | ||
115 | |||
116 | static void | ||
117 | sha512_transform(u64 *state, u64 *W, const u8 *input) | ||
118 | { | ||
119 | u64 a, b, c, d, e, f, g, h, t1, t2; | ||
120 | |||
121 | int i; | ||
122 | |||
123 | /* load the input */ | ||
124 | for (i = 0; i < 16; i++) | ||
125 | LOAD_OP(i, W, input); | ||
126 | |||
127 | for (i = 16; i < 80; i++) { | ||
128 | BLEND_OP(i, W); | ||
129 | } | ||
130 | |||
131 | /* load the state into our registers */ | ||
132 | a=state[0]; b=state[1]; c=state[2]; d=state[3]; | ||
133 | e=state[4]; f=state[5]; g=state[6]; h=state[7]; | ||
134 | |||
135 | /* now iterate */ | ||
136 | for (i=0; i<80; i+=8) { | ||
137 | t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; | ||
138 | t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; | ||
139 | t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; | ||
140 | t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; | ||
141 | t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; | ||
142 | t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; | ||
143 | t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; | ||
144 | t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; | ||
145 | t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; | ||
146 | t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; | ||
147 | t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; | ||
148 | t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; | ||
149 | t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; | ||
150 | t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; | ||
151 | t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; | ||
152 | t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; | ||
153 | } | ||
154 | |||
155 | state[0] += a; state[1] += b; state[2] += c; state[3] += d; | ||
156 | state[4] += e; state[5] += f; state[6] += g; state[7] += h; | ||
157 | |||
158 | /* erase our data */ | ||
159 | a = b = c = d = e = f = g = h = t1 = t2 = 0; | ||
160 | } | ||
161 | |||
162 | static void | ||
163 | sha512_init(void *ctx) | ||
164 | { | ||
165 | struct sha512_ctx *sctx = ctx; | ||
166 | sctx->state[0] = H0; | ||
167 | sctx->state[1] = H1; | ||
168 | sctx->state[2] = H2; | ||
169 | sctx->state[3] = H3; | ||
170 | sctx->state[4] = H4; | ||
171 | sctx->state[5] = H5; | ||
172 | sctx->state[6] = H6; | ||
173 | sctx->state[7] = H7; | ||
174 | sctx->count[0] = sctx->count[1] = sctx->count[2] = sctx->count[3] = 0; | ||
175 | memset(sctx->buf, 0, sizeof(sctx->buf)); | ||
176 | } | ||
177 | |||
178 | static void | ||
179 | sha384_init(void *ctx) | ||
180 | { | ||
181 | struct sha512_ctx *sctx = ctx; | ||
182 | sctx->state[0] = HP0; | ||
183 | sctx->state[1] = HP1; | ||
184 | sctx->state[2] = HP2; | ||
185 | sctx->state[3] = HP3; | ||
186 | sctx->state[4] = HP4; | ||
187 | sctx->state[5] = HP5; | ||
188 | sctx->state[6] = HP6; | ||
189 | sctx->state[7] = HP7; | ||
190 | sctx->count[0] = sctx->count[1] = sctx->count[2] = sctx->count[3] = 0; | ||
191 | memset(sctx->buf, 0, sizeof(sctx->buf)); | ||
192 | } | ||
193 | |||
194 | static void | ||
195 | sha512_update(void *ctx, const u8 *data, unsigned int len) | ||
196 | { | ||
197 | struct sha512_ctx *sctx = ctx; | ||
198 | |||
199 | unsigned int i, index, part_len; | ||
200 | |||
201 | /* Compute number of bytes mod 128 */ | ||
202 | index = (unsigned int)((sctx->count[0] >> 3) & 0x7F); | ||
203 | |||
204 | /* Update number of bits */ | ||
205 | if ((sctx->count[0] += (len << 3)) < (len << 3)) { | ||
206 | if ((sctx->count[1] += 1) < 1) | ||
207 | if ((sctx->count[2] += 1) < 1) | ||
208 | sctx->count[3]++; | ||
209 | sctx->count[1] += (len >> 29); | ||
210 | } | ||
211 | |||
212 | part_len = 128 - index; | ||
213 | |||
214 | /* Transform as many times as possible. */ | ||
215 | if (len >= part_len) { | ||
216 | memcpy(&sctx->buf[index], data, part_len); | ||
217 | sha512_transform(sctx->state, sctx->W, sctx->buf); | ||
218 | |||
219 | for (i = part_len; i + 127 < len; i+=128) | ||
220 | sha512_transform(sctx->state, sctx->W, &data[i]); | ||
221 | |||
222 | index = 0; | ||
223 | } else { | ||
224 | i = 0; | ||
225 | } | ||
226 | |||
227 | /* Buffer remaining input */ | ||
228 | memcpy(&sctx->buf[index], &data[i], len - i); | ||
229 | |||
230 | /* erase our data */ | ||
231 | memset(sctx->W, 0, sizeof(sctx->W)); | ||
232 | } | ||
233 | |||
234 | static void | ||
235 | sha512_final(void *ctx, u8 *hash) | ||
236 | { | ||
237 | struct sha512_ctx *sctx = ctx; | ||
238 | |||
239 | static u8 padding[128] = { 0x80, }; | ||
240 | |||
241 | u32 t; | ||
242 | u64 t2; | ||
243 | u8 bits[128]; | ||
244 | unsigned int index, pad_len; | ||
245 | int i, j; | ||
246 | |||
247 | index = pad_len = t = i = j = 0; | ||
248 | t2 = 0; | ||
249 | |||
250 | /* Save number of bits */ | ||
251 | t = sctx->count[0]; | ||
252 | bits[15] = t; t>>=8; | ||
253 | bits[14] = t; t>>=8; | ||
254 | bits[13] = t; t>>=8; | ||
255 | bits[12] = t; | ||
256 | t = sctx->count[1]; | ||
257 | bits[11] = t; t>>=8; | ||
258 | bits[10] = t; t>>=8; | ||
259 | bits[9 ] = t; t>>=8; | ||
260 | bits[8 ] = t; | ||
261 | t = sctx->count[2]; | ||
262 | bits[7 ] = t; t>>=8; | ||
263 | bits[6 ] = t; t>>=8; | ||
264 | bits[5 ] = t; t>>=8; | ||
265 | bits[4 ] = t; | ||
266 | t = sctx->count[3]; | ||
267 | bits[3 ] = t; t>>=8; | ||
268 | bits[2 ] = t; t>>=8; | ||
269 | bits[1 ] = t; t>>=8; | ||
270 | bits[0 ] = t; | ||
271 | |||
272 | /* Pad out to 112 mod 128. */ | ||
273 | index = (sctx->count[0] >> 3) & 0x7f; | ||
274 | pad_len = (index < 112) ? (112 - index) : ((128+112) - index); | ||
275 | sha512_update(sctx, padding, pad_len); | ||
276 | |||
277 | /* Append length (before padding) */ | ||
278 | sha512_update(sctx, bits, 16); | ||
279 | |||
280 | /* Store state in digest */ | ||
281 | for (i = j = 0; i < 8; i++, j += 8) { | ||
282 | t2 = sctx->state[i]; | ||
283 | hash[j+7] = (char)t2 & 0xff; t2>>=8; | ||
284 | hash[j+6] = (char)t2 & 0xff; t2>>=8; | ||
285 | hash[j+5] = (char)t2 & 0xff; t2>>=8; | ||
286 | hash[j+4] = (char)t2 & 0xff; t2>>=8; | ||
287 | hash[j+3] = (char)t2 & 0xff; t2>>=8; | ||
288 | hash[j+2] = (char)t2 & 0xff; t2>>=8; | ||
289 | hash[j+1] = (char)t2 & 0xff; t2>>=8; | ||
290 | hash[j ] = (char)t2 & 0xff; | ||
291 | } | ||
292 | |||
293 | /* Zeroize sensitive information. */ | ||
294 | memset(sctx, 0, sizeof(struct sha512_ctx)); | ||
295 | } | ||
296 | |||
297 | static void sha384_final(void *ctx, u8 *hash) | ||
298 | { | ||
299 | struct sha512_ctx *sctx = ctx; | ||
300 | u8 D[64]; | ||
301 | |||
302 | sha512_final(sctx, D); | ||
303 | |||
304 | memcpy(hash, D, 48); | ||
305 | memset(D, 0, 64); | ||
306 | } | ||
307 | |||
308 | static struct crypto_alg sha512 = { | ||
309 | .cra_name = "sha512", | ||
310 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
311 | .cra_blocksize = SHA512_HMAC_BLOCK_SIZE, | ||
312 | .cra_ctxsize = sizeof(struct sha512_ctx), | ||
313 | .cra_module = THIS_MODULE, | ||
314 | .cra_list = LIST_HEAD_INIT(sha512.cra_list), | ||
315 | .cra_u = { .digest = { | ||
316 | .dia_digestsize = SHA512_DIGEST_SIZE, | ||
317 | .dia_init = sha512_init, | ||
318 | .dia_update = sha512_update, | ||
319 | .dia_final = sha512_final } | ||
320 | } | ||
321 | }; | ||
322 | |||
323 | static struct crypto_alg sha384 = { | ||
324 | .cra_name = "sha384", | ||
325 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
326 | .cra_blocksize = SHA384_HMAC_BLOCK_SIZE, | ||
327 | .cra_ctxsize = sizeof(struct sha512_ctx), | ||
328 | .cra_module = THIS_MODULE, | ||
329 | .cra_list = LIST_HEAD_INIT(sha384.cra_list), | ||
330 | .cra_u = { .digest = { | ||
331 | .dia_digestsize = SHA384_DIGEST_SIZE, | ||
332 | .dia_init = sha384_init, | ||
333 | .dia_update = sha512_update, | ||
334 | .dia_final = sha384_final } | ||
335 | } | ||
336 | }; | ||
337 | |||
338 | MODULE_ALIAS("sha384"); | ||
339 | |||
340 | static int __init init(void) | ||
341 | { | ||
342 | int ret = 0; | ||
343 | |||
344 | if ((ret = crypto_register_alg(&sha384)) < 0) | ||
345 | goto out; | ||
346 | if ((ret = crypto_register_alg(&sha512)) < 0) | ||
347 | crypto_unregister_alg(&sha384); | ||
348 | out: | ||
349 | return ret; | ||
350 | } | ||
351 | |||
352 | static void __exit fini(void) | ||
353 | { | ||
354 | crypto_unregister_alg(&sha384); | ||
355 | crypto_unregister_alg(&sha512); | ||
356 | } | ||
357 | |||
358 | module_init(init); | ||
359 | module_exit(fini); | ||
360 | |||
361 | MODULE_LICENSE("GPL"); | ||
362 | MODULE_DESCRIPTION("SHA-512 and SHA-384 Secure Hash Algorithms"); | ||
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c new file mode 100644 index 000000000000..92b0352c8e92 --- /dev/null +++ b/crypto/tcrypt.c | |||
@@ -0,0 +1,910 @@ | |||
1 | /* | ||
2 | * Quick & dirty crypto testing module. | ||
3 | * | ||
4 | * This will only exist until we have a better testing mechanism | ||
5 | * (e.g. a char device). | ||
6 | * | ||
7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | * | ||
15 | * 14 - 09 - 2003 | ||
16 | * Rewritten by Kartikey Mahendra Bhatt | ||
17 | */ | ||
18 | |||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/mm.h> | ||
22 | #include <linux/slab.h> | ||
23 | #include <asm/scatterlist.h> | ||
24 | #include <linux/string.h> | ||
25 | #include <linux/crypto.h> | ||
26 | #include <linux/highmem.h> | ||
27 | #include <linux/moduleparam.h> | ||
28 | #include "tcrypt.h" | ||
29 | |||
30 | /* | ||
31 | * Need to kmalloc() memory for testing kmap(). | ||
32 | */ | ||
33 | #define TVMEMSIZE 4096 | ||
34 | #define XBUFSIZE 32768 | ||
35 | |||
36 | /* | ||
37 | * Indexes into the xbuf to simulate cross-page access. | ||
38 | */ | ||
39 | #define IDX1 37 | ||
40 | #define IDX2 32400 | ||
41 | #define IDX3 1 | ||
42 | #define IDX4 8193 | ||
43 | #define IDX5 22222 | ||
44 | #define IDX6 17101 | ||
45 | #define IDX7 27333 | ||
46 | #define IDX8 3000 | ||
47 | |||
48 | /* | ||
49 | * Used by test_cipher() | ||
50 | */ | ||
51 | #define ENCRYPT 1 | ||
52 | #define DECRYPT 0 | ||
53 | #define MODE_ECB 1 | ||
54 | #define MODE_CBC 0 | ||
55 | |||
56 | static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 }; | ||
57 | |||
58 | static int mode; | ||
59 | static char *xbuf; | ||
60 | static char *tvmem; | ||
61 | |||
62 | static char *check[] = { | ||
63 | "des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish", | ||
64 | "twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6", | ||
65 | "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", | ||
66 | "khazad", "wp512", "wp384", "wp256", "tnepres", NULL | ||
67 | }; | ||
68 | |||
69 | static void | ||
70 | hexdump(unsigned char *buf, unsigned int len) | ||
71 | { | ||
72 | while (len--) | ||
73 | printk("%02x", *buf++); | ||
74 | |||
75 | printk("\n"); | ||
76 | } | ||
77 | |||
78 | static void | ||
79 | test_hash (char * algo, struct hash_testvec * template, unsigned int tcount) | ||
80 | { | ||
81 | char *p; | ||
82 | unsigned int i, j, k, temp; | ||
83 | struct scatterlist sg[8]; | ||
84 | char result[64]; | ||
85 | struct crypto_tfm *tfm; | ||
86 | struct hash_testvec *hash_tv; | ||
87 | unsigned int tsize; | ||
88 | |||
89 | printk("\ntesting %s\n", algo); | ||
90 | |||
91 | tsize = sizeof (struct hash_testvec); | ||
92 | tsize *= tcount; | ||
93 | |||
94 | if (tsize > TVMEMSIZE) { | ||
95 | printk("template (%u) too big for tvmem (%u)\n", tsize, TVMEMSIZE); | ||
96 | return; | ||
97 | } | ||
98 | |||
99 | memcpy(tvmem, template, tsize); | ||
100 | hash_tv = (void *) tvmem; | ||
101 | tfm = crypto_alloc_tfm(algo, 0); | ||
102 | if (tfm == NULL) { | ||
103 | printk("failed to load transform for %s\n", algo); | ||
104 | return; | ||
105 | } | ||
106 | |||
107 | for (i = 0; i < tcount; i++) { | ||
108 | printk ("test %u:\n", i + 1); | ||
109 | memset (result, 0, 64); | ||
110 | |||
111 | p = hash_tv[i].plaintext; | ||
112 | sg[0].page = virt_to_page (p); | ||
113 | sg[0].offset = offset_in_page (p); | ||
114 | sg[0].length = hash_tv[i].psize; | ||
115 | |||
116 | crypto_digest_init (tfm); | ||
117 | if (tfm->crt_u.digest.dit_setkey) { | ||
118 | crypto_digest_setkey (tfm, hash_tv[i].key, | ||
119 | hash_tv[i].ksize); | ||
120 | } | ||
121 | crypto_digest_update (tfm, sg, 1); | ||
122 | crypto_digest_final (tfm, result); | ||
123 | |||
124 | hexdump (result, crypto_tfm_alg_digestsize (tfm)); | ||
125 | printk("%s\n", | ||
126 | memcmp(result, hash_tv[i].digest, | ||
127 | crypto_tfm_alg_digestsize(tfm)) ? "fail" : | ||
128 | "pass"); | ||
129 | } | ||
130 | |||
131 | printk ("testing %s across pages\n", algo); | ||
132 | |||
133 | /* setup the dummy buffer first */ | ||
134 | memset(xbuf, 0, XBUFSIZE); | ||
135 | |||
136 | j = 0; | ||
137 | for (i = 0; i < tcount; i++) { | ||
138 | if (hash_tv[i].np) { | ||
139 | j++; | ||
140 | printk ("test %u:\n", j); | ||
141 | memset (result, 0, 64); | ||
142 | |||
143 | temp = 0; | ||
144 | for (k = 0; k < hash_tv[i].np; k++) { | ||
145 | memcpy (&xbuf[IDX[k]], hash_tv[i].plaintext + temp, | ||
146 | hash_tv[i].tap[k]); | ||
147 | temp += hash_tv[i].tap[k]; | ||
148 | p = &xbuf[IDX[k]]; | ||
149 | sg[k].page = virt_to_page (p); | ||
150 | sg[k].offset = offset_in_page (p); | ||
151 | sg[k].length = hash_tv[i].tap[k]; | ||
152 | } | ||
153 | |||
154 | crypto_digest_digest (tfm, sg, hash_tv[i].np, result); | ||
155 | |||
156 | hexdump (result, crypto_tfm_alg_digestsize (tfm)); | ||
157 | printk("%s\n", | ||
158 | memcmp(result, hash_tv[i].digest, | ||
159 | crypto_tfm_alg_digestsize(tfm)) ? "fail" : | ||
160 | "pass"); | ||
161 | } | ||
162 | } | ||
163 | |||
164 | crypto_free_tfm (tfm); | ||
165 | } | ||
166 | |||
167 | |||
168 | #ifdef CONFIG_CRYPTO_HMAC | ||
169 | |||
170 | static void | ||
171 | test_hmac(char *algo, struct hmac_testvec * template, unsigned int tcount) | ||
172 | { | ||
173 | char *p; | ||
174 | unsigned int i, j, k, temp; | ||
175 | struct scatterlist sg[8]; | ||
176 | char result[64]; | ||
177 | struct crypto_tfm *tfm; | ||
178 | struct hmac_testvec *hmac_tv; | ||
179 | unsigned int tsize, klen; | ||
180 | |||
181 | tfm = crypto_alloc_tfm(algo, 0); | ||
182 | if (tfm == NULL) { | ||
183 | printk("failed to load transform for %s\n", algo); | ||
184 | return; | ||
185 | } | ||
186 | |||
187 | printk("\ntesting hmac_%s\n", algo); | ||
188 | |||
189 | tsize = sizeof (struct hmac_testvec); | ||
190 | tsize *= tcount; | ||
191 | if (tsize > TVMEMSIZE) { | ||
192 | printk("template (%u) too big for tvmem (%u)\n", tsize, | ||
193 | TVMEMSIZE); | ||
194 | goto out; | ||
195 | } | ||
196 | |||
197 | memcpy(tvmem, template, tsize); | ||
198 | hmac_tv = (void *) tvmem; | ||
199 | |||
200 | for (i = 0; i < tcount; i++) { | ||
201 | printk("test %u:\n", i + 1); | ||
202 | memset(result, 0, sizeof (result)); | ||
203 | |||
204 | p = hmac_tv[i].plaintext; | ||
205 | klen = hmac_tv[i].ksize; | ||
206 | sg[0].page = virt_to_page(p); | ||
207 | sg[0].offset = offset_in_page(p); | ||
208 | sg[0].length = hmac_tv[i].psize; | ||
209 | |||
210 | crypto_hmac(tfm, hmac_tv[i].key, &klen, sg, 1, result); | ||
211 | |||
212 | hexdump(result, crypto_tfm_alg_digestsize(tfm)); | ||
213 | printk("%s\n", | ||
214 | memcmp(result, hmac_tv[i].digest, | ||
215 | crypto_tfm_alg_digestsize(tfm)) ? "fail" : | ||
216 | "pass"); | ||
217 | } | ||
218 | |||
219 | printk("\ntesting hmac_%s across pages\n", algo); | ||
220 | |||
221 | memset(xbuf, 0, XBUFSIZE); | ||
222 | |||
223 | j = 0; | ||
224 | for (i = 0; i < tcount; i++) { | ||
225 | if (hmac_tv[i].np) { | ||
226 | j++; | ||
227 | printk ("test %u:\n",j); | ||
228 | memset (result, 0, 64); | ||
229 | |||
230 | temp = 0; | ||
231 | klen = hmac_tv[i].ksize; | ||
232 | for (k = 0; k < hmac_tv[i].np; k++) { | ||
233 | memcpy (&xbuf[IDX[k]], hmac_tv[i].plaintext + temp, | ||
234 | hmac_tv[i].tap[k]); | ||
235 | temp += hmac_tv[i].tap[k]; | ||
236 | p = &xbuf[IDX[k]]; | ||
237 | sg[k].page = virt_to_page (p); | ||
238 | sg[k].offset = offset_in_page (p); | ||
239 | sg[k].length = hmac_tv[i].tap[k]; | ||
240 | } | ||
241 | |||
242 | crypto_hmac(tfm, hmac_tv[i].key, &klen, sg, hmac_tv[i].np, | ||
243 | result); | ||
244 | hexdump(result, crypto_tfm_alg_digestsize(tfm)); | ||
245 | |||
246 | printk("%s\n", | ||
247 | memcmp(result, hmac_tv[i].digest, | ||
248 | crypto_tfm_alg_digestsize(tfm)) ? "fail" : | ||
249 | "pass"); | ||
250 | } | ||
251 | } | ||
252 | out: | ||
253 | crypto_free_tfm(tfm); | ||
254 | } | ||
255 | |||
256 | #endif /* CONFIG_CRYPTO_HMAC */ | ||
257 | |||
258 | static void | ||
259 | test_cipher(char * algo, int mode, int enc, struct cipher_testvec * template, unsigned int tcount) | ||
260 | { | ||
261 | unsigned int ret, i, j, k, temp; | ||
262 | unsigned int tsize; | ||
263 | char *p, *q; | ||
264 | struct crypto_tfm *tfm; | ||
265 | char *key; | ||
266 | struct cipher_testvec *cipher_tv; | ||
267 | struct scatterlist sg[8]; | ||
268 | char e[11], m[4]; | ||
269 | |||
270 | if (enc == ENCRYPT) | ||
271 | strncpy(e, "encryption", 11); | ||
272 | else | ||
273 | strncpy(e, "decryption", 11); | ||
274 | if (mode == MODE_ECB) | ||
275 | strncpy(m, "ECB", 4); | ||
276 | else | ||
277 | strncpy(m, "CBC", 4); | ||
278 | |||
279 | printk("\ntesting %s %s %s \n", algo, m, e); | ||
280 | |||
281 | tsize = sizeof (struct cipher_testvec); | ||
282 | tsize *= tcount; | ||
283 | |||
284 | if (tsize > TVMEMSIZE) { | ||
285 | printk("template (%u) too big for tvmem (%u)\n", tsize, | ||
286 | TVMEMSIZE); | ||
287 | return; | ||
288 | } | ||
289 | |||
290 | memcpy(tvmem, template, tsize); | ||
291 | cipher_tv = (void *) tvmem; | ||
292 | |||
293 | if (mode) | ||
294 | tfm = crypto_alloc_tfm (algo, 0); | ||
295 | else | ||
296 | tfm = crypto_alloc_tfm (algo, CRYPTO_TFM_MODE_CBC); | ||
297 | |||
298 | if (tfm == NULL) { | ||
299 | printk("failed to load transform for %s %s\n", algo, m); | ||
300 | return; | ||
301 | } | ||
302 | |||
303 | j = 0; | ||
304 | for (i = 0; i < tcount; i++) { | ||
305 | if (!(cipher_tv[i].np)) { | ||
306 | j++; | ||
307 | printk("test %u (%d bit key):\n", | ||
308 | j, cipher_tv[i].klen * 8); | ||
309 | |||
310 | tfm->crt_flags = 0; | ||
311 | if (cipher_tv[i].wk) | ||
312 | tfm->crt_flags |= CRYPTO_TFM_REQ_WEAK_KEY; | ||
313 | key = cipher_tv[i].key; | ||
314 | |||
315 | ret = crypto_cipher_setkey(tfm, key, cipher_tv[i].klen); | ||
316 | if (ret) { | ||
317 | printk("setkey() failed flags=%x\n", tfm->crt_flags); | ||
318 | |||
319 | if (!cipher_tv[i].fail) | ||
320 | goto out; | ||
321 | } | ||
322 | |||
323 | p = cipher_tv[i].input; | ||
324 | sg[0].page = virt_to_page(p); | ||
325 | sg[0].offset = offset_in_page(p); | ||
326 | sg[0].length = cipher_tv[i].ilen; | ||
327 | |||
328 | if (!mode) { | ||
329 | crypto_cipher_set_iv(tfm, cipher_tv[i].iv, | ||
330 | crypto_tfm_alg_ivsize (tfm)); | ||
331 | } | ||
332 | |||
333 | if (enc) | ||
334 | ret = crypto_cipher_encrypt(tfm, sg, sg, cipher_tv[i].ilen); | ||
335 | else | ||
336 | ret = crypto_cipher_decrypt(tfm, sg, sg, cipher_tv[i].ilen); | ||
337 | |||
338 | |||
339 | if (ret) { | ||
340 | printk("%s () failed flags=%x\n", e, tfm->crt_flags); | ||
341 | goto out; | ||
342 | } | ||
343 | |||
344 | q = kmap(sg[0].page) + sg[0].offset; | ||
345 | hexdump(q, cipher_tv[i].rlen); | ||
346 | |||
347 | printk("%s\n", | ||
348 | memcmp(q, cipher_tv[i].result, cipher_tv[i].rlen) ? "fail" : | ||
349 | "pass"); | ||
350 | } | ||
351 | } | ||
352 | |||
353 | printk("\ntesting %s %s %s across pages (chunking) \n", algo, m, e); | ||
354 | memset(xbuf, 0, XBUFSIZE); | ||
355 | |||
356 | j = 0; | ||
357 | for (i = 0; i < tcount; i++) { | ||
358 | if (cipher_tv[i].np) { | ||
359 | j++; | ||
360 | printk("test %u (%d bit key):\n", | ||
361 | j, cipher_tv[i].klen * 8); | ||
362 | |||
363 | tfm->crt_flags = 0; | ||
364 | if (cipher_tv[i].wk) | ||
365 | tfm->crt_flags |= CRYPTO_TFM_REQ_WEAK_KEY; | ||
366 | key = cipher_tv[i].key; | ||
367 | |||
368 | ret = crypto_cipher_setkey(tfm, key, cipher_tv[i].klen); | ||
369 | if (ret) { | ||
370 | printk("setkey() failed flags=%x\n", tfm->crt_flags); | ||
371 | |||
372 | if (!cipher_tv[i].fail) | ||
373 | goto out; | ||
374 | } | ||
375 | |||
376 | temp = 0; | ||
377 | for (k = 0; k < cipher_tv[i].np; k++) { | ||
378 | memcpy (&xbuf[IDX[k]], cipher_tv[i].input + temp, | ||
379 | cipher_tv[i].tap[k]); | ||
380 | temp += cipher_tv[i].tap[k]; | ||
381 | p = &xbuf[IDX[k]]; | ||
382 | sg[k].page = virt_to_page (p); | ||
383 | sg[k].offset = offset_in_page (p); | ||
384 | sg[k].length = cipher_tv[i].tap[k]; | ||
385 | } | ||
386 | |||
387 | if (!mode) { | ||
388 | crypto_cipher_set_iv(tfm, cipher_tv[i].iv, | ||
389 | crypto_tfm_alg_ivsize (tfm)); | ||
390 | } | ||
391 | |||
392 | if (enc) | ||
393 | ret = crypto_cipher_encrypt(tfm, sg, sg, cipher_tv[i].ilen); | ||
394 | else | ||
395 | ret = crypto_cipher_decrypt(tfm, sg, sg, cipher_tv[i].ilen); | ||
396 | |||
397 | if (ret) { | ||
398 | printk("%s () failed flags=%x\n", e, tfm->crt_flags); | ||
399 | goto out; | ||
400 | } | ||
401 | |||
402 | temp = 0; | ||
403 | for (k = 0; k < cipher_tv[i].np; k++) { | ||
404 | printk("page %u\n", k); | ||
405 | q = kmap(sg[k].page) + sg[k].offset; | ||
406 | hexdump(q, cipher_tv[i].tap[k]); | ||
407 | printk("%s\n", | ||
408 | memcmp(q, cipher_tv[i].result + temp, | ||
409 | cipher_tv[i].tap[k]) ? "fail" : | ||
410 | "pass"); | ||
411 | temp += cipher_tv[i].tap[k]; | ||
412 | } | ||
413 | } | ||
414 | } | ||
415 | |||
416 | out: | ||
417 | crypto_free_tfm(tfm); | ||
418 | } | ||
419 | |||
420 | static void | ||
421 | test_deflate(void) | ||
422 | { | ||
423 | unsigned int i; | ||
424 | char result[COMP_BUF_SIZE]; | ||
425 | struct crypto_tfm *tfm; | ||
426 | struct comp_testvec *tv; | ||
427 | unsigned int tsize; | ||
428 | |||
429 | printk("\ntesting deflate compression\n"); | ||
430 | |||
431 | tsize = sizeof (deflate_comp_tv_template); | ||
432 | if (tsize > TVMEMSIZE) { | ||
433 | printk("template (%u) too big for tvmem (%u)\n", tsize, | ||
434 | TVMEMSIZE); | ||
435 | return; | ||
436 | } | ||
437 | |||
438 | memcpy(tvmem, deflate_comp_tv_template, tsize); | ||
439 | tv = (void *) tvmem; | ||
440 | |||
441 | tfm = crypto_alloc_tfm("deflate", 0); | ||
442 | if (tfm == NULL) { | ||
443 | printk("failed to load transform for deflate\n"); | ||
444 | return; | ||
445 | } | ||
446 | |||
447 | for (i = 0; i < DEFLATE_COMP_TEST_VECTORS; i++) { | ||
448 | int ilen, ret, dlen = COMP_BUF_SIZE; | ||
449 | |||
450 | printk("test %u:\n", i + 1); | ||
451 | memset(result, 0, sizeof (result)); | ||
452 | |||
453 | ilen = tv[i].inlen; | ||
454 | ret = crypto_comp_compress(tfm, tv[i].input, | ||
455 | ilen, result, &dlen); | ||
456 | if (ret) { | ||
457 | printk("fail: ret=%d\n", ret); | ||
458 | continue; | ||
459 | } | ||
460 | hexdump(result, dlen); | ||
461 | printk("%s (ratio %d:%d)\n", | ||
462 | memcmp(result, tv[i].output, dlen) ? "fail" : "pass", | ||
463 | ilen, dlen); | ||
464 | } | ||
465 | |||
466 | printk("\ntesting deflate decompression\n"); | ||
467 | |||
468 | tsize = sizeof (deflate_decomp_tv_template); | ||
469 | if (tsize > TVMEMSIZE) { | ||
470 | printk("template (%u) too big for tvmem (%u)\n", tsize, | ||
471 | TVMEMSIZE); | ||
472 | goto out; | ||
473 | } | ||
474 | |||
475 | memcpy(tvmem, deflate_decomp_tv_template, tsize); | ||
476 | tv = (void *) tvmem; | ||
477 | |||
478 | for (i = 0; i < DEFLATE_DECOMP_TEST_VECTORS; i++) { | ||
479 | int ilen, ret, dlen = COMP_BUF_SIZE; | ||
480 | |||
481 | printk("test %u:\n", i + 1); | ||
482 | memset(result, 0, sizeof (result)); | ||
483 | |||
484 | ilen = tv[i].inlen; | ||
485 | ret = crypto_comp_decompress(tfm, tv[i].input, | ||
486 | ilen, result, &dlen); | ||
487 | if (ret) { | ||
488 | printk("fail: ret=%d\n", ret); | ||
489 | continue; | ||
490 | } | ||
491 | hexdump(result, dlen); | ||
492 | printk("%s (ratio %d:%d)\n", | ||
493 | memcmp(result, tv[i].output, dlen) ? "fail" : "pass", | ||
494 | ilen, dlen); | ||
495 | } | ||
496 | out: | ||
497 | crypto_free_tfm(tfm); | ||
498 | } | ||
499 | |||
500 | static void | ||
501 | test_crc32c(void) | ||
502 | { | ||
503 | #define NUMVEC 6 | ||
504 | #define VECSIZE 40 | ||
505 | |||
506 | int i, j, pass; | ||
507 | u32 crc; | ||
508 | u8 b, test_vec[NUMVEC][VECSIZE]; | ||
509 | static u32 vec_results[NUMVEC] = { | ||
510 | 0x0e2c157f, 0xe980ebf6, 0xde74bded, | ||
511 | 0xd579c862, 0xba979ad0, 0x2b29d913 | ||
512 | }; | ||
513 | static u32 tot_vec_results = 0x24c5d375; | ||
514 | |||
515 | struct scatterlist sg[NUMVEC]; | ||
516 | struct crypto_tfm *tfm; | ||
517 | char *fmtdata = "testing crc32c initialized to %08x: %s\n"; | ||
518 | #define SEEDTESTVAL 0xedcba987 | ||
519 | u32 seed; | ||
520 | |||
521 | printk("\ntesting crc32c\n"); | ||
522 | |||
523 | tfm = crypto_alloc_tfm("crc32c", 0); | ||
524 | if (tfm == NULL) { | ||
525 | printk("failed to load transform for crc32c\n"); | ||
526 | return; | ||
527 | } | ||
528 | |||
529 | crypto_digest_init(tfm); | ||
530 | crypto_digest_final(tfm, (u8*)&crc); | ||
531 | printk(fmtdata, crc, (crc == 0) ? "pass" : "ERROR"); | ||
532 | |||
533 | /* | ||
534 | * stuff test_vec with known values, simple incrementing | ||
535 | * byte values. | ||
536 | */ | ||
537 | b = 0; | ||
538 | for (i = 0; i < NUMVEC; i++) { | ||
539 | for (j = 0; j < VECSIZE; j++) | ||
540 | test_vec[i][j] = ++b; | ||
541 | sg[i].page = virt_to_page(test_vec[i]); | ||
542 | sg[i].offset = offset_in_page(test_vec[i]); | ||
543 | sg[i].length = VECSIZE; | ||
544 | } | ||
545 | |||
546 | seed = SEEDTESTVAL; | ||
547 | (void)crypto_digest_setkey(tfm, (const u8*)&seed, sizeof(u32)); | ||
548 | crypto_digest_final(tfm, (u8*)&crc); | ||
549 | printk("testing crc32c setkey returns %08x : %s\n", crc, (crc == (SEEDTESTVAL ^ ~(u32)0)) ? | ||
550 | "pass" : "ERROR"); | ||
551 | |||
552 | printk("testing crc32c using update/final:\n"); | ||
553 | |||
554 | pass = 1; /* assume all is well */ | ||
555 | |||
556 | for (i = 0; i < NUMVEC; i++) { | ||
557 | seed = ~(u32)0; | ||
558 | (void)crypto_digest_setkey(tfm, (const u8*)&seed, sizeof(u32)); | ||
559 | crypto_digest_update(tfm, &sg[i], 1); | ||
560 | crypto_digest_final(tfm, (u8*)&crc); | ||
561 | if (crc == vec_results[i]) { | ||
562 | printk(" %08x:OK", crc); | ||
563 | } else { | ||
564 | printk(" %08x:BAD, wanted %08x\n", crc, vec_results[i]); | ||
565 | pass = 0; | ||
566 | } | ||
567 | } | ||
568 | |||
569 | printk("\ntesting crc32c using incremental accumulator:\n"); | ||
570 | crc = 0; | ||
571 | for (i = 0; i < NUMVEC; i++) { | ||
572 | seed = (crc ^ ~(u32)0); | ||
573 | (void)crypto_digest_setkey(tfm, (const u8*)&seed, sizeof(u32)); | ||
574 | crypto_digest_update(tfm, &sg[i], 1); | ||
575 | crypto_digest_final(tfm, (u8*)&crc); | ||
576 | } | ||
577 | if (crc == tot_vec_results) { | ||
578 | printk(" %08x:OK", crc); | ||
579 | } else { | ||
580 | printk(" %08x:BAD, wanted %08x\n", crc, tot_vec_results); | ||
581 | pass = 0; | ||
582 | } | ||
583 | |||
584 | printk("\ntesting crc32c using digest:\n"); | ||
585 | seed = ~(u32)0; | ||
586 | (void)crypto_digest_setkey(tfm, (const u8*)&seed, sizeof(u32)); | ||
587 | crypto_digest_digest(tfm, sg, NUMVEC, (u8*)&crc); | ||
588 | if (crc == tot_vec_results) { | ||
589 | printk(" %08x:OK", crc); | ||
590 | } else { | ||
591 | printk(" %08x:BAD, wanted %08x\n", crc, tot_vec_results); | ||
592 | pass = 0; | ||
593 | } | ||
594 | |||
595 | printk("\n%s\n", pass ? "pass" : "ERROR"); | ||
596 | |||
597 | crypto_free_tfm(tfm); | ||
598 | printk("crc32c test complete\n"); | ||
599 | } | ||
600 | |||
601 | static void | ||
602 | test_available(void) | ||
603 | { | ||
604 | char **name = check; | ||
605 | |||
606 | while (*name) { | ||
607 | printk("alg %s ", *name); | ||
608 | printk((crypto_alg_available(*name, 0)) ? | ||
609 | "found\n" : "not found\n"); | ||
610 | name++; | ||
611 | } | ||
612 | } | ||
613 | |||
614 | static void | ||
615 | do_test(void) | ||
616 | { | ||
617 | switch (mode) { | ||
618 | |||
619 | case 0: | ||
620 | test_hash("md5", md5_tv_template, MD5_TEST_VECTORS); | ||
621 | |||
622 | test_hash("sha1", sha1_tv_template, SHA1_TEST_VECTORS); | ||
623 | |||
624 | //DES | ||
625 | test_cipher ("des", MODE_ECB, ENCRYPT, des_enc_tv_template, DES_ENC_TEST_VECTORS); | ||
626 | test_cipher ("des", MODE_ECB, DECRYPT, des_dec_tv_template, DES_DEC_TEST_VECTORS); | ||
627 | test_cipher ("des", MODE_CBC, ENCRYPT, des_cbc_enc_tv_template, DES_CBC_ENC_TEST_VECTORS); | ||
628 | test_cipher ("des", MODE_CBC, DECRYPT, des_cbc_dec_tv_template, DES_CBC_DEC_TEST_VECTORS); | ||
629 | |||
630 | //DES3_EDE | ||
631 | test_cipher ("des3_ede", MODE_ECB, ENCRYPT, des3_ede_enc_tv_template, DES3_EDE_ENC_TEST_VECTORS); | ||
632 | test_cipher ("des3_ede", MODE_ECB, DECRYPT, des3_ede_dec_tv_template, DES3_EDE_DEC_TEST_VECTORS); | ||
633 | |||
634 | test_hash("md4", md4_tv_template, MD4_TEST_VECTORS); | ||
635 | |||
636 | test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); | ||
637 | |||
638 | //BLOWFISH | ||
639 | test_cipher ("blowfish", MODE_ECB, ENCRYPT, bf_enc_tv_template, BF_ENC_TEST_VECTORS); | ||
640 | test_cipher ("blowfish", MODE_ECB, DECRYPT, bf_dec_tv_template, BF_DEC_TEST_VECTORS); | ||
641 | test_cipher ("blowfish", MODE_CBC, ENCRYPT, bf_cbc_enc_tv_template, BF_CBC_ENC_TEST_VECTORS); | ||
642 | test_cipher ("blowfish", MODE_CBC, DECRYPT, bf_cbc_dec_tv_template, BF_CBC_DEC_TEST_VECTORS); | ||
643 | |||
644 | //TWOFISH | ||
645 | test_cipher ("twofish", MODE_ECB, ENCRYPT, tf_enc_tv_template, TF_ENC_TEST_VECTORS); | ||
646 | test_cipher ("twofish", MODE_ECB, DECRYPT, tf_dec_tv_template, TF_DEC_TEST_VECTORS); | ||
647 | test_cipher ("twofish", MODE_CBC, ENCRYPT, tf_cbc_enc_tv_template, TF_CBC_ENC_TEST_VECTORS); | ||
648 | test_cipher ("twofish", MODE_CBC, DECRYPT, tf_cbc_dec_tv_template, TF_CBC_DEC_TEST_VECTORS); | ||
649 | |||
650 | //SERPENT | ||
651 | test_cipher ("serpent", MODE_ECB, ENCRYPT, serpent_enc_tv_template, SERPENT_ENC_TEST_VECTORS); | ||
652 | test_cipher ("serpent", MODE_ECB, DECRYPT, serpent_dec_tv_template, SERPENT_DEC_TEST_VECTORS); | ||
653 | |||
654 | //TNEPRES | ||
655 | test_cipher ("tnepres", MODE_ECB, ENCRYPT, tnepres_enc_tv_template, TNEPRES_ENC_TEST_VECTORS); | ||
656 | test_cipher ("tnepres", MODE_ECB, DECRYPT, tnepres_dec_tv_template, TNEPRES_DEC_TEST_VECTORS); | ||
657 | |||
658 | //AES | ||
659 | test_cipher ("aes", MODE_ECB, ENCRYPT, aes_enc_tv_template, AES_ENC_TEST_VECTORS); | ||
660 | test_cipher ("aes", MODE_ECB, DECRYPT, aes_dec_tv_template, AES_DEC_TEST_VECTORS); | ||
661 | |||
662 | //CAST5 | ||
663 | test_cipher ("cast5", MODE_ECB, ENCRYPT, cast5_enc_tv_template, CAST5_ENC_TEST_VECTORS); | ||
664 | test_cipher ("cast5", MODE_ECB, DECRYPT, cast5_dec_tv_template, CAST5_DEC_TEST_VECTORS); | ||
665 | |||
666 | //CAST6 | ||
667 | test_cipher ("cast6", MODE_ECB, ENCRYPT, cast6_enc_tv_template, CAST6_ENC_TEST_VECTORS); | ||
668 | test_cipher ("cast6", MODE_ECB, DECRYPT, cast6_dec_tv_template, CAST6_DEC_TEST_VECTORS); | ||
669 | |||
670 | //ARC4 | ||
671 | test_cipher ("arc4", MODE_ECB, ENCRYPT, arc4_enc_tv_template, ARC4_ENC_TEST_VECTORS); | ||
672 | test_cipher ("arc4", MODE_ECB, DECRYPT, arc4_dec_tv_template, ARC4_DEC_TEST_VECTORS); | ||
673 | |||
674 | //TEA | ||
675 | test_cipher ("tea", MODE_ECB, ENCRYPT, tea_enc_tv_template, TEA_ENC_TEST_VECTORS); | ||
676 | test_cipher ("tea", MODE_ECB, DECRYPT, tea_dec_tv_template, TEA_DEC_TEST_VECTORS); | ||
677 | |||
678 | |||
679 | //XTEA | ||
680 | test_cipher ("xtea", MODE_ECB, ENCRYPT, xtea_enc_tv_template, XTEA_ENC_TEST_VECTORS); | ||
681 | test_cipher ("xtea", MODE_ECB, DECRYPT, xtea_dec_tv_template, XTEA_DEC_TEST_VECTORS); | ||
682 | |||
683 | //KHAZAD | ||
684 | test_cipher ("khazad", MODE_ECB, ENCRYPT, khazad_enc_tv_template, KHAZAD_ENC_TEST_VECTORS); | ||
685 | test_cipher ("khazad", MODE_ECB, DECRYPT, khazad_dec_tv_template, KHAZAD_DEC_TEST_VECTORS); | ||
686 | |||
687 | //ANUBIS | ||
688 | test_cipher ("anubis", MODE_ECB, ENCRYPT, anubis_enc_tv_template, ANUBIS_ENC_TEST_VECTORS); | ||
689 | test_cipher ("anubis", MODE_ECB, DECRYPT, anubis_dec_tv_template, ANUBIS_DEC_TEST_VECTORS); | ||
690 | test_cipher ("anubis", MODE_CBC, ENCRYPT, anubis_cbc_enc_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); | ||
691 | test_cipher ("anubis", MODE_CBC, DECRYPT, anubis_cbc_dec_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); | ||
692 | |||
693 | test_hash("sha384", sha384_tv_template, SHA384_TEST_VECTORS); | ||
694 | test_hash("sha512", sha512_tv_template, SHA512_TEST_VECTORS); | ||
695 | test_hash("wp512", wp512_tv_template, WP512_TEST_VECTORS); | ||
696 | test_hash("wp384", wp384_tv_template, WP384_TEST_VECTORS); | ||
697 | test_hash("wp256", wp256_tv_template, WP256_TEST_VECTORS); | ||
698 | test_hash("tgr192", tgr192_tv_template, TGR192_TEST_VECTORS); | ||
699 | test_hash("tgr160", tgr160_tv_template, TGR160_TEST_VECTORS); | ||
700 | test_hash("tgr128", tgr128_tv_template, TGR128_TEST_VECTORS); | ||
701 | test_deflate(); | ||
702 | test_crc32c(); | ||
703 | #ifdef CONFIG_CRYPTO_HMAC | ||
704 | test_hmac("md5", hmac_md5_tv_template, HMAC_MD5_TEST_VECTORS); | ||
705 | test_hmac("sha1", hmac_sha1_tv_template, HMAC_SHA1_TEST_VECTORS); | ||
706 | test_hmac("sha256", hmac_sha256_tv_template, HMAC_SHA256_TEST_VECTORS); | ||
707 | #endif | ||
708 | |||
709 | test_hash("michael_mic", michael_mic_tv_template, MICHAEL_MIC_TEST_VECTORS); | ||
710 | break; | ||
711 | |||
712 | case 1: | ||
713 | test_hash("md5", md5_tv_template, MD5_TEST_VECTORS); | ||
714 | break; | ||
715 | |||
716 | case 2: | ||
717 | test_hash("sha1", sha1_tv_template, SHA1_TEST_VECTORS); | ||
718 | break; | ||
719 | |||
720 | case 3: | ||
721 | test_cipher ("des", MODE_ECB, ENCRYPT, des_enc_tv_template, DES_ENC_TEST_VECTORS); | ||
722 | test_cipher ("des", MODE_ECB, DECRYPT, des_dec_tv_template, DES_DEC_TEST_VECTORS); | ||
723 | test_cipher ("des", MODE_CBC, ENCRYPT, des_cbc_enc_tv_template, DES_CBC_ENC_TEST_VECTORS); | ||
724 | test_cipher ("des", MODE_CBC, DECRYPT, des_cbc_dec_tv_template, DES_CBC_DEC_TEST_VECTORS); | ||
725 | break; | ||
726 | |||
727 | case 4: | ||
728 | test_cipher ("des3_ede", MODE_ECB, ENCRYPT, des3_ede_enc_tv_template, DES3_EDE_ENC_TEST_VECTORS); | ||
729 | test_cipher ("des3_ede", MODE_ECB, DECRYPT, des3_ede_dec_tv_template, DES3_EDE_DEC_TEST_VECTORS); | ||
730 | break; | ||
731 | |||
732 | case 5: | ||
733 | test_hash("md4", md4_tv_template, MD4_TEST_VECTORS); | ||
734 | break; | ||
735 | |||
736 | case 6: | ||
737 | test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); | ||
738 | break; | ||
739 | |||
740 | case 7: | ||
741 | test_cipher ("blowfish", MODE_ECB, ENCRYPT, bf_enc_tv_template, BF_ENC_TEST_VECTORS); | ||
742 | test_cipher ("blowfish", MODE_ECB, DECRYPT, bf_dec_tv_template, BF_DEC_TEST_VECTORS); | ||
743 | test_cipher ("blowfish", MODE_CBC, ENCRYPT, bf_cbc_enc_tv_template, BF_CBC_ENC_TEST_VECTORS); | ||
744 | test_cipher ("blowfish", MODE_CBC, DECRYPT, bf_cbc_dec_tv_template, BF_CBC_DEC_TEST_VECTORS); | ||
745 | break; | ||
746 | |||
747 | case 8: | ||
748 | test_cipher ("twofish", MODE_ECB, ENCRYPT, tf_enc_tv_template, TF_ENC_TEST_VECTORS); | ||
749 | test_cipher ("twofish", MODE_ECB, DECRYPT, tf_dec_tv_template, TF_DEC_TEST_VECTORS); | ||
750 | test_cipher ("twofish", MODE_CBC, ENCRYPT, tf_cbc_enc_tv_template, TF_CBC_ENC_TEST_VECTORS); | ||
751 | test_cipher ("twofish", MODE_CBC, DECRYPT, tf_cbc_dec_tv_template, TF_CBC_DEC_TEST_VECTORS); | ||
752 | break; | ||
753 | |||
754 | case 9: | ||
755 | test_cipher ("serpent", MODE_ECB, ENCRYPT, serpent_enc_tv_template, SERPENT_ENC_TEST_VECTORS); | ||
756 | test_cipher ("serpent", MODE_ECB, DECRYPT, serpent_dec_tv_template, SERPENT_DEC_TEST_VECTORS); | ||
757 | break; | ||
758 | |||
759 | case 10: | ||
760 | test_cipher ("aes", MODE_ECB, ENCRYPT, aes_enc_tv_template, AES_ENC_TEST_VECTORS); | ||
761 | test_cipher ("aes", MODE_ECB, DECRYPT, aes_dec_tv_template, AES_DEC_TEST_VECTORS); | ||
762 | break; | ||
763 | |||
764 | case 11: | ||
765 | test_hash("sha384", sha384_tv_template, SHA384_TEST_VECTORS); | ||
766 | break; | ||
767 | |||
768 | case 12: | ||
769 | test_hash("sha512", sha512_tv_template, SHA512_TEST_VECTORS); | ||
770 | break; | ||
771 | |||
772 | case 13: | ||
773 | test_deflate(); | ||
774 | break; | ||
775 | |||
776 | case 14: | ||
777 | test_cipher ("cast5", MODE_ECB, ENCRYPT, cast5_enc_tv_template, CAST5_ENC_TEST_VECTORS); | ||
778 | test_cipher ("cast5", MODE_ECB, DECRYPT, cast5_dec_tv_template, CAST5_DEC_TEST_VECTORS); | ||
779 | break; | ||
780 | |||
781 | case 15: | ||
782 | test_cipher ("cast6", MODE_ECB, ENCRYPT, cast6_enc_tv_template, CAST6_ENC_TEST_VECTORS); | ||
783 | test_cipher ("cast6", MODE_ECB, DECRYPT, cast6_dec_tv_template, CAST6_DEC_TEST_VECTORS); | ||
784 | break; | ||
785 | |||
786 | case 16: | ||
787 | test_cipher ("arc4", MODE_ECB, ENCRYPT, arc4_enc_tv_template, ARC4_ENC_TEST_VECTORS); | ||
788 | test_cipher ("arc4", MODE_ECB, DECRYPT, arc4_dec_tv_template, ARC4_DEC_TEST_VECTORS); | ||
789 | break; | ||
790 | |||
791 | case 17: | ||
792 | test_hash("michael_mic", michael_mic_tv_template, MICHAEL_MIC_TEST_VECTORS); | ||
793 | break; | ||
794 | |||
795 | case 18: | ||
796 | test_crc32c(); | ||
797 | break; | ||
798 | |||
799 | case 19: | ||
800 | test_cipher ("tea", MODE_ECB, ENCRYPT, tea_enc_tv_template, TEA_ENC_TEST_VECTORS); | ||
801 | test_cipher ("tea", MODE_ECB, DECRYPT, tea_dec_tv_template, TEA_DEC_TEST_VECTORS); | ||
802 | break; | ||
803 | |||
804 | case 20: | ||
805 | test_cipher ("xtea", MODE_ECB, ENCRYPT, xtea_enc_tv_template, XTEA_ENC_TEST_VECTORS); | ||
806 | test_cipher ("xtea", MODE_ECB, DECRYPT, xtea_dec_tv_template, XTEA_DEC_TEST_VECTORS); | ||
807 | break; | ||
808 | |||
809 | case 21: | ||
810 | test_cipher ("khazad", MODE_ECB, ENCRYPT, khazad_enc_tv_template, KHAZAD_ENC_TEST_VECTORS); | ||
811 | test_cipher ("khazad", MODE_ECB, DECRYPT, khazad_dec_tv_template, KHAZAD_DEC_TEST_VECTORS); | ||
812 | break; | ||
813 | |||
814 | case 22: | ||
815 | test_hash("wp512", wp512_tv_template, WP512_TEST_VECTORS); | ||
816 | break; | ||
817 | |||
818 | case 23: | ||
819 | test_hash("wp384", wp384_tv_template, WP384_TEST_VECTORS); | ||
820 | break; | ||
821 | |||
822 | case 24: | ||
823 | test_hash("wp256", wp256_tv_template, WP256_TEST_VECTORS); | ||
824 | break; | ||
825 | |||
826 | case 25: | ||
827 | test_cipher ("tnepres", MODE_ECB, ENCRYPT, tnepres_enc_tv_template, TNEPRES_ENC_TEST_VECTORS); | ||
828 | test_cipher ("tnepres", MODE_ECB, DECRYPT, tnepres_dec_tv_template, TNEPRES_DEC_TEST_VECTORS); | ||
829 | break; | ||
830 | |||
831 | case 26: | ||
832 | test_cipher ("anubis", MODE_ECB, ENCRYPT, anubis_enc_tv_template, ANUBIS_ENC_TEST_VECTORS); | ||
833 | test_cipher ("anubis", MODE_ECB, DECRYPT, anubis_dec_tv_template, ANUBIS_DEC_TEST_VECTORS); | ||
834 | test_cipher ("anubis", MODE_CBC, ENCRYPT, anubis_cbc_enc_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); | ||
835 | test_cipher ("anubis", MODE_CBC, DECRYPT, anubis_cbc_dec_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); | ||
836 | break; | ||
837 | |||
838 | case 27: | ||
839 | test_hash("tgr192", tgr192_tv_template, TGR192_TEST_VECTORS); | ||
840 | break; | ||
841 | |||
842 | case 28: | ||
843 | |||
844 | test_hash("tgr160", tgr160_tv_template, TGR160_TEST_VECTORS); | ||
845 | break; | ||
846 | |||
847 | case 29: | ||
848 | test_hash("tgr128", tgr128_tv_template, TGR128_TEST_VECTORS); | ||
849 | break; | ||
850 | |||
851 | #ifdef CONFIG_CRYPTO_HMAC | ||
852 | case 100: | ||
853 | test_hmac("md5", hmac_md5_tv_template, HMAC_MD5_TEST_VECTORS); | ||
854 | break; | ||
855 | |||
856 | case 101: | ||
857 | test_hmac("sha1", hmac_sha1_tv_template, HMAC_SHA1_TEST_VECTORS); | ||
858 | break; | ||
859 | |||
860 | case 102: | ||
861 | test_hmac("sha256", hmac_sha256_tv_template, HMAC_SHA256_TEST_VECTORS); | ||
862 | break; | ||
863 | |||
864 | #endif | ||
865 | |||
866 | case 1000: | ||
867 | test_available(); | ||
868 | break; | ||
869 | |||
870 | default: | ||
871 | /* useful for debugging */ | ||
872 | printk("not testing anything\n"); | ||
873 | break; | ||
874 | } | ||
875 | } | ||
876 | |||
877 | static int __init | ||
878 | init(void) | ||
879 | { | ||
880 | tvmem = kmalloc(TVMEMSIZE, GFP_KERNEL); | ||
881 | if (tvmem == NULL) | ||
882 | return -ENOMEM; | ||
883 | |||
884 | xbuf = kmalloc(XBUFSIZE, GFP_KERNEL); | ||
885 | if (xbuf == NULL) { | ||
886 | kfree(tvmem); | ||
887 | return -ENOMEM; | ||
888 | } | ||
889 | |||
890 | do_test(); | ||
891 | |||
892 | kfree(xbuf); | ||
893 | kfree(tvmem); | ||
894 | return 0; | ||
895 | } | ||
896 | |||
897 | /* | ||
898 | * If an init function is provided, an exit function must also be provided | ||
899 | * to allow module unload. | ||
900 | */ | ||
901 | static void __exit fini(void) { } | ||
902 | |||
903 | module_init(init); | ||
904 | module_exit(fini); | ||
905 | |||
906 | module_param(mode, int, 0); | ||
907 | |||
908 | MODULE_LICENSE("GPL"); | ||
909 | MODULE_DESCRIPTION("Quick & dirty crypto testing module"); | ||
910 | MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); | ||
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h new file mode 100644 index 000000000000..a3097afae593 --- /dev/null +++ b/crypto/tcrypt.h | |||
@@ -0,0 +1,2746 @@ | |||
1 | /* | ||
2 | * Quick & dirty crypto testing module. | ||
3 | * | ||
4 | * This will only exist until we have a better testing mechanism | ||
5 | * (e.g. a char device). | ||
6 | * | ||
7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | * | ||
15 | * 14 - 09 - 2003 Changes by Kartikey Mahendra Bhatt | ||
16 | * | ||
17 | */ | ||
18 | #ifndef _CRYPTO_TCRYPT_H | ||
19 | #define _CRYPTO_TCRYPT_H | ||
20 | |||
21 | #define MAX_DIGEST_SIZE 64 | ||
22 | #define MAX_TAP 8 | ||
23 | |||
24 | #define MAX_KEYLEN 56 | ||
25 | #define MAX_IVLEN 32 | ||
26 | |||
27 | struct hash_testvec { | ||
28 | char plaintext[128]; | ||
29 | unsigned char psize; | ||
30 | char digest[MAX_DIGEST_SIZE]; | ||
31 | unsigned char np; | ||
32 | unsigned char tap[MAX_TAP]; | ||
33 | char key[128]; /* only used with keyed hash algorithms */ | ||
34 | unsigned char ksize; | ||
35 | }; | ||
36 | |||
37 | struct hmac_testvec { | ||
38 | char key[128]; | ||
39 | unsigned char ksize; | ||
40 | char plaintext[128]; | ||
41 | unsigned char psize; | ||
42 | char digest[MAX_DIGEST_SIZE]; | ||
