Ashley Mills
This is a port of cyaSSL 2.7.0.
Dependents: CyaSSL_DTLS_Cellular CyaSSL_DTLS_Ethernet
Embed:
(wiki syntax)
Show/hide line numbers
camellia.c
00001 /* camellia.c ver 1.2.0 00002 * 00003 * Copyright (c) 2006,2007 00004 * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer as 00011 * the first lines of this file unmodified. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 00016 * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR 00017 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00018 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 00019 * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, 00020 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00021 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00022 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00023 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00024 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 00025 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 */ 00027 00028 /* camellia.c 00029 * 00030 * Copyright (C) 2006-2013 wolfSSL Inc. 00031 * 00032 * This file is part of CyaSSL. 00033 * 00034 * CyaSSL is free software; you can redistribute it and/or modify 00035 * it under the terms of the GNU General Public License as published by 00036 * the Free Software Foundation; either version 2 of the License, or 00037 * (at your option) any later version. 00038 * 00039 * CyaSSL is distributed in the hope that it will be useful, 00040 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00041 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00042 * GNU General Public License for more details. 00043 * 00044 * You should have received a copy of the GNU General Public License 00045 * along with this program; if not, write to the Free Software 00046 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00047 */ 00048 00049 /* 00050 * Algorithm Specification 00051 * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html 00052 */ 00053 00054 00055 #ifdef HAVE_CONFIG_H 00056 #include <config.h> 00057 #endif 00058 00059 #include <cyassl/ctaocrypt/settings.h> 00060 00061 #ifdef HAVE_CAMELLIA 00062 00063 #include <cyassl/ctaocrypt/camellia.h> 00064 #include <cyassl/ctaocrypt/ctaoerror2.h> 00065 #include <cyassl/ctaocrypt/logging.h> 00066 #ifdef NO_INLINE 00067 #include <cyassl/ctaocrypt/misc.h> 00068 #else 00069 #include <ctaocrypt/src/misc.c> 00070 #endif 00071 00072 00073 /* u32 must be 32bit word */ 00074 typedef unsigned int u32; 00075 typedef unsigned char u8; 00076 00077 /* key constants */ 00078 00079 #define CAMELLIA_SIGMA1L ((u32)0xA09E667FL) 00080 #define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL) 00081 #define CAMELLIA_SIGMA2L ((u32)0xB67AE858L) 00082 #define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L) 00083 #define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL) 00084 #define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL) 00085 #define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L) 00086 #define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL) 00087 #define CAMELLIA_SIGMA5L ((u32)0x10E527FAL) 00088 #define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL) 00089 #define CAMELLIA_SIGMA6L ((u32)0xB05688C2L) 00090 #define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL) 00091 00092 /* 00093 * macros 00094 */ 00095 00096 00097 #if defined(_MSC_VER) 00098 00099 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 00100 # define GETU32(p) SWAP(*((u32 *)(p))) 00101 # define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} 00102 00103 #else /* not MS-VC */ 00104 00105 # define GETU32(pt) \ 00106 (((u32)(pt)[0] << 24) \ 00107 ^ ((u32)(pt)[1] << 16) \ 00108 ^ ((u32)(pt)[2] << 8) \ 00109 ^ ((u32)(pt)[3])) 00110 00111 # define PUTU32(ct, st) { \ 00112 (ct)[0] = (u8)((st) >> 24); \ 00113 (ct)[1] = (u8)((st) >> 16); \ 00114 (ct)[2] = (u8)((st) >> 8); \ 00115 (ct)[3] = (u8)(st); } 00116 00117 #endif 00118 00119 #define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) 00120 #define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) 00121 00122 /* rotation right shift 1byte */ 00123 #define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) 00124 /* rotation left shift 1bit */ 00125 #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) 00126 /* rotation left shift 1byte */ 00127 #define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) 00128 00129 #define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ 00130 do { \ 00131 w0 = ll; \ 00132 ll = (ll << bits) + (lr >> (32 - bits)); \ 00133 lr = (lr << bits) + (rl >> (32 - bits)); \ 00134 rl = (rl << bits) + (rr >> (32 - bits)); \ 00135 rr = (rr << bits) + (w0 >> (32 - bits)); \ 00136 } while(0) 00137 00138 #define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 00139 do { \ 00140 w0 = ll; \ 00141 w1 = lr; \ 00142 ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ 00143 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 00144 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 00145 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 00146 } while(0) 00147 00148 #define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) 00149 #define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) 00150 #define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) 00151 #define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) 00152 00153 #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00154 do { \ 00155 il = xl ^ kl; \ 00156 ir = xr ^ kr; \ 00157 t0 = il >> 16; \ 00158 t1 = ir >> 16; \ 00159 yl = CAMELLIA_SP1110(ir & 0xff) \ 00160 ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ 00161 ^ CAMELLIA_SP3033(t1 & 0xff) \ 00162 ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ 00163 yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ 00164 ^ CAMELLIA_SP0222(t0 & 0xff) \ 00165 ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ 00166 ^ CAMELLIA_SP4404(il & 0xff); \ 00167 yl ^= yr; \ 00168 yr = CAMELLIA_RR8(yr); \ 00169 yr ^= yl; \ 00170 } while(0) 00171 00172 00173 /* 00174 * for speed up 00175 * 00176 */ 00177 #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ 00178 do { \ 00179 t0 = kll; \ 00180 t0 &= ll; \ 00181 lr ^= CAMELLIA_RL1(t0); \ 00182 t1 = klr; \ 00183 t1 |= lr; \ 00184 ll ^= t1; \ 00185 \ 00186 t2 = krr; \ 00187 t2 |= rr; \ 00188 rl ^= t2; \ 00189 t3 = krl; \ 00190 t3 &= rl; \ 00191 rr ^= CAMELLIA_RL1(t3); \ 00192 } while(0) 00193 00194 #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00195 do { \ 00196 ir = CAMELLIA_SP1110(xr & 0xff) \ 00197 ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ 00198 ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ 00199 ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ 00200 il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ 00201 ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ 00202 ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ 00203 ^ CAMELLIA_SP4404(xl & 0xff); \ 00204 il ^= kl; \ 00205 ir ^= kr; \ 00206 ir ^= il; \ 00207 il = CAMELLIA_RR8(il); \ 00208 il ^= ir; \ 00209 yl ^= ir; \ 00210 yr ^= il; \ 00211 } while(0) 00212 00213 00214 static const u32 camellia_sp1110[256] = { 00215 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 00216 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 00217 0xe4e4e400,0x85858500,0x57575700,0x35353500, 00218 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 00219 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 00220 0x45454500,0x19191900,0xa5a5a500,0x21212100, 00221 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 00222 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 00223 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 00224 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 00225 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 00226 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 00227 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 00228 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 00229 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 