blob: aaae60e8bf2546394585c7fafca9071b829a60cd [file] [log] [blame]
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001/*
2 * Copyright (C) 2006
3 * NTT (Nippon Telegraph and Telephone Corporation).
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version 2
8 * of the License, or (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18 */
19
20/*
21 * Algorithm Specification
22 * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
23 */
24
25/*
26 *
27 * NOTE --- NOTE --- NOTE --- NOTE
28 * This implementation assumes that all memory addresses passed
29 * as parameters are four-byte aligned.
30 *
31 */
32
33#include <linux/crypto.h>
34#include <linux/errno.h>
35#include <linux/init.h>
36#include <linux/kernel.h>
37#include <linux/module.h>
38
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +110039static const u32 camellia_sp1110[256] = {
40 0x70707000,0x82828200,0x2c2c2c00,0xececec00,
41 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500,
42 0xe4e4e400,0x85858500,0x57575700,0x35353500,
43 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100,
44 0x23232300,0xefefef00,0x6b6b6b00,0x93939300,
45 0x45454500,0x19191900,0xa5a5a500,0x21212100,
46 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00,
47 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00,
48 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00,
49 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00,
50 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00,
51 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00,
52 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00,
53 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00,
54 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600,
55 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00,
56 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600,
57 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00,
58 0x74747400,0x12121200,0x2b2b2b00,0x20202000,
59 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900,
60 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200,
61 0x34343400,0x7e7e7e00,0x76767600,0x05050500,
62 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100,
63 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700,
64 0x14141400,0x58585800,0x3a3a3a00,0x61616100,
65 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00,
66 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600,
67 0x53535300,0x18181800,0xf2f2f200,0x22222200,
68 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200,
69 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100,
70 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800,
71 0x60606000,0xfcfcfc00,0x69696900,0x50505000,
72 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00,
73 0xa1a1a100,0x89898900,0x62626200,0x97979700,
74 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500,
75 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200,
76 0x10101000,0xc4c4c400,0x00000000,0x48484800,
77 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00,
78 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00,
79 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400,
80 0x87878700,0x5c5c5c00,0x83838300,0x02020200,
81 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300,
82 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300,
83 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200,
84 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600,
85 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00,
86 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00,
87 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00,
88 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00,
89 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00,
90 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600,
91 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900,
92 0x78787800,0x98989800,0x06060600,0x6a6a6a00,
93 0xe7e7e700,0x46464600,0x71717100,0xbababa00,
94 0xd4d4d400,0x25252500,0xababab00,0x42424200,
95 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00,
96 0x72727200,0x07070700,0xb9b9b900,0x55555500,
97 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00,
98 0x36363600,0x49494900,0x2a2a2a00,0x68686800,
99 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400,
100 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00,
101 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100,
102 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400,
103 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00,
104};
105
106static const u32 camellia_sp0222[256] = {
107 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9,
108 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb,
109 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a,
110 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282,
111 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727,
112 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242,
113 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c,
114 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b,
115 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f,
116 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d,
117 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe,
118 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434,
119 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595,
120 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a,
121 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad,
122 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a,
123 0x00171717,0x001a1a1a,0x00353535,0x00cccccc,
124 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a,
125 0x00e8e8e8,0x00242424,0x00565656,0x00404040,
126 0x00e1e1e1,0x00636363,0x00090909,0x00333333,
127 0x00bfbfbf,0x00989898,0x00979797,0x00858585,
128 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a,
129 0x00dadada,0x006f6f6f,0x00535353,0x00626262,
130 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf,
131 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2,
132 0x00bdbdbd,0x00363636,0x00222222,0x00383838,
133 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c,
134 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444,
135 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565,
136 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323,
137 0x00484848,0x00101010,0x00d1d1d1,0x00515151,
138 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0,
139 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa,
140 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f,
141 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b,
142 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5,
143 0x00202020,0x00898989,0x00000000,0x00909090,
144 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7,
145 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5,
146 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929,
147 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404,
148 0x009b9b9b,0x00949494,0x00212121,0x00666666,
149 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7,
150 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5,
151 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c,
152 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676,
153 0x00030303,0x002d2d2d,0x00dedede,0x00969696,
154 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c,
155 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919,
156 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d,
157 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d,
158 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2,
159 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4,
160 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575,
161 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484,
162 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5,
163 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa,
164 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414,
165 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0,
166 0x00787878,0x00707070,0x00e3e3e3,0x00494949,
167 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6,
168 0x00777777,0x00939393,0x00868686,0x00838383,
169 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9,
170 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d,
171};
172
173static const u32 camellia_sp3033[256] = {
174 0x38003838,0x41004141,0x16001616,0x76007676,
175 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2,
176 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a,
177 0x75007575,0x06000606,0x57005757,0xa000a0a0,
