wolf SSL
/
wolfSSL-TLS13-Beta
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
camellia.c
00001 /* camellia.c ver 1.2.0 00002 * 00003 * Copyright (c) 2006,2007 00004 * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer as 00011 * the first lines of this file unmodified. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 00016 * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR 00017 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00018 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 00019 * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, 00020 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00021 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00022 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00023 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00024 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 00025 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 */ 00027 00028 /* camellia.c 00029 * 00030 * Copyright (C) 2006-2016 wolfSSL Inc. 00031 * 00032 * This file is part of wolfSSL. 00033 * 00034 * wolfSSL is free software; you can redistribute it and/or modify 00035 * it under the terms of the GNU General Public License as published by 00036 * the Free Software Foundation; either version 2 of the License, or 00037 * (at your option) any later version. 00038 * 00039 * wolfSSL is distributed in the hope that it will be useful, 00040 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00041 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00042 * GNU General Public License for more details. 00043 * 00044 * You should have received a copy of the GNU General Public License 00045 * along with this program; if not, write to the Free Software 00046 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00047 */ 00048 00049 00050 /* 00051 * Algorithm Specification 00052 * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html 00053 */ 00054 00055 00056 #ifdef HAVE_CONFIG_H 00057 #include <config.h> 00058 #endif 00059 00060 #include <wolfssl/wolfcrypt/settings.h> 00061 00062 #ifdef HAVE_CAMELLIA 00063 00064 #include <wolfssl/wolfcrypt/camellia.h> 00065 #include <wolfssl/wolfcrypt/error-crypt.h> 00066 #include <wolfssl/wolfcrypt/logging.h> 00067 #ifdef NO_INLINE 00068 #include <wolfssl/wolfcrypt/misc.h> 00069 #else 00070 #define WOLFSSL_MISC_INCLUDED 00071 #include <wolfcrypt/src/misc.c> 00072 #endif 00073 00074 /* u32 must be 32bit word */ 00075 typedef unsigned int u32; 00076 typedef unsigned char u8; 00077 00078 /* key constants */ 00079 00080 #define CAMELLIA_SIGMA1L ((u32)0xA09E667FL) 00081 #define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL) 00082 #define CAMELLIA_SIGMA2L ((u32)0xB67AE858L) 00083 #define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L) 00084 #define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL) 00085 #define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL) 00086 #define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L) 00087 #define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL) 00088 #define CAMELLIA_SIGMA5L ((u32)0x10E527FAL) 00089 #define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL) 00090 #define CAMELLIA_SIGMA6L ((u32)0xB05688C2L) 00091 #define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL) 00092 00093 /* 00094 * macros 00095 */ 00096 00097 00098 #if defined(_MSC_VER) 00099 00100 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 00101 # define GETU32(p) SWAP(*((u32 *)(p))) 00102 # define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} 00103 00104 #else /* not MS-VC */ 00105 00106 # define GETU32(pt) \ 00107 (((u32)(pt)[0] << 24) \ 00108 ^ ((u32)(pt)[1] << 16) \ 00109 ^ ((u32)(pt)[2] << 8) \ 00110 ^ ((u32)(pt)[3])) 00111 00112 # define PUTU32(ct, st) { \ 00113 (ct)[0] = (u8)((st) >> 24); \ 00114 (ct)[1] = (u8)((st) >> 16); \ 00115 (ct)[2] = (u8)((st) >> 8); \ 00116 (ct)[3] = (u8)(st); } 00117 00118 #endif 00119 00120 #define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) 00121 #define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) 00122 00123 /* rotation right shift 1byte */ 00124 #define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) 00125 /* rotation left shift 1bit */ 00126 #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) 00127 /* rotation left shift 1byte */ 00128 #define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) 00129 00130 #define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ 00131 do { \ 00132 w0 = ll; \ 00133 ll = (ll << bits) + (lr >> (32 - bits)); \ 00134 lr = (lr << bits) + (rl >> (32 - bits)); \ 00135 rl = (rl << bits) + (rr >> (32 - bits)); \ 00136 rr = (rr << bits) + (w0 >> (32 - bits)); \ 00137 } while(0) 00138 00139 #define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 00140 do { \ 00141 w0 = ll; \ 00142 w1 = lr; \ 00143 ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ 00144 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 00145 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 00146 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 00147 } while(0) 00148 00149 #define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) 00150 #define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) 00151 #define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) 00152 #define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) 00153 00154 #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00155 do { \ 00156 il = xl ^ kl; \ 00157 ir = xr ^ kr; \ 00158 t0 = il >> 16; \ 00159 t1 = ir >> 16; \ 00160 yl = CAMELLIA_SP1110(ir & 0xff) \ 00161 ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ 00162 ^ CAMELLIA_SP3033(t1 & 0xff) \ 00163 ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ 00164 yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ 00165 ^ CAMELLIA_SP0222(t0 & 0xff) \ 00166 ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ 00167 ^ CAMELLIA_SP4404(il & 0xff); \ 00168 yl ^= yr; \ 00169 yr = CAMELLIA_RR8(yr); \ 00170 yr ^= yl; \ 00171 } while(0) 00172 00173 00174 /* 00175 * for speed up 00176 * 00177 */ 00178 #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ 00179 do { \ 00180 t0 = kll; \ 00181 t0 &= ll; \ 00182 lr ^= CAMELLIA_RL1(t0); \ 00183 t1 = klr; \ 00184 t1 |= lr; \ 00185 ll ^= t1; \ 00186 \ 00187 t2 = krr; \ 00188 t2 |= rr; \ 00189 rl ^= t2; \ 00190 t3 = krl; \ 00191 t3 &= rl; \ 00192 rr ^= CAMELLIA_RL1(t3); \ 00193 } while(0) 00194 00195 #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00196 do { \ 00197 ir = CAMELLIA_SP1110(xr & 0xff) \ 00198 ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ 00199 ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ 00200 ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ 00201 il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ 00202 ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ 00203 ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ 00204 ^ CAMELLIA_SP4404(xl & 0xff); \ 00205 il ^= kl; \ 00206 ir ^= kr; \ 00207 ir ^= il; \ 00208 il = CAMELLIA_RR8(il); \ 00209 il ^= ir; \ 00210 yl ^= ir; \ 00211 yr ^= il; \ 00212 } while(0) 00213 00214 00215 static const u32 camellia_sp1110[256] = { 00216 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 00217 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 00218 0xe4e4e400,0x85858500,0x57575700,0x35353500, 00219 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 00220 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 00221 0x45454500,0x19191900,0xa5a5a500,0x21212100, 00222 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 00223 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 00224 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 00225 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 00226 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 00227 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 00228 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 00229 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 00230 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 00231 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 00232 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 00233 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 