00230 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 00231 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 00232 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 00233 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 00234 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 00235 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 00236 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 00237 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 00238 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 00239 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 00240 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 00241 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 00242 0x53535300,0x18181800,0xf2f2f200,0x22222200, 00243 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 00244 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 00245 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 00246 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 00247 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 00248 0xa1a1a100,0x89898900,0x62626200,0x97979700, 00249 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 00250 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 00251 0x10101000,0xc4c4c400,0x00000000,0x48484800, 00252 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 00253 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 00254 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 00255 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 00256 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 00257 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 00258 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 00259 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 00260 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 00261 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 00262 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 00263 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 00264 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 00265 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 00266 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 00267 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 00268 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 00269 0xd4d4d400,0x25252500,0xababab00,0x42424200, 00270 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 00271 0x72727200,0x07070700,0xb9b9b900,0x55555500, 00272 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 00273 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 00274 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 00275 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 00276 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 00277 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 00278 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 00279 }; 00280 00281 static const u32 camellia_sp0222[256] = { 00282 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 00283 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 00284 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 00285 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 00286 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 00287 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 00288 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 00289 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 00290 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 00291 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 00292 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 00293 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 00294 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 00295 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 00296 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 00297 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 00298 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 00299 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 00300 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 00301 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 00302 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 00303 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 00304 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 00305 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 00306 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 00307 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 00308 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 00309 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 00310 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 00311 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 00312 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 00313 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 00314 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 00315 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 00316 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 00317 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 00318 0x00202020,0x00898989,0x00000000,0x00909090, 00319 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 00320 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 00321 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 00322 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 00323 0x009b9b9b,0x00949494,0x00212121,0x00666666, 00324 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 00325 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 00326 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 00327 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 00328 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 00329 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 00330 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 00331 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 00332 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 00333 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 00334 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 00335 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 00336 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 00337 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 00338 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 00339 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 00340 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 00341 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 00342 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 00343 0x00777777,0x00939393,0x00868686,0x00838383, 00344 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 00345 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 00346 }; 00347 00348 static const u32 camellia_sp3033[256] = { 00349 0x38003838,0x41004141,0x16001616,0x76007676, 00350 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 00351 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 00352 0x75007575,0x06000606,0x57005757,0xa000a0a0, 00353 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 00354 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 00355 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 00356 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 00357 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 00358 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 00359 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 00360 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 00361 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 00362 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 00363 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 00364 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 00365 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 00366 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 00367 0x3a003a3a,0x09000909,0x95009595,0x10001010, 00368 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 00369 