Ashley Mills
cyassl re-port with cellular comms, PSK test
Dependencies: VodafoneUSBModem_bleedingedge2 mbed-rtos mbed-src
Embed:
(wiki syntax)
Show/hide line numbers
camellia.c
00001 /* camellia.c ver 1.2.0 00002 * 00003 * Copyright (c) 2006,2007 00004 * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer as 00011 * the first lines of this file unmodified. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 00016 * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR 00017 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00018 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 00019 * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, 00020 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00021 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00022 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00023 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00024 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 00025 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 */ 00027 00028 /* camellia.c 00029 * 00030 * Copyright (C) 2006-2013 Sawtooth Consulting Ltd. 00031 * 00032 * This file is part of CyaSSL. 00033 * 00034 * CyaSSL is free software; you can redistribute it and/or modify 00035 * it under the terms of the GNU General Public License as published by 00036 * the Free Software Foundation; either version 2 of the License, or 00037 * (at your option) any later version. 00038 * 00039 * CyaSSL is distributed in the hope that it will be useful, 00040 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00041 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00042 * GNU General Public License for more details. 00043 * 00044 * You should have received a copy of the GNU General Public License 00045 * along with this program; if not, write to the Free Software 00046 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00047 */ 00048 00049 /* 00050 * Algorithm Specification 00051 * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html 00052 */ 00053 00054 00055 #ifdef HAVE_CONFIG_H 00056 #include <config.h> 00057 #endif 00058 00059 #ifdef HAVE_CAMELLIA 00060 00061 #include <cyassl/ctaocrypt/camellia.h> 00062 #include <cyassl/ctaocrypt/error.h> 00063 #include <cyassl/ctaocrypt/logging.h> 00064 #ifdef NO_INLINE 00065 #include <cyassl/ctaocrypt/misc.h> 00066 #else 00067 #include <ctaocrypt/src/misc.c> 00068 #endif 00069 00070 00071 /* u32 must be 32bit word */ 00072 typedef unsigned int u32; 00073 typedef unsigned char u8; 00074 00075 /* key constants */ 00076 00077 #define CAMELLIA_SIGMA1L ((u32)0xA09E667FL) 00078 #define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL) 00079 #define CAMELLIA_SIGMA2L ((u32)0xB67AE858L) 00080 #define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L) 00081 #define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL) 00082 #define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL) 00083 #define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L) 00084 #define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL) 00085 #define CAMELLIA_SIGMA5L ((u32)0x10E527FAL) 00086 #define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL) 00087 #define CAMELLIA_SIGMA6L ((u32)0xB05688C2L) 00088 #define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL) 00089 00090 /* 00091 * macros 00092 */ 00093 00094 00095 #if defined(_MSC_VER) 00096 00097 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 00098 # define GETU32(p) SWAP(*((u32 *)(p))) 00099 # define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} 00100 00101 #else /* not MS-VC */ 00102 00103 # define GETU32(pt) \ 00104 (((u32)(pt)[0] << 24) \ 00105 ^ ((u32)(pt)[1] << 16) \ 00106 ^ ((u32)(pt)[2] << 8) \ 00107 ^ ((u32)(pt)[3])) 00108 00109 # define PUTU32(ct, st) { \ 00110 (ct)[0] = (u8)((st) >> 24); \ 00111 (ct)[1] = (u8)((st) >> 16); \ 00112 (ct)[2] = (u8)((st) >> 8); \ 00113 (ct)[3] = (u8)(st); } 00114 00115 #endif 00116 00117 #define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) 00118 #define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) 00119 00120 /* rotation right shift 1byte */ 00121 #define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) 00122 /* rotation left shift 1bit */ 00123 #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) 00124 /* rotation left shift 1byte */ 00125 #define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) 00126 00127 #define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ 00128 do { \ 00129 w0 = ll; \ 00130 ll = (ll << bits) + (lr >> (32 - bits)); \ 00131 lr = (lr << bits) + (rl >> (32 - bits)); \ 00132 rl = (rl << bits) + (rr >> (32 - bits)); \ 00133 rr = (rr << bits) + (w0 >> (32 - bits)); \ 00134 } while(0) 00135 00136 #define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 00137 do { \ 00138 w0 = ll; \ 00139 w1 = lr; \ 00140 ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ 00141 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 00142 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 00143 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 00144 } while(0) 00145 00146 #define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) 00147 #define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) 00148 #define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) 00149 #define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) 00150 00151 #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00152 do { \ 00153 il = xl ^ kl; \ 00154 ir = xr ^ kr; \ 00155 t0 = il >> 16; \ 00156 t1 = ir >> 16; \ 00157 yl = CAMELLIA_SP1110(ir & 0xff) \ 00158 ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ 00159 ^ CAMELLIA_SP3033(t1 & 0xff) \ 00160 ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ 00161 yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ 00162 ^ CAMELLIA_SP0222(t0 & 0xff) \ 00163 ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ 00164 ^ CAMELLIA_SP4404(il & 0xff); \ 00165 yl ^= yr; \ 00166 yr = CAMELLIA_RR8(yr); \ 00167 yr ^= yl; \ 00168 } while(0) 00169 00170 00171 /* 00172 * for speed up 00173 * 00174 */ 00175 #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ 00176 do { \ 00177 t0 = kll; \ 00178 t0 &= ll; \ 00179 lr ^= CAMELLIA_RL1(t0); \ 00180 t1 = klr; \ 00181 t1 |= lr; \ 00182 ll ^= t1; \ 00183 \ 00184 t2 = krr; \ 00185 t2 |= rr; \ 00186 rl ^= t2; \ 00187 t3 = krl; \ 00188 t3 &= rl; \ 00189 rr ^= CAMELLIA_RL1(t3); \ 00190 } while(0) 00191 00192 #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00193 do { \ 00194 ir = CAMELLIA_SP1110(xr & 0xff) \ 00195 ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ 00196 ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ 00197 ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ 00198 il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ 00199 ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ 00200 ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ 00201 ^ CAMELLIA_SP4404(xl & 0xff); \ 00202 il ^= kl; \ 00203 ir ^= kr; \ 00204 ir ^= il; \ 00205 il = CAMELLIA_RR8(il); \ 00206 il ^= ir; \ 00207 yl ^= ir; \ 00208 yr ^= il; \ 00209 } while(0) 00210 00211 00212 static const u32 camellia_sp1110[256] = { 00213 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 00214 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 00215 0xe4e4e400,0x85858500,0x57575700,0x35353500, 00216 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 00217 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 00218 0x45454500,0x19191900,0xa5a5a500,0x21212100, 00219 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 00220 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 00221 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 00222 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 00223 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 00224 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 00225 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 00226 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 00227 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 00228 