43 | unsigned char np; | ||
44 | unsigned char tap[MAX_TAP]; | ||
45 | }; | ||
46 | |||
47 | struct cipher_testvec { | ||
48 | unsigned char fail; | ||
49 | unsigned char wk; /* weak key flag */ | ||
50 | char key[MAX_KEYLEN]; | ||
51 | unsigned char klen; | ||
52 | char iv[MAX_IVLEN]; | ||
53 | char input[48]; | ||
54 | unsigned char ilen; | ||
55 | char result[48]; | ||
56 | unsigned char rlen; | ||
57 | int np; | ||
58 | unsigned char tap[MAX_TAP]; | ||
59 | }; | ||
60 | |||
61 | /* | ||
62 | * MD4 test vectors from RFC1320 | ||
63 | */ | ||
64 | #define MD4_TEST_VECTORS 7 | ||
65 | |||
66 | static struct hash_testvec md4_tv_template [] = { | ||
67 | { | ||
68 | .plaintext = "", | ||
69 | .digest = { 0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, | ||
70 | 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }, | ||
71 | }, { | ||
72 | .plaintext = "a", | ||
73 | .psize = 1, | ||
74 | .digest = { 0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, | ||
75 | 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }, | ||
76 | }, { | ||
77 | .plaintext = "abc", | ||
78 | .psize = 3, | ||
79 | .digest = { 0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, | ||
80 | 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }, | ||
81 | }, { | ||
82 | .plaintext = "message digest", | ||
83 | .psize = 14, | ||
84 | .digest = { 0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, | ||
85 | 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }, | ||
86 | }, { | ||
87 | .plaintext = "abcdefghijklmnopqrstuvwxyz", | ||
88 | .psize = 26, | ||
89 | .digest = { 0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, | ||
90 | 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }, | ||
91 | .np = 2, | ||
92 | .tap = { 13, 13 }, | ||
93 | }, { | ||
94 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", | ||
95 | .psize = 62, | ||
96 | .digest = { 0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, | ||
97 | 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }, | ||
98 | }, { | ||
99 | .plaintext = "123456789012345678901234567890123456789012345678901234567890123" | ||
100 | "45678901234567890", | ||
101 | .psize = 80, | ||
102 | .digest = { 0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, | ||
103 | 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }, | ||
104 | }, | ||
105 | }; | ||
106 | |||
107 | /* | ||
108 | * MD5 test vectors from RFC1321 | ||
109 | */ | ||
110 | #define MD5_TEST_VECTORS 7 | ||
111 | |||
112 | static struct hash_testvec md5_tv_template[] = { | ||
113 | { | ||
114 | .digest = { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, | ||
115 | 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }, | ||
116 | }, { | ||
117 | .plaintext = "a", | ||
118 | .psize = 1, | ||
119 | .digest = { 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, | ||
120 | 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }, | ||
121 | }, { | ||
122 | .plaintext = "abc", | ||
123 | .psize = 3, | ||
124 | .digest = { 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, | ||
125 | 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }, | ||
126 | }, { | ||
127 | .plaintext = "message digest", | ||
128 | .psize = 14, | ||
129 | .digest = { 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, | ||
130 | 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }, | ||
131 | }, { | ||
132 | .plaintext = "abcdefghijklmnopqrstuvwxyz", | ||
133 | .psize = 26, | ||
134 | .digest = { 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, | ||
135 | 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }, | ||
136 | .np = 2, | ||
137 | .tap = {13, 13} | ||
138 | }, { | ||
139 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", | ||
140 | .psize = 62, | ||
141 | .digest = { 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, | ||
142 | 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }, | ||
143 | }, { | ||
144 | .plaintext = "12345678901234567890123456789012345678901234567890123456789012" | ||
145 | "345678901234567890", | ||
146 | .psize = 80, | ||
147 | .digest = { 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, | ||
148 | 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }, | ||
149 | } | ||
150 | }; | ||
151 | |||
152 | /* | ||
153 | * SHA1 test vectors from from FIPS PUB 180-1 | ||
154 | */ | ||
155 | #define SHA1_TEST_VECTORS 2 | ||
156 | |||
157 | static struct hash_testvec sha1_tv_template[] = { | ||
158 | { | ||
159 | .plaintext = "abc", | ||
160 | .psize = 3, | ||
161 | .digest = { 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, | ||
162 | 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d }, | ||
163 | }, { | ||
164 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
165 | .psize = 56, | ||
166 | .digest = { 0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, 0xba, 0xae, | ||
167 | 0x4a, 0xa1, 0xf9, 0x51, 0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1 }, | ||
168 | .np = 2, | ||
169 | .tap = { 28, 28 } | ||
170 | } | ||
171 | }; | ||
172 | |||
173 | /* | ||
174 | * SHA256 test vectors from from NIST | ||
175 | */ | ||
176 | #define SHA256_TEST_VECTORS 2 | ||
177 | |||
178 | static struct hash_testvec sha256_tv_template[] = { | ||
179 | { | ||
180 | .plaintext = "abc", | ||
181 | .psize = 3, | ||
182 | .digest = { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, | ||
183 | 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, | ||
184 | 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, | ||
185 | 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }, | ||
186 | }, { | ||
187 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
188 | .psize = 56, | ||
189 | .digest = { 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, | ||
190 | 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, | ||
191 | 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, | ||
192 | 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }, | ||
193 | .np = 2, | ||
194 | .tap = { 28, 28 } | ||
195 | }, | ||
196 | }; | ||
197 | |||
198 | /* | ||
199 | * SHA384 test vectors from from NIST and kerneli | ||
200 | */ | ||
201 | #define SHA384_TEST_VECTORS 4 | ||
202 | |||
203 | static struct hash_testvec sha384_tv_template[] = { | ||
204 | { | ||
205 | .plaintext= "abc", | ||
206 | .psize = 3, | ||
207 | .digest = { 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, | ||
208 | 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, | ||
209 | 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, | ||
210 | 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, | ||
211 | 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, | ||
212 | 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 }, | ||
213 | }, { | ||
214 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
215 | .psize = 56, | ||
216 | .digest = { 0x33, 0x91, 0xfd, 0xdd, 0xfc, 0x8d, 0xc7, 0x39, | ||
217 | 0x37, 0x07, 0xa6, 0x5b, 0x1b, 0x47, 0x09, 0x39, | ||
218 | 0x7c, 0xf8, 0xb1, 0xd1, 0x62, 0xaf, 0x05, 0xab, | ||
219 | 0xfe, 0x8f, 0x45, 0x0d, 0xe5, 0xf3, 0x6b, 0xc6, | ||
220 | 0xb0, 0x45, 0x5a, 0x85, 0x20, 0xbc, 0x4e, 0x6f, | ||
221 | 0x5f, 0xe9, 0x5b, 0x1f, 0xe3, 0xc8, 0x45, 0x2b}, | ||
222 | }, { | ||
223 | .plaintext = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" | ||
224 | "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", | ||
225 | .psize = 112, | ||
226 | .digest = { 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, | ||
227 | 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, | ||
228 | 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, | ||
229 | 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, | ||
230 | 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, | ||
231 | 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 }, | ||
232 | }, { | ||
233 | .plaintext = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd" | ||
234 | "efghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz", | ||
235 | .psize = 104, | ||
236 | .digest = { 0x3d, 0x20, 0x89, 0x73, 0xab, 0x35, 0x08, 0xdb, | ||
237 | 0xbd, 0x7e, 0x2c, 0x28, 0x62, 0xba, 0x29, 0x0a, | ||
238 | 0xd3, 0x01, 0x0e, 0x49, 0x78, 0xc1, 0x98, 0xdc, | ||
239 | 0x4d, 0x8f, 0xd0, 0x14, 0xe5, 0x82, 0x82, 0x3a, | ||
240 | 0x89, 0xe1, 0x6f, 0x9b, 0x2a, 0x7b, 0xbc, 0x1a, | ||
241 | 0xc9, 0x38, 0xe2, 0xd1, 0x99, 0xe8, 0xbe, 0xa4 }, | ||
242 | .np = 4, | ||
243 | .tap = { 26, 26, 26, 26 } | ||
244 | }, | ||
245 | }; | ||
246 | |||
247 | /* | ||
248 | * SHA512 test vectors from from NIST and kerneli | ||
249 | */ | ||
250 | #define SHA512_TEST_VECTORS 4 | ||
251 | |||
252 | static struct hash_testvec sha512_tv_template[] = { | ||
253 | { | ||
254 | .plaintext = "abc", | ||
255 | .psize = 3, | ||
256 | .digest = { 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, | ||
257 | 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, | ||
258 | 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, | ||
259 | 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, | ||
260 | 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, | ||
261 | 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, | ||
262 | 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, | ||
263 | 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }, | ||
264 | }, { | ||
265 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
266 | .psize = 56, | ||
267 | .digest = { 0x20, 0x4a, 0x8f, 0xc6, 0xdd, 0xa8, 0x2f, 0x0a, | ||
268 | 0x0c, 0xed, 0x7b, 0xeb, 0x8e, 0x08, 0xa4, 0x16, | ||
269 | 0x57, 0xc1, 0x6e, 0xf4, 0x68, 0xb2, 0x28, 0xa8, | ||
270 | 0x27, 0x9b, 0xe3, 0x31, 0xa7, 0x03, 0xc3, 0x35, | ||
271 | 0x96, 0xfd, 0x15, 0xc1, 0x3b, 0x1b, 0x07, 0xf9, | ||
272 | 0xaa, 0x1d, 0x3b, 0xea, 0x57, 0x78, 0x9c, 0xa0, | ||
273 | 0x31, 0xad, 0x85, 0xc7, 0xa7, 0x1d, 0xd7, 0x03, | ||
274 | 0x54, 0xec, 0x63, 0x12, 0x38, 0xca, 0x34, 0x45 }, | ||
275 | }, { | ||
276 | .plaintext = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" | ||
277 | "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", | ||
278 | .psize = 112, | ||
279 | .digest = { 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, | ||
280 | 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, | ||
281 | 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, | ||
282 | 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, | ||
283 | 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, | ||
284 | 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, | ||
285 | 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, | ||
286 | 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }, | ||
287 | }, { | ||
288 | .plaintext = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd" | ||
289 | "efghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz", | ||
290 | .psize = 104, | ||
291 | .digest = { 0x93, 0x0d, 0x0c, 0xef, 0xcb, 0x30, 0xff, 0x11, | ||
292 | 0x33, 0xb6, 0x89, 0x81, 0x21, 0xf1, 0xcf, 0x3d, | ||
293 | 0x27, 0x57, 0x8a, 0xfc, 0xaf, 0xe8, 0x67, 0x7c, | ||
294 | 0x52, 0x57, 0xcf, 0x06, 0x99, 0x11, 0xf7, 0x5d, | ||
295 | 0x8f, 0x58, 0x31, 0xb5, 0x6e, 0xbf, 0xda, 0x67, | ||
296 | 0xb2, 0x78, 0xe6, 0x6d, 0xff, 0x8b, 0x84, 0xfe, | ||
297 | 0x2b, 0x28, 0x70, 0xf7, 0x42, 0xa5, 0x80, 0xd8, | ||
298 | 0xed, 0xb4, 0x19, 0x87, 0x23, 0x28, 0x50, 0xc9 }, | ||
299 | .np = 4, | ||
300 | .tap = { 26, 26, 26, 26 } | ||
301 | }, | ||
302 | }; | ||
303 | |||
304 | |||
305 | /* | ||
306 | * WHIRLPOOL test vectors from Whirlpool package | ||
307 | * by Vincent Rijmen and Paulo S. L. M. Barreto as part of the NESSIE | ||
308 | * submission | ||
309 | */ | ||
310 | #define WP512_TEST_VECTORS 8 | ||
311 | |||
312 | static struct hash_testvec wp512_tv_template[] = { | ||
313 | { | ||
314 | .plaintext = "", | ||
315 | .psize = 0, | ||
316 | .digest = { 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66, | ||
317 | 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26, | ||
318 | 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8, | ||
319 | 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7, | ||
320 | 0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB, | ||
321 | 0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57, | ||
322 | 0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37, | ||
323 | 0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3 }, | ||
324 | |||
325 | |||
326 | }, { | ||
327 | .plaintext = "a", | ||
328 | .psize = 1, | ||
329 | .digest = { 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F, | ||
330 | 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7, | ||
331 | 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69, | ||
332 | 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42, | ||
333 | 0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6, | ||
334 | 0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59, | ||
335 | 0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5, | ||
336 | 0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A }, | ||
337 | }, { | ||
338 | .plaintext = "abc", | ||
339 | .psize = 3, | ||
340 | .digest = { 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB, | ||
341 | 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B, | ||
342 | 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72, | ||
343 | 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C, | ||
344 | 0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27, | ||
345 | 0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6, | ||
346 | 0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82, | ||
347 | 0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5 }, | ||
348 | }, { | ||
349 | .plaintext = "message digest", | ||
350 | .psize = 14, | ||
351 | .digest = { 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6, | ||
352 | 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC, | ||
353 | 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C, | ||
354 | 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B, | ||
355 | 0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1, | ||
356 | 0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6, | ||
357 | 0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33, | ||
358 | 0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E }, | ||
359 | }, { | ||
360 | .plaintext = "abcdefghijklmnopqrstuvwxyz", | ||
361 | .psize = 26, | ||
362 | .digest = { 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9, | ||
363 | 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A, | ||
364 | 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5, | ||
365 | 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B, | ||
366 | 0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A, | ||
367 | 0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6, | ||
368 | 0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D, | ||
369 | 0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B }, | ||
370 | }, { | ||
371 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" | ||
372 | "abcdefghijklmnopqrstuvwxyz0123456789", | ||
373 | .psize = 62, | ||
374 | .digest = { 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B, | ||
375 | 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90, | ||
376 | 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC, | ||
377 | 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E, | ||
378 | 0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F, | ||
379 | 0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6, | ||
380 | 0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21, | ||
381 | 0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67 }, | ||
382 | }, { | ||
383 | .plaintext = "1234567890123456789012345678901234567890" | ||
384 | "1234567890123456789012345678901234567890", | ||
385 | .psize = 80, | ||
386 | .digest = { 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D, | ||
387 | 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0, | ||
388 | 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6, | ||
389 | 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29, | ||
390 | 0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5, | ||
391 | 0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A, | ||
392 | 0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B, | ||
393 | 0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B }, | ||
394 | }, { | ||
395 | .plaintext = "abcdbcdecdefdefgefghfghighijhijk", | ||
396 | .psize = 32, | ||
397 | .digest = { 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61, | ||
398 | 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48, | ||
399 | 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62, | ||
400 | 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69, | ||
401 | 0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B, | ||
402 | 0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56, | ||
403 | 0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6, | ||
404 | 0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD }, | ||
405 | }, | ||
406 | }; | ||
407 | |||
408 | #define WP384_TEST_VECTORS 8 | ||
409 | |||
410 | static struct hash_testvec wp384_tv_template[] = { | ||
411 | { | ||
412 | .plaintext = "", | ||
413 | .psize = 0, | ||
414 | .digest = { 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66, | ||
415 | 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26, | ||
416 | 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8, | ||
417 | 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7, | ||
418 | 0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB, | ||
419 | 0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57 }, | ||
420 | |||
421 | |||
422 | }, { | ||
423 | .plaintext = "a", | ||
424 | .psize = 1, | ||
425 | .digest = { 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F, | ||
426 | 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7, | ||
427 | 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69, | ||
428 | 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42, | ||
429 | 0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6, | ||
430 | 0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59 }, | ||
431 | }, { | ||
432 | .plaintext = "abc", | ||
433 | .psize = 3, | ||
434 | .digest = { 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB, | ||
435 | 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B, | ||
436 | 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72, | ||
437 | 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C, | ||
438 | 0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27, | ||
439 | 0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6 }, | ||
440 | }, { | ||
441 | .plaintext = "message digest", | ||
442 | .psize = 14, | ||
443 | .digest = { 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6, | ||
444 | 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC, | ||
445 | 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C, | ||
446 | 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B, | ||
447 | 0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1, | ||
448 | 0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6 }, | ||
449 | }, { | ||
450 | .plaintext = "abcdefghijklmnopqrstuvwxyz", | ||
451 | .psize = 26, | ||
452 | .digest = { 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9, | ||
453 | 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A, | ||
454 | 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5, | ||
455 | 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B, | ||
456 | 0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A, | ||
457 | 0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6 }, | ||
458 | }, { | ||
459 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" | ||
460 | "abcdefghijklmnopqrstuvwxyz0123456789", | ||
461 | .psize = 62, | ||
462 | .digest = { 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B, | ||
463 | 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90, | ||
464 | 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC, | ||
465 | 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E, | ||
466 | 0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F, | ||
467 | 0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6 }, | ||
468 | }, { | ||
469 | .plaintext = "1234567890123456789012345678901234567890" | ||
470 | "1234567890123456789012345678901234567890", | ||
471 | .psize = 80, | ||
472 | .digest = { 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D, | ||
473 | 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0, | ||
474 | 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6, | ||
475 | 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29, | ||
476 | 0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5, | ||
477 | 0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A }, | ||
478 | }, { | ||
479 | .plaintext = "abcdbcdecdefdefgefghfghighijhijk", | ||
480 | .psize = 32, | ||
481 | .digest = { 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61, | ||
482 | 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48, | ||
483 | 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62, | ||
484 | 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69, | ||
485 | 0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B, | ||
486 | 0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56 }, | ||
487 | }, | ||
488 | }; | ||
489 | |||
490 | #define WP256_TEST_VECTORS 8 | ||
491 | |||
492 | static struct hash_testvec wp256_tv_template[] = { | ||
493 | { | ||
494 | .plaintext = "", | ||
495 | .psize = 0, | ||
496 | .digest = { 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66, | ||
497 | 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26, | ||
498 | 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8, | ||
499 | 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7 }, | ||
500 | |||
501 | |||
502 | }, { | ||
503 | .plaintext = "a", | ||
504 | .psize = 1, | ||
505 | .digest = { 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F, | ||
506 | 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7, | ||
507 | 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69, | ||
508 | 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42 }, | ||
509 | }, { | ||
510 | .plaintext = "abc", | ||
511 | .psize = 3, | ||
512 | .digest = { 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB, | ||
513 | 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B, | ||
514 | 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72, | ||
515 | 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C }, | ||
516 | }, { | ||
517 | .plaintext = "message digest", | ||
518 | .psize = 14, | ||
519 | .digest = { 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6, | ||
520 | 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC, | ||
521 | 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C, | ||
522 | 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B }, | ||
523 | }, { | ||
524 | .plaintext = "abcdefghijklmnopqrstuvwxyz", | ||
525 | .psize = 26, | ||
526 | .digest = { 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9, | ||
527 | 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A, | ||
528 | 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5, | ||
529 | 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B }, | ||
530 | }, { | ||
531 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" | ||
532 | "abcdefghijklmnopqrstuvwxyz0123456789", | ||
533 | .psize = 62, | ||
534 | .digest = { 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B, | ||
535 | 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90, | ||
536 | 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC, | ||
537 | 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E }, | ||
538 | }, { | ||
539 | .plaintext = "1234567890123456789012345678901234567890" | ||
540 | "1234567890123456789012345678901234567890", | ||
541 | .psize = 80, | ||
542 | .digest = { 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D, | ||
543 | 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0, | ||
544 | 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6, | ||
545 | 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29 }, | ||
546 | }, { | ||
547 | .plaintext = "abcdbcdecdefdefgefghfghighijhijk", | ||
548 | .psize = 32, | ||
549 | .digest = { 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61, | ||
550 | 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48, | ||
551 | 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62, | ||
552 | 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69 }, | ||
553 | }, | ||
554 | }; | ||
555 | |||
556 | /* | ||
557 | * TIGER test vectors from Tiger website | ||
558 | */ | ||
559 | #define TGR192_TEST_VECTORS 6 | ||
560 | |||
561 | static struct hash_testvec tgr192_tv_template[] = { | ||
562 | { | ||
563 | .plaintext = "", | ||
564 | .psize = 0, | ||
565 | .digest = { 0x24, 0xf0, 0x13, 0x0c, 0x63, 0xac, 0x93, 0x32, | ||
566 | 0x16, 0x16, 0x6e, 0x76, 0xb1, 0xbb, 0x92, 0x5f, | ||
567 | 0xf3, 0x73, 0xde, 0x2d, 0x49, 0x58, 0x4e, 0x7a }, | ||
568 | }, { | ||
569 | .plaintext = "abc", | ||
570 | .psize = 3, | ||
571 | .digest = { 0xf2, 0x58, 0xc1, 0xe8, 0x84, 0x14, 0xab, 0x2a, | ||
572 | 0x52, 0x7a, 0xb5, 0x41, 0xff, 0xc5, 0xb8, 0xbf, | ||
573 | 0x93, 0x5f, 0x7b, 0x95, 0x1c, 0x13, 0x29, 0x51 }, | ||
574 | }, { | ||
575 | .plaintext = "Tiger", | ||
576 | .psize = 5, | ||
577 | .digest = { 0x9f, 0x00, 0xf5, 0x99, 0x07, 0x23, 0x00, 0xdd, | ||
578 | 0x27, 0x6a, 0xbb, 0x38, 0xc8, 0xeb, 0x6d, 0xec, | ||
579 | 0x37, 0x79, 0x0c, 0x11, 0x6f, 0x9d, 0x2b, 0xdf }, | ||
580 | }, { | ||
581 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", | ||
582 | .psize = 64, | ||
583 | .digest = { 0x87, 0xfb, 0x2a, 0x90, 0x83, 0x85, 0x1c, 0xf7, | ||
584 | 0x47, 0x0d, 0x2c, 0xf8, 0x10, 0xe6, 0xdf, 0x9e, | ||
585 | 0xb5, 0x86, 0x44, 0x50, 0x34, 0xa5, 0xa3, 0x86 }, | ||
586 | }, { | ||
587 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789", | ||
588 | .psize = 64, | ||
589 | .digest = { 0x46, 0x7d, 0xb8, 0x08, 0x63, 0xeb, 0xce, 0x48, | ||
590 | 0x8d, 0xf1, 0xcd, 0x12, 0x61, 0x65, 0x5d, 0xe9, | ||
591 | 0x57, 0x89, 0x65, 0x65, 0x97, 0x5f, 0x91, 0x97 }, | ||
592 | }, { | ||
593 | .plaintext = "Tiger - A Fast New Hash Function, " | ||
594 | "by Ross Anderson and Eli Biham, " | ||
595 | "proceedings of Fast Software Encryption 3, " | ||
596 | "Cambridge, 1996.", | ||
597 | .psize = 125, | ||
598 | .digest = { 0x3d, 0x9a, 0xeb, 0x03, 0xd1, 0xbd, 0x1a, 0x63, | ||
599 | 0x57, 0xb2, 0x77, 0x4d, 0xfd, 0x6d, 0x5b, 0x24, | ||
600 | 0xdd, 0x68, 0x15, 0x1d, 0x50, 0x39, 0x74, 0xfc }, | ||
601 | }, | ||
602 | }; | ||
603 | |||
604 | #define TGR160_TEST_VECTORS 6 | ||
605 | |||
606 | static struct hash_testvec tgr160_tv_template[] = { | ||
607 | { | ||
608 | .plaintext = "", | ||
609 | .psize = 0, | ||
610 | .digest = { 0x24, 0xf0, 0x13, 0x0c, 0x63, 0xac, 0x93, 0x32, | ||
611 | 0x16, 0x16, 0x6e, 0x76, 0xb1, 0xbb, 0x92, 0x5f, | ||
612 | 0xf3, 0x73, 0xde, 0x2d }, | ||
613 | }, { | ||
614 | .plaintext = "abc", | ||
615 | .psize = 3, | ||
616 | .digest = { 0xf2, 0x58, 0xc1, 0xe8, 0x84, 0x14, 0xab, 0x2a, | ||
617 | 0x52, 0x7a, 0xb5, 0x41, 0xff, 0xc5, 0xb8, 0xbf, | ||
618 | 0x93, 0x5f, 0x7b, 0x95 }, | ||
619 | }, { | ||
620 | .plaintext = "Tiger", | ||
621 | .psize = 5, | ||
622 | .digest = { 0x9f, 0x00, 0xf5, 0x99, 0x07, 0x23, 0x00, 0xdd, | ||
623 | 0x27, 0x6a, 0xbb, 0x38, 0xc8, 0xeb, 0x6d, 0xec, | ||
624 | 0x37, 0x79, 0x0c, 0x11 }, | ||
625 | }, { | ||
626 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", | ||
627 | .psize = 64, | ||
628 | .digest = { 0x87, 0xfb, 0x2a, 0x90, 0x83, 0x85, 0x1c, 0xf7, | ||
629 | 0x47, 0x0d, 0x2c, 0xf8, 0x10, 0xe6, 0xdf, 0x9e, | ||
630 | 0xb5, 0x86, 0x44, 0x50 }, | ||
631 | }, { | ||
632 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789", | ||
633 | .psize = 64, | ||
634 | .digest = { 0x46, 0x7d, 0xb8, 0x08, 0x63, 0xeb, 0xce, 0x48, | ||
635 | 0x8d, 0xf1, 0xcd, 0x12, 0x61, 0x65, 0x5d, 0xe9, | ||
636 | 0x57, 0x89, 0x65, 0x65 }, | ||
637 | }, { | ||
638 | .plaintext = "Tiger - A Fast New Hash Function, " | ||
639 | "by Ross Anderson and Eli Biham, " | ||
640 | "proceedings of Fast Software Encryption 3, " | ||
641 | "Cambridge, 1996.", | ||
642 | .psize = 125, | ||
643 | .digest = { 0x3d, 0x9a, 0xeb, 0x03, 0xd1, 0xbd, 0x1a, 0x63, | ||
644 | 0x57, 0xb2, 0x77, 0x4d, 0xfd, 0x6d, 0x5b, 0x24, | ||
645 | 0xdd, 0x68, 0x15, 0x1d }, | ||
646 | }, | ||
647 | }; | ||
648 | |||
649 | #define TGR128_TEST_VECTORS 6 | ||
650 | |||
651 | static struct hash_testvec tgr128_tv_template[] = { | ||
652 | { | ||
653 | .plaintext = "", | ||
654 | .psize = 0, | ||
655 | .digest = { 0x24, 0xf0, 0x13, 0x0c, 0x63, 0xac, 0x93, 0x32, | ||
656 | 0x16, 0x16, 0x6e, 0x76, 0xb1, 0xbb, 0x92, 0x5f }, | ||
657 | }, { | ||
658 | .plaintext = "abc", | ||
659 | .psize = 3, | ||
660 | .digest = { 0xf2, 0x58, 0xc1, 0xe8, 0x84, 0x14, 0xab, 0x2a, | ||
661 | 0x52, 0x7a, 0xb5, 0x41, 0xff, 0xc5, 0xb8, 0xbf }, | ||
662 | }, { | ||
663 | .plaintext = "Tiger", | ||
664 | .psize = 5, | ||
665 | .digest = { 0x9f, 0x00, 0xf5, 0x99, 0x07, 0x23, 0x00, 0xdd, | ||
666 | 0x27, 0x6a, 0xbb, 0x38, 0xc8, 0xeb, 0x6d, 0xec }, | ||
667 | }, { | ||
668 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", | ||
669 | .psize = 64, | ||
670 | .digest = { 0x87, 0xfb, 0x2a, 0x90, 0x83, 0x85, 0x1c, 0xf7, | ||
671 | 0x47, 0x0d, 0x2c, 0xf8, 0x10, 0xe6, 0xdf, 0x9e }, | ||
672 | }, { | ||
673 | .plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789", | ||
674 | .psize = 64, | ||
675 | .digest = { 0x46, 0x7d, 0xb8, 0x08, 0x63, 0xeb, 0xce, 0x48, | ||
676 | 0x8d, 0xf1, 0xcd, 0x12, 0x61, 0x65, 0x5d, 0xe9 }, | ||
677 | }, { | ||
678 | .plaintext = "Tiger - A Fast New Hash Function, " | ||
679 | "by Ross Anderson and Eli Biham, " | ||
680 | "proceedings of Fast Software Encryption 3, " | ||
681 | "Cambridge, 1996.", | ||
682 | .psize = 125, | ||
683 | .digest = { 0x3d, 0x9a, 0xeb, 0x03, 0xd1, 0xbd, 0x1a, 0x63, | ||
684 | 0x57, 0xb2, 0x77, 0x4d, 0xfd, 0x6d, 0x5b, 0x24 }, | ||
685 | }, | ||
686 | }; | ||
687 | |||
688 | #ifdef CONFIG_CRYPTO_HMAC | ||
689 | /* | ||
690 | * HMAC-MD5 test vectors from RFC2202 | ||
691 | * (These need to be fixed to not use strlen). | ||
692 | */ | ||
693 | #define HMAC_MD5_TEST_VECTORS 7 | ||
694 | |||
695 | static struct hmac_testvec hmac_md5_tv_template[] = | ||
696 | { | ||
697 | { | ||
698 | .key = { [0 ... 15] = 0x0b }, | ||
699 | .ksize = 16, | ||
700 | .plaintext = "Hi There", | ||
701 | .psize = 8, | ||
702 | .digest = { 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, | ||
703 | 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d }, | ||
704 | }, { | ||
705 | .key = { 'J', 'e', 'f', 'e' }, | ||
706 | .ksize = 4, | ||
707 | .plaintext = "what do ya want for nothing?", | ||
708 | .psize = 28, | ||
709 | .digest = { 0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, | ||
710 | 0xea, 0xa8, 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 }, | ||
711 | .np = 2, | ||
712 | .tap = {14, 14} | ||
713 | }, { | ||
714 | .key = { [0 ... 15] = 0xaa }, | ||
715 | .ksize = 16, | ||
716 | .plaintext = { [0 ... 49] = 0xdd }, | ||
717 | .psize = 50, | ||
718 | .digest = { 0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, | ||
719 | 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 }, | ||
720 | }, { | ||
721 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
722 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
723 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, }, | ||
724 | .ksize = 25, | ||
725 | .plaintext = { [0 ... 49] = 0xcd }, | ||
726 | .psize = 50, | ||
727 | .digest = { 0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea, | ||
728 | 0x3a, 0x75, 0x16, 0x47, 0x46, 0xff, 0xaa, 0x79 }, | ||
729 | }, { | ||
730 | .key = { [0 ... 15] = 0x0c }, | ||
731 | .ksize = 16, | ||
732 | .plaintext = "Test With Truncation", | ||
733 | .psize = 20, | ||
734 | .digest = { 0x56, 0x46, 0x1e, 0xf2, 0x34, 0x2e, 0xdc, 0x00, | ||
735 | 0xf9, 0xba, 0xb9, 0x95, 0x69, 0x0e, 0xfd, 0x4c }, | ||
736 | }, { | ||
737 | .key = { [0 ... 79] = 0xaa }, | ||
738 | .ksize = 80, | ||
739 | .plaintext = "Test Using Larger Than Block-Size Key - Hash Key First", | ||
740 | .psize = 54, | ||
741 | .digest = { 0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f, | ||
742 | 0x0b, 0x62, 0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd }, | ||
743 | }, { | ||
744 | .key = { [0 ... 79] = 0xaa }, | ||
745 | .ksize = 80, | ||
746 | .plaintext = "Test Using Larger Than Block-Size Key and Larger Than One " | ||
747 | "Block-Size Data", | ||
748 | .psize = 73, | ||
749 | .digest = { 0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, | ||
750 | 0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e }, | ||
751 | }, | ||
752 | }; | ||
753 | |||
754 | /* | ||
755 | * HMAC-SHA1 test vectors from RFC2202 | ||
756 | */ | ||
757 | #define HMAC_SHA1_TEST_VECTORS 7 | ||
758 | |||
759 | static struct hmac_testvec hmac_sha1_tv_template[] = { | ||
760 | { | ||
761 | .key = { [0 ... 19] = 0x0b }, | ||
762 | .ksize = 20, | ||
763 | .plaintext = "Hi There", | ||
764 | .psize = 8, | ||
765 | .digest = { 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, | ||
766 | 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, 0xf1, | ||
767 | 0x46, 0xbe }, | ||
768 | }, { | ||
769 | .key = { 'J', 'e', 'f', 'e' }, | ||
770 | .ksize = 4, | ||
771 | .plaintext = "what do ya want for nothing?", | ||
772 | .psize = 28, | ||
773 | .digest = { 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2, 0xd2, 0x74, | ||
774 | 0x16, 0xd5, 0xf1, 0x84, 0xdf, 0x9c, 0x25, 0x9a, 0x7c, 0x79 }, | ||
775 | .np = 2, | ||
776 | .tap = { 14, 14 } | ||
777 | }, { | ||
778 | .key = { [0 ... 19] = 0xaa }, | ||
779 | .ksize = 20, | ||
780 | .plaintext = { [0 ... 49] = 0xdd }, | ||
781 | .psize = 50, | ||
782 | .digest = { 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd, 0x91, 0xa3, | ||
783 | 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, 0x4f, 0x63, 0xf1, 0x75, 0xd3 }, | ||
784 | }, { | ||
785 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
786 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
787 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19 }, | ||
788 | .ksize = 25, | ||
789 | .plaintext = { [0 ... 49] = 0xcd }, | ||
790 | .psize = 50, | ||
791 | .digest = { 0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6, 0xbc, 0x84, | ||
792 | 0x14, 0xf9, 0xbf, 0x50, 0xc8, 0x6c, 0x2d, 0x72, 0x35, 0xda }, | ||
793 | }, { | ||
794 | .key = { [0 ... 19] = 0x0c }, | ||
795 | .ksize = 20, | ||
796 | .plaintext = "Test With Truncation", | ||
797 | .psize = 20, | ||
798 | .digest = { 0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f, 0xe7, 0xf2, | ||
799 | 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, 0x32, 0x4a, 0x9a, 0x5a, 0x04 }, | ||
800 | }, { | ||
801 | .key = { [0 ... 79] = 0xaa }, | ||
802 | .ksize = 80, | ||
803 | .plaintext = "Test Using Larger Than Block-Size Key - Hash Key First", | ||
804 | .psize = 54, | ||
805 | .digest = { 0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e, 0x95, 0x70, | ||
806 | 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55, 0xed, 0x40, 0x21, 0x12 }, | ||
807 | }, { | ||
808 | .key = { [0 ... 79] = 0xaa }, | ||
809 | .ksize = 80, | ||
810 | .plaintext = "Test Using Larger Than Block-Size Key and Larger Than One " | ||
811 | "Block-Size Data", | ||
812 | .psize = 73, | ||
813 | .digest = { 0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78, 0x6d, 0x6b, | ||
814 | 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x08, 0xbb, 0xff, 0x1a, 0x91 }, | ||
815 | }, | ||
816 | }; | ||
817 | |||
818 | /* | ||
819 | * HMAC-SHA256 test vectors from | ||
820 | * draft-ietf-ipsec-ciph-sha-256-01.txt | ||
821 | */ | ||
822 | #define HMAC_SHA256_TEST_VECTORS 10 | ||
823 | |||
824 | static struct hmac_testvec hmac_sha256_tv_template[] = { | ||
825 | { | ||
826 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
827 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
828 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, | ||
829 | 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20}, | ||
830 | .ksize = 32, | ||
831 | .plaintext = "abc", | ||
832 | .psize = 3, | ||
833 | .digest = { 0xa2, 0x1b, 0x1f, 0x5d, 0x4c, 0xf4, 0xf7, 0x3a, | ||
834 | 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a, | ||
835 | 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66, | ||
836 | 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81 }, | ||
837 | }, { | ||
838 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
839 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
840 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, | ||
841 | 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 }, | ||
842 | .ksize = 32, | ||
843 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
844 | .psize = 56, | ||
845 | .digest = { 0x10, 0x4f, 0xdc, 0x12, 0x57, 0x32, 0x8f, 0x08, | ||
846 | 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae, | ||
847 | 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49, | ||
848 | 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30 }, | ||
849 | }, { | ||
850 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
851 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
852 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, | ||
853 | 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 }, | ||
854 | .ksize = 32, | ||
855 | .plaintext = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" | ||
856 | "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
857 | .psize = 112, | ||
858 | .digest = { 0x47, 0x03, 0x05, 0xfc, 0x7e, 0x40, 0xfe, 0x34, | ||
859 | 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab, | ||
860 | 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5, | ||
861 | 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3 }, | ||
862 | }, { | ||
863 | .key = { [0 ... 31] = 0x0b }, | ||
864 | .ksize = 32, | ||
865 | .plaintext = "Hi There", | ||
866 | .psize = 8, | ||
867 | .digest = { 0x19, 0x8a, 0x60, 0x7e, 0xb4, 0x4b, 0xfb, 0xc6, | ||
868 | 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5, | ||
869 | 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c, | ||
870 | 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7 }, | ||
871 | }, { | ||
872 | .key = "Jefe", | ||
873 | .ksize = 4, | ||
874 | .plaintext = "what do ya want for nothing?", | ||
875 | .psize = 28, | ||
876 | .digest = { 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, | ||
877 | 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, | ||
878 | 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, | ||
879 | 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 }, | ||
880 | .np = 2, | ||
881 | .tap = { 14, 14 } | ||
882 | }, { | ||
883 | .key = { [0 ... 31] = 0xaa }, | ||
884 | .ksize = 32, | ||
885 | .plaintext = { [0 ... 49] = 0xdd }, | ||
886 | .psize = 50, | ||
887 | .digest = { 0xcd, 0xcb, 0x12, 0x20, 0xd1, 0xec, 0xcc, 0xea, | ||
888 | 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62, | ||
889 | 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc, | ||
890 | 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0 }, | ||
891 | }, { | ||
892 | .key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
893 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
894 | 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, | ||
895 | 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, | ||
896 | 0x21, 0x22, 0x23, 0x24, 0x25 }, | ||
897 | .ksize = 37, | ||
898 | .plaintext = { [0 ... 49] = 0xcd }, | ||
899 | .psize = 50, | ||
900 | .digest = { 0xd4, 0x63, 0x3c, 0x17, 0xf6, 0xfb, 0x8d, 0x74, | ||
901 | 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55, | ||
902 | 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85, | ||
903 | 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17 }, | ||
904 | }, { | ||
905 | .key = { [0 ... 31] = 0x0c }, | ||
906 | .ksize = 32, | ||
907 | .plaintext = "Test With Truncation", | ||
908 | .psize = 20, | ||
909 | .digest = { 0x75, 0x46, 0xaf, 0x01, 0x84, 0x1f, 0xc0, 0x9b, | ||
910 | 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17, | ||
911 | 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27, | ||
912 | 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42 }, | ||
913 | }, { | ||
914 | .key = { [0 ... 79] = 0xaa }, | ||
915 | .ksize = 80, | ||
916 | .plaintext = "Test Using Larger Than Block-Size Key - Hash Key First", | ||
917 | .psize = 54, | ||
918 | .digest = { 0x69, 0x53, 0x02, 0x5e, 0xd9, 0x6f, 0x0c, 0x09, | ||
919 | 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb, | ||
920 | 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e, | ||
921 | 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f }, | ||
922 | }, { | ||
923 | .key = { [0 ... 79] = 0xaa }, | ||
924 | .ksize = 80, | ||
925 | .plaintext = "Test Using Larger Than Block-Size Key and Larger Than " | ||
926 | "One Block-Size Data", | ||
927 | .psize = 73, | ||
928 | .digest = { 0x63, 0x55, 0xac, 0x22, 0xe8, 0x90, 0xd0, 0xa3, | ||
929 | 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8, | ||
930 | 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc, | ||
931 | 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6 }, | ||
932 | }, | ||
933 | }; | ||
934 | |||
935 | #endif /* CONFIG_CRYPTO_HMAC */ | ||
936 | |||
937 | /* | ||
938 | * DES test vectors. | ||
939 | */ | ||
940 | #define DES_ENC_TEST_VECTORS 10 | ||
941 | #define DES_DEC_TEST_VECTORS 4 | ||
942 | #define DES_CBC_ENC_TEST_VECTORS 5 | ||
943 | #define DES_CBC_DEC_TEST_VECTORS 4 | ||
944 | #define DES3_EDE_ENC_TEST_VECTORS 3 | ||
945 | #define DES3_EDE_DEC_TEST_VECTORS 3 | ||
946 | |||
947 | static struct cipher_testvec des_enc_tv_template[] = { | ||
948 | { /* From Applied Cryptography */ | ||
949 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
950 | .klen = 8, | ||
951 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7 }, | ||
952 | .ilen = 8, | ||
953 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d }, | ||
954 | .rlen = 8, | ||
955 | }, { /* Same key, different plaintext block */ | ||
956 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
957 | .klen = 8, | ||
958 | .input = { 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 }, | ||
959 | .ilen = 8, | ||
960 | .result = { 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b }, | ||