178 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9,
179 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090,
180 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727,
181 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede,
182 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7,
183 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767,
184 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf,
185 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d,
186 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565,
187 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e,
188 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b,
189 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6,
190 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333,
191 0xfd00fdfd,0x66006666,0x58005858,0x96009696,
192 0x3a003a3a,0x09000909,0x95009595,0x10001010,
193 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc,
194 0xef00efef,0x26002626,0xe500e5e5,0x61006161,
195 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282,
196 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898,
197 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb,
198 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0,
199 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e,
200 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b,
201 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111,
202 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959,
203 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8,
204 0x12001212,0x04000404,0x74007474,0x54005454,
205 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828,
206 0x55005555,0x68006868,0x50005050,0xbe00bebe,
207 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb,
208 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca,
209 0x70007070,0xff00ffff,0x32003232,0x69006969,
210 0x08000808,0x62006262,0x00000000,0x24002424,
211 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded,
212 0x45004545,0x81008181,0x73007373,0x6d006d6d,
213 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a,
214 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101,
215 0xe600e6e6,0x25002525,0x48004848,0x99009999,
216 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9,
217 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171,
218 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313,
219 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d,
220 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5,
221 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717,
222 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646,
223 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747,
224 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b,
225 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac,
226 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535,
227 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d,
228 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121,
229 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d,
230 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa,
231 0x7c007c7c,0x77007777,0x56005656,0x05000505,
232 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434,
233 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252,
234 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd,
235 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0,
236 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a,
237 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f,
238};
239
240static const u32 camellia_sp4404[256] = {
241 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0,
242 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae,
243 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5,
244 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092,
245 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f,
246 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b,
247 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d,
248 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c,
249 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0,
250 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084,
251 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076,
252 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004,
253 0x14140014,0x3a3a003a,0xdede00de,0x11110011,
254 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2,
255 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a,
256 0x24240024,0xe8e800e8,0x60600060,0x69690069,
257 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062,
258 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064,
259 0x10100010,0x00000000,0xa3a300a3,0x75750075,
260 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd,
261 0x87870087,0x83830083,0xcdcd00cd,0x90900090,
262 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf,
263 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6,
264 0x81810081,0x6f6f006f,0x13130013,0x63630063,
265 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc,
266 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4,
267 0x78780078,0x06060006,0xe7e700e7,0x71710071,
268 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d,
269 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac,
270 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1,
271 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043,
272 0x15150015,0xadad00ad,0x77770077,0x80800080,
273 0x82820082,0xecec00ec,0x27270027,0xe5e500e5,
274 0x85850085,0x35350035,0x0c0c000c,0x41410041,
275 0xefef00ef,0x93930093,0x19190019,0x21210021,
276 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd,
277 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce,
278 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a,
279 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d,
280 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d,
281 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d,
282 0x12120012,0x20200020,0xb1b100b1,0x99990099,
283 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005,
284 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7,
285 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c,
286 0x0f0f000f,0x16160016,0x18180018,0x22220022,
287 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091,
288 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050,
289 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097,
290 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2,
291 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db,
292 0x03030003,0xdada00da,0x3f3f003f,0x94940094,
293 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033,
294 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2,
295 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b,
296 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e,
297 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e,
298 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059,
299 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba,
300 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa,
301 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a,
302 0x49490049,0x68680068,0x38380038,0xa4a400a4,
303 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1,
304 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e,
305};
306
307
Denys Vlasenko1721a812007-11-06 22:01:20 +0800308#define CAMELLIA_MIN_KEY_SIZE 16
309#define CAMELLIA_MAX_KEY_SIZE 32
310#define CAMELLIA_BLOCK_SIZE 16
311#define CAMELLIA_TABLE_BYTE_LEN 272
312
313
314/* key constants */
315
316#define CAMELLIA_SIGMA1L (0xA09E667FL)
317#define CAMELLIA_SIGMA1R (0x3BCC908BL)
318#define CAMELLIA_SIGMA2L (0xB67AE858L)
319#define CAMELLIA_SIGMA2R (0x4CAA73B2L)
320#define CAMELLIA_SIGMA3L (0xC6EF372FL)
321#define CAMELLIA_SIGMA3R (0xE94F82BEL)
322#define CAMELLIA_SIGMA4L (0x54FF53A5L)
323#define CAMELLIA_SIGMA4R (0xF1D36F1CL)
324#define CAMELLIA_SIGMA5L (0x10E527FAL)
325#define CAMELLIA_SIGMA5R (0xDE682D1DL)
326#define CAMELLIA_SIGMA6L (0xB05688C2L)
327#define CAMELLIA_SIGMA6R (0xB3E6C1FDL)
328
329/*
330 * macros
331 */
332
333# define GETU32(pt) (((u32)(pt)[0] << 24) \
334 ^ ((u32)(pt)[1] << 16) \
335 ^ ((u32)(pt)[2] << 8) \
336 ^ ((u32)(pt)[3]))
337
338/* rotation right shift 1byte */
339#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
340/* rotation left shift 1bit */
341#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
342/* rotation left shift 1byte */
343#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24))
344
345#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \
346 do { \
347 w0 = ll; \