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 00370 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 00371 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 00372 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 00373 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 00374 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 00375 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 00376 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 00377 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 00378 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 00379 0x12001212,0x04000404,0x74007474,0x54005454, 00380 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 00381 0x55005555,0x68006868,0x50005050,0xbe00bebe, 00382 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 00383 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 00384 0x70007070,0xff00ffff,0x32003232,0x69006969, 00385 0x08000808,0x62006262,0x00000000,0x24002424, 00386 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 00387 0x45004545,0x81008181,0x73007373,0x6d006d6d, 00388 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 00389 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 00390 0xe600e6e6,0x25002525,0x48004848,0x99009999, 00391 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 00392 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 00393 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 00394 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 00395 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 00396 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 00397 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 00398 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 00399 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 00400 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 00401 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 00402 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 00403 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 00404 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 00405 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 00406 0x7c007c7c,0x77007777,0x56005656,0x05000505, 00407 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 00408 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 00409 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 00410 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 00411 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 00412 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 00413 }; 00414 00415 static const u32 camellia_sp4404[256] = { 00416 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 00417 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 00418 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 00419 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 00420 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 00421 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 00422 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 00423 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 00424 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 00425 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 00426 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 00427 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 00428 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 00429 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 00430 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 00431 0x24240024,0xe8e800e8,0x60600060,0x69690069, 00432 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 00433 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 00434 0x10100010,0x00000000,0xa3a300a3,0x75750075, 00435 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 00436 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 00437 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 00438 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 00439 0x81810081,0x6f6f006f,0x13130013,0x63630063, 00440 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 00441 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 00442 0x78780078,0x06060006,0xe7e700e7,0x71710071, 00443 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 00444 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 00445 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 00446 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 00447 0x15150015,0xadad00ad,0x77770077,0x80800080, 00448 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 00449 0x85850085,0x35350035,0x0c0c000c,0x41410041, 00450 0xefef00ef,0x93930093,0x19190019,0x21210021, 00451 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 00452 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 00453 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 00454 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 00455 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 00456 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 00457 0x12120012,0x20200020,0xb1b100b1,0x99990099, 00458 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 00459 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 00460 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 00461 0x0f0f000f,0x16160016,0x18180018,0x22220022, 00462 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 00463 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 00464 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 00465 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 00466 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 00467 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 00468 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 00469 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 00470 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 00471 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 00472 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 00473 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 00474 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 00475 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 00476 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 00477 0x49490049,0x68680068,0x38380038,0xa4a400a4, 00478 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 00479 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 00480 }; 00481 00482 00483 /** 00484 * Stuff related to the Camellia key schedule 00485 */ 00486 #define subl(x) subL[(x)] 00487 #define subr(x) subR[(x)] 00488 00489 static void camellia_setup128(const unsigned char *key, u32 *subkey) 00490 { 00491 u32 kll, klr, krl, krr; 00492 u32 il, ir, t0, t1, w0, w1; 00493 u32 kw4l, kw4r, dw, tl, tr; 00494 u32 subL[26]; 00495 u32 subR[26]; 00496 00497 /** 00498 * k == kll || klr || krl || krr (|| is concatination) 00499 */ 00500 kll = GETU32(key ); 00501 klr = GETU32(key + 4); 00502 krl = GETU32(key + 8); 00503 krr = GETU32(key + 12); 00504 /** 00505 * generate KL dependent subkeys 00506 */ 00507 subl(0) = kll; subr(0) = klr; 00508 subl(1) = krl; subr(1) = krr; 00509 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00510 subl(4) = kll; subr(4) = klr; 00511 subl(5) = krl; subr(5) = krr; 00512 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00513 subl(10) = kll; subr(10) = klr; 00514 subl(11) = krl; subr(11) = krr; 00515 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00516 subl(13) = krl; subr(13) = krr; 00517 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00518 subl(16) = kll; subr(16) = klr; 00519 subl(17) = krl; subr(17) = krr; 00520 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00521 subl(18) = kll; subr(18) = klr; 00522 subl(19) = krl; subr(19) = krr; 00523 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00524 subl(22) = kll; subr(22) = klr; 00525 subl(23) = krl; subr(23) = krr; 00526 00527 /* generate KA */ 00528 kll = subl(0); klr = subr(0); 00529 krl = subl(1); krr = subr(1); 00530 CAMELLIA_F(kll, klr, 00531 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00532 