d 0773d
Fork of CyaSSL for my specific settings
Embed:
(wiki syntax)
Show/hide line numbers
camellia.c
00001 /* camellia.c ver 1.2.0 00002 * 00003 * Copyright (c) 2006,2007 00004 * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer as 00011 * the first lines of this file unmodified. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 00016 * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR 00017 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00018 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 00019 * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, 00020 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00021 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00022 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00023 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00024 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 00025 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 */ 00027 00028 /* camellia.c 00029 * 00030 * Copyright (C) 2006-2014 wolfSSL Inc. 00031 * 00032 * This file is part of CyaSSL. 00033 * 00034 * CyaSSL is free software; you can redistribute it and/or modify 00035 * it under the terms of the GNU General Public License as published by 00036 * the Free Software Foundation; either version 2 of the License, or 00037 * (at your option) any later version. 00038 * 00039 * CyaSSL is distributed in the hope that it will be useful, 00040 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00041 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00042 * GNU General Public License for more details. 00043 * 00044 * You should have received a copy of the GNU General Public License 00045 * along with this program; if not, write to the Free Software 00046 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA 00047 */ 00048 00049 /* 00050 * Algorithm Specification 00051 * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html 00052 */ 00053 00054 00055 #ifdef HAVE_CONFIG_H 00056 #include <config.h> 00057 #endif 00058 00059 #include <cyassl/ctaocrypt/settings.h> 00060 00061 #ifdef HAVE_CAMELLIA 00062 00063 #include <cyassl/ctaocrypt/camellia.h> 00064 #include <cyassl/ctaocrypt/error-crypt.h> 00065 #include <cyassl/ctaocrypt/logging.h> 00066 #ifdef NO_INLINE 00067 #include <cyassl/ctaocrypt/misc.h> 00068 #else 00069 #include <ctaocrypt/src/misc.c> 00070 #endif 00071 00072 00073 /* u32 must be 32bit word */ 00074 typedef unsigned int u32; 00075 typedef unsigned char u8; 00076 00077 /* key constants */ 00078 00079 #define CAMELLIA_SIGMA1L ((u32)0xA09E667FL) 00080 #define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL) 00081 #define CAMELLIA_SIGMA2L ((u32)0xB67AE858L) 00082 #define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L) 00083 #define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL) 00084 #define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL) 00085 #define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L) 00086 #define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL) 00087 #define CAMELLIA_SIGMA5L ((u32)0x10E527FAL) 00088 #define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL) 00089 #define CAMELLIA_SIGMA6L ((u32)0xB05688C2L) 00090 #define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL) 00091 00092 /* 00093 * macros 00094 */ 00095 00096 00097 #if defined(_MSC_VER) 00098 00099 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 00100 # define GETU32(p) SWAP(*((u32 *)(p))) 00101 # define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} 00102 00103 #else /* not MS-VC */ 00104 00105 # define GETU32(pt) \ 00106 (((u32)(pt)[0] << 24) \ 00107 ^ ((u32)(pt)[1] << 16) \ 00108 ^ ((u32)(pt)[2] << 8) \ 00109 ^ ((u32)(pt)[3])) 00110 00111 # define PUTU32(ct, st) { \ 00112 (ct)[0] = (u8)((st) >> 24); \ 00113 (ct)[1] = (u8)((st) >> 16); \ 00114 (ct)[2] = (u8)((st) >> 8); \ 00115 (ct)[3] = (u8)(st); } 00116 00117 #endif 00118 00119 #define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) 00120 #define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) 00121 00122 /* rotation right shift 1byte */ 00123 #define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) 00124 /* rotation left shift 1bit */ 00125 #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) 00126 /* rotation left shift 1byte */ 00127 #define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) 00128 00129 #define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ 00130 do { \ 00131 w0 = ll; \ 00132 ll = (ll << bits) + (lr >> (32 - bits)); \ 00133 lr = (lr << bits) + (rl >> (32 - bits)); \ 00134 rl = (rl << bits) + (rr >> (32 - bits)); \ 00135 rr = (rr << bits) + (w0 >> (32 - bits)); \ 00136 } while(0) 00137 00138 #define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 00139 do { \ 00140 w0 = ll; \ 00141 w1 = lr; \ 00142 ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ 00143 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 00144 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 00145 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 00146 } while(0) 00147 00148 #define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) 00149 #define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) 00150 #define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) 00151 #define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) 00152 00153 #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00154 do { \ 00155 il = xl ^ kl; \ 00156 ir = xr ^ kr; \ 00157 t0 = il >> 16; \ 00158 t1 = ir >> 16; \ 00159 yl = CAMELLIA_SP1110(ir & 0xff) \ 00160 ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ 00161 ^ CAMELLIA_SP3033(t1 & 0xff) \ 00162 ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ 00163 yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ 00164 ^ CAMELLIA_SP0222(t0 & 0xff) \ 00165 ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ 00166 ^ CAMELLIA_SP4404(il & 0xff); \ 00167 yl ^= yr; \ 00168 yr = CAMELLIA_RR8(yr); \ 00169 yr ^= yl; \ 00170 } while(0) 00171 00172 00173 /* 00174 * for speed up 00175 * 00176 */ 00177 #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ 00178 do { \ 00179 t0 = kll; \ 00180 t0 &= ll; \ 00181 lr ^= CAMELLIA_RL1(t0); \ 00182 t1 = klr; \ 00183 t1 |= lr; \ 00184 ll ^= t1; \ 00185 \ 00186 t2 = krr; \ 00187 t2 |= rr; \ 00188 rl ^= t2; \ 00189 t3 = krl; \ 00190 t3 &= rl; \ 00191 rr ^= CAMELLIA_RL1(t3); \ 00192 } while(0) 00193 00194 #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 00195 do { \ 00196 ir = CAMELLIA_SP1110(xr & 0xff) \ 00197 ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ 00198 ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ 00199 ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ 00200 il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ 00201 ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ 00202 ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ 00203 ^ CAMELLIA_SP4404(xl & 0xff); \ 00204 il ^= kl; \ 00205 ir ^= kr; \ 00206 ir ^= il; \ 00207 il = CAMELLIA_RR8(il); \ 00208 il ^= ir; \ 00209 yl ^= ir; \ 00210 yr ^= il; \ 00211 } while(0) 00212 00213 00214 static const u32 camellia_sp1110[256] = { 00215 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 00216 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 00217 0xe4e4e400,0x85858500,0x57575700,0x35353500, 00218 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 00219 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 00220 0x45454500,0x19191900,0xa5a5a500,0x21212100, 00221 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 00222 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 00223 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 00224 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 00225 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 00226 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 00227 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 00228 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 00229 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 00230 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 00231 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 00232 