961 | .rlen = 8, | ||
962 | }, { /* Sbox test from NBS */ | ||
963 | .key = { 0x7c, 0xa1, 0x10, 0x45, 0x4a, 0x1a, 0x6e, 0x57 }, | ||
964 | .klen = 8, | ||
965 | .input = { 0x01, 0xa1, 0xd6, 0xd0, 0x39, 0x77, 0x67, 0x42 }, | ||
966 | .ilen = 8, | ||
967 | .result = { 0x69, 0x0f, 0x5b, 0x0d, 0x9a, 0x26, 0x93, 0x9b }, | ||
968 | .rlen = 8, | ||
969 | }, { /* Three blocks */ | ||
970 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
971 | .klen = 8, | ||
972 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
973 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, | ||
974 | 0xca, 0xfe, 0xba, 0xbe, 0xfe, 0xed, 0xbe, 0xef }, | ||
975 | .ilen = 24, | ||
976 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
977 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b, | ||
978 | 0xb4, 0x99, 0x26, 0xf7, 0x1f, 0xe1, 0xd4, 0x90 }, | ||
979 | .rlen = 24, | ||
980 | }, { /* Weak key */ | ||
981 | .fail = 1, | ||
982 | .wk = 1, | ||
983 | .key = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | ||
984 | .klen = 8, | ||
985 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7 }, | ||
986 | .ilen = 8, | ||
987 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d }, | ||
988 | .rlen = 8, | ||
989 | }, { /* Two blocks -- for testing encryption across pages */ | ||
990 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
991 | .klen = 8, | ||
992 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
993 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 }, | ||
994 | .ilen = 16, | ||
995 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
996 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b }, | ||
997 | .rlen = 16, | ||
998 | .np = 2, | ||
999 | .tap = { 8, 8 } | ||
1000 | }, { /* Four blocks -- for testing encryption with chunking */ | ||
1001 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1002 | .klen = 8, | ||
1003 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
1004 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, | ||
1005 | 0xca, 0xfe, 0xba, 0xbe, 0xfe, 0xed, 0xbe, 0xef, | ||
1006 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 }, | ||
1007 | .ilen = 32, | ||
1008 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
1009 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b, | ||
1010 | 0xb4, 0x99, 0x26, 0xf7, 0x1f, 0xe1, 0xd4, 0x90, | ||
1011 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b }, | ||
1012 | .rlen = 32, | ||
1013 | .np = 3, | ||
1014 | .tap = { 14, 10, 8 } | ||
1015 | }, { | ||
1016 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1017 | .klen = 8, | ||
1018 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
1019 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, | ||
1020 | 0xca, 0xfe, 0xba, 0xbe, 0xfe, 0xed, 0xbe, 0xef }, | ||
1021 | .ilen = 24, | ||
1022 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
1023 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b, | ||
1024 | 0xb4, 0x99, 0x26, 0xf7, 0x1f, 0xe1, 0xd4, 0x90 }, | ||
1025 | .rlen = 24, | ||
1026 | .np = 4, | ||
1027 | .tap = { 2, 1, 3, 18 } | ||
1028 | }, { | ||
1029 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1030 | .klen = 8, | ||
1031 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
1032 | 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 }, | ||
1033 | .ilen = 16, | ||
1034 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
1035 | 0xf7, 0x9c, 0x89, 0x2a, 0x33, 0x8f, 0x4a, 0x8b }, | ||
1036 | .rlen = 16, | ||
1037 | .np = 5, | ||
1038 | .tap = { 2, 2, 2, 2, 8 } | ||
1039 | }, { | ||
1040 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1041 | .klen = 8, | ||
1042 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7 }, | ||
1043 | .ilen = 8, | ||
1044 | .result = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d }, | ||
1045 | .rlen = 8, | ||
1046 | .np = 8, | ||
1047 | .tap = { 1, 1, 1, 1, 1, 1, 1, 1 } | ||
1048 | }, | ||
1049 | }; | ||
1050 | |||
1051 | static struct cipher_testvec des_dec_tv_template[] = { | ||
1052 | { /* From Applied Cryptography */ | ||
1053 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1054 | .klen = 8, | ||
1055 | .input = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d }, | ||
1056 | .ilen = 8, | ||
1057 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7 }, | ||
1058 | .rlen = 8, | ||
1059 | }, { /* Sbox test from NBS */ | ||
1060 | .key = { 0x7c, 0xa1, 0x10, 0x45, 0x4a, 0x1a, 0x6e, 0x57 }, | ||
1061 | .klen = 8, | ||
1062 | .input = { 0x69, 0x0f, 0x5b, 0x0d, 0x9a, 0x26, 0x93, 0x9b }, | ||
1063 | .ilen = 8, | ||
1064 | .result = { 0x01, 0xa1, 0xd6, 0xd0, 0x39, 0x77, 0x67, 0x42 }, | ||
1065 | .rlen = 8, | ||
1066 | }, { /* Two blocks, for chunking test */ | ||
1067 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1068 | .klen = 8, | ||
1069 | .input = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
1070 | 0x69, 0x0f, 0x5b, 0x0d, 0x9a, 0x26, 0x93, 0x9b }, | ||
1071 | .ilen = 16, | ||
1072 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
1073 | 0xa3, 0x99, 0x7b, 0xca, 0xaf, 0x69, 0xa0, 0xf5 }, | ||
1074 | .rlen = 16, | ||
1075 | .np = 2, | ||
1076 | .tap = { 8, 8 } | ||
1077 | }, { | ||
1078 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1079 | .klen = 8, | ||
1080 | .input = { 0xc9, 0x57, 0x44, 0x25, 0x6a, 0x5e, 0xd3, 0x1d, | ||
1081 | 0x69, 0x0f, 0x5b, 0x0d, 0x9a, 0x26, 0x93, 0x9b }, | ||
1082 | .ilen = 16, | ||
1083 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7, | ||
1084 | 0xa3, 0x99, 0x7b, 0xca, 0xaf, 0x69, 0xa0, 0xf5 }, | ||
1085 | .rlen = 16, | ||
1086 | .np = 3, | ||
1087 | .tap = { 3, 12, 1 } | ||
1088 | }, | ||
1089 | }; | ||
1090 | |||
1091 | static struct cipher_testvec des_cbc_enc_tv_template[] = { | ||
1092 | { /* From OpenSSL */ | ||
1093 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, | ||
1094 | .klen = 8, | ||
1095 | .iv = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10}, | ||
1096 | .input = { 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, | ||
1097 | 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, | ||
1098 | 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20 }, | ||
1099 | .ilen = 24, | ||
1100 | .result = { 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, | ||
1101 | 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb, | ||
1102 | 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68 }, | ||
1103 | .rlen = 24, | ||
1104 | }, { /* FIPS Pub 81 */ | ||
1105 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1106 | .klen = 8, | ||
1107 | .iv = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }, | ||
1108 | .input = { 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74 }, | ||
1109 | .ilen = 8, | ||
1110 | .result = { 0xe5, 0xc7, 0xcd, 0xde, 0x87, 0x2b, 0xf2, 0x7c }, | ||
1111 | .rlen = 8, | ||
1112 | }, { | ||
1113 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1114 | .klen = 8, | ||
1115 | .iv = { 0xe5, 0xc7, 0xcd, 0xde, 0x87, 0x2b, 0xf2, 0x7c }, | ||
1116 | .input = { 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20 }, | ||
1117 | .ilen = 8, | ||
1118 | .result = { 0x43, 0xe9, 0x34, 0x00, 0x8c, 0x38, 0x9c, 0x0f }, | ||
1119 | .rlen = 8, | ||
1120 | }, { | ||
1121 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1122 | .klen = 8, | ||
1123 | .iv = { 0x43, 0xe9, 0x34, 0x00, 0x8c, 0x38, 0x9c, 0x0f }, | ||
1124 | .input = { 0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 }, | ||
1125 | .ilen = 8, | ||
1126 | .result = { 0x68, 0x37, 0x88, 0x49, 0x9a, 0x7c, 0x05, 0xf6 }, | ||
1127 | .rlen = 8, | ||
1128 | }, { /* Copy of openssl vector for chunk testing */ | ||
1129 | /* From OpenSSL */ | ||
1130 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, | ||
1131 | .klen = 8, | ||
1132 | .iv = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10}, | ||
1133 | .input = { 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, | ||
1134 | 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, | ||
1135 | 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20 }, | ||
1136 | .ilen = 24, | ||
1137 | .result = { 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, | ||
1138 | 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb, | ||
1139 | 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68 }, | ||
1140 | .rlen = 24, | ||
1141 | .np = 2, | ||
1142 | .tap = { 13, 11 } | ||
1143 | }, | ||
1144 | }; | ||
1145 | |||
1146 | static struct cipher_testvec des_cbc_dec_tv_template[] = { | ||
1147 | { /* FIPS Pub 81 */ | ||
1148 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1149 | .klen = 8, | ||
1150 | .iv = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }, | ||
1151 | .input = { 0xe5, 0xc7, 0xcd, 0xde, 0x87, 0x2b, 0xf2, 0x7c }, | ||
1152 | .ilen = 8, | ||
1153 | .result = { 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74 }, | ||
1154 | .rlen = 8, | ||
1155 | }, { | ||
1156 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1157 | .klen = 8, | ||
1158 | .iv = { 0xe5, 0xc7, 0xcd, 0xde, 0x87, 0x2b, 0xf2, 0x7c }, | ||
1159 | .input = { 0x43, 0xe9, 0x34, 0x00, 0x8c, 0x38, 0x9c, 0x0f }, | ||
1160 | .ilen = 8, | ||
1161 | .result = { 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20 }, | ||
1162 | .rlen = 8, | ||
1163 | }, { | ||
1164 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1165 | .klen = 8, | ||
1166 | .iv = { 0x43, 0xe9, 0x34, 0x00, 0x8c, 0x38, 0x9c, 0x0f }, | ||
1167 | .input = { 0x68, 0x37, 0x88, 0x49, 0x9a, 0x7c, 0x05, 0xf6 }, | ||
1168 | .ilen = 8, | ||
1169 | .result = { 0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 }, | ||
1170 | .rlen = 8, | ||
1171 | }, { /* Copy of above, for chunk testing */ | ||
1172 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1173 | .klen = 8, | ||
1174 | .iv = { 0x43, 0xe9, 0x34, 0x00, 0x8c, 0x38, 0x9c, 0x0f }, | ||
1175 | .input = { 0x68, 0x37, 0x88, 0x49, 0x9a, 0x7c, 0x05, 0xf6 }, | ||
1176 | .ilen = 8, | ||
1177 | .result = { 0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 }, | ||
1178 | .rlen = 8, | ||
1179 | .np = 2, | ||
1180 | .tap = { 4, 4 } | ||
1181 | }, | ||
1182 | }; | ||
1183 | |||
1184 | /* | ||
1185 | * We really need some more test vectors, especially for DES3 CBC. | ||
1186 | */ | ||
1187 | static struct cipher_testvec des3_ede_enc_tv_template[] = { | ||
1188 | { /* These are from openssl */ | ||
1189 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1190 | 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, | ||
1191 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10}, | ||
1192 | .klen = 24, | ||
1193 | .input = { 0x73, 0x6f, 0x6d, 0x65, 0x64, 0x61, 0x74, 0x61 }, | ||
1194 | .ilen = 8, | ||
1195 | .result = { 0x18, 0xd7, 0x48, 0xe5, 0x63, 0x62, 0x05, 0x72 }, | ||
1196 | .rlen = 8, | ||
1197 | }, { | ||
1198 | .key = { 0x03, 0x52, 0x02, 0x07, 0x67, 0x20, 0x82, 0x17, | ||
1199 | 0x86, 0x02, 0x87, 0x66, 0x59, 0x08, 0x21, 0x98, | ||
1200 | 0x64, 0x05, 0x6a, 0xbd, 0xfe, 0xa9, 0x34, 0x57 }, | ||
1201 | .klen = 24, | ||
1202 | .input = { 0x73, 0x71, 0x75, 0x69, 0x67, 0x67, 0x6c, 0x65 }, | ||
1203 | .ilen = 8, | ||
1204 | .result = { 0xc0, 0x7d, 0x2a, 0x0f, 0xa5, 0x66, 0xfa, 0x30 }, | ||
1205 | .rlen = 8, | ||
1206 | }, { | ||
1207 | .key = { 0x10, 0x46, 0x10, 0x34, 0x89, 0x98, 0x80, 0x20, | ||
1208 | 0x91, 0x07, 0xd0, 0x15, 0x89, 0x19, 0x01, 0x01, | ||
1209 | 0x19, 0x07, 0x92, 0x10, 0x98, 0x1a, 0x01, 0x01 }, | ||
1210 | .klen = 24, | ||
1211 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1212 | .ilen = 8, | ||
1213 | .result = { 0xe1, 0xef, 0x62, 0xc3, 0x32, 0xfe, 0x82, 0x5b }, | ||
1214 | .rlen = 8, | ||
1215 | }, | ||
1216 | }; | ||
1217 | |||
1218 | static struct cipher_testvec des3_ede_dec_tv_template[] = { | ||
1219 | { /* These are from openssl */ | ||
1220 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1221 | 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, | ||
1222 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10}, | ||
1223 | .klen = 24, | ||
1224 | .input = { 0x18, 0xd7, 0x48, 0xe5, 0x63, 0x62, 0x05, 0x72 }, | ||
1225 | .ilen = 8, | ||
1226 | .result = { 0x73, 0x6f, 0x6d, 0x65, 0x64, 0x61, 0x74, 0x61 }, | ||
1227 | .rlen = 8, | ||
1228 | }, { | ||
1229 | .key = { 0x03, 0x52, 0x02, 0x07, 0x67, 0x20, 0x82, 0x17, | ||
1230 | 0x86, 0x02, 0x87, 0x66, 0x59, 0x08, 0x21, 0x98, | ||
1231 | 0x64, 0x05, 0x6a, 0xbd, 0xfe, 0xa9, 0x34, 0x57 }, | ||
1232 | .klen = 24, | ||
1233 | .input = { 0xc0, 0x7d, 0x2a, 0x0f, 0xa5, 0x66, 0xfa, 0x30 }, | ||
1234 | .ilen = 8, | ||
1235 | .result = { 0x73, 0x71, 0x75, 0x69, 0x67, 0x67, 0x6c, 0x65 }, | ||
1236 | .rlen = 8, | ||
1237 | }, { | ||
1238 | .key = { 0x10, 0x46, 0x10, 0x34, 0x89, 0x98, 0x80, 0x20, | ||
1239 | 0x91, 0x07, 0xd0, 0x15, 0x89, 0x19, 0x01, 0x01, | ||
1240 | 0x19, 0x07, 0x92, 0x10, 0x98, 0x1a, 0x01, 0x01 }, | ||
1241 | .klen = 24, | ||
1242 | .input = { 0xe1, 0xef, 0x62, 0xc3, 0x32, 0xfe, 0x82, 0x5b }, | ||
1243 | .ilen = 8, | ||
1244 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1245 | .rlen = 8, | ||
1246 | }, | ||
1247 | }; | ||
1248 | |||
1249 | /* | ||
1250 | * Blowfish test vectors. | ||
1251 | */ | ||
1252 | #define BF_ENC_TEST_VECTORS 6 | ||
1253 | #define BF_DEC_TEST_VECTORS 6 | ||
1254 | #define BF_CBC_ENC_TEST_VECTORS 1 | ||
1255 | #define BF_CBC_DEC_TEST_VECTORS 1 | ||
1256 | |||
1257 | static struct cipher_testvec bf_enc_tv_template[] = { | ||
1258 | { /* DES test vectors from OpenSSL */ | ||
1259 | .key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }, | ||
1260 | .klen = 8, | ||
1261 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1262 | .ilen = 8, | ||
1263 | .result = { 0x4e, 0xf9, 0x97, 0x45, 0x61, 0x98, 0xdd, 0x78 }, | ||
1264 | .rlen = 8, | ||
1265 | }, { | ||
1266 | .key = { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e }, | ||
1267 | .klen = 8, | ||
1268 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1269 | .ilen = 8, | ||
1270 | .result = { 0xa7, 0x90, 0x79, 0x51, 0x08, 0xea, 0x3c, 0xae }, | ||
1271 | .rlen = 8, | ||
1272 | }, { | ||
1273 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }, | ||
1274 | .klen = 8, | ||
1275 | .input = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1276 | .ilen = 8, | ||
1277 | .result = { 0xe8, 0x7a, 0x24, 0x4e, 0x2c, 0xc8, 0x5e, 0x82 }, | ||
1278 | .rlen = 8, | ||
1279 | }, { /* Vary the keylength... */ | ||
1280 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1281 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f }, | ||
1282 | .klen = 16, | ||
1283 | .input = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1284 | .ilen = 8, | ||
1285 | .result = { 0x93, 0x14, 0x28, 0x87, 0xee, 0x3b, 0xe1, 0x5c }, | ||
1286 | .rlen = 8, | ||
1287 | }, { | ||
1288 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1289 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, | ||
1290 | 0x00, 0x11, 0x22, 0x33, 0x44 }, | ||
1291 | .klen = 21, | ||
1292 | .input = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1293 | .ilen = 8, | ||
1294 | .result = { 0xe6, 0xf5, 0x1e, 0xd7, 0x9b, 0x9d, 0xb2, 0x1f }, | ||
1295 | .rlen = 8, | ||
1296 | }, { /* Generated with bf488 */ | ||
1297 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1298 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, | ||
1299 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1300 | 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd, 0x3b, 0x2f, | ||
1301 | 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76, | ||
1302 | 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, | ||
1303 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | ||
1304 | .klen = 56, | ||
1305 | .input = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1306 | .ilen = 8, | ||
1307 | .result = { 0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53 }, | ||
1308 | .rlen = 8, | ||
1309 | }, | ||
1310 | }; | ||
1311 | |||
1312 | static struct cipher_testvec bf_dec_tv_template[] = { | ||
1313 | { /* DES test vectors from OpenSSL */ | ||
1314 | .key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1315 | .klen = 8, | ||
1316 | .input = { 0x4e, 0xf9, 0x97, 0x45, 0x61, 0x98, 0xdd, 0x78 }, | ||
1317 | .ilen = 8, | ||
1318 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1319 | .rlen = 8, | ||
1320 | }, { | ||
1321 | .key = { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e }, | ||
1322 | .klen = 8, | ||
1323 | .input = { 0xa7, 0x90, 0x79, 0x51, 0x08, 0xea, 0x3c, 0xae }, | ||
1324 | .ilen = 8, | ||
1325 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1326 | .rlen = 8, | ||
1327 | }, { | ||
1328 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }, | ||
1329 | .klen = 8, | ||
1330 | .input = { 0xe8, 0x7a, 0x24, 0x4e, 0x2c, 0xc8, 0x5e, 0x82 }, | ||
1331 | .ilen = 8, | ||
1332 | .result = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1333 | .rlen = 8, | ||
1334 | }, { /* Vary the keylength... */ | ||
1335 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1336 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f }, | ||
1337 | .klen = 16, | ||
1338 | .input = { 0x93, 0x14, 0x28, 0x87, 0xee, 0x3b, 0xe1, 0x5c }, | ||
1339 | .ilen = 8, | ||
1340 | .result = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1341 | .rlen = 8, | ||
1342 | }, { | ||
1343 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1344 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, | ||
1345 | 0x00, 0x11, 0x22, 0x33, 0x44 }, | ||
1346 | .klen = 21, | ||
1347 | .input = { 0xe6, 0xf5, 0x1e, 0xd7, 0x9b, 0x9d, 0xb2, 0x1f }, | ||
1348 | .ilen = 8, | ||
1349 | .result = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1350 | .rlen = 8, | ||
1351 | }, { /* Generated with bf488, using OpenSSL, Libgcrypt and Nettle */ | ||
1352 | .key = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, | ||
1353 | 0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, | ||
1354 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1355 | 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd, 0x3b, 0x2f, | ||
1356 | 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76, | ||
1357 | 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, | ||
1358 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | ||
1359 | .klen = 56, | ||
1360 | .input = { 0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53 }, | ||
1361 | .ilen = 8, | ||
1362 | .result = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1363 | .rlen = 8, | ||
1364 | }, | ||
1365 | }; | ||
1366 | |||
1367 | static struct cipher_testvec bf_cbc_enc_tv_template[] = { | ||
1368 | { /* From OpenSSL */ | ||
1369 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1370 | 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }, | ||
1371 | .klen = 16, | ||
1372 | .iv = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1373 | .input = { 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, | ||
1374 | 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, | ||
1375 | 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, | ||
1376 | 0x66, 0x6f, 0x72, 0x20, 0x00, 0x00, 0x00, 0x00 }, | ||
1377 | .ilen = 32, | ||
1378 | .result = { 0x6b, 0x77, 0xb4, 0xd6, 0x30, 0x06, 0xde, 0xe6, | ||
1379 | 0x05, 0xb1, 0x56, 0xe2, 0x74, 0x03, 0x97, 0x93, | ||
1380 | 0x58, 0xde, 0xb9, 0xe7, 0x15, 0x46, 0x16, 0xd9, | ||
1381 | 0x59, 0xf1, 0x65, 0x2b, 0xd5, 0xff, 0x92, 0xcc }, | ||
1382 | .rlen = 32, | ||
1383 | }, | ||
1384 | }; | ||
1385 | |||
1386 | static struct cipher_testvec bf_cbc_dec_tv_template[] = { | ||
1387 | { /* From OpenSSL */ | ||
1388 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1389 | 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }, | ||
1390 | .klen = 16, | ||
1391 | .iv = { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, | ||
1392 | .input = { 0x6b, 0x77, 0xb4, 0xd6, 0x30, 0x06, 0xde, 0xe6, | ||
1393 | 0x05, 0xb1, 0x56, 0xe2, 0x74, 0x03, 0x97, 0x93, | ||
1394 | 0x58, 0xde, 0xb9, 0xe7, 0x15, 0x46, 0x16, 0xd9, | ||
1395 | 0x59, 0xf1, 0x65, 0x2b, 0xd5, 0xff, 0x92, 0xcc }, | ||
1396 | .ilen = 32, | ||
1397 | .result = { 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, | ||
1398 | 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, | ||
1399 | 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, | ||
1400 | 0x66, 0x6f, 0x72, 0x20, 0x00, 0x00, 0x00, 0x00 }, | ||
1401 | .rlen = 32, | ||
1402 | }, | ||
1403 | }; | ||
1404 | |||
1405 | /* | ||
1406 | * Twofish test vectors. | ||
1407 | */ | ||
1408 | #define TF_ENC_TEST_VECTORS 3 | ||
1409 | #define TF_DEC_TEST_VECTORS 3 | ||
1410 | #define TF_CBC_ENC_TEST_VECTORS 4 | ||
1411 | #define TF_CBC_DEC_TEST_VECTORS 4 | ||
1412 | |||
1413 | static struct cipher_testvec tf_enc_tv_template[] = { | ||
1414 | { | ||
1415 | .key = { [0 ... 15] = 0x00 }, | ||
1416 | .klen = 16, | ||
1417 | .input = { [0 ... 15] = 0x00 }, | ||
1418 | .ilen = 16, | ||
1419 | .result = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1420 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1421 | .rlen = 16, | ||
1422 | }, { | ||
1423 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1424 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, | ||
1425 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, | ||
1426 | .klen = 24, | ||
1427 | .input = { [0 ... 15] = 0x00 }, | ||
1428 | .ilen = 16, | ||
1429 | .result = { 0xcf, 0xd1, 0xd2, 0xe5, 0xa9, 0xbe, 0x9c, 0xdf, | ||
1430 | 0x50, 0x1f, 0x13, 0xb8, 0x92, 0xbd, 0x22, 0x48 }, | ||
1431 | .rlen = 16, | ||
1432 | }, { | ||
1433 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1434 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, | ||
1435 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1436 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1437 | .klen = 32, | ||
1438 | .input = { [0 ... 15] = 0x00 }, | ||
1439 | .ilen = 16, | ||
1440 | .result = { 0x37, 0x52, 0x7b, 0xe0, 0x05, 0x23, 0x34, 0xb8, | ||
1441 | 0x9f, 0x0c, 0xfc, 0xca, 0xe8, 0x7c, 0xfa, 0x20 }, | ||
1442 | .rlen = 16, | ||
1443 | }, | ||
1444 | }; | ||
1445 | |||
1446 | static struct cipher_testvec tf_dec_tv_template[] = { | ||
1447 | { | ||
1448 | .key = { [0 ... 15] = 0x00 }, | ||
1449 | .klen = 16, | ||
1450 | .input = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1451 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1452 | .ilen = 16, | ||
1453 | .result = { [0 ... 15] = 0x00 }, | ||
1454 | .rlen = 16, | ||
1455 | }, { | ||
1456 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1457 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, | ||
1458 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, | ||
1459 | .klen = 24, | ||
1460 | .input = { 0xcf, 0xd1, 0xd2, 0xe5, 0xa9, 0xbe, 0x9c, 0xdf, | ||
1461 | 0x50, 0x1f, 0x13, 0xb8, 0x92, 0xbd, 0x22, 0x48 }, | ||
1462 | .ilen = 16, | ||
1463 | .result = { [0 ... 15] = 0x00 }, | ||
1464 | .rlen = 16, | ||
1465 | }, { | ||
1466 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, | ||
1467 | 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, | ||
1468 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1469 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1470 | .klen = 32, | ||
1471 | .input = { 0x37, 0x52, 0x7b, 0xe0, 0x05, 0x23, 0x34, 0xb8, | ||
1472 | 0x9f, 0x0c, 0xfc, 0xca, 0xe8, 0x7c, 0xfa, 0x20 }, | ||
1473 | .ilen = 16, | ||
1474 | .result = { [0 ... 15] = 0x00 }, | ||
1475 | .rlen = 16, | ||
1476 | }, | ||
1477 | }; | ||
1478 | |||
1479 | static struct cipher_testvec tf_cbc_enc_tv_template[] = { | ||
1480 | { /* Generated with Nettle */ | ||
1481 | .key = { [0 ... 15] = 0x00 }, | ||
1482 | .klen = 16, | ||
1483 | .iv = { [0 ... 15] = 0x00 }, | ||
1484 | .input = { [0 ... 15] = 0x00 }, | ||
1485 | .ilen = 16, | ||
1486 | .result = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1487 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1488 | .rlen = 16, | ||
1489 | }, { | ||
1490 | .key = { [0 ... 15] = 0x00 }, | ||
1491 | .klen = 16, | ||
1492 | .iv = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1493 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1494 | .input = { [0 ... 15] = 0x00 }, | ||
1495 | .ilen = 16, | ||
1496 | .result = { 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1497 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 }, | ||
1498 | .rlen = 16, | ||
1499 | }, { | ||
1500 | .key = { [0 ... 15] = 0x00 }, | ||
1501 | .klen = 16, | ||
1502 | .iv = { 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1503 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 }, | ||
1504 | .input = { [0 ... 15] = 0x00 }, | ||
1505 | .ilen = 16, | ||
1506 | .result = { 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26, | ||
1507 | 0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 }, | ||
1508 | .rlen = 16, | ||
1509 | }, { | ||
1510 | .key = { [0 ... 15] = 0x00 }, | ||
1511 | .klen = 16, | ||
1512 | .iv = { [0 ... 15] = 0x00 }, | ||
1513 | .input = { [0 ... 47] = 0x00 }, | ||
1514 | .ilen = 48, | ||
1515 | .result = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1516 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a, | ||
1517 | 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1518 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19, | ||
1519 | 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26, | ||
1520 | 0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 }, | ||
1521 | .rlen = 48, | ||
1522 | }, | ||
1523 | }; | ||
1524 | |||
1525 | static struct cipher_testvec tf_cbc_dec_tv_template[] = { | ||
1526 | { /* Reverse of the first four above */ | ||
1527 | .key = { [0 ... 15] = 0x00 }, | ||
1528 | .klen = 16, | ||
1529 | .iv = { [0 ... 15] = 0x00 }, | ||
1530 | .input = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1531 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1532 | .ilen = 16, | ||
1533 | .result = { [0 ... 15] = 0x00 }, | ||
1534 | .rlen = 16, | ||
1535 | }, { | ||
1536 | .key = { [0 ... 15] = 0x00 }, | ||
1537 | .klen = 16, | ||
1538 | .iv = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1539 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a }, | ||
1540 | .input = { 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1541 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 }, | ||
1542 | .ilen = 16, | ||
1543 | .result = { [0 ... 15] = 0x00 }, | ||
1544 | .rlen = 16, | ||
1545 | }, { | ||
1546 | .key = { [0 ... 15] = 0x00 }, | ||
1547 | .klen = 16, | ||
1548 | .iv = { 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1549 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 }, | ||
1550 | .input = { 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26, | ||
1551 | 0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 }, | ||
1552 | .ilen = 16, | ||
1553 | .result = { [0 ... 15] = 0x00 }, | ||
1554 | .rlen = 16, | ||
1555 | }, { | ||
1556 | .key = { [0 ... 15] = 0x00 }, | ||
1557 | .klen = 16, | ||
1558 | .iv = { [0 ... 15] = 0x00 }, | ||
1559 | .input = { 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32, | ||
1560 | 0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a, | ||
1561 | 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e, | ||
1562 | 0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19, | ||
1563 | 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26, | ||
1564 | 0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 }, | ||
1565 | .ilen = 48, | ||
1566 | .result = { [0 ... 47] = 0x00 }, | ||
1567 | .rlen = 48, | ||
1568 | }, | ||
1569 | }; | ||
1570 | |||
1571 | /* | ||
1572 | * Serpent test vectors. These are backwards because Serpent writes | ||
1573 | * octet sequences in right-to-left mode. | ||
1574 | */ | ||
1575 | #define SERPENT_ENC_TEST_VECTORS 4 | ||
1576 | #define SERPENT_DEC_TEST_VECTORS 4 | ||
1577 | |||
1578 | #define TNEPRES_ENC_TEST_VECTORS 4 | ||
1579 | #define TNEPRES_DEC_TEST_VECTORS 4 | ||
1580 | |||
1581 | static struct cipher_testvec serpent_enc_tv_template[] = | ||
1582 | { | ||
1583 | { | ||
1584 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1585 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1586 | .ilen = 16, | ||
1587 | .result = { 0x12, 0x07, 0xfc, 0xce, 0x9b, 0xd0, 0xd6, 0x47, | ||
1588 | 0x6a, 0xe9, 0x8f, 0xbe, 0xd1, 0x43, 0xa0, 0xe2 }, | ||
1589 | .rlen = 16, | ||
1590 | }, { | ||
1591 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1592 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1593 | .klen = 16, | ||
1594 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1595 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1596 | .ilen = 16, | ||
1597 | .result = { 0x4c, 0x7d, 0x8a, 0x32, 0x80, 0x72, 0xa2, 0x2c, | ||
1598 | 0x82, 0x3e, 0x4a, 0x1f, 0x3a, 0xcd, 0xa1, 0x6d }, | ||
1599 | .rlen = 16, | ||
1600 | }, { | ||
1601 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1602 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1603 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
1604 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
1605 | .klen = 32, | ||
1606 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1607 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1608 | .ilen = 16, | ||
1609 | .result = { 0xde, 0x26, 0x9f, 0xf8, 0x33, 0xe4, 0x32, 0xb8, | ||
1610 | 0x5b, 0x2e, 0x88, 0xd2, 0x70, 0x1c, 0xe7, 0x5c }, | ||
1611 | .rlen = 16, | ||
1612 | }, { | ||
1613 | .key = { [15] = 0x80 }, | ||
1614 | .klen = 16, | ||
1615 | .input = { [0 ... 15] = 0x00 }, | ||
1616 | .ilen = 16, | ||
1617 | .result = { 0xdd, 0xd2, 0x6b, 0x98, 0xa5, 0xff, 0xd8, 0x2c, | ||
1618 | 0x05, 0x34, 0x5a, 0x9d, 0xad, 0xbf, 0xaf, 0x49}, | ||
1619 | .rlen = 16, | ||
1620 | }, | ||
1621 | }; | ||
1622 | |||
1623 | static struct cipher_testvec tnepres_enc_tv_template[] = | ||
1624 | { | ||
1625 | { /* KeySize=128, PT=0, I=1 */ | ||
1626 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1627 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1628 | .key = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1629 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1630 | .klen = 16, | ||
1631 | .ilen = 16, | ||
1632 | .result = { 0x49, 0xaf, 0xbf, 0xad, 0x9d, 0x5a, 0x34, 0x05, | ||
1633 | 0x2c, 0xd8, 0xff, 0xa5, 0x98, 0x6b, 0xd2, 0xdd }, | ||
1634 | .rlen = 16, | ||
1635 | }, { /* KeySize=192, PT=0, I=1 */ | ||
1636 | .key = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1637 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1638 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1639 | .klen = 24, | ||
1640 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1641 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1642 | .ilen = 16, | ||
1643 | .result = { 0xe7, 0x8e, 0x54, 0x02, 0xc7, 0x19, 0x55, 0x68, | ||
1644 | 0xac, 0x36, 0x78, 0xf7, 0xa3, 0xf6, 0x0c, 0x66 }, | ||
1645 | .rlen = 16, | ||
1646 | }, { /* KeySize=256, PT=0, I=1 */ | ||
1647 | .key = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1648 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1649 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1650 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1651 | .klen = 32, | ||
1652 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
1653 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1654 | .ilen = 16, | ||
1655 | .result = { 0xab, 0xed, 0x96, 0xe7, 0x66, 0xbf, 0x28, 0xcb, | ||
1656 | 0xc0, 0xeb, 0xd2, 0x1a, 0x82, 0xef, 0x08, 0x19 }, | ||
1657 | .rlen = 16, | ||
1658 | }, { /* KeySize=256, I=257 */ | ||
1659 | .key = { 0x1f, 0x1e, 0x1d, 0x1c, 0x1b, 0x1a, 0x19, 0x18, | ||
1660 | 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, | ||
1661 | 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, | ||
1662 | 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 }, | ||
1663 | .klen = 32, | ||
1664 | .input = { 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, | ||
1665 | 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 }, | ||
1666 | .ilen = 16, | ||
1667 | .result = { 0x5c, 0xe7, 0x1c, 0x70, 0xd2, 0x88, 0x2e, 0x5b, | ||
1668 | 0xb8, 0x32, 0xe4, 0x33, 0xf8, 0x9f, 0x26, 0xde }, | ||
1669 | .rlen = 16, | ||
1670 | }, | ||
1671 | }; | ||
1672 | |||
1673 | |||
1674 | static struct cipher_testvec serpent_dec_tv_template[] = | ||
1675 | { | ||
1676 | { | ||
1677 | .input = { 0x12, 0x07, 0xfc, 0xce, 0x9b, 0xd0, 0xd6, 0x47, | ||
1678 | 0x6a, 0xe9, 0x8f, 0xbe, 0xd1, 0x43, 0xa0, 0xe2 }, | ||
1679 | .ilen = 16, | ||
1680 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1681 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1682 | .rlen = 16, | ||
1683 | }, { | ||
1684 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1685 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1686 | .klen = 16, | ||
1687 | .input = { 0x4c, 0x7d, 0x8a, 0x32, 0x80, 0x72, 0xa2, 0x2c, | ||
1688 | 0x82, 0x3e, 0x4a, 0x1f, 0x3a, 0xcd, 0xa1, 0x6d }, | ||
1689 | .ilen = 16, | ||
1690 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1691 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1692 | .rlen = 16, | ||
1693 | }, { | ||
1694 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1695 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1696 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
1697 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
1698 | .klen = 32, | ||
1699 | .input = { 0xde, 0x26, 0x9f, 0xf8, 0x33, 0xe4, 0x32, 0xb8, | ||
1700 | 0x5b, 0x2e, 0x88, 0xd2, 0x70, 0x1c, 0xe7, 0x5c }, | ||
1701 | .ilen = 16, | ||
1702 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1703 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1704 | .rlen = 16, | ||
1705 | }, { | ||
1706 | .key = { [15] = 0x80 }, | ||
1707 | .klen = 16, | ||
1708 | .input = { 0xdd, 0xd2, 0x6b, 0x98, 0xa5, 0xff, 0xd8, 0x2c, | ||
1709 | 0x05, 0x34, 0x5a, 0x9d, 0xad, 0xbf, 0xaf, 0x49}, | ||
1710 | .ilen = 16, | ||
1711 | .result = { [0 ... 15] = 0x00 }, | ||
1712 | .rlen = 16, | ||
1713 | }, | ||
1714 | }; | ||
1715 | |||
1716 | static struct cipher_testvec tnepres_dec_tv_template[] = | ||
1717 | { | ||
1718 | { | ||
1719 | .input = { 0x41, 0xcc, 0x6b, 0x31, 0x59, 0x31, 0x45, 0x97, | ||
1720 | 0x6d, 0x6f, 0xbb, 0x38, 0x4b, 0x37, 0x21, 0x28 }, | ||
1721 | .ilen = 16, | ||
1722 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1723 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1724 | .rlen = 16, | ||
1725 | }, { | ||
1726 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1727 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1728 | .klen = 16, | ||
1729 | .input = { 0xea, 0xf4, 0xd7, 0xfc, 0xd8, 0x01, 0x34, 0x47, | ||
1730 | 0x81, 0x45, 0x0b, 0xfa, 0x0c, 0xd6, 0xad, 0x6e }, | ||
1731 | .ilen = 16, | ||
1732 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1733 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1734 | .rlen = 16, | ||
1735 | }, { | ||
1736 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1737 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1738 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
1739 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
1740 | .klen = 32, | ||
1741 | .input = { 0x64, 0xa9, 0x1a, 0x37, 0xed, 0x9f, 0xe7, 0x49, | ||
1742 | 0xa8, 0x4e, 0x76, 0xd6, 0xf5, 0x0d, 0x78, 0xee }, | ||
1743 | .ilen = 16, | ||
1744 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1745 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1746 | .rlen = 16, | ||
1747 | }, { /* KeySize=128, I=121 */ | ||
1748 | .key = { [15] = 0x80 }, | ||
1749 | .klen = 16, | ||
1750 | .input = { 0x3d, 0xda, 0xbf, 0xc0, 0x06, 0xda, 0xab, 0x06, | ||
1751 | 0x46, 0x2a, 0xf4, 0xef, 0x81, 0x54, 0x4e, 0x26 }, | ||
1752 | .ilen = 16, | ||
1753 | .result = { [0 ... 15] = 0x00 }, | ||
1754 | .rlen = 16, | ||
1755 | }, | ||
1756 | }; | ||
1757 | |||
1758 | |||
1759 | /* Cast6 test vectors from RFC 2612 */ | ||
1760 | #define CAST6_ENC_TEST_VECTORS 3 | ||
1761 | #define CAST6_DEC_TEST_VECTORS 3 | ||
1762 | |||
1763 | static struct cipher_testvec cast6_enc_tv_template[] = | ||
1764 | { | ||
1765 | { | ||
1766 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1767 | 0x0a, 0xf7, 0x56, 0x47, 0xf2, 0x9f, 0x61, 0x5d }, | ||
1768 | .klen = 16, | ||
1769 | .input = { [0 ... 15] = 0x00 }, | ||
1770 | .ilen = 16, | ||
1771 | .result = { 0xc8, 0x42, 0xa0, 0x89, 0x72, 0xb4, 0x3d, 0x20, | ||
1772 | 0x83, 0x6c, 0x91, 0xd1, 0xb7, 0x53, 0x0f, 0x6b }, | ||
1773 | .rlen = 16, | ||
1774 | }, { | ||
1775 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1776 | 0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, | ||
1777 | 0xba, 0xc7, 0x7a, 0x77, 0x17, 0x94, 0x28, 0x63 }, | ||
1778 | .klen = 24, | ||
1779 | .input = { [0 ... 15] = 0x00 }, | ||
1780 | .ilen = 16, | ||
1781 | .result = { 0x1b, 0x38, 0x6c, 0x02, 0x10, 0xdc, 0xad, 0xcb, | ||
1782 | 0xdd, 0x0e, 0x41, 0xaa, 0x08, 0xa7, 0xa7, 0xe8 }, | ||
1783 | .rlen = 16, | ||
1784 | }, { | ||
1785 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1786 | 0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, | ||
1787 | 0x8d, 0x7c, 0x47, 0xce, 0x26, 0x49, 0x08, 0x46, | ||
1788 | 0x1c, 0xc1, 0xb5, 0x13, 0x7a, 0xe6, 0xb6, 0x04 }, | ||
1789 | .klen = 32, | ||
1790 | .input = { [0 ... 15] = 0x00 }, | ||
1791 | .ilen = 16, | ||
1792 | .result = { 0x4f, 0x6a, 0x20, 0x38, 0x28, 0x68, 0x97, 0xb9, | ||
1793 | 0xc9, 0x87, 0x01, 0x36, 0x55, 0x33, 0x17, 0xfa }, | ||
1794 | .rlen = 16, | ||
1795 | }, | ||
1796 | }; | ||
1797 | |||
1798 | static struct cipher_testvec cast6_dec_tv_template[] = | ||
1799 | { | ||
1800 | { | ||
1801 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1802 | 0x0a, 0xf7, 0x56, 0x47, 0xf2, 0x9f, 0x61, 0x5d }, | ||
1803 | .klen = 16, | ||
1804 | .input = { 0xc8, 0x42, 0xa0, 0x89, 0x72, 0xb4, 0x3d, 0x20, | ||
1805 | 0x83, 0x6c, 0x91, 0xd1, 0xb7, 0x53, 0x0f, 0x6b }, | ||
1806 | .ilen = 16, | ||
1807 | .result = { [0 ... 15] = 0x00 }, | ||
1808 | .rlen = 16, | ||
1809 | }, { | ||
1810 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1811 | 0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, | ||
1812 | 0xba, 0xc7, 0x7a, 0x77, 0x17, 0x94, 0x28, 0x63 }, | ||
1813 | .klen = 24, | ||
1814 | .input = { 0x1b, 0x38, 0x6c, 0x02, 0x10, 0xdc, 0xad, 0xcb, | ||
1815 | 0xdd, 0x0e, 0x41, 0xaa, 0x08, 0xa7, 0xa7, 0xe8 }, | ||
1816 | .ilen = 16, | ||
1817 | .result = { [0 ... 15] = 0x00 }, | ||
1818 | .rlen = 16, | ||
1819 | }, { | ||
1820 | .key = { 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, | ||
1821 | 0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, | ||
1822 | 0x8d, 0x7c, 0x47, 0xce, 0x26, 0x49, 0x08, 0x46, | ||
1823 | 0x1c, 0xc1, 0xb5, 0x13, 0x7a, 0xe6, 0xb6, 0x04 }, | ||
1824 | .klen = 32, | ||
1825 | .input = { 0x4f, 0x6a, 0x20, 0x38, 0x28, 0x68, 0x97, 0xb9, | ||
1826 | 0xc9, 0x87, 0x01, 0x36, 0x55, 0x33, 0x17, 0xfa }, | ||
1827 | .ilen = 16, | ||
1828 | .result = { [0 ... 15] = 0x00 }, | ||
1829 | .rlen = 16, | ||
1830 | }, | ||
1831 | }; | ||
1832 | |||
1833 | |||
1834 | /* | ||
1835 | * AES test vectors. | ||
1836 | */ | ||
1837 | #define AES_ENC_TEST_VECTORS 3 | ||
1838 | #define AES_DEC_TEST_VECTORS 3 | ||
1839 | |||
1840 | static struct cipher_testvec aes_enc_tv_template[] = { | ||
1841 | { /* From FIPS-197 */ | ||
1842 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1843 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1844 | .klen = 16, | ||
1845 | .input = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1846 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1847 | .ilen = 16, | ||
1848 | .result = { 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, | ||
1849 | 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a }, | ||
1850 | .rlen = 16, | ||
1851 | }, { | ||
1852 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1853 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1854 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, | ||
1855 | .klen = 24, | ||
1856 | .input = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1857 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1858 | .ilen = 16, | ||
1859 | .result = { 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0, | ||
1860 | 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91 }, | ||
1861 | .rlen = 16, | ||
1862 | }, { | ||
1863 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1864 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1865 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
1866 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
1867 | .klen = 32, | ||
1868 | .input = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1869 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1870 | .ilen = 16, | ||
1871 | .result = { 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, | ||
1872 | 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89 }, | ||
1873 | .rlen = 16, | ||
1874 | }, | ||
1875 | }; | ||
1876 | |||
1877 | static struct cipher_testvec aes_dec_tv_template[] = { | ||
1878 | { /* From FIPS-197 */ | ||
1879 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1880 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
1881 | .klen = 16, | ||
1882 | .input = { 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, | ||
1883 | 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a }, | ||
1884 | .ilen = 16, | ||
1885 | .result = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1886 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1887 | .rlen = 16, | ||
1888 | }, { | ||
1889 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1890 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1891 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, | ||
1892 | .klen = 24, | ||
1893 | .input = { 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0, | ||
1894 | 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91 }, | ||
1895 | .ilen = 16, | ||
1896 | .result = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1897 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1898 | .rlen = 16, | ||
1899 | }, { | ||
1900 | .key = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
1901 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
1902 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
1903 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
1904 | .klen = 32, | ||
1905 | .input = { 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, | ||
1906 | 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89 }, | ||
1907 | .ilen = 16, | ||
1908 | .result = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
1909 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
1910 | .rlen = 16, | ||
1911 | }, | ||
1912 | }; | ||
1913 | |||
1914 | /* Cast5 test vectors from RFC 2144 */ | ||