00234 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 00235 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 00236 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 00237 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 00238 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 00239 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 00240 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 00241 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 00242 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 00243 0x53535300,0x18181800,0xf2f2f200,0x22222200, 00244 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 00245 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 00246 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 00247 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 00248 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 00249 0xa1a1a100,0x89898900,0x62626200,0x97979700, 00250 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 00251 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 00252 0x10101000,0xc4c4c400,0x00000000,0x48484800, 00253 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 00254 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 00255 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 00256 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 00257 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 00258 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 00259 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 00260 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 00261 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 00262 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 00263 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 00264 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 00265 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 00266 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 00267 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 00268 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 00269 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 00270 0xd4d4d400,0x25252500,0xababab00,0x42424200, 00271 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 00272 0x72727200,0x07070700,0xb9b9b900,0x55555500, 00273 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 00274 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 00275 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 00276 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 00277 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 00278 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 00279 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 00280 }; 00281 00282 static const u32 camellia_sp0222[256] = { 00283 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 00284 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 00285 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 00286 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 00287 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 00288 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 00289 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 00290 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 00291 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 00292 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 00293 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 00294 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 00295 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 00296 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 00297 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 00298 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 00299 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 00300 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 00301 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 00302 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 00303 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 00304 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 00305 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 00306 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 00307 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 00308 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 00309 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 00310 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 00311 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 00312 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 00313 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 00314 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 00315 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 00316 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 00317 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 00318 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 00319 0x00202020,0x00898989,0x00000000,0x00909090, 00320 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 00321 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 00322 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 00323 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 00324 0x009b9b9b,0x00949494,0x00212121,0x00666666, 00325 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 00326 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 00327 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 00328 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 00329 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 00330 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 00331 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 00332 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 00333 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 00334 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 00335 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 00336 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 00337 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 00338 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 00339 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 00340 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 00341 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 00342 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 00343 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 00344 0x00777777,0x00939393,0x00868686,0x00838383, 00345 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 00346 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 00347 }; 00348 00349 static const u32 camellia_sp3033[256] = { 00350 0x38003838,0x41004141,0x16001616,0x76007676, 00351 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 00352 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 00353 0x75007575,0x06000606,0x57005757,0xa000a0a0, 00354 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 00355 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 00356 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 00357 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 00358 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 00359 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 00360 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 00361 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 00362 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 00363 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 00364 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 00365 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 00366 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 00367 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 00368 0x3a003a3a,0x09000909,0x95009595,0x10001010, 00369 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 00370 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 00371 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 00372 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 00373 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 00374 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 00375 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 00376 