w0, w1, il, ir, t0, t1); 00533 krl ^= w0; krr ^= w1; 00534 CAMELLIA_F(krl, krr, 00535 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00536 kll, klr, il, ir, t0, t1); 00537 CAMELLIA_F(kll, klr, 00538 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00539 krl, krr, il, ir, t0, t1); 00540 krl ^= w0; krr ^= w1; 00541 CAMELLIA_F(krl, krr, 00542 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00543 w0, w1, il, ir, t0, t1); 00544 kll ^= w0; klr ^= w1; 00545 00546 /* generate KA dependent subkeys */ 00547 subl(2) = kll; subr(2) = klr; 00548 subl(3) = krl; subr(3) = krr; 00549 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00550 subl(6) = kll; subr(6) = klr; 00551 subl(7) = krl; subr(7) = krr; 00552 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00553 subl(8) = kll; subr(8) = klr; 00554 subl(9) = krl; subr(9) = krr; 00555 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00556 subl(12) = kll; subr(12) = klr; 00557 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00558 subl(14) = kll; subr(14) = klr; 00559 subl(15) = krl; subr(15) = krr; 00560 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00561 subl(20) = kll; subr(20) = klr; 00562 subl(21) = krl; subr(21) = krr; 00563 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00564 subl(24) = kll; subr(24) = klr; 00565 subl(25) = krl; subr(25) = krr; 00566 00567 00568 /* absorb kw2 to other subkeys */ 00569 subl(3) ^= subl(1); subr(3) ^= subr(1); 00570 subl(5) ^= subl(1); subr(5) ^= subr(1); 00571 subl(7) ^= subl(1); subr(7) ^= subr(1); 00572 subl(1) ^= subr(1) & ~subr(9); 00573 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00574 subl(11) ^= subl(1); subr(11) ^= subr(1); 00575 subl(13) ^= subl(1); subr(13) ^= subr(1); 00576 subl(15) ^= subl(1); subr(15) ^= subr(1); 00577 subl(1) ^= subr(1) & ~subr(17); 00578 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00579 subl(19) ^= subl(1); subr(19) ^= subr(1); 00580 subl(21) ^= subl(1); subr(21) ^= subr(1); 00581 subl(23) ^= subl(1); subr(23) ^= subr(1); 00582 subl(24) ^= subl(1); subr(24) ^= subr(1); 00583 00584 /* absorb kw4 to other subkeys */ 00585 kw4l = subl(25); kw4r = subr(25); 00586 subl(22) ^= kw4l; subr(22) ^= kw4r; 00587 subl(20) ^= kw4l; subr(20) ^= kw4r; 00588 subl(18) ^= kw4l; subr(18) ^= kw4r; 00589 kw4l ^= kw4r & ~subr(16); 00590 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00591 subl(14) ^= kw4l; subr(14) ^= kw4r; 00592 subl(12) ^= kw4l; subr(12) ^= kw4r; 00593 subl(10) ^= kw4l; subr(10) ^= kw4r; 00594 kw4l ^= kw4r & ~subr(8); 00595 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00596 subl(6) ^= kw4l; subr(6) ^= kw4r; 00597 subl(4) ^= kw4l; subr(4) ^= kw4r; 00598 subl(2) ^= kw4l; subr(2) ^= kw4r; 00599 subl(0) ^= kw4l; subr(0) ^= kw4r; 00600 00601 /* key XOR is end of F-function */ 00602 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00603 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00604 CamelliaSubkeyL(2) = subl(3); 00605 CamelliaSubkeyR(2) = subr(3); 00606 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00607 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00608 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00609 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00610 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00611 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00612 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00613 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00614 tl = subl(10) ^ (subr(10) & ~subr(8)); 00615 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00616 CamelliaSubkeyL(7) = subl(6) ^ tl; 00617 CamelliaSubkeyR(7) = subr(6) ^ tr; 00618 CamelliaSubkeyL(8) = subl(8); 00619 CamelliaSubkeyR(8) = subr(8); 00620 CamelliaSubkeyL(9) = subl(9); 00621 CamelliaSubkeyR(9) = subr(9); 00622 tl = subl(7) ^ (subr(7) & ~subr(9)); 00623 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00624 CamelliaSubkeyL(10) = tl ^ subl(11); 00625 CamelliaSubkeyR(10) = tr ^ subr(11); 00626 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00627 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00628 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00629 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00630 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00631 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00632 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00633 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00634 tl = subl(18) ^ (subr(18) & ~subr(16)); 00635 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00636 CamelliaSubkeyL(15) = subl(14) ^ tl; 00637 CamelliaSubkeyR(15) = subr(14) ^ tr; 00638 CamelliaSubkeyL(16) = subl(16); 00639 CamelliaSubkeyR(16) = subr(16); 00640 CamelliaSubkeyL(17) = subl(17); 00641 CamelliaSubkeyR(17) = subr(17); 00642 tl = subl(15) ^ (subr(15) & ~subr(17)); 00643 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00644 CamelliaSubkeyL(18) = tl ^ subl(19); 00645 CamelliaSubkeyR(18) = tr ^ subr(19); 00646 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00647 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00648 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00649 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00650 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00651 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00652 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00653 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00654 CamelliaSubkeyL(23) = subl(22); 00655 CamelliaSubkeyR(23) = subr(22); 00656 CamelliaSubkeyL(24) = subl(24) ^ subl(23); 00657 CamelliaSubkeyR(24) = subr(24) ^ subr(23); 00658 00659 /* apply the inverse of the last half of P-function */ 00660 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00661 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00662 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00663 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00664 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00665 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00666 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00667 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00668 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00669 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00670 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00671 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00672 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00673 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00674 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00675 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00676 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00677 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00678 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00679 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00680 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00681 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00682 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00683 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00684 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00685 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00686 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00687 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00688 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00689 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00690 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00691 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00692 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00693 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00694 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00695 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00696 00697 return; 00698 } 00699 00700 static void camellia_setup256(const unsigned char *key, u32 *subkey) 00701 { 00702 u32 kll,klr,krl,krr; /* left half of key */ 00703 u32 krll,krlr,krrl,krrr; /* right half of key */ 00704 