1915 | #define CAST5_ENC_TEST_VECTORS 3 | ||
1916 | #define CAST5_DEC_TEST_VECTORS 3 | ||
1917 | |||
1918 | static struct cipher_testvec cast5_enc_tv_template[] = | ||
1919 | { | ||
1920 | { | ||
1921 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, | ||
1922 | 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9a }, | ||
1923 | .klen = 16, | ||
1924 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1925 | .ilen = 8, | ||
1926 | .result = { 0x23, 0x8b, 0x4f, 0xe5, 0x84, 0x7e, 0x44, 0xb2 }, | ||
1927 | .rlen = 8, | ||
1928 | }, { | ||
1929 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, | ||
1930 | 0x23, 0x45 }, | ||
1931 | .klen = 10, | ||
1932 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1933 | .ilen = 8, | ||
1934 | .result = { 0xeb, 0x6a, 0x71, 0x1a, 0x2c, 0x02, 0x27, 0x1b }, | ||
1935 | .rlen = 8, | ||
1936 | }, { | ||
1937 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12 }, | ||
1938 | .klen = 5, | ||
1939 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1940 | .ilen = 8, | ||
1941 | .result = { 0x7a, 0xc8, 0x16, 0xd1, 0x6e, 0x9b, 0x30, 0x2e }, | ||
1942 | .rlen = 8, | ||
1943 | }, | ||
1944 | }; | ||
1945 | |||
1946 | static struct cipher_testvec cast5_dec_tv_template[] = | ||
1947 | { | ||
1948 | { | ||
1949 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, | ||
1950 | 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9a }, | ||
1951 | .klen = 16, | ||
1952 | .input = { 0x23, 0x8b, 0x4f, 0xe5, 0x84, 0x7e, 0x44, 0xb2 }, | ||
1953 | .ilen = 8, | ||
1954 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1955 | .rlen = 8, | ||
1956 | }, { | ||
1957 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, | ||
1958 | 0x23, 0x45 }, | ||
1959 | .klen = 10, | ||
1960 | .input = { 0xeb, 0x6a, 0x71, 0x1a, 0x2c, 0x02, 0x27, 0x1b }, | ||
1961 | .ilen = 8, | ||
1962 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1963 | .rlen = 8, | ||
1964 | }, { | ||
1965 | .key = { 0x01, 0x23, 0x45, 0x67, 0x12 }, | ||
1966 | .klen = 5, | ||
1967 | .input = { 0x7a, 0xc8, 0x16, 0xd1, 0x6e, 0x9b, 0x30, 0x2e }, | ||
1968 | .ilen = 8, | ||
1969 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1970 | .rlen = 8, | ||
1971 | }, | ||
1972 | }; | ||
1973 | |||
1974 | /* | ||
1975 | * ARC4 test vectors from OpenSSL | ||
1976 | */ | ||
1977 | #define ARC4_ENC_TEST_VECTORS 7 | ||
1978 | #define ARC4_DEC_TEST_VECTORS 7 | ||
1979 | |||
1980 | static struct cipher_testvec arc4_enc_tv_template[] = | ||
1981 | { | ||
1982 | { | ||
1983 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1984 | .klen = 8, | ||
1985 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1986 | .ilen = 8, | ||
1987 | .result = { 0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96 }, | ||
1988 | .rlen = 8, | ||
1989 | }, { | ||
1990 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
1991 | .klen = 8, | ||
1992 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1993 | .ilen = 8, | ||
1994 | .result = { 0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79 }, | ||
1995 | .rlen = 8, | ||
1996 | }, { | ||
1997 | .key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
1998 | .klen = 8, | ||
1999 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2000 | .ilen = 8, | ||
2001 | .result = { 0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a }, | ||
2002 | .rlen = 8, | ||
2003 | }, { | ||
2004 | .key = { 0xef, 0x01, 0x23, 0x45}, | ||
2005 | .klen = 4, | ||
2006 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2007 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2008 | 0x00, 0x00, 0x00, 0x00 }, | ||
2009 | .ilen = 20, | ||
2010 | .result = { 0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, | ||
2011 | 0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba, | ||
2012 | 0x36, 0xb6, 0x78, 0x58 }, | ||
2013 | .rlen = 20, | ||
2014 | }, { | ||
2015 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
2016 | .klen = 8, | ||
2017 | .input = { 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2018 | 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2019 | 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2020 | 0x12, 0x34, 0x56, 0x78 }, | ||
2021 | .ilen = 28, | ||
2022 | .result = { 0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89, | ||
2023 | 0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c, | ||
2024 | 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87, | ||
2025 | 0x40, 0x01, 0x1e, 0xcf }, | ||
2026 | .rlen = 28, | ||
2027 | }, { | ||
2028 | .key = { 0xef, 0x01, 0x23, 0x45 }, | ||
2029 | .klen = 4, | ||
2030 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2031 | 0x00, 0x00 }, | ||
2032 | .ilen = 10, | ||
2033 | .result = { 0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, | ||
2034 | 0xbd, 0x61 }, | ||
2035 | .rlen = 10, | ||
2036 | }, { | ||
2037 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, | ||
2038 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2039 | .klen = 16, | ||
2040 | .input = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, | ||
2041 | .ilen = 8, | ||
2042 | .result = { 0x69, 0x72, 0x36, 0x59, 0x1B, 0x52, 0x42, 0xB1 }, | ||
2043 | .rlen = 8, | ||
2044 | }, | ||
2045 | }; | ||
2046 | |||
2047 | static struct cipher_testvec arc4_dec_tv_template[] = | ||
2048 | { | ||
2049 | { | ||
2050 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
2051 | .klen = 8, | ||
2052 | .input = { 0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96 }, | ||
2053 | .ilen = 8, | ||
2054 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
2055 | .rlen = 8, | ||
2056 | }, { | ||
2057 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
2058 | .klen = 8, | ||
2059 | .input = { 0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79 }, | ||
2060 | .ilen = 8, | ||
2061 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2062 | .rlen = 8, | ||
2063 | }, { | ||
2064 | .key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2065 | .klen = 8, | ||
2066 | .input = { 0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a }, | ||
2067 | .ilen = 8, | ||
2068 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2069 | .rlen = 8, | ||
2070 | }, { | ||
2071 | .key = { 0xef, 0x01, 0x23, 0x45}, | ||
2072 | .klen = 4, | ||
2073 | .input = { 0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, | ||
2074 | 0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba, | ||
2075 | 0x36, 0xb6, 0x78, 0x58 }, | ||
2076 | .ilen = 20, | ||
2077 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2078 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2079 | 0x00, 0x00, 0x00, 0x00 }, | ||
2080 | .rlen = 20, | ||
2081 | }, { | ||
2082 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }, | ||
2083 | .klen = 8, | ||
2084 | .input = { 0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89, | ||
2085 | 0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c, | ||
2086 | 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87, | ||
2087 | 0x40, 0x01, 0x1e, 0xcf }, | ||
2088 | .ilen = 28, | ||
2089 | .result = { 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2090 | 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2091 | 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, | ||
2092 | 0x12, 0x34, 0x56, 0x78 }, | ||
2093 | .rlen = 28, | ||
2094 | }, { | ||
2095 | .key = { 0xef, 0x01, 0x23, 0x45 }, | ||
2096 | .klen = 4, | ||
2097 | .input = { 0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, | ||
2098 | 0xbd, 0x61 }, | ||
2099 | .ilen = 10, | ||
2100 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2101 | 0x00, 0x00 }, | ||
2102 | .rlen = 10, | ||
2103 | }, { | ||
2104 | .key = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, | ||
2105 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2106 | .klen = 16, | ||
2107 | .input = { 0x69, 0x72, 0x36, 0x59, 0x1B, 0x52, 0x42, 0xB1 }, | ||
2108 | .ilen = 8, | ||
2109 | .result = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, | ||
2110 | .rlen = 8, | ||
2111 | }, | ||
2112 | }; | ||
2113 | |||
2114 | /* | ||
2115 | * TEA test vectors | ||
2116 | */ | ||
2117 | #define TEA_ENC_TEST_VECTORS 4 | ||
2118 | #define TEA_DEC_TEST_VECTORS 4 | ||
2119 | |||
2120 | static struct cipher_testvec tea_enc_tv_template[] = | ||
2121 | { | ||
2122 | { | ||
2123 | .key = { [0 ... 15] = 0x00 }, | ||
2124 | .klen = 16, | ||
2125 | .input = { [0 ... 8] = 0x00 }, | ||
2126 | .ilen = 8, | ||
2127 | .result = { 0x0a, 0x3a, 0xea, 0x41, 0x40, 0xa9, 0xba, 0x94 }, | ||
2128 | .rlen = 8, | ||
2129 | }, { | ||
2130 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | ||
2131 | 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | ||
2132 | .klen = 16, | ||
2133 | .input = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | ||
2134 | .ilen = 8, | ||
2135 | .result = { 0x77, 0x5d, 0x2a, 0x6a, 0xf6, 0xce, 0x92, 0x09 }, | ||
2136 | .rlen = 8, | ||
2137 | }, { | ||
2138 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | ||
2139 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | ||
2140 | .klen = 16, | ||
2141 | .input = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | ||
2142 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | ||
2143 | .ilen = 16, | ||
2144 | .result = { 0xbe, 0x7a, 0xbb, 0x81, 0x95, 0x2d, 0x1f, 0x1e, | ||
2145 | 0xdd, 0x89, 0xa1, 0x25, 0x04, 0x21, 0xdf, 0x95 }, | ||
2146 | .rlen = 16, | ||
2147 | }, { | ||
2148 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | ||
2149 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | ||
2150 | .klen = 16, | ||
2151 | .input = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | ||
2152 | 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | ||
2153 | 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | ||
2154 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | ||
2155 | .ilen = 32, | ||
2156 | .result = { 0xe0, 0x4d, 0x5d, 0x3c, 0xb7, 0x8c, 0x36, 0x47, | ||
2157 | 0x94, 0x18, 0x95, 0x91, 0xa9, 0xfc, 0x49, 0xf8, | ||
2158 | 0x44, 0xd1, 0x2d, 0xc2, 0x99, 0xb8, 0x08, 0x2a, | ||
2159 | 0x07, 0x89, 0x73, 0xc2, 0x45, 0x92, 0xc6, 0x90 }, | ||
2160 | .rlen = 32, | ||
2161 | } | ||
2162 | }; | ||
2163 | |||
2164 | static struct cipher_testvec tea_dec_tv_template[] = | ||
2165 | { | ||
2166 | { | ||
2167 | .key = { [0 ... 15] = 0x00 }, | ||
2168 | .klen = 16, | ||
2169 | .input = { 0x0a, 0x3a, 0xea, 0x41, 0x40, 0xa9, 0xba, 0x94 }, | ||
2170 | .ilen = 8, | ||
2171 | .result = { [0 ... 8] = 0x00 }, | ||
2172 | .rlen = 8, | ||
2173 | }, { | ||
2174 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | ||
2175 | 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | ||
2176 | .klen = 16, | ||
2177 | .input = { 0x77, 0x5d, 0x2a, 0x6a, 0xf6, 0xce, 0x92, 0x09 }, | ||
2178 | .ilen = 8, | ||
2179 | .result = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | ||
2180 | .rlen = 8, | ||
2181 | }, { | ||
2182 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | ||
2183 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | ||
2184 | .klen = 16, | ||
2185 | .input = { 0xbe, 0x7a, 0xbb, 0x81, 0x95, 0x2d, 0x1f, 0x1e, | ||
2186 | 0xdd, 0x89, 0xa1, 0x25, 0x04, 0x21, 0xdf, 0x95 }, | ||
2187 | .ilen = 16, | ||
2188 | .result = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | ||
2189 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | ||
2190 | .rlen = 16, | ||
2191 | }, { | ||
2192 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | ||
2193 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | ||
2194 | .klen = 16, | ||
2195 | .input = { 0xe0, 0x4d, 0x5d, 0x3c, 0xb7, 0x8c, 0x36, 0x47, | ||
2196 | 0x94, 0x18, 0x95, 0x91, 0xa9, 0xfc, 0x49, 0xf8, | ||
2197 | 0x44, 0xd1, 0x2d, 0xc2, 0x99, 0xb8, 0x08, 0x2a, | ||
2198 | 0x07, 0x89, 0x73, 0xc2, 0x45, 0x92, 0xc6, 0x90 }, | ||
2199 | .ilen = 32, | ||
2200 | .result = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | ||
2201 | 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | ||
2202 | 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | ||
2203 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | ||
2204 | .rlen = 32, | ||
2205 | } | ||
2206 | }; | ||
2207 | |||
2208 | /* | ||
2209 | * XTEA test vectors | ||
2210 | */ | ||
2211 | #define XTEA_ENC_TEST_VECTORS 4 | ||
2212 | #define XTEA_DEC_TEST_VECTORS 4 | ||
2213 | |||
2214 | static struct cipher_testvec xtea_enc_tv_template[] = | ||
2215 | { | ||
2216 | { | ||
2217 | .key = { [0 ... 15] = 0x00 }, | ||
2218 | .klen = 16, | ||
2219 | .input = { [0 ... 8] = 0x00 }, | ||
2220 | .ilen = 8, | ||
2221 | .result = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | ||
2222 | .rlen = 8, | ||
2223 | }, { | ||
2224 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | ||
2225 | 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | ||
2226 | .klen = 16, | ||
2227 | .input = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | ||
2228 | .ilen = 8, | ||
2229 | .result = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | ||
2230 | .rlen = 8, | ||
2231 | }, { | ||
2232 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | ||
2233 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | ||
2234 | .klen = 16, | ||
2235 | .input = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | ||
2236 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | ||
2237 | .ilen = 16, | ||
2238 | .result = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | ||
2239 | 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, | ||
2240 | .rlen = 16, | ||
2241 | }, { | ||
2242 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | ||
2243 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | ||
2244 | .klen = 16, | ||
2245 | .input = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | ||
2246 | 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | ||
2247 | 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | ||
2248 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | ||
2249 | .ilen = 32, | ||
2250 | .result = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | ||
2251 | 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | ||
2252 | 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | ||
2253 | 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | ||
2254 | .rlen = 32, | ||
2255 | } | ||
2256 | }; | ||
2257 | |||
2258 | static struct cipher_testvec xtea_dec_tv_template[] = | ||
2259 | { | ||
2260 | { | ||
2261 | .key = { [0 ... 15] = 0x00 }, | ||
2262 | .klen = 16, | ||
2263 | .input = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | ||
2264 | .ilen = 8, | ||
2265 | .result = { [0 ... 8] = 0x00 }, | ||
2266 | .rlen = 8, | ||
2267 | }, { | ||
2268 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | ||
2269 | 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | ||
2270 | .klen = 16, | ||
2271 | .input = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | ||
2272 | .ilen = 8, | ||
2273 | .result = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | ||
2274 | .rlen = 8, | ||
2275 | }, { | ||
2276 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | ||
2277 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | ||
2278 | .klen = 16, | ||
2279 | .input = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | ||
2280 | 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, | ||
2281 | .ilen = 16, | ||
2282 | .result = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | ||
2283 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | ||
2284 | .rlen = 16, | ||
2285 | }, { | ||
2286 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | ||
2287 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | ||
2288 | .klen = 16, | ||
2289 | .input = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | ||
2290 | 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | ||
2291 | 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | ||
2292 | 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | ||
2293 | .ilen = 32, | ||
2294 | .result = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | ||
2295 | 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | ||
2296 | 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | ||
2297 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | ||
2298 | .rlen = 32, | ||
2299 | } | ||
2300 | }; | ||
2301 | |||
2302 | /* | ||
2303 | * KHAZAD test vectors. | ||
2304 | */ | ||
2305 | #define KHAZAD_ENC_TEST_VECTORS 5 | ||
2306 | #define KHAZAD_DEC_TEST_VECTORS 5 | ||
2307 | |||
2308 | static struct cipher_testvec khazad_enc_tv_template[] = { | ||
2309 | { | ||
2310 | .key = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2311 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2312 | .klen = 16, | ||
2313 | .input = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2314 | .ilen = 8, | ||
2315 | .result = { 0x49, 0xa4, 0xce, 0x32, 0xac, 0x19, 0x0e, 0x3f }, | ||
2316 | .rlen = 8, | ||
2317 | }, { | ||
2318 | .key = { 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, | ||
2319 | 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38 }, | ||
2320 | .klen = 16, | ||
2321 | .input = { 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38 }, | ||
2322 | .ilen = 8, | ||
2323 | .result = { 0x7e, 0x82, 0x12, 0xa1, 0Xd9, 0X5b, 0Xe4, 0Xf9 }, | ||
2324 | .rlen = 8, | ||
2325 | }, { | ||
2326 | .key = { 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, | ||
2327 | 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2 }, | ||
2328 | .klen = 16, | ||
2329 | .input = { 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2 }, | ||
2330 | .ilen = 8, | ||
2331 | .result = { 0Xaa, 0Xbe, 0Xc1, 0X95, 0Xc5, 0X94, 0X1a, 0X9c }, | ||
2332 | .rlen = 8, | ||
2333 | }, { | ||
2334 | .key = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, | ||
2335 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2336 | .klen = 16, | ||
2337 | .input = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2338 | .ilen = 8, | ||
2339 | .result = { 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 }, | ||
2340 | .rlen = 8, | ||
2341 | }, { | ||
2342 | .key = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, | ||
2343 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2344 | .klen = 16, | ||
2345 | .input = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f , | ||
2346 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2347 | .ilen = 16, | ||
2348 | .result = { 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 , | ||
2349 | 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 }, | ||
2350 | .rlen = 16, | ||
2351 | }, | ||
2352 | }; | ||
2353 | |||
2354 | static struct cipher_testvec khazad_dec_tv_template[] = { | ||
2355 | { | ||
2356 | .key = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
2357 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2358 | .klen = 16, | ||
2359 | .input = { 0X49, 0Xa4, 0Xce, 0X32, 0Xac, 0X19, 0X0e, 0X3f }, | ||
2360 | .ilen = 8, | ||
2361 | .result = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2362 | .rlen = 8, | ||
2363 | }, { | ||
2364 | .key = { 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, | ||
2365 | 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38 }, | ||
2366 | .klen = 16, | ||
2367 | .input = { 0X7e, 0X82, 0X12, 0Xa1, 0Xd9, 0X5b, 0Xe4, 0Xf9 }, | ||
2368 | .ilen = 8, | ||
2369 | .result = { 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38, 0x38 }, | ||
2370 | .rlen = 8, | ||
2371 | }, { | ||
2372 | .key = { 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, | ||
2373 | 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2 }, | ||
2374 | .klen = 16, | ||
2375 | .input = { 0Xaa, 0Xbe, 0Xc1, 0X95, 0Xc5, 0X94, 0X1a, 0X9c }, | ||
2376 | .ilen = 8, | ||
2377 | .result = { 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2, 0Xa2 }, | ||
2378 | .rlen = 8, | ||
2379 | }, { | ||
2380 | .key = { 0x2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, | ||
2381 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2382 | .klen = 16, | ||
2383 | .input = { 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 }, | ||
2384 | .ilen = 8, | ||
2385 | .result = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2386 | .rlen = 8, | ||
2387 | }, { | ||
2388 | .key = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, | ||
2389 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2390 | .klen = 16, | ||
2391 | .input = { 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 , | ||
2392 | 0X04, 0X74, 0Xf5, 0X70, 0X50, 0X16, 0Xd3, 0Xb8 }, | ||
2393 | .ilen = 16, | ||
2394 | .result = { 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f , | ||
2395 | 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f, 0X2f }, | ||
2396 | .rlen = 16, | ||
2397 | }, | ||
2398 | }; | ||
2399 | |||
2400 | /* | ||
2401 | * Anubis test vectors. | ||
2402 | */ | ||
2403 | |||
2404 | #define ANUBIS_ENC_TEST_VECTORS 5 | ||
2405 | #define ANUBIS_DEC_TEST_VECTORS 5 | ||
2406 | #define ANUBIS_CBC_ENC_TEST_VECTORS 2 | ||
2407 | #define ANUBIS_CBC_DEC_TEST_VECTORS 2 | ||
2408 | |||
2409 | static struct cipher_testvec anubis_enc_tv_template[] = { | ||
2410 | { | ||
2411 | .key = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2412 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2413 | .klen = 16, | ||
2414 | .input = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2415 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2416 | .ilen = 16, | ||
2417 | .result = { 0x6d, 0xc5, 0xda, 0xa2, 0x26, 0x7d, 0x62, 0x6f, | ||
2418 | 0x08, 0xb7, 0x52, 0x8e, 0x6e, 0x6e, 0x86, 0x90 }, | ||
2419 | .rlen = 16, | ||
2420 | }, { | ||
2421 | |||
2422 | .key = { 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2423 | 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2424 | 0x03, 0x03, 0x03, 0x03 }, | ||
2425 | .klen = 20, | ||
2426 | .input = { 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2427 | 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 }, | ||
2428 | .ilen = 16, | ||
2429 | .result = { 0xdb, 0xf1, 0x42, 0xf4, 0xd1, 0x8a, 0xc7, 0x49, | ||
2430 | 0x87, 0x41, 0x6f, 0x82, 0x0a, 0x98, 0x64, 0xae }, | ||
2431 | .rlen = 16, | ||
2432 | }, { | ||
2433 | .key = { 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2434 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2435 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2436 | 0x24, 0x24, 0x24, 0x24 }, | ||
2437 | .klen = 28, | ||
2438 | .input = { 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2439 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24 }, | ||
2440 | .ilen = 16, | ||
2441 | .result = { 0xfd, 0x1b, 0x4a, 0xe3, 0xbf, 0xf0, 0xad, 0x3d, | ||
2442 | 0x06, 0xd3, 0x61, 0x27, 0xfd, 0x13, 0x9e, 0xde }, | ||
2443 | .rlen = 16, | ||
2444 | }, { | ||
2445 | .key = { 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2446 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2447 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2448 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25 }, | ||
2449 | .klen = 32, | ||
2450 | .input = { 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2451 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25 }, | ||
2452 | .ilen = 16, | ||
2453 | .result = { 0x1a, 0x91, 0xfb, 0x2b, 0xb7, 0x78, 0x6b, 0xc4, | ||
2454 | 0x17, 0xd9, 0xff, 0x40, 0x3b, 0x0e, 0xe5, 0xfe }, | ||
2455 | .rlen = 16, | ||
2456 | }, { | ||
2457 | .key = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2458 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2459 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2460 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2461 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2462 | .klen = 40, | ||
2463 | .input = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2464 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2465 | .ilen = 16, | ||
2466 | .result = { 0xa5, 0x2c, 0x85, 0x6f, 0x9c, 0xba, 0xa0, 0x97, | ||
2467 | 0x9e, 0xc6, 0x84, 0x0f, 0x17, 0x21, 0x07, 0xee }, | ||
2468 | .rlen = 16, | ||
2469 | }, | ||
2470 | }; | ||
2471 | |||
2472 | static struct cipher_testvec anubis_dec_tv_template[] = { | ||
2473 | { | ||
2474 | .key = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2475 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2476 | .klen = 16, | ||
2477 | .input = { 0x6d, 0xc5, 0xda, 0xa2, 0x26, 0x7d, 0x62, 0x6f, | ||
2478 | 0x08, 0xb7, 0x52, 0x8e, 0x6e, 0x6e, 0x86, 0x90 }, | ||
2479 | .ilen = 16, | ||
2480 | .result = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2481 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2482 | .rlen = 16, | ||
2483 | }, { | ||
2484 | |||
2485 | .key = { 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2486 | 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2487 | 0x03, 0x03, 0x03, 0x03 }, | ||
2488 | .klen = 20, | ||
2489 | .input = { 0xdb, 0xf1, 0x42, 0xf4, 0xd1, 0x8a, 0xc7, 0x49, | ||
2490 | 0x87, 0x41, 0x6f, 0x82, 0x0a, 0x98, 0x64, 0xae }, | ||
2491 | .ilen = 16, | ||
2492 | .result = { 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, | ||
2493 | 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 }, | ||
2494 | .rlen = 16, | ||
2495 | }, { | ||
2496 | .key = { 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2497 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2498 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2499 | 0x24, 0x24, 0x24, 0x24 }, | ||
2500 | .klen = 28, | ||
2501 | .input = { 0xfd, 0x1b, 0x4a, 0xe3, 0xbf, 0xf0, 0xad, 0x3d, | ||
2502 | 0x06, 0xd3, 0x61, 0x27, 0xfd, 0x13, 0x9e, 0xde }, | ||
2503 | .ilen = 16, | ||
2504 | .result = { 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, | ||
2505 | 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24, 0x24 }, | ||
2506 | .rlen = 16, | ||
2507 | }, { | ||
2508 | .key = { 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2509 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2510 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2511 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25 }, | ||
2512 | .klen = 32, | ||
2513 | .input = { 0x1a, 0x91, 0xfb, 0x2b, 0xb7, 0x78, 0x6b, 0xc4, | ||
2514 | 0x17, 0xd9, 0xff, 0x40, 0x3b, 0x0e, 0xe5, 0xfe }, | ||
2515 | .ilen = 16, | ||
2516 | .result = { 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, | ||
2517 | 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25, 0x25 }, | ||
2518 | .rlen = 16, | ||
2519 | }, { | ||
2520 | .key = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2521 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2522 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2523 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2524 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2525 | .input = { 0xa5, 0x2c, 0x85, 0x6f, 0x9c, 0xba, 0xa0, 0x97, | ||
2526 | 0x9e, 0xc6, 0x84, 0x0f, 0x17, 0x21, 0x07, 0xee }, | ||
2527 | .klen = 40, | ||
2528 | .ilen = 16, | ||
2529 | .result = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2530 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2531 | .rlen = 16, | ||
2532 | }, | ||
2533 | }; | ||
2534 | |||
2535 | static struct cipher_testvec anubis_cbc_enc_tv_template[] = { | ||
2536 | { | ||
2537 | .key = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2538 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2539 | .klen = 16, | ||
2540 | .input = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2541 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2542 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2543 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2544 | .ilen = 32, | ||
2545 | .result = { 0x6d, 0xc5, 0xda, 0xa2, 0x26, 0x7d, 0x62, 0x6f, | ||
2546 | 0x08, 0xb7, 0x52, 0x8e, 0x6e, 0x6e, 0x86, 0x90, | ||
2547 | 0x86, 0xd8, 0xb5, 0x6f, 0x98, 0x5e, 0x8a, 0x66, | ||
2548 | 0x4f, 0x1f, 0x78, 0xa1, 0xbb, 0x37, 0xf1, 0xbe }, | ||
2549 | .rlen = 32, | ||
2550 | }, { | ||
2551 | .key = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2552 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2553 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2554 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2555 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2556 | .klen = 40, | ||
2557 | .input = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2558 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2559 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2560 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2561 | .ilen = 32, | ||
2562 | .result = { 0xa5, 0x2c, 0x85, 0x6f, 0x9c, 0xba, 0xa0, 0x97, | ||
2563 | 0x9e, 0xc6, 0x84, 0x0f, 0x17, 0x21, 0x07, 0xee, | ||
2564 | 0xa2, 0xbc, 0x06, 0x98, 0xc6, 0x4b, 0xda, 0x75, | ||
2565 | 0x2e, 0xaa, 0xbe, 0x58, 0xce, 0x01, 0x5b, 0xc7 }, | ||
2566 | .rlen = 32, | ||
2567 | }, | ||
2568 | }; | ||
2569 | |||
2570 | static struct cipher_testvec anubis_cbc_dec_tv_template[] = { | ||
2571 | { | ||
2572 | .key = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2573 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2574 | .klen = 16, | ||
2575 | .input = { 0x6d, 0xc5, 0xda, 0xa2, 0x26, 0x7d, 0x62, 0x6f, | ||
2576 | 0x08, 0xb7, 0x52, 0x8e, 0x6e, 0x6e, 0x86, 0x90, | ||
2577 | 0x86, 0xd8, 0xb5, 0x6f, 0x98, 0x5e, 0x8a, 0x66, | ||
2578 | 0x4f, 0x1f, 0x78, 0xa1, 0xbb, 0x37, 0xf1, 0xbe }, | ||
2579 | .ilen = 32, | ||
2580 | .result = { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2581 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2582 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, | ||
2583 | 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }, | ||
2584 | .rlen = 32, | ||
2585 | }, { | ||
2586 | .key = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2587 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2588 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2589 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2590 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2591 | .klen = 40, | ||
2592 | .input = { 0xa5, 0x2c, 0x85, 0x6f, 0x9c, 0xba, 0xa0, 0x97, | ||
2593 | 0x9e, 0xc6, 0x84, 0x0f, 0x17, 0x21, 0x07, 0xee, | ||
2594 | 0xa2, 0xbc, 0x06, 0x98, 0xc6, 0x4b, 0xda, 0x75, | ||
2595 | 0x2e, 0xaa, 0xbe, 0x58, 0xce, 0x01, 0x5b, 0xc7 }, | ||
2596 | .ilen = 32, | ||
2597 | .result = { 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2598 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2599 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, | ||
2600 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, | ||
2601 | .rlen = 32, | ||
2602 | }, | ||
2603 | }; | ||
2604 | |||
2605 | /* | ||
2606 | * Compression stuff. | ||
2607 | */ | ||
2608 | #define COMP_BUF_SIZE 512 | ||
2609 | |||
2610 | struct comp_testvec { | ||
2611 | int inlen, outlen; | ||
2612 | char input[COMP_BUF_SIZE]; | ||
2613 | char output[COMP_BUF_SIZE]; | ||
2614 | }; | ||
2615 | |||
2616 | /* | ||
2617 | * Deflate test vectors (null-terminated strings). | ||
2618 | * Params: winbits=11, Z_DEFAULT_COMPRESSION, MAX_MEM_LEVEL. | ||
2619 | */ | ||
2620 | #define DEFLATE_COMP_TEST_VECTORS 2 | ||
2621 | #define DEFLATE_DECOMP_TEST_VECTORS 2 | ||
2622 | |||
2623 | static struct comp_testvec deflate_comp_tv_template[] = { | ||
2624 | { | ||
2625 | .inlen = 70, | ||
2626 | .outlen = 38, | ||
2627 | .input = "Join us now and share the software " | ||
2628 | "Join us now and share the software ", | ||
2629 | .output = { 0xf3, 0xca, 0xcf, 0xcc, 0x53, 0x28, 0x2d, 0x56, | ||
2630 | 0xc8, 0xcb, 0x2f, 0x57, 0x48, 0xcc, 0x4b, 0x51, | ||
2631 | 0x28, 0xce, 0x48, 0x2c, 0x4a, 0x55, 0x28, 0xc9, | ||
2632 | 0x48, 0x55, 0x28, 0xce, 0x4f, 0x2b, 0x29, 0x07, | ||
2633 | 0x71, 0xbc, 0x08, 0x2b, 0x01, 0x00 }, | ||
2634 | }, { | ||
2635 | .inlen = 191, | ||
2636 | .outlen = 122, | ||
2637 | .input = "This document describes a compression method based on the DEFLATE" | ||
2638 | "compression algorithm. This document defines the application of " | ||
2639 | "the DEFLATE algorithm to the IP Payload Compression Protocol.", | ||
2640 | .output = { 0x5d, 0x8d, 0x31, 0x0e, 0xc2, 0x30, 0x10, 0x04, | ||
2641 | 0xbf, 0xb2, 0x2f, 0xc8, 0x1f, 0x10, 0x04, 0x09, | ||
2642 | 0x89, 0xc2, 0x85, 0x3f, 0x70, 0xb1, 0x2f, 0xf8, | ||
2643 | 0x24, 0xdb, 0x67, 0xd9, 0x47, 0xc1, 0xef, 0x49, | ||
2644 | 0x68, 0x12, 0x51, 0xae, 0x76, 0x67, 0xd6, 0x27, | ||
2645 | 0x19, 0x88, 0x1a, 0xde, 0x85, 0xab, 0x21, 0xf2, | ||
2646 | 0x08, 0x5d, 0x16, 0x1e, 0x20, 0x04, 0x2d, 0xad, | ||
2647 | 0xf3, 0x18, 0xa2, 0x15, 0x85, 0x2d, 0x69, 0xc4, | ||
2648 | 0x42, 0x83, 0x23, 0xb6, 0x6c, 0x89, 0x71, 0x9b, | ||
2649 | 0xef, 0xcf, 0x8b, 0x9f, 0xcf, 0x33, 0xca, 0x2f, | ||
2650 | 0xed, 0x62, 0xa9, 0x4c, 0x80, 0xff, 0x13, 0xaf, | ||
2651 | 0x52, 0x37, 0xed, 0x0e, 0x52, 0x6b, 0x59, 0x02, | ||
2652 | 0xd9, 0x4e, 0xe8, 0x7a, 0x76, 0x1d, 0x02, 0x98, | ||
2653 | 0xfe, 0x8a, 0x87, 0x83, 0xa3, 0x4f, 0x56, 0x8a, | ||
2654 | 0xb8, 0x9e, 0x8e, 0x5c, 0x57, 0xd3, 0xa0, 0x79, | ||
2655 | 0xfa, 0x02 }, | ||
2656 | }, | ||
2657 | }; | ||
2658 | |||
2659 | static struct comp_testvec deflate_decomp_tv_template[] = { | ||
2660 | { | ||
2661 | .inlen = 122, | ||
2662 | .outlen = 191, | ||
2663 | .input = { 0x5d, 0x8d, 0x31, 0x0e, 0xc2, 0x30, 0x10, 0x04, | ||
2664 | 0xbf, 0xb2, 0x2f, 0xc8, 0x1f, 0x10, 0x04, 0x09, | ||
2665 | 0x89, 0xc2, 0x85, 0x3f, 0x70, 0xb1, 0x2f, 0xf8, | ||
2666 | 0x24, 0xdb, 0x67, 0xd9, 0x47, 0xc1, 0xef, 0x49, | ||
2667 | 0x68, 0x12, 0x51, 0xae, 0x76, 0x67, 0xd6, 0x27, | ||
2668 | 0x19, 0x88, 0x1a, 0xde, 0x85, 0xab, 0x21, 0xf2, | ||
2669 | 0x08, 0x5d, 0x16, 0x1e, 0x20, 0x04, 0x2d, 0xad, | ||
2670 | 0xf3, 0x18, 0xa2, 0x15, 0x85, 0x2d, 0x69, 0xc4, | ||
2671 | 0x42, 0x83, 0x23, 0xb6, 0x6c, 0x89, 0x71, 0x9b, | ||
2672 | 0xef, 0xcf, 0x8b, 0x9f, 0xcf, 0x33, 0xca, 0x2f, | ||
2673 | 0xed, 0x62, 0xa9, 0x4c, 0x80, 0xff, 0x13, 0xaf, | ||
2674 | 0x52, 0x37, 0xed, 0x0e, 0x52, 0x6b, 0x59, 0x02, | ||
2675 | 0xd9, 0x4e, 0xe8, 0x7a, 0x76, 0x1d, 0x02, 0x98, | ||
2676 | 0xfe, 0x8a, 0x87, 0x83, 0xa3, 0x4f, 0x56, 0x8a, | ||
2677 | 0xb8, 0x9e, 0x8e, 0x5c, 0x57, 0xd3, 0xa0, 0x79, | ||
2678 | 0xfa, 0x02 }, | ||
2679 | .output = "This document describes a compression method based on the DEFLATE" | ||
2680 | "compression algorithm. This document defines the application of " | ||
2681 | "the DEFLATE algorithm to the IP Payload Compression Protocol.", | ||
2682 | }, { | ||
2683 | .inlen = 38, | ||
2684 | .outlen = 70, | ||
2685 | .input = { 0xf3, 0xca, 0xcf, 0xcc, 0x53, 0x28, 0x2d, 0x56, | ||
2686 | 0xc8, 0xcb, 0x2f, 0x57, 0x48, 0xcc, 0x4b, 0x51, | ||
2687 | 0x28, 0xce, 0x48, 0x2c, 0x4a, 0x55, 0x28, 0xc9, | ||
2688 | 0x48, 0x55, 0x28, 0xce, 0x4f, 0x2b, 0x29, 0x07, | ||
2689 | 0x71, 0xbc, 0x08, 0x2b, 0x01, 0x00 }, | ||
2690 | .output = "Join us now and share the software " | ||
2691 | "Join us now and share the software ", | ||
2692 | }, | ||
2693 | }; | ||
2694 | |||
2695 | /* | ||
2696 | * Michael MIC test vectors from IEEE 802.11i | ||
2697 | */ | ||
2698 | #define MICHAEL_MIC_TEST_VECTORS 6 | ||
2699 | |||
2700 | static struct hash_testvec michael_mic_tv_template[] = | ||
2701 | { | ||
2702 | { | ||
2703 | .key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
2704 | .ksize = 8, | ||
2705 | .plaintext = { }, | ||
2706 | .psize = 0, | ||
2707 | .digest = { 0x82, 0x92, 0x5c, 0x1c, 0xa1, 0xd1, 0x30, 0xb8 } | ||
2708 | }, | ||
2709 | { | ||
2710 | .key = { 0x82, 0x92, 0x5c, 0x1c, 0xa1, 0xd1, 0x30, 0xb8 }, | ||
2711 | .ksize = 8, | ||
2712 | .plaintext = { 'M' }, | ||
2713 | .psize = 1, | ||
2714 | .digest = { 0x43, 0x47, 0x21, 0xca, 0x40, 0x63, 0x9b, 0x3f } | ||
2715 | }, | ||
2716 | { | ||
2717 | .key = { 0x43, 0x47, 0x21, 0xca, 0x40, 0x63, 0x9b, 0x3f }, | ||
2718 | .ksize = 8, | ||
2719 | .plaintext = { 'M', 'i' }, | ||
2720 | .psize = 2, | ||
2721 | .digest = { 0xe8, 0xf9, 0xbe, 0xca, 0xe9, 0x7e, 0x5d, 0x29 } | ||
2722 | }, | ||
2723 | { | ||
2724 | .key = { 0xe8, 0xf9, 0xbe, 0xca, 0xe9, 0x7e, 0x5d, 0x29 }, | ||
2725 | .ksize = 8, | ||
2726 | .plaintext = { 'M', 'i', 'c' }, | ||
2727 | .psize = 3, | ||
2728 | .digest = { 0x90, 0x03, 0x8f, 0xc6, 0xcf, 0x13, 0xc1, 0xdb } | ||
2729 | }, | ||
2730 | { | ||
2731 | .key = { 0x90, 0x03, 0x8f, 0xc6, 0xcf, 0x13, 0xc1, 0xdb }, | ||
2732 | .ksize = 8, | ||
2733 | .plaintext = { 'M', 'i', 'c', 'h' }, | ||
2734 | .psize = 4, | ||
2735 | .digest = { 0xd5, 0x5e, 0x10, 0x05, 0x10, 0x12, 0x89, 0x86 } | ||
2736 | }, | ||
2737 | { | ||
2738 | .key = { 0xd5, 0x5e, 0x10, 0x05, 0x10, 0x12, 0x89, 0x86 }, | ||
2739 | .ksize = 8, | ||
2740 | .plaintext = { 'M', 'i', 'c', 'h', 'a', 'e', 'l' }, | ||
2741 | .psize = 7, | ||
2742 | .digest = { 0x0a, 0x94, 0x2b, 0x12, 0x4e, 0xca, 0xa5, 0x46 }, | ||
2743 | } | ||
2744 | }; | ||
2745 | |||
2746 | #endif /* _CRYPTO_TCRYPT_H */ | ||
diff --git a/crypto/tea.c b/crypto/tea.c new file mode 100644 index 000000000000..03c23cbd3afa --- /dev/null +++ b/crypto/tea.c | |||
@@ -0,0 +1,248 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * TEA and Xtended TEA Algorithms | ||
5 | * | ||
6 | * The TEA and Xtended TEA algorithms were developed by David Wheeler | ||
7 | * and Roger Needham at the Computer Laboratory of Cambridge University. | ||
8 | * | ||
9 | * Copyright (c) 2004 Aaron Grothe ajgrothe@yahoo.com | ||
10 | * | ||
11 | * This program is free software; you can redistribute it and/or modify | ||
12 | * it under the terms of the GNU General Public License as published by | ||
13 | * the Free Software Foundation; either version 2 of the License, or | ||
14 | * (at your option) any later version. | ||
15 | * | ||
16 | */ | ||
17 | |||
18 | #include <linux/init.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/mm.h> | ||
21 | #include <asm/scatterlist.h> | ||
22 | #include <linux/crypto.h> | ||
23 | |||
24 | #define TEA_KEY_SIZE 16 | ||
25 | #define TEA_BLOCK_SIZE 8 | ||
26 | #define TEA_ROUNDS 32 | ||
27 | #define TEA_DELTA 0x9e3779b9 | ||
28 | |||
29 | #define XTEA_KEY_SIZE 16 | ||
30 | #define XTEA_BLOCK_SIZE 8 | ||
31 | #define XTEA_ROUNDS 32 | ||
32 | #define XTEA_DELTA 0x9e3779b9 | ||
33 | |||
34 | #define u32_in(x) le32_to_cpu(*(const __le32 *)(x)) | ||
35 | #define u32_out(to, from) (*(__le32 *)(to) = cpu_to_le32(from)) | ||
36 | |||
37 | struct tea_ctx { | ||
38 | u32 KEY[4]; | ||
39 | }; | ||
40 | |||
41 | struct xtea_ctx { | ||
42 | u32 KEY[4]; | ||
43 | }; | ||
44 | |||
45 | static int tea_setkey(void *ctx_arg, const u8 *in_key, | ||
46 | unsigned int key_len, u32 *flags) | ||
47 | { | ||
48 | |||
49 | struct tea_ctx *ctx = ctx_arg; | ||
50 | |||
51 | if (key_len != 16) | ||
52 | { | ||
53 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
54 | return -EINVAL; | ||
55 | } | ||
56 | |||
57 | ctx->KEY[0] = u32_in (in_key); | ||
58 | ctx->KEY[1] = u32_in (in_key + 4); | ||
59 | ctx->KEY[2] = u32_in (in_key + 8); | ||
60 | ctx->KEY[3] = u32_in (in_key + 12); | ||
61 | |||
62 | return 0; | ||
63 | |||
64 | } | ||
65 | |||
66 | static void tea_encrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
67 | { | ||
68 | u32 y, z, n, sum = 0; | ||
69 | u32 k0, k1, k2, k3; | ||
70 | |||
71 | struct tea_ctx *ctx = ctx_arg; | ||
72 | |||
73 | y = u32_in (src); | ||
74 | z = u32_in (src + 4); | ||
75 | |||
76 | k0 = ctx->KEY[0]; | ||
77 | k1 = ctx->KEY[1]; | ||
78 | k2 = ctx->KEY[2]; | ||
79 | k3 = ctx->KEY[3]; | ||
80 | |||
81 | n = TEA_ROUNDS; | ||
82 | |||
83 | while (n-- > 0) { | ||
84 | sum += TEA_DELTA; | ||
85 | y += ((z << 4) + k0) ^ (z + sum) ^ ((z >> 5) + k1); | ||
86 | z += ((y << 4) + k2) ^ (y + sum) ^ ((y >> 5) + k3); | ||
87 | } | ||
88 | |||
89 | u32_out (dst, y); | ||
90 | u32_out (dst + 4, z); | ||
91 | } | ||
92 | |||
93 | static void tea_decrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
94 | { | ||
95 | u32 y, z, n, sum; | ||
96 | u32 k0, k1, k2, k3; | ||
97 | |||
98 | struct tea_ctx *ctx = ctx_arg; | ||
99 | |||
100 | y = u32_in (src); | ||
101 | z = u32_in (src + 4); | ||
102 | |||
103 | k0 = ctx->KEY[0]; | ||
104 | k1 = ctx->KEY[1]; | ||
105 | k2 = ctx->KEY[2]; | ||
106 | k3 = ctx->KEY[3]; | ||
107 | |||
108 | sum = TEA_DELTA << 5; | ||
109 | |||
110 | n = TEA_ROUNDS; | ||
111 | |||
112 | while (n-- > 0) { | ||
113 | z -= ((y << 4) + k2) ^ (y + sum) ^ ((y >> 5) + k3); | ||
114 | y -= ((z << 4) + k0) ^ (z + sum) ^ ((z >> 5) + k1); | ||
115 | sum -= TEA_DELTA; | ||
116 | } | ||
117 | |||
118 | u32_out (dst, y); | ||
119 | u32_out (dst + 4, z); | ||
120 | |||
121 | } | ||
122 | |||
123 | static int xtea_setkey(void *ctx_arg, const u8 *in_key, | ||
124 | unsigned int key_len, u32 *flags) | ||
125 | { | ||
126 | |||
127 | struct xtea_ctx *ctx = ctx_arg; | ||
128 | |||
129 | if (key_len != 16) | ||
130 | { | ||
131 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
132 | return -EINVAL; | ||
133 | } | ||
134 | |||
135 | ctx->KEY[0] = u32_in (in_key); | ||
136 | ctx->KEY[1] = u32_in (in_key + 4); | ||
137 | ctx->KEY[2] = u32_in (in_key + 8); | ||
138 | ctx->KEY[3] = u32_in (in_key + 12); | ||
139 | |||
140 | return 0; | ||
141 | |||
142 | } | ||
143 | |||
144 | static void xtea_encrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
145 | { | ||
146 | |||
147 | u32 y, z, sum = 0; | ||
148 | u32 limit = XTEA_DELTA * XTEA_ROUNDS; | ||
149 | |||
150 | struct xtea_ctx *ctx = ctx_arg; | ||
151 | |||
152 | y = u32_in (src); | ||
153 | z = u32_in (src + 4); | ||
154 | |||
155 | while (sum != limit) { | ||
156 | y += (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum&3]; | ||
157 | sum += XTEA_DELTA; | ||
158 | z += (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 &3]; | ||
159 | } | ||
160 | |||
161 | u32_out (dst, y); | ||
162 | u32_out (dst + 4, z); | ||
163 | |||
164 | } | ||
165 | |||
166 | static void xtea_decrypt(void *ctx_arg, u8 *dst, const u8 *src) | ||
167 | { | ||
168 | |||
169 | u32 y, z, sum; | ||
170 | struct tea_ctx *ctx = ctx_arg; | ||
171 | |||
172 | y = u32_in (src); | ||
173 | z = u32_in (src + 4); | ||
174 | |||
175 | sum = XTEA_DELTA * XTEA_ROUNDS; | ||
176 | |||
177 | while (sum) { | ||
178 | z -= (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 & 3]; | ||
179 | sum -= XTEA_DELTA; | ||
180 | y -= (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum & 3]; | ||
181 | } | ||
182 | |||
183 | u32_out (dst, y); | ||
184 | u32_out (dst + 4, z); | ||
185 | |||
186 | } | ||
187 | |||
188 | static struct crypto_alg tea_alg = { | ||
189 | .cra_name = "tea", | ||
190 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
191 | .cra_blocksize = TEA_BLOCK_SIZE, | ||
192 | .cra_ctxsize = sizeof (struct tea_ctx), | ||
193 | .cra_module = THIS_MODULE, | ||
194 | .cra_list = LIST_HEAD_INIT(tea_alg.cra_list), | ||