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 00229 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 00230 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 00231 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 00232 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 00233 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 00234 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 00235 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 00236 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 00237 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 00238 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 00239 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 00240 0x53535300,0x18181800,0xf2f2f200,0x22222200, 00241 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 00242 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 00243 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 00244 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 00245 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 00246 0xa1a1a100,0x89898900,0x62626200,0x97979700, 00247 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 00248 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 00249 0x10101000,0xc4c4c400,0x00000000,0x48484800, 00250 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 00251 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 00252 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 00253 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 00254 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 00255 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 00256 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 00257 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 00258 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 00259 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 00260 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 00261 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 00262 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 00263 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 00264 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 00265 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 00266 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 00267 0xd4d4d400,0x25252500,0xababab00,0x42424200, 00268 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 00269 0x72727200,0x07070700,0xb9b9b900,0x55555500, 00270 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 00271 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 00272 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 00273 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 00274 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 00275 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 00276 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 00277 }; 00278 00279 static const u32 camellia_sp0222[256] = { 00280 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 00281 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 00282 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 00283 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 00284 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 00285 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 00286 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 00287 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 00288 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 00289 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 00290 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 00291 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 00292 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 00293 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 00294 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 00295 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 00296 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 00297 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 00298 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 00299 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 00300 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 00301 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 00302 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 00303 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 00304 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 00305 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 00306 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 00307 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 00308 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 00309 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 00310 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 00311 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 00312 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 00313 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 00314 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 00315 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 00316 0x00202020,0x00898989,0x00000000,0x00909090, 00317 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 00318 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 00319 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 00320 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 00321 0x009b9b9b,0x00949494,0x00212121,0x00666666, 00322 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 00323 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 00324 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 00325 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 00326 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 00327 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 00328 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 00329 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 00330 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 00331 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 00332 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 00333 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 00334 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 00335 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 00336 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 00337 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 00338 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 00339 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 00340 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 00341 0x00777777,0x00939393,0x00868686,0x00838383, 00342 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 00343 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 00344 }; 00345 00346 static const u32 camellia_sp3033[256] = { 00347 0x38003838,0x41004141,0x16001616,0x76007676, 00348 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 00349 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 00350 0x75007575,0x06000606,0x57005757,0xa000a0a0, 00351 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 00352 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 00353 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 00354 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 00355 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 00356 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 00357 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 00358 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 00359 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 00360 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 00361 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 00362 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 00363 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 00364 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 00365 0x3a003a3a,0x09000909,0x95009595,0x10001010, 00366 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 00367 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 