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 00233 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 00234 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 00235 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 00236 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 00237 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 00238 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 00239 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 00240 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 00241 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 00242 0x53535300,0x18181800,0xf2f2f200,0x22222200, 00243 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 00244 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 00245 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 00246 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 00247 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 00248 0xa1a1a100,0x89898900,0x62626200,0x97979700, 00249 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 00250 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 00251 0x10101000,0xc4c4c400,0x00000000,0x48484800, 00252 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 00253 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 00254 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 00255 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 00256 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 00257 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 00258 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 00259 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 00260 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 00261 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 00262 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 00263 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 00264 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 00265 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 00266 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 00267 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 00268 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 00269 0xd4d4d400,0x25252500,0xababab00,0x42424200, 00270 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 00271 0x72727200,0x07070700,0xb9b9b900,0x55555500, 00272 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 00273 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 00274 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 00275 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 00276 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 00277 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 00278 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 00279 }; 00280 00281 static const u32 camellia_sp0222[256] = { 00282 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 00283 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 00284 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 00285 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 00286 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 00287 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 00288 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 00289 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 00290 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 00291 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 00292 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 00293 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 00294 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 00295 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 00296 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 00297 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 00298 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 00299 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 00300 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 00301 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 00302 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 00303 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 00304 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 00305 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 00306 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 00307 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 00308 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 00309 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 00310 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 00311 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 00312 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 00313 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 00314 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 00315 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 00316 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 00317 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 00318 0x00202020,0x00898989,0x00000000,0x00909090, 00319 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 00320 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 00321 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 00322 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 00323 0x009b9b9b,0x00949494,0x00212121,0x00666666, 00324 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 00325 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 00326 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 00327 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 00328 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 00329 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 00330 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 00331 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 00332 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 00333 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 00334 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 00335 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 00336 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 00337 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 00338 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 00339 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 00340 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 00341 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 00342 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 00343 0x00777777,0x00939393,0x00868686,0x00838383, 00344 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 00345 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 00346 }; 00347 00348 static const u32 camellia_sp3033[256] = { 00349 0x38003838,0x41004141,0x16001616,0x76007676, 00350 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 00351 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 00352 0x75007575,0x06000606,0x57005757,0xa000a0a0, 00353 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 00354 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 00355 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 00356 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 00357 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 00358 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 00359 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 00360 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 00361 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 00362 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 00363 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 00364 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 00365 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 00366 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 00367 0x3a003a3a,0x09000909,0x95009595,0x10001010, 00368 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 00369 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 00370 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 00371 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 00372 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 00373 