348 ll = (ll << bits) + (lr >> (32 - bits)); \
349 lr = (lr << bits) + (rl >> (32 - bits)); \
350 rl = (rl << bits) + (rr >> (32 - bits)); \
351 rr = (rr << bits) + (w0 >> (32 - bits)); \
352 } while(0)
353
354#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \
355 do { \
356 w0 = ll; \
357 w1 = lr; \
358 ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \
359 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \
360 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \
361 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \
362 } while(0)
363
364
365#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
366 do { \
367 il = xl ^ kl; \
368 ir = xr ^ kr; \
369 t0 = il >> 16; \
370 t1 = ir >> 16; \
371 yl = camellia_sp1110[ir & 0xff] \
372 ^ camellia_sp0222[(t1 >> 8) & 0xff] \
373 ^ camellia_sp3033[t1 & 0xff] \
374 ^ camellia_sp4404[(ir >> 8) & 0xff]; \
375 yr = camellia_sp1110[(t0 >> 8) & 0xff] \
376 ^ camellia_sp0222[t0 & 0xff] \
377 ^ camellia_sp3033[(il >> 8) & 0xff] \
378 ^ camellia_sp4404[il & 0xff]; \
379 yl ^= yr; \
380 yr = CAMELLIA_RR8(yr); \
381 yr ^= yl; \
382 } while(0)
383
384
385/*
386 * for speed up
387 *
388 */
389#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
390 do { \
391 t0 = kll; \
392 t2 = krr; \
393 t0 &= ll; \
394 t2 |= rr; \
395 rl ^= t2; \
396 lr ^= CAMELLIA_RL1(t0); \
397 t3 = krl; \
398 t1 = klr; \
399 t3 &= rl; \
400 t1 |= lr; \
401 ll ^= t1; \
402 rr ^= CAMELLIA_RL1(t3); \
403 } while(0)
404
405#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
406 do { \
407 ir = camellia_sp1110[xr & 0xff]; \
408 il = camellia_sp1110[(xl>>24) & 0xff]; \
409 ir ^= camellia_sp0222[(xr>>24) & 0xff]; \
410 il ^= camellia_sp0222[(xl>>16) & 0xff]; \
411 ir ^= camellia_sp3033[(xr>>16) & 0xff]; \
412 il ^= camellia_sp3033[(xl>>8) & 0xff]; \
413 ir ^= camellia_sp4404[(xr>>8) & 0xff]; \
414 il ^= camellia_sp4404[xl & 0xff]; \
415 il ^= kl; \
416 ir ^= il ^ kr; \
417 yl ^= ir; \
418 yr ^= CAMELLIA_RR8(il) ^ ir; \
419 } while(0)
420
421
422#define CAMELLIA_SUBKEY_L(INDEX) (subkey[(INDEX)*2])
423#define CAMELLIA_SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1])
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100424
425static void camellia_setup128(const unsigned char *key, u32 *subkey)
426{
427 u32 kll, klr, krl, krr;
428 u32 il, ir, t0, t1, w0, w1;
429 u32 kw4l, kw4r, dw, tl, tr;
430 u32 subL[26];
431 u32 subR[26];
432
433 /**
434 * k == kll || klr || krl || krr (|| is concatination)
435 */
436 kll = GETU32(key );
437 klr = GETU32(key + 4);
438 krl = GETU32(key + 8);
439 krr = GETU32(key + 12);
440 /**
441 * generate KL dependent subkeys
442 */
443 /* kw1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800444 subL[0] = kll; subR[0] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100445 /* kw2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800446 subL[1] = krl; subR[1] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100447 /* rotation left shift 15bit */
448 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
449 /* k3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800450 subL[4] = kll; subR[4] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100451 /* k4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800452 subL[5] = krl; subR[5] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100453 /* rotation left shift 15+30bit */
454 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
455 /* k7 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800456 subL[10] = kll; subR[10] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100457 /* k8 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800458 subL[11] = krl; subR[11] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100459 /* rotation left shift 15+30+15bit */
460 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
461 /* k10 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800462 subL[13] = krl; subR[13] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100463 /* rotation left shift 15+30+15+17 bit */
464 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
465 /* kl3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800466 subL[16] = kll; subR[16] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100467 /* kl4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800468 subL[17] = krl; subR[17] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100469 /* rotation left shift 15+30+15+17+17 bit */
470 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
471 /* k13 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800472 subL[18] = kll; subR[18] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100473 /* k14 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800474 subL[19] = krl; subR[19] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100475 /* rotation left shift 15+30+15+17+17+17 bit */
476 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
477 /* k17 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800478 subL[22] = kll; subR[22] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100479 /* k18 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800480 subL[23] = krl; subR[23] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100481
482 /* generate KA */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800483 kll = subL[0]; klr = subR[0];
484 krl = subL[1]; krr = subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100485 CAMELLIA_F(kll, klr,
486 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
487 w0, w1, il, ir, t0, t1);
488 krl ^= w0; krr ^= w1;
489 CAMELLIA_F(krl, krr,
490 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
491 kll, klr, il, ir, t0, t1);
492 /* current status == (kll, klr, w0, w1) */
493 CAMELLIA_F(kll, klr,
494 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
495 krl, krr, il, ir, t0, t1);
496 krl ^= w0; krr ^= w1;
497 CAMELLIA_F(krl, krr,
498 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
499 w0, w1, il, ir, t0, t1);
500 kll ^= w0; klr ^= w1;
501
502 /* generate KA dependent subkeys */
503 /* k1, k2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800504 subL[2] = kll; subR[2] = klr;
505 subL[3] = krl; subR[3] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100506 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
507 /* k5,k6 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800508 subL[6] = kll; subR[6] = klr;
509 subL[7] = krl; subR[7] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100510 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
511 /* kl1, kl2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800512 subL[8] = kll; subR[8] = klr;
513 subL[9] = krl; subR[9] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100514 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
515 /* k9 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800516 subL[12] = kll; subR[12] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100517 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
518 /* k11, k12 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800519 subL[14] = kll; subR[14] = klr;
520 subL[15] = krl; subR[15] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100521 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
522 /* k15, k16 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800523 subL[20] = kll; subR[20] = klr;
524 subL[21] = krl; subR[21] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100525 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
526 /* kw3, kw4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800527 subL[24] = kll; subR[24] = klr;
528 subL[25] = krl; subR[25] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100529
530 /* absorb kw2 to other subkeys */
531 /* round 2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800532 subL[3] ^= subL[1]; subR[3] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100533 /* round 4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800534 subL[5] ^= subL[1]; subR[5] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100535 /* round 6 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800536 subL[7] ^= subL[1]; subR[7] ^= subR[1];
537 subL[1] ^= subR[1] & ~subR[9];
538 dw = subL[1] & subL[9],
539 subR[1] ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl2) */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100540 /* round 8 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800541 subL[11] ^= subL[1]; subR[11] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100542 /* round 10 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800543 subL[13] ^= subL[1]; subR[13] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100544 /* round 12 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800545 subL[15] ^= subL[1]; subR[15] ^= subR[1];