u32 il, ir, t0, t1, w0, w1; /* temporary variables */ 00705 u32 kw4l, kw4r, dw, tl, tr; 00706 u32 subL[34]; 00707 u32 subR[34]; 00708 00709 /** 00710 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) 00711 * (|| is concatination) 00712 */ 00713 00714 kll = GETU32(key ); 00715 klr = GETU32(key + 4); 00716 krl = GETU32(key + 8); 00717 krr = GETU32(key + 12); 00718 krll = GETU32(key + 16); 00719 krlr = GETU32(key + 20); 00720 krrl = GETU32(key + 24); 00721 krrr = GETU32(key + 28); 00722 00723 /* generate KL dependent subkeys */ 00724 subl(0) = kll; subr(0) = klr; 00725 subl(1) = krl; subr(1) = krr; 00726 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); 00727 subl(12) = kll; subr(12) = klr; 00728 subl(13) = krl; subr(13) = krr; 00729 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00730 subl(16) = kll; subr(16) = klr; 00731 subl(17) = krl; subr(17) = krr; 00732 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00733 subl(22) = kll; subr(22) = klr; 00734 subl(23) = krl; subr(23) = krr; 00735 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00736 subl(30) = kll; subr(30) = klr; 00737 subl(31) = krl; subr(31) = krr; 00738 00739 /* generate KR dependent subkeys */ 00740 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00741 subl(4) = krll; subr(4) = krlr; 00742 subl(5) = krrl; subr(5) = krrr; 00743 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00744 subl(8) = krll; subr(8) = krlr; 00745 subl(9) = krrl; subr(9) = krrr; 00746 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00747 subl(18) = krll; subr(18) = krlr; 00748 subl(19) = krrl; subr(19) = krrr; 00749 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00750 subl(26) = krll; subr(26) = krlr; 00751 subl(27) = krrl; subr(27) = krrr; 00752 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00753 00754 /* generate KA */ 00755 kll = subl(0) ^ krll; klr = subr(0) ^ krlr; 00756 krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; 00757 CAMELLIA_F(kll, klr, 00758 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00759 w0, w1, il, ir, t0, t1); 00760 krl ^= w0; krr ^= w1; 00761 CAMELLIA_F(krl, krr, 00762 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00763 kll, klr, il, ir, t0, t1); 00764 kll ^= krll; klr ^= krlr; 00765 CAMELLIA_F(kll, klr, 00766 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00767 krl, krr, il, ir, t0, t1); 00768 krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; 00769 CAMELLIA_F(krl, krr, 00770 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00771 w0, w1, il, ir, t0, t1); 00772 kll ^= w0; klr ^= w1; 00773 00774 /* generate KB */ 00775 krll ^= kll; krlr ^= klr; 00776 krrl ^= krl; krrr ^= krr; 00777 CAMELLIA_F(krll, krlr, 00778 CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, 00779 w0, w1, il, ir, t0, t1); 00780 krrl ^= w0; krrr ^= w1; 00781 CAMELLIA_F(krrl, krrr, 00782 CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, 00783 w0, w1, il, ir, t0, t1); 00784 krll ^= w0; krlr ^= w1; 00785 00786 /* generate KA dependent subkeys */ 00787 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00788 subl(6) = kll; subr(6) = klr; 00789 subl(7) = krl; subr(7) = krr; 00790 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00791 subl(14) = kll; subr(14) = klr; 00792 subl(15) = krl; subr(15) = krr; 00793 subl(24) = klr; subr(24) = krl; 00794 subl(25) = krr; subr(25) = kll; 00795 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); 00796 subl(28) = kll; subr(28) = klr; 00797 subl(29) = krl; subr(29) = krr; 00798 00799 /* generate KB dependent subkeys */ 00800 subl(2) = krll; subr(2) = krlr; 00801 subl(3) = krrl; subr(3) = krrr; 00802 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00803 subl(10) = krll; subr(10) = krlr; 00804 subl(11) = krrl; subr(11) = krrr; 00805 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00806 subl(20) = krll; subr(20) = krlr; 00807 subl(21) = krrl; subr(21) = krrr; 00808 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); 00809 subl(32) = krll; subr(32) = krlr; 00810 subl(33) = krrl; subr(33) = krrr; 00811 00812 /* absorb kw2 to other subkeys */ 00813 subl(3) ^= subl(1); subr(3) ^= subr(1); 00814 subl(5) ^= subl(1); subr(5) ^= subr(1); 00815 subl(7) ^= subl(1); subr(7) ^= subr(1); 00816 subl(1) ^= subr(1) & ~subr(9); 00817 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00818 subl(11) ^= subl(1); subr(11) ^= subr(1); 00819 subl(13) ^= subl(1); subr(13) ^= subr(1); 00820 subl(15) ^= subl(1); subr(15) ^= subr(1); 00821 subl(1) ^= subr(1) & ~subr(17); 00822 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00823 subl(19) ^= subl(1); subr(19) ^= subr(1); 00824 subl(21) ^= subl(1); subr(21) ^= subr(1); 00825 subl(23) ^= subl(1); subr(23) ^= subr(1); 00826 subl(1) ^= subr(1) & ~subr(25); 00827 dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); 00828 subl(27) ^= subl(1); subr(27) ^= subr(1); 00829 subl(29) ^= subl(1); subr(29) ^= subr(1); 00830 subl(31) ^= subl(1); subr(31) ^= subr(1); 00831 subl(32) ^= subl(1); subr(32) ^= subr(1); 00832 00833 /* absorb kw4 to other subkeys */ 00834 kw4l = subl(33); kw4r = subr(33); 00835 subl(30) ^= kw4l; subr(30) ^= kw4r; 00836 subl(28) ^= kw4l; subr(28) ^= kw4r; 00837 subl(26) ^= kw4l; subr(26) ^= kw4r; 00838 kw4l ^= kw4r & ~subr(24); 00839 dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); 00840 subl(22) ^= kw4l; subr(22) ^= kw4r; 00841 subl(20) ^= kw4l; subr(20) ^= kw4r; 00842 subl(18) ^= kw4l; subr(18) ^= kw4r; 00843 kw4l ^= kw4r & ~subr(16); 00844 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00845 subl(14) ^= kw4l; subr(14) ^= kw4r; 00846 subl(12) ^= kw4l; subr(12) ^= kw4r; 00847 subl(10) ^= kw4l; subr(10) ^= kw4r; 00848 kw4l ^= kw4r & ~subr(8); 00849 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00850 subl(6) ^= kw4l; subr(6) ^= kw4r; 00851 subl(4) ^= kw4l; subr(4) ^= kw4r; 00852 subl(2) ^= kw4l; subr(2) ^= kw4r; 00853 subl(0) ^= kw4l; subr(0) ^= kw4r; 00854 00855 /* key XOR is end of F-function */ 00856 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00857 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00858 CamelliaSubkeyL(2) = subl(3); 00859 CamelliaSubkeyR(2) = subr(3); 00860 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00861 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00862 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00863 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00864 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00865 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00866 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00867 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00868 tl = subl(10) ^ (subr(10) & ~subr(8)); 00869 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00870 CamelliaSubkeyL(7) = subl(6) ^ tl; 00871 CamelliaSubkeyR(7) = subr(6) ^ tr; 00872 CamelliaSubkeyL(8) = subl(8); 00873 CamelliaSubkeyR(8) = subr(8); 00874 CamelliaSubkeyL(9) = subl(9); 00875 CamelliaSubkeyR(9) = subr(9); 00876 tl = subl(7) ^ (subr(7) & ~subr(9)); 00877 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00878 CamelliaSubkeyL(10) = tl ^ subl(11); 00879 CamelliaSubkeyR(10) = tr ^ subr(11); 00880 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00881 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00882 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00883 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00884 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00885 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00886 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00887 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00888 tl = subl(18) ^ (subr(18) & ~subr(16)); 00889 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00890 CamelliaSubkeyL(15) = subl(14) ^ tl; 00891 CamelliaSubkeyR(15) = subr(14) ^ tr; 00892 CamelliaSubkeyL(16) = subl(16); 00893 CamelliaSubkeyR(16) = subr(16); 00894 CamelliaSubkeyL(17) = subl(17); 00895 CamelliaSubkeyR(17) = subr(17); 00896 tl = subl(15) ^ (subr(15) & ~subr(17)); 00897 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00898 