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 00374 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 00375 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 00376 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 00377 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 00378 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 00379 0x12001212,0x04000404,0x74007474,0x54005454, 00380 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 00381 0x55005555,0x68006868,0x50005050,0xbe00bebe, 00382 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 00383 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 00384 0x70007070,0xff00ffff,0x32003232,0x69006969, 00385 0x08000808,0x62006262,0x00000000,0x24002424, 00386 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 00387 0x45004545,0x81008181,0x73007373,0x6d006d6d, 00388 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 00389 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 00390 0xe600e6e6,0x25002525,0x48004848,0x99009999, 00391 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 00392 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 00393 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 00394 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 00395 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 00396 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 00397 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 00398 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 00399 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 00400 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 00401 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 00402 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 00403 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 00404 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 00405 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 00406 0x7c007c7c,0x77007777,0x56005656,0x05000505, 00407 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 00408 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 00409 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 00410 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 00411 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 00412 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 00413 }; 00414 00415 static const u32 camellia_sp4404[256] = { 00416 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 00417 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 00418 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 00419 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 00420 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 00421 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 00422 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 00423 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 00424 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 00425 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 00426 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 00427 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 00428 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 00429 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 00430 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 00431 0x24240024,0xe8e800e8,0x60600060,0x69690069, 00432 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 00433 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 00434 0x10100010,0x00000000,0xa3a300a3,0x75750075, 00435 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 00436 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 00437 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 00438 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 00439 0x81810081,0x6f6f006f,0x13130013,0x63630063, 00440 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 00441 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 00442 0x78780078,0x06060006,0xe7e700e7,0x71710071, 00443 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 00444 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 00445 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 00446 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 00447 0x15150015,0xadad00ad,0x77770077,0x80800080, 00448 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 00449 0x85850085,0x35350035,0x0c0c000c,0x41410041, 00450 0xefef00ef,0x93930093,0x19190019,0x21210021, 00451 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 00452 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 00453 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 00454 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 00455 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 00456 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 00457 0x12120012,0x20200020,0xb1b100b1,0x99990099, 00458 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 00459 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 00460 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 00461 0x0f0f000f,0x16160016,0x18180018,0x22220022, 00462 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 00463 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 00464 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 00465 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 00466 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 00467 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 00468 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 00469 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 00470 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 00471 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 00472 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 00473 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 00474 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 00475 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 00476 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 00477 0x49490049,0x68680068,0x38380038,0xa4a400a4, 00478 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 00479 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 00480 }; 00481 00482 00483 /** 00484 * Stuff related to the Camellia key schedule 00485 */ 00486 #define subl(x) subL[(x)] 00487 #define subr(x) subR[(x)] 00488 00489 static int camellia_setup128(const unsigned char *key, u32 *subkey) 00490 { 00491 u32 kll, klr, krl, krr; 00492 u32 il, ir, t0, t1, w0, w1; 00493 u32 kw4l, kw4r, dw, tl, tr; 00494 00495 #ifdef CYASSL_SMALL_STACK 00496 u32* subL; 00497 u32* subR; 00498 00499 subL = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00500 if (subL == NULL) 00501 return MEMORY_E; 00502 00503 subR = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00504 if (subR == NULL) { 00505 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00506 return MEMORY_E; 00507 } 00508 #else 00509 u32 subL[26]; 00510 u32 subR[26]; 00511 #endif 00512 00513 /** 00514 * k == kll || klr || krl || krr (|| is concatination) 00515 */ 00516 kll = GETU32(key ); 00517 klr = GETU32(key + 4); 00518 krl = GETU32(key + 8); 00519 krr = GETU32(key + 12); 00520 /** 00521 * generate KL dependent subkeys 00522 */ 00523 subl(0) = kll; subr(0) = klr; 00524 subl(1) = krl; subr(1) = krr; 00525 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00526 subl(4) = kll; subr(4) = klr; 00527 subl(5) = krl; subr(5) = krr; 00528 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00529 subl(10) = kll; subr(10) = klr; 00530 subl(11) = krl; subr(11) = krr; 00531 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00532 subl(13) = krl; subr(13) = krr; 00533 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00534 subl(16) = kll; subr(16) = klr; 00535 subl(17) = krl; subr(17) = krr; 00536 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00537 subl(18) = kll; subr(18) = klr; 00538 subl(19) = krl; subr(19) = krr; 00539 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00540 subl(22) = kll; subr(22) = klr; 00541 subl(23) = krl; subr(23) = krr; 00542 00543 /* generate KA */ 00544 kll = subl(0); klr = subr(0); 00545 krl = subl(1); krr = subr(1); 00546 CAMELLIA_F(kll, klr, 00547 