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 00377 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 00378 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 00379 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 00380 0x12001212,0x04000404,0x74007474,0x54005454, 00381 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 00382 0x55005555,0x68006868,0x50005050,0xbe00bebe, 00383 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 00384 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 00385 0x70007070,0xff00ffff,0x32003232,0x69006969, 00386 0x08000808,0x62006262,0x00000000,0x24002424, 00387 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 00388 0x45004545,0x81008181,0x73007373,0x6d006d6d, 00389 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 00390 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 00391 0xe600e6e6,0x25002525,0x48004848,0x99009999, 00392 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 00393 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 00394 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 00395 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 00396 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 00397 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 00398 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 00399 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 00400 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 00401 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 00402 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 00403 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 00404 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 00405 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 00406 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 00407 0x7c007c7c,0x77007777,0x56005656,0x05000505, 00408 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 00409 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 00410 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 00411 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 00412 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 00413 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 00414 }; 00415 00416 static const u32 camellia_sp4404[256] = { 00417 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 00418 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 00419 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 00420 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 00421 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 00422 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 00423 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 00424 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 00425 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 00426 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 00427 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 00428 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 00429 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 00430 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 00431 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 00432 0x24240024,0xe8e800e8,0x60600060,0x69690069, 00433 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 00434 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 00435 0x10100010,0x00000000,0xa3a300a3,0x75750075, 00436 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 00437 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 00438 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 00439 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 00440 0x81810081,0x6f6f006f,0x13130013,0x63630063, 00441 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 00442 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 00443 0x78780078,0x06060006,0xe7e700e7,0x71710071, 00444 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 00445 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 00446 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 00447 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 00448 0x15150015,0xadad00ad,0x77770077,0x80800080, 00449 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 00450 0x85850085,0x35350035,0x0c0c000c,0x41410041, 00451 0xefef00ef,0x93930093,0x19190019,0x21210021, 00452 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 00453 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 00454 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 00455 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 00456 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 00457 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 00458 0x12120012,0x20200020,0xb1b100b1,0x99990099, 00459 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 00460 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 00461 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 00462 0x0f0f000f,0x16160016,0x18180018,0x22220022, 00463 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 00464 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 00465 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 00466 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 00467 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 00468 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 00469 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 00470 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 00471 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 00472 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 00473 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 00474 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 00475 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 00476 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 00477 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 00478 0x49490049,0x68680068,0x38380038,0xa4a400a4, 00479 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 00480 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 00481 }; 00482 00483 00484 /** 00485 * Stuff related to the Camellia key schedule 00486 */ 00487 #define subl(x) subL[(x)] 00488 #define subr(x) subR[(x)] 00489 00490 static int camellia_setup128(const unsigned char *key, u32 *subkey) 00491 { 00492 u32 kll, klr, krl, krr; 00493 u32 il, ir, t0, t1, w0, w1; 00494 u32 kw4l, kw4r, dw, tl, tr; 00495 00496 #ifdef WOLFSSL_SMALL_STACK 00497 u32* subL; 00498 u32* subR; 00499 00500 subL = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00501 if (subL == NULL) 00502 return MEMORY_E; 00503 00504 subR = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00505 if (subR == NULL) { 00506 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00507 return MEMORY_E; 00508 } 00509 #else 00510 u32 subL[26]; 00511 u32 subR[26]; 00512 #endif 00513 00514 /** 00515 * k == kll || klr || krl || krr (|| is concatenation) 00516 */ 00517 kll = GETU32(key ); 00518 klr = GETU32(key + 4); 00519 krl = GETU32(key + 8); 00520 krr = GETU32(key + 12); 00521 /** 00522 * generate KL dependent subkeys 00523 */ 00524 subl(0) = kll; subr(0) = klr; 00525 subl(1) = krl; subr(1) = krr; 00526 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00527 subl(4) = kll; subr(4) = klr; 00528 subl(5) = krl; subr(5) = krr; 00529 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00530 subl(10) = kll; subr(10) = klr; 00531 subl(11) = krl; subr(11) = krr; 00532 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00533 subl(13) = krl; subr(13) = krr; 00534 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00535 subl(16) = kll; subr(16) = klr; 00536 subl(17) = krl; subr(17) = krr; 00537 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00538 subl(18) = kll; subr(18) = klr; 00539 subl(19) = krl; subr(19) = krr; 00540 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00541 subl(22) = kll; subr(22) = klr; 00542 subl(23) = krl; subr(23) = krr; 00543 00544 /* generate KA */ 00545 kll = subl(0); klr = subr(0); 00546 krl = subl(1); krr = subr(1); 00547 CAMELLIA_F(kll, klr, 00548 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00549 w0, w1, il, ir, t0, t1); 00550 krl ^= w0; krr ^= w1; 00551 CAMELLIA_F(krl, krr, 00552 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00553 