546 subL[1] ^= subR[1] & ~subR[17];
547 dw = subL[1] & subL[17],
548 subR[1] ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl4) */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100549 /* round 14 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800550 subL[19] ^= subL[1]; subR[19] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100551 /* round 16 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800552 subL[21] ^= subL[1]; subR[21] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100553 /* round 18 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800554 subL[23] ^= subL[1]; subR[23] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100555 /* kw3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800556 subL[24] ^= subL[1]; subR[24] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100557
558 /* absorb kw4 to other subkeys */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800559 kw4l = subL[25]; kw4r = subR[25];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100560 /* round 17 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800561 subL[22] ^= kw4l; subR[22] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100562 /* round 15 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800563 subL[20] ^= kw4l; subR[20] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100564 /* round 13 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800565 subL[18] ^= kw4l; subR[18] ^= kw4r;
566 kw4l ^= kw4r & ~subR[16];
567 dw = kw4l & subL[16],
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100568 kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */
569 /* round 11 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800570 subL[14] ^= kw4l; subR[14] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100571 /* round 9 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800572 subL[12] ^= kw4l; subR[12] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100573 /* round 7 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800574 subL[10] ^= kw4l; subR[10] ^= kw4r;
575 kw4l ^= kw4r & ~subR[8];
576 dw = kw4l & subL[8],
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100577 kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */
578 /* round 5 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800579 subL[6] ^= kw4l; subR[6] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100580 /* round 3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800581 subL[4] ^= kw4l; subR[4] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100582 /* round 1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800583 subL[2] ^= kw4l; subR[2] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100584 /* kw1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800585 subL[0] ^= kw4l; subR[0] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100586
587 /* key XOR is end of F-function */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800588 CAMELLIA_SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */
589 CAMELLIA_SUBKEY_R(0) = subR[0] ^ subR[2];
590 CAMELLIA_SUBKEY_L(2) = subL[3]; /* round 1 */
591 CAMELLIA_SUBKEY_R(2) = subR[3];
592 CAMELLIA_SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */
593 CAMELLIA_SUBKEY_R(3) = subR[2] ^ subR[4];
594 CAMELLIA_SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */
595 CAMELLIA_SUBKEY_R(4) = subR[3] ^ subR[5];
596 CAMELLIA_SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */
597 CAMELLIA_SUBKEY_R(5) = subR[4] ^ subR[6];
598 CAMELLIA_SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */
599 CAMELLIA_SUBKEY_R(6) = subR[5] ^ subR[7];
600 tl = subL[10] ^ (subR[10] & ~subR[8]);
601 dw = tl & subL[8], /* FL(kl1) */
602 tr = subR[10] ^ CAMELLIA_RL1(dw);
603 CAMELLIA_SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */
604 CAMELLIA_SUBKEY_R(7) = subR[6] ^ tr;
605 CAMELLIA_SUBKEY_L(8) = subL[8]; /* FL(kl1) */
606 CAMELLIA_SUBKEY_R(8) = subR[8];
607 CAMELLIA_SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */
608 CAMELLIA_SUBKEY_R(9) = subR[9];
609 tl = subL[7] ^ (subR[7] & ~subR[9]);
610 dw = tl & subL[9], /* FLinv(kl2) */
611 tr = subR[7] ^ CAMELLIA_RL1(dw);
612 CAMELLIA_SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */
613 CAMELLIA_SUBKEY_R(10) = tr ^ subR[11];
614 CAMELLIA_SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */
615 CAMELLIA_SUBKEY_R(11) = subR[10] ^ subR[12];
616 CAMELLIA_SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */
617 CAMELLIA_SUBKEY_R(12) = subR[11] ^ subR[13];
618 CAMELLIA_SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */
619 CAMELLIA_SUBKEY_R(13) = subR[12] ^ subR[14];
620 CAMELLIA_SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */
621 CAMELLIA_SUBKEY_R(14) = subR[13] ^ subR[15];
622 tl = subL[18] ^ (subR[18] & ~subR[16]);
623 dw = tl & subL[16], /* FL(kl3) */
624 tr = subR[18] ^ CAMELLIA_RL1(dw);
625 CAMELLIA_SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */
626 CAMELLIA_SUBKEY_R(15) = subR[14] ^ tr;
627 CAMELLIA_SUBKEY_L(16) = subL[16]; /* FL(kl3) */
628 CAMELLIA_SUBKEY_R(16) = subR[16];
629 CAMELLIA_SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */
630 CAMELLIA_SUBKEY_R(17) = subR[17];
631 tl = subL[15] ^ (subR[15] & ~subR[17]);
632 dw = tl & subL[17], /* FLinv(kl4) */
633 tr = subR[15] ^ CAMELLIA_RL1(dw);
634 CAMELLIA_SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */
635 CAMELLIA_SUBKEY_R(18) = tr ^ subR[19];
636 CAMELLIA_SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */
637 CAMELLIA_SUBKEY_R(19) = subR[18] ^ subR[20];
638 CAMELLIA_SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */
639 CAMELLIA_SUBKEY_R(20) = subR[19] ^ subR[21];
640 CAMELLIA_SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */
641 CAMELLIA_SUBKEY_R(21) = subR[20] ^ subR[22];
642 CAMELLIA_SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */
643 CAMELLIA_SUBKEY_R(22) = subR[21] ^ subR[23];
644 CAMELLIA_SUBKEY_L(23) = subL[22]; /* round 18 */
645 CAMELLIA_SUBKEY_R(23) = subR[22];
646 CAMELLIA_SUBKEY_L(24) = subL[24] ^ subL[23]; /* kw3 */
647 CAMELLIA_SUBKEY_R(24) = subR[24] ^ subR[23];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100648
649 /* apply the inverse of the last half of P-function */
650 dw = CAMELLIA_SUBKEY_L(2) ^ CAMELLIA_SUBKEY_R(2),
651 dw = CAMELLIA_RL8(dw);/* round 1 */
652 CAMELLIA_SUBKEY_R(2) = CAMELLIA_SUBKEY_L(2) ^ dw,
653 CAMELLIA_SUBKEY_L(2) = dw;
654 dw = CAMELLIA_SUBKEY_L(3) ^ CAMELLIA_SUBKEY_R(3),
655 dw = CAMELLIA_RL8(dw);/* round 2 */
656 CAMELLIA_SUBKEY_R(3) = CAMELLIA_SUBKEY_L(3) ^ dw,
657 CAMELLIA_SUBKEY_L(3) = dw;
658 dw = CAMELLIA_SUBKEY_L(4) ^ CAMELLIA_SUBKEY_R(4),
659 dw = CAMELLIA_RL8(dw);/* round 3 */
660 CAMELLIA_SUBKEY_R(4) = CAMELLIA_SUBKEY_L(4) ^ dw,
661 CAMELLIA_SUBKEY_L(4) = dw;
662 dw = CAMELLIA_SUBKEY_L(5) ^ CAMELLIA_SUBKEY_R(5),
663 dw = CAMELLIA_RL8(dw);/* round 4 */
664 CAMELLIA_SUBKEY_R(5) = CAMELLIA_SUBKEY_L(5) ^ dw,
665 CAMELLIA_SUBKEY_L(5) = dw;
666 dw = CAMELLIA_SUBKEY_L(6) ^ CAMELLIA_SUBKEY_R(6),
667 dw = CAMELLIA_RL8(dw);/* round 5 */
668 CAMELLIA_SUBKEY_R(6) = CAMELLIA_SUBKEY_L(6) ^ dw,
669 CAMELLIA_SUBKEY_L(6) = dw;
670 dw = CAMELLIA_SUBKEY_L(7) ^ CAMELLIA_SUBKEY_R(7),
671 dw = CAMELLIA_RL8(dw);/* round 6 */
672 CAMELLIA_SUBKEY_R(7) = CAMELLIA_SUBKEY_L(7) ^ dw,
673 CAMELLIA_SUBKEY_L(7) = dw;
674 dw = CAMELLIA_SUBKEY_L(10) ^ CAMELLIA_SUBKEY_R(10),
675 dw = CAMELLIA_RL8(dw);/* round 7 */
676 CAMELLIA_SUBKEY_R(10) = CAMELLIA_SUBKEY_L(10) ^ dw,
677 CAMELLIA_SUBKEY_L(10) = dw;
678 dw = CAMELLIA_SUBKEY_L(11) ^ CAMELLIA_SUBKEY_R(11),
679 dw = CAMELLIA_RL8(dw);/* round 8 */
680 CAMELLIA_SUBKEY_R(11) = CAMELLIA_SUBKEY_L(11) ^ dw,
681 CAMELLIA_SUBKEY_L(11) = dw;
682 dw = CAMELLIA_SUBKEY_L(12) ^ CAMELLIA_SUBKEY_R(12),
683 dw = CAMELLIA_RL8(dw);/* round 9 */
684 CAMELLIA_SUBKEY_R(12) = CAMELLIA_SUBKEY_L(12) ^ dw,
685 CAMELLIA_SUBKEY_L(12) = dw;
686 dw = CAMELLIA_SUBKEY_L(13) ^ CAMELLIA_SUBKEY_R(13),
687 dw = CAMELLIA_RL8(dw);/* round 10 */
688 CAMELLIA_SUBKEY_R(13) = CAMELLIA_SUBKEY_L(13) ^ dw,
689 CAMELLIA_SUBKEY_L(13) = dw;
690 dw = CAMELLIA_SUBKEY_L(14) ^ CAMELLIA_SUBKEY_R(14),
691 dw = CAMELLIA_RL8(dw);/* round 11 */
692 CAMELLIA_SUBKEY_R(14) = CAMELLIA_SUBKEY_L(14) ^ dw,
693 CAMELLIA_SUBKEY_L(14) = dw;
694 dw = CAMELLIA_SUBKEY_L(15) ^ CAMELLIA_SUBKEY_R(15),
695 dw = CAMELLIA_RL8(dw);/* round 12 */
696 CAMELLIA_SUBKEY_R(15) = CAMELLIA_SUBKEY_L(15) ^ dw,
697 CAMELLIA_SUBKEY_L(15) = dw;
698 dw = CAMELLIA_SUBKEY_L(18) ^ CAMELLIA_SUBKEY_R(18),
699 dw = CAMELLIA_RL8(dw);/* round 13 */
700 CAMELLIA_SUBKEY_R(18) = CAMELLIA_SUBKEY_L(18) ^ dw,