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00548 w0, w1, il, ir, t0, t1); 00549 krl ^= w0; krr ^= w1; 00550 CAMELLIA_F(krl, krr, 00551 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00552 kll, klr, il, ir, t0, t1); 00553 CAMELLIA_F(kll, klr, 00554 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00555 krl, krr, il, ir, t0, t1); 00556 krl ^= w0; krr ^= w1; 00557 CAMELLIA_F(krl, krr, 00558 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00559 w0, w1, il, ir, t0, t1); 00560 kll ^= w0; klr ^= w1; 00561 00562 /* generate KA dependent subkeys */ 00563 subl(2) = kll; subr(2) = klr; 00564 subl(3) = krl; subr(3) = krr; 00565 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00566 subl(6) = kll; subr(6) = klr; 00567 subl(7) = krl; subr(7) = krr; 00568 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00569 subl(8) = kll; subr(8) = klr; 00570 subl(9) = krl; subr(9) = krr; 00571 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00572 subl(12) = kll; subr(12) = klr; 00573 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00574 subl(14) = kll; subr(14) = klr; 00575 subl(15) = krl; subr(15) = krr; 00576 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00577 subl(20) = kll; subr(20) = klr; 00578 subl(21) = krl; subr(21) = krr; 00579 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00580 subl(24) = kll; subr(24) = klr; 00581 subl(25) = krl; subr(25) = krr; 00582 00583 00584 /* absorb kw2 to other subkeys */ 00585 subl(3) ^= subl(1); subr(3) ^= subr(1); 00586 subl(5) ^= subl(1); subr(5) ^= subr(1); 00587 subl(7) ^= subl(1); subr(7) ^= subr(1); 00588 subl(1) ^= subr(1) & ~subr(9); 00589 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00590 subl(11) ^= subl(1); subr(11) ^= subr(1); 00591 subl(13) ^= subl(1); subr(13) ^= subr(1); 00592 subl(15) ^= subl(1); subr(15) ^= subr(1); 00593 subl(1) ^= subr(1) & ~subr(17); 00594 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00595 subl(19) ^= subl(1); subr(19) ^= subr(1); 00596 subl(21) ^= subl(1); subr(21) ^= subr(1); 00597 subl(23) ^= subl(1); subr(23) ^= subr(1); 00598 subl(24) ^= subl(1); subr(24) ^= subr(1); 00599 00600 /* absorb kw4 to other subkeys */ 00601 kw4l = subl(25); kw4r = subr(25); 00602 subl(22) ^= kw4l; subr(22) ^= kw4r; 00603 subl(20) ^= kw4l; subr(20) ^= kw4r; 00604 subl(18) ^= kw4l; subr(18) ^= kw4r; 00605 kw4l ^= kw4r & ~subr(16); 00606 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00607 subl(14) ^= kw4l; subr(14) ^= kw4r; 00608 subl(12) ^= kw4l; subr(12) ^= kw4r; 00609 subl(10) ^= kw4l; subr(10) ^= kw4r; 00610 kw4l ^= kw4r & ~subr(8); 00611 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00612 subl(6) ^= kw4l; subr(6) ^= kw4r; 00613 subl(4) ^= kw4l; subr(4) ^= kw4r; 00614 subl(2) ^= kw4l; subr(2) ^= kw4r; 00615 subl(0) ^= kw4l; subr(0) ^= kw4r; 00616 00617 /* key XOR is end of F-function */ 00618 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00619 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00620 CamelliaSubkeyL(2) = subl(3); 00621 CamelliaSubkeyR(2) = subr(3); 00622 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00623 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00624 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00625 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00626 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00627 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00628 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00629 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00630 tl = subl(10) ^ (subr(10) & ~subr(8)); 00631 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00632 CamelliaSubkeyL(7) = subl(6) ^ tl; 00633 CamelliaSubkeyR(7) = subr(6) ^ tr; 00634 CamelliaSubkeyL(8) = subl(8); 00635 CamelliaSubkeyR(8) = subr(8); 00636 CamelliaSubkeyL(9) = subl(9); 00637 CamelliaSubkeyR(9) = subr(9); 00638 tl = subl(7) ^ (subr(7) & ~subr(9)); 00639 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00640 CamelliaSubkeyL(10) = tl ^ subl(11); 00641 CamelliaSubkeyR(10) = tr ^ subr(11); 00642 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00643 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00644 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00645 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00646 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00647 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00648 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00649 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00650 tl = subl(18) ^ (subr(18) & ~subr(16)); 00651 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00652 CamelliaSubkeyL(15) = subl(14) ^ tl; 00653 CamelliaSubkeyR(15) = subr(14) ^ tr; 00654 CamelliaSubkeyL(16) = subl(16); 00655 CamelliaSubkeyR(16) = subr(16); 00656 CamelliaSubkeyL(17) = subl(17); 00657 CamelliaSubkeyR(17) = subr(17); 00658 tl = subl(15) ^ (subr(15) & ~subr(17)); 00659 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00660 CamelliaSubkeyL(18) = tl ^ subl(19); 00661 CamelliaSubkeyR(18) = tr ^ subr(19); 00662 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00663 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00664 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00665 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00666 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00667 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00668 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00669 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00670 CamelliaSubkeyL(23) = subl(22); 00671 CamelliaSubkeyR(23) = subr(22); 00672 CamelliaSubkeyL(24) = subl(24) ^ subl(23); 00673 CamelliaSubkeyR(24) = subr(24) ^ subr(23); 00674 00675 /* apply the inverse of the last half of P-function */ 00676 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00677 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00678 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00679 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00680 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00681 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00682 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00683 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00684 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00685 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00686 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00687 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00688 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00689 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00690 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00691 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00692 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00693 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00694 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00695 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00696 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00697 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00698 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00699 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00700 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00701 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00702 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00703 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00704 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 00705 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 00706 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 00707 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 00708 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 00709 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 00710 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 00711 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 00712 00713 #ifdef CYASSL_SMALL_STACK 00714 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00715 XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00716 #endif 00717 00718 return 0; 00719 } 00720 00721 static int camellia_setup256(const unsigned