kll, klr, il, ir, t0, t1); 00554 CAMELLIA_F(kll, klr, 00555 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00556 krl, krr, il, ir, t0, t1); 00557 krl ^= w0; krr ^= w1; 00558 CAMELLIA_F(krl, krr, 00559 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00560 w0, w1, il, ir, t0, t1); 00561 kll ^= w0; klr ^= w1; 00562 00563 /* generate KA dependent subkeys */ 00564 subl(2) = kll; subr(2) = klr; 00565 subl(3) = krl; subr(3) = krr; 00566 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00567 subl(6) = kll; subr(6) = klr; 00568 subl(7) = krl; subr(7) = krr; 00569 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00570 subl(8) = kll; subr(8) = klr; 00571 subl(9) = krl; subr(9) = krr; 00572 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00573 subl(12) = kll; subr(12) = klr; 00574 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00575 subl(14) = kll; subr(14) = klr; 00576 subl(15) = krl; subr(15) = krr; 00577 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00578 subl(20) = kll; subr(20) = klr; 00579 subl(21) = krl; subr(21) = krr; 00580 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00581 subl(24) = kll; subr(24) = klr; 00582 subl(25) = krl; subr(25) = krr; 00583 00584 00585 /* absorb kw2 to other subkeys */ 00586 subl(3) ^= subl(1); subr(3) ^= subr(1); 00587 subl(5) ^= subl(1); subr(5) ^= subr(1); 00588 subl(7) ^= subl(1); subr(7) ^= subr(1); 00589 subl(1) ^= subr(1) & ~subr(9); 00590 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00591 subl(11) ^= subl(1); subr(11) ^= subr(1); 00592 subl(13) ^= subl(1); subr(13) ^= subr(1); 00593 subl(15) ^= subl(1); subr(15) ^= subr(1); 00594 subl(1) ^= subr(1) & ~subr(17); 00595 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00596 subl(19) ^= subl(1); subr(19) ^= subr(1); 00597 subl(21) ^= subl(1); subr(21) ^= subr(1); 00598 subl(23) ^= subl(1); subr(23) ^= subr(1); 00599 subl(24) ^= subl(1); subr(24) ^= subr(1); 00600 00601 /* absorb kw4 to other subkeys */ 00602 kw4l = subl(25); kw4r = subr(25); 00603 subl(22) ^= kw4l; subr(22) ^= kw4r; 00604 subl(20) ^= kw4l; subr(20) ^= kw4r; 00605 subl(18) ^= kw4l; subr(18) ^= kw4r; 00606 kw4l ^= kw4r & ~subr(16); 00607 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00608 subl(14) ^= kw4l; subr(14) ^= kw4r; 00609 subl(12) ^= kw4l; subr(12) ^= kw4r; 00610 subl(10) ^= kw4l; subr(10) ^= kw4r; 00611 kw4l ^= kw4r & ~subr(8); 00612 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00613 subl(6) ^= kw4l; subr(6) ^= kw4r; 00614 subl(4) ^= kw4l; subr(4) ^= kw4r; 00615 subl(2) ^= kw4l; subr(2) ^= kw4r; 00616 subl(0) ^= kw4l; subr(0) ^= kw4r; 00617 00618 /* key XOR is end of F-function */ 00619 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00620 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00621 CamelliaSubkeyL(2) = subl(3); 00622 CamelliaSubkeyR(2) = subr(3); 00623 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00624 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00625 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00626 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00627 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00628 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00629 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00630 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00631 tl = subl(10) ^ (subr(10) & ~subr(8)); 00632 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00633 CamelliaSubkeyL(7) = subl(6) ^ tl; 00634 CamelliaSubkeyR(7) = subr(6) ^ tr; 00635 CamelliaSubkeyL(8) = subl(8); 00636 CamelliaSubkeyR(8) = subr(8); 00637 CamelliaSubkeyL(9) = subl(9); 00638 CamelliaSubkeyR(9) = subr(9); 00639 tl = subl(7) ^ (subr(7) & ~subr(9)); 00640 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00641 CamelliaSubkeyL(10) = tl ^ subl(11); 00642 CamelliaSubkeyR(10) = tr ^ subr(11); 00643 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00644 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00645 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00646 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00647 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00648 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00649 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00650 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00651 tl = subl(18) ^ (subr(18) & ~subr(16)); 00652 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00653 CamelliaSubkeyL(15) = subl(14) ^ tl; 00654 CamelliaSubkeyR(15) = subr(14) ^ tr; 00655 CamelliaSubkeyL(16) = subl(16); 00656 CamelliaSubkeyR(16) = subr(16); 00657 CamelliaSubkeyL(17) = subl(17); 00658 CamelliaSubkeyR(17) = subr(17); 00659 tl = subl(15) ^ (subr(15) & ~subr(17)); 00660 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00661 CamelliaSubkeyL(18) = tl ^ subl(19); 00662 CamelliaSubkeyR(18) = tr ^ subr(19); 00663 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00664 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00665 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00666 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00667 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00668 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00669 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00670 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00671 CamelliaSubkeyL(23) = subl(22); 00672 CamelliaSubkeyR(23) = subr(22); 00673 CamelliaSubkeyL(24) = subl(24) ^ subl(23); 00674 CamelliaSubkeyR(24) = subr(24) ^ subr(23); 00675 00676 /* apply the inverse of the last half of P-function */ 00677 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00678 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00679 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00680 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00681 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00682 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00683 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00684 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00685 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00686 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00687 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00688 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00689 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00690 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00691 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00692 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00693 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00694 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00695 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00696 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00697 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00698 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00699 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00700 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00701 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00702 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00703 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00704 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00705 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00706 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00707 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00708 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00709 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00710 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00711 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00712 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00713 00714 #ifdef WOLFSSL_SMALL_STACK 00715 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00716 XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00717 #endif 00718 00719 return 0; 00720 } 00721 00722 static int camellia_setup256(const unsigned char *key, u32 *subkey) 00723 { 00724 u32 kll,klr,krl,krr; /* left half of key */ 00725 u32 krll,krlr,krrl,krrr; /* right half of key */ 00726 u32 il, ir, t0, t1, w0, w1; /* temporary variables */ 00727 u32 kw4l, kw4r, dw, tl, tr; 00728 00729 #ifdef