701 CAMELLIA_SUBKEY_L(18) = dw;
702 dw = CAMELLIA_SUBKEY_L(19) ^ CAMELLIA_SUBKEY_R(19),
703 dw = CAMELLIA_RL8(dw);/* round 14 */
704 CAMELLIA_SUBKEY_R(19) = CAMELLIA_SUBKEY_L(19) ^ dw,
705 CAMELLIA_SUBKEY_L(19) = dw;
706 dw = CAMELLIA_SUBKEY_L(20) ^ CAMELLIA_SUBKEY_R(20),
707 dw = CAMELLIA_RL8(dw);/* round 15 */
708 CAMELLIA_SUBKEY_R(20) = CAMELLIA_SUBKEY_L(20) ^ dw,
709 CAMELLIA_SUBKEY_L(20) = dw;
710 dw = CAMELLIA_SUBKEY_L(21) ^ CAMELLIA_SUBKEY_R(21),
711 dw = CAMELLIA_RL8(dw);/* round 16 */
712 CAMELLIA_SUBKEY_R(21) = CAMELLIA_SUBKEY_L(21) ^ dw,
713 CAMELLIA_SUBKEY_L(21) = dw;
714 dw = CAMELLIA_SUBKEY_L(22) ^ CAMELLIA_SUBKEY_R(22),
715 dw = CAMELLIA_RL8(dw);/* round 17 */
716 CAMELLIA_SUBKEY_R(22) = CAMELLIA_SUBKEY_L(22) ^ dw,
717 CAMELLIA_SUBKEY_L(22) = dw;
718 dw = CAMELLIA_SUBKEY_L(23) ^ CAMELLIA_SUBKEY_R(23),
719 dw = CAMELLIA_RL8(dw);/* round 18 */
720 CAMELLIA_SUBKEY_R(23) = CAMELLIA_SUBKEY_L(23) ^ dw,
721 CAMELLIA_SUBKEY_L(23) = dw;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100722}
723
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100724static void camellia_setup256(const unsigned char *key, u32 *subkey)
725{
726 u32 kll,klr,krl,krr; /* left half of key */
727 u32 krll,krlr,krrl,krrr; /* right half of key */
728 u32 il, ir, t0, t1, w0, w1; /* temporary variables */
729 u32 kw4l, kw4r, dw, tl, tr;
730 u32 subL[34];
731 u32 subR[34];
732
733 /**
734 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
735 * (|| is concatination)
736 */
737
738 kll = GETU32(key );
739 klr = GETU32(key + 4);
740 krl = GETU32(key + 8);
741 krr = GETU32(key + 12);
742 krll = GETU32(key + 16);
743 krlr = GETU32(key + 20);
744 krrl = GETU32(key + 24);
745 krrr = GETU32(key + 28);
746
747 /* generate KL dependent subkeys */
748 /* kw1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800749 subL[0] = kll; subR[0] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100750 /* kw2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800751 subL[1] = krl; subR[1] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100752 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45);
753 /* k9 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800754 subL[12] = kll; subR[12] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100755 /* k10 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800756 subL[13] = krl; subR[13] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100757 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
758 /* kl3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800759 subL[16] = kll; subR[16] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100760 /* kl4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800761 subL[17] = krl; subR[17] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100762 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
763 /* k17 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800764 subL[22] = kll; subR[22] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100765 /* k18 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800766 subL[23] = krl; subR[23] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100767 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
768 /* k23 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800769 subL[30] = kll; subR[30] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100770 /* k24 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800771 subL[31] = krl; subR[31] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100772
773 /* generate KR dependent subkeys */
774 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
775 /* k3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800776 subL[4] = krll; subR[4] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100777 /* k4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800778 subL[5] = krrl; subR[5] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100779 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
780 /* kl1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800781 subL[8] = krll; subR[8] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100782 /* kl2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800783 subL[9] = krrl; subR[9] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100784 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
785 /* k13 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800786 subL[18] = krll; subR[18] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100787 /* k14 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800788 subL[19] = krrl; subR[19] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100789 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
790 /* k19 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800791 subL[26] = krll; subR[26] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100792 /* k20 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800793 subL[27] = krrl; subR[27] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100794 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
795
796 /* generate KA */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800797 kll = subL[0] ^ krll; klr = subR[0] ^ krlr;
798 krl = subL[1] ^ krrl; krr = subR[1] ^ krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100799 CAMELLIA_F(kll, klr,
800 CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
801 w0, w1, il, ir, t0, t1);
802 krl ^= w0; krr ^= w1;
803 CAMELLIA_F(krl, krr,
804 CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
805 kll, klr, il, ir, t0, t1);
806 kll ^= krll; klr ^= krlr;
807 CAMELLIA_F(kll, klr,
808 CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
809 krl, krr, il, ir, t0, t1);
810 krl ^= w0 ^ krrl; krr ^= w1 ^ krrr;
811 CAMELLIA_F(krl, krr,
812 CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
813 w0, w1, il, ir, t0, t1);
814 kll ^= w0; klr ^= w1;
815
816 /* generate KB */
817 krll ^= kll; krlr ^= klr;
818 krrl ^= krl; krrr ^= krr;
819 CAMELLIA_F(krll, krlr,
820 CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R,
821 w0, w1, il, ir, t0, t1);
822 krrl ^= w0; krrr ^= w1;
823 CAMELLIA_F(krrl, krrr,
824 CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R,
825 w0, w1, il, ir, t0, t1);
826 krll ^= w0; krlr ^= w1;
827
828 /* generate KA dependent subkeys */
829 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
830 /* k5 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800831 subL[6] = kll; subR[6] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100832 /* k6 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800833 subL[7] = krl; subR[7] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100834 CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
835 /* k11 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800836 subL[14] = kll; subR[14] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100837 /* k12 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800838 subL[15] = krl; subR[15] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100839 /* rotation left shift 32bit */
840 /* kl5 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800841 subL[24] = klr; subR[24] = krl;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100842 /* kl6 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800843 subL[25] = krr; subR[25] = kll;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100844 /* rotation left shift 49 from k11,k12 -> k21,k22 */
845 CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49);
846 /* k21 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800847 subL[28] = kll; subR[28] = klr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100848 /* k22 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800849 subL[29] = krl; subR[29] = krr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100850
851 /* generate KB dependent subkeys */
852 /* k1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800853 subL[2] = krll; subR[2] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100854 /* k2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800855 subL[3] = krrl; subR[3] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100856 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
857 /* k7 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800858 subL[10] = krll; subR[10] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100859 /* k8 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800860 subL[11] = krrl; subR[11] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100861 CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