char *key, u32 *subkey) 00722 { 00723 u32 kll,klr,krl,krr; /* left half of key */ 00724 u32 krll,krlr,krrl,krrr; /* right half of key */ 00725 u32 il, ir, t0, t1, w0, w1; /* temporary variables */ 00726 u32 kw4l, kw4r, dw, tl, tr; 00727 00728 #ifdef CYASSL_SMALL_STACK 00729 u32* subL; 00730 u32* subR; 00731 00732 subL = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00733 if (subL == NULL) 00734 return MEMORY_E; 00735 00736 subR = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00737 if (subR == NULL) { 00738 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 00739 return MEMORY_E; 00740 } 00741 #else 00742 u32 subL[34]; 00743 u32 subR[34]; 00744 #endif 00745 00746 /** 00747 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) 00748 * (|| is concatination) 00749 */ 00750 00751 kll = GETU32(key ); 00752 klr = GETU32(key + 4); 00753 krl = GETU32(key + 8); 00754 krr = GETU32(key + 12); 00755 krll = GETU32(key + 16); 00756 krlr = GETU32(key + 20); 00757 krrl = GETU32(key + 24); 00758 krrr = GETU32(key + 28); 00759 00760 /* generate KL dependent subkeys */ 00761 subl(0) = kll; subr(0) = klr; 00762 subl(1) = krl; subr(1) = krr; 00763 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); 00764 subl(12) = kll; subr(12) = klr; 00765 subl(13) = krl; subr(13) = krr; 00766 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00767 subl(16) = kll; subr(16) = klr; 00768 subl(17) = krl; subr(17) = krr; 00769 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); 00770 subl(22) = kll; subr(22) = klr; 00771 subl(23) = krl; subr(23) = krr; 00772 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); 00773 subl(30) = kll; subr(30) = klr; 00774 subl(31) = krl; subr(31) = krr; 00775 00776 /* generate KR dependent subkeys */ 00777 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00778 subl(4) = krll; subr(4) = krlr; 00779 subl(5) = krrl; subr(5) = krrr; 00780 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); 00781 subl(8) = krll; subr(8) = krlr; 00782 subl(9) = krrl; subr(9) = krrr; 00783 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00784 subl(18) = krll; subr(18) = krlr; 00785 subl(19) = krrl; subr(19) = krrr; 00786 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00787 subl(26) = krll; subr(26) = krlr; 00788 subl(27) = krrl; subr(27) = krrr; 00789 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); 00790 00791 /* generate KA */ 00792 kll = subl(0) ^ krll; klr = subr(0) ^ krlr; 00793 krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; 00794 CAMELLIA_F(kll, klr, 00795 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, 00796 w0, w1, il, ir, t0, t1); 00797 krl ^= w0; krr ^= w1; 00798 CAMELLIA_F(krl, krr, 00799 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, 00800 kll, klr, il, ir, t0, t1); 00801 kll ^= krll; klr ^= krlr; 00802 CAMELLIA_F(kll, klr, 00803 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, 00804 krl, krr, il, ir, t0, t1); 00805 krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; 00806 CAMELLIA_F(krl, krr, 00807 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, 00808 w0, w1, il, ir, t0, t1); 00809 kll ^= w0; klr ^= w1; 00810 00811 /* generate KB */ 00812 krll ^= kll; krlr ^= klr; 00813 krrl ^= krl; krrr ^= krr; 00814 CAMELLIA_F(krll, krlr, 00815 CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, 00816 w0, w1, il, ir, t0, t1); 00817 krrl ^= w0; krrr ^= w1; 00818 CAMELLIA_F(krrl, krrr, 00819 CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, 00820 w0, w1, il, ir, t0, t1); 00821 krll ^= w0; krlr ^= w1; 00822 00823 /* generate KA dependent subkeys */ 00824 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); 00825 subl(6) = kll; subr(6) = klr; 00826 subl(7) = krl; subr(7) = krr; 00827 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); 00828 subl(14) = kll; subr(14) = klr; 00829 subl(15) = krl; subr(15) = krr; 00830 subl(24) = klr; subr(24) = krl; 00831 subl(25) = krr; subr(25) = kll; 00832 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); 00833 subl(28) = kll; subr(28) = klr; 00834 subl(29) = krl; subr(29) = krr; 00835 00836 /* generate KB dependent subkeys */ 00837 subl(2) = krll; subr(2) = krlr; 00838 subl(3) = krrl; subr(3) = krrr; 00839 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00840 subl(10) = krll; subr(10) = krlr; 00841 subl(11) = krrl; subr(11) = krrr; 00842 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); 00843 subl(20) = krll; subr(20) = krlr; 00844 subl(21) = krrl; subr(21) = krrr; 00845 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); 00846 subl(32) = krll; subr(32) = krlr; 00847 subl(33) = krrl; subr(33) = krrr; 00848 00849 /* absorb kw2 to other subkeys */ 00850 subl(3) ^= subl(1); subr(3) ^= subr(1); 00851 subl(5) ^= subl(1); subr(5) ^= subr(1); 00852 subl(7) ^= subl(1); subr(7) ^= subr(1); 00853 subl(1) ^= subr(1) & ~subr(9); 00854 dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); 00855 subl(11) ^= subl(1); subr(11) ^= subr(1); 00856 subl(13) ^= subl(1); subr(13) ^= subr(1); 00857 subl(15) ^= subl(1); subr(15) ^= subr(1); 00858 subl(1) ^= subr(1) & ~subr(17); 00859 dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); 00860 subl(19) ^= subl(1); subr(19) ^= subr(1); 00861 subl(21) ^= subl(1); subr(21) ^= subr(1); 00862 subl(23) ^= subl(1); subr(23) ^= subr(1); 00863 subl(1) ^= subr(1) & ~subr(25); 00864 dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); 00865 subl(27) ^= subl(1); subr(27) ^= subr(1); 00866 subl(29) ^= subl(1); subr(29) ^= subr(1); 00867 subl(31) ^= subl(1); subr(31) ^= subr(1); 00868 subl(32) ^= subl(1); subr(32) ^= subr(1); 00869 00870 /* absorb kw4 to other subkeys */ 00871 kw4l = subl(33); kw4r = subr(33); 00872 subl(30) ^= kw4l; subr(30) ^= kw4r; 00873 subl(28) ^= kw4l; subr(28) ^= kw4r; 00874 subl(26) ^= kw4l; subr(26) ^= kw4r; 00875 kw4l ^= kw4r & ~subr(24); 00876 dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); 00877 subl(22) ^= kw4l; subr(22) ^= kw4r; 00878 subl(20) ^= kw4l; subr(20) ^= kw4r; 00879 subl(18) ^= kw4l; subr(18) ^= kw4r; 00880 kw4l ^= kw4r & ~subr(16); 00881 dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); 00882 subl(14) ^= kw4l; subr(14) ^= kw4r; 00883 subl(12) ^= kw4l; subr(12) ^= kw4r; 00884 subl(10) ^= kw4l; subr(10) ^= kw4r; 00885 kw4l ^= kw4r & ~subr(8); 00886 dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); 00887 subl(6) ^= kw4l; subr(6) ^= kw4r; 00888 subl(4) ^= kw4l; subr(4) ^= kw4r; 00889 subl(2) ^= kw4l; subr(2) ^= kw4r; 00890 subl(0) ^= kw4l; subr(0) ^= kw4r; 00891 00892 /* key XOR is end of F-function */ 00893 CamelliaSubkeyL(0) = subl(0) ^ subl(2); 00894 CamelliaSubkeyR(0) = subr(0) ^ subr(2); 00895 CamelliaSubkeyL(2) = subl(3); 00896 CamelliaSubkeyR(2) = subr(3); 00897 CamelliaSubkeyL(3) = subl(2) ^ subl(4); 00898 CamelliaSubkeyR(3) = subr(2) ^ subr(4); 00899 CamelliaSubkeyL(4) = subl(3) ^ subl(5); 00900 CamelliaSubkeyR(4) = subr(3) ^ subr(5); 00901 CamelliaSubkeyL(5) = subl(4) ^ subl(6); 00902 CamelliaSubkeyR(5) = subr(4) ^ subr(6); 00903 CamelliaSubkeyL(6) = subl(5) ^ subl(7); 00904 CamelliaSubkeyR(6) = subr(5) ^ subr(7); 00905 tl = subl(10) ^ (subr(10) & ~subr(8)); 00906 dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); 00907 CamelliaSubkeyL(7) = subl(6) ^ tl; 00908 CamelliaSubkeyR(7) = subr(6) ^ tr; 00909 CamelliaSubkeyL(8) = subl(8); 00910 CamelliaSubkeyR(8) = subr(8); 00911 CamelliaSubkeyL(9) = subl(9); 00912 CamelliaSubkeyR(9) = subr(9); 00913 tl = subl(7) ^ (subr(7) & ~subr(9)); 00914 dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); 00915 CamelliaSubkeyL(10) = tl ^ subl(11); 00916 CamelliaSubkeyR(10) = tr ^ subr(11); 00917 CamelliaSubkeyL(11) = subl(10) ^ subl(12); 00918 CamelliaSubkeyR(11) = subr(10) ^ subr(12); 00919 CamelliaSubkeyL(12) = subl(11) ^ subl(13); 00920 CamelliaSubkeyR(12) = subr(11) ^ subr(13); 00921 CamelliaSubkeyL(13) = subl(12) ^ subl(14); 00922 CamelliaSubkeyR(13) = subr(12) ^ subr(14); 00923 CamelliaSubkeyL(14) = subl(13) ^ subl(15); 00924 CamelliaSubkeyR(14) = subr(13) ^ subr(15); 00925 tl = subl(18) ^ (subr(18) & ~subr(16)); 00926 dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); 00927 CamelliaSubkeyL(15) = subl(14) ^ tl; 00928 CamelliaSubkeyR(15) = subr(14) ^ tr; 00929 CamelliaSubkeyL(16) = subl(16); 00930 CamelliaSubkeyR(16) = subr(16); 00931 CamelliaSubkeyL(17) = subl(17); 00932 CamelliaSubkeyR(17) = subr(17); 00933 tl = subl(15) ^ (subr(15) & ~subr(17)); 00934 dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); 00935 CamelliaSubkeyL(18) = tl ^ subl(19); 00936 CamelliaSubkeyR(18) = tr ^ subr(19); 00937 CamelliaSubkeyL(19) = subl(18) ^ subl(20); 00938 CamelliaSubkeyR(19) = subr(18) ^ subr(20); 00939 CamelliaSubkeyL(20) = subl(19) ^ subl(21); 00940 CamelliaSubkeyR(20) = subr(19) ^ subr(21); 00941 CamelliaSubkeyL(21) = subl(20) ^ subl(22); 00942 CamelliaSubkeyR(21) = subr(20) ^ subr(22); 00943 CamelliaSubkeyL(22) = subl(21) ^ subl(23); 00944 CamelliaSubkeyR(22) = subr(21) ^ subr(23); 00945 tl = subl(26) ^ (subr(26) & ~subr(24)); 00946 dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); 00947 CamelliaSubkeyL(23) = subl(22) ^ tl; 00948 CamelliaSubkeyR(23) = subr(22) ^ tr; 00949 CamelliaSubkeyL(24) = subl(24); 00950 CamelliaSubkeyR(24) = subr(24); 00951 CamelliaSubkeyL(25) = subl(25); 00952 CamelliaSubkeyR(25) = subr(25); 00953 tl = subl(23) ^ (subr(23) & ~subr(25)); 00954 dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); 00955 CamelliaSubkeyL(26) = tl ^ subl(27); 00956 CamelliaSubkeyR(26) = tr ^ subr(27); 00957 CamelliaSubkeyL(27) = subl(26) ^ subl(28); 00958 CamelliaSubkeyR(27) = subr(26) ^ subr(28); 00959 CamelliaSubkeyL(28) = subl(27) ^ subl(29); 00960 CamelliaSubkeyR(28) = subr(27) ^ subr(29); 00961 CamelliaSubkeyL(29) = subl(28) ^ subl(30); 00962 CamelliaSubkeyR(29) = subr(28) ^ subr(30); 00963 CamelliaSubkeyL(30) = subl(29) ^ subl(31); 00964 CamelliaSubkeyR(30) = subr(29) ^ subr(31); 00965 CamelliaSubkeyL(31) = subl(30); 00966 CamelliaSubkeyR(31) = subr(30); 00967 CamelliaSubkeyL(32) = subl(32) ^ subl(31); 00968 CamelliaSubkeyR(32) = subr(32) ^ subr(31); 00969 00970 /* apply the inverse of the last half of P-function */ 00971 dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); 00972 CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; 00973 dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); 00974 CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; 00975 dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); 00976 CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; 00977 dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); 00978 CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; 00979 dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); 00980 CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; 00981 dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); 00982 CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; 00983 dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); 00984 CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; 00985 dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); 00986 CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; 00987 dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); 00988 CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; 00989 dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); 00990 CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; 00991 dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); 00992 CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; 00993 dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); 00994 CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; 00995 dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); 00996 CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; 00997 dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); 00998 CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; 00999 dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); 01000 CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; 01001 dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); 01002 CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; 01003 dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); 01004 CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; 01005 dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); 01006 CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; 01007 dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); 01008 CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; 01009 dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); 01010 CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; 01011 dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); 01012 CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; 01013 dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); 01014 CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; 01015 dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); 01016 CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; 01017 dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); 01018 CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; 01019 01020 #ifdef CYASSL_SMALL_STACK 01021 XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); 01022 XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); 01023 #endif 01024 01025 return 0; 01026 } 01027 01028 static int camellia_setup192(const unsigned char *key, u32 *subkey) 01029 { 01030 unsigned char kk[32]; 01031 u32 krll, krlr, krrl,krrr; 01032 01033 memcpy(kk, key, 24); 01034 memcpy((unsigned char *)&krll, key+16,4); 01035 memcpy((unsigned char *)&krlr, key+20,4); 01036 krrl = ~krll; 01037 krrr = ~krlr; 01038 memcpy(kk+24, (unsigned char *)&krrl, 4); 01039 memcpy(kk+28, (unsigned char *)&krrr, 4); 01040 01041 return camellia_setup256(kk, subkey); 01042 } 01043 01044 01045 /** 01046 * Stuff related to camellia encryption/decryption 01047 * 01048 * "io" must be 4byte aligned and big-endian data. 01049 */ 01050 static void camellia_encrypt128(const u32 *subkey, u32 *io) 01051 { 01052 u32 il, ir, t0, t1; 01053 01054 /* pre whitening but absorb kw2*/ 01055 io[0] ^= CamelliaSubkeyL(0); 01056 io[1] ^= CamelliaSubkeyR(0); 01057 /* main iteration */ 01058 01059 CAMELLIA_ROUNDSM(io[0],io[1], 01060 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01061 io[2],io[3],il,ir,t0,t1); 01062 CAMELLIA_ROUNDSM(io[2],io[3], 01063 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01064 io[0],io[1],il,ir,t0,t1); 01065 CAMELLIA_ROUNDSM(io[0],io[1], 01066 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01067 io[2],io[3],il,ir,t0,t1); 01068 CAMELLIA_ROUNDSM(io[2],io[3], 01069 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01070 io[0],io[1],il,ir,t0,t1); 01071 CAMELLIA_ROUNDSM(io[0],io[1], 01072 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01073 io[2],io[3],il,ir,t0,t1); 01074 CAMELLIA_ROUNDSM(io[2],io[3], 01075 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01076 io[0],io[1],il,ir,t0,t1); 01077 01078 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01079 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01080 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01081 t0,t1,il,ir); 01082 01083 CAMELLIA_ROUNDSM(io[0],io[1], 01084 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01085 io[2],io[3],il,ir,t0,t1); 01086 CAMELLIA_ROUNDSM(io[2],io[3], 01087 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01088 io[0],io[1],il,ir,t0,t1); 01089 CAMELLIA_ROUNDSM(io[0],io[1], 01090 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01091 io[2],io[3],il,ir,t0,t1); 01092 CAMELLIA_ROUNDSM(io[2],io[3], 01093 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01094 io[0],io[1],il,ir,t0,t1); 01095 CAMELLIA_ROUNDSM(io[0],io[1], 01096 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01097 io[2],io[3],il,ir,t0,t1); 01098 CAMELLIA_ROUNDSM(io[2],io[3], 01099 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01100 io[0],io[1],il,ir,t0,t1); 01101 01102 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01103 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01104 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01105 t0,t1,il,ir); 01106 01107 CAMELLIA_ROUNDSM(io[0],io[1], 01108 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01109 io[2],io[3],il,ir,t0,t1); 01110 CAMELLIA_ROUNDSM(io[2],io[3], 