00368 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 00369 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 00370 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 00371 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 00372 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 00373 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 00374 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 00375 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 00376 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 00377 0x12001212,0x04000404,0x74007474,0x54005454, 00378 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 00379 0x55005555,0x68006868,0x50005050,0xbe00bebe, 00380 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 00381 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 00382 0x70007070,0xff00ffff,0x32003232,0x69006969, 00383 0x08000808,0x62006262,0x00000000,0x24002424, 00384 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 00385 0x45004545,0x81008181,0x73007373,0x6d006d6d, 00386 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 00387 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 00388 0xe600e6e6,0x25002525,0x48004848,0x99009999, 00389 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 00390 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 00391 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 00392 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 00393 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 00394 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 00395 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 00396 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 00397 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 00398 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 00399 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 00400 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 00401 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 00402 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 00403 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 00404 0x7c007c7c,0x77007777,0x56005656,0x05000505, 00405 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 00406 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 00407 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 00408 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 00409 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 00410 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 00411 }; 00412 00413 static const u32 camellia_sp4404[256] = { 00414 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 00415 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 00416 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 00417 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 00418 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 00419 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 00420 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 00421 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 00422 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 00423 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 00424 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 00425 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 00426 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 00427 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 00428 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 00429 0x24240024,0xe8e800e8,0x60600060,0x69690069, 00430 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 00431 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 00432 0x10100010,0x00000000,0xa3a300a3,0x75750075, 00433 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 00434 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 00435 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 00436 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 00437 0x81810081,0x6f6f006f,0x13130013,0x63630063, 00438 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 00439 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 00440 0x78780078,0x06060006,0xe7e700e7,0x71710071, 00441 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 00442 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 00443 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 00444 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 00445 0x15150015,0xadad00ad,0x77770077,0x80800080, 00446 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 00447 0x85850085,0x35350035,0x0c0c000c,0x41410041, 00448 0xefef00ef,0x93930093,0x19190019,0x21210021, 00449 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 00450 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 00451 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 00452 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 00453 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 00454 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 00455 0x12120012,0x20200020,0xb1b100b1,0x99990099, 00456 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 00457 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 00458 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 00459 0x0f0f000f,0x16160016,0x18180018,0x22220022, 00460 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 00461 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 00462 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 00463 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 00464 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 00465 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 00466 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 00467 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 00468 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 00469 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 00470 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 00471 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 00472 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 00473 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 00474 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 00475 0x49490049,0x68680068,0x38380038,0xa4a400a4, 00476 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 00477 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 00478 }; 00479 00480 00481 /** 00482 * Stuff related to the Camellia key schedule 00483 */ 00484 #define subl(x) subL[(x)] 00485 #define subr(x) subR[(x)] 00486 00487 static void camellia_setup128(const unsigned char *key, u32 *subkey) 00488 { 00489 u32 kll, klr, krl, krr; 00490 u32 il, ir, t0, t1, w0, w1; 00491 u32 kw4l, kw4r, dw, tl, tr; 00492 u32 subL[26]; 00493 u32 subR[26]; 00494 00495 /** 00496 * k == kll || klr || krl || krr (|| is concatination) 00497 */ 00498 kll = GETU32(key ); 00499 klr = GETU32(key + 4); 00500 krl = GETU32(key + 8); 00501 krr = GETU32(key + 12); 00502 /** 00503 * generate KL dependent subkeys 00504 */ 00505 subl(0) = kll; subr(0) = klr; 00506 subl(1) = krl; subr(1) = krr; 00507 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00508 subl(4) = kll; subr(4) = klr; 00509 subl(5) = krl; subr(5) = krr; 00510 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00511 subl(10) = kll; subr(10) = klr; 00512 subl(11) = krl; subr(11) = krr; 00513 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00514 subl(13) = krl; subr(13) = krr; 00515 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00516 subl(16) = kll; subr(16) = klr; 00517 subl(17) = krl; subr(17) = krr; 00518 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00519 subl(18) = kll; subr(18) = klr; 00520 subl(19) = krl; subr(19) = krr; 00521 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00522 subl(22) = kll; subr(22) = klr; 00523 subl(23) = krl; subr(23) = krr; 00524 00525 /* generate KA */ 00526 kll = subl(0); klr = subr(0); 00527 krl = subl(1); krr = subr(1); 00528 CAMELLIA_F(kll, klr, 00529 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00530 w0, w1, il, ir, t0, t1); 