862 /* k15 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800863 subL[20] = krll; subR[20] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100864 /* k16 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800865 subL[21] = krrl; subR[21] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100866 CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51);
867 /* kw3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800868 subL[32] = krll; subR[32] = krlr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100869 /* kw4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800870 subL[33] = krrl; subR[33] = krrr;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100871
872 /* absorb kw2 to other subkeys */
873 /* round 2 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800874 subL[3] ^= subL[1]; subR[3] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100875 /* round 4 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800876 subL[5] ^= subL[1]; subR[5] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100877 /* round 6 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800878 subL[7] ^= subL[1]; subR[7] ^= subR[1];
879 subL[1] ^= subR[1] & ~subR[9];
880 dw = subL[1] & subL[9],
881 subR[1] ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl2) */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100882 /* round 8 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800883 subL[11] ^= subL[1]; subR[11] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100884 /* round 10 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800885 subL[13] ^= subL[1]; subR[13] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100886 /* round 12 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800887 subL[15] ^= subL[1]; subR[15] ^= subR[1];
888 subL[1] ^= subR[1] & ~subR[17];
889 dw = subL[1] & subL[17],
890 subR[1] ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl4) */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100891 /* round 14 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800892 subL[19] ^= subL[1]; subR[19] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100893 /* round 16 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800894 subL[21] ^= subL[1]; subR[21] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100895 /* round 18 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800896 subL[23] ^= subL[1]; subR[23] ^= subR[1];
897 subL[1] ^= subR[1] & ~subR[25];
898 dw = subL[1] & subL[25],
899 subR[1] ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl6) */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100900 /* round 20 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800901 subL[27] ^= subL[1]; subR[27] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100902 /* round 22 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800903 subL[29] ^= subL[1]; subR[29] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100904 /* round 24 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800905 subL[31] ^= subL[1]; subR[31] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100906 /* kw3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800907 subL[32] ^= subL[1]; subR[32] ^= subR[1];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100908
909 /* absorb kw4 to other subkeys */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800910 kw4l = subL[33]; kw4r = subR[33];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100911 /* round 23 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800912 subL[30] ^= kw4l; subR[30] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100913 /* round 21 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800914 subL[28] ^= kw4l; subR[28] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100915 /* round 19 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800916 subL[26] ^= kw4l; subR[26] ^= kw4r;
917 kw4l ^= kw4r & ~subR[24];
918 dw = kw4l & subL[24],
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100919 kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl5) */
920 /* round 17 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800921 subL[22] ^= kw4l; subR[22] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100922 /* round 15 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800923 subL[20] ^= kw4l; subR[20] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100924 /* round 13 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800925 subL[18] ^= kw4l; subR[18] ^= kw4r;
926 kw4l ^= kw4r & ~subR[16];
927 dw = kw4l & subL[16],
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100928 kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */
929 /* round 11 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800930 subL[14] ^= kw4l; subR[14] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100931 /* round 9 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800932 subL[12] ^= kw4l; subR[12] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100933 /* round 7 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800934 subL[10] ^= kw4l; subR[10] ^= kw4r;
935 kw4l ^= kw4r & ~subR[8];
936 dw = kw4l & subL[8],
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100937 kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */
938 /* round 5 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800939 subL[6] ^= kw4l; subR[6] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100940 /* round 3 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800941 subL[4] ^= kw4l; subR[4] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100942 /* round 1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800943 subL[2] ^= kw4l; subR[2] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100944 /* kw1 */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800945 subL[0] ^= kw4l; subR[0] ^= kw4r;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +1100946
947 /* key XOR is end of F-function */
Denys Vlasenko1721a812007-11-06 22:01:20 +0800948 CAMELLIA_SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */
949 CAMELLIA_SUBKEY_R(0) = subR[0] ^ subR[2];
950 CAMELLIA_SUBKEY_L(2) = subL[3]; /* round 1 */
951 CAMELLIA_SUBKEY_R(2) = subR[3];
952 CAMELLIA_SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */
953 CAMELLIA_SUBKEY_R(3) = subR[2] ^ subR[4];
954 CAMELLIA_SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */
955 CAMELLIA_SUBKEY_R(4) = subR[3] ^ subR[5];
956 CAMELLIA_SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */
957 CAMELLIA_SUBKEY_R(5) = subR[4] ^ subR[6];
958 CAMELLIA_SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */
959 CAMELLIA_SUBKEY_R(6) = subR[5] ^ subR[7];
960 tl = subL[10] ^ (subR[10] & ~subR[8]);
961 dw = tl & subL[8], /* FL(kl1) */
962 tr = subR[10] ^ CAMELLIA_RL1(dw);
963 CAMELLIA_SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */
964 CAMELLIA_SUBKEY_R(7) = subR[6] ^ tr;
965 CAMELLIA_SUBKEY_L(8) = subL[8]; /* FL(kl1) */
966 CAMELLIA_SUBKEY_R(8) = subR[8];
967 CAMELLIA_SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */
968 CAMELLIA_SUBKEY_R(9) = subR[9];
969 tl = subL[7] ^ (subR[7] & ~subR[9]);
970 dw = tl & subL[9], /* FLinv(kl2) */
971 tr = subR[7] ^ CAMELLIA_RL1(dw);
972 CAMELLIA_SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */
973 CAMELLIA_SUBKEY_R(10) = tr ^ subR[11];
974 CAMELLIA_SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */
975 CAMELLIA_SUBKEY_R(11) = subR[10] ^ subR[12];
976 CAMELLIA_SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */
977 CAMELLIA_SUBKEY_R(12) = subR[11] ^ subR[13];
978 CAMELLIA_SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */
979 CAMELLIA_SUBKEY_R(13) = subR[12] ^ subR[14];
980 CAMELLIA_SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */
981 CAMELLIA_SUBKEY_R(14) = subR[13] ^ subR[15];
982 tl = subL[18] ^ (subR[18] & ~subR[16]);
983 dw = tl & subL[16], /* FL(kl3) */
984 tr = subR[18] ^ CAMELLIA_RL1(dw);
985 CAMELLIA_SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */
986 CAMELLIA_SUBKEY_R(15) = subR[14] ^ tr;
987 CAMELLIA_SUBKEY_L(16) = subL[16]; /* FL(kl3) */
988 CAMELLIA_SUBKEY_R(16) = subR[16];
989 CAMELLIA_SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */
990 CAMELLIA_SUBKEY_R(17) = subR[17];
991 tl = subL[15] ^ (subR[15] & ~subR[17]);
992 dw = tl & subL[17], /* FLinv(kl4) */
993 tr = subR[15] ^ CAMELLIA_RL1(dw);
994 CAMELLIA_SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */
995 CAMELLIA_SUBKEY_R(18) = tr ^ subR[19];
996 CAMELLIA_SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */
997 CAMELLIA_SUBKEY_R(19) = subR[18] ^ subR[20];
998 CAMELLIA_SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */
999 CAMELLIA_SUBKEY_R(20) = subR[19] ^ subR[21];