CamelliaSubkeyL(18) = tl ^ subl(19); 00899 CamelliaSubkeyR(18) = tr ^ subr(19); 00900 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00901 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00902 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00903 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00904 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00905 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00906 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00907 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00908 tl = subl(26) ^ (subr(26) & ~subr(24)); 00909 dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); 00910 CamelliaSubkeyL(23) = subl(22) ^ tl; 00911 CamelliaSubkeyR(23) = subr(22) ^ tr; 00912 CamelliaSubkeyL(24) = subl(24); 00913 CamelliaSubkeyR(24) = subr(24); 00914 CamelliaSubkeyL(25) = subl(25); 00915 CamelliaSubkeyR(25) = subr(25); 00916 tl = subl(23) ^ (subr(23) & ~subr(25)); 00917 dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); 00918 CamelliaSubkeyL(26) = tl ^ subl(27); 00919 CamelliaSubkeyR(26) = tr ^ subr(27); 00920 CamelliaSubkeyL(27) = subl(26) ^ subl(28); 00921 CamelliaSubkeyR(27) = subr(26) ^ subr(28); 00922 CamelliaSubkeyL(28) = subl(27) ^ subl(29); 00923 CamelliaSubkeyR(28) = subr(27) ^ subr(29); 00924 CamelliaSubkeyL(29) = subl(28) ^ subl(30); 00925 CamelliaSubkeyR(29) = subr(28) ^ subr(30); 00926 CamelliaSubkeyL(30) = subl(29) ^ subl(31); 00927 CamelliaSubkeyR(30) = subr(29) ^ subr(31); 00928 CamelliaSubkeyL(31) = subl(30); 00929 CamelliaSubkeyR(31) = subr(30); 00930 CamelliaSubkeyL(32) = subl(32) ^ subl(31); 00931 CamelliaSubkeyR(32) = subr(32) ^ subr(31); 00932 00933 /* apply the inverse of the last half of P-function */ 00934 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00935 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00936 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00937 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00938 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00939 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00940 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00941 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00942 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00943 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00944 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00945 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00946 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00947 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00948 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00949 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00950 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00951 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00952 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00953 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00954 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00955 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00956 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00957 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00958 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00959 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00960 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00961 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00962 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00963 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00964 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00965 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00966 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00967 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00968 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00969 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00970 dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); 00971 CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; 00972 dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); 00973 CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; 00974 dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); 00975 CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; 00976 dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); 00977 CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; 00978 dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); 00979 CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; 00980 dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); 00981 CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; 00982 00983 return; 00984 } 00985 00986 static void camellia_setup192(const unsigned char *key, u32 *subkey) 00987 { 00988 unsigned char kk[32]; 00989 u32 krll, krlr, krrl,krrr; 00990 00991 memcpy(kk, key, 24); 00992 memcpy((unsigned char *)&krll, key+16,4); 00993 memcpy((unsigned char *)&krlr, key+20,4); 00994 krrl = ~krll; 00995 krrr = ~krlr; 00996 memcpy(kk+24, (unsigned char *)&krrl, 4); 00997 memcpy(kk+28, (unsigned char *)&krrr, 4); 00998 camellia_setup256(kk, subkey); 00999 return; 01000 } 01001 01002 01003 /** 01004 * Stuff related to camellia encryption/decryption 01005 * 01006 * "io" must be 4byte aligned and big-endian data. 01007 */ 01008 static void camellia_encrypt128(const u32 *subkey, u32 *io) 01009 { 01010 u32 il, ir, t0, t1; 01011 01012 /* pre whitening but absorb kw2*/ 01013 io[0] ^= CamelliaSubkeyL(0); 01014 io[1] ^= CamelliaSubkeyR(0); 01015 /* main iteration */ 01016 01017 CAMELLIA_ROUNDSM(io[0],io[1], 01018 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01019 io[2],io[3],il,ir,t0,t1); 01020 CAMELLIA_ROUNDSM(io[2],io[3], 01021 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01022 io[0],io[1],il,ir,t0,t1); 01023 CAMELLIA_ROUNDSM(io[0],io[1], 01024 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01025 io[2],io[3],il,ir,t0,t1); 01026 CAMELLIA_ROUNDSM(io[2],io[3], 01027 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01028 io[0],io[1],il,ir,t0,t1); 01029 CAMELLIA_ROUNDSM(io[0],io[1], 01030 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01031 io[2],io[3],il,ir,t0,t1); 01032 CAMELLIA_ROUNDSM(io[2],io[3], 01033 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01034 io[0],io[1],il,ir,t0,t1); 01035 01036 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01037 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01038 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01039 t0,t1,il,ir); 01040 01041 CAMELLIA_ROUNDSM(io[0],io[1], 01042 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01043 io[2],io[3],il,ir,t0,t1); 01044 CAMELLIA_ROUNDSM(io[2],io[3], 01045 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01046 io[0],io[1],il,ir,t0,t1); 01047 CAMELLIA_ROUNDSM(io[0],io[1], 01048 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01049 io[2],io[3],il,ir,t0,t1); 01050 CAMELLIA_ROUNDSM(io[2],io[3], 01051 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01052 io[0],io[1],il,ir,t0,t1); 01053 CAMELLIA_ROUNDSM(io[0],io[1], 01054 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01055 io[2],io[3],il,ir,t0,t1); 01056 CAMELLIA_ROUNDSM(io[2],io[3], 01057 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01058 io[0],io[1],il,ir,t0,t1); 01059 01060 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01061 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01062 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01063 t0,t1,il,ir); 01064 01065 CAMELLIA_ROUNDSM(io[0],io[1], 01066 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01067 io[2],io[3],il,ir,t0,t1); 01068 CAMELLIA_ROUNDSM(io[2],io[3], 01069 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01070 io[0],io[1],il,ir,t0,t1); 01071 CAMELLIA_ROUNDSM(io[0],io[1], 01072 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01073 io[2],io[3],il,ir,t0,t1); 01074 CAMELLIA_ROUNDSM(io[2],io[3], 01075 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01076 io[0],io[1],il,ir,t0,t1); 01077 CAMELLIA_ROUNDSM(io[0],io[1], 01078 