WOLFSSL_SMALL_STACK 00730 u32* subL; 00731 u32* subR; 00732 00733 subL = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00734 if (subL == NULL) 00735 return MEMORY_E; 00736 00737 subR = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00738 if (subR == NULL) { 00739 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00740 return MEMORY_E; 00741 } 00742 #else 00743 u32 subL[34]; 00744 u32 subR[34]; 00745 #endif 00746 00747 /** 00748 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) 00749 * (|| is concatenation) 00750 */ 00751 00752 kll = GETU32(key ); 00753 klr = GETU32(key + 4); 00754 krl = GETU32(key + 8); 00755 krr = GETU32(key + 12); 00756 krll = GETU32(key + 16); 00757 krlr = GETU32(key + 20); 00758 krrl = GETU32(key + 24); 00759 krrr = GETU32(key + 28); 00760 00761 /* generate KL dependent subkeys */ 00762 subl(0) = kll; subr(0) = klr; 00763 subl(1) = krl; subr(1) = krr; 00764 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); 00765 subl(12) = kll; subr(12) = klr; 00766 subl(13) = krl; subr(13) = krr; 00767 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00768 subl(16) = kll; subr(16) = klr; 00769 subl(17) = krl; subr(17) = krr; 00770 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00771 subl(22) = kll; subr(22) = klr; 00772 subl(23) = krl; subr(23) = krr; 00773 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00774 subl(30) = kll; subr(30) = klr; 00775 subl(31) = krl; subr(31) = krr; 00776 00777 /* generate KR dependent subkeys */ 00778 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00779 subl(4) = krll; subr(4) = krlr; 00780 subl(5) = krrl; subr(5) = krrr; 00781 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00782 subl(8) = krll; subr(8) = krlr; 00783 subl(9) = krrl; subr(9) = krrr; 00784 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00785 subl(18) = krll; subr(18) = krlr; 00786 subl(19) = krrl; subr(19) = krrr; 00787 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00788 subl(26) = krll; subr(26) = krlr; 00789 subl(27) = krrl; subr(27) = krrr; 00790 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00791 00792 /* generate KA */ 00793 kll = subl(0) ^ krll; klr = subr(0) ^ krlr; 00794 krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; 00795 CAMELLIA_F(kll, klr, 00796 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00797 w0, w1, il, ir, t0, t1); 00798 krl ^= w0; krr ^= w1; 00799 CAMELLIA_F(krl, krr, 00800 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00801 kll, klr, il, ir, t0, t1); 00802 kll ^= krll; klr ^= krlr; 00803 CAMELLIA_F(kll, klr, 00804 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00805 krl, krr, il, ir, t0, t1); 00806 krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; 00807 CAMELLIA_F(krl, krr, 00808 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00809 w0, w1, il, ir, t0, t1); 00810 kll ^= w0; klr ^= w1; 00811 00812 /* generate KB */ 00813 krll ^= kll; krlr ^= klr; 00814 krrl ^= krl; krrr ^= krr; 00815 CAMELLIA_F(krll, krlr, 00816 CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, 00817 w0, w1, il, ir, t0, t1); 00818 krrl ^= w0; krrr ^= w1; 00819 CAMELLIA_F(krrl, krrr, 00820 CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, 00821 w0, w1, il, ir, t0, t1); 00822 krll ^= w0; krlr ^= w1; 00823 00824 /* generate KA dependent subkeys */ 00825 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00826 subl(6) = kll; subr(6) = klr; 00827 subl(7) = krl; subr(7) = krr; 00828 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00829 subl(14) = kll; subr(14) = klr; 00830 subl(15) = krl; subr(15) = krr; 00831 subl(24) = klr; subr(24) = krl; 00832 subl(25) = krr; subr(25) = kll; 00833 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); 00834 subl(28) = kll; subr(28) = klr; 00835 subl(29) = krl; subr(29) = krr; 00836 00837 /* generate KB dependent subkeys */ 00838 subl(2) = krll; subr(2) = krlr; 00839 subl(3) = krrl; subr(3) = krrr; 00840 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00841 subl(10) = krll; subr(10) = krlr; 00842 subl(11) = krrl; subr(11) = krrr; 00843 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00844 subl(20) = krll; subr(20) = krlr; 00845 subl(21) = krrl; subr(21) = krrr; 00846 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); 00847 subl(32) = krll; subr(32) = krlr; 00848 subl(33) = krrl; subr(33) = krrr; 00849 00850 /* absorb kw2 to other subkeys */ 00851 subl(3) ^= subl(1); subr(3) ^= subr(1); 00852 subl(5) ^= subl(1); subr(5) ^= subr(1); 00853 subl(7) ^= subl(1); subr(7) ^= subr(1); 00854 subl(1) ^= subr(1) & ~subr(9); 00855 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00856 subl(11) ^= subl(1); subr(11) ^= subr(1); 00857 subl(13) ^= subl(1); subr(13) ^= subr(1); 00858 subl(15) ^= subl(1); subr(15) ^= subr(1); 00859 subl(1) ^= subr(1) & ~subr(17); 00860 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00861 subl(19) ^= subl(1); subr(19) ^= subr(1); 00862 subl(21) ^= subl(1); subr(21) ^= subr(1); 00863 subl(23) ^= subl(1); subr(23) ^= subr(1); 00864 subl(1) ^= subr(1) & ~subr(25); 00865 dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); 00866 subl(27) ^= subl(1); subr(27) ^= subr(1); 00867 subl(29) ^= subl(1); subr(29) ^= subr(1); 00868 subl(31) ^= subl(1); subr(31) ^= subr(1); 00869 subl(32) ^= subl(1); subr(32) ^= subr(1); 00870 00871 /* absorb kw4 to other subkeys */ 00872 kw4l = subl(33); kw4r = subr(33); 00873 subl(30) ^= kw4l; subr(30) ^= kw4r; 00874 subl(28) ^= kw4l; subr(28) ^= kw4r; 00875 subl(26) ^= kw4l; subr(26) ^= kw4r; 00876 kw4l ^= kw4r & ~subr(24); 00877 dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); 00878 subl(22) ^= kw4l; subr(22) ^= kw4r; 00879 subl(20) ^= kw4l; subr(20) ^= kw4r; 00880 subl(18) ^= kw4l; subr(18) ^= kw4r; 00881 kw4l ^= kw4r & ~subr(16); 00882 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00883 subl(14) ^= kw4l; subr(14) ^= kw4r; 00884 subl(12) ^= kw4l; subr(12) ^= kw4r; 00885 subl(10) ^= kw4l; subr(10) ^= kw4r; 00886 kw4l ^= kw4r & ~subr(8); 00887 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00888 subl(6) ^= kw4l; subr(6) ^= kw4r; 00889 subl(4) ^= kw4l; subr(4) ^= kw4r; 00890 subl(2) ^= kw4l; subr(2) ^= kw4r; 00891 subl(0) ^= kw4l; subr(0) ^= kw4r; 00892 00893 /* key XOR is end of F-function */ 00894 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00895 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00896 CamelliaSubkeyL(2) = subl(3); 00897 CamelliaSubkeyR(2) = subr(3); 00898 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00899 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00900 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00901 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00902 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00903 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00904 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00905 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00906 tl = subl(10) ^ (subr(10) & ~subr(8)); 00907 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00908 CamelliaSubkeyL(7) = subl(6) ^ tl; 00909 CamelliaSubkeyR(7) = subr(6) ^ tr; 00910 CamelliaSubkeyL(8) = subl(8); 00911 CamelliaSubkeyR(8) = subr(8); 00912 CamelliaSubkeyL(9) = subl(9); 00913 CamelliaSubkeyR(9) = subr(9); 00914 tl = subl(7) ^ (subr(7) & ~subr(9)); 00915 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00916 CamelliaSubkeyL(10) = tl ^ subl(11); 00917 CamelliaSubkeyR(10) = tr ^ subr(11); 00918 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00919 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00920 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00921 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00922 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00923 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00924 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00925 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00926 tl = subl(18) ^ (subr(18) & ~subr(16)); 00927 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00928 CamelliaSubkeyL(15) = subl(14) ^ tl; 00929 CamelliaSubkeyR(15) = subr(14) ^ tr; 00930 CamelliaSubkeyL(16) = subl(16); 00931 CamelliaSubkeyR(16) = subr(16); 00932 CamelliaSubkeyL(17) = subl(17); 00933 