00531 krl ^= w0; krr ^= w1; 00532 CAMELLIA_F(krl, krr, 00533 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00534 kll, klr, il, ir, t0, t1); 00535 CAMELLIA_F(kll, klr, 00536 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00537 krl, krr, il, ir, t0, t1); 00538 krl ^= w0; krr ^= w1; 00539 CAMELLIA_F(krl, krr, 00540 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00541 w0, w1, il, ir, t0, t1); 00542 kll ^= w0; klr ^= w1; 00543 00544 /* generate KA dependent subkeys */ 00545 subl(2) = kll; subr(2) = klr; 00546 subl(3) = krl; subr(3) = krr; 00547 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00548 subl(6) = kll; subr(6) = klr; 00549 subl(7) = krl; subr(7) = krr; 00550 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00551 subl(8) = kll; subr(8) = klr; 00552 subl(9) = krl; subr(9) = krr; 00553 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00554 subl(12) = kll; subr(12) = klr; 00555 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00556 subl(14) = kll; subr(14) = klr; 00557 subl(15) = krl; subr(15) = krr; 00558 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00559 subl(20) = kll; subr(20) = klr; 00560 subl(21) = krl; subr(21) = krr; 00561 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00562 subl(24) = kll; subr(24) = klr; 00563 subl(25) = krl; subr(25) = krr; 00564 00565 00566 /* absorb kw2 to other subkeys */ 00567 subl(3) ^= subl(1); subr(3) ^= subr(1); 00568 subl(5) ^= subl(1); subr(5) ^= subr(1); 00569 subl(7) ^= subl(1); subr(7) ^= subr(1); 00570 subl(1) ^= subr(1) & ~subr(9); 00571 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00572 subl(11) ^= subl(1); subr(11) ^= subr(1); 00573 subl(13) ^= subl(1); subr(13) ^= subr(1); 00574 subl(15) ^= subl(1); subr(15) ^= subr(1); 00575 subl(1) ^= subr(1) & ~subr(17); 00576 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00577 subl(19) ^= subl(1); subr(19) ^= subr(1); 00578 subl(21) ^= subl(1); subr(21) ^= subr(1); 00579 subl(23) ^= subl(1); subr(23) ^= subr(1); 00580 subl(24) ^= subl(1); subr(24) ^= subr(1); 00581 00582 /* absorb kw4 to other subkeys */ 00583 kw4l = subl(25); kw4r = subr(25); 00584 subl(22) ^= kw4l; subr(22) ^= kw4r; 00585 subl(20) ^= kw4l; subr(20) ^= kw4r; 00586 subl(18) ^= kw4l; subr(18) ^= kw4r; 00587 kw4l ^= kw4r & ~subr(16); 00588 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00589 subl(14) ^= kw4l; subr(14) ^= kw4r; 00590 subl(12) ^= kw4l; subr(12) ^= kw4r; 00591 subl(10) ^= kw4l; subr(10) ^= kw4r; 00592 kw4l ^= kw4r & ~subr(8); 00593 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00594 subl(6) ^= kw4l; subr(6) ^= kw4r; 00595 subl(4) ^= kw4l; subr(4) ^= kw4r; 00596 subl(2) ^= kw4l; subr(2) ^= kw4r; 00597 subl(0) ^= kw4l; subr(0) ^= kw4r; 00598 00599 /* key XOR is end of F-function */ 00600 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00601 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00602 CamelliaSubkeyL(2) = subl(3); 00603 CamelliaSubkeyR(2) = subr(3); 00604 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00605 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00606 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00607 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00608 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00609 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00610 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00611 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00612 tl = subl(10) ^ (subr(10) & ~subr(8)); 00613 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00614 CamelliaSubkeyL(7) = subl(6) ^ tl; 00615 CamelliaSubkeyR(7) = subr(6) ^ tr; 00616 CamelliaSubkeyL(8) = subl(8); 00617 CamelliaSubkeyR(8) = subr(8); 00618 CamelliaSubkeyL(9) = subl(9); 00619 CamelliaSubkeyR(9) = subr(9); 00620 tl = subl(7) ^ (subr(7) & ~subr(9)); 00621 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00622 CamelliaSubkeyL(10) = tl ^ subl(11); 00623 CamelliaSubkeyR(10) = tr ^ subr(11); 00624 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00625 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00626 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00627 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00628 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00629 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00630 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00631 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00632 tl = subl(18) ^ (subr(18) & ~subr(16)); 00633 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00634 CamelliaSubkeyL(15) = subl(14) ^ tl; 00635 CamelliaSubkeyR(15) = subr(14) ^ tr; 00636 CamelliaSubkeyL(16) = subl(16); 00637 CamelliaSubkeyR(16) = subr(16); 00638 CamelliaSubkeyL(17) = subl(17); 00639 CamelliaSubkeyR(17) = subr(17); 00640 tl = subl(15) ^ (subr(15) & ~subr(17)); 00641 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00642 CamelliaSubkeyL(18) = tl ^ subl(19); 00643 CamelliaSubkeyR(18) = tr ^ subr(19); 00644 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00645 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00646 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00647 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00648 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00649 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00650 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00651 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00652 CamelliaSubkeyL(23) = subl(22); 00653 CamelliaSubkeyR(23) = subr(22); 00654 CamelliaSubkeyL(24) = subl(24) ^ subl(23); 00655 CamelliaSubkeyR(24) = subr(24) ^ subr(23); 00656 00657 /* apply the inverse of the last half of P-function */ 00658 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00659 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00660 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00661 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00662 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00663 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00664 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00665 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00666 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00667 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00668 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00669 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00670 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00671 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00672 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00673 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00674 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00675 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00676 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00677 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00678 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00679 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00680 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00681 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00682 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00683 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00684 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00685 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00686 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00687 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00688 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00689 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00690 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00691 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00692 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00693 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00694 00695 return; 00696 } 00697 00698 static void camellia_setup256(const unsigned char *key, u32 *subkey) 00699 { 00700 u32 kll,klr,krl,krr; /* left half of key */ 00701 u32 krll,krlr,krrl,krrr; /* right half of key */ 00702 u32 