01111 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01112 io[0],io[1],il,ir,t0,t1); 01113 CAMELLIA_ROUNDSM(io[0],io[1], 01114 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01115 io[2],io[3],il,ir,t0,t1); 01116 CAMELLIA_ROUNDSM(io[2],io[3], 01117 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01118 io[0],io[1],il,ir,t0,t1); 01119 CAMELLIA_ROUNDSM(io[0],io[1], 01120 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01121 io[2],io[3],il,ir,t0,t1); 01122 CAMELLIA_ROUNDSM(io[2],io[3], 01123 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01124 io[0],io[1],il,ir,t0,t1); 01125 01126 /* post whitening but kw4 */ 01127 io[2] ^= CamelliaSubkeyL(24); 01128 io[3] ^= CamelliaSubkeyR(24); 01129 01130 t0 = io[0]; 01131 t1 = io[1]; 01132 io[0] = io[2]; 01133 io[1] = io[3]; 01134 io[2] = t0; 01135 io[3] = t1; 01136 01137 return; 01138 } 01139 01140 static void camellia_decrypt128(const u32 *subkey, u32 *io) 01141 { 01142 u32 il,ir,t0,t1; /* temporary valiables */ 01143 01144 /* pre whitening but absorb kw2*/ 01145 io[0] ^= CamelliaSubkeyL(24); 01146 io[1] ^= CamelliaSubkeyR(24); 01147 01148 /* main iteration */ 01149 CAMELLIA_ROUNDSM(io[0],io[1], 01150 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01151 io[2],io[3],il,ir,t0,t1); 01152 CAMELLIA_ROUNDSM(io[2],io[3], 01153 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01154 io[0],io[1],il,ir,t0,t1); 01155 CAMELLIA_ROUNDSM(io[0],io[1], 01156 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01157 io[2],io[3],il,ir,t0,t1); 01158 CAMELLIA_ROUNDSM(io[2],io[3], 01159 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01160 io[0],io[1],il,ir,t0,t1); 01161 CAMELLIA_ROUNDSM(io[0],io[1], 01162 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01163 io[2],io[3],il,ir,t0,t1); 01164 CAMELLIA_ROUNDSM(io[2],io[3], 01165 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01166 io[0],io[1],il,ir,t0,t1); 01167 01168 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01169 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01170 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01171 t0,t1,il,ir); 01172 01173 CAMELLIA_ROUNDSM(io[0],io[1], 01174 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01175 io[2],io[3],il,ir,t0,t1); 01176 CAMELLIA_ROUNDSM(io[2],io[3], 01177 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01178 io[0],io[1],il,ir,t0,t1); 01179 CAMELLIA_ROUNDSM(io[0],io[1], 01180 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01181 io[2],io[3],il,ir,t0,t1); 01182 CAMELLIA_ROUNDSM(io[2],io[3], 01183 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01184 io[0],io[1],il,ir,t0,t1); 01185 CAMELLIA_ROUNDSM(io[0],io[1], 01186 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01187 io[2],io[3],il,ir,t0,t1); 01188 CAMELLIA_ROUNDSM(io[2],io[3], 01189 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01190 io[0],io[1],il,ir,t0,t1); 01191 01192 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01193 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01194 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01195 t0,t1,il,ir); 01196 01197 CAMELLIA_ROUNDSM(io[0],io[1], 01198 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01199 io[2],io[3],il,ir,t0,t1); 01200 CAMELLIA_ROUNDSM(io[2],io[3], 01201 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01202 io[0],io[1],il,ir,t0,t1); 01203 CAMELLIA_ROUNDSM(io[0],io[1], 01204 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01205 io[2],io[3],il,ir,t0,t1); 01206 CAMELLIA_ROUNDSM(io[2],io[3], 01207 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01208 io[0],io[1],il,ir,t0,t1); 01209 CAMELLIA_ROUNDSM(io[0],io[1], 01210 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01211 io[2],io[3],il,ir,t0,t1); 01212 CAMELLIA_ROUNDSM(io[2],io[3], 01213 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01214 io[0],io[1],il,ir,t0,t1); 01215 01216 /* post whitening but kw4 */ 01217 io[2] ^= CamelliaSubkeyL(0); 01218 io[3] ^= CamelliaSubkeyR(0); 01219 01220 t0 = io[0]; 01221 t1 = io[1]; 01222 io[0] = io[2]; 01223 io[1] = io[3]; 01224 io[2] = t0; 01225 io[3] = t1; 01226 01227 return; 01228 } 01229 01230 /** 01231 * stuff for 192 and 256bit encryption/decryption 01232 */ 01233 static void camellia_encrypt256(const u32 *subkey, u32 *io) 01234 { 01235 u32 il,ir,t0,t1; /* temporary valiables */ 01236 01237 /* pre whitening but absorb kw2*/ 01238 io[0] ^= CamelliaSubkeyL(0); 01239 io[1] ^= CamelliaSubkeyR(0); 01240 01241 /* main iteration */ 01242 CAMELLIA_ROUNDSM(io[0],io[1], 01243 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01244 io[2],io[3],il,ir,t0,t1); 01245 CAMELLIA_ROUNDSM(io[2],io[3], 01246 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01247 io[0],io[1],il,ir,t0,t1); 01248 CAMELLIA_ROUNDSM(io[0],io[1], 01249 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01250 io[2],io[3],il,ir,t0,t1); 01251 CAMELLIA_ROUNDSM(io[2],io[3], 01252 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01253 io[0],io[1],il,ir,t0,t1); 01254 CAMELLIA_ROUNDSM(io[0],io[1], 01255 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01256 io[2],io[3],il,ir,t0,t1); 01257 CAMELLIA_ROUNDSM(io[2],io[3], 01258 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01259 io[0],io[1],il,ir,t0,t1); 01260 01261 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01262 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01263 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01264 t0,t1,il,ir); 01265 01266 CAMELLIA_ROUNDSM(io[0],io[1], 01267 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01268 io[2],io[3],il,ir,t0,t1); 01269 CAMELLIA_ROUNDSM(io[2],io[3], 01270 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01271 io[0],io[1],il,ir,t0,t1); 01272 CAMELLIA_ROUNDSM(io[0],io[1], 01273 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01274 io[2],io[3],il,ir,t0,t1); 01275 CAMELLIA_ROUNDSM(io[2],io[3], 01276 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01277 io[0],io[1],il,ir,t0,t1); 01278 CAMELLIA_ROUNDSM(io[0],io[1], 01279 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01280 io[2],io[3],il,ir,t0,t1); 01281 CAMELLIA_ROUNDSM(io[2],io[3], 01282 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01283 io[0],io[1],il,ir,t0,t1); 01284 01285 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01286 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01287 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01288 t0,t1,il,ir); 01289 01290 CAMELLIA_ROUNDSM(io[0],io[1], 01291 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01292 io[2],io[3],il,ir,t0,t1); 01293 CAMELLIA_ROUNDSM(io[2],io[3], 01294 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01295 io[0],io[1],il,ir,t0,t1); 01296 CAMELLIA_ROUNDSM(io[0],io[1], 01297 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01298 io[2],io[3],il,ir,t0,t1); 01299 CAMELLIA_ROUNDSM(io[2],io[3], 01300 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01301 io[0],io[1],il,ir,t0,t1); 01302 CAMELLIA_ROUNDSM(io[0],io[1], 01303 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01304 io[2],io[3],il,ir,t0,t1); 01305 CAMELLIA_ROUNDSM(io[2],io[3], 01306 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01307 io[0],io[1],il,ir,t0,t1); 01308 01309 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01310 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01311 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01312 t0,t1,il,ir); 01313 01314 CAMELLIA_ROUNDSM(io[0],io[1], 01315 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01316 io[2],io[3],il,ir,t0,t1); 01317 CAMELLIA_ROUNDSM(io[2],io[3], 01318 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01319 io[0],io[1],il,ir,t0,t1); 01320 CAMELLIA_ROUNDSM(io[0],io[1], 01321 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01322 io[2],io[3],il,ir,t0,t1); 01323 CAMELLIA_ROUNDSM(io[2],io[3], 01324 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01325 io[0],io[1],il,ir,t0,t1); 01326 CAMELLIA_ROUNDSM(io[0],io[1], 01327 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01328 io[2],io[3],il,ir,t0,t1); 01329 CAMELLIA_ROUNDSM(io[2],io[3], 01330 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01331 io[0],io[1],il,ir,t0,t1); 