CamelliaSubkeyR(17) = subr(17); 00934 tl = subl(15) ^ (subr(15) & ~subr(17)); 00935 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00936 CamelliaSubkeyL(18) = tl ^ subl(19); 00937 CamelliaSubkeyR(18) = tr ^ subr(19); 00938 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00939 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00940 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00941 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00942 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00943 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00944 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00945 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00946 tl = subl(26) ^ (subr(26) & ~subr(24)); 00947 dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); 00948 CamelliaSubkeyL(23) = subl(22) ^ tl; 00949 CamelliaSubkeyR(23) = subr(22) ^ tr; 00950 CamelliaSubkeyL(24) = subl(24); 00951 CamelliaSubkeyR(24) = subr(24); 00952 CamelliaSubkeyL(25) = subl(25); 00953 CamelliaSubkeyR(25) = subr(25); 00954 tl = subl(23) ^ (subr(23) & ~subr(25)); 00955 dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); 00956 CamelliaSubkeyL(26) = tl ^ subl(27); 00957 CamelliaSubkeyR(26) = tr ^ subr(27); 00958 CamelliaSubkeyL(27) = subl(26) ^ subl(28); 00959 CamelliaSubkeyR(27) = subr(26) ^ subr(28); 00960 CamelliaSubkeyL(28) = subl(27) ^ subl(29); 00961 CamelliaSubkeyR(28) = subr(27) ^ subr(29); 00962 CamelliaSubkeyL(29) = subl(28) ^ subl(30); 00963 CamelliaSubkeyR(29) = subr(28) ^ subr(30); 00964 CamelliaSubkeyL(30) = subl(29) ^ subl(31); 00965 CamelliaSubkeyR(30) = subr(29) ^ subr(31); 00966 CamelliaSubkeyL(31) = subl(30); 00967 CamelliaSubkeyR(31) = subr(30); 00968 CamelliaSubkeyL(32) = subl(32) ^ subl(31); 00969 CamelliaSubkeyR(32) = subr(32) ^ subr(31); 00970 00971 /* apply the inverse of the last half of P-function */ 00972 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00973 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00974 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00975 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00976 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00977 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00978 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00979 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00980 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00981 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00982 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00983 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00984 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00985 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00986 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00987 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00988 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00989 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00990 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00991 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00992 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00993 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00994 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00995 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00996 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00997 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00998 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00999 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 01000 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 01001 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 01002 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 01003 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 01004 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 01005 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 01006 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 01007 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 01008 dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); 01009 CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; 01010 dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); 01011 CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; 01012 dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); 01013 CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; 01014 dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); 01015 CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; 01016 dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); 01017 CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; 01018 dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); 01019 CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; 01020 01021 #ifdef WOLFSSL_SMALL_STACK 01022 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 01023 XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); 01024 #endif 01025 01026 return 0; 01027 } 01028 01029 static int camellia_setup192(const unsigned char *key, u32 *subkey) 01030 { 01031 unsigned char kk[32]; 01032 u32 krll, krlr, krrl,krrr; 01033 01034 XMEMCPY(kk, key, 24); 01035 XMEMCPY((unsigned char *)&krll, key+16,4); 01036 XMEMCPY((unsigned char *)&krlr, key+20,4); 01037 krrl = ~krll; 01038 krrr = ~krlr; 01039 XMEMCPY(kk+24, (unsigned char *)&krrl, 4); 01040 XMEMCPY(kk+28, (unsigned char *)&krrr, 4); 01041 01042 return camellia_setup256(kk, subkey); 01043 } 01044 01045 01046 /** 01047 * Stuff related to camellia encryption/decryption 01048 * 01049 * "io" must be 4byte aligned and big-endian data. 01050 */ 01051 static void camellia_encrypt128(const u32 *subkey, u32 *io) 01052 { 01053 u32 il, ir, t0, t1; 01054 01055 /* pre whitening but absorb kw2*/ 01056 io[0] ^= CamelliaSubkeyL(0); 01057 io[1] ^= CamelliaSubkeyR(0); 01058 /* main iteration */ 01059 01060 CAMELLIA_ROUNDSM(io[0],io[1], 01061 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01062 io[2],io[3],il,ir,t0,t1); 01063 CAMELLIA_ROUNDSM(io[2],io[3], 01064 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01065 io[0],io[1],il,ir,t0,t1); 01066 CAMELLIA_ROUNDSM(io[0],io[1], 01067 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01068 io[2],io[3],il,ir,t0,t1); 01069 CAMELLIA_ROUNDSM(io[2],io[3], 01070 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01071 io[0],io[1],il,ir,t0,t1); 01072 CAMELLIA_ROUNDSM(io[0],io[1], 01073 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01074 io[2],io[3],il,ir,t0,t1); 01075 CAMELLIA_ROUNDSM(io[2],io[3], 01076 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01077 io[0],io[1],il,ir,t0,t1); 01078 01079 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01080 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01081 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01082 t0,t1,il,ir); 01083 01084 CAMELLIA_ROUNDSM(io[0],io[1], 01085 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01086 io[2],io[3],il,ir,t0,t1); 01087 CAMELLIA_ROUNDSM(io[2],io[3], 01088 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01089 io[0],io[1],il,ir,t0,t1); 01090 CAMELLIA_ROUNDSM(io[0],io[1], 01091 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01092 io[2],io[3],il,ir,t0,t1); 01093 CAMELLIA_ROUNDSM(io[2],io[3], 01094 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01095 io[0],io[1],il,ir,t0,t1); 01096 CAMELLIA_ROUNDSM(io[0],io[1], 01097 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01098 io[2],io[3],il,ir,t0,t1); 01099 CAMELLIA_ROUNDSM(io[2],io[3], 01100 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01101 io[0],io[1],il,ir,t0,t1); 01102 01103 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01104 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01105 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01106 t0,t1,il,ir); 01107 01108 CAMELLIA_ROUNDSM(io[0],io[1], 01109 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01110 io[2],io[3],il,ir,t0,t1); 01111 CAMELLIA_ROUNDSM(io[2],io[3], 01112 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01113 io[0],io[1],il,ir,t0,t1); 01114 CAMELLIA_ROUNDSM(io[0],io[1], 01115 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01116 io[2],io[3],il,ir,t0,t1); 01117 CAMELLIA_ROUNDSM(io[2],io[3], 01118 