il, ir, t0, t1, w0, w1; /* temporary variables */ 00703 u32 kw4l, kw4r, dw, tl, tr; 00704 u32 subL[34]; 00705 u32 subR[34]; 00706 00707 /** 00708 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) 00709 * (|| is concatination) 00710 */ 00711 00712 kll = GETU32(key ); 00713 klr = GETU32(key + 4); 00714 krl = GETU32(key + 8); 00715 krr = GETU32(key + 12); 00716 krll = GETU32(key + 16); 00717 krlr = GETU32(key + 20); 00718 krrl = GETU32(key + 24); 00719 krrr = GETU32(key + 28); 00720 00721 /* generate KL dependent subkeys */ 00722 subl(0) = kll; subr(0) = klr; 00723 subl(1) = krl; subr(1) = krr; 00724 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); 00725 subl(12) = kll; subr(12) = klr; 00726 subl(13) = krl; subr(13) = krr; 00727 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00728 subl(16) = kll; subr(16) = klr; 00729 subl(17) = krl; subr(17) = krr; 00730 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00731 subl(22) = kll; subr(22) = klr; 00732 subl(23) = krl; subr(23) = krr; 00733 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00734 subl(30) = kll; subr(30) = klr; 00735 subl(31) = krl; subr(31) = krr; 00736 00737 /* generate KR dependent subkeys */ 00738 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00739 subl(4) = krll; subr(4) = krlr; 00740 subl(5) = krrl; subr(5) = krrr; 00741 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00742 subl(8) = krll; subr(8) = krlr; 00743 subl(9) = krrl; subr(9) = krrr; 00744 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00745 subl(18) = krll; subr(18) = krlr; 00746 subl(19) = krrl; subr(19) = krrr; 00747 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00748 subl(26) = krll; subr(26) = krlr; 00749 subl(27) = krrl; subr(27) = krrr; 00750 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00751 00752 /* generate KA */ 00753 kll = subl(0) ^ krll; klr = subr(0) ^ krlr; 00754 krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; 00755 CAMELLIA_F(kll, klr, 00756 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00757 w0, w1, il, ir, t0, t1); 00758 krl ^= w0; krr ^= w1; 00759 CAMELLIA_F(krl, krr, 00760 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00761 kll, klr, il, ir, t0, t1); 00762 kll ^= krll; klr ^= krlr; 00763 CAMELLIA_F(kll, klr, 00764 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00765 krl, krr, il, ir, t0, t1); 00766 krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; 00767 CAMELLIA_F(krl, krr, 00768 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00769 w0, w1, il, ir, t0, t1); 00770 kll ^= w0; klr ^= w1; 00771 00772 /* generate KB */ 00773 krll ^= kll; krlr ^= klr; 00774 krrl ^= krl; krrr ^= krr; 00775 CAMELLIA_F(krll, krlr, 00776 CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, 00777 w0, w1, il, ir, t0, t1); 00778 krrl ^= w0; krrr ^= w1; 00779 CAMELLIA_F(krrl, krrr, 00780 CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, 00781 w0, w1, il, ir, t0, t1); 00782 krll ^= w0; krlr ^= w1; 00783 00784 /* generate KA dependent subkeys */ 00785 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00786 subl(6) = kll; subr(6) = klr; 00787 subl(7) = krl; subr(7) = krr; 00788 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00789 subl(14) = kll; subr(14) = klr; 00790 subl(15) = krl; subr(15) = krr; 00791 subl(24) = klr; subr(24) = krl; 00792 subl(25) = krr; subr(25) = kll; 00793 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); 00794 subl(28) = kll; subr(28) = klr; 00795 subl(29) = krl; subr(29) = krr; 00796 00797 /* generate KB dependent subkeys */ 00798 subl(2) = krll; subr(2) = krlr; 00799 subl(3) = krrl; subr(3) = krrr; 00800 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00801 subl(10) = krll; subr(10) = krlr; 00802 subl(11) = krrl; subr(11) = krrr; 00803 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00804 subl(20) = krll; subr(20) = krlr; 00805 subl(21) = krrl; subr(21) = krrr; 00806 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); 00807 subl(32) = krll; subr(32) = krlr; 00808 subl(33) = krrl; subr(33) = krrr; 00809 00810 /* absorb kw2 to other subkeys */ 00811 subl(3) ^= subl(1); subr(3) ^= subr(1); 00812 subl(5) ^= subl(1); subr(5) ^= subr(1); 00813 subl(7) ^= subl(1); subr(7) ^= subr(1); 00814 subl(1) ^= subr(1) & ~subr(9); 00815 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00816 subl(11) ^= subl(1); subr(11) ^= subr(1); 00817 subl(13) ^= subl(1); subr(13) ^= subr(1); 00818 subl(15) ^= subl(1); subr(15) ^= subr(1); 00819 subl(1) ^= subr(1) & ~subr(17); 00820 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00821 subl(19) ^= subl(1); subr(19) ^= subr(1); 00822 subl(21) ^= subl(1); subr(21) ^= subr(1); 00823 subl(23) ^= subl(1); subr(23) ^= subr(1); 00824 subl(1) ^= subr(1) & ~subr(25); 00825 dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); 00826 subl(27) ^= subl(1); subr(27) ^= subr(1); 00827 subl(29) ^= subl(1); subr(29) ^= subr(1); 00828 subl(31) ^= subl(1); subr(31) ^= subr(1); 00829 subl(32) ^= subl(1); subr(32) ^= subr(1); 00830 00831 /* absorb kw4 to other subkeys */ 00832 kw4l = subl(33); kw4r = subr(33); 00833 subl(30) ^= kw4l; subr(30) ^= kw4r; 00834 subl(28) ^= kw4l; subr(28) ^= kw4r; 00835 subl(26) ^= kw4l; subr(26) ^= kw4r; 00836 kw4l ^= kw4r & ~subr(24); 00837 dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); 00838 subl(22) ^= kw4l; subr(22) ^= kw4r; 00839 subl(20) ^= kw4l; subr(20) ^= kw4r; 00840 subl(18) ^= kw4l; subr(18) ^= kw4r; 00841 kw4l ^= kw4r & ~subr(16); 00842 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00843 subl(14) ^= kw4l; subr(14) ^= kw4r; 00844 subl(12) ^= kw4l; subr(12) ^= kw4r; 00845 subl(10) ^= kw4l; subr(10) ^= kw4r; 00846 kw4l ^= kw4r & ~subr(8); 00847 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00848 subl(6) ^= kw4l; subr(6) ^= kw4r; 00849 subl(4) ^= kw4l; subr(4) ^= kw4r; 00850 subl(2) ^= kw4l; subr(2) ^= kw4r; 00851 subl(0) ^= kw4l; subr(0) ^= kw4r; 00852 00853 /* key XOR is end of F-function */ 00854 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00855 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00856 CamelliaSubkeyL(2) = subl(3); 00857 CamelliaSubkeyR(2) = subr(3); 00858 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00859 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00860 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00861 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00862 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00863 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00864 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00865 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00866 tl = subl(10) ^ (subr(10) & ~subr(8)); 00867 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00868 CamelliaSubkeyL(7) = subl(6) ^ tl; 00869 CamelliaSubkeyR(7) = subr(6) ^ tr; 00870 CamelliaSubkeyL(8) = subl(8); 00871 CamelliaSubkeyR(8) = subr(8); 00872 CamelliaSubkeyL(9) = subl(9); 00873 CamelliaSubkeyR(9) = subr(9); 00874 tl = subl(7) ^ (subr(7) & ~subr(9)); 00875 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00876 CamelliaSubkeyL(10) = tl ^ subl(11); 00877 CamelliaSubkeyR(10) = tr ^ subr(11); 00878 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00879 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00880 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00881 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00882 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00883 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00884 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00885 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00886 tl = subl(18) ^ (subr(18) & ~subr(16)); 00887 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00888 CamelliaSubkeyL(15) = subl(14) ^ tl; 00889 CamelliaSubkeyR(15) = subr(14) ^ tr; 00890 CamelliaSubkeyL(16) = subl(16); 00891 CamelliaSubkeyR(16) = subr(16); 00892 CamelliaSubkeyL(17) = subl(17); 00893 CamelliaSubkeyR(17) = subr(17); 00894 tl = subl(15) ^ (subr(15) & ~subr(17)); 00895 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00896 