1000 CAMELLIA_SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */
1001 CAMELLIA_SUBKEY_R(21) = subR[20] ^ subR[22];
1002 CAMELLIA_SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */
1003 CAMELLIA_SUBKEY_R(22) = subR[21] ^ subR[23];
1004 tl = subL[26] ^ (subR[26]
1005 & ~subR[24]);
1006 dw = tl & subL[24], /* FL(kl5) */
1007 tr = subR[26] ^ CAMELLIA_RL1(dw);
1008 CAMELLIA_SUBKEY_L(23) = subL[22] ^ tl; /* round 18 */
1009 CAMELLIA_SUBKEY_R(23) = subR[22] ^ tr;
1010 CAMELLIA_SUBKEY_L(24) = subL[24]; /* FL(kl5) */
1011 CAMELLIA_SUBKEY_R(24) = subR[24];
1012 CAMELLIA_SUBKEY_L(25) = subL[25]; /* FLinv(kl6) */
1013 CAMELLIA_SUBKEY_R(25) = subR[25];
1014 tl = subL[23] ^ (subR[23] &
1015 ~subR[25]);
1016 dw = tl & subL[25], /* FLinv(kl6) */
1017 tr = subR[23] ^ CAMELLIA_RL1(dw);
1018 CAMELLIA_SUBKEY_L(26) = tl ^ subL[27]; /* round 19 */
1019 CAMELLIA_SUBKEY_R(26) = tr ^ subR[27];
1020 CAMELLIA_SUBKEY_L(27) = subL[26] ^ subL[28]; /* round 20 */
1021 CAMELLIA_SUBKEY_R(27) = subR[26] ^ subR[28];
1022 CAMELLIA_SUBKEY_L(28) = subL[27] ^ subL[29]; /* round 21 */
1023 CAMELLIA_SUBKEY_R(28) = subR[27] ^ subR[29];
1024 CAMELLIA_SUBKEY_L(29) = subL[28] ^ subL[30]; /* round 22 */
1025 CAMELLIA_SUBKEY_R(29) = subR[28] ^ subR[30];
1026 CAMELLIA_SUBKEY_L(30) = subL[29] ^ subL[31]; /* round 23 */
1027 CAMELLIA_SUBKEY_R(30) = subR[29] ^ subR[31];
1028 CAMELLIA_SUBKEY_L(31) = subL[30]; /* round 24 */
1029 CAMELLIA_SUBKEY_R(31) = subR[30];
1030 CAMELLIA_SUBKEY_L(32) = subL[32] ^ subL[31]; /* kw3 */
1031 CAMELLIA_SUBKEY_R(32) = subR[32] ^ subR[31];
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001032
1033 /* apply the inverse of the last half of P-function */
1034 dw = CAMELLIA_SUBKEY_L(2) ^ CAMELLIA_SUBKEY_R(2),
1035 dw = CAMELLIA_RL8(dw);/* round 1 */
1036 CAMELLIA_SUBKEY_R(2) = CAMELLIA_SUBKEY_L(2) ^ dw,
1037 CAMELLIA_SUBKEY_L(2) = dw;
1038 dw = CAMELLIA_SUBKEY_L(3) ^ CAMELLIA_SUBKEY_R(3),
1039 dw = CAMELLIA_RL8(dw);/* round 2 */
1040 CAMELLIA_SUBKEY_R(3) = CAMELLIA_SUBKEY_L(3) ^ dw,
1041 CAMELLIA_SUBKEY_L(3) = dw;
1042 dw = CAMELLIA_SUBKEY_L(4) ^ CAMELLIA_SUBKEY_R(4),
1043 dw = CAMELLIA_RL8(dw);/* round 3 */
1044 CAMELLIA_SUBKEY_R(4) = CAMELLIA_SUBKEY_L(4) ^ dw,
1045 CAMELLIA_SUBKEY_L(4) = dw;
1046 dw = CAMELLIA_SUBKEY_L(5) ^ CAMELLIA_SUBKEY_R(5),
1047 dw = CAMELLIA_RL8(dw);/* round 4 */
1048 CAMELLIA_SUBKEY_R(5) = CAMELLIA_SUBKEY_L(5) ^ dw,
1049 CAMELLIA_SUBKEY_L(5) = dw;
1050 dw = CAMELLIA_SUBKEY_L(6) ^ CAMELLIA_SUBKEY_R(6),
1051 dw = CAMELLIA_RL8(dw);/* round 5 */
1052 CAMELLIA_SUBKEY_R(6) = CAMELLIA_SUBKEY_L(6) ^ dw,
1053 CAMELLIA_SUBKEY_L(6) = dw;
1054 dw = CAMELLIA_SUBKEY_L(7) ^ CAMELLIA_SUBKEY_R(7),
1055 dw = CAMELLIA_RL8(dw);/* round 6 */
1056 CAMELLIA_SUBKEY_R(7) = CAMELLIA_SUBKEY_L(7) ^ dw,
1057 CAMELLIA_SUBKEY_L(7) = dw;
1058 dw = CAMELLIA_SUBKEY_L(10) ^ CAMELLIA_SUBKEY_R(10),
1059 dw = CAMELLIA_RL8(dw);/* round 7 */
1060 CAMELLIA_SUBKEY_R(10) = CAMELLIA_SUBKEY_L(10) ^ dw,
1061 CAMELLIA_SUBKEY_L(10) = dw;
1062 dw = CAMELLIA_SUBKEY_L(11) ^ CAMELLIA_SUBKEY_R(11),
1063 dw = CAMELLIA_RL8(dw);/* round 8 */
1064 CAMELLIA_SUBKEY_R(11) = CAMELLIA_SUBKEY_L(11) ^ dw,
1065 CAMELLIA_SUBKEY_L(11) = dw;
1066 dw = CAMELLIA_SUBKEY_L(12) ^ CAMELLIA_SUBKEY_R(12),
1067 dw = CAMELLIA_RL8(dw);/* round 9 */
1068 CAMELLIA_SUBKEY_R(12) = CAMELLIA_SUBKEY_L(12) ^ dw,
1069 CAMELLIA_SUBKEY_L(12) = dw;
1070 dw = CAMELLIA_SUBKEY_L(13) ^ CAMELLIA_SUBKEY_R(13),
1071 dw = CAMELLIA_RL8(dw);/* round 10 */
1072 CAMELLIA_SUBKEY_R(13) = CAMELLIA_SUBKEY_L(13) ^ dw,
1073 CAMELLIA_SUBKEY_L(13) = dw;
1074 dw = CAMELLIA_SUBKEY_L(14) ^ CAMELLIA_SUBKEY_R(14),
1075 dw = CAMELLIA_RL8(dw);/* round 11 */
1076 CAMELLIA_SUBKEY_R(14) = CAMELLIA_SUBKEY_L(14) ^ dw,
1077 CAMELLIA_SUBKEY_L(14) = dw;
1078 dw = CAMELLIA_SUBKEY_L(15) ^ CAMELLIA_SUBKEY_R(15),
1079 dw = CAMELLIA_RL8(dw);/* round 12 */
1080 CAMELLIA_SUBKEY_R(15) = CAMELLIA_SUBKEY_L(15) ^ dw,
1081 CAMELLIA_SUBKEY_L(15) = dw;
1082 dw = CAMELLIA_SUBKEY_L(18) ^ CAMELLIA_SUBKEY_R(18),
1083 dw = CAMELLIA_RL8(dw);/* round 13 */
1084 CAMELLIA_SUBKEY_R(18) = CAMELLIA_SUBKEY_L(18) ^ dw,
1085 CAMELLIA_SUBKEY_L(18) = dw;
1086 dw = CAMELLIA_SUBKEY_L(19) ^ CAMELLIA_SUBKEY_R(19),
1087 dw = CAMELLIA_RL8(dw);/* round 14 */
1088 CAMELLIA_SUBKEY_R(19) = CAMELLIA_SUBKEY_L(19) ^ dw,
1089 CAMELLIA_SUBKEY_L(19) = dw;
1090 dw = CAMELLIA_SUBKEY_L(20) ^ CAMELLIA_SUBKEY_R(20),
1091 dw = CAMELLIA_RL8(dw);/* round 15 */
1092 CAMELLIA_SUBKEY_R(20) = CAMELLIA_SUBKEY_L(20) ^ dw,
1093 CAMELLIA_SUBKEY_L(20) = dw;
1094 dw = CAMELLIA_SUBKEY_L(21) ^ CAMELLIA_SUBKEY_R(21),
1095 dw = CAMELLIA_RL8(dw);/* round 16 */
1096 CAMELLIA_SUBKEY_R(21) = CAMELLIA_SUBKEY_L(21) ^ dw,
1097 CAMELLIA_SUBKEY_L(21) = dw;
1098 dw = CAMELLIA_SUBKEY_L(22) ^ CAMELLIA_SUBKEY_R(22),
1099 dw = CAMELLIA_RL8(dw);/* round 17 */
1100 CAMELLIA_SUBKEY_R(22) = CAMELLIA_SUBKEY_L(22) ^ dw,
1101 CAMELLIA_SUBKEY_L(22) = dw;
1102 dw = CAMELLIA_SUBKEY_L(23) ^ CAMELLIA_SUBKEY_R(23),
1103 dw = CAMELLIA_RL8(dw);/* round 18 */
1104 CAMELLIA_SUBKEY_R(23) = CAMELLIA_SUBKEY_L(23) ^ dw,
1105 CAMELLIA_SUBKEY_L(23) = dw;
1106 dw = CAMELLIA_SUBKEY_L(26) ^ CAMELLIA_SUBKEY_R(26),
1107 dw = CAMELLIA_RL8(dw);/* round 19 */
1108 CAMELLIA_SUBKEY_R(26) = CAMELLIA_SUBKEY_L(26) ^ dw,
1109 CAMELLIA_SUBKEY_L(26) = dw;
1110 dw = CAMELLIA_SUBKEY_L(27) ^ CAMELLIA_SUBKEY_R(27),
1111 dw = CAMELLIA_RL8(dw);/* round 20 */
1112 CAMELLIA_SUBKEY_R(27) = CAMELLIA_SUBKEY_L(27) ^ dw,
1113 CAMELLIA_SUBKEY_L(27) = dw;
1114 dw = CAMELLIA_SUBKEY_L(28) ^ CAMELLIA_SUBKEY_R(28),
1115 dw = CAMELLIA_RL8(dw);/* round 21 */
1116 CAMELLIA_SUBKEY_R(28) = CAMELLIA_SUBKEY_L(28) ^ dw,
1117 CAMELLIA_SUBKEY_L(28) = dw;
1118 dw = CAMELLIA_SUBKEY_L(29) ^ CAMELLIA_SUBKEY_R(29),
1119 dw = CAMELLIA_RL8(dw);/* round 22 */
1120 CAMELLIA_SUBKEY_R(29) = CAMELLIA_SUBKEY_L(29) ^ dw,
1121 CAMELLIA_SUBKEY_L(29) = dw;
1122 dw = CAMELLIA_SUBKEY_L(30) ^ CAMELLIA_SUBKEY_R(30),
1123 dw = CAMELLIA_RL8(dw);/* round 23 */
1124 CAMELLIA_SUBKEY_R(30) = CAMELLIA_SUBKEY_L(30) ^ dw,
1125 CAMELLIA_SUBKEY_L(30) = dw;
1126 dw = CAMELLIA_SUBKEY_L(31) ^ CAMELLIA_SUBKEY_R(31),
1127 dw = CAMELLIA_RL8(dw);/* round 24 */
1128 CAMELLIA_SUBKEY_R(31) = CAMELLIA_SUBKEY_L(31) ^ dw,
1129 CAMELLIA_SUBKEY_L(31) = dw;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001130}
1131
1132static void camellia_setup192(const unsigned char *key, u32 *subkey)
1133{
1134 unsigned char kk[32];
1135 u32 krll, krlr, krrl,krrr;
1136
1137 memcpy(kk, key, 24);
Denys Vlasenko1721a812007-11-06 22:01:20 +08001138 memcpy((unsigned char *)&krll, key+16, 4);
1139 memcpy((unsigned char *)&krlr, key+20, 4);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001140 krrl = ~krll;
1141 krrr = ~krlr;
1142 memcpy(kk+24, (unsigned char *)&krrl, 4);
1143 memcpy(kk+28, (unsigned char *)&krrr, 4);
1144 camellia_setup256(kk, subkey);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001145}
1146
1147
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001148static void camellia_encrypt128(const u32 *subkey, __be32 *io_text)
1149{
1150 u32 il,ir,t0,t1; /* temporary valiables */
1151
1152 u32 io[4];
1153
1154 io[0] = be32_to_cpu(io_text[0]);
1155 io[1] = be32_to_cpu(io_text[1]);
1156 io[2] = be32_to_cpu(io_text[2]);
1157 io[3] = be32_to_cpu(io_text[3]);
1158
Denys Vlasenko1721a812007-11-06 22:01:20 +08001159 /* pre whitening but absorb kw2 */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001160 io[0] ^= CAMELLIA_SUBKEY_L(0);
1161 io[1] ^= CAMELLIA_SUBKEY_R(0);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001162
Denys Vlasenko1721a812007-11-06 22:01:20 +08001163 /* main iteration */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001164 CAMELLIA_ROUNDSM(io[0],io[1],
1165 CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2),
1166 io[2],io[3],il,ir,t0,t1);
1167 CAMELLIA_ROUNDSM(io[2],io[3],
1168 CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3),
1169 io[0],io[1],il,ir,t0,t1);
1170 CAMELLIA_ROUNDSM(io[0],io[1],
1171 CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4),
1172 io[2],io[3],il,ir,t0,t1);
1173 CAMELLIA_ROUNDSM(io[2],io[3],
1174 CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5),
1175 io[0],io[1],il,ir,t0,t1);
1176 CAMELLIA_ROUNDSM(io[0],io[1],
1177 CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6),
1178 io[2],io[3],il,ir,t0,t1);
1179 CAMELLIA_ROUNDSM(io[2],io[3],
1180 CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7),
1181 io[0],io[1],il,ir,t0,t1);
1182
1183 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1184 CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8),
1185 CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9),
1186 t0,t1,il,ir);
1187