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01079 io[2],io[3],il,ir,t0,t1); 01080 CAMELLIA_ROUNDSM(io[2],io[3], 01081 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01082 io[0],io[1],il,ir,t0,t1); 01083 01084 /* post whitening but kw4 */ 01085 io[2] ^= CamelliaSubkeyL(24); 01086 io[3] ^= CamelliaSubkeyR(24); 01087 01088 t0 = io[0]; 01089 t1 = io[1]; 01090 io[0] = io[2]; 01091 io[1] = io[3]; 01092 io[2] = t0; 01093 io[3] = t1; 01094 01095 return; 01096 } 01097 01098 static void camellia_decrypt128(const u32 *subkey, u32 *io) 01099 { 01100 u32 il,ir,t0,t1; /* temporary valiables */ 01101 01102 /* pre whitening but absorb kw2*/ 01103 io[0] ^= CamelliaSubkeyL(24); 01104 io[1] ^= CamelliaSubkeyR(24); 01105 01106 /* main iteration */ 01107 CAMELLIA_ROUNDSM(io[0],io[1], 01108 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01109 io[2],io[3],il,ir,t0,t1); 01110 CAMELLIA_ROUNDSM(io[2],io[3], 01111 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01112 io[0],io[1],il,ir,t0,t1); 01113 CAMELLIA_ROUNDSM(io[0],io[1], 01114 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01115 io[2],io[3],il,ir,t0,t1); 01116 CAMELLIA_ROUNDSM(io[2],io[3], 01117 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01118 io[0],io[1],il,ir,t0,t1); 01119 CAMELLIA_ROUNDSM(io[0],io[1], 01120 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01121 io[2],io[3],il,ir,t0,t1); 01122 CAMELLIA_ROUNDSM(io[2],io[3], 01123 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01124 io[0],io[1],il,ir,t0,t1); 01125 01126 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01127 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01128 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01129 t0,t1,il,ir); 01130 01131 CAMELLIA_ROUNDSM(io[0],io[1], 01132 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01133 io[2],io[3],il,ir,t0,t1); 01134 CAMELLIA_ROUNDSM(io[2],io[3], 01135 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01136 io[0],io[1],il,ir,t0,t1); 01137 CAMELLIA_ROUNDSM(io[0],io[1], 01138 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01139 io[2],io[3],il,ir,t0,t1); 01140 CAMELLIA_ROUNDSM(io[2],io[3], 01141 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01142 io[0],io[1],il,ir,t0,t1); 01143 CAMELLIA_ROUNDSM(io[0],io[1], 01144 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01145 io[2],io[3],il,ir,t0,t1); 01146 CAMELLIA_ROUNDSM(io[2],io[3], 01147 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01148 io[0],io[1],il,ir,t0,t1); 01149 01150 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01151 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01152 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01153 t0,t1,il,ir); 01154 01155 CAMELLIA_ROUNDSM(io[0],io[1], 01156 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01157 io[2],io[3],il,ir,t0,t1); 01158 CAMELLIA_ROUNDSM(io[2],io[3], 01159 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01160 io[0],io[1],il,ir,t0,t1); 01161 CAMELLIA_ROUNDSM(io[0],io[1], 01162 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01163 io[2],io[3],il,ir,t0,t1); 01164 CAMELLIA_ROUNDSM(io[2],io[3], 01165 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01166 io[0],io[1],il,ir,t0,t1); 01167 CAMELLIA_ROUNDSM(io[0],io[1], 01168 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01169 io[2],io[3],il,ir,t0,t1); 01170 CAMELLIA_ROUNDSM(io[2],io[3], 01171 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01172 io[0],io[1],il,ir,t0,t1); 01173 01174 /* post whitening but kw4 */ 01175 io[2] ^= CamelliaSubkeyL(0); 01176 io[3] ^= CamelliaSubkeyR(0); 01177 01178 t0 = io[0]; 01179 t1 = io[1]; 01180 io[0] = io[2]; 01181 io[1] = io[3]; 01182 io[2] = t0; 01183 io[3] = t1; 01184 01185 return; 01186 } 01187 01188 /** 01189 * stuff for 192 and 256bit encryption/decryption 01190 */ 01191 static void camellia_encrypt256(const u32 *subkey, u32 *io) 01192 { 01193 u32 il,ir,t0,t1; /* temporary valiables */ 01194 01195 /* pre whitening but absorb kw2*/ 01196 io[0] ^= CamelliaSubkeyL(0); 01197 io[1] ^= CamelliaSubkeyR(0); 01198 01199 /* main iteration */ 01200 CAMELLIA_ROUNDSM(io[0],io[1], 01201 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01202 io[2],io[3],il,ir,t0,t1); 01203 CAMELLIA_ROUNDSM(io[2],io[3], 01204 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01205 io[0],io[1],il,ir,t0,t1); 01206 CAMELLIA_ROUNDSM(io[0],io[1], 01207 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01208 io[2],io[3],il,ir,t0,t1); 01209 CAMELLIA_ROUNDSM(io[2],io[3], 01210 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01211 io[0],io[1],il,ir,t0,t1); 01212 CAMELLIA_ROUNDSM(io[0],io[1], 01213 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01214 io[2],io[3],il,ir,t0,t1); 01215 CAMELLIA_ROUNDSM(io[2],io[3], 01216 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01217 io[0],io[1],il,ir,t0,t1); 01218 01219 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01220 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01221 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01222 t0,t1,il,ir); 01223 01224 CAMELLIA_ROUNDSM(io[0],io[1], 01225 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01226 io[2],io[3],il,ir,t0,t1); 01227 CAMELLIA_ROUNDSM(io[2],io[3], 01228 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01229 io[0],io[1],il,ir,t0,t1); 01230 CAMELLIA_ROUNDSM(io[0],io[1], 01231 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01232 io[2],io[3],il,ir,t0,t1); 01233 CAMELLIA_ROUNDSM(io[2],io[3], 01234 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01235 io[0],io[1],il,ir,t0,t1); 01236 CAMELLIA_ROUNDSM(io[0],io[1], 01237 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01238 io[2],io[3],il,ir,t0,t1); 01239 CAMELLIA_ROUNDSM(io[2],io[3], 01240 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01241 io[0],io[1],il,ir,t0,t1); 01242 01243 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01244 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01245 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01246 t0,t1,il,ir); 01247 01248 CAMELLIA_ROUNDSM(io[0],io[1], 01249 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01250 io[2],io[3],il,ir,t0,t1); 01251 CAMELLIA_ROUNDSM(io[2],io[3], 01252 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01253 io[0],io[1],il,ir,t0,t1); 01254 CAMELLIA_ROUNDSM(io[0],io[1], 01255 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01256 io[2],io[3],il,ir,t0,t1); 01257 CAMELLIA_ROUNDSM(io[2],io[3], 01258 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01259 io[0],io[1],il,ir,t0,t1); 01260 CAMELLIA_ROUNDSM(io[0],io[1], 01261 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01262 io[2],io[3],il,ir,t0,t1); 01263 CAMELLIA_ROUNDSM(io[2],io[3], 01264 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01265 io[0],io[1],il,ir,t0,t1); 01266 01267 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01268 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01269 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01270 t0,t1,il,ir); 01271 01272 CAMELLIA_ROUNDSM(io[0],io[1], 01273 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01274 io[2],io[3],il,ir,t0,t1); 01275 CAMELLIA_ROUNDSM(io[2],io[3], 01276 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01277 io[0],io[1],il,ir,t0,t1); 01278 CAMELLIA_ROUNDSM(io[0],io[1], 01279 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01280 io[2],io[3],il,ir,t0,t1); 01281 CAMELLIA_ROUNDSM(io[2],io[3], 01282 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01283 io[0],io[1],il,ir,t0,t1); 01284 CAMELLIA_ROUNDSM(io[0],io[1], 01285 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01286 io[2],io[3],il,ir,t0,t1); 01287 CAMELLIA_ROUNDSM(io[2],io[3], 01288 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01289 io[0],io[1],il,ir,t0,t1); 01290 01291 /* post whitening but kw4 */ 01292 io[2] ^= CamelliaSubkeyL(32); 01293 io[3] ^= CamelliaSubkeyR(32); 01294 01295 t0 = io[0]; 01296 t1 = io[1]; 01297 io[0] = io[2]; 01298 io[1] = io[3]; 01299 io[2] = t0; 01300 io[3] = t1; 01301 01302 return; 01303 } 01304 01305 static void camellia_decrypt256(const u32 *subkey, u32 *io) 01306 { 01307 u32 il,ir,t0,t1; /* temporary valiables */ 01308 01309 /* pre whitening but absorb kw2*/ 01310 io[0] ^= CamelliaSubkeyL(32); 01311 io[1] ^= CamelliaSubkeyR(32); 01312 01313 /* main iteration */ 01314 CAMELLIA_ROUNDSM(io[0],io[1], 01315 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01316 io[2],io[3],il,ir,t0,t1); 01317 CAMELLIA_ROUNDSM(io[2],io[3], 01318 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01319 io[0],io[1],il,ir,t0,t1); 01320 CAMELLIA_ROUNDSM(io[0],io[1], 01321 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01322 io[2],io[3],il,ir,t0,t1); 01323 CAMELLIA_ROUNDSM(io[2],io[3], 01324 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01325 io[0],io[1],il,ir,t0,t1); 01326 CAMELLIA_ROUNDSM(io[0],io[1], 01327 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01328 io[2],io[3],il,ir,t0,t1); 01329 CAMELLIA_ROUNDSM(io[2],io[3], 01330 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01331 io[0],io[1],il,ir,t0,t1); 01332 01333 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01334 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01335 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01336 t0,t1,il,ir); 01337 01338 CAMELLIA_ROUNDSM(io[0],io[1], 01339 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01340 io[2],io[3],il,ir,t0,t1); 01341 CAMELLIA_ROUNDSM(io[2],io[3], 01342 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01343 io[0],io[1],il,ir,t0,t1); 01344 CAMELLIA_ROUNDSM(io[0],io[1], 01345 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01346 io[2],io[3],il,ir,t0,t1); 01347 CAMELLIA_ROUNDSM(io[2],io[3], 01348 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01349 io[0],io[1],il,ir,t0,t1); 01350 CAMELLIA_ROUNDSM(io[0],io[1], 01351 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01352 io[2],io[3],il,ir,t0,t1); 01353 CAMELLIA_ROUNDSM(io[2],io[3], 01354 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01355 io[0],io[1],il,ir,t0,t1); 01356 01357 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01358 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01359 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01360 t0,t1,il,ir); 01361 01362 CAMELLIA_ROUNDSM(io[0],io[1], 01363 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01364 io[2],io[3],il,ir,t0,t1); 01365 CAMELLIA_ROUNDSM(io[2],io[3], 01366 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01367 io[0],io[1],il,ir,t0,t1); 01368 CAMELLIA_ROUNDSM(io[0],io[1], 01369 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01370 io[2],io[3],il,ir,t0,t1); 01371 CAMELLIA_ROUNDSM(io[2],io[3], 01372 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01373 io[0],io[1],il,ir,t0,t1); 01374 CAMELLIA_ROUNDSM(io[0],io[1], 01375 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01376 io[2],io[3],il,ir,t0,t1); 01377 CAMELLIA_ROUNDSM(io[2],io[3], 01378 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01379 io[0],io[1],il,ir,t0,t1); 01380 01381 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01382 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01383 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01384 t0,t1,il,ir); 01385 01386 CAMELLIA_ROUNDSM(io[0],io[1], 01387 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01388 io[2],io[3],il,ir,t0,t1); 01389 CAMELLIA_ROUNDSM(io[2],io[3], 01390 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01391 io[0],io[1],il,ir,t0,t1); 01392 CAMELLIA_ROUNDSM(io[0],io[1], 01393 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01394 io[2],io[3],il,ir,t0,t1); 01395 CAMELLIA_ROUNDSM(io[2],io[3], 01396 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01397 io[0],io[1],il,ir,t0,t1); 01398 CAMELLIA_ROUNDSM(io[0],io[1], 01399 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01400 io[2],io[3],il,ir,t0,t1); 01401 CAMELLIA_ROUNDSM(io[2],io[3], 01402 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01403 io[0],io[1],il,ir,t0,t1); 01404 01405 /* post whitening but kw4 */ 01406 io[2] ^= CamelliaSubkeyL(0); 01407 io[3] ^= CamelliaSubkeyR(0); 01408 01409 t0 = io[0]; 01410 t1 = io[1]; 01411 io[0] = io[2]; 01412 io[1] = io[3]; 01413 io[2] = t0; 01414 io[3] = t1; 01415 01416 return; 01417 } 01418 01419 /*** 01420 * 01421 * API for compatibility 01422 */ 01423 01424 static void Camellia_EncryptBlock(const int keyBitLength, 01425 const unsigned char *plaintext, 01426 const KEY_TABLE_TYPE keyTable, 01427 unsigned char *ciphertext) 01428 { 01429 u32 tmp[4]; 01430 01431 tmp[0] = GETU32(plaintext); 01432 tmp[1] = GETU32(plaintext + 4); 01433 tmp[2] = GETU32(plaintext + 8); 01434 tmp[3] = GETU32(plaintext + 12); 01435 01436 switch (keyBitLength) { 01437 case 128: 01438 camellia_encrypt128(keyTable, tmp); 01439 break; 01440 case 192: 01441 /* fall through */ 01442 case 256: 01443 camellia_encrypt256(keyTable, tmp); 01444 break; 01445 default: 01446 break; 01447 } 01448 01449 PUTU32(ciphertext, tmp[0]); 01450 PUTU32(ciphertext + 4, tmp[1]); 01451 PUTU32(ciphertext + 8, tmp[2]); 01452 PUTU32(ciphertext + 12, tmp[3]); 01453 } 01454 01455 static void Camellia_DecryptBlock(const int keyBitLength, 01456 const unsigned char *ciphertext, 01457 const KEY_TABLE_TYPE keyTable, 01458 unsigned char *plaintext) 01459 { 01460 u32 tmp[4]; 01461 01462 tmp[0] = GETU32(ciphertext); 01463 tmp[1] = GETU32(ciphertext + 4); 01464 tmp[2] = GETU32(ciphertext + 8); 01465 tmp[3] = GETU32(ciphertext + 12); 01466 01467 switch (keyBitLength) { 01468 case 128: 01469 camellia_decrypt128(keyTable, tmp); 01470 break; 01471 case 192: 01472 /* fall through */ 01473 case 256: 01474 camellia_decrypt256(keyTable, tmp); 01475 break; 01476 default: 01477 break; 01478 } 01479 PUTU32(plaintext, tmp[0]); 01480 PUTU32(plaintext + 4, tmp[1]); 01481 PUTU32(plaintext + 8, tmp[2]); 01482 PUTU32(plaintext + 12, tmp[3]); 01483 } 01484 01485 01486 01487 /* CTaoCrypt wrappers to the Camellia code */ 01488 01489 int CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv) 01490 { 01491 if (cam == NULL) return BAD_FUNC_ARG; 01492 01493 XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE)); 01494 switch (len) { 01495 case 16: 01496 camellia_setup128(key, cam->key); 01497 break; 01498 case 24: 01499 camellia_setup192(key, cam->key); 01500 break; 01501 case 32: 01502 camellia_setup256(key, cam->key); 01503 break; 01504 default: 01505 return BAD_FUNC_ARG; 01506 } 01507 cam->keySz = len * 8; 01508 01509 return CamelliaSetIV(cam, iv); 01510 } 01511 01512 01513 int CamelliaSetIV(Camellia* cam, const byte* iv) 01514 { 01515 if (cam == NULL) 01516 return BAD_FUNC_ARG; 01517 01518 if (iv) 01519 XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE); 01520 01521 return 0; 01522 } 01523 01524 01525 void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in) 01526 { 01527 Camellia_EncryptBlock(cam->keySz, in, cam->key, out); 01528 } 01529 01530 01531 void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in) 01532 { 01533 Camellia_DecryptBlock(cam->keySz, in, cam->key, out); 01534 } 01535 01536 01537 void CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01538 { 01539 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01540 01541 while (blocks--) { 01542 xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE); 01543 Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg, 01544 cam->key, (byte*)cam->reg); 01545 XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE); 01546 01547 out += CAMELLIA_BLOCK_SIZE; 01548 in += CAMELLIA_BLOCK_SIZE; 01549 } 01550 } 01551 01552 01553 void CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01554 { 01555 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01556 01557 while (blocks--) { 01558 XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE); 01559 Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out); 01560 xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE); 01561 XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE); 01562 01563 out += CAMELLIA_BLOCK_SIZE; 01564 in += CAMELLIA_BLOCK_SIZE; 01565 } 01566 } 01567 01568 01569 #endif /* HAVE_CAMELLIA */ 01570
Generated on Tue Jul 12 2022 20:44:50 by
1.7.2