CamelliaSubkeyL(18) = tl ^ subl(19); 00897 CamelliaSubkeyR(18) = tr ^ subr(19); 00898 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00899 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00900 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00901 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00902 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00903 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00904 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00905 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00906 tl = subl(26) ^ (subr(26) & ~subr(24)); 00907 dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); 00908 CamelliaSubkeyL(23) = subl(22) ^ tl; 00909 CamelliaSubkeyR(23) = subr(22) ^ tr; 00910 CamelliaSubkeyL(24) = subl(24); 00911 CamelliaSubkeyR(24) = subr(24); 00912 CamelliaSubkeyL(25) = subl(25); 00913 CamelliaSubkeyR(25) = subr(25); 00914 tl = subl(23) ^ (subr(23) & ~subr(25)); 00915 dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); 00916 CamelliaSubkeyL(26) = tl ^ subl(27); 00917 CamelliaSubkeyR(26) = tr ^ subr(27); 00918 CamelliaSubkeyL(27) = subl(26) ^ subl(28); 00919 CamelliaSubkeyR(27) = subr(26) ^ subr(28); 00920 CamelliaSubkeyL(28) = subl(27) ^ subl(29); 00921 CamelliaSubkeyR(28) = subr(27) ^ subr(29); 00922 CamelliaSubkeyL(29) = subl(28) ^ subl(30); 00923 CamelliaSubkeyR(29) = subr(28) ^ subr(30); 00924 CamelliaSubkeyL(30) = subl(29) ^ subl(31); 00925 CamelliaSubkeyR(30) = subr(29) ^ subr(31); 00926 CamelliaSubkeyL(31) = subl(30); 00927 CamelliaSubkeyR(31) = subr(30); 00928 CamelliaSubkeyL(32) = subl(32) ^ subl(31); 00929 CamelliaSubkeyR(32) = subr(32) ^ subr(31); 00930 00931 /* apply the inverse of the last half of P-function */ 00932 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00933 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00934 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00935 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00936 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00937 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00938 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00939 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00940 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00941 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00942 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00943 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00944 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00945 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00946 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00947 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00948 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00949 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00950 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00951 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00952 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00953 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00954 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00955 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00956 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00957 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00958 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00959 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00960 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00961 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00962 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00963 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00964 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00965 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00966 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00967 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00968 dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); 00969 CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; 00970 dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); 00971 CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; 00972 dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); 00973 CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; 00974 dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); 00975 CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; 00976 dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); 00977 CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; 00978 dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); 00979 CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; 00980 00981 return; 00982 } 00983 00984 static void camellia_setup192(const unsigned char *key, u32 *subkey) 00985 { 00986 unsigned char kk[32]; 00987 u32 krll, krlr, krrl,krrr; 00988 00989 memcpy(kk, key, 24); 00990 memcpy((unsigned char *)&krll, key+16,4); 00991 memcpy((unsigned char *)&krlr, key+20,4); 00992 krrl = ~krll; 00993 krrr = ~krlr; 00994 memcpy(kk+24, (unsigned char *)&krrl, 4); 00995 memcpy(kk+28, (unsigned char *)&krrr, 4); 00996 camellia_setup256(kk, subkey); 00997 return; 00998 } 00999 01000 01001 /** 01002 * Stuff related to camellia encryption/decryption 01003 * 01004 * "io" must be 4byte aligned and big-endian data. 01005 */ 01006 static void camellia_encrypt128(const u32 *subkey, u32 *io) 01007 { 01008 u32 il, ir, t0, t1; 01009 01010 /* pre whitening but absorb kw2*/ 01011 io[0] ^= CamelliaSubkeyL(0); 01012 io[1] ^= CamelliaSubkeyR(0); 01013 /* main iteration */ 01014 01015 CAMELLIA_ROUNDSM(io[0],io[1], 01016 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01017 io[2],io[3],il,ir,t0,t1); 01018 CAMELLIA_ROUNDSM(io[2],io[3], 01019 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01020 io[0],io[1],il,ir,t0,t1); 01021 CAMELLIA_ROUNDSM(io[0],io[1], 01022 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01023 io[2],io[3],il,ir,t0,t1); 01024 CAMELLIA_ROUNDSM(io[2],io[3], 01025 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01026 io[0],io[1],il,ir,t0,t1); 01027 CAMELLIA_ROUNDSM(io[0],io[1], 01028 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01029 io[2],io[3],il,ir,t0,t1); 01030 CAMELLIA_ROUNDSM(io[2],io[3], 01031 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01032 io[0],io[1],il,ir,t0,t1); 01033 01034 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01035 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01036 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01037 t0,t1,il,ir); 01038 01039 CAMELLIA_ROUNDSM(io[0],io[1], 01040 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01041 io[2],io[3],il,ir,t0,t1); 01042 CAMELLIA_ROUNDSM(io[2],io[3], 01043 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01044 io[0],io[1],il,ir,t0,t1); 01045 CAMELLIA_ROUNDSM(io[0],io[1], 01046 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01047 io[2],io[3],il,ir,t0,t1); 01048 CAMELLIA_ROUNDSM(io[2],io[3], 01049 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01050 io[0],io[1],il,ir,t0,t1); 01051 CAMELLIA_ROUNDSM(io[0],io[1], 01052 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01053 io[2],io[3],il,ir,t0,t1); 01054 CAMELLIA_ROUNDSM(io[2],io[3], 01055 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01056 io[0],io[1],il,ir,t0,t1); 01057 01058 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01059 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01060 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01061 t0,t1,il,ir); 01062 01063 CAMELLIA_ROUNDSM(io[0],io[1], 01064 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01065 io[2],io[3],il,ir,t0,t1); 01066 CAMELLIA_ROUNDSM(io[2],io[3], 01067 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01068 io[0],io[1],il,ir,t0,t1); 01069 CAMELLIA_ROUNDSM(io[0],io[1], 01070 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01071 io[2],io[3],il,ir,t0,t1); 01072 CAMELLIA_ROUNDSM(io[2],io[3], 01073 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01074 io[0],io[1],il,ir,t0,t1); 01075 CAMELLIA_ROUNDSM(io[0],io[1], 01076 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01077 