195 | .cra_u = { .cipher = { | ||
196 | .cia_min_keysize = TEA_KEY_SIZE, | ||
197 | .cia_max_keysize = TEA_KEY_SIZE, | ||
198 | .cia_setkey = tea_setkey, | ||
199 | .cia_encrypt = tea_encrypt, | ||
200 | .cia_decrypt = tea_decrypt } } | ||
201 | }; | ||
202 | |||
203 | static struct crypto_alg xtea_alg = { | ||
204 | .cra_name = "xtea", | ||
205 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
206 | .cra_blocksize = XTEA_BLOCK_SIZE, | ||
207 | .cra_ctxsize = sizeof (struct xtea_ctx), | ||
208 | .cra_module = THIS_MODULE, | ||
209 | .cra_list = LIST_HEAD_INIT(xtea_alg.cra_list), | ||
210 | .cra_u = { .cipher = { | ||
211 | .cia_min_keysize = XTEA_KEY_SIZE, | ||
212 | .cia_max_keysize = XTEA_KEY_SIZE, | ||
213 | .cia_setkey = xtea_setkey, | ||
214 | .cia_encrypt = xtea_encrypt, | ||
215 | .cia_decrypt = xtea_decrypt } } | ||
216 | }; | ||
217 | |||
218 | static int __init init(void) | ||
219 | { | ||
220 | int ret = 0; | ||
221 | |||
222 | ret = crypto_register_alg(&tea_alg); | ||
223 | if (ret < 0) | ||
224 | goto out; | ||
225 | |||
226 | ret = crypto_register_alg(&xtea_alg); | ||
227 | if (ret < 0) { | ||
228 | crypto_unregister_alg(&tea_alg); | ||
229 | goto out; | ||
230 | } | ||
231 | |||
232 | out: | ||
233 | return ret; | ||
234 | } | ||
235 | |||
236 | static void __exit fini(void) | ||
237 | { | ||
238 | crypto_unregister_alg(&tea_alg); | ||
239 | crypto_unregister_alg(&xtea_alg); | ||
240 | } | ||
241 | |||
242 | MODULE_ALIAS("xtea"); | ||
243 | |||
244 | module_init(init); | ||
245 | module_exit(fini); | ||
246 | |||
247 | MODULE_LICENSE("GPL"); | ||
248 | MODULE_DESCRIPTION("TEA & XTEA Cryptographic Algorithms"); | ||
diff --git a/crypto/tgr192.c b/crypto/tgr192.c new file mode 100644 index 000000000000..f0a45cf716d0 --- /dev/null +++ b/crypto/tgr192.c | |||
@@ -0,0 +1,735 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Tiger hashing Algorithm | ||
5 | * | ||
6 | * Copyright (C) 1998 Free Software Foundation, Inc. | ||
7 | * | ||
8 | * The Tiger algorithm was developed by Ross Anderson and Eli Biham. | ||
9 | * It was optimized for 64-bit processors while still delievering | ||
10 | * decent performance on 32 and 16-bit processors. | ||
11 | * | ||
12 | * This version is derived from the GnuPG implementation and the | ||
13 | * Tiger-Perl interface written by Rafael Sevilla | ||
14 | * | ||
15 | * Adapted for Linux Kernel Crypto by Aaron Grothe | ||
16 | * ajgrothe@yahoo.com, February 22, 2005 | ||
17 | * | ||
18 | * This program is free software; you can redistribute it and/or modify | ||
19 | * it under the terms of the GNU General Public License as published by | ||
20 | * the Free Software Foundation; either version 2 of the License, or | ||
21 | * (at your option) any later version. | ||
22 | * | ||
23 | */ | ||
24 | #include <linux/init.h> | ||
25 | #include <linux/module.h> | ||
26 | #include <linux/mm.h> | ||
27 | #include <asm/scatterlist.h> | ||
28 | #include <linux/crypto.h> | ||
29 | |||
30 | #define TGR192_DIGEST_SIZE 24 | ||
31 | #define TGR160_DIGEST_SIZE 20 | ||
32 | #define TGR128_DIGEST_SIZE 16 | ||
33 | |||
34 | #define TGR192_BLOCK_SIZE 64 | ||
35 | |||
36 | struct tgr192_ctx { | ||
37 | u64 a, b, c; | ||
38 | u8 hash[64]; | ||
39 | int count; | ||
40 | u32 nblocks; | ||
41 | }; | ||
42 | |||
43 | static const u64 sbox1[256] = { | ||
44 | 0x02aab17cf7e90c5eULL, 0xac424b03e243a8ecULL, 0x72cd5be30dd5fcd3ULL, | ||
45 | 0x6d019b93f6f97f3aULL, 0xcd9978ffd21f9193ULL, 0x7573a1c9708029e2ULL, | ||
46 | 0xb164326b922a83c3ULL, 0x46883eee04915870ULL, 0xeaace3057103ece6ULL, | ||
47 | 0xc54169b808a3535cULL, 0x4ce754918ddec47cULL, 0x0aa2f4dfdc0df40cULL, | ||
48 | 0x10b76f18a74dbefaULL, 0xc6ccb6235ad1ab6aULL, 0x13726121572fe2ffULL, | ||
49 | 0x1a488c6f199d921eULL, 0x4bc9f9f4da0007caULL, 0x26f5e6f6e85241c7ULL, | ||
50 | 0x859079dbea5947b6ULL, 0x4f1885c5c99e8c92ULL, 0xd78e761ea96f864bULL, | ||
51 | 0x8e36428c52b5c17dULL, 0x69cf6827373063c1ULL, 0xb607c93d9bb4c56eULL, | ||
52 | 0x7d820e760e76b5eaULL, 0x645c9cc6f07fdc42ULL, 0xbf38a078243342e0ULL, | ||
53 | 0x5f6b343c9d2e7d04ULL, 0xf2c28aeb600b0ec6ULL, 0x6c0ed85f7254bcacULL, | ||
54 | 0x71592281a4db4fe5ULL, 0x1967fa69ce0fed9fULL, 0xfd5293f8b96545dbULL, | ||
55 | 0xc879e9d7f2a7600bULL, 0x860248920193194eULL, 0xa4f9533b2d9cc0b3ULL, | ||
56 | 0x9053836c15957613ULL, 0xdb6dcf8afc357bf1ULL, 0x18beea7a7a370f57ULL, | ||
57 | 0x037117ca50b99066ULL, 0x6ab30a9774424a35ULL, 0xf4e92f02e325249bULL, | ||
58 | 0x7739db07061ccae1ULL, 0xd8f3b49ceca42a05ULL, 0xbd56be3f51382f73ULL, | ||
59 | 0x45faed5843b0bb28ULL, 0x1c813d5c11bf1f83ULL, 0x8af0e4b6d75fa169ULL, | ||
60 | 0x33ee18a487ad9999ULL, 0x3c26e8eab1c94410ULL, 0xb510102bc0a822f9ULL, | ||
61 | 0x141eef310ce6123bULL, 0xfc65b90059ddb154ULL, 0xe0158640c5e0e607ULL, | ||
62 | 0x884e079826c3a3cfULL, 0x930d0d9523c535fdULL, 0x35638d754e9a2b00ULL, | ||
63 | 0x4085fccf40469dd5ULL, 0xc4b17ad28be23a4cULL, 0xcab2f0fc6a3e6a2eULL, | ||
64 | 0x2860971a6b943fcdULL, 0x3dde6ee212e30446ULL, 0x6222f32ae01765aeULL, | ||
65 | 0x5d550bb5478308feULL, 0xa9efa98da0eda22aULL, 0xc351a71686c40da7ULL, | ||
66 | 0x1105586d9c867c84ULL, 0xdcffee85fda22853ULL, 0xccfbd0262c5eef76ULL, | ||
67 | 0xbaf294cb8990d201ULL, 0xe69464f52afad975ULL, 0x94b013afdf133e14ULL, | ||
68 | 0x06a7d1a32823c958ULL, 0x6f95fe5130f61119ULL, 0xd92ab34e462c06c0ULL, | ||
69 | 0xed7bde33887c71d2ULL, 0x79746d6e6518393eULL, 0x5ba419385d713329ULL, | ||
70 | 0x7c1ba6b948a97564ULL, 0x31987c197bfdac67ULL, 0xde6c23c44b053d02ULL, | ||
71 | 0x581c49fed002d64dULL, 0xdd474d6338261571ULL, 0xaa4546c3e473d062ULL, | ||
72 | 0x928fce349455f860ULL, 0x48161bbacaab94d9ULL, 0x63912430770e6f68ULL, | ||
73 | 0x6ec8a5e602c6641cULL, 0x87282515337ddd2bULL, 0x2cda6b42034b701bULL, | ||
74 | 0xb03d37c181cb096dULL, 0xe108438266c71c6fULL, 0x2b3180c7eb51b255ULL, | ||
75 | 0xdf92b82f96c08bbcULL, 0x5c68c8c0a632f3baULL, 0x5504cc861c3d0556ULL, | ||
76 | 0xabbfa4e55fb26b8fULL, 0x41848b0ab3baceb4ULL, 0xb334a273aa445d32ULL, | ||
77 | 0xbca696f0a85ad881ULL, 0x24f6ec65b528d56cULL, 0x0ce1512e90f4524aULL, | ||
78 | 0x4e9dd79d5506d35aULL, 0x258905fac6ce9779ULL, 0x2019295b3e109b33ULL, | ||
79 | 0xf8a9478b73a054ccULL, 0x2924f2f934417eb0ULL, 0x3993357d536d1bc4ULL, | ||
80 | 0x38a81ac21db6ff8bULL, 0x47c4fbf17d6016bfULL, 0x1e0faadd7667e3f5ULL, | ||
81 | 0x7abcff62938beb96ULL, 0xa78dad948fc179c9ULL, 0x8f1f98b72911e50dULL, | ||
82 | 0x61e48eae27121a91ULL, 0x4d62f7ad31859808ULL, 0xeceba345ef5ceaebULL, | ||
83 | 0xf5ceb25ebc9684ceULL, 0xf633e20cb7f76221ULL, 0xa32cdf06ab8293e4ULL, | ||
84 | 0x985a202ca5ee2ca4ULL, 0xcf0b8447cc8a8fb1ULL, 0x9f765244979859a3ULL, | ||
85 | 0xa8d516b1a1240017ULL, 0x0bd7ba3ebb5dc726ULL, 0xe54bca55b86adb39ULL, | ||
86 | 0x1d7a3afd6c478063ULL, 0x519ec608e7669eddULL, 0x0e5715a2d149aa23ULL, | ||
87 | 0x177d4571848ff194ULL, 0xeeb55f3241014c22ULL, 0x0f5e5ca13a6e2ec2ULL, | ||
88 | 0x8029927b75f5c361ULL, 0xad139fabc3d6e436ULL, 0x0d5df1a94ccf402fULL, | ||
89 | 0x3e8bd948bea5dfc8ULL, 0xa5a0d357bd3ff77eULL, 0xa2d12e251f74f645ULL, | ||
90 | 0x66fd9e525e81a082ULL, 0x2e0c90ce7f687a49ULL, 0xc2e8bcbeba973bc5ULL, | ||
91 | 0x000001bce509745fULL, 0x423777bbe6dab3d6ULL, 0xd1661c7eaef06eb5ULL, | ||
92 | 0xa1781f354daacfd8ULL, 0x2d11284a2b16affcULL, 0xf1fc4f67fa891d1fULL, | ||
93 | 0x73ecc25dcb920adaULL, 0xae610c22c2a12651ULL, 0x96e0a810d356b78aULL, | ||
94 | 0x5a9a381f2fe7870fULL, 0xd5ad62ede94e5530ULL, 0xd225e5e8368d1427ULL, | ||
95 | 0x65977b70c7af4631ULL, 0x99f889b2de39d74fULL, 0x233f30bf54e1d143ULL, | ||
96 | 0x9a9675d3d9a63c97ULL, 0x5470554ff334f9a8ULL, 0x166acb744a4f5688ULL, | ||
97 | 0x70c74caab2e4aeadULL, 0xf0d091646f294d12ULL, 0x57b82a89684031d1ULL, | ||
98 | 0xefd95a5a61be0b6bULL, 0x2fbd12e969f2f29aULL, 0x9bd37013feff9fe8ULL, | ||
99 | 0x3f9b0404d6085a06ULL, 0x4940c1f3166cfe15ULL, 0x09542c4dcdf3defbULL, | ||
100 | 0xb4c5218385cd5ce3ULL, 0xc935b7dc4462a641ULL, 0x3417f8a68ed3b63fULL, | ||
101 | 0xb80959295b215b40ULL, 0xf99cdaef3b8c8572ULL, 0x018c0614f8fcb95dULL, | ||
102 | 0x1b14accd1a3acdf3ULL, 0x84d471f200bb732dULL, 0xc1a3110e95e8da16ULL, | ||
103 | 0x430a7220bf1a82b8ULL, 0xb77e090d39df210eULL, 0x5ef4bd9f3cd05e9dULL, | ||
104 | 0x9d4ff6da7e57a444ULL, 0xda1d60e183d4a5f8ULL, 0xb287c38417998e47ULL, | ||
105 | 0xfe3edc121bb31886ULL, 0xc7fe3ccc980ccbefULL, 0xe46fb590189bfd03ULL, | ||
106 | 0x3732fd469a4c57dcULL, 0x7ef700a07cf1ad65ULL, 0x59c64468a31d8859ULL, | ||
107 | 0x762fb0b4d45b61f6ULL, 0x155baed099047718ULL, 0x68755e4c3d50baa6ULL, | ||
108 | 0xe9214e7f22d8b4dfULL, 0x2addbf532eac95f4ULL, 0x32ae3909b4bd0109ULL, | ||
109 | 0x834df537b08e3450ULL, 0xfa209da84220728dULL, 0x9e691d9b9efe23f7ULL, | ||
110 | 0x0446d288c4ae8d7fULL, 0x7b4cc524e169785bULL, 0x21d87f0135ca1385ULL, | ||
111 | 0xcebb400f137b8aa5ULL, 0x272e2b66580796beULL, 0x3612264125c2b0deULL, | ||
112 | 0x057702bdad1efbb2ULL, 0xd4babb8eacf84be9ULL, 0x91583139641bc67bULL, | ||
113 | 0x8bdc2de08036e024ULL, 0x603c8156f49f68edULL, 0xf7d236f7dbef5111ULL, | ||
114 | 0x9727c4598ad21e80ULL, 0xa08a0896670a5fd7ULL, 0xcb4a8f4309eba9cbULL, | ||
115 | 0x81af564b0f7036a1ULL, 0xc0b99aa778199abdULL, 0x959f1ec83fc8e952ULL, | ||
116 | 0x8c505077794a81b9ULL, 0x3acaaf8f056338f0ULL, 0x07b43f50627a6778ULL, | ||
117 | 0x4a44ab49f5eccc77ULL, 0x3bc3d6e4b679ee98ULL, 0x9cc0d4d1cf14108cULL, | ||
118 | 0x4406c00b206bc8a0ULL, 0x82a18854c8d72d89ULL, 0x67e366b35c3c432cULL, | ||
119 | 0xb923dd61102b37f2ULL, 0x56ab2779d884271dULL, 0xbe83e1b0ff1525afULL, | ||
120 | 0xfb7c65d4217e49a9ULL, 0x6bdbe0e76d48e7d4ULL, 0x08df828745d9179eULL, | ||
121 | 0x22ea6a9add53bd34ULL, 0xe36e141c5622200aULL, 0x7f805d1b8cb750eeULL, | ||
122 | 0xafe5c7a59f58e837ULL, 0xe27f996a4fb1c23cULL, 0xd3867dfb0775f0d0ULL, | ||
123 | 0xd0e673de6e88891aULL, 0x123aeb9eafb86c25ULL, 0x30f1d5d5c145b895ULL, | ||
124 | 0xbb434a2dee7269e7ULL, 0x78cb67ecf931fa38ULL, 0xf33b0372323bbf9cULL, | ||
125 | 0x52d66336fb279c74ULL, 0x505f33ac0afb4eaaULL, 0xe8a5cd99a2cce187ULL, | ||
126 | 0x534974801e2d30bbULL, 0x8d2d5711d5876d90ULL, 0x1f1a412891bc038eULL, | ||
127 | 0xd6e2e71d82e56648ULL, 0x74036c3a497732b7ULL, 0x89b67ed96361f5abULL, | ||
128 | 0xffed95d8f1ea02a2ULL, 0xe72b3bd61464d43dULL, 0xa6300f170bdc4820ULL, | ||
129 | 0xebc18760ed78a77aULL | ||
130 | }; | ||
131 | |||
132 | static const u64 sbox2[256] = { | ||
133 | 0xe6a6be5a05a12138ULL, 0xb5a122a5b4f87c98ULL, 0x563c6089140b6990ULL, | ||
134 | 0x4c46cb2e391f5dd5ULL, 0xd932addbc9b79434ULL, 0x08ea70e42015aff5ULL, | ||
135 | 0xd765a6673e478cf1ULL, 0xc4fb757eab278d99ULL, 0xdf11c6862d6e0692ULL, | ||
136 | 0xddeb84f10d7f3b16ULL, 0x6f2ef604a665ea04ULL, 0x4a8e0f0ff0e0dfb3ULL, | ||
137 | 0xa5edeef83dbcba51ULL, 0xfc4f0a2a0ea4371eULL, 0xe83e1da85cb38429ULL, | ||
138 | 0xdc8ff882ba1b1ce2ULL, 0xcd45505e8353e80dULL, 0x18d19a00d4db0717ULL, | ||
139 | 0x34a0cfeda5f38101ULL, 0x0be77e518887caf2ULL, 0x1e341438b3c45136ULL, | ||
140 | 0xe05797f49089ccf9ULL, 0xffd23f9df2591d14ULL, 0x543dda228595c5cdULL, | ||
141 | 0x661f81fd99052a33ULL, 0x8736e641db0f7b76ULL, 0x15227725418e5307ULL, | ||
142 | 0xe25f7f46162eb2faULL, 0x48a8b2126c13d9feULL, 0xafdc541792e76eeaULL, | ||
143 | 0x03d912bfc6d1898fULL, 0x31b1aafa1b83f51bULL, 0xf1ac2796e42ab7d9ULL, | ||
144 | 0x40a3a7d7fcd2ebacULL, 0x1056136d0afbbcc5ULL, 0x7889e1dd9a6d0c85ULL, | ||
145 | 0xd33525782a7974aaULL, 0xa7e25d09078ac09bULL, 0xbd4138b3eac6edd0ULL, | ||
146 | 0x920abfbe71eb9e70ULL, 0xa2a5d0f54fc2625cULL, 0xc054e36b0b1290a3ULL, | ||
147 | 0xf6dd59ff62fe932bULL, 0x3537354511a8ac7dULL, 0xca845e9172fadcd4ULL, | ||
148 | 0x84f82b60329d20dcULL, 0x79c62ce1cd672f18ULL, 0x8b09a2add124642cULL, | ||
149 | 0xd0c1e96a19d9e726ULL, 0x5a786a9b4ba9500cULL, 0x0e020336634c43f3ULL, | ||
150 | 0xc17b474aeb66d822ULL, 0x6a731ae3ec9baac2ULL, 0x8226667ae0840258ULL, | ||
151 | 0x67d4567691caeca5ULL, 0x1d94155c4875adb5ULL, 0x6d00fd985b813fdfULL, | ||
152 | 0x51286efcb774cd06ULL, 0x5e8834471fa744afULL, 0xf72ca0aee761ae2eULL, | ||
153 | 0xbe40e4cdaee8e09aULL, 0xe9970bbb5118f665ULL, 0x726e4beb33df1964ULL, | ||
154 | 0x703b000729199762ULL, 0x4631d816f5ef30a7ULL, 0xb880b5b51504a6beULL, | ||
155 | 0x641793c37ed84b6cULL, 0x7b21ed77f6e97d96ULL, 0x776306312ef96b73ULL, | ||
156 | 0xae528948e86ff3f4ULL, 0x53dbd7f286a3f8f8ULL, 0x16cadce74cfc1063ULL, | ||
157 | 0x005c19bdfa52c6ddULL, 0x68868f5d64d46ad3ULL, 0x3a9d512ccf1e186aULL, | ||
158 | 0x367e62c2385660aeULL, 0xe359e7ea77dcb1d7ULL, 0x526c0773749abe6eULL, | ||
159 | 0x735ae5f9d09f734bULL, 0x493fc7cc8a558ba8ULL, 0xb0b9c1533041ab45ULL, | ||
160 | 0x321958ba470a59bdULL, 0x852db00b5f46c393ULL, 0x91209b2bd336b0e5ULL, | ||
161 | 0x6e604f7d659ef19fULL, 0xb99a8ae2782ccb24ULL, 0xccf52ab6c814c4c7ULL, | ||
162 | 0x4727d9afbe11727bULL, 0x7e950d0c0121b34dULL, 0x756f435670ad471fULL, | ||
163 | 0xf5add442615a6849ULL, 0x4e87e09980b9957aULL, 0x2acfa1df50aee355ULL, | ||
164 | 0xd898263afd2fd556ULL, 0xc8f4924dd80c8fd6ULL, 0xcf99ca3d754a173aULL, | ||
165 | 0xfe477bacaf91bf3cULL, 0xed5371f6d690c12dULL, 0x831a5c285e687094ULL, | ||
166 | 0xc5d3c90a3708a0a4ULL, 0x0f7f903717d06580ULL, 0x19f9bb13b8fdf27fULL, | ||
167 | 0xb1bd6f1b4d502843ULL, 0x1c761ba38fff4012ULL, 0x0d1530c4e2e21f3bULL, | ||
168 | 0x8943ce69a7372c8aULL, 0xe5184e11feb5ce66ULL, 0x618bdb80bd736621ULL, | ||
169 | 0x7d29bad68b574d0bULL, 0x81bb613e25e6fe5bULL, 0x071c9c10bc07913fULL, | ||
170 | 0xc7beeb7909ac2d97ULL, 0xc3e58d353bc5d757ULL, 0xeb017892f38f61e8ULL, | ||
171 | 0xd4effb9c9b1cc21aULL, 0x99727d26f494f7abULL, 0xa3e063a2956b3e03ULL, | ||
172 | 0x9d4a8b9a4aa09c30ULL, 0x3f6ab7d500090fb4ULL, 0x9cc0f2a057268ac0ULL, | ||
173 | 0x3dee9d2dedbf42d1ULL, 0x330f49c87960a972ULL, 0xc6b2720287421b41ULL, | ||
174 | 0x0ac59ec07c00369cULL, 0xef4eac49cb353425ULL, 0xf450244eef0129d8ULL, | ||
175 | 0x8acc46e5caf4deb6ULL, 0x2ffeab63989263f7ULL, 0x8f7cb9fe5d7a4578ULL, | ||
176 | 0x5bd8f7644e634635ULL, 0x427a7315bf2dc900ULL, 0x17d0c4aa2125261cULL, | ||
177 | 0x3992486c93518e50ULL, 0xb4cbfee0a2d7d4c3ULL, 0x7c75d6202c5ddd8dULL, | ||
178 | 0xdbc295d8e35b6c61ULL, 0x60b369d302032b19ULL, 0xce42685fdce44132ULL, | ||
179 | 0x06f3ddb9ddf65610ULL, 0x8ea4d21db5e148f0ULL, 0x20b0fce62fcd496fULL, | ||
180 | 0x2c1b912358b0ee31ULL, 0xb28317b818f5a308ULL, 0xa89c1e189ca6d2cfULL, | ||
181 | 0x0c6b18576aaadbc8ULL, 0xb65deaa91299fae3ULL, 0xfb2b794b7f1027e7ULL, | ||
182 | 0x04e4317f443b5bebULL, 0x4b852d325939d0a6ULL, 0xd5ae6beefb207ffcULL, | ||
183 | 0x309682b281c7d374ULL, 0xbae309a194c3b475ULL, 0x8cc3f97b13b49f05ULL, | ||
184 | 0x98a9422ff8293967ULL, 0x244b16b01076ff7cULL, 0xf8bf571c663d67eeULL, | ||
185 | 0x1f0d6758eee30da1ULL, 0xc9b611d97adeb9b7ULL, 0xb7afd5887b6c57a2ULL, | ||
186 | 0x6290ae846b984fe1ULL, 0x94df4cdeacc1a5fdULL, 0x058a5bd1c5483affULL, | ||
187 | 0x63166cc142ba3c37ULL, 0x8db8526eb2f76f40ULL, 0xe10880036f0d6d4eULL, | ||
188 | 0x9e0523c9971d311dULL, 0x45ec2824cc7cd691ULL, 0x575b8359e62382c9ULL, | ||
189 | 0xfa9e400dc4889995ULL, 0xd1823ecb45721568ULL, 0xdafd983b8206082fULL, | ||
190 | 0xaa7d29082386a8cbULL, 0x269fcd4403b87588ULL, 0x1b91f5f728bdd1e0ULL, | ||
191 | 0xe4669f39040201f6ULL, 0x7a1d7c218cf04adeULL, 0x65623c29d79ce5ceULL, | ||
192 | 0x2368449096c00bb1ULL, 0xab9bf1879da503baULL, 0xbc23ecb1a458058eULL, | ||
193 | 0x9a58df01bb401eccULL, 0xa070e868a85f143dULL, 0x4ff188307df2239eULL, | ||
194 | 0x14d565b41a641183ULL, 0xee13337452701602ULL, 0x950e3dcf3f285e09ULL, | ||
195 | 0x59930254b9c80953ULL, 0x3bf299408930da6dULL, 0xa955943f53691387ULL, | ||
196 | 0xa15edecaa9cb8784ULL, 0x29142127352be9a0ULL, 0x76f0371fff4e7afbULL, | ||
197 | 0x0239f450274f2228ULL, 0xbb073af01d5e868bULL, 0xbfc80571c10e96c1ULL, | ||
198 | 0xd267088568222e23ULL, 0x9671a3d48e80b5b0ULL, 0x55b5d38ae193bb81ULL, | ||
199 | 0x693ae2d0a18b04b8ULL, 0x5c48b4ecadd5335fULL, 0xfd743b194916a1caULL, | ||
200 | 0x2577018134be98c4ULL, 0xe77987e83c54a4adULL, 0x28e11014da33e1b9ULL, | ||
201 | 0x270cc59e226aa213ULL, 0x71495f756d1a5f60ULL, 0x9be853fb60afef77ULL, | ||
202 | 0xadc786a7f7443dbfULL, 0x0904456173b29a82ULL, 0x58bc7a66c232bd5eULL, | ||
203 | 0xf306558c673ac8b2ULL, 0x41f639c6b6c9772aULL, 0x216defe99fda35daULL, | ||
204 | 0x11640cc71c7be615ULL, 0x93c43694565c5527ULL, 0xea038e6246777839ULL, | ||
205 | 0xf9abf3ce5a3e2469ULL, 0x741e768d0fd312d2ULL, 0x0144b883ced652c6ULL, | ||
206 | 0xc20b5a5ba33f8552ULL, 0x1ae69633c3435a9dULL, 0x97a28ca4088cfdecULL, | ||
207 | 0x8824a43c1e96f420ULL, 0x37612fa66eeea746ULL, 0x6b4cb165f9cf0e5aULL, | ||
208 | 0x43aa1c06a0abfb4aULL, 0x7f4dc26ff162796bULL, 0x6cbacc8e54ed9b0fULL, | ||
209 | 0xa6b7ffefd2bb253eULL, 0x2e25bc95b0a29d4fULL, 0x86d6a58bdef1388cULL, | ||
210 | 0xded74ac576b6f054ULL, 0x8030bdbc2b45805dULL, 0x3c81af70e94d9289ULL, | ||
211 | 0x3eff6dda9e3100dbULL, 0xb38dc39fdfcc8847ULL, 0x123885528d17b87eULL, | ||
212 | 0xf2da0ed240b1b642ULL, 0x44cefadcd54bf9a9ULL, 0x1312200e433c7ee6ULL, | ||
213 | 0x9ffcc84f3a78c748ULL, 0xf0cd1f72248576bbULL, 0xec6974053638cfe4ULL, | ||
214 | 0x2ba7b67c0cec4e4cULL, 0xac2f4df3e5ce32edULL, 0xcb33d14326ea4c11ULL, | ||
215 | 0xa4e9044cc77e58bcULL, 0x5f513293d934fcefULL, 0x5dc9645506e55444ULL, | ||
216 | 0x50de418f317de40aULL, 0x388cb31a69dde259ULL, 0x2db4a83455820a86ULL, | ||
217 | 0x9010a91e84711ae9ULL, 0x4df7f0b7b1498371ULL, 0xd62a2eabc0977179ULL, | ||
218 | 0x22fac097aa8d5c0eULL | ||
219 | }; | ||
220 | |||
221 | static const u64 sbox3[256] = { | ||
222 | 0xf49fcc2ff1daf39bULL, 0x487fd5c66ff29281ULL, 0xe8a30667fcdca83fULL, | ||
223 | 0x2c9b4be3d2fcce63ULL, 0xda3ff74b93fbbbc2ULL, 0x2fa165d2fe70ba66ULL, | ||
224 | 0xa103e279970e93d4ULL, 0xbecdec77b0e45e71ULL, 0xcfb41e723985e497ULL, | ||
225 | 0xb70aaa025ef75017ULL, 0xd42309f03840b8e0ULL, 0x8efc1ad035898579ULL, | ||
226 | 0x96c6920be2b2abc5ULL, 0x66af4163375a9172ULL, 0x2174abdcca7127fbULL, | ||
227 | 0xb33ccea64a72ff41ULL, 0xf04a4933083066a5ULL, 0x8d970acdd7289af5ULL, | ||
228 | 0x8f96e8e031c8c25eULL, 0xf3fec02276875d47ULL, 0xec7bf310056190ddULL, | ||
229 | 0xf5adb0aebb0f1491ULL, 0x9b50f8850fd58892ULL, 0x4975488358b74de8ULL, | ||
230 | 0xa3354ff691531c61ULL, 0x0702bbe481d2c6eeULL, 0x89fb24057deded98ULL, | ||
231 | 0xac3075138596e902ULL, 0x1d2d3580172772edULL, 0xeb738fc28e6bc30dULL, | ||
232 | 0x5854ef8f63044326ULL, 0x9e5c52325add3bbeULL, 0x90aa53cf325c4623ULL, | ||
233 | 0xc1d24d51349dd067ULL, 0x2051cfeea69ea624ULL, 0x13220f0a862e7e4fULL, | ||
234 | 0xce39399404e04864ULL, 0xd9c42ca47086fcb7ULL, 0x685ad2238a03e7ccULL, | ||
235 | 0x066484b2ab2ff1dbULL, 0xfe9d5d70efbf79ecULL, 0x5b13b9dd9c481854ULL, | ||
236 | 0x15f0d475ed1509adULL, 0x0bebcd060ec79851ULL, 0xd58c6791183ab7f8ULL, | ||
237 | 0xd1187c5052f3eee4ULL, 0xc95d1192e54e82ffULL, 0x86eea14cb9ac6ca2ULL, | ||
238 | 0x3485beb153677d5dULL, 0xdd191d781f8c492aULL, 0xf60866baa784ebf9ULL, | ||
239 | 0x518f643ba2d08c74ULL, 0x8852e956e1087c22ULL, 0xa768cb8dc410ae8dULL, | ||
240 | 0x38047726bfec8e1aULL, 0xa67738b4cd3b45aaULL, 0xad16691cec0dde19ULL, | ||
241 | 0xc6d4319380462e07ULL, 0xc5a5876d0ba61938ULL, 0x16b9fa1fa58fd840ULL, | ||
242 | 0x188ab1173ca74f18ULL, 0xabda2f98c99c021fULL, 0x3e0580ab134ae816ULL, | ||
243 | 0x5f3b05b773645abbULL, 0x2501a2be5575f2f6ULL, 0x1b2f74004e7e8ba9ULL, | ||
244 | 0x1cd7580371e8d953ULL, 0x7f6ed89562764e30ULL, 0xb15926ff596f003dULL, | ||
245 | 0x9f65293da8c5d6b9ULL, 0x6ecef04dd690f84cULL, 0x4782275fff33af88ULL, | ||
246 | 0xe41433083f820801ULL, 0xfd0dfe409a1af9b5ULL, 0x4325a3342cdb396bULL, | ||
247 | 0x8ae77e62b301b252ULL, 0xc36f9e9f6655615aULL, 0x85455a2d92d32c09ULL, | ||
248 | 0xf2c7dea949477485ULL, 0x63cfb4c133a39ebaULL, 0x83b040cc6ebc5462ULL, | ||
249 | 0x3b9454c8fdb326b0ULL, 0x56f56a9e87ffd78cULL, 0x2dc2940d99f42bc6ULL, | ||
250 | 0x98f7df096b096e2dULL, 0x19a6e01e3ad852bfULL, 0x42a99ccbdbd4b40bULL, | ||
251 | 0xa59998af45e9c559ULL, 0x366295e807d93186ULL, 0x6b48181bfaa1f773ULL, | ||
252 | 0x1fec57e2157a0a1dULL, 0x4667446af6201ad5ULL, 0xe615ebcacfb0f075ULL, | ||
253 | 0xb8f31f4f68290778ULL, 0x22713ed6ce22d11eULL, 0x3057c1a72ec3c93bULL, | ||
254 | 0xcb46acc37c3f1f2fULL, 0xdbb893fd02aaf50eULL, 0x331fd92e600b9fcfULL, | ||
255 | 0xa498f96148ea3ad6ULL, 0xa8d8426e8b6a83eaULL, 0xa089b274b7735cdcULL, | ||
256 | 0x87f6b3731e524a11ULL, 0x118808e5cbc96749ULL, 0x9906e4c7b19bd394ULL, | ||
257 | 0xafed7f7e9b24a20cULL, 0x6509eadeeb3644a7ULL, 0x6c1ef1d3e8ef0edeULL, | ||
258 | 0xb9c97d43e9798fb4ULL, 0xa2f2d784740c28a3ULL, 0x7b8496476197566fULL, | ||
259 | 0x7a5be3e6b65f069dULL, 0xf96330ed78be6f10ULL, 0xeee60de77a076a15ULL, | ||
260 | 0x2b4bee4aa08b9bd0ULL, 0x6a56a63ec7b8894eULL, 0x02121359ba34fef4ULL, | ||
261 | 0x4cbf99f8283703fcULL, 0x398071350caf30c8ULL, 0xd0a77a89f017687aULL, | ||
262 | 0xf1c1a9eb9e423569ULL, 0x8c7976282dee8199ULL, 0x5d1737a5dd1f7abdULL, | ||
263 | 0x4f53433c09a9fa80ULL, 0xfa8b0c53df7ca1d9ULL, 0x3fd9dcbc886ccb77ULL, | ||
264 | 0xc040917ca91b4720ULL, 0x7dd00142f9d1dcdfULL, 0x8476fc1d4f387b58ULL, | ||
265 | 0x23f8e7c5f3316503ULL, 0x032a2244e7e37339ULL, 0x5c87a5d750f5a74bULL, | ||
266 | 0x082b4cc43698992eULL, 0xdf917becb858f63cULL, 0x3270b8fc5bf86ddaULL, | ||
267 | 0x10ae72bb29b5dd76ULL, 0x576ac94e7700362bULL, 0x1ad112dac61efb8fULL, | ||
268 | 0x691bc30ec5faa427ULL, 0xff246311cc327143ULL, 0x3142368e30e53206ULL, | ||
269 | 0x71380e31e02ca396ULL, 0x958d5c960aad76f1ULL, 0xf8d6f430c16da536ULL, | ||
270 | 0xc8ffd13f1be7e1d2ULL, 0x7578ae66004ddbe1ULL, 0x05833f01067be646ULL, | ||
271 | 0xbb34b5ad3bfe586dULL, 0x095f34c9a12b97f0ULL, 0x247ab64525d60ca8ULL, | ||
272 | 0xdcdbc6f3017477d1ULL, 0x4a2e14d4decad24dULL, 0xbdb5e6d9be0a1eebULL, | ||
273 | 0x2a7e70f7794301abULL, 0xdef42d8a270540fdULL, 0x01078ec0a34c22c1ULL, | ||
274 | 0xe5de511af4c16387ULL, 0x7ebb3a52bd9a330aULL, 0x77697857aa7d6435ULL, | ||
275 | 0x004e831603ae4c32ULL, 0xe7a21020ad78e312ULL, 0x9d41a70c6ab420f2ULL, | ||
276 | 0x28e06c18ea1141e6ULL, 0xd2b28cbd984f6b28ULL, 0x26b75f6c446e9d83ULL, | ||
277 | 0xba47568c4d418d7fULL, 0xd80badbfe6183d8eULL, 0x0e206d7f5f166044ULL, | ||
278 | 0xe258a43911cbca3eULL, 0x723a1746b21dc0bcULL, 0xc7caa854f5d7cdd3ULL, | ||
279 | 0x7cac32883d261d9cULL, 0x7690c26423ba942cULL, 0x17e55524478042b8ULL, | ||
280 | 0xe0be477656a2389fULL, 0x4d289b5e67ab2da0ULL, 0x44862b9c8fbbfd31ULL, | ||
281 | 0xb47cc8049d141365ULL, 0x822c1b362b91c793ULL, 0x4eb14655fb13dfd8ULL, | ||
282 | 0x1ecbba0714e2a97bULL, 0x6143459d5cde5f14ULL, 0x53a8fbf1d5f0ac89ULL, | ||
283 | 0x97ea04d81c5e5b00ULL, 0x622181a8d4fdb3f3ULL, 0xe9bcd341572a1208ULL, | ||
284 | 0x1411258643cce58aULL, 0x9144c5fea4c6e0a4ULL, 0x0d33d06565cf620fULL, | ||
285 | 0x54a48d489f219ca1ULL, 0xc43e5eac6d63c821ULL, 0xa9728b3a72770dafULL, | ||
286 | 0xd7934e7b20df87efULL, 0xe35503b61a3e86e5ULL, 0xcae321fbc819d504ULL, | ||
287 | 0x129a50b3ac60bfa6ULL, 0xcd5e68ea7e9fb6c3ULL, 0xb01c90199483b1c7ULL, | ||
288 | 0x3de93cd5c295376cULL, 0xaed52edf2ab9ad13ULL, 0x2e60f512c0a07884ULL, | ||
289 | 0xbc3d86a3e36210c9ULL, 0x35269d9b163951ceULL, 0x0c7d6e2ad0cdb5faULL, | ||
290 | 0x59e86297d87f5733ULL, 0x298ef221898db0e7ULL, 0x55000029d1a5aa7eULL, | ||
291 | 0x8bc08ae1b5061b45ULL, 0xc2c31c2b6c92703aULL, 0x94cc596baf25ef42ULL, | ||
292 | 0x0a1d73db22540456ULL, 0x04b6a0f9d9c4179aULL, 0xeffdafa2ae3d3c60ULL, | ||
293 | 0xf7c8075bb49496c4ULL, 0x9cc5c7141d1cd4e3ULL, 0x78bd1638218e5534ULL, | ||
294 | 0xb2f11568f850246aULL, 0xedfabcfa9502bc29ULL, 0x796ce5f2da23051bULL, | ||
295 | 0xaae128b0dc93537cULL, 0x3a493da0ee4b29aeULL, 0xb5df6b2c416895d7ULL, | ||
296 | 0xfcabbd25122d7f37ULL, 0x70810b58105dc4b1ULL, 0xe10fdd37f7882a90ULL, | ||
297 | 0x524dcab5518a3f5cULL, 0x3c9e85878451255bULL, 0x4029828119bd34e2ULL, | ||
298 | 0x74a05b6f5d3ceccbULL, 0xb610021542e13ecaULL, 0x0ff979d12f59e2acULL, | ||
299 | 0x6037da27e4f9cc50ULL, 0x5e92975a0df1847dULL, 0xd66de190d3e623feULL, | ||
300 | 0x5032d6b87b568048ULL, 0x9a36b7ce8235216eULL, 0x80272a7a24f64b4aULL, | ||
301 | 0x93efed8b8c6916f7ULL, 0x37ddbff44cce1555ULL, 0x4b95db5d4b99bd25ULL, | ||
302 | 0x92d3fda169812fc0ULL, 0xfb1a4a9a90660bb6ULL, 0x730c196946a4b9b2ULL, | ||
303 | 0x81e289aa7f49da68ULL, 0x64669a0f83b1a05fULL, 0x27b3ff7d9644f48bULL, | ||
304 | 0xcc6b615c8db675b3ULL, 0x674f20b9bcebbe95ULL, 0x6f31238275655982ULL, | ||
305 | 0x5ae488713e45cf05ULL, 0xbf619f9954c21157ULL, 0xeabac46040a8eae9ULL, | ||
306 | 0x454c6fe9f2c0c1cdULL, 0x419cf6496412691cULL, 0xd3dc3bef265b0f70ULL, | ||
307 | 0x6d0e60f5c3578a9eULL | ||
308 | }; | ||
309 | |||
310 | static const u64 sbox4[256] = { | ||
311 | 0x5b0e608526323c55ULL, 0x1a46c1a9fa1b59f5ULL, 0xa9e245a17c4c8ffaULL, | ||
312 | 0x65ca5159db2955d7ULL, 0x05db0a76ce35afc2ULL, 0x81eac77ea9113d45ULL, | ||
313 | 0x528ef88ab6ac0a0dULL, 0xa09ea253597be3ffULL, 0x430ddfb3ac48cd56ULL, | ||
314 | 0xc4b3a67af45ce46fULL, 0x4ececfd8fbe2d05eULL, 0x3ef56f10b39935f0ULL, | ||
315 | 0x0b22d6829cd619c6ULL, 0x17fd460a74df2069ULL, 0x6cf8cc8e8510ed40ULL, | ||
316 | 0xd6c824bf3a6ecaa7ULL, 0x61243d581a817049ULL, 0x048bacb6bbc163a2ULL, | ||
317 | 0xd9a38ac27d44cc32ULL, 0x7fddff5baaf410abULL, 0xad6d495aa804824bULL, | ||
318 | 0xe1a6a74f2d8c9f94ULL, 0xd4f7851235dee8e3ULL, 0xfd4b7f886540d893ULL, | ||
319 | 0x247c20042aa4bfdaULL, 0x096ea1c517d1327cULL, 0xd56966b4361a6685ULL, | ||
320 | 0x277da5c31221057dULL, 0x94d59893a43acff7ULL, 0x64f0c51ccdc02281ULL, | ||
321 | 0x3d33bcc4ff6189dbULL, 0xe005cb184ce66af1ULL, 0xff5ccd1d1db99beaULL, | ||
322 | 0xb0b854a7fe42980fULL, 0x7bd46a6a718d4b9fULL, 0xd10fa8cc22a5fd8cULL, | ||
323 | 0xd31484952be4bd31ULL, 0xc7fa975fcb243847ULL, 0x4886ed1e5846c407ULL, | ||
324 | 0x28cddb791eb70b04ULL, 0xc2b00be2f573417fULL, 0x5c9590452180f877ULL, | ||
325 | 0x7a6bddfff370eb00ULL, 0xce509e38d6d9d6a4ULL, 0xebeb0f00647fa702ULL, | ||
326 | 0x1dcc06cf76606f06ULL, 0xe4d9f28ba286ff0aULL, 0xd85a305dc918c262ULL, | ||
327 | 0x475b1d8732225f54ULL, 0x2d4fb51668ccb5feULL, 0xa679b9d9d72bba20ULL, | ||
328 | 0x53841c0d912d43a5ULL, 0x3b7eaa48bf12a4e8ULL, 0x781e0e47f22f1ddfULL, | ||
329 | 0xeff20ce60ab50973ULL, 0x20d261d19dffb742ULL, 0x16a12b03062a2e39ULL, | ||
330 | 0x1960eb2239650495ULL, 0x251c16fed50eb8b8ULL, 0x9ac0c330f826016eULL, | ||
331 | 0xed152665953e7671ULL, 0x02d63194a6369570ULL, 0x5074f08394b1c987ULL, | ||
332 | 0x70ba598c90b25ce1ULL, 0x794a15810b9742f6ULL, 0x0d5925e9fcaf8c6cULL, | ||
333 | 0x3067716cd868744eULL, 0x910ab077e8d7731bULL, 0x6a61bbdb5ac42f61ULL, | ||
334 | 0x93513efbf0851567ULL, 0xf494724b9e83e9d5ULL, 0xe887e1985c09648dULL, | ||
335 | 0x34b1d3c675370cfdULL, 0xdc35e433bc0d255dULL, 0xd0aab84234131be0ULL, | ||
336 | 0x08042a50b48b7eafULL, 0x9997c4ee44a3ab35ULL, 0x829a7b49201799d0ULL, | ||
337 | 0x263b8307b7c54441ULL, 0x752f95f4fd6a6ca6ULL, 0x927217402c08c6e5ULL, | ||
338 | 0x2a8ab754a795d9eeULL, 0xa442f7552f72943dULL, 0x2c31334e19781208ULL, | ||
339 | 0x4fa98d7ceaee6291ULL, 0x55c3862f665db309ULL, 0xbd0610175d53b1f3ULL, | ||
340 | 0x46fe6cb840413f27ULL, 0x3fe03792df0cfa59ULL, 0xcfe700372eb85e8fULL, | ||
341 | 0xa7be29e7adbce118ULL, 0xe544ee5cde8431ddULL, 0x8a781b1b41f1873eULL, | ||
342 | 0xa5c94c78a0d2f0e7ULL, 0x39412e2877b60728ULL, 0xa1265ef3afc9a62cULL, | ||
343 | 0xbcc2770c6a2506c5ULL, 0x3ab66dd5dce1ce12ULL, 0xe65499d04a675b37ULL, | ||
344 | 0x7d8f523481bfd216ULL, 0x0f6f64fcec15f389ULL, 0x74efbe618b5b13c8ULL, | ||
345 | 0xacdc82b714273e1dULL, 0xdd40bfe003199d17ULL, 0x37e99257e7e061f8ULL, | ||
346 | 0xfa52626904775aaaULL, 0x8bbbf63a463d56f9ULL, 0xf0013f1543a26e64ULL, | ||
347 | 0xa8307e9f879ec898ULL, 0xcc4c27a4150177ccULL, 0x1b432f2cca1d3348ULL, | ||
348 | 0xde1d1f8f9f6fa013ULL, 0x606602a047a7ddd6ULL, 0xd237ab64cc1cb2c7ULL, | ||
349 | 0x9b938e7225fcd1d3ULL, 0xec4e03708e0ff476ULL, 0xfeb2fbda3d03c12dULL, | ||
350 | 0xae0bced2ee43889aULL, 0x22cb8923ebfb4f43ULL, 0x69360d013cf7396dULL, | ||
351 | 0x855e3602d2d4e022ULL, 0x073805bad01f784cULL, 0x33e17a133852f546ULL, | ||
352 | 0xdf4874058ac7b638ULL, 0xba92b29c678aa14aULL, 0x0ce89fc76cfaadcdULL, | ||
353 | 0x5f9d4e0908339e34ULL, 0xf1afe9291f5923b9ULL, 0x6e3480f60f4a265fULL, | ||
354 | 0xeebf3a2ab29b841cULL, 0xe21938a88f91b4adULL, 0x57dfeff845c6d3c3ULL, | ||
355 | 0x2f006b0bf62caaf2ULL, 0x62f479ef6f75ee78ULL, 0x11a55ad41c8916a9ULL, | ||
356 | 0xf229d29084fed453ULL, 0x42f1c27b16b000e6ULL, 0x2b1f76749823c074ULL, | ||
357 | 0x4b76eca3c2745360ULL, 0x8c98f463b91691bdULL, 0x14bcc93cf1ade66aULL, | ||
358 | 0x8885213e6d458397ULL, 0x8e177df0274d4711ULL, 0xb49b73b5503f2951ULL, | ||
359 | 0x10168168c3f96b6bULL, 0x0e3d963b63cab0aeULL, 0x8dfc4b5655a1db14ULL, | ||
360 | 0xf789f1356e14de5cULL, 0x683e68af4e51dac1ULL, 0xc9a84f9d8d4b0fd9ULL, | ||
361 | 0x3691e03f52a0f9d1ULL, 0x5ed86e46e1878e80ULL, 0x3c711a0e99d07150ULL, | ||
362 | 0x5a0865b20c4e9310ULL, 0x56fbfc1fe4f0682eULL, 0xea8d5de3105edf9bULL, | ||
363 | 0x71abfdb12379187aULL, 0x2eb99de1bee77b9cULL, 0x21ecc0ea33cf4523ULL, | ||
364 | 0x59a4d7521805c7a1ULL, 0x3896f5eb56ae7c72ULL, 0xaa638f3db18f75dcULL, | ||
365 | 0x9f39358dabe9808eULL, 0xb7defa91c00b72acULL, 0x6b5541fd62492d92ULL, | ||
366 | 0x6dc6dee8f92e4d5bULL, 0x353f57abc4beea7eULL, 0x735769d6da5690ceULL, | ||
367 | 0x0a234aa642391484ULL, 0xf6f9508028f80d9dULL, 0xb8e319a27ab3f215ULL, | ||
368 | 0x31ad9c1151341a4dULL, 0x773c22a57bef5805ULL, 0x45c7561a07968633ULL, | ||
369 | 0xf913da9e249dbe36ULL, 0xda652d9b78a64c68ULL, 0x4c27a97f3bc334efULL, | ||
370 | 0x76621220e66b17f4ULL, 0x967743899acd7d0bULL, 0xf3ee5bcae0ed6782ULL, | ||
371 | 0x409f753600c879fcULL, 0x06d09a39b5926db6ULL, 0x6f83aeb0317ac588ULL, | ||
372 | 0x01e6ca4a86381f21ULL, 0x66ff3462d19f3025ULL, 0x72207c24ddfd3bfbULL, | ||
373 | 0x4af6b6d3e2ece2ebULL, 0x9c994dbec7ea08deULL, 0x49ace597b09a8bc4ULL, | ||
374 | 0xb38c4766cf0797baULL, 0x131b9373c57c2a75ULL, 0xb1822cce61931e58ULL, | ||
375 | 0x9d7555b909ba1c0cULL, 0x127fafdd937d11d2ULL, 0x29da3badc66d92e4ULL, | ||
376 | 0xa2c1d57154c2ecbcULL, 0x58c5134d82f6fe24ULL, 0x1c3ae3515b62274fULL, | ||
377 | 0xe907c82e01cb8126ULL, 0xf8ed091913e37fcbULL, 0x3249d8f9c80046c9ULL, | ||
378 | 0x80cf9bede388fb63ULL, 0x1881539a116cf19eULL, 0x5103f3f76bd52457ULL, | ||
379 | 0x15b7e6f5ae47f7a8ULL, 0xdbd7c6ded47e9ccfULL, 0x44e55c410228bb1aULL, | ||
380 | 0xb647d4255edb4e99ULL, 0x5d11882bb8aafc30ULL, 0xf5098bbb29d3212aULL, | ||
381 | 0x8fb5ea14e90296b3ULL, 0x677b942157dd025aULL, 0xfb58e7c0a390acb5ULL, | ||
382 | 0x89d3674c83bd4a01ULL, 0x9e2da4df4bf3b93bULL, 0xfcc41e328cab4829ULL, | ||
383 | 0x03f38c96ba582c52ULL, 0xcad1bdbd7fd85db2ULL, 0xbbb442c16082ae83ULL, | ||
384 | 0xb95fe86ba5da9ab0ULL, 0xb22e04673771a93fULL, 0x845358c9493152d8ULL, | ||
385 | 0xbe2a488697b4541eULL, 0x95a2dc2dd38e6966ULL, 0xc02c11ac923c852bULL, | ||
386 | 0x2388b1990df2a87bULL, 0x7c8008fa1b4f37beULL, 0x1f70d0c84d54e503ULL, | ||
387 | 0x5490adec7ece57d4ULL, 0x002b3c27d9063a3aULL, 0x7eaea3848030a2bfULL, | ||
388 | 0xc602326ded2003c0ULL, 0x83a7287d69a94086ULL, 0xc57a5fcb30f57a8aULL, | ||
389 | 0xb56844e479ebe779ULL, 0xa373b40f05dcbce9ULL, 0xd71a786e88570ee2ULL, | ||
390 | 0x879cbacdbde8f6a0ULL, 0x976ad1bcc164a32fULL, 0xab21e25e9666d78bULL, | ||
391 | 0x901063aae5e5c33cULL, 0x9818b34448698d90ULL, 0xe36487ae3e1e8abbULL, | ||
392 | 0xafbdf931893bdcb4ULL, 0x6345a0dc5fbbd519ULL, 0x8628fe269b9465caULL, | ||
393 | 0x1e5d01603f9c51ecULL, 0x4de44006a15049b7ULL, 0xbf6c70e5f776cbb1ULL, | ||
394 | 0x411218f2ef552bedULL, 0xcb0c0708705a36a3ULL, 0xe74d14754f986044ULL, | ||
395 | 0xcd56d9430ea8280eULL, 0xc12591d7535f5065ULL, 0xc83223f1720aef96ULL, | ||
396 | 0xc3a0396f7363a51fULL | ||
397 | }; | ||
398 | |||
399 | |||
400 | static void tgr192_round(u64 * ra, u64 * rb, u64 * rc, u64 x, int mul) | ||
401 | { | ||
402 | u64 a = *ra; | ||
403 | u64 b = *rb; | ||
404 | u64 c = *rc; | ||
405 | |||
406 | c ^= x; | ||
407 | a -= sbox1[c & 0xff] ^ sbox2[(c >> 16) & 0xff] | ||
408 | ^ sbox3[(c >> 32) & 0xff] ^ sbox4[(c >> 48) & 0xff]; | ||
409 | b += sbox4[(c >> 8) & 0xff] ^ sbox3[(c >> 24) & 0xff] | ||
410 | ^ sbox2[(c >> 40) & 0xff] ^ sbox1[(c >> 56) & 0xff]; | ||
411 | b *= mul; | ||
412 | |||
413 | *ra = a; | ||
414 | *rb = b; | ||
415 | *rc = c; | ||
416 | } | ||
417 | |||
418 | |||
419 | static void tgr192_pass(u64 * ra, u64 * rb, u64 * rc, u64 * x, int mul) | ||
420 | { | ||
421 | u64 a = *ra; | ||
422 | u64 b = *rb; | ||
423 | u64 c = *rc; | ||
424 | |||
425 | tgr192_round(&a, &b, &c, x[0], mul); | ||
426 | tgr192_round(&b, &c, &a, x[1], mul); | ||
427 | tgr192_round(&c, &a, &b, x[2], mul); | ||
428 | tgr192_round(&a, &b, &c, x[3], mul); | ||
429 | tgr192_round(&b, &c, &a, x[4], mul); | ||
430 | tgr192_round(&c, &a, &b, x[5], mul); | ||
431 | tgr192_round(&a, &b, &c, x[6], mul); | ||
432 | tgr192_round(&b, &c, &a, x[7], mul); | ||
433 | |||
434 | *ra = a; | ||
435 | *rb = b; | ||
436 | *rc = c; | ||
437 | } | ||
438 | |||
439 | |||
440 | static void tgr192_key_schedule(u64 * x) | ||
441 | { | ||
442 | x[0] -= x[7] ^ 0xa5a5a5a5a5a5a5a5ULL; | ||
443 | x[1] ^= x[0]; | ||
444 | x[2] += x[1]; | ||
445 | x[3] -= x[2] ^ ((~x[1]) << 19); | ||
446 | x[4] ^= x[3]; | ||
447 | x[5] += x[4]; | ||
448 | x[6] -= x[5] ^ ((~x[4]) >> 23); | ||
449 | x[7] ^= x[6]; | ||
450 | x[0] += x[7]; | ||
451 | x[1] -= x[0] ^ ((~x[7]) << 19); | ||
452 | x[2] ^= x[1]; | ||
453 | x[3] += x[2]; | ||
454 | x[4] -= x[3] ^ ((~x[2]) >> 23); | ||
455 | x[5] ^= x[4]; | ||
456 | x[6] += x[5]; | ||
457 | x[7] -= x[6] ^ 0x0123456789abcdefULL; | ||
458 | } | ||
459 | |||
460 | |||
461 | /**************** | ||
462 | * Transform the message DATA which consists of 512 bytes (8 words) | ||
463 | */ | ||
464 | |||
465 | static void tgr192_transform(struct tgr192_ctx *tctx, const u8 * data) | ||
466 | { | ||
467 | u64 a, b, c, aa, bb, cc; | ||
468 | u64 x[8]; | ||
469 | int i; | ||
470 | const u8 *ptr = data; | ||
471 | |||
472 | for (i = 0; i < 8; i++, ptr += 8) { | ||
473 | x[i] = (((u64)ptr[7] ) << 56) ^ | ||
474 | (((u64)ptr[6] & 0xffL) << 48) ^ | ||
475 | (((u64)ptr[5] & 0xffL) << 40) ^ | ||
476 | (((u64)ptr[4] & 0xffL) << 32) ^ | ||
477 | (((u64)ptr[3] & 0xffL) << 24) ^ | ||
478 | (((u64)ptr[2] & 0xffL) << 16) ^ | ||
479 | (((u64)ptr[1] & 0xffL) << 8) ^ | ||
480 | (((u64)ptr[0] & 0xffL) ); | ||
481 | } | ||
482 | |||
483 | /* save */ | ||
484 | a = aa = tctx->a; | ||
485 | b = bb = tctx->b; | ||
486 | c = cc = tctx->c; | ||
487 | |||
488 | tgr192_pass(&a, &b, &c, x, 5); | ||
489 | tgr192_key_schedule(x); | ||
490 | tgr192_pass(&c, &a, &b, x, 7); | ||
491 | tgr192_key_schedule(x); | ||
492 | tgr192_pass(&b, &c, &a, x, 9); | ||
493 | |||
494 | |||
495 | /* feedforward */ | ||
496 | a ^= aa; | ||
497 | b -= bb; | ||
498 | c += cc; | ||
499 | /* store */ | ||
500 | tctx->a = a; | ||
501 | tctx->b = b; | ||
502 | tctx->c = c; | ||
503 | } | ||
504 | |||
505 | static void tgr192_init(void *ctx) | ||
506 | { | ||
507 | struct tgr192_ctx *tctx = ctx; | ||
508 | |||
509 | memset (tctx->hash, 0, 64); | ||
510 | tctx->a = 0x0123456789abcdefULL; | ||
511 | tctx->b = 0xfedcba9876543210ULL; | ||
512 | tctx->c = 0xf096a5b4c3b2e187ULL; | ||
513 | tctx->nblocks = 0; | ||
514 | tctx->count = 0; | ||
515 | } | ||
516 | |||
517 | |||
518 | /* Update the message digest with the contents | ||
519 | * of INBUF with length INLEN. */ | ||
520 | static void tgr192_update(void *ctx, const u8 * inbuf, unsigned int len) | ||
521 | { | ||
522 | struct tgr192_ctx *tctx = ctx; | ||
523 | |||
524 | if (tctx->count == 64) { /* flush the buffer */ | ||
525 | tgr192_transform(tctx, tctx->hash); | ||
526 | tctx->count = 0; | ||
527 | tctx->nblocks++; | ||
528 | } | ||
529 | if (!inbuf) { | ||
530 | return; | ||
531 | } | ||
532 | if (tctx->count) { | ||
533 | for (; len && tctx->count < 64; len--) { | ||
534 | tctx->hash[tctx->count++] = *inbuf++; | ||
535 | } | ||
536 | tgr192_update(tctx, NULL, 0); | ||
537 | if (!len) { | ||
538 | return; | ||
539 | } | ||
540 | |||
541 | } | ||
542 | |||
543 | while (len >= 64) { | ||
544 | tgr192_transform(tctx, inbuf); | ||
545 | tctx->count = 0; | ||
546 | tctx->nblocks++; | ||
547 | len -= 64; | ||
548 | inbuf += 64; | ||
549 | } | ||
550 | for (; len && tctx->count < 64; len--) { | ||
551 | tctx->hash[tctx->count++] = *inbuf++; | ||
552 | } | ||
553 | } | ||
554 | |||
555 | |||
556 | |||
557 | /* The routine terminates the computation */ | ||
558 | static void tgr192_final(void *ctx, u8 * out) | ||
559 | { | ||
560 | struct tgr192_ctx *tctx = ctx; | ||
561 | u32 t, msb, lsb; | ||
562 | u8 *p; | ||
563 | int i, j; | ||
564 | |||
565 | tgr192_update(tctx, NULL, 0); /* flush */ ; | ||
566 | |||
567 | msb = 0; | ||
568 | t = tctx->nblocks; | ||
569 | if ((lsb = t << 6) < t) { /* multiply by 64 to make a byte count */ | ||
570 | msb++; | ||
571 | } | ||
572 | msb += t >> 26; | ||
573 | t = lsb; | ||
574 | if ((lsb = t + tctx->count) < t) { /* add the count */ | ||
575 | msb++; | ||
576 | } | ||
577 | t = lsb; | ||
578 | if ((lsb = t << 3) < t) { /* multiply by 8 to make a bit count */ | ||
579 | msb++; | ||
580 | } | ||
581 | msb += t >> 29; | ||
582 | |||
583 | if (tctx->count < 56) { /* enough room */ | ||
584 | tctx->hash[tctx->count++] = 0x01; /* pad */ | ||
585 | while (tctx->count < 56) { | ||
586 | tctx->hash[tctx->count++] = 0; /* pad */ | ||
587 | } | ||
588 | } else { /* need one extra block */ | ||
589 | tctx->hash[tctx->count++] = 0x01; /* pad character */ | ||
590 | while (tctx->count < 64) { | ||
591 | tctx->hash[tctx->count++] = 0; | ||
592 | } | ||
593 | tgr192_update(tctx, NULL, 0); /* flush */ ; | ||
594 | memset(tctx->hash, 0, 56); /* fill next block with zeroes */ | ||
595 | } | ||
596 | /* append the 64 bit count */ | ||
597 | tctx->hash[56] = lsb; | ||
598 | tctx->hash[57] = lsb >> 8; | ||
599 | tctx->hash[58] = lsb >> 16; | ||
600 | tctx->hash[59] = lsb >> 24; | ||
601 | tctx->hash[60] = msb; | ||
602 | tctx->hash[61] = msb >> 8; | ||
603 | tctx->hash[62] = msb >> 16; | ||
604 | tctx->hash[63] = msb >> 24; | ||
605 | tgr192_transform(tctx, tctx->hash); | ||
606 | |||
607 | p = tctx->hash; | ||
608 | *p++ = tctx->a >> 56; *p++ = tctx->a >> 48; *p++ = tctx->a >> 40; | ||
609 | *p++ = tctx->a >> 32; *p++ = tctx->a >> 24; *p++ = tctx->a >> 16; | ||
610 | *p++ = tctx->a >> 8; *p++ = tctx->a;\ | ||
611 | *p++ = tctx->b >> 56; *p++ = tctx->b >> 48; *p++ = tctx->b >> 40; | ||
612 | *p++ = tctx->b >> 32; *p++ = tctx->b >> 24; *p++ = tctx->b >> 16; | ||
613 | *p++ = tctx->b >> 8; *p++ = tctx->b; | ||
614 | *p++ = tctx->c >> 56; *p++ = tctx->c >> 48; *p++ = tctx->c >> 40; | ||
615 | *p++ = tctx->c >> 32; *p++ = tctx->c >> 24; *p++ = tctx->c >> 16; | ||
616 | *p++ = tctx->c >> 8; *p++ = tctx->c; | ||
617 | |||
618 | |||
619 | /* unpack the hash */ | ||
620 | j = 7; | ||
621 | for (i = 0; i < 8; i++) { | ||
622 | out[j--] = (tctx->a >> 8 * i) & 0xff; | ||
623 | } | ||
624 | j = 15; | ||
625 | for (i = 0; i < 8; i++) { | ||
626 | out[j--] = (tctx->b >> 8 * i) & 0xff; | ||
627 | } | ||
628 | j = 23; | ||
629 | for (i = 0; i < 8; i++) { | ||
630 | out[j--] = (tctx->c >> 8 * i) & 0xff; | ||
631 | } | ||
632 | } | ||
633 | |||
634 | static void tgr160_final(void *ctx, u8 * out) | ||
635 | { | ||
636 | struct tgr192_ctx *wctx = ctx; | ||
637 | u8 D[64]; | ||
638 | |||
639 | tgr192_final(wctx, D); | ||
640 | memcpy(out, D, TGR160_DIGEST_SIZE); | ||
641 | memset(D, 0, TGR192_DIGEST_SIZE); | ||
642 | } | ||
643 | |||
644 | static void tgr128_final(void *ctx, u8 * out) | ||
645 | { | ||
646 | struct tgr192_ctx *wctx = ctx; | ||
647 | u8 D[64]; | ||
648 | |||
649 | tgr192_final(wctx, D); | ||
650 | memcpy(out, D, TGR128_DIGEST_SIZE); | ||
651 | memset(D, 0, TGR192_DIGEST_SIZE); | ||
652 | } | ||
653 | |||
654 | static struct crypto_alg tgr192 = { | ||
655 | .cra_name = "tgr192", | ||
656 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
657 | .cra_blocksize = TGR192_BLOCK_SIZE, | ||
658 | .cra_ctxsize = sizeof(struct tgr192_ctx), | ||
659 | .cra_module = THIS_MODULE, | ||
660 | .cra_list = LIST_HEAD_INIT(tgr192.cra_list), | ||
661 | .cra_u = {.digest = { | ||
662 | .dia_digestsize = TGR192_DIGEST_SIZE, | ||
663 | .dia_init = tgr192_init, | ||
664 | .dia_update = tgr192_update, | ||
665 | .dia_final = tgr192_final}} | ||
666 | }; | ||
667 | |||
668 | static struct crypto_alg tgr160 = { | ||
669 | .cra_name = "tgr160", | ||
670 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
671 | .cra_blocksize = TGR192_BLOCK_SIZE, | ||
672 | .cra_ctxsize = sizeof(struct tgr192_ctx), | ||
673 | .cra_module = THIS_MODULE, | ||
674 | .cra_list = LIST_HEAD_INIT(tgr160.cra_list), | ||
675 | .cra_u = {.digest = { | ||
676 | .dia_digestsize = TGR160_DIGEST_SIZE, | ||
677 | .dia_init = tgr192_init, | ||
678 | .dia_update = tgr192_update, | ||
679 | .dia_final = tgr160_final}} | ||
680 | }; | ||
681 | |||
682 | static struct crypto_alg tgr128 = { | ||
683 | .cra_name = "tgr128", | ||
684 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
685 | .cra_blocksize = TGR192_BLOCK_SIZE, | ||
686 | .cra_ctxsize = sizeof(struct tgr192_ctx), | ||
687 | .cra_module = THIS_MODULE, | ||
688 | .cra_list = LIST_HEAD_INIT(tgr128.cra_list), | ||
689 | .cra_u = {.digest = { | ||
690 | .dia_digestsize = TGR128_DIGEST_SIZE, | ||
691 | .dia_init = tgr192_init, | ||
692 | .dia_update = tgr192_update, | ||
693 | .dia_final = tgr128_final}} | ||
694 | }; | ||
695 | |||
696 | static int __init init(void) | ||
697 | { | ||
698 | int ret = 0; | ||
699 | |||
700 | ret = crypto_register_alg(&tgr192); | ||
701 | |||
702 | if (ret < 0) { | ||
703 | goto out; | ||
704 | } | ||
705 | |||
706 | ret = crypto_register_alg(&tgr160); | ||
707 | if (ret < 0) { | ||
708 | crypto_unregister_alg(&tgr192); | ||
709 | goto out; | ||
710 | } | ||
711 | |||
712 | ret = crypto_register_alg(&tgr128); | ||
713 | if (ret < 0) { | ||
714 | crypto_unregister_alg(&tgr192); | ||
715 | crypto_unregister_alg(&tgr160); | ||
716 | } | ||
717 | out: | ||
718 | return ret; | ||
719 | } | ||
720 | |||
721 | static void __exit fini(void) | ||
722 | { | ||
723 | crypto_unregister_alg(&tgr192); | ||
724 | crypto_unregister_alg(&tgr160); | ||
725 | crypto_unregister_alg(&tgr128); | ||
726 | } | ||
727 | |||
728 | MODULE_ALIAS("tgr160"); | ||
729 | MODULE_ALIAS("tgr128"); | ||
730 | |||
731 | module_init(init); | ||
732 | module_exit(fini); | ||
733 | |||
734 | MODULE_LICENSE("GPL"); | ||
735 | MODULE_DESCRIPTION("Tiger Message Digest Algorithm"); | ||
diff --git a/crypto/twofish.c b/crypto/twofish.c new file mode 100644 index 000000000000..4efff8cf9958 --- /dev/null +++ b/crypto/twofish.c | |||
@@ -0,0 +1,902 @@ | |||
1 | /* | ||
2 | * Twofish for CryptoAPI | ||
3 | * | ||
4 | * Originally Twofish for GPG | ||
5 | * By Matthew Skala <mskala@ansuz.sooke.bc.ca>, July 26, 1998 | ||
6 | * 256-bit key length added March 20, 1999 | ||
7 | * Some modifications to reduce the text size by Werner Koch, April, 1998 | ||
8 | * Ported to the kerneli patch by Marc Mutz <Marc@Mutz.com> | ||
9 | * Ported to CryptoAPI by Colin Slater <hoho@tacomeat.net> | ||
10 | * | ||