01332 01333 /* post whitening but kw4 */ 01334 io[2] ^= CamelliaSubkeyL(32); 01335 io[3] ^= CamelliaSubkeyR(32); 01336 01337 t0 = io[0]; 01338 t1 = io[1]; 01339 io[0] = io[2]; 01340 io[1] = io[3]; 01341 io[2] = t0; 01342 io[3] = t1; 01343 01344 return; 01345 } 01346 01347 static void camellia_decrypt256(const u32 *subkey, u32 *io) 01348 { 01349 u32 il,ir,t0,t1; /* temporary valiables */ 01350 01351 /* pre whitening but absorb kw2*/ 01352 io[0] ^= CamelliaSubkeyL(32); 01353 io[1] ^= CamelliaSubkeyR(32); 01354 01355 /* main iteration */ 01356 CAMELLIA_ROUNDSM(io[0],io[1], 01357 CamelliaSubkeyL(31),CamelliaSubkeyR(31), 01358 io[2],io[3],il,ir,t0,t1); 01359 CAMELLIA_ROUNDSM(io[2],io[3], 01360 CamelliaSubkeyL(30),CamelliaSubkeyR(30), 01361 io[0],io[1],il,ir,t0,t1); 01362 CAMELLIA_ROUNDSM(io[0],io[1], 01363 CamelliaSubkeyL(29),CamelliaSubkeyR(29), 01364 io[2],io[3],il,ir,t0,t1); 01365 CAMELLIA_ROUNDSM(io[2],io[3], 01366 CamelliaSubkeyL(28),CamelliaSubkeyR(28), 01367 io[0],io[1],il,ir,t0,t1); 01368 CAMELLIA_ROUNDSM(io[0],io[1], 01369 CamelliaSubkeyL(27),CamelliaSubkeyR(27), 01370 io[2],io[3],il,ir,t0,t1); 01371 CAMELLIA_ROUNDSM(io[2],io[3], 01372 CamelliaSubkeyL(26),CamelliaSubkeyR(26), 01373 io[0],io[1],il,ir,t0,t1); 01374 01375 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01376 CamelliaSubkeyL(25),CamelliaSubkeyR(25), 01377 CamelliaSubkeyL(24),CamelliaSubkeyR(24), 01378 t0,t1,il,ir); 01379 01380 CAMELLIA_ROUNDSM(io[0],io[1], 01381 CamelliaSubkeyL(23),CamelliaSubkeyR(23), 01382 io[2],io[3],il,ir,t0,t1); 01383 CAMELLIA_ROUNDSM(io[2],io[3], 01384 CamelliaSubkeyL(22),CamelliaSubkeyR(22), 01385 io[0],io[1],il,ir,t0,t1); 01386 CAMELLIA_ROUNDSM(io[0],io[1], 01387 CamelliaSubkeyL(21),CamelliaSubkeyR(21), 01388 io[2],io[3],il,ir,t0,t1); 01389 CAMELLIA_ROUNDSM(io[2],io[3], 01390 CamelliaSubkeyL(20),CamelliaSubkeyR(20), 01391 io[0],io[1],il,ir,t0,t1); 01392 CAMELLIA_ROUNDSM(io[0],io[1], 01393 CamelliaSubkeyL(19),CamelliaSubkeyR(19), 01394 io[2],io[3],il,ir,t0,t1); 01395 CAMELLIA_ROUNDSM(io[2],io[3], 01396 CamelliaSubkeyL(18),CamelliaSubkeyR(18), 01397 io[0],io[1],il,ir,t0,t1); 01398 01399 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01400 CamelliaSubkeyL(17),CamelliaSubkeyR(17), 01401 CamelliaSubkeyL(16),CamelliaSubkeyR(16), 01402 t0,t1,il,ir); 01403 01404 CAMELLIA_ROUNDSM(io[0],io[1], 01405 CamelliaSubkeyL(15),CamelliaSubkeyR(15), 01406 io[2],io[3],il,ir,t0,t1); 01407 CAMELLIA_ROUNDSM(io[2],io[3], 01408 CamelliaSubkeyL(14),CamelliaSubkeyR(14), 01409 io[0],io[1],il,ir,t0,t1); 01410 CAMELLIA_ROUNDSM(io[0],io[1], 01411 CamelliaSubkeyL(13),CamelliaSubkeyR(13), 01412 io[2],io[3],il,ir,t0,t1); 01413 CAMELLIA_ROUNDSM(io[2],io[3], 01414 CamelliaSubkeyL(12),CamelliaSubkeyR(12), 01415 io[0],io[1],il,ir,t0,t1); 01416 CAMELLIA_ROUNDSM(io[0],io[1], 01417 CamelliaSubkeyL(11),CamelliaSubkeyR(11), 01418 io[2],io[3],il,ir,t0,t1); 01419 CAMELLIA_ROUNDSM(io[2],io[3], 01420 CamelliaSubkeyL(10),CamelliaSubkeyR(10), 01421 io[0],io[1],il,ir,t0,t1); 01422 01423 CAMELLIA_FLS(io[0],io[1],io[2],io[3], 01424 CamelliaSubkeyL(9),CamelliaSubkeyR(9), 01425 CamelliaSubkeyL(8),CamelliaSubkeyR(8), 01426 t0,t1,il,ir); 01427 01428 CAMELLIA_ROUNDSM(io[0],io[1], 01429 CamelliaSubkeyL(7),CamelliaSubkeyR(7), 01430 io[2],io[3],il,ir,t0,t1); 01431 CAMELLIA_ROUNDSM(io[2],io[3], 01432 CamelliaSubkeyL(6),CamelliaSubkeyR(6), 01433 io[0],io[1],il,ir,t0,t1); 01434 CAMELLIA_ROUNDSM(io[0],io[1], 01435 CamelliaSubkeyL(5),CamelliaSubkeyR(5), 01436 io[2],io[3],il,ir,t0,t1); 01437 CAMELLIA_ROUNDSM(io[2],io[3], 01438 CamelliaSubkeyL(4),CamelliaSubkeyR(4), 01439 io[0],io[1],il,ir,t0,t1); 01440 CAMELLIA_ROUNDSM(io[0],io[1], 01441 CamelliaSubkeyL(3),CamelliaSubkeyR(3), 01442 io[2],io[3],il,ir,t0,t1); 01443 CAMELLIA_ROUNDSM(io[2],io[3], 01444 CamelliaSubkeyL(2),CamelliaSubkeyR(2), 01445 io[0],io[1],il,ir,t0,t1); 01446 01447 /* post whitening but kw4 */ 01448 io[2] ^= CamelliaSubkeyL(0); 01449 io[3] ^= CamelliaSubkeyR(0); 01450 01451 t0 = io[0]; 01452 t1 = io[1]; 01453 io[0] = io[2]; 01454 io[1] = io[3]; 01455 io[2] = t0; 01456 io[3] = t1; 01457 01458 return; 01459 } 01460 01461 /*** 01462 * 01463 * API for compatibility 01464 */ 01465 01466 static void Camellia_EncryptBlock(const int keyBitLength, 01467 const unsigned char *plaintext, 01468 const KEY_TABLE_TYPE keyTable, 01469 unsigned char *ciphertext) 01470 { 01471 u32 tmp[4]; 01472 01473 tmp[0] = GETU32(plaintext); 01474 tmp[1] = GETU32(plaintext + 4); 01475 tmp[2] = GETU32(plaintext + 8); 01476 tmp[3] = GETU32(plaintext + 12); 01477 01478 switch (keyBitLength) { 01479 case 128: 01480 camellia_encrypt128(keyTable, tmp); 01481 break; 01482 case 192: 01483 /* fall through */ 01484 case 256: 01485 camellia_encrypt256(keyTable, tmp); 01486 break; 01487 default: 01488 break; 01489 } 01490 01491 PUTU32(ciphertext, tmp[0]); 01492 PUTU32(ciphertext + 4, tmp[1]); 01493 PUTU32(ciphertext + 8, tmp[2]); 01494 PUTU32(ciphertext + 12, tmp[3]); 01495 } 01496 01497 static void Camellia_DecryptBlock(const int keyBitLength, 01498 const unsigned char *ciphertext, 01499 const KEY_TABLE_TYPE keyTable, 01500 unsigned char *plaintext) 01501 { 01502 u32 tmp[4]; 01503 01504 tmp[0] = GETU32(ciphertext); 01505 tmp[1] = GETU32(ciphertext + 4); 01506 tmp[2] = GETU32(ciphertext + 8); 01507 tmp[3] = GETU32(ciphertext + 12); 01508 01509 switch (keyBitLength) { 01510 case 128: 01511 camellia_decrypt128(keyTable, tmp); 01512 break; 01513 case 192: 01514 /* fall through */ 01515 case 256: 01516 camellia_decrypt256(keyTable, tmp); 01517 break; 01518 default: 01519 break; 01520 } 01521 PUTU32(plaintext, tmp[0]); 01522 PUTU32(plaintext + 4, tmp[1]); 01523 PUTU32(plaintext + 8, tmp[2]); 01524 PUTU32(plaintext + 12, tmp[3]); 01525 } 01526 01527 01528 01529 /* CTaoCrypt wrappers to the Camellia code */ 01530 01531 int CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv) 01532 { 01533 int ret = 0; 01534 01535 if (cam == NULL) return BAD_FUNC_ARG; 01536 01537 XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE)); 01538 01539 switch (len) { 01540 case 16: 01541 ret = camellia_setup128(key, cam->key); 01542 break; 01543 case 24: 01544 ret = camellia_setup192(key, cam->key); 01545 break; 01546 case 32: 01547 ret = camellia_setup256(key, cam->key); 01548 break; 01549 default: 01550 return BAD_FUNC_ARG; 01551 } 01552 01553 if (ret != 0) 01554 return ret; 01555 01556 cam->keySz = len * 8; 01557 01558 return CamelliaSetIV(cam, iv); 01559 } 01560 01561 01562 int CamelliaSetIV(Camellia* cam, const byte* iv) 01563 { 01564 if (cam == NULL) 01565 return BAD_FUNC_ARG; 01566 01567 if (iv) 01568 XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE); 01569 else 01570 XMEMSET(cam->reg, 0, CAMELLIA_BLOCK_SIZE); 01571 01572 return 0; 01573 } 01574 01575 01576 void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in) 01577 { 01578 Camellia_EncryptBlock(cam->keySz, in, cam->key, out); 01579 } 01580 01581 01582 void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in) 01583 { 01584 Camellia_DecryptBlock(cam->keySz, in, cam->key, out); 01585 } 01586 01587 01588 void CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01589 { 01590 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01591 01592 while (blocks--) { 01593 xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE); 01594 Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg, 01595 cam->key, (byte*)cam->reg); 01596 XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE); 01597 01598 out += CAMELLIA_BLOCK_SIZE; 01599 in += CAMELLIA_BLOCK_SIZE; 01600 } 01601 } 01602 01603 01604 void CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz) 01605 { 01606 word32 blocks = sz / CAMELLIA_BLOCK_SIZE; 01607 01608 while (blocks--) { 01609 XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE); 01610 Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out); 01611 xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE); 01612 XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE); 01613 01614 out += CAMELLIA_BLOCK_SIZE; 01615 in += CAMELLIA_BLOCK_SIZE; 01616 } 01617 } 01618 01619 01620 #endif /* HAVE_CAMELLIA */ 01621 01622
Generated on Tue Jul 12 2022 21:40:04 by
1.7.2