io[2],io[3],il,ir,t0,t1); 01078 CAMELLIA_ROUNDSM(io[2],io[3], 01079 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01080 io[0],io[1],il,ir,t0,t1); 01081 01082 /* post whitening but kw4 */ 01083 io[2] ^= CamelliaSubkeyL(24); 01084 io[3] ^= CamelliaSubkeyR(24); 01085 01086 t0 = io[0]; 01087 t1 = io[1]; 01088 io[0] = io[2]; 01089 io[1] = io[3]; 01090 io[2] = t0; 01091 io[3] = t1; 01092 01093 return; 01094 } 01095 01096 static void camellia_decrypt128(const u32 *subkey, u32 *io) 01097 { 01098 u32 il,ir,t0,t1; /* temporary valiables */ 01099 01100 /* pre whitening but absorb kw2*/ 01101 io[0] ^= CamelliaSubkeyL(24); 01102 io[1] ^= CamelliaSubkeyR(24); 01103 01104 /* main iteration */ 01105 CAMELLIA_ROUNDSM(io[0],io[1], 01106 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01107 io[2],io[3],il,ir,t0,t1); 01108 CAMELLIA_ROUNDSM(io[2],io[3], 01109 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01110 io[0],io[1],il,ir,t0,t1); 01111 CAMELLIA_ROUNDSM(io[0],io[1], 01112 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01113 io[2],io[3],il,ir,t0,t1); 01114 CAMELLIA_ROUNDSM(io[2],io[3], 01115 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01116 io[0],io[1],il,ir,t0,t1); 01117 CAMELLIA_ROUNDSM(io[0],io[1], 01118 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01119 io[2],io[3],il,ir,t0,t1); 01120 CAMELLIA_ROUNDSM(io[2],io[3], 01121 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01122 io[0],io[1],il,ir,t0,t1); 01123 01124 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01125 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01126 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01127 t0,t1,il,ir); 01128 01129 CAMELLIA_ROUNDSM(io[0],io[1], 01130 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01131 io[2],io[3],il,ir,t0,t1); 01132 CAMELLIA_ROUNDSM(io[2],io[3], 01133 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01134 io[0],io[1],il,ir,t0,t1); 01135 CAMELLIA_ROUNDSM(io[0],io[1], 01136 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01137 io[2],io[3],il,ir,t0,t1); 01138 CAMELLIA_ROUNDSM(io[2],io[3], 01139 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01140 io[0],io[1],il,ir,t0,t1); 01141 CAMELLIA_ROUNDSM(io[0],io[1], 01142 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01143 io[2],io[3],il,ir,t0,t1); 01144 CAMELLIA_ROUNDSM(io[2],io[3], 01145 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01146 io[0],io[1],il,ir,t0,t1); 01147 01148 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01149 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01150 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01151 t0,t1,il,ir); 01152 01153 CAMELLIA_ROUNDSM(io[0],io[1], 01154 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01155 io[2],io[3],il,ir,t0,t1); 01156 CAMELLIA_ROUNDSM(io[2],io[3], 01157 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01158 io[0],io[1],il,ir,t0,t1); 01159 CAMELLIA_ROUNDSM(io[0],io[1], 01160 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01161 io[2],io[3],il,ir,t0,t1); 01162 CAMELLIA_ROUNDSM(io[2],io[3], 01163 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01164 io[0],io[1],il,ir,t0,t1); 01165 CAMELLIA_ROUNDSM(io[0],io[1], 01166 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01167 io[2],io[3],il,ir,t0,t1); 01168 CAMELLIA_ROUNDSM(io[2],io[3], 01169 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01170 io[0],io[1],il,ir,t0,t1); 01171 01172 /* post whitening but kw4 */ 01173 io[2] ^= CamelliaSubkeyL(0); 01174 io[3] ^= CamelliaSubkeyR(0); 01175 01176 t0 = io[0]; 01177 t1 = io[1]; 01178 io[0] = io[2]; 01179 io[1] = io[3]; 01180 io[2] = t0; 01181 io[3] = t1; 01182 01183 return; 01184 } 01185 01186 /** 01187 * stuff for 192 and 256bit encryption/decryption 01188 */ 01189 static void camellia_encrypt256(const u32 *subkey, u32 *io) 01190 { 01191 u32 il,ir,t0,t1; /* temporary valiables */ 01192 01193 /* pre whitening but absorb kw2*/ 01194 io[0] ^= CamelliaSubkeyL(0); 01195 io[1] ^= CamelliaSubkeyR(0); 01196 01197 /* main iteration */ 01198 CAMELLIA_ROUNDSM(io[0],io[1], 01199 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01200 io[2],io[3],il,ir,t0,t1); 01201 CAMELLIA_ROUNDSM(io[2],io[3], 01202 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01203 io[0],io[1],il,ir,t0,t1); 01204 CAMELLIA_ROUNDSM(io[0],io[1], 01205 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01206 io[2],io[3],il,ir,t0,t1); 01207 CAMELLIA_ROUNDSM(io[2],io[3], 01208 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01209 io[0],io[1],il,ir,t0,t1); 01210 CAMELLIA_ROUNDSM(io[0],io[1], 01211 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01212 io[2],io[3],il,ir,t0,t1); 01213 CAMELLIA_ROUNDSM(io[2],io[3], 01214 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01215 io[0],io[1],il,ir,t0,t1); 01216 01217 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01218 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01219 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01220 t0,t1,il,ir); 01221 01222 CAMELLIA_ROUNDSM(io[0],io[1], 01223 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01224 io[2],io[3],il,ir,t0,t1); 01225 CAMELLIA_ROUNDSM(io[2],io[3], 01226 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01227 io[0],io[1],il,ir,t0,t1); 01228 CAMELLIA_ROUNDSM(io[0],io[1], 01229 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01230 io[2],io[3],il,ir,t0,t1); 01231 CAMELLIA_ROUNDSM(io[2],io[3], 01232 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01233 io[0],io[1],il,ir,t0,t1); 01234 CAMELLIA_ROUNDSM(io[0],io[1], 01235 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01236 io[2],io[3],il,ir,t0,t1); 01237 CAMELLIA_ROUNDSM(io[2],io[3], 01238 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01239 io[0],io[1],il,ir,t0,t1); 01240 01241 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01242 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01243 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01244 t0,t1,il,ir); 01245 01246 CAMELLIA_ROUNDSM(io[0],io[1], 01247 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01248 io[2],io[3],il,ir,t0,t1); 01249 CAMELLIA_ROUNDSM(io[2],io[3], 01250 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01251 io[0],io[1],il,ir,t0,t1); 01252 CAMELLIA_ROUNDSM(io[0],io[1], 01253 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01254 io[2],io[3],il,ir,t0,t1); 01255 CAMELLIA_ROUNDSM(io[2],io[3], 01256 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01257 io[0],io[1],il,ir,t0,t1); 01258 CAMELLIA_ROUNDSM(io[0],io[1], 01259 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01260 io[2],io[3],il,ir,t0,t1); 01261 CAMELLIA_ROUNDSM(io[2],io[3], 01262 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01263 io[0],io[1],il,ir,t0,t1); 01264 01265 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01266 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01267 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01268 t0,t1,il,ir); 01269 01270 CAMELLIA_ROUNDSM(io[0],io[1], 01271 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01272 io[2],io[3],il,ir,t0,t1); 01273 CAMELLIA_ROUNDSM(io[2],io[3], 01274 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01275 io[0],io[1],il,ir,t0,t1); 01276 CAMELLIA_ROUNDSM(io[0],io[1], 01277 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01278 io[2],io[3],il,ir,t0,t1); 01279 CAMELLIA_ROUNDSM(io[2],io[3], 01280 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01281 io[0],io[1],il,ir,t0,t1); 01282 CAMELLIA_ROUNDSM(io[0],io[1], 01283 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01284 io[2],io[3],il,ir,t0,t1); 01285 CAMELLIA_ROUNDSM(io[2],io[3], 01286 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01287 io[0],io[1],il,ir,t0,t1); 01288 01289 /* post whitening but kw4 */ 01290 io[2] ^= CamelliaSubkeyL(32); 01291 io[3] ^= CamelliaSubkeyR(32); 01292 01293 t0 = io[0]; 01294 t1 = io[1]; 01295 io[0] = io[2]; 01296 io[1] = io[3]; 01297 io[2] = t0; 01298 io[3] = t1; 01299 01300 return; 01301 } 01302 01303 static void camellia_decrypt256(const u32 *subkey, u32 *io) 01304 { 01305 u32 il,ir,t0,t1; /* temporary valiables */ 01306 01307 /* pre whitening but absorb kw2*/ 01308 io[0] ^= CamelliaSubkeyL(32); 01309 io[1] ^= CamelliaSubkeyR(32); 01310 01311 /* main iteration */ 01312 CAMELLIA_ROUNDSM(io[0],io[1], 01313 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01314 io[2],io[3],il,ir,t0,t1); 01315 CAMELLIA_ROUNDSM(io[2],io[3], 01316 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01317 io[0],io[1],il,ir,t0,t1); 01318 CAMELLIA_ROUNDSM(io[0],io[1], 01319 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01320 io[2],io[3],il,ir,t0,t1); 01321 CAMELLIA_ROUNDSM(io[2],io[3], 01322 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01323 io[0],io[1],il,ir,t0,t1); 01324 CAMELLIA_ROUNDSM(io[0],io[1], 01325 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01326 io[2],io[3],il,ir,t0,t1); 01327 CAMELLIA_ROUNDSM(io[2],io[3], 01328 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01329 io[0],io[1],il,ir,t0,t1); 01330 01331 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01332 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01333 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01334 t0,t1,il,ir); 01335 01336 CAMELLIA_ROUNDSM(io[0],io[1], 01337 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01338 io[2],io[3],il,ir,t0,t1); 01339 CAMELLIA_ROUNDSM(io[2],io[3], 01340 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01341 io[0],io[1],il,ir,t0,t1); 01342 CAMELLIA_ROUNDSM(io[0],io[1], 01343 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01344 io[2],io[3],il,ir,t0,t1); 01345 CAMELLIA_ROUNDSM(io[2],io[3], 01346 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01347 io[0],io[1],il,ir,t0,t1); 01348 CAMELLIA_ROUNDSM(io[0],io[1], 01349 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01350 io[2],io[3],il,ir,t0,t1); 01351 CAMELLIA_ROUNDSM(io[2],io[3], 01352 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01353 io[0],io[1],il,ir,t0,t1); 01354 01355 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01356 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01357 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01358 t0,t1,il,ir); 01359 01360 CAMELLIA_ROUNDSM(io[0],io[1], 01361 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01362 io[2],io[3],il,ir,t0,t1); 01363 CAMELLIA_ROUNDSM(io[2],io[3], 01364 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01365 io[0],io[1],il,ir,t0,t1); 01366 CAMELLIA_ROUNDSM(io[0],io[1], 01367 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01368 io[2],io[3],il,ir,t0,t1); 01369 CAMELLIA_ROUNDSM(io[2],io[3], 01370 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01371 io[0],io[1],il,ir,t0,t1); 01372 CAMELLIA_ROUNDSM(io[0],io[1], 01373 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01374 io[2],io[3],il,ir,t0,t1); 01375 CAMELLIA_ROUNDSM(io[2],io[3], 01376 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01377 io[0],io[1],il,ir,t0,t1); 01378 01379 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01380 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01381 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01382 t0,t1,il,ir); 01383 01384 CAMELLIA_ROUNDSM(io[0],io[1], 01385 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01386 io[2],io[3],il,ir,t0,t1); 01387 CAMELLIA_ROUNDSM(io[2],io[3], 01388 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01389 io[0],io[1],il,ir,t0,t1); 01390 CAMELLIA_ROUNDSM(io[0],io[1], 01391 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01392 io[2],io[3],il,ir,t0,t1); 01393 CAMELLIA_ROUNDSM(io[2],io[3], 01394 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01395 io[0],io[1],il,ir,t0,t1); 01396 CAMELLIA_ROUNDSM(io[0],io[1], 01397 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01398 io[2],io[3],il,ir,t0,t1); 01399 CAMELLIA_ROUNDSM(io[2],io[3], 01400 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01401 io[0],io[1],il,ir,t0,t1); 01402 01403 /* post whitening but kw4 */ 01404 io[2] ^= CamelliaSubkeyL(0); 01405 io[3] ^= CamelliaSubkeyR(0); 01406 01407 t0 = io[0]; 01408 t1 = io[1]; 01409 io[0] = io[2]; 01410 io[1] = io[3]; 01411 io[2] = t0; 01412 io[3] = t1; 01413 01414 return; 01415 } 01416 01417 /*** 01418 * 01419 * API for compatibility 01420 */ 01421 01422 static void Camellia_EncryptBlock(const int keyBitLength, 01423 const unsigned char *plaintext, 01424 const KEY_TABLE_TYPE keyTable, 01425 unsigned char *ciphertext) 01426 { 01427 u32 tmp[4]; 01428 01429 tmp[0] = GETU32(plaintext); 01430 tmp[1] = GETU32(plaintext + 4); 01431 tmp[2] = GETU32(plaintext + 8); 01432 tmp[3] = GETU32(plaintext + 12); 01433 01434 switch (keyBitLength) { 01435 case 128: 01436 camellia_encrypt128(keyTable, tmp); 01437 break; 01438 case 192: 01439 /* fall through */ 01440 case 256: 01441 camellia_encrypt256(keyTable, tmp); 01442 break; 01443 default: 01444 break; 01445 } 01446 01447 PUTU32(ciphertext, tmp[0]); 01448 PUTU32(ciphertext + 4, tmp[1]); 01449 PUTU32(ciphertext + 8, tmp[2]); 01450 PUTU32(ciphertext + 12, tmp[3]); 01451 } 01452 01453 static void Camellia_DecryptBlock(const int keyBitLength, 01454 const unsigned char *ciphertext, 01455 const KEY_TABLE_TYPE keyTable, 01456 unsigned char *plaintext) 01457 { 01458 u32 tmp[4]; 01459 01460 tmp[0] = GETU32(ciphertext); 01461 tmp[1] = GETU32(ciphertext + 4); 01462 tmp[2] = GETU32(ciphertext + 8); 01463 tmp[3] = GETU32(ciphertext + 12); 01464 01465 switch (keyBitLength) { 01466 case 128: 01467 camellia_decrypt128(keyTable, tmp); 01468 break; 01469 case 192: 01470 /* fall through */ 01471 case 256: 01472 camellia_decrypt256(keyTable, tmp); 01473 break; 01474 default: 01475 break; 01476 } 01477 PUTU32(plaintext, tmp[0]); 01478 PUTU32(plaintext + 4, tmp[1]); 01479 PUTU32(plaintext + 8, tmp[2]); 01480 PUTU32(plaintext + 12, tmp[3]); 01481 } 01482 01483 01484 01485 /* CTaoCrypt wrappers to the Camellia code */ 01486 01487 int CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv) 01488 { 01489 if (cam == NULL) return BAD_FUNC_ARG; 01490 01491 XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE)); 01492 switch (len) { 01493 case 16: 01494 camellia_setup128(key, cam->key); 01495 break; 01496 case 24: 01497 camellia_setup192(key, cam->key); 01498 break; 01499 case 32: 01500 camellia_setup256(key, cam->key); 01501 break; 01502 default: 01503 return BAD_FUNC_ARG; 01504 } 01505 cam->keySz = len * 8; 01506 01507 return CamelliaSetIV(cam, iv); 01508 } 01509 01510 01511 int CamelliaSetIV(Camellia* cam, const byte* iv) 01512 { 01513 if (cam == NULL) 01514 return BAD_FUNC_ARG; 01515 01516 if (iv) 01517 XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE); 01518 01519 return 0; 01520 } 01521 01522 01523 void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in) 01524 { 01525 Camellia_EncryptBlock(cam->keySz, in, cam->key, out); 01526 } 01527 01528 01529 void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in) 01530 { 01531 Camellia_DecryptBlock(cam->keySz, in, cam->key, out); 01532 } 01533 01534 01535 void CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01536 { 01537 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01538 01539 while (blocks--) { 01540 xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE); 01541 Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg, 01542 cam->key, (byte*)cam->reg); 01543 XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE); 01544 01545 out += CAMELLIA_BLOCK_SIZE; 01546 in += CAMELLIA_BLOCK_SIZE; 01547 } 01548 } 01549 01550 01551 void CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01552 { 01553 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01554 01555 while (blocks--) { 01556 XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE); 01557 Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out); 01558 xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE); 01559 XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE); 01560 01561 out += CAMELLIA_BLOCK_SIZE; 01562 in += CAMELLIA_BLOCK_SIZE; 01563 } 01564 } 01565 01566 01567 #endif /* HAVE_CAMELLIA */ 01568
Generated on Thu Jul 14 2022 00:25:23 by
1.7.2