11 | * The original author has disclaimed all copyright interest in this | ||
12 | * code and thus put it in the public domain. The subsequent authors | ||
13 | * have put this under the GNU General Public License. | ||
14 | * | ||
15 | * This program is free software; you can redistribute it and/or modify | ||
16 | * it under the terms of the GNU General Public License as published by | ||
17 | * the Free Software Foundation; either version 2 of the License, or | ||
18 | * (at your option) any later version. | ||
19 | * | ||
20 | * This program is distributed in the hope that it will be useful, | ||
21 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
22 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
23 | * GNU General Public License for more details. | ||
24 | * | ||
25 | * You should have received a copy of the GNU General Public License | ||
26 | * along with this program; if not, write to the Free Software | ||
27 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 | ||
28 | * USA | ||
29 | * | ||
30 | * This code is a "clean room" implementation, written from the paper | ||
31 | * _Twofish: A 128-Bit Block Cipher_ by Bruce Schneier, John Kelsey, | ||
32 | * Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson, available | ||
33 | * through http://www.counterpane.com/twofish.html | ||
34 | * | ||
35 | * For background information on multiplication in finite fields, used for | ||
36 | * the matrix operations in the key schedule, see the book _Contemporary | ||
37 | * Abstract Algebra_ by Joseph A. Gallian, especially chapter 22 in the | ||
38 | * Third Edition. | ||
39 | */ | ||
40 | #include <linux/module.h> | ||
41 | #include <linux/init.h> | ||
42 | #include <linux/types.h> | ||
43 | #include <linux/errno.h> | ||
44 | #include <linux/crypto.h> | ||
45 | |||
46 | |||
47 | /* The large precomputed tables for the Twofish cipher (twofish.c) | ||
48 | * Taken from the same source as twofish.c | ||
49 | * Marc Mutz <Marc@Mutz.com> | ||
50 | */ | ||
51 | |||
52 | /* These two tables are the q0 and q1 permutations, exactly as described in | ||
53 | * the Twofish paper. */ | ||
54 | |||
55 | static const u8 q0[256] = { | ||
56 | 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, | ||
57 | 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, | ||
58 | 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30, | ||
59 | 0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, | ||
60 | 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE, | ||
61 | 0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, | ||
62 | 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45, | ||
63 | 0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, | ||
64 | 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF, | ||
65 | 0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, | ||
66 | 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED, | ||
67 | 0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, | ||
68 | 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B, | ||
69 | 0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, | ||
70 | 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F, | ||
71 | 0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, | ||
72 | 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17, | ||
73 | 0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, | ||
74 | 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68, | ||
75 | 0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, | ||
76 | 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42, | ||
77 | 0x4A, 0x5E, 0xC1, 0xE0 | ||
78 | }; | ||
79 | |||
80 | static const u8 q1[256] = { | ||
81 | 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, | ||
82 | 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, | ||
83 | 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B, | ||
84 | 0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, | ||
85 | 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54, | ||
86 | 0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, | ||
87 | 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7, | ||
88 | 0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, | ||
89 | 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF, | ||
90 | 0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, | ||
91 | 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D, | ||
92 | 0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, | ||
93 | 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21, | ||
94 | 0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, | ||
95 | 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E, | ||
96 | 0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, | ||
97 | 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44, | ||
98 | 0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, | ||
99 | 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B, | ||
100 | 0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, | ||
101 | 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56, | ||
102 | 0x55, 0x09, 0xBE, 0x91 | ||
103 | }; | ||
104 | |||
105 | /* These MDS tables are actually tables of MDS composed with q0 and q1, | ||
106 | * because it is only ever used that way and we can save some time by | ||
107 | * precomputing. Of course the main saving comes from precomputing the | ||
108 | * GF(2^8) multiplication involved in the MDS matrix multiply; by looking | ||
109 | * things up in these tables we reduce the matrix multiply to four lookups | ||
110 | * and three XORs. Semi-formally, the definition of these tables is: | ||
111 | * mds[0][i] = MDS (q1[i] 0 0 0)^T mds[1][i] = MDS (0 q0[i] 0 0)^T | ||
112 | * mds[2][i] = MDS (0 0 q1[i] 0)^T mds[3][i] = MDS (0 0 0 q0[i])^T | ||
113 | * where ^T means "transpose", the matrix multiply is performed in GF(2^8) | ||
114 | * represented as GF(2)[x]/v(x) where v(x)=x^8+x^6+x^5+x^3+1 as described | ||
115 | * by Schneier et al, and I'm casually glossing over the byte/word | ||
116 | * conversion issues. */ | ||
117 | |||
118 | static const u32 mds[4][256] = { | ||
119 | {0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, | ||
120 | 0xE2E22BFB, 0x9E9EFAC8, 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, | ||
121 | 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, 0x3C3C57D6, 0x93938A32, | ||
122 | 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, | ||
123 | 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, | ||
124 | 0xB0B0B306, 0x7575DE3F, 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, | ||
125 | 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, 0xAEAE2C6D, 0x7F7FABC1, | ||
126 | 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, | ||
127 | 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, | ||
128 | 0x3131272C, 0x808065A3, 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, | ||
129 | 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, 0x2A2A3638, 0xC4C49CB0, | ||
130 | 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, | ||
131 | 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, | ||
132 | 0x6767C027, 0xE9E9AF8C, 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, | ||
133 | 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, 0x29294CCA, 0xF0F035E3, | ||
134 | 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, | ||
135 | 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, | ||
136 | 0xC8C81DC3, 0x9999FFCC, 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, | ||
137 | 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, 0xB5B53D79, 0x09090F0C, | ||
138 | 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, | ||
139 | 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, | ||
140 | 0xEDEDD07A, 0x4343FC17, 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, | ||
141 | 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, 0x5656E70B, 0xE3E3DA72, | ||
142 | 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, | ||
143 | 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, | ||
144 | 0x8181942A, 0x91910149, 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, | ||
145 | 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, 0x7878AEC5, 0xC5C56D39, | ||
146 | 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, | ||
147 | 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, | ||
148 | 0x55559DF9, 0x7E7E5A48, 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, | ||
149 | 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, 0x0606F48D, 0x404086E5, | ||
150 | 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, | ||
151 | 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, | ||
152 | 0x2D2D333C, 0x3030D6A5, 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, | ||
153 | 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, 0xD9D97929, 0x8686912E, | ||
154 | 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, | ||
155 | 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, | ||
156 | 0xC1C112CF, 0x8585EBDC, 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, | ||
157 | 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, 0xABABA212, 0x6F6F3EA2, | ||
158 | 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, | ||
159 | 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, | ||
160 | 0x04047FF6, 0x272746C2, 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, | ||
161 | 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91}, | ||
162 | |||
163 | {0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, | ||
164 | 0xA3658080, 0x76DFE4E4, 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, | ||
165 | 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, 0x0D54E6E6, 0xC6432020, | ||
166 | 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, | ||
167 | 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, | ||
168 | 0x94B1FBFB, 0x485A7E7E, 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, | ||
169 | 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, 0x1945FDFD, 0x5BA33A3A, | ||
170 | 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, | ||
171 | 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, | ||
172 | 0x9B53AAAA, 0x7C635D5D, 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, | ||
173 | 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, 0xC0F09090, 0x8CAFE9E9, | ||
174 | 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, | ||
175 | 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, | ||
176 | 0xB499C3C3, 0xF1975B5B, 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, | ||
177 | 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, 0xCCFF9999, 0x95EA1414, | ||
178 | 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, | ||
179 | 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, | ||
180 | 0xBF7E9595, 0xBA207D7D, 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, | ||
181 | 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, 0x81FB0F0F, 0x793DB5B5, | ||
182 | 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, | ||
183 | 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, | ||
184 | 0x86135050, 0xE730F7F7, 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, | ||
185 | 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, 0x410B9F9F, 0x7B8B0202, | ||
186 | 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, | ||
187 | 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, | ||
188 | 0xB1C72B2B, 0xAB6F8E8E, 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, | ||
189 | 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, 0x91EF1313, 0x85FE0808, | ||
190 | 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, | ||
191 | 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, | ||
192 | 0x6929A9A9, 0x647D4F4F, 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, | ||
193 | 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, 0xAC87D1D1, 0x7F8E0505, | ||
194 | 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, | ||
195 | 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, | ||
196 | 0x4C5F7979, 0x02B6B7B7, 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, | ||
197 | 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, 0x57AC3333, 0xC718CFCF, | ||
198 | 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, | ||
199 | 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, | ||
200 | 0x99E51D1D, 0x34392323, 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, | ||
201 | 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, 0xC8FA9E9E, 0xA882D6D6, | ||
202 | 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, | ||
203 | 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, | ||
204 | 0x0FE25151, 0x00000000, 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, | ||
205 | 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8}, | ||
206 | |||
207 | {0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, | ||
208 | 0xE2FBE22B, 0x9EC89EFA, 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, | ||
209 | 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, 0x3CD63C57, 0x9332938A, | ||
210 | 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, | ||
211 | 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, | ||
212 | 0xB006B0B3, 0x753F75DE, 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, | ||
213 | 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, 0xAE6DAE2C, 0x7FC17FAB, | ||
214 | 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, | ||
215 | 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, | ||
216 | 0x312C3127, 0x80A38065, 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, | ||
217 | 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, 0x2A382A36, 0xC4B0C49C, | ||
218 | 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, | ||
219 | 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, | ||
220 | 0x672767C0, 0xE98CE9AF, 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, | ||
221 | 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, 0x29CA294C, 0xF0E3F035, | ||
222 | 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, | ||
223 | 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, | ||
224 | 0xC8C3C81D, 0x99CC99FF, 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, | ||
225 | 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, 0xB579B53D, 0x090C090F, | ||
226 | 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, | ||
227 | 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, | ||
228 | 0xED7AEDD0, 0x431743FC, 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, | ||
229 | 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, 0x560B56E7, 0xE372E3DA, | ||
230 | 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, | ||
231 | 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, | ||
232 | 0x812A8194, 0x91499101, 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, | ||
233 | 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, 0x78C578AE, 0xC539C56D, | ||
234 | 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, | ||
235 | 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, | ||
236 | 0x55F9559D, 0x7E487E5A, 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, | ||
237 | 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, 0x068D06F4, 0x40E54086, | ||
238 | 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, | ||
239 | 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, | ||
240 | 0x2D3C2D33, 0x30A530D6, 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, | ||
241 | 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, 0xD929D979, 0x862E8691, | ||
242 | 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, | ||
243 | 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, | ||
244 | 0xC1CFC112, 0x85DC85EB, 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, | ||
245 | 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, 0xAB12ABA2, 0x6FA26F3E, | ||
246 | 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, | ||
247 | 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, | ||
248 | 0x04F6047F, 0x27C22746, 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, | ||
249 | 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF}, | ||
250 | |||
251 | {0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, | ||
252 | 0x6580A365, 0xDFE476DF, 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, | ||
253 | 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, 0x54E60D54, 0x4320C643, | ||
254 | 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, | ||
255 | 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, | ||
256 | 0xB1FB94B1, 0x5A7E485A, 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, | ||
257 | 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, 0x45FD1945, 0xA33A5BA3, | ||
258 | 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, | ||
259 | 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, | ||
260 | 0x53AA9B53, 0x635D7C63, 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, | ||
261 | 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, 0xF090C0F0, 0xAFE98CAF, | ||
262 | 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, | ||
263 | 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, | ||
264 | 0x99C3B499, 0x975BF197, 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, | ||
265 | 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, 0xFF99CCFF, 0xEA1495EA, | ||
266 | 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, | ||
267 | 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, | ||
268 | 0x7E95BF7E, 0x207DBA20, 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, | ||
269 | 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, 0xFB0F81FB, 0x3DB5793D, | ||
270 | 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, | ||
271 | 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, | ||
272 | 0x13508613, 0x30F7E730, 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, | ||
273 | 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, 0x0B9F410B, 0x8B027B8B, | ||
274 | 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, | ||
275 | 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, | ||
276 | 0xC72BB1C7, 0x6F8EAB6F, 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, | ||
277 | 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, 0xEF1391EF, 0xFE0885FE, | ||
278 | 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, | ||
279 | 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, | ||
280 | 0x29A96929, 0x7D4F647D, 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, | ||
281 | 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, 0x87D1AC87, 0x8E057F8E, | ||
282 | 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, | ||
283 | 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, | ||
284 | 0x5F794C5F, 0xB6B702B6, 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, | ||
285 | 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, 0xAC3357AC, 0x18CFC718, | ||
286 | 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, | ||
287 | 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, | ||
288 | 0xE51D99E5, 0x39233439, 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, | ||
289 | 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, 0xFA9EC8FA, 0x82D6A882, | ||
290 | 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, | ||
291 | 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, | ||
292 | 0xE2510FE2, 0x00000000, 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, | ||
293 | 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8} | ||
294 | }; | ||
295 | |||
296 | /* The exp_to_poly and poly_to_exp tables are used to perform efficient | ||
297 | * operations in GF(2^8) represented as GF(2)[x]/w(x) where | ||
298 | * w(x)=x^8+x^6+x^3+x^2+1. We care about doing that because it's part of the | ||
299 | * definition of the RS matrix in the key schedule. Elements of that field | ||
300 | * are polynomials of degree not greater than 7 and all coefficients 0 or 1, | ||
301 | * which can be represented naturally by bytes (just substitute x=2). In that | ||
302 | * form, GF(2^8) addition is the same as bitwise XOR, but GF(2^8) | ||
303 | * multiplication is inefficient without hardware support. To multiply | ||
304 | * faster, I make use of the fact x is a generator for the nonzero elements, | ||
305 | * so that every element p of GF(2)[x]/w(x) is either 0 or equal to (x)^n for | ||
306 | * some n in 0..254. Note that that caret is exponentiation in GF(2^8), | ||
307 | * *not* polynomial notation. So if I want to compute pq where p and q are | ||
308 | * in GF(2^8), I can just say: | ||
309 | * 1. if p=0 or q=0 then pq=0 | ||
310 | * 2. otherwise, find m and n such that p=x^m and q=x^n | ||
311 | * 3. pq=(x^m)(x^n)=x^(m+n), so add m and n and find pq | ||
312 | * The translations in steps 2 and 3 are looked up in the tables | ||
313 | * poly_to_exp (for step 2) and exp_to_poly (for step 3). To see this | ||
314 | * in action, look at the CALC_S macro. As additional wrinkles, note that | ||
315 | * one of my operands is always a constant, so the poly_to_exp lookup on it | ||
316 | * is done in advance; I included the original values in the comments so | ||
317 | * readers can have some chance of recognizing that this *is* the RS matrix | ||
318 | * from the Twofish paper. I've only included the table entries I actually | ||
319 | * need; I never do a lookup on a variable input of zero and the biggest | ||
320 | * exponents I'll ever see are 254 (variable) and 237 (constant), so they'll | ||
321 | * never sum to more than 491. I'm repeating part of the exp_to_poly table | ||
322 | * so that I don't have to do mod-255 reduction in the exponent arithmetic. | ||
323 | * Since I know my constant operands are never zero, I only have to worry | ||
324 | * about zero values in the variable operand, and I do it with a simple | ||
325 | * conditional branch. I know conditionals are expensive, but I couldn't | ||
326 | * see a non-horrible way of avoiding them, and I did manage to group the | ||
327 | * statements so that each if covers four group multiplications. */ | ||
328 | |||
329 | static const u8 poly_to_exp[255] = { | ||
330 | 0x00, 0x01, 0x17, 0x02, 0x2E, 0x18, 0x53, 0x03, 0x6A, 0x2F, 0x93, 0x19, | ||
331 | 0x34, 0x54, 0x45, 0x04, 0x5C, 0x6B, 0xB6, 0x30, 0xA6, 0x94, 0x4B, 0x1A, | ||
332 | 0x8C, 0x35, 0x81, 0x55, 0xAA, 0x46, 0x0D, 0x05, 0x24, 0x5D, 0x87, 0x6C, | ||
333 | 0x9B, 0xB7, 0xC1, 0x31, 0x2B, 0xA7, 0xA3, 0x95, 0x98, 0x4C, 0xCA, 0x1B, | ||
334 | 0xE6, 0x8D, 0x73, 0x36, 0xCD, 0x82, 0x12, 0x56, 0x62, 0xAB, 0xF0, 0x47, | ||
335 | 0x4F, 0x0E, 0xBD, 0x06, 0xD4, 0x25, 0xD2, 0x5E, 0x27, 0x88, 0x66, 0x6D, | ||
336 | 0xD6, 0x9C, 0x79, 0xB8, 0x08, 0xC2, 0xDF, 0x32, 0x68, 0x2C, 0xFD, 0xA8, | ||
337 | 0x8A, 0xA4, 0x5A, 0x96, 0x29, 0x99, 0x22, 0x4D, 0x60, 0xCB, 0xE4, 0x1C, | ||
338 | 0x7B, 0xE7, 0x3B, 0x8E, 0x9E, 0x74, 0xF4, 0x37, 0xD8, 0xCE, 0xF9, 0x83, | ||
339 | 0x6F, 0x13, 0xB2, 0x57, 0xE1, 0x63, 0xDC, 0xAC, 0xC4, 0xF1, 0xAF, 0x48, | ||
340 | 0x0A, 0x50, 0x42, 0x0F, 0xBA, 0xBE, 0xC7, 0x07, 0xDE, 0xD5, 0x78, 0x26, | ||
341 | 0x65, 0xD3, 0xD1, 0x5F, 0xE3, 0x28, 0x21, 0x89, 0x59, 0x67, 0xFC, 0x6E, | ||
342 | 0xB1, 0xD7, 0xF8, 0x9D, 0xF3, 0x7A, 0x3A, 0xB9, 0xC6, 0x09, 0x41, 0xC3, | ||
343 | 0xAE, 0xE0, 0xDB, 0x33, 0x44, 0x69, 0x92, 0x2D, 0x52, 0xFE, 0x16, 0xA9, | ||
344 | 0x0C, 0x8B, 0x80, 0xA5, 0x4A, 0x5B, 0xB5, 0x97, 0xC9, 0x2A, 0xA2, 0x9A, | ||
345 | 0xC0, 0x23, 0x86, 0x4E, 0xBC, 0x61, 0xEF, 0xCC, 0x11, 0xE5, 0x72, 0x1D, | ||
346 | 0x3D, 0x7C, 0xEB, 0xE8, 0xE9, 0x3C, 0xEA, 0x8F, 0x7D, 0x9F, 0xEC, 0x75, | ||
347 | 0x1E, 0xF5, 0x3E, 0x38, 0xF6, 0xD9, 0x3F, 0xCF, 0x76, 0xFA, 0x1F, 0x84, | ||
348 | 0xA0, 0x70, 0xED, 0x14, 0x90, 0xB3, 0x7E, 0x58, 0xFB, 0xE2, 0x20, 0x64, | ||
349 | 0xD0, 0xDD, 0x77, 0xAD, 0xDA, 0xC5, 0x40, 0xF2, 0x39, 0xB0, 0xF7, 0x49, | ||
350 | 0xB4, 0x0B, 0x7F, 0x51, 0x15, 0x43, 0x91, 0x10, 0x71, 0xBB, 0xEE, 0xBF, | ||
351 | 0x85, 0xC8, 0xA1 | ||
352 | }; | ||
353 | |||
354 | static const u8 exp_to_poly[492] = { | ||
355 | 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x4D, 0x9A, 0x79, 0xF2, | ||
356 | 0xA9, 0x1F, 0x3E, 0x7C, 0xF8, 0xBD, 0x37, 0x6E, 0xDC, 0xF5, 0xA7, 0x03, | ||
357 | 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0xCD, 0xD7, 0xE3, 0x8B, 0x5B, 0xB6, | ||
358 | 0x21, 0x42, 0x84, 0x45, 0x8A, 0x59, 0xB2, 0x29, 0x52, 0xA4, 0x05, 0x0A, | ||
359 | 0x14, 0x28, 0x50, 0xA0, 0x0D, 0x1A, 0x34, 0x68, 0xD0, 0xED, 0x97, 0x63, | ||
360 | 0xC6, 0xC1, 0xCF, 0xD3, 0xEB, 0x9B, 0x7B, 0xF6, 0xA1, 0x0F, 0x1E, 0x3C, | ||
361 | 0x78, 0xF0, 0xAD, 0x17, 0x2E, 0x5C, 0xB8, 0x3D, 0x7A, 0xF4, 0xA5, 0x07, | ||
362 | 0x0E, 0x1C, 0x38, 0x70, 0xE0, 0x8D, 0x57, 0xAE, 0x11, 0x22, 0x44, 0x88, | ||
363 | 0x5D, 0xBA, 0x39, 0x72, 0xE4, 0x85, 0x47, 0x8E, 0x51, 0xA2, 0x09, 0x12, | ||
364 | 0x24, 0x48, 0x90, 0x6D, 0xDA, 0xF9, 0xBF, 0x33, 0x66, 0xCC, 0xD5, 0xE7, | ||
365 | 0x83, 0x4B, 0x96, 0x61, 0xC2, 0xC9, 0xDF, 0xF3, 0xAB, 0x1B, 0x36, 0x6C, | ||
366 | 0xD8, 0xFD, 0xB7, 0x23, 0x46, 0x8C, 0x55, 0xAA, 0x19, 0x32, 0x64, 0xC8, | ||
367 | 0xDD, 0xF7, 0xA3, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x2D, 0x5A, 0xB4, 0x25, | ||
368 | 0x4A, 0x94, 0x65, 0xCA, 0xD9, 0xFF, 0xB3, 0x2B, 0x56, 0xAC, 0x15, 0x2A, | ||
369 | 0x54, 0xA8, 0x1D, 0x3A, 0x74, 0xE8, 0x9D, 0x77, 0xEE, 0x91, 0x6F, 0xDE, | ||
370 | 0xF1, 0xAF, 0x13, 0x26, 0x4C, 0x98, 0x7D, 0xFA, 0xB9, 0x3F, 0x7E, 0xFC, | ||
371 | 0xB5, 0x27, 0x4E, 0x9C, 0x75, 0xEA, 0x99, 0x7F, 0xFE, 0xB1, 0x2F, 0x5E, | ||
372 | 0xBC, 0x35, 0x6A, 0xD4, 0xE5, 0x87, 0x43, 0x86, 0x41, 0x82, 0x49, 0x92, | ||
373 | 0x69, 0xD2, 0xE9, 0x9F, 0x73, 0xE6, 0x81, 0x4F, 0x9E, 0x71, 0xE2, 0x89, | ||
374 | 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB, 0xDB, 0xFB, 0xBB, | ||
375 | 0x3B, 0x76, 0xEC, 0x95, 0x67, 0xCE, 0xD1, 0xEF, 0x93, 0x6B, 0xD6, 0xE1, | ||
376 | 0x8F, 0x53, 0xA6, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x4D, | ||
377 | 0x9A, 0x79, 0xF2, 0xA9, 0x1F, 0x3E, 0x7C, 0xF8, 0xBD, 0x37, 0x6E, 0xDC, | ||
378 | 0xF5, 0xA7, 0x03, 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0xCD, 0xD7, 0xE3, | ||
379 | 0x8B, 0x5B, 0xB6, 0x21, 0x42, 0x84, 0x45, 0x8A, 0x59, 0xB2, 0x29, 0x52, | ||
380 | 0xA4, 0x05, 0x0A, 0x14, 0x28, 0x50, 0xA0, 0x0D, 0x1A, 0x34, 0x68, 0xD0, | ||
381 | 0xED, 0x97, 0x63, 0xC6, 0xC1, 0xCF, 0xD3, 0xEB, 0x9B, 0x7B, 0xF6, 0xA1, | ||
382 | 0x0F, 0x1E, 0x3C, 0x78, 0xF0, 0xAD, 0x17, 0x2E, 0x5C, 0xB8, 0x3D, 0x7A, | ||
383 | 0xF4, 0xA5, 0x07, 0x0E, 0x1C, 0x38, 0x70, 0xE0, 0x8D, 0x57, 0xAE, 0x11, | ||
384 | 0x22, 0x44, 0x88, 0x5D, 0xBA, 0x39, 0x72, 0xE4, 0x85, 0x47, 0x8E, 0x51, | ||
385 | 0xA2, 0x09, 0x12, 0x24, 0x48, 0x90, 0x6D, 0xDA, 0xF9, 0xBF, 0x33, 0x66, | ||
386 | 0xCC, 0xD5, 0xE7, 0x83, 0x4B, 0x96, 0x61, 0xC2, 0xC9, 0xDF, 0xF3, 0xAB, | ||
387 | 0x1B, 0x36, 0x6C, 0xD8, 0xFD, 0xB7, 0x23, 0x46, 0x8C, 0x55, 0xAA, 0x19, | ||
388 | 0x32, 0x64, 0xC8, 0xDD, 0xF7, 0xA3, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x2D, | ||
389 | 0x5A, 0xB4, 0x25, 0x4A, 0x94, 0x65, 0xCA, 0xD9, 0xFF, 0xB3, 0x2B, 0x56, | ||
390 | 0xAC, 0x15, 0x2A, 0x54, 0xA8, 0x1D, 0x3A, 0x74, 0xE8, 0x9D, 0x77, 0xEE, | ||
391 | 0x91, 0x6F, 0xDE, 0xF1, 0xAF, 0x13, 0x26, 0x4C, 0x98, 0x7D, 0xFA, 0xB9, | ||
392 | 0x3F, 0x7E, 0xFC, 0xB5, 0x27, 0x4E, 0x9C, 0x75, 0xEA, 0x99, 0x7F, 0xFE, | ||
393 | 0xB1, 0x2F, 0x5E, 0xBC, 0x35, 0x6A, 0xD4, 0xE5, 0x87, 0x43, 0x86, 0x41, | ||
394 | 0x82, 0x49, 0x92, 0x69, 0xD2, 0xE9, 0x9F, 0x73, 0xE6, 0x81, 0x4F, 0x9E, | ||
395 | 0x71, 0xE2, 0x89, 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB | ||
396 | }; | ||
397 | |||
398 | |||
399 | /* The table constants are indices of | ||
400 | * S-box entries, preprocessed through q0 and q1. */ | ||
401 | static const u8 calc_sb_tbl[512] = { | ||
402 | 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4, | ||
403 | 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8, | ||
404 | 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B, | ||
405 | 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B, | ||
406 | 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD, | ||
407 | 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1, | ||
408 | 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B, | ||
409 | 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F, | ||
410 | 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B, | ||
411 | 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D, | ||
412 | 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E, | ||
413 | 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5, | ||
414 | 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14, | ||
415 | 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3, | ||
416 | 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54, | ||
417 | 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51, | ||
418 | 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A, | ||
419 | 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96, | ||
420 | 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10, | ||
421 | 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C, | ||
422 | 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7, | ||
423 | 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70, | ||
424 | 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB, | ||
425 | 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8, | ||
426 | 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF, | ||
427 | 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC, | ||
428 | 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF, | ||
429 | 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2, | ||
430 | 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82, | ||
431 | 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9, | ||
432 | 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97, | ||
433 | 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17, | ||
434 | 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D, | ||
435 | 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3, | ||
436 | 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C, | ||
437 | 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E, | ||
438 | 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F, | ||
439 | 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49, | ||
440 | 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21, | ||
441 | 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9, | ||
442 | 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD, | ||
443 | 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01, | ||
444 | 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F, | ||
445 | 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48, | ||
446 | 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E, | ||
447 | 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19, | ||
448 | 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57, | ||
449 | 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64, | ||
450 | 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE, | ||
451 | 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5, | ||
452 | 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44, | ||
453 | 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69, | ||
454 | 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15, | ||
455 | 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E, | ||
456 | 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34, | ||
457 | 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC, | ||
458 | 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B, | ||
459 | 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB, | ||
460 | 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52, | ||
461 | 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9, | ||
462 | 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4, | ||
463 | 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2, | ||
464 | 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56, | ||
465 | 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91 | ||
466 | }; | ||
467 | |||
468 | /* Macro to perform one column of the RS matrix multiplication. The | ||
469 | * parameters a, b, c, and d are the four bytes of output; i is the index | ||
470 | * of the key bytes, and w, x, y, and z, are the column of constants from | ||
471 | * the RS matrix, preprocessed through the poly_to_exp table. */ | ||
472 | |||
473 | #define CALC_S(a, b, c, d, i, w, x, y, z) \ | ||
474 | if (key[i]) { \ | ||
475 | tmp = poly_to_exp[key[i] - 1]; \ | ||
476 | (a) ^= exp_to_poly[tmp + (w)]; \ | ||
477 | (b) ^= exp_to_poly[tmp + (x)]; \ | ||
478 | (c) ^= exp_to_poly[tmp + (y)]; \ | ||
479 | (d) ^= exp_to_poly[tmp + (z)]; \ | ||
480 | } | ||
481 | |||
482 | /* Macros to calculate the key-dependent S-boxes for a 128-bit key using | ||
483 | * the S vector from CALC_S. CALC_SB_2 computes a single entry in all | ||
484 | * four S-boxes, where i is the index of the entry to compute, and a and b | ||
485 | * are the index numbers preprocessed through the q0 and q1 tables | ||
486 | * respectively. */ | ||
487 | |||
488 | #define CALC_SB_2(i, a, b) \ | ||
489 | ctx->s[0][i] = mds[0][q0[(a) ^ sa] ^ se]; \ | ||
490 | ctx->s[1][i] = mds[1][q0[(b) ^ sb] ^ sf]; \ | ||
491 | ctx->s[2][i] = mds[2][q1[(a) ^ sc] ^ sg]; \ | ||
492 | ctx->s[3][i] = mds[3][q1[(b) ^ sd] ^ sh] | ||
493 | |||
494 | /* Macro exactly like CALC_SB_2, but for 192-bit keys. */ | ||
495 | |||
496 | #define CALC_SB192_2(i, a, b) \ | ||
497 | ctx->s[0][i] = mds[0][q0[q0[(b) ^ sa] ^ se] ^ si]; \ | ||
498 | ctx->s[1][i] = mds[1][q0[q1[(b) ^ sb] ^ sf] ^ sj]; \ | ||
499 | ctx->s[2][i] = mds[2][q1[q0[(a) ^ sc] ^ sg] ^ sk]; \ | ||
500 | ctx->s[3][i] = mds[3][q1[q1[(a) ^ sd] ^ sh] ^ sl]; | ||
501 | |||
502 | /* Macro exactly like CALC_SB_2, but for 256-bit keys. */ | ||
503 | |||
504 | #define CALC_SB256_2(i, a, b) \ | ||
505 | ctx->s[0][i] = mds[0][q0[q0[q1[(b) ^ sa] ^ se] ^ si] ^ sm]; \ | ||
506 | ctx->s[1][i] = mds[1][q0[q1[q1[(a) ^ sb] ^ sf] ^ sj] ^ sn]; \ | ||
507 | ctx->s[2][i] = mds[2][q1[q0[q0[(a) ^ sc] ^ sg] ^ sk] ^ so]; \ | ||
508 | ctx->s[3][i] = mds[3][q1[q1[q0[(b) ^ sd] ^ sh] ^ sl] ^ sp]; | ||
509 | |||
510 | /* Macros to calculate the whitening and round subkeys. CALC_K_2 computes the | ||
511 | * last two stages of the h() function for a given index (either 2i or 2i+1). | ||
512 | * a, b, c, and d are the four bytes going into the last two stages. For | ||
513 | * 128-bit keys, this is the entire h() function and a and c are the index | ||
514 | * preprocessed through q0 and q1 respectively; for longer keys they are the | ||
515 | * output of previous stages. j is the index of the first key byte to use. | ||
516 | * CALC_K computes a pair of subkeys for 128-bit Twofish, by calling CALC_K_2 | ||
517 | * twice, doing the Pseudo-Hadamard Transform, and doing the necessary | ||
518 | * rotations. Its parameters are: a, the array to write the results into, | ||
519 | * j, the index of the first output entry, k and l, the preprocessed indices | ||
520 | * for index 2i, and m and n, the preprocessed indices for index 2i+1. | ||
521 | * CALC_K192_2 expands CALC_K_2 to handle 192-bit keys, by doing an | ||
522 | * additional lookup-and-XOR stage. The parameters a, b, c and d are the | ||
523 | * four bytes going into the last three stages. For 192-bit keys, c = d | ||
524 | * are the index preprocessed through q0, and a = b are the index | ||
525 | * preprocessed through q1; j is the index of the first key byte to use. | ||
526 | * CALC_K192 is identical to CALC_K but for using the CALC_K192_2 macro | ||
527 | * instead of CALC_K_2. | ||
528 | * CALC_K256_2 expands CALC_K192_2 to handle 256-bit keys, by doing an | ||
529 | * additional lookup-and-XOR stage. The parameters a and b are the index | ||
530 | * preprocessed through q0 and q1 respectively; j is the index of the first | ||
531 | * key byte to use. CALC_K256 is identical to CALC_K but for using the | ||
532 | * CALC_K256_2 macro instead of CALC_K_2. */ | ||
533 | |||
534 | #define CALC_K_2(a, b, c, d, j) \ | ||
535 | mds[0][q0[a ^ key[(j) + 8]] ^ key[j]] \ | ||
536 | ^ mds[1][q0[b ^ key[(j) + 9]] ^ key[(j) + 1]] \ | ||
537 | ^ mds[2][q1[c ^ key[(j) + 10]] ^ key[(j) + 2]] \ | ||
538 | ^ mds[3][q1[d ^ key[(j) + 11]] ^ key[(j) + 3]] | ||
539 | |||
540 | #define CALC_K(a, j, k, l, m, n) \ | ||
541 | x = CALC_K_2 (k, l, k, l, 0); \ | ||
542 | y = CALC_K_2 (m, n, m, n, 4); \ | ||
543 | y = (y << 8) + (y >> 24); \ | ||
544 | x += y; y += x; ctx->a[j] = x; \ | ||
545 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | ||
546 | |||
547 | #define CALC_K192_2(a, b, c, d, j) \ | ||
548 | CALC_K_2 (q0[a ^ key[(j) + 16]], \ | ||
549 | q1[b ^ key[(j) + 17]], \ | ||
550 | q0[c ^ key[(j) + 18]], \ | ||
551 | q1[d ^ key[(j) + 19]], j) | ||
552 | |||
553 | #define CALC_K192(a, j, k, l, m, n) \ | ||
554 | x = CALC_K192_2 (l, l, k, k, 0); \ | ||
555 | y = CALC_K192_2 (n, n, m, m, 4); \ | ||
556 | y = (y << 8) + (y >> 24); \ | ||
557 | x += y; y += x; ctx->a[j] = x; \ | ||
558 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | ||
559 | |||
560 | #define CALC_K256_2(a, b, j) \ | ||
561 | CALC_K192_2 (q1[b ^ key[(j) + 24]], \ | ||
562 | q1[a ^ key[(j) + 25]], \ | ||
563 | q0[a ^ key[(j) + 26]], \ | ||
564 | q0[b ^ key[(j) + 27]], j) | ||
565 | |||
566 | #define CALC_K256(a, j, k, l, m, n) \ | ||
567 | x = CALC_K256_2 (k, l, 0); \ | ||
568 | y = CALC_K256_2 (m, n, 4); \ | ||
569 | y = (y << 8) + (y >> 24); \ | ||
570 | x += y; y += x; ctx->a[j] = x; \ | ||
571 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | ||
572 | |||
573 | |||
574 | /* Macros to compute the g() function in the encryption and decryption | ||
575 | * rounds. G1 is the straight g() function; G2 includes the 8-bit | ||
576 | * rotation for the high 32-bit word. */ | ||
577 | |||
578 | #define G1(a) \ | ||
579 | (ctx->s[0][(a) & 0xFF]) ^ (ctx->s[1][((a) >> 8) & 0xFF]) \ | ||
580 | ^ (ctx->s[2][((a) >> 16) & 0xFF]) ^ (ctx->s[3][(a) >> 24]) | ||
581 | |||
582 | #define G2(b) \ | ||
583 | (ctx->s[1][(b) & 0xFF]) ^ (ctx->s[2][((b) >> 8) & 0xFF]) \ | ||
584 | ^ (ctx->s[3][((b) >> 16) & 0xFF]) ^ (ctx->s[0][(b) >> 24]) | ||
585 | |||
586 | /* Encryption and decryption Feistel rounds. Each one calls the two g() | ||
587 | * macros, does the PHT, and performs the XOR and the appropriate bit | ||
588 | * rotations. The parameters are the round number (used to select subkeys), | ||
589 | * and the four 32-bit chunks of the text. */ | ||
590 | |||
591 | #define ENCROUND(n, a, b, c, d) \ | ||
592 | x = G1 (a); y = G2 (b); \ | ||
593 | x += y; y += x + ctx->k[2 * (n) + 1]; \ | ||
594 | (c) ^= x + ctx->k[2 * (n)]; \ | ||
595 | (c) = ((c) >> 1) + ((c) << 31); \ | ||
596 | (d) = (((d) << 1)+((d) >> 31)) ^ y | ||
597 | |||
598 | #define DECROUND(n, a, b, c, d) \ | ||
599 | x = G1 (a); y = G2 (b); \ | ||
600 | x += y; y += x; \ | ||
601 | (d) ^= y + ctx->k[2 * (n) + 1]; \ | ||
602 | (d) = ((d) >> 1) + ((d) << 31); \ | ||
603 | (c) = (((c) << 1)+((c) >> 31)); \ | ||
604 | (c) ^= (x + ctx->k[2 * (n)]) | ||
605 | |||
606 | /* Encryption and decryption cycles; each one is simply two Feistel rounds | ||
607 | * with the 32-bit chunks re-ordered to simulate the "swap" */ | ||
608 | |||
609 | #define ENCCYCLE(n) \ | ||
610 | ENCROUND (2 * (n), a, b, c, d); \ | ||
611 | ENCROUND (2 * (n) + 1, c, d, a, b) | ||
612 | |||
613 | #define DECCYCLE(n) \ | ||
614 | DECROUND (2 * (n) + 1, c, d, a, b); \ | ||
615 | DECROUND (2 * (n), a, b, c, d) | ||
616 | |||
617 | /* Macros to convert the input and output bytes into 32-bit words, | ||
618 | * and simultaneously perform the whitening step. INPACK packs word | ||
619 | * number n into the variable named by x, using whitening subkey number m. | ||
620 | * OUTUNPACK unpacks word number n from the variable named by x, using | ||
621 | * whitening subkey number m. */ | ||
622 | |||
623 | #define INPACK(n, x, m) \ | ||
624 | x = in[4 * (n)] ^ (in[4 * (n) + 1] << 8) \ | ||
625 | ^ (in[4 * (n) + 2] << 16) ^ (in[4 * (n) + 3] << 24) ^ ctx->w[m] | ||
626 | |||
627 | #define OUTUNPACK(n, x, m) \ | ||
628 | x ^= ctx->w[m]; \ | ||
629 | out[4 * (n)] = x; out[4 * (n) + 1] = x >> 8; \ | ||
630 | out[4 * (n) + 2] = x >> 16; out[4 * (n) + 3] = x >> 24 | ||
631 | |||
632 | #define TF_MIN_KEY_SIZE 16 | ||
633 | #define TF_MAX_KEY_SIZE 32 | ||
634 | #define TF_BLOCK_SIZE 16 | ||
635 | |||
636 | /* Structure for an expanded Twofish key. s contains the key-dependent | ||
637 | * S-boxes composed with the MDS matrix; w contains the eight "whitening" | ||
638 | * subkeys, K[0] through K[7]. k holds the remaining, "round" subkeys. Note | ||
639 | * that k[i] corresponds to what the Twofish paper calls K[i+8]. */ | ||
640 | struct twofish_ctx { | ||
641 | u32 s[4][256], w[8], k[32]; | ||
642 | }; | ||
643 | |||
644 | /* Perform the key setup. */ | ||
645 | static int twofish_setkey(void *cx, const u8 *key, | ||
646 | unsigned int key_len, u32 *flags) | ||
647 | { | ||
648 | |||
649 | struct twofish_ctx *ctx = cx; | ||
650 | |||
651 | int i, j, k; | ||
652 | |||
653 | /* Temporaries for CALC_K. */ | ||
654 | u32 x, y; | ||
655 | |||
656 | /* The S vector used to key the S-boxes, split up into individual bytes. | ||
657 | * 128-bit keys use only sa through sh; 256-bit use all of them. */ | ||
658 | u8 sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0; | ||
659 | u8 si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0; | ||
660 | |||
661 | /* Temporary for CALC_S. */ | ||
662 | u8 tmp; | ||
663 | |||
664 | /* Check key length. */ | ||
665 | if (key_len != 16 && key_len != 24 && key_len != 32) | ||
666 | { | ||
667 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
668 | return -EINVAL; /* unsupported key length */ | ||
669 | } | ||
670 | |||
671 | /* Compute the first two words of the S vector. The magic numbers are | ||
672 | * the entries of the RS matrix, preprocessed through poly_to_exp. The | ||
673 | * numbers in the comments are the original (polynomial form) matrix | ||
674 | * entries. */ | ||
675 | CALC_S (sa, sb, sc, sd, 0, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ | ||
676 | CALC_S (sa, sb, sc, sd, 1, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ | ||
677 | CALC_S (sa, sb, sc, sd, 2, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ | ||