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01119 io[0],io[1],il,ir,t0,t1); 01120 CAMELLIA_ROUNDSM(io[0],io[1], 01121 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01122 io[2],io[3],il,ir,t0,t1); 01123 CAMELLIA_ROUNDSM(io[2],io[3], 01124 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01125 io[0],io[1],il,ir,t0,t1); 01126 01127 /* post whitening but kw4 */ 01128 io[2] ^= CamelliaSubkeyL(24); 01129 io[3] ^= CamelliaSubkeyR(24); 01130 01131 t0 = io[0]; 01132 t1 = io[1]; 01133 io[0] = io[2]; 01134 io[1] = io[3]; 01135 io[2] = t0; 01136 io[3] = t1; 01137 01138 return; 01139 } 01140 01141 static void camellia_decrypt128(const u32 *subkey, u32 *io) 01142 { 01143 u32 il,ir,t0,t1; /* temporary variables */ 01144 01145 /* pre whitening but absorb kw2*/ 01146 io[0] ^= CamelliaSubkeyL(24); 01147 io[1] ^= CamelliaSubkeyR(24); 01148 01149 /* main iteration */ 01150 CAMELLIA_ROUNDSM(io[0],io[1], 01151 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01152 io[2],io[3],il,ir,t0,t1); 01153 CAMELLIA_ROUNDSM(io[2],io[3], 01154 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01155 io[0],io[1],il,ir,t0,t1); 01156 CAMELLIA_ROUNDSM(io[0],io[1], 01157 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01158 io[2],io[3],il,ir,t0,t1); 01159 CAMELLIA_ROUNDSM(io[2],io[3], 01160 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01161 io[0],io[1],il,ir,t0,t1); 01162 CAMELLIA_ROUNDSM(io[0],io[1], 01163 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01164 io[2],io[3],il,ir,t0,t1); 01165 CAMELLIA_ROUNDSM(io[2],io[3], 01166 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01167 io[0],io[1],il,ir,t0,t1); 01168 01169 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01170 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01171 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01172 t0,t1,il,ir); 01173 01174 CAMELLIA_ROUNDSM(io[0],io[1], 01175 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01176 io[2],io[3],il,ir,t0,t1); 01177 CAMELLIA_ROUNDSM(io[2],io[3], 01178 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01179 io[0],io[1],il,ir,t0,t1); 01180 CAMELLIA_ROUNDSM(io[0],io[1], 01181 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01182 io[2],io[3],il,ir,t0,t1); 01183 CAMELLIA_ROUNDSM(io[2],io[3], 01184 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01185 io[0],io[1],il,ir,t0,t1); 01186 CAMELLIA_ROUNDSM(io[0],io[1], 01187 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01188 io[2],io[3],il,ir,t0,t1); 01189 CAMELLIA_ROUNDSM(io[2],io[3], 01190 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01191 io[0],io[1],il,ir,t0,t1); 01192 01193 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01194 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01195 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01196 t0,t1,il,ir); 01197 01198 CAMELLIA_ROUNDSM(io[0],io[1], 01199 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01200 io[2],io[3],il,ir,t0,t1); 01201 CAMELLIA_ROUNDSM(io[2],io[3], 01202 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01203 io[0],io[1],il,ir,t0,t1); 01204 CAMELLIA_ROUNDSM(io[0],io[1], 01205 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01206 io[2],io[3],il,ir,t0,t1); 01207 CAMELLIA_ROUNDSM(io[2],io[3], 01208 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01209 io[0],io[1],il,ir,t0,t1); 01210 CAMELLIA_ROUNDSM(io[0],io[1], 01211 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01212 io[2],io[3],il,ir,t0,t1); 01213 CAMELLIA_ROUNDSM(io[2],io[3], 01214 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01215 io[0],io[1],il,ir,t0,t1); 01216 01217 /* post whitening but kw4 */ 01218 io[2] ^= CamelliaSubkeyL(0); 01219 io[3] ^= CamelliaSubkeyR(0); 01220 01221 t0 = io[0]; 01222 t1 = io[1]; 01223 io[0] = io[2]; 01224 io[1] = io[3]; 01225 io[2] = t0; 01226 io[3] = t1; 01227 01228 return; 01229 } 01230 01231 /** 01232 * stuff for 192 and 256bit encryption/decryption 01233 */ 01234 static void camellia_encrypt256(const u32 *subkey, u32 *io) 01235 { 01236 u32 il,ir,t0,t1; /* temporary variables */ 01237 01238 /* pre whitening but absorb kw2*/ 01239 io[0] ^= CamelliaSubkeyL(0); 01240 io[1] ^= CamelliaSubkeyR(0); 01241 01242 /* main iteration */ 01243 CAMELLIA_ROUNDSM(io[0],io[1], 01244 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01245 io[2],io[3],il,ir,t0,t1); 01246 CAMELLIA_ROUNDSM(io[2],io[3], 01247 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01248 io[0],io[1],il,ir,t0,t1); 01249 CAMELLIA_ROUNDSM(io[0],io[1], 01250 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01251 io[2],io[3],il,ir,t0,t1); 01252 CAMELLIA_ROUNDSM(io[2],io[3], 01253 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01254 io[0],io[1],il,ir,t0,t1); 01255 CAMELLIA_ROUNDSM(io[0],io[1], 01256 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01257 io[2],io[3],il,ir,t0,t1); 01258 CAMELLIA_ROUNDSM(io[2],io[3], 01259 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01260 io[0],io[1],il,ir,t0,t1); 01261 01262 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01263 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01264 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01265 t0,t1,il,ir); 01266 01267 CAMELLIA_ROUNDSM(io[0],io[1], 01268 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01269 io[2],io[3],il,ir,t0,t1); 01270 CAMELLIA_ROUNDSM(io[2],io[3], 01271 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01272 io[0],io[1],il,ir,t0,t1); 01273 CAMELLIA_ROUNDSM(io[0],io[1], 01274 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01275 io[2],io[3],il,ir,t0,t1); 01276 CAMELLIA_ROUNDSM(io[2],io[3], 01277 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01278 io[0],io[1],il,ir,t0,t1); 01279 CAMELLIA_ROUNDSM(io[0],io[1], 01280 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01281 io[2],io[3],il,ir,t0,t1); 01282 CAMELLIA_ROUNDSM(io[2],io[3], 01283 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01284 io[0],io[1],il,ir,t0,t1); 01285 01286 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01287 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01288 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01289 t0,t1,il,ir); 01290 01291 CAMELLIA_ROUNDSM(io[0],io[1], 01292 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01293 io[2],io[3],il,ir,t0,t1); 01294 CAMELLIA_ROUNDSM(io[2],io[3], 01295 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01296 io[0],io[1],il,ir,t0,t1); 01297 CAMELLIA_ROUNDSM(io[0],io[1], 01298 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01299 io[2],io[3],il,ir,t0,t1); 01300 CAMELLIA_ROUNDSM(io[2],io[3], 01301 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01302 io[0],io[1],il,ir,t0,t1); 01303 CAMELLIA_ROUNDSM(io[0],io[1], 01304 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01305 io[2],io[3],il,ir,t0,t1); 01306 CAMELLIA_ROUNDSM(io[2],io[3], 01307 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01308 io[0],io[1],il,ir,t0,t1); 01309 01310 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01311 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01312 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01313 t0,t1,il,ir); 01314 01315 CAMELLIA_ROUNDSM(io[0],io[1], 01316 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01317 io[2],io[3],il,ir,t0,t1); 01318 CAMELLIA_ROUNDSM(io[2],io[3], 01319 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01320 io[0],io[1],il,ir,t0,t1); 01321 CAMELLIA_ROUNDSM(io[0],io[1], 01322 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01323 io[2],io[3],il,ir,t0,t1); 01324 CAMELLIA_ROUNDSM(io[2],io[3], 01325 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01326 io[0],io[1],il,ir,t0,t1); 01327 CAMELLIA_ROUNDSM(io[0],io[1], 01328 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01329 io[2],io[3],il,ir,t0,t1); 01330 CAMELLIA_ROUNDSM(io[2],io[3], 01331 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01332 io[0],io[1],il,ir,t0,t1); 01333 01334 /* post whitening but kw4 */ 01335 io[2] ^= CamelliaSubkeyL(32); 01336 io[3] ^= CamelliaSubkeyR(32); 01337 01338 t0 = io[0]; 01339 t1 = io[1]; 01340 io[0] = io[2]; 01341 io[1] = io[3]; 01342 io[2] = t0; 01343 io[3] = t1; 01344 01345 return; 01346 } 01347 01348 static void camellia_decrypt256(const u32 *subkey, u32 *io) 01349 { 01350 