678 | CALC_S (sa, sb, sc, sd, 3, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ | ||
679 | CALC_S (sa, sb, sc, sd, 4, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ | ||
680 | CALC_S (sa, sb, sc, sd, 5, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ | ||
681 | CALC_S (sa, sb, sc, sd, 6, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ | ||
682 | CALC_S (sa, sb, sc, sd, 7, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ | ||
683 | CALC_S (se, sf, sg, sh, 8, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ | ||
684 | CALC_S (se, sf, sg, sh, 9, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ | ||
685 | CALC_S (se, sf, sg, sh, 10, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ | ||
686 | CALC_S (se, sf, sg, sh, 11, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ | ||
687 | CALC_S (se, sf, sg, sh, 12, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ | ||
688 | CALC_S (se, sf, sg, sh, 13, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ | ||
689 | CALC_S (se, sf, sg, sh, 14, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ | ||
690 | CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ | ||
691 | |||
692 | if (key_len == 24 || key_len == 32) { /* 192- or 256-bit key */ | ||
693 | /* Calculate the third word of the S vector */ | ||
694 | CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ | ||
695 | CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ | ||
696 | CALC_S (si, sj, sk, sl, 18, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ | ||
697 | CALC_S (si, sj, sk, sl, 19, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ | ||
698 | CALC_S (si, sj, sk, sl, 20, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ | ||
699 | CALC_S (si, sj, sk, sl, 21, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ | ||
700 | CALC_S (si, sj, sk, sl, 22, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ | ||
701 | CALC_S (si, sj, sk, sl, 23, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ | ||
702 | } | ||
703 | |||
704 | if (key_len == 32) { /* 256-bit key */ | ||
705 | /* Calculate the fourth word of the S vector */ | ||
706 | CALC_S (sm, sn, so, sp, 24, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ | ||
707 | CALC_S (sm, sn, so, sp, 25, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ | ||
708 | CALC_S (sm, sn, so, sp, 26, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ | ||
709 | CALC_S (sm, sn, so, sp, 27, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ | ||
710 | CALC_S (sm, sn, so, sp, 28, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ | ||
711 | CALC_S (sm, sn, so, sp, 29, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ | ||
712 | CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ | ||
713 | CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ | ||
714 | |||
715 | /* Compute the S-boxes. */ | ||
716 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { | ||
717 | CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | ||
718 | } | ||
719 | |||
720 | /* Calculate whitening and round subkeys. The constants are | ||
721 | * indices of subkeys, preprocessed through q0 and q1. */ | ||
722 | CALC_K256 (w, 0, 0xA9, 0x75, 0x67, 0xF3); | ||
723 | CALC_K256 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | ||
724 | CALC_K256 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | ||
725 | CALC_K256 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | ||
726 | CALC_K256 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | ||
727 | CALC_K256 (k, 2, 0x80, 0xE6, 0x78, 0x6B); | ||
728 | CALC_K256 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | ||
729 | CALC_K256 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | ||
730 | CALC_K256 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | ||
731 | CALC_K256 (k, 10, 0x35, 0xD8, 0x98, 0xFD); | ||
732 | CALC_K256 (k, 12, 0x18, 0x37, 0xF7, 0x71); | ||
733 | CALC_K256 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | ||
734 | CALC_K256 (k, 16, 0x43, 0x30, 0x75, 0x0F); | ||
735 | CALC_K256 (k, 18, 0x37, 0xF8, 0x26, 0x1B); | ||
736 | CALC_K256 (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
737 | CALC_K256 (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
738 | CALC_K256 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
739 | CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
740 | CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
741 | CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
742 | } else if (key_len == 24) { /* 192-bit key */ | ||
743 | /* Compute the S-boxes. */ | ||
744 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { | ||
745 | CALC_SB192_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | ||
746 | } | ||
747 | |||
748 | /* Calculate whitening and round subkeys. The constants are | ||
749 | * indices of subkeys, preprocessed through q0 and q1. */ | ||
750 | CALC_K192 (w, 0, 0xA9, 0x75, 0x67, 0xF3); | ||
751 | CALC_K192 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | ||
752 | CALC_K192 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | ||
753 | CALC_K192 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | ||
754 | CALC_K192 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | ||
755 | CALC_K192 (k, 2, 0x80, 0xE6, 0x78, 0x6B); | ||
756 | CALC_K192 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | ||
757 | CALC_K192 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | ||
758 | CALC_K192 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | ||
759 | CALC_K192 (k, 10, 0x35, 0xD8, 0x98, 0xFD); | ||
760 | CALC_K192 (k, 12, 0x18, 0x37, 0xF7, 0x71); | ||
761 | CALC_K192 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | ||
762 | CALC_K192 (k, 16, 0x43, 0x30, 0x75, 0x0F); | ||
763 | CALC_K192 (k, 18, 0x37, 0xF8, 0x26, 0x1B); | ||
764 | CALC_K192 (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
765 | CALC_K192 (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
766 | CALC_K192 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
767 | CALC_K192 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
768 | CALC_K192 (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
769 | CALC_K192 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
770 | } else { /* 128-bit key */ | ||
771 | /* Compute the S-boxes. */ | ||
772 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { | ||
773 | CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | ||
774 | } | ||
775 | |||
776 | /* Calculate whitening and round subkeys. The constants are | ||
777 | * indices of subkeys, preprocessed through q0 and q1. */ | ||
778 | CALC_K (w, 0, 0xA9, 0x75, 0x67, 0xF3); | ||
779 | CALC_K (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | ||
780 | CALC_K (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | ||
781 | CALC_K (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | ||
782 | CALC_K (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | ||
783 | CALC_K (k, 2, 0x80, 0xE6, 0x78, 0x6B); | ||
784 | CALC_K (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | ||
785 | CALC_K (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | ||
786 | CALC_K (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | ||
787 | CALC_K (k, 10, 0x35, 0xD8, 0x98, 0xFD); | ||
788 | CALC_K (k, 12, 0x18, 0x37, 0xF7, 0x71); | ||
789 | CALC_K (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | ||
790 | CALC_K (k, 16, 0x43, 0x30, 0x75, 0x0F); | ||
791 | CALC_K (k, 18, 0x37, 0xF8, 0x26, 0x1B); | ||
792 | CALC_K (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
793 | CALC_K (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
794 | CALC_K (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
795 | CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
796 | CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
797 | CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
798 | } | ||
799 | |||
800 | return 0; | ||
801 | } | ||
802 | |||
803 | /* Encrypt one block. in and out may be the same. */ | ||
804 | static void twofish_encrypt(void *cx, u8 *out, const u8 *in) | ||
805 | { | ||
806 | struct twofish_ctx *ctx = cx; | ||
807 | |||
808 | /* The four 32-bit chunks of the text. */ | ||
809 | u32 a, b, c, d; | ||
810 | |||
811 | /* Temporaries used by the round function. */ | ||
812 | u32 x, y; | ||
813 | |||
814 | /* Input whitening and packing. */ | ||
815 | INPACK (0, a, 0); | ||
816 | INPACK (1, b, 1); | ||
817 | INPACK (2, c, 2); | ||
818 | INPACK (3, d, 3); | ||
819 | |||
820 | /* Encryption Feistel cycles. */ | ||
821 | ENCCYCLE (0); | ||
822 | ENCCYCLE (1); | ||
823 | ENCCYCLE (2); | ||
824 | ENCCYCLE (3); | ||
825 | ENCCYCLE (4); | ||
826 | ENCCYCLE (5); | ||
827 | ENCCYCLE (6); | ||
828 | ENCCYCLE (7); | ||
829 | |||
830 | /* Output whitening and unpacking. */ | ||
831 | OUTUNPACK (0, c, 4); | ||
832 | OUTUNPACK (1, d, 5); | ||
833 | OUTUNPACK (2, a, 6); | ||
834 | OUTUNPACK (3, b, 7); | ||
835 | |||
836 | } | ||
837 | |||
838 | /* Decrypt one block. in and out may be the same. */ | ||
839 | static void twofish_decrypt(void *cx, u8 *out, const u8 *in) | ||
840 | { | ||
841 | struct twofish_ctx *ctx = cx; | ||
842 | |||
843 | /* The four 32-bit chunks of the text. */ | ||
844 | u32 a, b, c, d; | ||
845 | |||
846 | /* Temporaries used by the round function. */ | ||
847 | u32 x, y; | ||
848 | |||
849 | /* Input whitening and packing. */ | ||
850 | INPACK (0, c, 4); | ||
851 | INPACK (1, d, 5); | ||
852 | INPACK (2, a, 6); | ||
853 | INPACK (3, b, 7); | ||
854 | |||
855 | /* Encryption Feistel cycles. */ | ||
856 | DECCYCLE (7); | ||
857 | DECCYCLE (6); | ||
858 | DECCYCLE (5); | ||
859 | DECCYCLE (4); | ||
860 | DECCYCLE (3); | ||
861 | DECCYCLE (2); | ||
862 | DECCYCLE (1); | ||
863 | DECCYCLE (0); | ||
864 | |||
865 | /* Output whitening and unpacking. */ | ||
866 | OUTUNPACK (0, a, 0); | ||
867 | OUTUNPACK (1, b, 1); | ||
868 | OUTUNPACK (2, c, 2); | ||
869 | OUTUNPACK (3, d, 3); | ||
870 | |||
871 | } | ||
872 | |||
873 | static struct crypto_alg alg = { | ||
874 | .cra_name = "twofish", | ||
875 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | ||
876 | .cra_blocksize = TF_BLOCK_SIZE, | ||
877 | .cra_ctxsize = sizeof(struct twofish_ctx), | ||
878 | .cra_module = THIS_MODULE, | ||
879 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
880 | .cra_u = { .cipher = { | ||
881 | .cia_min_keysize = TF_MIN_KEY_SIZE, | ||
882 | .cia_max_keysize = TF_MAX_KEY_SIZE, | ||
883 | .cia_setkey = twofish_setkey, | ||
884 | .cia_encrypt = twofish_encrypt, | ||
885 | .cia_decrypt = twofish_decrypt } } | ||
886 | }; | ||
887 | |||
888 | static int __init init(void) | ||
889 | { | ||
890 | return crypto_register_alg(&alg); | ||
891 | } | ||
892 | |||
893 | static void __exit fini(void) | ||
894 | { | ||
895 | crypto_unregister_alg(&alg); | ||
896 | } | ||
897 | |||
898 | module_init(init); | ||
899 | module_exit(fini); | ||
900 | |||
901 | MODULE_LICENSE("GPL"); | ||
902 | MODULE_DESCRIPTION ("Twofish Cipher Algorithm"); | ||
diff --git a/crypto/wp512.c b/crypto/wp512.c new file mode 100644 index 000000000000..fd6e20e1f291 --- /dev/null +++ b/crypto/wp512.c | |||
@@ -0,0 +1,1208 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Whirlpool hashing Algorithm | ||
5 | * | ||
6 | * The Whirlpool algorithm was developed by Paulo S. L. M. Barreto and | ||
7 | * Vincent Rijmen. It has been selected as one of cryptographic | ||
8 | * primitives by the NESSIE project http://www.cryptonessie.org/ | ||
9 | * | ||
10 | * The original authors have disclaimed all copyright interest in this | ||
11 | * code and thus put it in the public domain. The subsequent authors | ||
12 | * have put this under the GNU General Public License. | ||
13 | * | ||
14 | * By Aaron Grothe ajgrothe@yahoo.com, August 23, 2004 | ||
15 | * | ||
16 | * This program is free software; you can redistribute it and/or modify | ||
17 | * it under the terms of the GNU General Public License as published by | ||
18 | * the Free Software Foundation; either version 2 of the License, or | ||
19 | * (at your option) any later version. | ||
20 | * | ||
21 | */ | ||
22 | #include <linux/init.h> | ||
23 | #include <linux/module.h> | ||
24 | #include <linux/mm.h> | ||
25 | #include <asm/scatterlist.h> | ||
26 | #include <linux/crypto.h> | ||
27 | |||
28 | #define WP512_DIGEST_SIZE 64 | ||
29 | #define WP384_DIGEST_SIZE 48 | ||
30 | #define WP256_DIGEST_SIZE 32 | ||
31 | |||
32 | #define WP512_BLOCK_SIZE 64 | ||
33 | #define WP512_LENGTHBYTES 32 | ||
34 | |||
35 | #define WHIRLPOOL_ROUNDS 10 | ||
36 | |||
37 | struct wp512_ctx { | ||
38 | u8 bitLength[WP512_LENGTHBYTES]; | ||
39 | u8 buffer[WP512_BLOCK_SIZE]; | ||
40 | int bufferBits; | ||
41 | int bufferPos; | ||
42 | u64 hash[WP512_DIGEST_SIZE/8]; | ||
43 | }; | ||
44 | |||
45 | /* | ||
46 | * Though Whirlpool is endianness-neutral, the encryption tables are listed | ||
47 | * in BIG-ENDIAN format, which is adopted throughout this implementation | ||
48 | * (but little-endian notation would be equally suitable if consistently | ||
49 | * employed). | ||
50 | */ | ||
51 | |||
52 | static const u64 C0[256] = { | ||
53 | 0x18186018c07830d8ULL, 0x23238c2305af4626ULL, 0xc6c63fc67ef991b8ULL, | ||
54 | 0xe8e887e8136fcdfbULL, 0x878726874ca113cbULL, 0xb8b8dab8a9626d11ULL, | ||
55 | 0x0101040108050209ULL, 0x4f4f214f426e9e0dULL, 0x3636d836adee6c9bULL, | ||
56 | 0xa6a6a2a6590451ffULL, 0xd2d26fd2debdb90cULL, 0xf5f5f3f5fb06f70eULL, | ||
57 | 0x7979f979ef80f296ULL, 0x6f6fa16f5fcede30ULL, 0x91917e91fcef3f6dULL, | ||
58 | 0x52525552aa07a4f8ULL, 0x60609d6027fdc047ULL, 0xbcbccabc89766535ULL, | ||
59 | 0x9b9b569baccd2b37ULL, 0x8e8e028e048c018aULL, 0xa3a3b6a371155bd2ULL, | ||
60 | 0x0c0c300c603c186cULL, 0x7b7bf17bff8af684ULL, 0x3535d435b5e16a80ULL, | ||
61 | 0x1d1d741de8693af5ULL, 0xe0e0a7e05347ddb3ULL, 0xd7d77bd7f6acb321ULL, | ||
62 | 0xc2c22fc25eed999cULL, 0x2e2eb82e6d965c43ULL, 0x4b4b314b627a9629ULL, | ||
63 | 0xfefedffea321e15dULL, 0x575741578216aed5ULL, 0x15155415a8412abdULL, | ||
64 | 0x7777c1779fb6eee8ULL, 0x3737dc37a5eb6e92ULL, 0xe5e5b3e57b56d79eULL, | ||
65 | 0x9f9f469f8cd92313ULL, 0xf0f0e7f0d317fd23ULL, 0x4a4a354a6a7f9420ULL, | ||
66 | 0xdada4fda9e95a944ULL, 0x58587d58fa25b0a2ULL, 0xc9c903c906ca8fcfULL, | ||
67 | 0x2929a429558d527cULL, 0x0a0a280a5022145aULL, 0xb1b1feb1e14f7f50ULL, | ||
68 | 0xa0a0baa0691a5dc9ULL, 0x6b6bb16b7fdad614ULL, 0x85852e855cab17d9ULL, | ||
69 | 0xbdbdcebd8173673cULL, 0x5d5d695dd234ba8fULL, 0x1010401080502090ULL, | ||
70 | 0xf4f4f7f4f303f507ULL, 0xcbcb0bcb16c08bddULL, 0x3e3ef83eedc67cd3ULL, | ||
71 | 0x0505140528110a2dULL, 0x676781671fe6ce78ULL, 0xe4e4b7e47353d597ULL, | ||
72 | 0x27279c2725bb4e02ULL, 0x4141194132588273ULL, 0x8b8b168b2c9d0ba7ULL, | ||
73 | 0xa7a7a6a7510153f6ULL, 0x7d7de97dcf94fab2ULL, 0x95956e95dcfb3749ULL, | ||
74 | 0xd8d847d88e9fad56ULL, 0xfbfbcbfb8b30eb70ULL, 0xeeee9fee2371c1cdULL, | ||
75 | 0x7c7ced7cc791f8bbULL, 0x6666856617e3cc71ULL, 0xdddd53dda68ea77bULL, | ||
76 | 0x17175c17b84b2eafULL, 0x4747014702468e45ULL, 0x9e9e429e84dc211aULL, | ||
77 | 0xcaca0fca1ec589d4ULL, 0x2d2db42d75995a58ULL, 0xbfbfc6bf9179632eULL, | ||
78 | 0x07071c07381b0e3fULL, 0xadad8ead012347acULL, 0x5a5a755aea2fb4b0ULL, | ||
79 | 0x838336836cb51befULL, 0x3333cc3385ff66b6ULL, 0x636391633ff2c65cULL, | ||
80 | 0x02020802100a0412ULL, 0xaaaa92aa39384993ULL, 0x7171d971afa8e2deULL, | ||
81 | 0xc8c807c80ecf8dc6ULL, 0x19196419c87d32d1ULL, 0x494939497270923bULL, | ||
82 | 0xd9d943d9869aaf5fULL, 0xf2f2eff2c31df931ULL, 0xe3e3abe34b48dba8ULL, | ||
83 | 0x5b5b715be22ab6b9ULL, 0x88881a8834920dbcULL, 0x9a9a529aa4c8293eULL, | ||
84 | 0x262698262dbe4c0bULL, 0x3232c8328dfa64bfULL, 0xb0b0fab0e94a7d59ULL, | ||
85 | 0xe9e983e91b6acff2ULL, 0x0f0f3c0f78331e77ULL, 0xd5d573d5e6a6b733ULL, | ||
86 | 0x80803a8074ba1df4ULL, 0xbebec2be997c6127ULL, 0xcdcd13cd26de87ebULL, | ||
87 | 0x3434d034bde46889ULL, 0x48483d487a759032ULL, 0xffffdbffab24e354ULL, | ||
88 | 0x7a7af57af78ff48dULL, 0x90907a90f4ea3d64ULL, 0x5f5f615fc23ebe9dULL, | ||
89 | 0x202080201da0403dULL, 0x6868bd6867d5d00fULL, 0x1a1a681ad07234caULL, | ||
90 | 0xaeae82ae192c41b7ULL, 0xb4b4eab4c95e757dULL, 0x54544d549a19a8ceULL, | ||
91 | 0x93937693ece53b7fULL, 0x222288220daa442fULL, 0x64648d6407e9c863ULL, | ||
92 | 0xf1f1e3f1db12ff2aULL, 0x7373d173bfa2e6ccULL, 0x12124812905a2482ULL, | ||
93 | 0x40401d403a5d807aULL, 0x0808200840281048ULL, 0xc3c32bc356e89b95ULL, | ||
94 | 0xecec97ec337bc5dfULL, 0xdbdb4bdb9690ab4dULL, 0xa1a1bea1611f5fc0ULL, | ||
95 | 0x8d8d0e8d1c830791ULL, 0x3d3df43df5c97ac8ULL, 0x97976697ccf1335bULL, | ||
96 | 0x0000000000000000ULL, 0xcfcf1bcf36d483f9ULL, 0x2b2bac2b4587566eULL, | ||
97 | 0x7676c57697b3ece1ULL, 0x8282328264b019e6ULL, 0xd6d67fd6fea9b128ULL, | ||
98 | 0x1b1b6c1bd87736c3ULL, 0xb5b5eeb5c15b7774ULL, 0xafaf86af112943beULL, | ||
99 | 0x6a6ab56a77dfd41dULL, 0x50505d50ba0da0eaULL, 0x45450945124c8a57ULL, | ||
100 | 0xf3f3ebf3cb18fb38ULL, 0x3030c0309df060adULL, 0xefef9bef2b74c3c4ULL, | ||
101 | 0x3f3ffc3fe5c37edaULL, 0x55554955921caac7ULL, 0xa2a2b2a2791059dbULL, | ||
102 | 0xeaea8fea0365c9e9ULL, 0x656589650fecca6aULL, 0xbabad2bab9686903ULL, | ||
103 | 0x2f2fbc2f65935e4aULL, 0xc0c027c04ee79d8eULL, 0xdede5fdebe81a160ULL, | ||
104 | 0x1c1c701ce06c38fcULL, 0xfdfdd3fdbb2ee746ULL, 0x4d4d294d52649a1fULL, | ||
105 | 0x92927292e4e03976ULL, 0x7575c9758fbceafaULL, 0x06061806301e0c36ULL, | ||
106 | 0x8a8a128a249809aeULL, 0xb2b2f2b2f940794bULL, 0xe6e6bfe66359d185ULL, | ||
107 | 0x0e0e380e70361c7eULL, 0x1f1f7c1ff8633ee7ULL, 0x6262956237f7c455ULL, | ||
108 | 0xd4d477d4eea3b53aULL, 0xa8a89aa829324d81ULL, 0x96966296c4f43152ULL, | ||
109 | 0xf9f9c3f99b3aef62ULL, 0xc5c533c566f697a3ULL, 0x2525942535b14a10ULL, | ||
110 | 0x59597959f220b2abULL, 0x84842a8454ae15d0ULL, 0x7272d572b7a7e4c5ULL, | ||
111 | 0x3939e439d5dd72ecULL, 0x4c4c2d4c5a619816ULL, 0x5e5e655eca3bbc94ULL, | ||
112 | 0x7878fd78e785f09fULL, 0x3838e038ddd870e5ULL, 0x8c8c0a8c14860598ULL, | ||
113 | 0xd1d163d1c6b2bf17ULL, 0xa5a5aea5410b57e4ULL, 0xe2e2afe2434dd9a1ULL, | ||
114 | 0x616199612ff8c24eULL, 0xb3b3f6b3f1457b42ULL, 0x2121842115a54234ULL, | ||
115 | 0x9c9c4a9c94d62508ULL, 0x1e1e781ef0663ceeULL, 0x4343114322528661ULL, | ||
116 | 0xc7c73bc776fc93b1ULL, 0xfcfcd7fcb32be54fULL, 0x0404100420140824ULL, | ||
117 | 0x51515951b208a2e3ULL, 0x99995e99bcc72f25ULL, 0x6d6da96d4fc4da22ULL, | ||
118 | 0x0d0d340d68391a65ULL, 0xfafacffa8335e979ULL, 0xdfdf5bdfb684a369ULL, | ||
119 | 0x7e7ee57ed79bfca9ULL, 0x242490243db44819ULL, 0x3b3bec3bc5d776feULL, | ||
120 | 0xabab96ab313d4b9aULL, 0xcece1fce3ed181f0ULL, 0x1111441188552299ULL, | ||
121 | 0x8f8f068f0c890383ULL, 0x4e4e254e4a6b9c04ULL, 0xb7b7e6b7d1517366ULL, | ||
122 | 0xebeb8beb0b60cbe0ULL, 0x3c3cf03cfdcc78c1ULL, 0x81813e817cbf1ffdULL, | ||
123 | 0x94946a94d4fe3540ULL, 0xf7f7fbf7eb0cf31cULL, 0xb9b9deb9a1676f18ULL, | ||
124 | 0x13134c13985f268bULL, 0x2c2cb02c7d9c5851ULL, 0xd3d36bd3d6b8bb05ULL, | ||
125 | 0xe7e7bbe76b5cd38cULL, 0x6e6ea56e57cbdc39ULL, 0xc4c437c46ef395aaULL, | ||
126 | 0x03030c03180f061bULL, 0x565645568a13acdcULL, 0x44440d441a49885eULL, | ||
127 | 0x7f7fe17fdf9efea0ULL, 0xa9a99ea921374f88ULL, 0x2a2aa82a4d825467ULL, | ||
128 | 0xbbbbd6bbb16d6b0aULL, 0xc1c123c146e29f87ULL, 0x53535153a202a6f1ULL, | ||
129 | 0xdcdc57dcae8ba572ULL, 0x0b0b2c0b58271653ULL, 0x9d9d4e9d9cd32701ULL, | ||
130 | 0x6c6cad6c47c1d82bULL, 0x3131c43195f562a4ULL, 0x7474cd7487b9e8f3ULL, | ||
131 | 0xf6f6fff6e309f115ULL, 0x464605460a438c4cULL, 0xacac8aac092645a5ULL, | ||
132 | 0x89891e893c970fb5ULL, 0x14145014a04428b4ULL, 0xe1e1a3e15b42dfbaULL, | ||
133 | 0x16165816b04e2ca6ULL, 0x3a3ae83acdd274f7ULL, 0x6969b9696fd0d206ULL, | ||
134 | 0x09092409482d1241ULL, 0x7070dd70a7ade0d7ULL, 0xb6b6e2b6d954716fULL, | ||
135 | 0xd0d067d0ceb7bd1eULL, 0xeded93ed3b7ec7d6ULL, 0xcccc17cc2edb85e2ULL, | ||
136 | 0x424215422a578468ULL, 0x98985a98b4c22d2cULL, 0xa4a4aaa4490e55edULL, | ||
137 | 0x2828a0285d885075ULL, 0x5c5c6d5cda31b886ULL, 0xf8f8c7f8933fed6bULL, | ||
138 | 0x8686228644a411c2ULL, | ||
139 | }; | ||
140 | |||
141 | static const u64 C1[256] = { | ||
142 | 0xd818186018c07830ULL, 0x2623238c2305af46ULL, 0xb8c6c63fc67ef991ULL, | ||
143 | 0xfbe8e887e8136fcdULL, 0xcb878726874ca113ULL, 0x11b8b8dab8a9626dULL, | ||
144 | 0x0901010401080502ULL, 0x0d4f4f214f426e9eULL, 0x9b3636d836adee6cULL, | ||
145 | 0xffa6a6a2a6590451ULL, 0x0cd2d26fd2debdb9ULL, 0x0ef5f5f3f5fb06f7ULL, | ||
146 | 0x967979f979ef80f2ULL, 0x306f6fa16f5fcedeULL, 0x6d91917e91fcef3fULL, | ||
147 | 0xf852525552aa07a4ULL, 0x4760609d6027fdc0ULL, 0x35bcbccabc897665ULL, | ||
148 | 0x379b9b569baccd2bULL, 0x8a8e8e028e048c01ULL, 0xd2a3a3b6a371155bULL, | ||
149 | 0x6c0c0c300c603c18ULL, 0x847b7bf17bff8af6ULL, 0x803535d435b5e16aULL, | ||
150 | 0xf51d1d741de8693aULL, 0xb3e0e0a7e05347ddULL, 0x21d7d77bd7f6acb3ULL, | ||
151 | 0x9cc2c22fc25eed99ULL, 0x432e2eb82e6d965cULL, 0x294b4b314b627a96ULL, | ||
152 | 0x5dfefedffea321e1ULL, 0xd5575741578216aeULL, 0xbd15155415a8412aULL, | ||
153 | 0xe87777c1779fb6eeULL, 0x923737dc37a5eb6eULL, 0x9ee5e5b3e57b56d7ULL, | ||
154 | 0x139f9f469f8cd923ULL, 0x23f0f0e7f0d317fdULL, 0x204a4a354a6a7f94ULL, | ||
155 | 0x44dada4fda9e95a9ULL, 0xa258587d58fa25b0ULL, 0xcfc9c903c906ca8fULL, | ||
156 | 0x7c2929a429558d52ULL, 0x5a0a0a280a502214ULL, 0x50b1b1feb1e14f7fULL, | ||
157 | 0xc9a0a0baa0691a5dULL, 0x146b6bb16b7fdad6ULL, 0xd985852e855cab17ULL, | ||
158 | 0x3cbdbdcebd817367ULL, 0x8f5d5d695dd234baULL, 0x9010104010805020ULL, | ||
159 | 0x07f4f4f7f4f303f5ULL, 0xddcbcb0bcb16c08bULL, 0xd33e3ef83eedc67cULL, | ||
160 | 0x2d0505140528110aULL, 0x78676781671fe6ceULL, 0x97e4e4b7e47353d5ULL, | ||
161 | 0x0227279c2725bb4eULL, 0x7341411941325882ULL, 0xa78b8b168b2c9d0bULL, | ||
162 | 0xf6a7a7a6a7510153ULL, 0xb27d7de97dcf94faULL, 0x4995956e95dcfb37ULL, | ||
163 | 0x56d8d847d88e9fadULL, 0x70fbfbcbfb8b30ebULL, 0xcdeeee9fee2371c1ULL, | ||
164 | 0xbb7c7ced7cc791f8ULL, 0x716666856617e3ccULL, 0x7bdddd53dda68ea7ULL, | ||
165 | 0xaf17175c17b84b2eULL, 0x454747014702468eULL, 0x1a9e9e429e84dc21ULL, | ||
166 | 0xd4caca0fca1ec589ULL, 0x582d2db42d75995aULL, 0x2ebfbfc6bf917963ULL, | ||
167 | 0x3f07071c07381b0eULL, 0xacadad8ead012347ULL, 0xb05a5a755aea2fb4ULL, | ||
168 | 0xef838336836cb51bULL, 0xb63333cc3385ff66ULL, 0x5c636391633ff2c6ULL, | ||
169 | 0x1202020802100a04ULL, 0x93aaaa92aa393849ULL, 0xde7171d971afa8e2ULL, | ||
170 | 0xc6c8c807c80ecf8dULL, 0xd119196419c87d32ULL, 0x3b49493949727092ULL, | ||
171 | 0x5fd9d943d9869aafULL, 0x31f2f2eff2c31df9ULL, 0xa8e3e3abe34b48dbULL, | ||
172 | 0xb95b5b715be22ab6ULL, 0xbc88881a8834920dULL, 0x3e9a9a529aa4c829ULL, | ||
173 | 0x0b262698262dbe4cULL, 0xbf3232c8328dfa64ULL, 0x59b0b0fab0e94a7dULL, | ||
174 | 0xf2e9e983e91b6acfULL, 0x770f0f3c0f78331eULL, 0x33d5d573d5e6a6b7ULL, | ||
175 | 0xf480803a8074ba1dULL, 0x27bebec2be997c61ULL, 0xebcdcd13cd26de87ULL, | ||
176 | 0x893434d034bde468ULL, 0x3248483d487a7590ULL, 0x54ffffdbffab24e3ULL, | ||
177 | 0x8d7a7af57af78ff4ULL, 0x6490907a90f4ea3dULL, 0x9d5f5f615fc23ebeULL, | ||
178 | 0x3d202080201da040ULL, 0x0f6868bd6867d5d0ULL, 0xca1a1a681ad07234ULL, | ||
179 | 0xb7aeae82ae192c41ULL, 0x7db4b4eab4c95e75ULL, 0xce54544d549a19a8ULL, | ||
180 | 0x7f93937693ece53bULL, 0x2f222288220daa44ULL, 0x6364648d6407e9c8ULL, | ||
181 | 0x2af1f1e3f1db12ffULL, 0xcc7373d173bfa2e6ULL, 0x8212124812905a24ULL, | ||
182 | 0x7a40401d403a5d80ULL, 0x4808082008402810ULL, 0x95c3c32bc356e89bULL, | ||
183 | 0xdfecec97ec337bc5ULL, 0x4ddbdb4bdb9690abULL, 0xc0a1a1bea1611f5fULL, | ||
184 | 0x918d8d0e8d1c8307ULL, 0xc83d3df43df5c97aULL, 0x5b97976697ccf133ULL, | ||
185 | 0x0000000000000000ULL, 0xf9cfcf1bcf36d483ULL, 0x6e2b2bac2b458756ULL, | ||
186 | 0xe17676c57697b3ecULL, 0xe68282328264b019ULL, 0x28d6d67fd6fea9b1ULL, | ||
187 | 0xc31b1b6c1bd87736ULL, 0x74b5b5eeb5c15b77ULL, 0xbeafaf86af112943ULL, | ||
188 | 0x1d6a6ab56a77dfd4ULL, 0xea50505d50ba0da0ULL, 0x5745450945124c8aULL, | ||
189 | 0x38f3f3ebf3cb18fbULL, 0xad3030c0309df060ULL, 0xc4efef9bef2b74c3ULL, | ||
190 | 0xda3f3ffc3fe5c37eULL, 0xc755554955921caaULL, 0xdba2a2b2a2791059ULL, | ||
191 | 0xe9eaea8fea0365c9ULL, 0x6a656589650feccaULL, 0x03babad2bab96869ULL, | ||
192 | 0x4a2f2fbc2f65935eULL, 0x8ec0c027c04ee79dULL, 0x60dede5fdebe81a1ULL, | ||
193 | 0xfc1c1c701ce06c38ULL, 0x46fdfdd3fdbb2ee7ULL, 0x1f4d4d294d52649aULL, | ||
194 | 0x7692927292e4e039ULL, 0xfa7575c9758fbceaULL, 0x3606061806301e0cULL, | ||
195 | 0xae8a8a128a249809ULL, 0x4bb2b2f2b2f94079ULL, 0x85e6e6bfe66359d1ULL, | ||
196 | 0x7e0e0e380e70361cULL, 0xe71f1f7c1ff8633eULL, 0x556262956237f7c4ULL, | ||
197 | 0x3ad4d477d4eea3b5ULL, 0x81a8a89aa829324dULL, 0x5296966296c4f431ULL, | ||
198 | 0x62f9f9c3f99b3aefULL, 0xa3c5c533c566f697ULL, 0x102525942535b14aULL, | ||
199 | 0xab59597959f220b2ULL, 0xd084842a8454ae15ULL, 0xc57272d572b7a7e4ULL, | ||
200 | 0xec3939e439d5dd72ULL, 0x164c4c2d4c5a6198ULL, 0x945e5e655eca3bbcULL, | ||
201 | 0x9f7878fd78e785f0ULL, 0xe53838e038ddd870ULL, 0x988c8c0a8c148605ULL, | ||
202 | 0x17d1d163d1c6b2bfULL, 0xe4a5a5aea5410b57ULL, 0xa1e2e2afe2434dd9ULL, | ||
203 | 0x4e616199612ff8c2ULL, 0x42b3b3f6b3f1457bULL, 0x342121842115a542ULL, | ||
204 | 0x089c9c4a9c94d625ULL, 0xee1e1e781ef0663cULL, 0x6143431143225286ULL, | ||
205 | 0xb1c7c73bc776fc93ULL, 0x4ffcfcd7fcb32be5ULL, 0x2404041004201408ULL, | ||
206 | 0xe351515951b208a2ULL, 0x2599995e99bcc72fULL, 0x226d6da96d4fc4daULL, | ||
207 | 0x650d0d340d68391aULL, 0x79fafacffa8335e9ULL, 0x69dfdf5bdfb684a3ULL, | ||
208 | 0xa97e7ee57ed79bfcULL, 0x19242490243db448ULL, 0xfe3b3bec3bc5d776ULL, | ||
209 | 0x9aabab96ab313d4bULL, 0xf0cece1fce3ed181ULL, 0x9911114411885522ULL, | ||
210 | 0x838f8f068f0c8903ULL, 0x044e4e254e4a6b9cULL, 0x66b7b7e6b7d15173ULL, | ||
211 | 0xe0ebeb8beb0b60cbULL, 0xc13c3cf03cfdcc78ULL, 0xfd81813e817cbf1fULL, | ||
212 | 0x4094946a94d4fe35ULL, 0x1cf7f7fbf7eb0cf3ULL, 0x18b9b9deb9a1676fULL, | ||
213 | 0x8b13134c13985f26ULL, 0x512c2cb02c7d9c58ULL, 0x05d3d36bd3d6b8bbULL, | ||
214 | 0x8ce7e7bbe76b5cd3ULL, 0x396e6ea56e57cbdcULL, 0xaac4c437c46ef395ULL, | ||
215 | 0x1b03030c03180f06ULL, 0xdc565645568a13acULL, 0x5e44440d441a4988ULL, | ||
216 | 0xa07f7fe17fdf9efeULL, 0x88a9a99ea921374fULL, 0x672a2aa82a4d8254ULL, | ||
217 | 0x0abbbbd6bbb16d6bULL, 0x87c1c123c146e29fULL, 0xf153535153a202a6ULL, | ||
218 | 0x72dcdc57dcae8ba5ULL, 0x530b0b2c0b582716ULL, 0x019d9d4e9d9cd327ULL, | ||
219 | 0x2b6c6cad6c47c1d8ULL, 0xa43131c43195f562ULL, 0xf37474cd7487b9e8ULL, | ||
220 | 0x15f6f6fff6e309f1ULL, 0x4c464605460a438cULL, 0xa5acac8aac092645ULL, | ||
221 | 0xb589891e893c970fULL, 0xb414145014a04428ULL, 0xbae1e1a3e15b42dfULL, | ||
222 | 0xa616165816b04e2cULL, 0xf73a3ae83acdd274ULL, 0x066969b9696fd0d2ULL, | ||
223 | 0x4109092409482d12ULL, 0xd77070dd70a7ade0ULL, 0x6fb6b6e2b6d95471ULL, | ||
224 | 0x1ed0d067d0ceb7bdULL, 0xd6eded93ed3b7ec7ULL, 0xe2cccc17cc2edb85ULL, | ||
225 | 0x68424215422a5784ULL, 0x2c98985a98b4c22dULL, 0xeda4a4aaa4490e55ULL, | ||
226 | 0x752828a0285d8850ULL, 0x865c5c6d5cda31b8ULL, 0x6bf8f8c7f8933fedULL, | ||
227 | 0xc28686228644a411ULL, | ||
228 | }; | ||
229 | |||
230 | static const u64 C2[256] = { | ||
231 | 0x30d818186018c078ULL, 0x462623238c2305afULL, 0x91b8c6c63fc67ef9ULL, | ||
232 | 0xcdfbe8e887e8136fULL, 0x13cb878726874ca1ULL, 0x6d11b8b8dab8a962ULL, | ||
233 | 0x0209010104010805ULL, 0x9e0d4f4f214f426eULL, 0x6c9b3636d836adeeULL, | ||
234 | 0x51ffa6a6a2a65904ULL, 0xb90cd2d26fd2debdULL, 0xf70ef5f5f3f5fb06ULL, | ||
235 | 0xf2967979f979ef80ULL, 0xde306f6fa16f5fceULL, 0x3f6d91917e91fcefULL, | ||
236 | 0xa4f852525552aa07ULL, 0xc04760609d6027fdULL, 0x6535bcbccabc8976ULL, | ||
237 | 0x2b379b9b569baccdULL, 0x018a8e8e028e048cULL, 0x5bd2a3a3b6a37115ULL, | ||
238 | 0x186c0c0c300c603cULL, 0xf6847b7bf17bff8aULL, 0x6a803535d435b5e1ULL, | ||
239 | 0x3af51d1d741de869ULL, 0xddb3e0e0a7e05347ULL, 0xb321d7d77bd7f6acULL, | ||
240 | 0x999cc2c22fc25eedULL, 0x5c432e2eb82e6d96ULL, 0x96294b4b314b627aULL, | ||
241 | 0xe15dfefedffea321ULL, 0xaed5575741578216ULL, 0x2abd15155415a841ULL, | ||
242 | 0xeee87777c1779fb6ULL, 0x6e923737dc37a5ebULL, 0xd79ee5e5b3e57b56ULL, | ||
243 | 0x23139f9f469f8cd9ULL, 0xfd23f0f0e7f0d317ULL, 0x94204a4a354a6a7fULL, | ||
244 | 0xa944dada4fda9e95ULL, 0xb0a258587d58fa25ULL, 0x8fcfc9c903c906caULL, | ||
245 | 0x527c2929a429558dULL, 0x145a0a0a280a5022ULL, 0x7f50b1b1feb1e14fULL, | ||
246 | 0x5dc9a0a0baa0691aULL, 0xd6146b6bb16b7fdaULL, 0x17d985852e855cabULL, | ||
247 | 0x673cbdbdcebd8173ULL, 0xba8f5d5d695dd234ULL, 0x2090101040108050ULL, | ||
248 | 0xf507f4f4f7f4f303ULL, 0x8bddcbcb0bcb16c0ULL, 0x7cd33e3ef83eedc6ULL, | ||
249 | 0x0a2d050514052811ULL, 0xce78676781671fe6ULL, 0xd597e4e4b7e47353ULL, | ||
250 | 0x4e0227279c2725bbULL, 0x8273414119413258ULL, 0x0ba78b8b168b2c9dULL, | ||
251 | 0x53f6a7a7a6a75101ULL, 0xfab27d7de97dcf94ULL, 0x374995956e95dcfbULL, | ||
252 | 0xad56d8d847d88e9fULL, 0xeb70fbfbcbfb8b30ULL, 0xc1cdeeee9fee2371ULL, | ||
253 | 0xf8bb7c7ced7cc791ULL, 0xcc716666856617e3ULL, 0xa77bdddd53dda68eULL, | ||
254 | 0x2eaf17175c17b84bULL, 0x8e45474701470246ULL, 0x211a9e9e429e84dcULL, | ||
255 | 0x89d4caca0fca1ec5ULL, 0x5a582d2db42d7599ULL, 0x632ebfbfc6bf9179ULL, | ||
256 | 0x0e3f07071c07381bULL, 0x47acadad8ead0123ULL, 0xb4b05a5a755aea2fULL, | ||
257 | 0x1bef838336836cb5ULL, 0x66b63333cc3385ffULL, 0xc65c636391633ff2ULL, | ||
258 | 0x041202020802100aULL, 0x4993aaaa92aa3938ULL, 0xe2de7171d971afa8ULL, | ||
259 | 0x8dc6c8c807c80ecfULL, 0x32d119196419c87dULL, 0x923b494939497270ULL, | ||
260 | 0xaf5fd9d943d9869aULL, 0xf931f2f2eff2c31dULL, 0xdba8e3e3abe34b48ULL, | ||
261 | 0xb6b95b5b715be22aULL, 0x0dbc88881a883492ULL, 0x293e9a9a529aa4c8ULL, | ||
262 | 0x4c0b262698262dbeULL, 0x64bf3232c8328dfaULL, 0x7d59b0b0fab0e94aULL, | ||
263 | 0xcff2e9e983e91b6aULL, 0x1e770f0f3c0f7833ULL, 0xb733d5d573d5e6a6ULL, | ||
264 | 0x1df480803a8074baULL, 0x6127bebec2be997cULL, 0x87ebcdcd13cd26deULL, | ||
265 | 0x68893434d034bde4ULL, 0x903248483d487a75ULL, 0xe354ffffdbffab24ULL, | ||
266 | 0xf48d7a7af57af78fULL, 0x3d6490907a90f4eaULL, 0xbe9d5f5f615fc23eULL, | ||
267 | 0x403d202080201da0ULL, 0xd00f6868bd6867d5ULL, 0x34ca1a1a681ad072ULL, | ||
268 | 0x41b7aeae82ae192cULL, 0x757db4b4eab4c95eULL, 0xa8ce54544d549a19ULL, | ||
269 | 0x3b7f93937693ece5ULL, 0x442f222288220daaULL, 0xc86364648d6407e9ULL, | ||
270 | 0xff2af1f1e3f1db12ULL, 0xe6cc7373d173bfa2ULL, 0x248212124812905aULL, | ||
271 | 0x807a40401d403a5dULL, 0x1048080820084028ULL, 0x9b95c3c32bc356e8ULL, | ||
272 | 0xc5dfecec97ec337bULL, 0xab4ddbdb4bdb9690ULL, 0x5fc0a1a1bea1611fULL, | ||
273 | 0x07918d8d0e8d1c83ULL, 0x7ac83d3df43df5c9ULL, 0x335b97976697ccf1ULL, | ||
274 | 0x0000000000000000ULL, 0x83f9cfcf1bcf36d4ULL, 0x566e2b2bac2b4587ULL, | ||
275 | 0xece17676c57697b3ULL, 0x19e68282328264b0ULL, 0xb128d6d67fd6fea9ULL, | ||
276 | 0x36c31b1b6c1bd877ULL, 0x7774b5b5eeb5c15bULL, 0x43beafaf86af1129ULL, | ||
277 | 0xd41d6a6ab56a77dfULL, 0xa0ea50505d50ba0dULL, 0x8a5745450945124cULL, | ||
278 | 0xfb38f3f3ebf3cb18ULL, 0x60ad3030c0309df0ULL, 0xc3c4efef9bef2b74ULL, | ||
279 | 0x7eda3f3ffc3fe5c3ULL, 0xaac755554955921cULL, 0x59dba2a2b2a27910ULL, | ||
280 | 0xc9e9eaea8fea0365ULL, 0xca6a656589650fecULL, 0x6903babad2bab968ULL, | ||
281 | 0x5e4a2f2fbc2f6593ULL, 0x9d8ec0c027c04ee7ULL, 0xa160dede5fdebe81ULL, | ||
282 | 0x38fc1c1c701ce06cULL, 0xe746fdfdd3fdbb2eULL, 0x9a1f4d4d294d5264ULL, | ||
283 | 0x397692927292e4e0ULL, 0xeafa7575c9758fbcULL, 0x0c3606061806301eULL, | ||
284 | 0x09ae8a8a128a2498ULL, 0x794bb2b2f2b2f940ULL, 0xd185e6e6bfe66359ULL, | ||
285 | 0x1c7e0e0e380e7036ULL, 0x3ee71f1f7c1ff863ULL, 0xc4556262956237f7ULL, | ||
286 | 0xb53ad4d477d4eea3ULL, 0x4d81a8a89aa82932ULL, 0x315296966296c4f4ULL, | ||
287 | 0xef62f9f9c3f99b3aULL, 0x97a3c5c533c566f6ULL, 0x4a102525942535b1ULL, | ||
288 | 0xb2ab59597959f220ULL, 0x15d084842a8454aeULL, 0xe4c57272d572b7a7ULL, | ||
289 | 0x72ec3939e439d5ddULL, 0x98164c4c2d4c5a61ULL, 0xbc945e5e655eca3bULL, | ||
290 | 0xf09f7878fd78e785ULL, 0x70e53838e038ddd8ULL, 0x05988c8c0a8c1486ULL, | ||
291 | 0xbf17d1d163d1c6b2ULL, 0x57e4a5a5aea5410bULL, 0xd9a1e2e2afe2434dULL, | ||
292 | 0xc24e616199612ff8ULL, 0x7b42b3b3f6b3f145ULL, 0x42342121842115a5ULL, | ||
293 | 0x25089c9c4a9c94d6ULL, 0x3cee1e1e781ef066ULL, 0x8661434311432252ULL, | ||
294 | 0x93b1c7c73bc776fcULL, 0xe54ffcfcd7fcb32bULL, 0x0824040410042014ULL, | ||
295 | 0xa2e351515951b208ULL, 0x2f2599995e99bcc7ULL, 0xda226d6da96d4fc4ULL, | ||
296 | 0x1a650d0d340d6839ULL, 0xe979fafacffa8335ULL, 0xa369dfdf5bdfb684ULL, | ||
297 | 0xfca97e7ee57ed79bULL, 0x4819242490243db4ULL, 0x76fe3b3bec3bc5d7ULL, | ||
298 | 0x4b9aabab96ab313dULL, 0x81f0cece1fce3ed1ULL, 0x2299111144118855ULL, | ||
299 | 0x03838f8f068f0c89ULL, 0x9c044e4e254e4a6bULL, 0x7366b7b7e6b7d151ULL, | ||
300 | 0xcbe0ebeb8beb0b60ULL, 0x78c13c3cf03cfdccULL, 0x1ffd81813e817cbfULL, | ||
301 | 0x354094946a94d4feULL, 0xf31cf7f7fbf7eb0cULL, 0x6f18b9b9deb9a167ULL, | ||
302 | 0x268b13134c13985fULL, 0x58512c2cb02c7d9cULL, 0xbb05d3d36bd3d6b8ULL, | ||
303 | 0xd38ce7e7bbe76b5cULL, 0xdc396e6ea56e57cbULL, 0x95aac4c437c46ef3ULL, | ||
304 | 0x061b03030c03180fULL, 0xacdc565645568a13ULL, 0x885e44440d441a49ULL, | ||
305 | 0xfea07f7fe17fdf9eULL, 0x4f88a9a99ea92137ULL, 0x54672a2aa82a4d82ULL, | ||
306 | 0x6b0abbbbd6bbb16dULL, 0x9f87c1c123c146e2ULL, 0xa6f153535153a202ULL, | ||
307 | 0xa572dcdc57dcae8bULL, 0x16530b0b2c0b5827ULL, 0x27019d9d4e9d9cd3ULL, | ||
308 | 0xd82b6c6cad6c47c1ULL, 0x62a43131c43195f5ULL, 0xe8f37474cd7487b9ULL, | ||
309 | 0xf115f6f6fff6e309ULL, 0x8c4c464605460a43ULL, 0x45a5acac8aac0926ULL, | ||
310 | 0x0fb589891e893c97ULL, 0x28b414145014a044ULL, 0xdfbae1e1a3e15b42ULL, | ||
311 | 0x2ca616165816b04eULL, 0x74f73a3ae83acdd2ULL, 0xd2066969b9696fd0ULL, | ||
312 | 0x124109092409482dULL, 0xe0d77070dd70a7adULL, 0x716fb6b6e2b6d954ULL, | ||
313 | 0xbd1ed0d067d0ceb7ULL, 0xc7d6eded93ed3b7eULL, 0x85e2cccc17cc2edbULL, | ||
314 | 0x8468424215422a57ULL, 0x2d2c98985a98b4c2ULL, 0x55eda4a4aaa4490eULL, | ||
315 | 0x50752828a0285d88ULL, 0xb8865c5c6d5cda31ULL, 0xed6bf8f8c7f8933fULL, | ||
316 | 0x11c28686228644a4ULL, | ||
317 | }; | ||
318 | |||
319 | static const u64 C3[256] = { | ||
320 | 0x7830d818186018c0ULL, 0xaf462623238c2305ULL, 0xf991b8c6c63fc67eULL, | ||
321 | 0x6fcdfbe8e887e813ULL, 0xa113cb878726874cULL, 0x626d11b8b8dab8a9ULL, | ||
322 | 0x0502090101040108ULL, 0x6e9e0d4f4f214f42ULL, 0xee6c9b3636d836adULL, | ||
323 | 0x0451ffa6a6a2a659ULL, 0xbdb90cd2d26fd2deULL, 0x06f70ef5f5f3f5fbULL, | ||
324 | 0x80f2967979f979efULL, 0xcede306f6fa16f5fULL, 0xef3f6d91917e91fcULL, | ||
325 | 0x07a4f852525552aaULL, 0xfdc04760609d6027ULL, 0x766535bcbccabc89ULL, | ||
326 | 0xcd2b379b9b569bacULL, 0x8c018a8e8e028e04ULL, 0x155bd2a3a3b6a371ULL, | ||
327 | 0x3c186c0c0c300c60ULL, 0x8af6847b7bf17bffULL, 0xe16a803535d435b5ULL, | ||
328 | 0x693af51d1d741de8ULL, 0x47ddb3e0e0a7e053ULL, 0xacb321d7d77bd7f6ULL, | ||
329 | 0xed999cc2c22fc25eULL, 0x965c432e2eb82e6dULL, 0x7a96294b4b314b62ULL, | ||
330 | 0x21e15dfefedffea3ULL, 0x16aed55757415782ULL, 0x412abd15155415a8ULL, | ||
331 | 0xb6eee87777c1779fULL, 0xeb6e923737dc37a5ULL, 0x56d79ee5e5b3e57bULL, | ||
332 | 0xd923139f9f469f8cULL, 0x17fd23f0f0e7f0d3ULL, 0x7f94204a4a354a6aULL, | ||
333 | 0x95a944dada4fda9eULL, 0x25b0a258587d58faULL, 0xca8fcfc9c903c906ULL, | ||
334 | 0x8d527c2929a42955ULL, 0x22145a0a0a280a50ULL, 0x4f7f50b1b1feb1e1ULL, | ||
335 | 0x1a5dc9a0a0baa069ULL, 0xdad6146b6bb16b7fULL, 0xab17d985852e855cULL, | ||
336 | 0x73673cbdbdcebd81ULL, 0x34ba8f5d5d695dd2ULL, 0x5020901010401080ULL, | ||
337 | 0x03f507f4f4f7f4f3ULL, 0xc08bddcbcb0bcb16ULL, 0xc67cd33e3ef83eedULL, | ||
338 | 0x110a2d0505140528ULL, 0xe6ce78676781671fULL, 0x53d597e4e4b7e473ULL, | ||
339 | 0xbb4e0227279c2725ULL, 0x5882734141194132ULL, 0x9d0ba78b8b168b2cULL, | ||
340 | 0x0153f6a7a7a6a751ULL, 0x94fab27d7de97dcfULL, 0xfb374995956e95dcULL, | ||
341 | 0x9fad56d8d847d88eULL, 0x30eb70fbfbcbfb8bULL, 0x71c1cdeeee9fee23ULL, | ||
342 | 0x91f8bb7c7ced7cc7ULL, 0xe3cc716666856617ULL, 0x8ea77bdddd53dda6ULL, | ||
343 | 0x4b2eaf17175c17b8ULL, 0x468e454747014702ULL, 0xdc211a9e9e429e84ULL, | ||
344 | 0xc589d4caca0fca1eULL, 0x995a582d2db42d75ULL, 0x79632ebfbfc6bf91ULL, | ||
345 | 0x1b0e3f07071c0738ULL, 0x2347acadad8ead01ULL, 0x2fb4b05a5a755aeaULL, | ||
346 | 0xb51bef838336836cULL, 0xff66b63333cc3385ULL, 0xf2c65c636391633fULL, | ||
347 | 0x0a04120202080210ULL, 0x384993aaaa92aa39ULL, 0xa8e2de7171d971afULL, | ||
348 | 0xcf8dc6c8c807c80eULL, 0x7d32d119196419c8ULL, 0x70923b4949394972ULL, | ||
349 | 0x9aaf5fd9d943d986ULL, 0x1df931f2f2eff2c3ULL, 0x48dba8e3e3abe34bULL, | ||
350 | 0x2ab6b95b5b715be2ULL, 0x920dbc88881a8834ULL, 0xc8293e9a9a529aa4ULL, | ||
351 | 0xbe4c0b262698262dULL, 0xfa64bf3232c8328dULL, 0x4a7d59b0b0fab0e9ULL, | ||
352 | 0x6acff2e9e983e91bULL, 0x331e770f0f3c0f78ULL, 0xa6b733d5d573d5e6ULL, | ||
353 | 0xba1df480803a8074ULL, 0x7c6127bebec2be99ULL, 0xde87ebcdcd13cd26ULL, | ||
354 | 0xe468893434d034bdULL, 0x75903248483d487aULL, 0x24e354ffffdbffabULL, | ||
355 | 0x8ff48d7a7af57af7ULL, 0xea3d6490907a90f4ULL, 0x3ebe9d5f5f615fc2ULL, | ||
356 | 0xa0403d202080201dULL, 0xd5d00f6868bd6867ULL, 0x7234ca1a1a681ad0ULL, | ||
357 | 0x2c41b7aeae82ae19ULL, 0x5e757db4b4eab4c9ULL, 0x19a8ce54544d549aULL, | ||
358 | 0xe53b7f93937693ecULL, 0xaa442f222288220dULL, 0xe9c86364648d6407ULL, | ||
359 | 0x12ff2af1f1e3f1dbULL, 0xa2e6cc7373d173bfULL, 0x5a24821212481290ULL, | ||
360 | 0x5d807a40401d403aULL, 0x2810480808200840ULL, 0xe89b95c3c32bc356ULL, | ||
361 | 0x7bc5dfecec97ec33ULL, 0x90ab4ddbdb4bdb96ULL, 0x1f5fc0a1a1bea161ULL, | ||
362 | 0x8307918d8d0e8d1cULL, 0xc97ac83d3df43df5ULL, 0xf1335b97976697ccULL, | ||
363 | 0x0000000000000000ULL, 0xd483f9cfcf1bcf36ULL, 0x87566e2b2bac2b45ULL, | ||
364 | 0xb3ece17676c57697ULL, 0xb019e68282328264ULL, 0xa9b128d6d67fd6feULL, | ||
365 | 0x7736c31b1b6c1bd8ULL, 0x5b7774b5b5eeb5c1ULL, 0x2943beafaf86af11ULL, | ||
366 | 0xdfd41d6a6ab56a77ULL, 0x0da0ea50505d50baULL, 0x4c8a574545094512ULL, | ||
367 | 0x18fb38f3f3ebf3cbULL, 0xf060ad3030c0309dULL, 0x74c3c4efef9bef2bULL, | ||
368 | 0xc37eda3f3ffc3fe5ULL, 0x1caac75555495592ULL, 0x1059dba2a2b2a279ULL, | ||
369 | 0x65c9e9eaea8fea03ULL, 0xecca6a656589650fULL, 0x686903babad2bab9ULL, | ||
370 | 0x935e4a2f2fbc2f65ULL, 0xe79d8ec0c027c04eULL, 0x81a160dede5fdebeULL, | ||
371 | 0x6c38fc1c1c701ce0ULL, 0x2ee746fdfdd3fdbbULL, 0x649a1f4d4d294d52ULL, | ||
372 | 0xe0397692927292e4ULL, 0xbceafa7575c9758fULL, 0x1e0c360606180630ULL, | ||
373 | 0x9809ae8a8a128a24ULL, 0x40794bb2b2f2b2f9ULL, 0x59d185e6e6bfe663ULL, | ||
374 | 0x361c7e0e0e380e70ULL, 0x633ee71f1f7c1ff8ULL, 0xf7c4556262956237ULL, | ||
375 | 0xa3b53ad4d477d4eeULL, 0x324d81a8a89aa829ULL, 0xf4315296966296c4ULL, | ||
376 | 0x3aef62f9f9c3f99bULL, 0xf697a3c5c533c566ULL, 0xb14a102525942535ULL, | ||
377 | 0x20b2ab59597959f2ULL, 0xae15d084842a8454ULL, 0xa7e4c57272d572b7ULL, | ||
378 | 0xdd72ec3939e439d5ULL, 0x6198164c4c2d4c5aULL, 0x3bbc945e5e655ecaULL, | ||
379 | 0x85f09f7878fd78e7ULL, 0xd870e53838e038ddULL, 0x8605988c8c0a8c14ULL, | ||
380 | 0xb2bf17d1d163d1c6ULL, 0x0b57e4a5a5aea541ULL, 0x4dd9a1e2e2afe243ULL, | ||
381 | 0xf8c24e616199612fULL, 0x457b42b3b3f6b3f1ULL, 0xa542342121842115ULL, | ||
382 | 0xd625089c9c4a9c94ULL, 0x663cee1e1e781ef0ULL, 0x5286614343114322ULL, | ||
383 | 0xfc93b1c7c73bc776ULL, 0x2be54ffcfcd7fcb3ULL, 0x1408240404100420ULL, | ||
384 | 0x08a2e351515951b2ULL, 0xc72f2599995e99bcULL, 0xc4da226d6da96d4fULL, | ||
385 | 0x391a650d0d340d68ULL, 0x35e979fafacffa83ULL, 0x84a369dfdf5bdfb6ULL, | ||
386 | 0x9bfca97e7ee57ed7ULL, 0xb44819242490243dULL, 0xd776fe3b3bec3bc5ULL, | ||
387 | 0x3d4b9aabab96ab31ULL, 0xd181f0cece1fce3eULL, 0x5522991111441188ULL, | ||
388 | 0x8903838f8f068f0cULL, 0x6b9c044e4e254e4aULL, 0x517366b7b7e6b7d1ULL, | ||
389 | 0x60cbe0ebeb8beb0bULL, 0xcc78c13c3cf03cfdULL, 0xbf1ffd81813e817cULL, | ||
390 | 0xfe354094946a94d4ULL, 0x0cf31cf7f7fbf7ebULL, 0x676f18b9b9deb9a1ULL, | ||
391 | 0x5f268b13134c1398ULL, 0x9c58512c2cb02c7dULL, 0xb8bb05d3d36bd3d6ULL, | ||
392 | 0x5cd38ce7e7bbe76bULL, 0xcbdc396e6ea56e57ULL, 0xf395aac4c437c46eULL, | ||
393 | 0x0f061b03030c0318ULL, 0x13acdc565645568aULL, 0x49885e44440d441aULL, | ||
394 | 0x9efea07f7fe17fdfULL, 0x374f88a9a99ea921ULL, 0x8254672a2aa82a4dULL, | ||
395 | 0x6d6b0abbbbd6bbb1ULL, 0xe29f87c1c123c146ULL, 0x02a6f153535153a2ULL, | ||
396 | 0x8ba572dcdc57dcaeULL, 0x2716530b0b2c0b58ULL, 0xd327019d9d4e9d9cULL, | ||
397 | 0xc1d82b6c6cad6c47ULL, 0xf562a43131c43195ULL, 0xb9e8f37474cd7487ULL, | ||
398 | 0x09f115f6f6fff6e3ULL, 0x438c4c464605460aULL, 0x2645a5acac8aac09ULL, | ||
399 | 0x970fb589891e893cULL, 0x4428b414145014a0ULL, 0x42dfbae1e1a3e15bULL, | ||
400 | 0x4e2ca616165816b0ULL, 0xd274f73a3ae83acdULL, 0xd0d2066969b9696fULL, | ||
401 | 0x2d12410909240948ULL, 0xade0d77070dd70a7ULL, 0x54716fb6b6e2b6d9ULL, | ||
402 | 0xb7bd1ed0d067d0ceULL, 0x7ec7d6eded93ed3bULL, 0xdb85e2cccc17cc2eULL, | ||
403 | 0x578468424215422aULL, 0xc22d2c98985a98b4ULL, 0x0e55eda4a4aaa449ULL, | ||
404 | 0x8850752828a0285dULL, 0x31b8865c5c6d5cdaULL, 0x3fed6bf8f8c7f893ULL, | ||
405 | 0xa411c28686228644ULL, | ||
406 | }; | ||
407 | |||
408 | static const u64 C4[256] = { | ||
409 | 0xc07830d818186018ULL, 0x05af462623238c23ULL, 0x7ef991b8c6c63fc6ULL, | ||
410 | 0x136fcdfbe8e887e8ULL, 0x4ca113cb87872687ULL, 0xa9626d11b8b8dab8ULL, | ||
411 | 0x0805020901010401ULL, 0x426e9e0d4f4f214fULL, 0xadee6c9b3636d836ULL, | ||
412 | 0x590451ffa6a6a2a6ULL, 0xdebdb90cd2d26fd2ULL, 0xfb06f70ef5f5f3f5ULL, | ||
413 | 0xef80f2967979f979ULL, 0x5fcede306f6fa16fULL, 0xfcef3f6d91917e91ULL, | ||
414 | 0xaa07a4f852525552ULL, 0x27fdc04760609d60ULL, 0x89766535bcbccabcULL, | ||
415 | 0xaccd2b379b9b569bULL, 0x048c018a8e8e028eULL, 0x71155bd2a3a3b6a3ULL, | ||
416 | 0x603c186c0c0c300cULL, 0xff8af6847b7bf17bULL, 0xb5e16a803535d435ULL, | ||
417 | 0xe8693af51d1d741dULL, 0x5347ddb3e0e0a7e0ULL, 0xf6acb321d7d77bd7ULL, | ||
418 | 0x5eed999cc2c22fc2ULL, 0x6d965c432e2eb82eULL, 0x627a96294b4b314bULL, | ||
419 | 0xa321e15dfefedffeULL, 0x8216aed557574157ULL, 0xa8412abd15155415ULL, | ||
420 | 0x9fb6eee87777c177ULL, 0xa5eb6e923737dc37ULL, 0x7b56d79ee5e5b3e5ULL, | ||
421 | 0x8cd923139f9f469fULL, 0xd317fd23f0f0e7f0ULL, 0x6a7f94204a4a354aULL, | ||
422 | 0x9e95a944dada4fdaULL, 0xfa25b0a258587d58ULL, 0x06ca8fcfc9c903c9ULL, | ||
423 | 0x558d527c2929a429ULL, 0x5022145a0a0a280aULL, 0xe14f7f50b1b1feb1ULL, | ||
424 | 0x691a5dc9a0a0baa0ULL, 0x7fdad6146b6bb16bULL, 0x5cab17d985852e85ULL, | ||
425 | 0x8173673cbdbdcebdULL, 0xd234ba8f5d5d695dULL, 0x8050209010104010ULL, | ||
426 | 0xf303f507f4f4f7f4ULL, 0x16c08bddcbcb0bcbULL, 0xedc67cd33e3ef83eULL, | ||
427 | 0x28110a2d05051405ULL, 0x1fe6ce7867678167ULL, 0x7353d597e4e4b7e4ULL, | ||
428 | 0x25bb4e0227279c27ULL, 0x3258827341411941ULL, 0x2c9d0ba78b8b168bULL, | ||
429 | 0x510153f6a7a7a6a7ULL, 0xcf94fab27d7de97dULL, 0xdcfb374995956e95ULL, | ||
430 | 0x8e9fad56d8d847d8ULL, 0x8b30eb70fbfbcbfbULL, 0x2371c1cdeeee9feeULL, | ||
431 | 0xc791f8bb7c7ced7cULL, 0x17e3cc7166668566ULL, 0xa68ea77bdddd53ddULL, | ||
432 | 0xb84b2eaf17175c17ULL, 0x02468e4547470147ULL, 0x84dc211a9e9e429eULL, | ||
433 | 0x1ec589d4caca0fcaULL, 0x75995a582d2db42dULL, 0x9179632ebfbfc6bfULL, | ||
434 | 0x381b0e3f07071c07ULL, 0x012347acadad8eadULL, 0xea2fb4b05a5a755aULL, | ||
435 | 0x6cb51bef83833683ULL, 0x85ff66b63333cc33ULL, 0x3ff2c65c63639163ULL, | ||
436 | 0x100a041202020802ULL, 0x39384993aaaa92aaULL, 0xafa8e2de7171d971ULL, | ||
437 | 0x0ecf8dc6c8c807c8ULL, 0xc87d32d119196419ULL, 0x7270923b49493949ULL, | ||
438 | 0x869aaf5fd9d943d9ULL, 0xc31df931f2f2eff2ULL, 0x4b48dba8e3e3abe3ULL, | ||
439 | 0xe22ab6b95b5b715bULL, 0x34920dbc88881a88ULL, 0xa4c8293e9a9a529aULL, | ||
440 | 0x2dbe4c0b26269826ULL, 0x8dfa64bf3232c832ULL, 0xe94a7d59b0b0fab0ULL, | ||
441 | 0x1b6acff2e9e983e9ULL, 0x78331e770f0f3c0fULL, 0xe6a6b733d5d573d5ULL, | ||
442 | 0x74ba1df480803a80ULL, 0x997c6127bebec2beULL, 0x26de87ebcdcd13cdULL, | ||
443 | 0xbde468893434d034ULL, 0x7a75903248483d48ULL, 0xab24e354ffffdbffULL, | ||
444 | 0xf78ff48d7a7af57aULL, 0xf4ea3d6490907a90ULL, 0xc23ebe9d5f5f615fULL, | ||
445 | 0x1da0403d20208020ULL, 0x67d5d00f6868bd68ULL, 0xd07234ca1a1a681aULL, | ||
446 | 0x192c41b7aeae82aeULL, 0xc95e757db4b4eab4ULL, 0x9a19a8ce54544d54ULL, | ||
447 | 0xece53b7f93937693ULL, 0x0daa442f22228822ULL, 0x07e9c86364648d64ULL, | ||
448 | 0xdb12ff2af1f1e3f1ULL, 0xbfa2e6cc7373d173ULL, 0x905a248212124812ULL, | ||
449 | 0x3a5d807a40401d40ULL, 0x4028104808082008ULL, 0x56e89b95c3c32bc3ULL, | ||
450 | 0x337bc5dfecec97ecULL, 0x9690ab4ddbdb4bdbULL, 0x611f5fc0a1a1bea1ULL, | ||
451 | 0x1c8307918d8d0e8dULL, 0xf5c97ac83d3df43dULL, 0xccf1335b97976697ULL, | ||
452 | 0x0000000000000000ULL, 0x36d483f9cfcf1bcfULL, 0x4587566e2b2bac2bULL, | ||
453 | 0x97b3ece17676c576ULL, 0x64b019e682823282ULL, 0xfea9b128d6d67fd6ULL, | ||
454 | 0xd87736c31b1b6c1bULL, 0xc15b7774b5b5eeb5ULL, 0x112943beafaf86afULL, | ||
455 | 0x77dfd41d6a6ab56aULL, 0xba0da0ea50505d50ULL, 0x124c8a5745450945ULL, | ||
456 | 0xcb18fb38f3f3ebf3ULL, 0x9df060ad3030c030ULL, 0x2b74c3c4efef9befULL, | ||
457 | 0xe5c37eda3f3ffc3fULL, 0x921caac755554955ULL, 0x791059dba2a2b2a2ULL, | ||
458 | 0x0365c9e9eaea8feaULL, 0x0fecca6a65658965ULL, 0xb9686903babad2baULL, | ||
459 | 0x65935e4a2f2fbc2fULL, 0x4ee79d8ec0c027c0ULL, 0xbe81a160dede5fdeULL, | ||
460 | 0xe06c38fc1c1c701cULL, 0xbb2ee746fdfdd3fdULL, 0x52649a1f4d4d294dULL, | ||
461 | 0xe4e0397692927292ULL, 0x8fbceafa7575c975ULL, 0x301e0c3606061806ULL, | ||
462 | 0x249809ae8a8a128aULL, 0xf940794bb2b2f2b2ULL, 0x6359d185e6e6bfe6ULL, | ||
463 | 0x70361c7e0e0e380eULL, 0xf8633ee71f1f7c1fULL, 0x37f7c45562629562ULL, | ||
464 | 0xeea3b53ad4d477d4ULL, 0x29324d81a8a89aa8ULL, 0xc4f4315296966296ULL, | ||
465 | 0x9b3aef62f9f9c3f9ULL, 0x66f697a3c5c533c5ULL, 0x35b14a1025259425ULL, | ||
466 | 0xf220b2ab59597959ULL, 0x54ae15d084842a84ULL, 0xb7a7e4c57272d572ULL, | ||
467 | 0xd5dd72ec3939e439ULL, 0x5a6198164c4c2d4cULL, 0xca3bbc945e5e655eULL, | ||
468 | 0xe785f09f7878fd78ULL, 0xddd870e53838e038ULL, 0x148605988c8c0a8cULL, | ||
469 | 0xc6b2bf17d1d163d1ULL, 0x410b57e4a5a5aea5ULL, 0x434dd9a1e2e2afe2ULL, | ||
470 | 0x2ff8c24e61619961ULL, 0xf1457b42b3b3f6b3ULL, 0x15a5423421218421ULL, | ||
471 | 0x94d625089c9c4a9cULL, 0xf0663cee1e1e781eULL, 0x2252866143431143ULL, | ||
472 | 0x76fc93b1c7c73bc7ULL, 0xb32be54ffcfcd7fcULL, 0x2014082404041004ULL, | ||
473 | 0xb208a2e351515951ULL, 0xbcc72f2599995e99ULL, 0x4fc4da226d6da96dULL, | ||
474 | 0x68391a650d0d340dULL, 0x8335e979fafacffaULL, 0xb684a369dfdf5bdfULL, | ||
475 | 0xd79bfca97e7ee57eULL, 0x3db4481924249024ULL, 0xc5d776fe3b3bec3bULL, | ||
476 | 0x313d4b9aabab96abULL, 0x3ed181f0cece1fceULL, 0x8855229911114411ULL, | ||
477 | 0x0c8903838f8f068fULL, 0x4a6b9c044e4e254eULL, 0xd1517366b7b7e6b7ULL, | ||
478 | 0x0b60cbe0ebeb8bebULL, 0xfdcc78c13c3cf03cULL, 0x7cbf1ffd81813e81ULL, | ||
479 | 0xd4fe354094946a94ULL, 0xeb0cf31cf7f7fbf7ULL, 0xa1676f18b9b9deb9ULL, | ||
480 | 0x985f268b13134c13ULL, 0x7d9c58512c2cb02cULL, 0xd6b8bb05d3d36bd3ULL, | ||
481 | 0x6b5cd38ce7e7bbe7ULL, 0x57cbdc396e6ea56eULL, 0x6ef395aac4c437c4ULL, | ||
482 | 0x180f061b03030c03ULL, 0x8a13acdc56564556ULL, 0x1a49885e44440d44ULL, | ||
483 | 0xdf9efea07f7fe17fULL, 0x21374f88a9a99ea9ULL, 0x4d8254672a2aa82aULL, | ||
484 | 0xb16d6b0abbbbd6bbULL, 0x46e29f87c1c123c1ULL, 0xa202a6f153535153ULL, | ||
485 | 0xae8ba572dcdc57dcULL, 0x582716530b0b2c0bULL, 0x9cd327019d9d4e9dULL, | ||
486 | 0x47c1d82b6c6cad6cULL, 0x95f562a43131c431ULL, 0x87b9e8f37474cd74ULL, | ||
487 | 0xe309f115f6f6fff6ULL, 0x0a438c4c46460546ULL, 0x092645a5acac8aacULL, | ||
488 | 0x3c970fb589891e89ULL, 0xa04428b414145014ULL, 0x5b42dfbae1e1a3e1ULL, | ||
489 | 0xb04e2ca616165816ULL, 0xcdd274f73a3ae83aULL, 0x6fd0d2066969b969ULL, | ||
490 | 0x482d124109092409ULL, 0xa7ade0d77070dd70ULL, 0xd954716fb6b6e2b6ULL, | ||
491 | 0xceb7bd1ed0d067d0ULL, 0x3b7ec7d6eded93edULL, 0x2edb85e2cccc17ccULL, | ||
492 | 0x2a57846842421542ULL, 0xb4c22d2c98985a98ULL, 0x490e55eda4a4aaa4ULL, | ||
493 | 0x5d8850752828a028ULL, 0xda31b8865c5c6d5cULL, 0x933fed6bf8f8c7f8ULL, | ||
494 | 0x44a411c286862286ULL, | ||
495 | }; | ||
496 | |||
497 | static const u64 C5[256] = { | ||
498 | 0x18c07830d8181860ULL, 0x2305af462623238cULL, 0xc67ef991b8c6c63fULL, | ||
499 | 0xe8136fcdfbe8e887ULL, 0x874ca113cb878726ULL, 0xb8a9626d11b8b8daULL, | ||
500 | 0x0108050209010104ULL, 0x4f426e9e0d4f4f21ULL, 0x36adee6c9b3636d8ULL, | ||
501 | 0xa6590451ffa6a6a2ULL, 0xd2debdb90cd2d26fULL, 0xf5fb06f70ef5f5f3ULL, | ||
502 | 0x79ef80f2967979f9ULL, 0x6f5fcede306f6fa1ULL, 0x91fcef3f6d91917eULL, | ||
503 | 0x52aa07a4f8525255ULL, 0x6027fdc04760609dULL, 0xbc89766535bcbccaULL, | ||
504 | 0x9baccd2b379b9b56ULL, 0x8e048c018a8e8e02ULL, 0xa371155bd2a3a3b6ULL, | ||
505 | 0x0c603c186c0c0c30ULL, 0x7bff8af6847b7bf1ULL, 0x35b5e16a803535d4ULL, | ||
506 | 0x1de8693af51d1d74ULL, 0xe05347ddb3e0e0a7ULL, 0xd7f6acb321d7d77bULL, | ||
507 | 0xc25eed999cc2c22fULL, 0x2e6d965c432e2eb8ULL, 0x4b627a96294b4b31ULL, | ||
508 | 0xfea321e15dfefedfULL, 0x578216aed5575741ULL, 0x15a8412abd151554ULL, | ||
509 | 0x779fb6eee87777c1ULL, 0x37a5eb6e923737dcULL, 0xe57b56d79ee5e5b3ULL, | ||
510 | 0x9f8cd923139f9f46ULL, 0xf0d317fd23f0f0e7ULL, 0x4a6a7f94204a4a35ULL, | ||
511 | 0xda9e95a944dada4fULL, 0x58fa25b0a258587dULL, 0xc906ca8fcfc9c903ULL, | ||
512 | 0x29558d527c2929a4ULL, 0x0a5022145a0a0a28ULL, 0xb1e14f7f50b1b1feULL, | ||
513 | 0xa0691a5dc9a0a0baULL, 0x6b7fdad6146b6bb1ULL, 0x855cab17d985852eULL, | ||
514 | 0xbd8173673cbdbdceULL, 0x5dd234ba8f5d5d69ULL, 0x1080502090101040ULL, | ||
515 | 0xf4f303f507f4f4f7ULL, 0xcb16c08bddcbcb0bULL, 0x3eedc67cd33e3ef8ULL, | ||
516 | 0x0528110a2d050514ULL, 0x671fe6ce78676781ULL, 0xe47353d597e4e4b7ULL, | ||
517 | 0x2725bb4e0227279cULL, 0x4132588273414119ULL, 0x8b2c9d0ba78b8b16ULL, | ||
518 | 0xa7510153f6a7a7a6ULL, 0x7dcf94fab27d7de9ULL, 0x95dcfb374995956eULL, | ||
519 | 0xd88e9fad56d8d847ULL, 0xfb8b30eb70fbfbcbULL, 0xee2371c1cdeeee9fULL, | ||
520 | 0x7cc791f8bb7c7cedULL, 0x6617e3cc71666685ULL, 0xdda68ea77bdddd53ULL, | ||
521 | 0x17b84b2eaf17175cULL, 0x4702468e45474701ULL, 0x9e84dc211a9e9e42ULL, | ||
522 | 0xca1ec589d4caca0fULL, 0x2d75995a582d2db4ULL, 0xbf9179632ebfbfc6ULL, | ||
523 | 0x07381b0e3f07071cULL, 0xad012347acadad8eULL, 0x5aea2fb4b05a5a75ULL, | ||
524 | 0x836cb51bef838336ULL, 0x3385ff66b63333ccULL, 0x633ff2c65c636391ULL, | ||
525 | 0x02100a0412020208ULL, 0xaa39384993aaaa92ULL, 0x71afa8e2de7171d9ULL, | ||
526 | 0xc80ecf8dc6c8c807ULL, 0x19c87d32d1191964ULL, 0x497270923b494939ULL, | ||
527 | 0xd9869aaf5fd9d943ULL, 0xf2c31df931f2f2efULL, 0xe34b48dba8e3e3abULL, | ||
528 | 0x5be22ab6b95b5b71ULL, 0x8834920dbc88881aULL, 0x9aa4c8293e9a9a52ULL, | ||
529 | 0x262dbe4c0b262698ULL, 0x328dfa64bf3232c8ULL, 0xb0e94a7d59b0b0faULL, | ||
530 | 0xe91b6acff2e9e983ULL, 0x0f78331e770f0f3cULL, 0xd5e6a6b733d5d573ULL, | ||
531 | 0x8074ba1df480803aULL, 0xbe997c6127bebec2ULL, 0xcd26de87ebcdcd13ULL, | ||
532 | 0x34bde468893434d0ULL, 0x487a75903248483dULL, 0xffab24e354ffffdbULL, | ||
533 | 0x7af78ff48d7a7af5ULL, 0x90f4ea3d6490907aULL, 0x5fc23ebe9d5f5f61ULL, | ||
534 | 0x201da0403d202080ULL, 0x6867d5d00f6868bdULL, 0x1ad07234ca1a1a68ULL, | ||
535 | 0xae192c41b7aeae82ULL, 0xb4c95e757db4b4eaULL, 0x549a19a8ce54544dULL, | ||
536 | 0x93ece53b7f939376ULL, 0x220daa442f222288ULL, 0x6407e9c86364648dULL, | ||
537 | 0xf1db12ff2af1f1e3ULL, 0x73bfa2e6cc7373d1ULL, 0x12905a2482121248ULL, | ||
538 | 0x403a5d807a40401dULL, 0x0840281048080820ULL, 0xc356e89b95c3c32bULL, | ||
539 | 0xec337bc5dfecec97ULL, 0xdb9690ab4ddbdb4bULL, 0xa1611f5fc0a1a1beULL, | ||
540 | 0x8d1c8307918d8d0eULL, 0x3df5c97ac83d3df4ULL, 0x97ccf1335b979766ULL, | ||
541 | 0x0000000000000000ULL, 0xcf36d483f9cfcf1bULL, 0x2b4587566e2b2bacULL, | ||
542 | 0x7697b3ece17676c5ULL, 0x8264b019e6828232ULL, 0xd6fea9b128d6d67fULL, | ||
543 | 0x1bd87736c31b1b6cULL, 0xb5c15b7774b5b5eeULL, 0xaf112943beafaf86ULL, | ||
544 | 0x6a77dfd41d6a6ab5ULL, 0x50ba0da0ea50505dULL, 0x45124c8a57454509ULL, | ||
545 | 0xf3cb18fb38f3f3ebULL, 0x309df060ad3030c0ULL, 0xef2b74c3c4efef9bULL, | ||
546 | 0x3fe5c37eda3f3ffcULL, 0x55921caac7555549ULL, 0xa2791059dba2a2b2ULL, | ||
547 | 0xea0365c9e9eaea8fULL, 0x650fecca6a656589ULL, 0xbab9686903babad2ULL, | ||
548 | 0x2f65935e4a2f2fbcULL, 0xc04ee79d8ec0c027ULL, 0xdebe81a160dede5fULL, | ||
549 | 0x1ce06c38fc1c1c70ULL, 0xfdbb2ee746fdfdd3ULL, 0x4d52649a1f4d4d29ULL, | ||
550 | 0x92e4e03976929272ULL, 0x758fbceafa7575c9ULL, 0x06301e0c36060618ULL, | ||
551 | 0x8a249809ae8a8a12ULL, 0xb2f940794bb2b2f2ULL, 0xe66359d185e6e6bfULL, | ||
552 | 0x0e70361c7e0e0e38ULL, 0x1ff8633ee71f1f7cULL, 0x6237f7c455626295ULL, | ||
553 | 0xd4eea3b53ad4d477ULL, 0xa829324d81a8a89aULL, 0x96c4f43152969662ULL, | ||
554 | 0xf99b3aef62f9f9c3ULL, 0xc566f697a3c5c533ULL, 0x2535b14a10252594ULL, | ||
555 | 0x59f220b2ab595979ULL, 0x8454ae15d084842aULL, 0x72b7a7e4c57272d5ULL, | ||
556 | 0x39d5dd72ec3939e4ULL, 0x4c5a6198164c4c2dULL, 0x5eca3bbc945e5e65ULL, | ||
557 | 0x78e785f09f7878fdULL, 0x38ddd870e53838e0ULL, 0x8c148605988c8c0aULL, | ||
558 | 0xd1c6b2bf17d1d163ULL, 0xa5410b57e4a5a5aeULL, 0xe2434dd9a1e2e2afULL, | ||
559 | 0x612ff8c24e616199ULL, 0xb3f1457b42b3b3f6ULL, 0x2115a54234212184ULL, | ||
560 | 0x9c94d625089c9c4aULL, 0x1ef0663cee1e1e78ULL, 0x4322528661434311ULL, | ||
561 | 0xc776fc93b1c7c73bULL, 0xfcb32be54ffcfcd7ULL, 0x0420140824040410ULL, | ||
562 | 0x51b208a2e3515159ULL, 0x99bcc72f2599995eULL, 0x6d4fc4da226d6da9ULL, | ||
563 | 0x0d68391a650d0d34ULL, 0xfa8335e979fafacfULL, 0xdfb684a369dfdf5bULL, | ||
564 | 0x7ed79bfca97e7ee5ULL, 0x243db44819242490ULL, 0x3bc5d776fe3b3becULL, | ||
565 | 0xab313d4b9aabab96ULL, 0xce3ed181f0cece1fULL, 0x1188552299111144ULL, | ||
566 | 0x8f0c8903838f8f06ULL, 0x4e4a6b9c044e4e25ULL, 0xb7d1517366b7b7e6ULL, | ||
567 | 0xeb0b60cbe0ebeb8bULL, 0x3cfdcc78c13c3cf0ULL, 0x817cbf1ffd81813eULL, | ||
568 | 0x94d4fe354094946aULL, 0xf7eb0cf31cf7f7fbULL, 0xb9a1676f18b9b9deULL, | ||
569 | 0x13985f268b13134cULL, 0x2c7d9c58512c2cb0ULL, 0xd3d6b8bb05d3d36bULL, | ||
570 | 0xe76b5cd38ce7e7bbULL, 0x6e57cbdc396e6ea5ULL, 0xc46ef395aac4c437ULL, | ||
571 | 0x03180f061b03030cULL, 0x568a13acdc565645ULL, 0x441a49885e44440dULL, | ||
572 | 0x7fdf9efea07f7fe1ULL, 0xa921374f88a9a99eULL, 0x2a4d8254672a2aa8ULL, | ||
573 | 0xbbb16d6b0abbbbd6ULL, 0xc146e29f87c1c123ULL, 0x53a202a6f1535351ULL, | ||
574 | 0xdcae8ba572dcdc57ULL, 0x0b582716530b0b2cULL, 0x9d9cd327019d9d4eULL, | ||
575 | 0x6c47c1d82b6c6cadULL, 0x3195f562a43131c4ULL, 0x7487b9e8f37474cdULL, | ||
576 | 0xf6e309f115f6f6ffULL, 0x460a438c4c464605ULL, 0xac092645a5acac8aULL, | ||
577 | 0x893c970fb589891eULL, 0x14a04428b4141450ULL, 0xe15b42dfbae1e1a3ULL, | ||
578 | 0x16b04e2ca6161658ULL, 0x3acdd274f73a3ae8ULL, 0x696fd0d2066969b9ULL, | ||
579 | 0x09482d1241090924ULL, 0x70a7ade0d77070ddULL, 0xb6d954716fb6b6e2ULL, | ||
580 | 0xd0ceb7bd1ed0d067ULL, 0xed3b7ec7d6eded93ULL, 0xcc2edb85e2cccc17ULL, | ||
581 | 0x422a578468424215ULL, 0x98b4c22d2c98985aULL, 0xa4490e55eda4a4aaULL, | ||
582 | 0x285d8850752828a0ULL, 0x5cda31b8865c5c6dULL, 0xf8933fed6bf8f8c7ULL, | ||
583 | 0x8644a411c2868622ULL, | ||
584 | }; | ||
585 | |||
586 | static const u64 C6[256] = { | ||
587 | 0x6018c07830d81818ULL, 0x8c2305af46262323ULL, 0x3fc67ef991b8c6c6ULL, | ||
588 | 0x87e8136fcdfbe8e8ULL, 0x26874ca113cb8787ULL, 0xdab8a9626d11b8b8ULL, | ||
589 | 0x0401080502090101ULL, 0x214f426e9e0d4f4fULL, 0xd836adee6c9b3636ULL, | ||
590 | 0xa2a6590451ffa6a6ULL, 0x6fd2debdb90cd2d2ULL, 0xf3f5fb06f70ef5f5ULL, | ||
591 | 0xf979ef80f2967979ULL, 0xa16f5fcede306f6fULL, 0x7e91fcef3f6d9191ULL, | ||
592 | 0x5552aa07a4f85252ULL, 0x9d6027fdc0476060ULL, 0xcabc89766535bcbcULL, | ||
593 | 0x569baccd2b379b9bULL, 0x028e048c018a8e8eULL, 0xb6a371155bd2a3a3ULL, | ||
594 | 0x300c603c186c0c0cULL, 0xf17bff8af6847b7bULL, 0xd435b5e16a803535ULL, | ||
595 | 0x741de8693af51d1dULL, 0xa7e05347ddb3e0e0ULL, 0x7bd7f6acb321d7d7ULL, | ||
596 | 0x2fc25eed999cc2c2ULL, 0xb82e6d965c432e2eULL, 0x314b627a96294b4bULL, | ||
597 | 0xdffea321e15dfefeULL, 0x41578216aed55757ULL, 0x5415a8412abd1515ULL, | ||
598 | 0xc1779fb6eee87777ULL, 0xdc37a5eb6e923737ULL, 0xb3e57b56d79ee5e5ULL, | ||
599 | 0x469f8cd923139f9fULL, 0xe7f0d317fd23f0f0ULL, 0x354a6a7f94204a4aULL, | ||
600 | 0x4fda9e95a944dadaULL, 0x7d58fa25b0a25858ULL, 0x03c906ca8fcfc9c9ULL, | ||
601 | 0xa429558d527c2929ULL, 0x280a5022145a0a0aULL, 0xfeb1e14f7f50b1b1ULL, | ||
602 | 0xbaa0691a5dc9a0a0ULL, 0xb16b7fdad6146b6bULL, 0x2e855cab17d98585ULL, | ||
603 | 0xcebd8173673cbdbdULL, 0x695dd234ba8f5d5dULL, 0x4010805020901010ULL, | ||
604 | 0xf7f4f303f507f4f4ULL, 0x0bcb16c08bddcbcbULL, 0xf83eedc67cd33e3eULL, | ||
605 | 0x140528110a2d0505ULL, 0x81671fe6ce786767ULL, 0xb7e47353d597e4e4ULL, | ||
606 | 0x9c2725bb4e022727ULL, 0x1941325882734141ULL, 0x168b2c9d0ba78b8bULL, | ||
607 | 0xa6a7510153f6a7a7ULL, 0xe97dcf94fab27d7dULL, 0x6e95dcfb37499595ULL, | ||
608 | 0x47d88e9fad56d8d8ULL, 0xcbfb8b30eb70fbfbULL, 0x9fee2371c1cdeeeeULL, | ||
609 | 0xed7cc791f8bb7c7cULL, 0x856617e3cc716666ULL, 0x53dda68ea77bddddULL, | ||
610 | 0x5c17b84b2eaf1717ULL, 0x014702468e454747ULL, 0x429e84dc211a9e9eULL, | ||
611 | 0x0fca1ec589d4cacaULL, 0xb42d75995a582d2dULL, 0xc6bf9179632ebfbfULL, | ||
612 | 0x1c07381b0e3f0707ULL, 0x8ead012347acadadULL, 0x755aea2fb4b05a5aULL, | ||
613 | 0x36836cb51bef8383ULL, 0xcc3385ff66b63333ULL, 0x91633ff2c65c6363ULL, | ||
614 | 0x0802100a04120202ULL, 0x92aa39384993aaaaULL, 0xd971afa8e2de7171ULL, | ||
615 | 0x07c80ecf8dc6c8c8ULL, 0x6419c87d32d11919ULL, 0x39497270923b4949ULL, | ||
616 | 0x43d9869aaf5fd9d9ULL, 0xeff2c31df931f2f2ULL, 0xabe34b48dba8e3e3ULL, | ||
617 | 0x715be22ab6b95b5bULL, 0x1a8834920dbc8888ULL, 0x529aa4c8293e9a9aULL, | ||
618 | 0x98262dbe4c0b2626ULL, 0xc8328dfa64bf3232ULL, 0xfab0e94a7d59b0b0ULL, | ||
619 | 0x83e91b6acff2e9e9ULL, 0x3c0f78331e770f0fULL, 0x73d5e6a6b733d5d5ULL, | ||
620 | 0x3a8074ba1df48080ULL, 0xc2be997c6127bebeULL, 0x13cd26de87ebcdcdULL, | ||
621 | 0xd034bde468893434ULL, 0x3d487a7590324848ULL, 0xdbffab24e354ffffULL, | ||
622 | 0xf57af78ff48d7a7aULL, 0x7a90f4ea3d649090ULL, 0x615fc23ebe9d5f5fULL, | ||
623 | 0x80201da0403d2020ULL, 0xbd6867d5d00f6868ULL, 0x681ad07234ca1a1aULL, | ||
624 | 0x82ae192c41b7aeaeULL, 0xeab4c95e757db4b4ULL, 0x4d549a19a8ce5454ULL, | ||
625 | 0x7693ece53b7f9393ULL, 0x88220daa442f2222ULL, 0x8d6407e9c8636464ULL, | ||
626 | 0xe3f1db12ff2af1f1ULL, 0xd173bfa2e6cc7373ULL, 0x4812905a24821212ULL, | ||
627 | 0x1d403a5d807a4040ULL, 0x2008402810480808ULL, 0x2bc356e89b95c3c3ULL, | ||
628 | 0x97ec337bc5dfececULL, 0x4bdb9690ab4ddbdbULL, 0xbea1611f5fc0a1a1ULL, | ||
629 | 0x0e8d1c8307918d8dULL, 0xf43df5c97ac83d3dULL, 0x6697ccf1335b9797ULL, | ||
630 | 0x0000000000000000ULL, 0x1bcf36d483f9cfcfULL, 0xac2b4587566e2b2bULL, | ||
631 | 0xc57697b3ece17676ULL, 0x328264b019e68282ULL, 0x7fd6fea9b128d6d6ULL, | ||
632 | 0x6c1bd87736c31b1bULL, 0xeeb5c15b7774b5b5ULL, 0x86af112943beafafULL, | ||
633 | 0xb56a77dfd41d6a6aULL, 0x5d50ba0da0ea5050ULL, 0x0945124c8a574545ULL, | ||
634 | 0xebf3cb18fb38f3f3ULL, 0xc0309df060ad3030ULL, 0x9bef2b74c3c4efefULL, | ||
635 | 0xfc3fe5c37eda3f3fULL, 0x4955921caac75555ULL, 0xb2a2791059dba2a2ULL, | ||
636 | 0x8fea0365c9e9eaeaULL, 0x89650fecca6a6565ULL, 0xd2bab9686903babaULL, | ||
637 | 0xbc2f65935e4a2f2fULL, 0x27c04ee79d8ec0c0ULL, 0x5fdebe81a160dedeULL, | ||
638 | 0x701ce06c38fc1c1cULL, 0xd3fdbb2ee746fdfdULL, 0x294d52649a1f4d4dULL, | ||
639 | 0x7292e4e039769292ULL, 0xc9758fbceafa7575ULL, 0x1806301e0c360606ULL, | ||
640 | 0x128a249809ae8a8aULL, 0xf2b2f940794bb2b2ULL, 0xbfe66359d185e6e6ULL, | ||
641 | 0x380e70361c7e0e0eULL, 0x7c1ff8633ee71f1fULL, 0x956237f7c4556262ULL, | ||
642 | 0x77d4eea3b53ad4d4ULL, 0x9aa829324d81a8a8ULL, 0x6296c4f431529696ULL, | ||
643 | 0xc3f99b3aef62f9f9ULL, 0x33c566f697a3c5c5ULL, 0x942535b14a102525ULL, | ||
644 | 0x7959f220b2ab5959ULL, 0x2a8454ae15d08484ULL, 0xd572b7a7e4c57272ULL, | ||
645 | 0xe439d5dd72ec3939ULL, 0x2d4c5a6198164c4cULL, 0x655eca3bbc945e5eULL, | ||
646 | 0xfd78e785f09f7878ULL, 0xe038ddd870e53838ULL, 0x0a8c148605988c8cULL, | ||
647 | 0x63d1c6b2bf17d1d1ULL, 0xaea5410b57e4a5a5ULL, 0xafe2434dd9a1e2e2ULL, | ||
648 | 0x99612ff8c24e6161ULL, 0xf6b3f1457b42b3b3ULL, 0x842115a542342121ULL, | ||
649 | 0x4a9c94d625089c9cULL, 0x781ef0663cee1e1eULL, 0x1143225286614343ULL, | ||
650 | 0x3bc776fc93b1c7c7ULL, 0xd7fcb32be54ffcfcULL, 0x1004201408240404ULL, | ||
651 | 0x5951b208a2e35151ULL, 0x5e99bcc72f259999ULL, 0xa96d4fc4da226d6dULL, | ||
652 | 0x340d68391a650d0dULL, 0xcffa8335e979fafaULL, 0x5bdfb684a369dfdfULL, | ||
653 | 0xe57ed79bfca97e7eULL, 0x90243db448192424ULL, 0xec3bc5d776fe3b3bULL, | ||
654 | 0x96ab313d4b9aababULL, 0x1fce3ed181f0ceceULL, 0x4411885522991111ULL, | ||
655 | 0x068f0c8903838f8fULL, 0x254e4a6b9c044e4eULL, 0xe6b7d1517366b7b7ULL, | ||
656 | 0x8beb0b60cbe0ebebULL, 0xf03cfdcc78c13c3cULL, 0x3e817cbf1ffd8181ULL, | ||
657 | 0x6a94d4fe35409494ULL, 0xfbf7eb0cf31cf7f7ULL, 0xdeb9a1676f18b9b9ULL, | ||
658 | 0x4c13985f268b1313ULL, 0xb02c7d9c58512c2cULL, 0x6bd3d6b8bb05d3d3ULL, | ||
659 | 0xbbe76b5cd38ce7e7ULL, 0xa56e57cbdc396e6eULL, 0x37c46ef395aac4c4ULL, | ||
660 | 0x0c03180f061b0303ULL, 0x45568a13acdc5656ULL, 0x0d441a49885e4444ULL, | ||
661 | 0xe17fdf9efea07f7fULL, 0x9ea921374f88a9a9ULL, 0xa82a4d8254672a2aULL, | ||
662 | 0xd6bbb16d6b0abbbbULL, 0x23c146e29f87c1c1ULL, 0x5153a202a6f15353ULL, | ||
663 | 0x57dcae8ba572dcdcULL, 0x2c0b582716530b0bULL, 0x4e9d9cd327019d9dULL, | ||
664 | 0xad6c47c1d82b6c6cULL, 0xc43195f562a43131ULL, 0xcd7487b9e8f37474ULL, | ||
665 | 0xfff6e309f115f6f6ULL, 0x05460a438c4c4646ULL, 0x8aac092645a5acacULL, | ||
666 | 0x1e893c970fb58989ULL, 0x5014a04428b41414ULL, 0xa3e15b42dfbae1e1ULL, | ||
667 | 0x5816b04e2ca61616ULL, 0xe83acdd274f73a3aULL, 0xb9696fd0d2066969ULL, | ||
668 | 0x2409482d12410909ULL, 0xdd70a7ade0d77070ULL, 0xe2b6d954716fb6b6ULL, | ||
669 | 0x67d0ceb7bd1ed0d0ULL, 0x93ed3b7ec7d6ededULL, 0x17cc2edb85e2ccccULL, | ||
670 | 0x15422a5784684242ULL, 0x5a98b4c22d2c9898ULL, 0xaaa4490e55eda4a4ULL, | ||
671 | 0xa0285d8850752828ULL, 0x6d5cda31b8865c5cULL, 0xc7f8933fed6bf8f8ULL, | ||
672 | 0x228644a411c28686ULL, | ||
673 | }; | ||
674 | |||
675 | static const u64 C7[256] = { | ||
676 | 0x186018c07830d818ULL, 0x238c2305af462623ULL, 0xc63fc67ef991b8c6ULL, | ||
677 | 0xe887e8136fcdfbe8ULL, 0x8726874ca113cb87ULL, 0xb8dab8a9626d11b8ULL, | ||
678 | 0x0104010805020901ULL, 0x4f214f426e9e0d4fULL, 0x36d836adee6c9b36ULL, | ||
679 | 0xa6a2a6590451ffa6ULL, 0xd26fd2debdb90cd2ULL, 0xf5f3f5fb06f70ef5ULL, | ||
680 | 0x79f979ef80f29679ULL, 0x6fa16f5fcede306fULL, 0x917e91fcef3f6d91ULL, | ||
681 | 0x525552aa07a4f852ULL, 0x609d6027fdc04760ULL, 0xbccabc89766535bcULL, | ||
682 | 0x9b569baccd2b379bULL, 0x8e028e048c018a8eULL, 0xa3b6a371155bd2a3ULL, | ||
683 | 0x0c300c603c186c0cULL, 0x7bf17bff8af6847bULL, 0x35d435b5e16a8035ULL, | ||
684 | 0x1d741de8693af51dULL, 0xe0a7e05347ddb3e0ULL, 0xd77bd7f6acb321d7ULL, | ||
685 | 0xc22fc25eed999cc2ULL, 0x2eb82e6d965c432eULL, 0x4b314b627a96294bULL, | ||
686 | 0xfedffea321e15dfeULL, 0x5741578216aed557ULL, 0x155415a8412abd15ULL, | ||
687 | 0x77c1779fb6eee877ULL, 0x37dc37a5eb6e9237ULL, 0xe5b3e57b56d79ee5ULL, | ||
688 | 0x9f469f8cd923139fULL, 0xf0e7f0d317fd23f0ULL, 0x4a354a6a7f94204aULL, | ||
689 | 0xda4fda9e95a944daULL, 0x587d58fa25b0a258ULL, 0xc903c906ca8fcfc9ULL, | ||
690 | 0x29a429558d527c29ULL, 0x0a280a5022145a0aULL, 0xb1feb1e14f7f50b1ULL, | ||
691 | 0xa0baa0691a5dc9a0ULL, 0x6bb16b7fdad6146bULL, 0x852e855cab17d985ULL, | ||
692 | 0xbdcebd8173673cbdULL, 0x5d695dd234ba8f5dULL, 0x1040108050209010ULL, | ||
693 | 0xf4f7f4f303f507f4ULL, 0xcb0bcb16c08bddcbULL, 0x3ef83eedc67cd33eULL, | ||
694 | 0x05140528110a2d05ULL, 0x6781671fe6ce7867ULL, 0xe4b7e47353d597e4ULL, | ||
695 | 0x279c2725bb4e0227ULL, 0x4119413258827341ULL, 0x8b168b2c9d0ba78bULL, | ||
696 | 0xa7a6a7510153f6a7ULL, 0x7de97dcf94fab27dULL, 0x956e95dcfb374995ULL, | ||
697 | 0xd847d88e9fad56d8ULL, 0xfbcbfb8b30eb70fbULL, 0xee9fee2371c1cdeeULL, | ||
698 | 0x7ced7cc791f8bb7cULL, 0x66856617e3cc7166ULL, 0xdd53dda68ea77bddULL, | ||
699 | 0x175c17b84b2eaf17ULL, 0x47014702468e4547ULL, 0x9e429e84dc211a9eULL, | ||
700 | 0xca0fca1ec589d4caULL, 0x2db42d75995a582dULL, 0xbfc6bf9179632ebfULL, | ||
701 | 0x071c07381b0e3f07ULL, 0xad8ead012347acadULL, 0x5a755aea2fb4b05aULL, | ||
702 | 0x8336836cb51bef83ULL, 0x33cc3385ff66b633ULL, 0x6391633ff2c65c63ULL, | ||
703 | 0x020802100a041202ULL, 0xaa92aa39384993aaULL, 0x71d971afa8e2de71ULL, | ||
704 | 0xc807c80ecf8dc6c8ULL, 0x196419c87d32d119ULL, 0x4939497270923b49ULL, | ||
705 | 0xd943d9869aaf5fd9ULL, 0xf2eff2c31df931f2ULL, 0xe3abe34b48dba8e3ULL, | ||
706 | 0x5b715be22ab6b95bULL, 0x881a8834920dbc88ULL, 0x9a529aa4c8293e9aULL, | ||
707 | 0x2698262dbe4c0b26ULL, 0x32c8328dfa64bf32ULL, 0xb0fab0e94a7d59b0ULL, | ||
708 | 0xe983e91b6acff2e9ULL, 0x0f3c0f78331e770fULL, 0xd573d5e6a6b733d5ULL, | ||
709 | 0x803a8074ba1df480ULL, 0xbec2be997c6127beULL, 0xcd13cd26de87ebcdULL, | ||
710 | 0x34d034bde4688934ULL, 0x483d487a75903248ULL, 0xffdbffab24e354ffULL, | ||
711 | 0x7af57af78ff48d7aULL, 0x907a90f4ea3d6490ULL, 0x5f615fc23ebe9d5fULL, | ||
712 | 0x2080201da0403d20ULL, 0x68bd6867d5d00f68ULL, 0x1a681ad07234ca1aULL, | ||
713 | 0xae82ae192c41b7aeULL, 0xb4eab4c95e757db4ULL, 0x544d549a19a8ce54ULL, | ||
714 | 0x937693ece53b7f93ULL, 0x2288220daa442f22ULL, 0x648d6407e9c86364ULL, | ||
715 | 0xf1e3f1db12ff2af1ULL, 0x73d173bfa2e6cc73ULL, 0x124812905a248212ULL, | ||
716 | 0x401d403a5d807a40ULL, 0x0820084028104808ULL, 0xc32bc356e89b95c3ULL, | ||
717 | 0xec97ec337bc5dfecULL, 0xdb4bdb9690ab4ddbULL, 0xa1bea1611f5fc0a1ULL, | ||
718 | 0x8d0e8d1c8307918dULL, 0x3df43df5c97ac83dULL, 0x976697ccf1335b97ULL, | ||
719 | 0x0000000000000000ULL, 0xcf1bcf36d483f9cfULL, 0x2bac2b4587566e2bULL, | ||
720 | 0x76c57697b3ece176ULL, 0x82328264b019e682ULL, 0xd67fd6fea9b128d6ULL, | ||
721 | 0x1b6c1bd87736c31bULL, 0xb5eeb5c15b7774b5ULL, 0xaf86af112943beafULL, | ||
722 | 0x6ab56a77dfd41d6aULL, 0x505d50ba0da0ea50ULL, 0x450945124c8a5745ULL, | ||
723 | 0xf3ebf3cb18fb38f3ULL, 0x30c0309df060ad30ULL, 0xef9bef2b74c3c4efULL, | ||
724 | 0x3ffc3fe5c37eda3fULL, 0x554955921caac755ULL, 0xa2b2a2791059dba2ULL, | ||
725 | 0xea8fea0365c9e9eaULL, 0x6589650fecca6a65ULL, 0xbad2bab9686903baULL, | ||
726 | 0x2fbc2f65935e4a2fULL, 0xc027c04ee79d8ec0ULL, 0xde5fdebe81a160deULL, | ||
727 | 0x1c701ce06c38fc1cULL, 0xfdd3fdbb2ee746fdULL, 0x4d294d52649a1f4dULL, | ||
728 | 0x927292e4e0397692ULL, 0x75c9758fbceafa75ULL, 0x061806301e0c3606ULL, | ||
729 | 0x8a128a249809ae8aULL, 0xb2f2b2f940794bb2ULL, 0xe6bfe66359d185e6ULL, | ||
730 | 0x0e380e70361c7e0eULL, 0x1f7c1ff8633ee71fULL, 0x62956237f7c45562ULL, | ||
731 | 0xd477d4eea3b53ad4ULL, 0xa89aa829324d81a8ULL, 0x966296c4f4315296ULL, | ||
732 | 0xf9c3f99b3aef62f9ULL, 0xc533c566f697a3c5ULL, 0x25942535b14a1025ULL, | ||
733 | 0x597959f220b2ab59ULL, 0x842a8454ae15d084ULL, 0x72d572b7a7e4c572ULL, | ||
734 | 0x39e439d5dd72ec39ULL, 0x4c2d4c5a6198164cULL, 0x5e655eca3bbc945eULL, | ||
735 | 0x78fd78e785f09f78ULL, 0x38e038ddd870e538ULL, 0x8c0a8c148605988cULL, | ||
736 | 0xd163d1c6b2bf17d1ULL, 0xa5aea5410b57e4a5ULL, 0xe2afe2434dd9a1e2ULL, | ||
737 | 0x6199612ff8c24e61ULL, 0xb3f6b3f1457b42b3ULL, 0x21842115a5423421ULL, | ||
738 | 0x9c4a9c94d625089cULL, 0x1e781ef0663cee1eULL, 0x4311432252866143ULL, | ||
739 | 0xc73bc776fc93b1c7ULL, 0xfcd7fcb32be54ffcULL, 0x0410042014082404ULL, | ||
740 | 0x515951b208a2e351ULL, 0x995e99bcc72f2599ULL, 0x6da96d4fc4da226dULL, | ||
741 | 0x0d340d68391a650dULL, 0xfacffa8335e979faULL, 0xdf5bdfb684a369dfULL, | ||
742 | 0x7ee57ed79bfca97eULL, 0x2490243db4481924ULL, 0x3bec3bc5d776fe3bULL, | ||
743 | 0xab96ab313d4b9aabULL, 0xce1fce3ed181f0ceULL, 0x1144118855229911ULL, | ||
744 | 0x8f068f0c8903838fULL, 0x4e254e4a6b9c044eULL, 0xb7e6b7d1517366b7ULL, | ||
745 | 0xeb8beb0b60cbe0ebULL, 0x3cf03cfdcc78c13cULL, 0x813e817cbf1ffd81ULL, | ||
746 | 0x946a94d4fe354094ULL, 0xf7fbf7eb0cf31cf7ULL, 0xb9deb9a1676f18b9ULL, | ||
747 | 0x134c13985f268b13ULL, 0x2cb02c7d9c58512cULL, 0xd36bd3d6b8bb05d3ULL, | ||
748 | 0xe7bbe76b5cd38ce7ULL, 0x6ea56e57cbdc396eULL, 0xc437c46ef395aac4ULL, | ||
749 | 0x030c03180f061b03ULL, 0x5645568a13acdc56ULL, 0x440d441a49885e44ULL, | ||
750 | 0x7fe17fdf9efea07fULL, 0xa99ea921374f88a9ULL, 0x2aa82a4d8254672aULL, | ||
751 | 0xbbd6bbb16d6b0abbULL, 0xc123c146e29f87c1ULL, 0x535153a202a6f153ULL, | ||
752 | 0xdc57dcae8ba572dcULL, 0x0b2c0b582716530bULL, 0x9d4e9d9cd327019dULL, | ||
753 | 0x6cad6c47c1d82b6cULL, 0x31c43195f562a431ULL, 0x74cd7487b9e8f374ULL, | ||
754 | 0xf6fff6e309f115f6ULL, 0x4605460a438c4c46ULL, 0xac8aac092645a5acULL, | ||
755 | 0x891e893c970fb589ULL, 0x145014a04428b414ULL, 0xe1a3e15b42dfbae1ULL, | ||
756 | 0x165816b04e2ca616ULL, 0x3ae83acdd274f73aULL, 0x69b9696fd0d20669ULL, | ||
757 | 0x092409482d124109ULL, 0x70dd70a7ade0d770ULL, 0xb6e2b6d954716fb6ULL, | ||
758 | 0xd067d0ceb7bd1ed0ULL, 0xed93ed3b7ec7d6edULL, 0xcc17cc2edb85e2ccULL, | ||
759 | 0x4215422a57846842ULL, 0x985a98b4c22d2c98ULL, 0xa4aaa4490e55eda4ULL, | ||
760 | 0x28a0285d88507528ULL, 0x5c6d5cda31b8865cULL, 0xf8c7f8933fed6bf8ULL, | ||
761 | 0x86228644a411c286ULL, | ||
762 | }; | ||
763 | |||
764 | static const u64 rc[WHIRLPOOL_ROUNDS + 1] = { | ||
765 | 0x0000000000000000ULL, 0x1823c6e887b8014fULL, 0x36a6d2f5796f9152ULL, | ||
766 | 0x60bc9b8ea30c7b35ULL, 0x1de0d7c22e4bfe57ULL, 0x157737e59ff04adaULL, | ||
767 | 0x58c9290ab1a06b85ULL, 0xbd5d10f4cb3e0567ULL, 0xe427418ba77d95d8ULL, | ||
768 | 0xfbee7c66dd17479eULL, 0xca2dbf07ad5a8333ULL, | ||
769 | }; | ||
770 | |||
771 | /** | ||
772 | * The core Whirlpool transform. | ||
773 | */ | ||
774 | |||
775 | static void wp512_process_buffer(struct wp512_ctx *wctx) { | ||
776 | int i, r; | ||
777 | u64 K[8]; /* the round key */ | ||
778 | u64 block[8]; /* mu(buffer) */ | ||
779 | u64 state[8]; /* the cipher state */ | ||
780 | u64 L[8]; | ||
781 | u8 *buffer = wctx->buffer; | ||
782 | |||
783 | for (i = 0; i < 8; i++, buffer += 8) { | ||
784 | block[i] = | ||
785 | (((u64)buffer[0] ) << 56) ^ | ||
786 | (((u64)buffer[1] & 0xffL) << 48) ^ | ||
787 | (((u64)buffer[2] & 0xffL) << 40) ^ | ||
788 | (((u64)buffer[3] & 0xffL) << 32) ^ | ||
789 | (((u64)buffer[4] & 0xffL) << 24) ^ | ||
790 | (((u64)buffer[5] & 0xffL) << 16) ^ | ||
791 | (((u64)buffer[6] & 0xffL) << 8) ^ | ||
792 | (((u64)buffer[7] & 0xffL) ); | ||
793 | } | ||
794 | |||
795 | state[0] = block[0] ^ (K[0] = wctx->hash[0]); | ||
796 | state[1] = block[1] ^ (K[1] = wctx->hash[1]); | ||
797 | state[2] = block[2] ^ (K[2] = wctx->hash[2]); | ||
798 | state[3] = block[3] ^ (K[3] = wctx->hash[3]); | ||
799 | state[4] = block[4] ^ (K[4] = wctx->hash[4]); | ||
800 | state[5] = block[5] ^ (K[5] = wctx->hash[5]); | ||
801 | state[6] = block[6] ^ (K[6] = wctx->hash[6]); | ||
802 | state[7] = block[7] ^ (K[7] = wctx->hash[7]); | ||
803 | |||
804 | for (r = 1; r <= WHIRLPOOL_ROUNDS; r++) { | ||
805 | |||
806 | L[0] = C0[(int)(K[0] >> 56) ] ^ | ||
807 | C1[(int)(K[7] >> 48) & 0xff] ^ | ||
808 | C2[(int)(K[6] >> 40) & 0xff] ^ | ||
809 | C3[(int)(K[5] >> 32) & 0xff] ^ | ||
810 | C4[(int)(K[4] >> 24) & 0xff] ^ | ||
811 | C5[(int)(K[3] >> 16) & 0xff] ^ | ||
812 | C6[(int)(K[2] >> 8) & 0xff] ^ | ||
813 | C7[(int)(K[1] ) & 0xff] ^ | ||
814 | rc[r]; | ||
815 | |||
816 | L[1] = C0[(int)(K[1] >> 56) ] ^ | ||
817 | C1[(int)(K[0] >> 48) & 0xff] ^ | ||
818 | C2[(int)(K[7] >> 40) & 0xff] ^ | ||
819 | C3[(int)(K[6] >> 32) & 0xff] ^ | ||
820 | C4[(int)(K[5] >> 24) & 0xff] ^ | ||
821 | C5[(int)(K[4] >> 16) & 0xff] ^ | ||
822 | C6[(int)(K[3] >> 8) & 0xff] ^ | ||
823 | C7[(int)(K[2] ) & 0xff]; | ||
824 | |||
825 | L[2] = C0[(int)(K[2] >> 56) ] ^ | ||
826 | C1[(int)(K[1] >> 48) & 0xff] ^ | ||
827 | C2[(int)(K[0] >> 40) & 0xff] ^ | ||
828 | C3[(int)(K[7] >> 32) & 0xff] ^ | ||
829 | C4[(int)(K[6] >> 24) & 0xff] ^ | ||
830 | C5[(int)(K[5] >> 16) & 0xff] ^ | ||
831 | C6[(int)(K[4] >> 8) & 0xff] ^ | ||
832 | C7[(int)(K[3] ) & 0xff]; | ||
833 | |||
834 | L[3] = C0[(int)(K[3] >> 56) ] ^ | ||
835 | C1[(int)(K[2] >> 48) & 0xff] ^ | ||
836 | C2[(int)(K[1] >> 40) & 0xff] ^ | ||
837 | C3[(int)(K[0] >> 32) & 0xff] ^ | ||
838 | C4[(int)(K[7] >> 24) & 0xff] ^ | ||
839 | C5[(int)(K[6] >> 16) & 0xff] ^ | ||
840 | C6[(int)(K[5] >> 8) & 0xff] ^ | ||
841 | C7[(int)(K[4] ) & 0xff]; | ||
842 | |||
843 | L[4] = C0[(int)(K[4] >> 56) ] ^ | ||
844 | C1[(int)(K[3] >> 48) & 0xff] ^ | ||
845 | C2[(int)(K[2] >> 40) & 0xff] ^ | ||
846 | C3[(int)(K[1] >> 32) & 0xff] ^ | ||
847 | C4[(int)(K[0] >> 24) & 0xff] ^ | ||
848 | C5[(int)(K[7] >> 16) & 0xff] ^ | ||
849 | C6[(int)(K[6] >> 8) & 0xff] ^ | ||
850 | C7[(int)(K[5] ) & 0xff]; | ||
851 | |||
852 | L[5] = C0[(int)(K[5] >> 56) ] ^ | ||
853 | C1[(int)(K[4] >> 48) & 0xff] ^ | ||
854 | C2[(int)(K[3] >> 40) & 0xff] ^ | ||
855 | C3[(int)(K[2] >> 32) & 0xff] ^ | ||
856 | C4[(int)(K[1] >> 24) & 0xff] ^ | ||
857 | C5[(int)(K[0] >> 16) & 0xff] ^ | ||
858 | C6[(int)(K[7] >> 8) & 0xff] ^ | ||
859 | C7[(int)(K[6] ) & 0xff]; | ||
860 | |||
861 | L[6] = C0[(int)(K[6] >> 56) ] ^ | ||
862 | C1[(int)(K[5] >> 48) & 0xff] ^ | ||
863 | C2[(int)(K[4] >> 40) & 0xff] ^ | ||
864 | C3[(int)(K[3] >> 32) & 0xff] ^ | ||
865 | C4[(int)(K[2] >> 24) & 0xff] ^ | ||
866 | C5[(int)(K[1] >> 16) & 0xff] ^ | ||
867 | C6[(int)(K[0] >> 8) & 0xff] ^ | ||
868 | C7[(int)(K[7] ) & 0xff]; | ||
869 | |||
870 | L[7] = C0[(int)(K[7] >> 56) ] ^ | ||
871 | C1[(int)(K[6] >> 48) & 0xff] ^ | ||
872 | C2[(int)(K[5] >> 40) & 0xff] ^ | ||
873 | C3[(int)(K[4] >> 32) & 0xff] ^ | ||
874 | C4[(int)(K[3] >> 24) & 0xff] ^ | ||
875 | C5[(int)(K[2] >> 16) & 0xff] ^ | ||
876 | C6[(int)(K[1] >> 8) & 0xff] ^ | ||
877 | C7[(int)(K[0] ) & 0xff]; | ||
878 | |||
879 | K[0] = L[0]; | ||
880 | K[1] = L[1]; | ||
881 | K[2] = L[2]; | ||
882 | K[3] = L[3]; | ||
883 | K[4] = L[4]; | ||
884 | K[5] = L[5]; | ||
885 | K[6] = L[6]; | ||
886 | K[7] = L[7]; | ||
887 | |||
888 | L[0] = C0[(int)(state[0] >> 56) ] ^ | ||
889 | C1[(int)(state[7] >> 48) & 0xff] ^ | ||
890 | C2[(int)(state[6] >> 40) & 0xff] ^ | ||
891 | C3[(int)(state[5] >> 32) & 0xff] ^ | ||
892 | C4[(int)(state[4] >> 24) & 0xff] ^ | ||
893 | C5[(int)(state[3] >> 16) & 0xff] ^ | ||
894 | C6[(int)(state[2] >> 8) & 0xff] ^ | ||
895 | C7[(int)(state[1] ) & 0xff] ^ | ||
896 | K[0]; | ||
897 | |||
898 | L[1] = C0[(int)(state[1] >> 56) ] ^ | ||
899 | C1[(int)(state[0] >> 48) & 0xff] ^ | ||
900 | C2[(int)(state[7] >> 40) & 0xff] ^ | ||
901 | C3[(int)(state[6] >> 32) & 0xff] ^ | ||
902 | C4[(int)(state[5] >> 24) & 0xff] ^ | ||
903 | C5[(int)(state[4] >> 16) & 0xff] ^ | ||
904 | C6[(int)(state[3] >> 8) & 0xff] ^ | ||
905 | C7[(int)(state[2] ) & 0xff] ^ | ||
906 | K[1]; | ||
907 | |||
908 | L[2] = C0[(int)(state[2] >> 56) ] ^ | ||
909 | C1[(int)(state[1] >> 48) & 0xff] ^ | ||
910 | C2[(int)(state[0] >> 40) & 0xff] ^ | ||
911 | C3[(int)(state[7] >> 32) & 0xff] ^ | ||
912 | C4[(int)(state[6] >> 24) & 0xff] ^ | ||
913 | C5[(int)(state[5] >> 16) & 0xff] ^ | ||
914 | C6[(int)(state[4] >> 8) & 0xff] ^ | ||
915 | C7[(int)(state[3] ) & 0xff] ^ | ||
916 | K[2]; | ||
917 | |||
918 | L[3] = C0[(int)(state[3] >> 56) ] ^ | ||
919 | C1[(int)(state[2] >> 48) & 0xff] ^ | ||
920 | C2[(int)(state[1] >> 40) & 0xff] ^ | ||
921 | C3[(int)(state[0] >> 32) & 0xff] ^ | ||
922 | C4[(int)(state[7] >> 24) & 0xff] ^ | ||
923 | C5[(int)(state[6] >> 16) & 0xff] ^ | ||
924 | C6[(int)(state[5] >> 8) & 0xff] ^ | ||
925 | C7[(int)(state[4] ) & 0xff] ^ | ||
926 | K[3]; | ||
927 | |||
928 | L[4] = C0[(int)(state[4] >> 56) ] ^ | ||
929 | C1[(int)(state[3] >> 48) & 0xff] ^ | ||
930 | C2[(int)(state[2] >> 40) & 0xff] ^ | ||
931 | C3[(int)(state[1] >> 32) & 0xff] ^ | ||
932 | C4[(int)(state[0] >> 24) & 0xff] ^ | ||
933 | C5[(int)(state[7] >> 16) & 0xff] ^ | ||
934 | C6[(int)(state[6] >> 8) & 0xff] ^ | ||
935 | C7[(int)(state[5] ) & 0xff] ^ | ||
936 | K[4]; | ||
937 | |||
938 | L[5] = C0[(int)(state[5] >> 56) ] ^ | ||
939 | C1[(int)(state[4] >> 48) & 0xff] ^ | ||
940 | C2[(int)(state[3] >> 40) & 0xff] ^ | ||
941 | C3[(int)(state[2] >> 32) & 0xff] ^ | ||
942 | C4[(int)(state[1] >> 24) & 0xff] ^ | ||
943 | C5[(int)(state[0] >> 16) & 0xff] ^ | ||
944 | C6[(int)(state[7] >> 8) & 0xff] ^ | ||
945 | C7[(int)(state[6] ) & 0xff] ^ | ||
946 | K[5]; | ||
947 | |||
948 | L[6] = C0[(int)(state[6] >> 56) ] ^ | ||
949 | C1[(int)(state[5] >> 48) & 0xff] ^ | ||
950 | C2[(int)(state[4] >> 40) & 0xff] ^ | ||
951 | C3[(int)(state[3] >> 32) & 0xff] ^ | ||
952 | C4[(int)(state[2] >> 24) & 0xff] ^ | ||
953 | C5[(int)(state[1] >> 16) & 0xff] ^ | ||
954 | C6[(int)(state[0] >> 8) & 0xff] ^ | ||
955 | C7[(int)(state[7] ) & 0xff] ^ | ||
956 | K[6]; | ||
957 | |||
958 | L[7] = C0[(int)(state[7] >> 56) ] ^ | ||
959 | C1[(int)(state[6] >> 48) & 0xff] ^ | ||
960 | C2[(int)(state[5] >> 40) & 0xff] ^ | ||
961 | C3[(int)(state[4] >> 32) & 0xff] ^ | ||
962 | C4[(int)(state[3] >> 24) & 0xff] ^ | ||
963 | C5[(int)(state[2] >> 16) & 0xff] ^ | ||
964 | C6[(int)(state[1] >> 8) & 0xff] ^ | ||
965 | C7[(int)(state[0] ) & 0xff] ^ | ||
966 | K[7]; | ||
967 | |||
968 | state[0] = L[0]; | ||
969 | state[1] = L[1]; | ||
970 | state[2] = L[2]; | ||
971 | state[3] = L[3]; | ||
972 | state[4] = L[4]; | ||
973 | state[5] = L[5]; | ||
974 | state[6] = L[6]; | ||
975 | state[7] = L[7]; | ||
976 | } | ||
977 | /* | ||
978 | * apply the Miyaguchi-Preneel compression function: | ||
979 | */ | ||
980 | wctx->hash[0] ^= state[0] ^ block[0]; | ||
981 | wctx->hash[1] ^= state[1] ^ block[1]; | ||
982 | wctx->hash[2] ^= state[2] ^ block[2]; | ||
983 | wctx->hash[3] ^= state[3] ^ block[3]; | ||
984 | wctx->hash[4] ^= state[4] ^ block[4]; | ||
985 | wctx->hash[5] ^= state[5] ^ block[5]; | ||
986 | wctx->hash[6] ^= state[6] ^ block[6]; | ||
987 | wctx->hash[7] ^= state[7] ^ block[7]; | ||
988 | |||
989 | } | ||
990 | |||
991 | static void wp512_init (void *ctx) { | ||
992 | int i; | ||
993 | struct wp512_ctx *wctx = ctx; | ||
994 | |||
995 | memset(wctx->bitLength, 0, 32); | ||
996 | wctx->bufferBits = wctx->bufferPos = 0; | ||
997 | wctx->buffer[0] = 0; | ||
998 | for (i = 0; i < 8; i++) { | ||
999 | wctx->hash[i] = 0L; | ||
1000 | } | ||
1001 | } | ||
1002 | |||
1003 | static void wp512_update(void *ctx, const u8 *source, unsigned int len) | ||
1004 | { | ||
1005 | |||
1006 | struct wp512_ctx *wctx = ctx; | ||
1007 | int sourcePos = 0; | ||
1008 | unsigned int bits_len = len * 8; // convert to number of bits | ||
1009 | int sourceGap = (8 - ((int)bits_len & 7)) & 7; | ||
1010 | int bufferRem = wctx->bufferBits & 7; | ||
1011 | int i; | ||
1012 | u32 b, carry; | ||
1013 | u8 *buffer = wctx->buffer; | ||
1014 | u8 *bitLength = wctx->bitLength; | ||
1015 | int bufferBits = wctx->bufferBits; | ||
1016 | int bufferPos = wctx->bufferPos; | ||
1017 | |||
1018 | u64 value = bits_len; | ||
1019 | for (i = 31, carry = 0; i >= 0 && (carry != 0 || value != 0ULL); i--) { | ||
1020 | carry += bitLength[i] + ((u32)value & 0xff); | ||
1021 | bitLength[i] = (u8)carry; | ||
1022 | carry >>= 8; | ||
1023 | value >>= 8; | ||
1024 | } | ||
1025 | while (bits_len > 8) { | ||
1026 | b = ((source[sourcePos] << sourceGap) & 0xff) | | ||
1027 | ((source[sourcePos + 1] & 0xff) >> (8 - sourceGap)); | ||
1028 | buffer[bufferPos++] |= (u8)(b >> bufferRem); | ||
1029 | bufferBits += 8 - bufferRem; | ||
1030 | if (bufferBits == WP512_BLOCK_SIZE * 8) { | ||
1031 | wp512_process_buffer(wctx); | ||
1032 | bufferBits = bufferPos = 0; | ||
1033 | } | ||
1034 | buffer[bufferPos] = b << (8 - bufferRem); | ||
1035 | bufferBits += bufferRem; | ||
1036 | bits_len -= 8; | ||
1037 | sourcePos++; | ||
1038 | } | ||
1039 | if (bits_len > 0) { | ||
1040 | b = (source[sourcePos] << sourceGap) & 0xff; | ||
1041 | buffer[bufferPos] |= b >> bufferRem; | ||
1042 | } else { | ||
1043 | b = 0; | ||
1044 | } | ||
1045 | if (bufferRem + bits_len < 8) { | ||
1046 | bufferBits += bits_len; | ||
1047 | } else { | ||
1048 | bufferPos++; | ||
1049 | bufferBits += 8 - bufferRem; | ||
1050 | bits_len -= 8 - bufferRem; | ||
1051 | if (bufferBits == WP512_BLOCK_SIZE * 8) { | ||
1052 | wp512_process_buffer(wctx); | ||
1053 | bufferBits = bufferPos = 0; | ||
1054 | } | ||
1055 | buffer[bufferPos] = b << (8 - bufferRem); | ||
1056 | bufferBits += (int)bits_len; | ||
1057 | } | ||
1058 | |||
1059 | wctx->bufferBits = bufferBits; | ||
1060 | wctx->bufferPos = bufferPos; | ||
1061 | |||
1062 | } | ||
1063 | |||
1064 | static void wp512_final(void *ctx, u8 *out) | ||
1065 | { | ||
1066 | struct wp512_ctx *wctx = ctx; | ||
1067 | int i; | ||
1068 | u8 *buffer = wctx->buffer; | ||
1069 | u8 *bitLength = wctx->bitLength; | ||
1070 | int bufferBits = wctx->bufferBits; | ||
1071 | int bufferPos = wctx->bufferPos; | ||
1072 | u8 *digest = out; | ||
1073 | |||
1074 | buffer[bufferPos] |= 0x80U >> (bufferBits & 7); | ||
1075 | bufferPos++; | ||
1076 | if (bufferPos > WP512_BLOCK_SIZE - WP512_LENGTHBYTES) { | ||
1077 | if (bufferPos < WP512_BLOCK_SIZE) { | ||
1078 | memset(&buffer[bufferPos], 0, WP512_BLOCK_SIZE - bufferPos); | ||
1079 | } | ||
1080 | wp512_process_buffer(wctx); | ||
1081 | bufferPos = 0; | ||
1082 | } | ||
1083 | if (bufferPos < WP512_BLOCK_SIZE - WP512_LENGTHBYTES) { | ||
1084 | memset(&buffer[bufferPos], 0, | ||
1085 | (WP512_BLOCK_SIZE - WP512_LENGTHBYTES) - bufferPos); | ||
1086 | } | ||
1087 | bufferPos = WP512_BLOCK_SIZE - WP512_LENGTHBYTES; | ||
1088 | memcpy(&buffer[WP512_BLOCK_SIZE - WP512_LENGTHBYTES], | ||
1089 | bitLength, WP512_LENGTHBYTES); | ||
1090 | wp512_process_buffer(wctx); | ||
1091 | for (i = 0; i < WP512_DIGEST_SIZE/8; i++) { | ||
1092 | digest[0] = (u8)(wctx->hash[i] >> 56); | ||
1093 | digest[1] = (u8)(wctx->hash[i] >> 48); | ||
1094 | digest[2] = (u8)(wctx->hash[i] >> 40); | ||
1095 | digest[3] = (u8)(wctx->hash[i] >> 32); | ||
1096 | digest[4] = (u8)(wctx->hash[i] >> 24); | ||
1097 | digest[5] = (u8)(wctx->hash[i] >> 16); | ||
1098 | digest[6] = (u8)(wctx->hash[i] >> 8); | ||
1099 | digest[7] = (u8)(wctx->hash[i] ); | ||
1100 | digest += 8; | ||
1101 | } | ||
1102 | wctx->bufferBits = bufferBits; | ||
1103 | wctx->bufferPos = bufferPos; | ||
1104 | } | ||
1105 | |||
1106 | static void wp384_final(void *ctx, u8 *out) | ||
1107 | { | ||
1108 | struct wp512_ctx *wctx = ctx; | ||
1109 | u8 D[64]; | ||
1110 | |||
1111 | wp512_final (wctx, D); | ||
1112 | memcpy (out, D, WP384_DIGEST_SIZE); | ||
1113 | memset (D, 0, WP512_DIGEST_SIZE); | ||
1114 | } | ||
1115 | |||
1116 | static void wp256_final(void *ctx, u8 *out) | ||
1117 | { | ||
1118 | struct wp512_ctx *wctx = ctx; | ||
1119 | u8 D[64]; | ||
1120 | |||
1121 | wp512_final (wctx, D); | ||
1122 | memcpy (out, D, WP256_DIGEST_SIZE); | ||
1123 | memset (D, 0, WP512_DIGEST_SIZE); | ||
1124 | } | ||
1125 | |||
1126 | static struct crypto_alg wp512 = { | ||
1127 | .cra_name = "wp512", | ||
1128 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
1129 | .cra_blocksize = WP512_BLOCK_SIZE, | ||
1130 | .cra_ctxsize = sizeof(struct wp512_ctx), | ||
1131 | .cra_module = THIS_MODULE, | ||
1132 | .cra_list = LIST_HEAD_INIT(wp512.cra_list), | ||
1133 | .cra_u = { .digest = { | ||
1134 | .dia_digestsize = WP512_DIGEST_SIZE, | ||
1135 | .dia_init = wp512_init, | ||
1136 | .dia_update = wp512_update, | ||
1137 | .dia_final = wp512_final } } | ||
1138 | }; | ||
1139 | |||
1140 | static struct crypto_alg wp384 = { | ||
1141 | .cra_name = "wp384", | ||
1142 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
1143 | .cra_blocksize = WP512_BLOCK_SIZE, | ||
1144 | .cra_ctxsize = sizeof(struct wp512_ctx), | ||
1145 | .cra_module = THIS_MODULE, | ||
1146 | .cra_list = LIST_HEAD_INIT(wp384.cra_list), | ||
1147 | .cra_u = { .digest = { | ||
1148 | .dia_digestsize = WP384_DIGEST_SIZE, | ||
1149 | .dia_init = wp512_init, | ||
1150 | .dia_update = wp512_update, | ||
1151 | .dia_final = wp384_final } } | ||
1152 | }; | ||
1153 | |||
1154 | static struct crypto_alg wp256 = { | ||
1155 | .cra_name = "wp256", | ||
1156 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
1157 | .cra_blocksize = WP512_BLOCK_SIZE, | ||
1158 | .cra_ctxsize = sizeof(struct wp512_ctx), | ||
1159 | .cra_module = THIS_MODULE, | ||
1160 | .cra_list = LIST_HEAD_INIT(wp256.cra_list), | ||
1161 | .cra_u = { .digest = { | ||
1162 | .dia_digestsize = WP256_DIGEST_SIZE, | ||
1163 | .dia_init = wp512_init, | ||
1164 | .dia_update = wp512_update, | ||
1165 | .dia_final = wp256_final } } | ||
1166 | }; | ||
1167 | |||
1168 | static int __init init(void) | ||
1169 | { | ||
1170 | int ret = 0; | ||
1171 | |||
1172 | ret = crypto_register_alg(&wp512); | ||
1173 | |||
1174 | if (ret < 0) | ||
1175 | goto out; | ||
1176 | |||
1177 | ret = crypto_register_alg(&wp384); | ||
1178 | if (ret < 0) | ||
1179 | { | ||
1180 | crypto_unregister_alg(&wp512); | ||
1181 | goto out; | ||
1182 | } | ||
1183 | |||
1184 | ret = crypto_register_alg(&wp256); | ||
1185 | if (ret < 0) | ||
1186 | { | ||
1187 | crypto_unregister_alg(&wp512); | ||
1188 | crypto_unregister_alg(&wp384); | ||
1189 | } | ||
1190 | out: | ||
1191 | return ret; | ||
1192 | } | ||
1193 | |||
1194 | static void __exit fini(void) | ||
1195 | { | ||
1196 | crypto_unregister_alg(&wp512); | ||
1197 | crypto_unregister_alg(&wp384); | ||
1198 | crypto_unregister_alg(&wp256); | ||
1199 | } | ||
1200 | |||
1201 | MODULE_ALIAS("wp384"); | ||
1202 | MODULE_ALIAS("wp256"); | ||
1203 | |||
1204 | module_init(init); | ||
1205 | module_exit(fini); | ||
1206 | |||
1207 | MODULE_LICENSE("GPL"); | ||
1208 | MODULE_DESCRIPTION("Whirlpool Message Digest Algorithm"); | ||