u32 il,ir,t0,t1; /* temporary variables */ 01351 01352 /* pre whitening but absorb kw2*/ 01353 io[0] ^= CamelliaSubkeyL(32); 01354 io[1] ^= CamelliaSubkeyR(32); 01355 01356 /* main iteration */ 01357 CAMELLIA_ROUNDSM(io[0],io[1], 01358 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01359 io[2],io[3],il,ir,t0,t1); 01360 CAMELLIA_ROUNDSM(io[2],io[3], 01361 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01362 io[0],io[1],il,ir,t0,t1); 01363 CAMELLIA_ROUNDSM(io[0],io[1], 01364 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01365 io[2],io[3],il,ir,t0,t1); 01366 CAMELLIA_ROUNDSM(io[2],io[3], 01367 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01368 io[0],io[1],il,ir,t0,t1); 01369 CAMELLIA_ROUNDSM(io[0],io[1], 01370 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01371 io[2],io[3],il,ir,t0,t1); 01372 CAMELLIA_ROUNDSM(io[2],io[3], 01373 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01374 io[0],io[1],il,ir,t0,t1); 01375 01376 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01377 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01378 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01379 t0,t1,il,ir); 01380 01381 CAMELLIA_ROUNDSM(io[0],io[1], 01382 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01383 io[2],io[3],il,ir,t0,t1); 01384 CAMELLIA_ROUNDSM(io[2],io[3], 01385 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01386 io[0],io[1],il,ir,t0,t1); 01387 CAMELLIA_ROUNDSM(io[0],io[1], 01388 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01389 io[2],io[3],il,ir,t0,t1); 01390 CAMELLIA_ROUNDSM(io[2],io[3], 01391 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01392 io[0],io[1],il,ir,t0,t1); 01393 CAMELLIA_ROUNDSM(io[0],io[1], 01394 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01395 io[2],io[3],il,ir,t0,t1); 01396 CAMELLIA_ROUNDSM(io[2],io[3], 01397 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01398 io[0],io[1],il,ir,t0,t1); 01399 01400 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01401 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01402 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01403 t0,t1,il,ir); 01404 01405 CAMELLIA_ROUNDSM(io[0],io[1], 01406 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01407 io[2],io[3],il,ir,t0,t1); 01408 CAMELLIA_ROUNDSM(io[2],io[3], 01409 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01410 io[0],io[1],il,ir,t0,t1); 01411 CAMELLIA_ROUNDSM(io[0],io[1], 01412 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01413 io[2],io[3],il,ir,t0,t1); 01414 CAMELLIA_ROUNDSM(io[2],io[3], 01415 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01416 io[0],io[1],il,ir,t0,t1); 01417 CAMELLIA_ROUNDSM(io[0],io[1], 01418 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01419 io[2],io[3],il,ir,t0,t1); 01420 CAMELLIA_ROUNDSM(io[2],io[3], 01421 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01422 io[0],io[1],il,ir,t0,t1); 01423 01424 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01425 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01426 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01427 t0,t1,il,ir); 01428 01429 CAMELLIA_ROUNDSM(io[0],io[1], 01430 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01431 io[2],io[3],il,ir,t0,t1); 01432 CAMELLIA_ROUNDSM(io[2],io[3], 01433 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01434 io[0],io[1],il,ir,t0,t1); 01435 CAMELLIA_ROUNDSM(io[0],io[1], 01436 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01437 io[2],io[3],il,ir,t0,t1); 01438 CAMELLIA_ROUNDSM(io[2],io[3], 01439 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01440 io[0],io[1],il,ir,t0,t1); 01441 CAMELLIA_ROUNDSM(io[0],io[1], 01442 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01443 io[2],io[3],il,ir,t0,t1); 01444 CAMELLIA_ROUNDSM(io[2],io[3], 01445 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01446 io[0],io[1],il,ir,t0,t1); 01447 01448 /* post whitening but kw4 */ 01449 io[2] ^= CamelliaSubkeyL(0); 01450 io[3] ^= CamelliaSubkeyR(0); 01451 01452 t0 = io[0]; 01453 t1 = io[1]; 01454 io[0] = io[2]; 01455 io[1] = io[3]; 01456 io[2] = t0; 01457 io[3] = t1; 01458 01459 return; 01460 } 01461 01462 /*** 01463 * 01464 * API for compatibility 01465 */ 01466 01467 static void Camellia_EncryptBlock(const int keyBitLength, 01468 const unsigned char *plaintext, 01469 const KEY_TABLE_TYPE keyTable, 01470 unsigned char *ciphertext) 01471 { 01472 u32 tmp[4]; 01473 01474 tmp[0] = GETU32(plaintext); 01475 tmp[1] = GETU32(plaintext + 4); 01476 tmp[2] = GETU32(plaintext + 8); 01477 tmp[3] = GETU32(plaintext + 12); 01478 01479 switch (keyBitLength) { 01480 case 128: 01481 camellia_encrypt128(keyTable, tmp); 01482 break; 01483 case 192: 01484 /* fall through */ 01485 case 256: 01486 camellia_encrypt256(keyTable, tmp); 01487 break; 01488 default: 01489 break; 01490 } 01491 01492 PUTU32(ciphertext, tmp[0]); 01493 PUTU32(ciphertext + 4, tmp[1]); 01494 PUTU32(ciphertext + 8, tmp[2]); 01495 PUTU32(ciphertext + 12, tmp[3]); 01496 } 01497 01498 static void Camellia_DecryptBlock(const int keyBitLength, 01499 const unsigned char *ciphertext, 01500 const KEY_TABLE_TYPE keyTable, 01501 unsigned char *plaintext) 01502 { 01503 u32 tmp[4]; 01504 01505 tmp[0] = GETU32(ciphertext); 01506 tmp[1] = GETU32(ciphertext + 4); 01507 tmp[2] = GETU32(ciphertext + 8); 01508 tmp[3] = GETU32(ciphertext + 12); 01509 01510 switch (keyBitLength) { 01511 case 128: 01512 camellia_decrypt128(keyTable, tmp); 01513 break; 01514 case 192: 01515 /* fall through */ 01516 case 256: 01517 camellia_decrypt256(keyTable, tmp); 01518 break; 01519 default: 01520 break; 01521 } 01522 PUTU32(plaintext, tmp[0]); 01523 PUTU32(plaintext + 4, tmp[1]); 01524 PUTU32(plaintext + 8, tmp[2]); 01525 PUTU32(plaintext + 12, tmp[3]); 01526 } 01527 01528 01529 01530 /* wolfCrypt wrappers to the Camellia code */ 01531 01532 int wc_CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv) 01533 { 01534 int ret = 0; 01535 01536 if (cam == NULL) return BAD_FUNC_ARG; 01537 01538 XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE)); 01539 01540 switch (len) { 01541 case 16: 01542 ret = camellia_setup128(key, cam->key); 01543 break; 01544 case 24: 01545 ret = camellia_setup192(key, cam->key); 01546 break; 01547 case 32: 01548 ret = camellia_setup256(key, cam->key); 01549 break; 01550 default: 01551 return BAD_FUNC_ARG; 01552 } 01553 01554 if (ret != 0) 01555 return ret; 01556 01557 cam->keySz = len * 8; 01558 01559 return wc_CamelliaSetIV(cam, iv); 01560 } 01561 01562 01563 int wc_CamelliaSetIV(Camellia* cam, const byte* iv) 01564 { 01565 if (cam == NULL) 01566 return BAD_FUNC_ARG; 01567 01568 if (iv) 01569 XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE); 01570 else 01571 XMEMSET(cam->reg, 0, CAMELLIA_BLOCK_SIZE); 01572 01573 return 0; 01574 } 01575 01576 01577 void wc_CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in) 01578 { 01579 Camellia_EncryptBlock(cam->keySz, in, cam->key, out); 01580 } 01581 01582 01583 void wc_CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in) 01584 { 01585 Camellia_DecryptBlock(cam->keySz, in, cam->key, out); 01586 } 01587 01588 01589 void wc_CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01590 { 01591 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01592 01593 while (blocks--) { 01594 xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE); 01595 Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg, 01596 cam->key, (byte*)cam->reg); 01597 XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE); 01598 01599 out += CAMELLIA_BLOCK_SIZE; 01600 in += CAMELLIA_BLOCK_SIZE; 01601 } 01602 } 01603 01604 01605 void wc_CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01606 { 01607 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01608 01609 while (blocks--) { 01610 XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE); 01611 Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out); 01612 xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE); 01613 XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE); 01614 01615 out += CAMELLIA_BLOCK_SIZE; 01616 in += CAMELLIA_BLOCK_SIZE; 01617 } 01618 } 01619 01620 01621 #endif /* HAVE_CAMELLIA */ 01622 01623
Generated on Tue Jul 12 2022 23:30:54 by
1.7.2