1188 CAMELLIA_ROUNDSM(io[0],io[1],
1189 CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10),
1190 io[2],io[3],il,ir,t0,t1);
1191 CAMELLIA_ROUNDSM(io[2],io[3],
1192 CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11),
1193 io[0],io[1],il,ir,t0,t1);
1194 CAMELLIA_ROUNDSM(io[0],io[1],
1195 CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12),
1196 io[2],io[3],il,ir,t0,t1);
1197 CAMELLIA_ROUNDSM(io[2],io[3],
1198 CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13),
1199 io[0],io[1],il,ir,t0,t1);
1200 CAMELLIA_ROUNDSM(io[0],io[1],
1201 CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14),
1202 io[2],io[3],il,ir,t0,t1);
1203 CAMELLIA_ROUNDSM(io[2],io[3],
1204 CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15),
1205 io[0],io[1],il,ir,t0,t1);
1206
1207 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1208 CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16),
1209 CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17),
1210 t0,t1,il,ir);
1211
1212 CAMELLIA_ROUNDSM(io[0],io[1],
1213 CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18),
1214 io[2],io[3],il,ir,t0,t1);
1215 CAMELLIA_ROUNDSM(io[2],io[3],
1216 CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19),
1217 io[0],io[1],il,ir,t0,t1);
1218 CAMELLIA_ROUNDSM(io[0],io[1],
1219 CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20),
1220 io[2],io[3],il,ir,t0,t1);
1221 CAMELLIA_ROUNDSM(io[2],io[3],
1222 CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21),
1223 io[0],io[1],il,ir,t0,t1);
1224 CAMELLIA_ROUNDSM(io[0],io[1],
1225 CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22),
1226 io[2],io[3],il,ir,t0,t1);
1227 CAMELLIA_ROUNDSM(io[2],io[3],
1228 CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23),
1229 io[0],io[1],il,ir,t0,t1);
1230
1231 /* post whitening but kw4 */
1232 io[2] ^= CAMELLIA_SUBKEY_L(24);
1233 io[3] ^= CAMELLIA_SUBKEY_R(24);
1234
Denys Vlasenko1721a812007-11-06 22:01:20 +08001235 io_text[0] = cpu_to_be32(io[2]);
1236 io_text[1] = cpu_to_be32(io[3]);
1237 io_text[2] = cpu_to_be32(io[0]);
1238 io_text[3] = cpu_to_be32(io[1]);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001239}
1240
1241static void camellia_decrypt128(const u32 *subkey, __be32 *io_text)
1242{
1243 u32 il,ir,t0,t1; /* temporary valiables */
1244
1245 u32 io[4];
1246
1247 io[0] = be32_to_cpu(io_text[0]);
1248 io[1] = be32_to_cpu(io_text[1]);
1249 io[2] = be32_to_cpu(io_text[2]);
1250 io[3] = be32_to_cpu(io_text[3]);
1251
Denys Vlasenko1721a812007-11-06 22:01:20 +08001252 /* pre whitening but absorb kw2 */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001253 io[0] ^= CAMELLIA_SUBKEY_L(24);
1254 io[1] ^= CAMELLIA_SUBKEY_R(24);
1255
1256 /* main iteration */
1257 CAMELLIA_ROUNDSM(io[0],io[1],
1258 CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23),
1259 io[2],io[3],il,ir,t0,t1);
1260 CAMELLIA_ROUNDSM(io[2],io[3],
1261 CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22),
1262 io[0],io[1],il,ir,t0,t1);
1263 CAMELLIA_ROUNDSM(io[0],io[1],
1264 CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21),
1265 io[2],io[3],il,ir,t0,t1);
1266 CAMELLIA_ROUNDSM(io[2],io[3],
1267 CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20),
1268 io[0],io[1],il,ir,t0,t1);
1269 CAMELLIA_ROUNDSM(io[0],io[1],
1270 CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19),
1271 io[2],io[3],il,ir,t0,t1);
1272 CAMELLIA_ROUNDSM(io[2],io[3],
1273 CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18),
1274 io[0],io[1],il,ir,t0,t1);
1275
1276 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1277 CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17),
1278 CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16),
1279 t0,t1,il,ir);
1280
1281 CAMELLIA_ROUNDSM(io[0],io[1],
1282 CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15),
1283 io[2],io[3],il,ir,t0,t1);
1284 CAMELLIA_ROUNDSM(io[2],io[3],
1285 CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14),
1286 io[0],io[1],il,ir,t0,t1);
1287 CAMELLIA_ROUNDSM(io[0],io[1],
1288 CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13),
1289 io[2],io[3],il,ir,t0,t1);
1290 CAMELLIA_ROUNDSM(io[2],io[3],
1291 CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12),
1292 io[0],io[1],il,ir,t0,t1);
1293 CAMELLIA_ROUNDSM(io[0],io[1],
1294 CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11),
1295 io[2],io[3],il,ir,t0,t1);
1296 CAMELLIA_ROUNDSM(io[2],io[3],
1297 CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10),
1298 io[0],io[1],il,ir,t0,t1);
1299
1300 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1301 CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9),
1302 CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8),
1303 t0,t1,il,ir);
1304
1305 CAMELLIA_ROUNDSM(io[0],io[1],
1306 CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7),
1307 io[2],io[3],il,ir,t0,t1);
1308 CAMELLIA_ROUNDSM(io[2],io[3],
1309 CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6),
1310 io[0],io[1],il,ir,t0,t1);
1311 CAMELLIA_ROUNDSM(io[0],io[1],
1312 CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5),
1313 io[2],io[3],il,ir,t0,t1);
1314 CAMELLIA_ROUNDSM(io[2],io[3],
1315 CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4),
1316 io[0],io[1],il,ir,t0,t1);
1317 CAMELLIA_ROUNDSM(io[0],io[1],
1318 CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3),
1319 io[2],io[3],il,ir,t0,t1);
1320 CAMELLIA_ROUNDSM(io[2],io[3],
1321 CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2),
1322 io[0],io[1],il,ir,t0,t1);
1323
1324 /* post whitening but kw4 */
1325 io[2] ^= CAMELLIA_SUBKEY_L(0);
1326 io[3] ^= CAMELLIA_SUBKEY_R(0);
1327
Denys Vlasenko1721a812007-11-06 22:01:20 +08001328 io_text[0] = cpu_to_be32(io[2]);
1329 io_text[1] = cpu_to_be32(io[3]);
1330 io_text[2] = cpu_to_be32(io[0]);
1331 io_text[3] = cpu_to_be32(io[1]);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001332}
1333
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001334static void camellia_encrypt256(const u32 *subkey, __be32 *io_text)
1335{
1336 u32 il,ir,t0,t1; /* temporary valiables */
1337
1338 u32 io[4];
1339
1340 io[0] = be32_to_cpu(io_text[0]);
1341 io[1] = be32_to_cpu(io_text[1]);
1342 io[2] = be32_to_cpu(io_text[2]);
1343 io[3] = be32_to_cpu(io_text[3]);
1344
Denys Vlasenko1721a812007-11-06 22:01:20 +08001345 /* pre whitening but absorb kw2 */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001346 io[0] ^= CAMELLIA_SUBKEY_L(0);
1347 io[1] ^= CAMELLIA_SUBKEY_R(0);
1348
1349 /* main iteration */
1350 CAMELLIA_ROUNDSM(io[0],io[1],
1351 CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2),
1352 io[2],io[3],il,ir,t0,t1);
1353 CAMELLIA_ROUNDSM(io[2],io[3],
1354 CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3),
1355 io[0],io[1],il,ir,t0,t1);
1356 CAMELLIA_ROUNDSM(io[0],io[1],
1357 CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4),
1358 io[2],io[3],il,ir,t0,t1);
1359 CAMELLIA_ROUNDSM(io[2],io[3],
1360 CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5),
1361 io[0],io[1],il,ir,t0,t1);
1362 CAMELLIA_ROUNDSM(io[0],io[1],
1363 CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6),
1364 io[2],io[3],il,ir,t0,t1);
1365 CAMELLIA_ROUNDSM(io[2],io[3],
1366 CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7),
1367 io[0],io[1],il,ir,t0,t1);
1368
1369 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1370 CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8),
1371 CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9),
1372 t0,t1,il,ir);
1373
1374 CAMELLIA_ROUNDSM(io[0],io[1],
1375 CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10),
1376 io[2],io[3],il,ir,t0,t1);
1377 CAMELLIA_ROUNDSM(io[2],io[3],
1378 CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11),
1379 io[0],io[1],il,ir,t0,t1);
1380 CAMELLIA_ROUNDSM(io[0],io[1],
1381 CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12),
1382 io[2],io[3],il,ir,t0,t1);
1383 CAMELLIA_ROUNDSM(io[2],io[3],
1384 CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13),
1385 io[0],io[1],il,ir,t0,t1);
1386 CAMELLIA_ROUNDSM(io[0],io[1],
1387 CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14),
1388 io[2],io[3],il,ir,t0,t1);
1389 CAMELLIA_ROUNDSM(io[2],io[3],
1390 CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15),
1391 io[0],io[1],il,ir,t0,t1);
1392
1393 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1394 CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16),
1395 CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17),
1396 t0,t1,il,ir);
1397
1398 CAMELLIA_ROUNDSM(io[0],io[1],
1399 CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18),
1400 io[2],io[3],il,ir,t0,t1);
1401 CAMELLIA_ROUNDSM(io[2],io[3],
1402 CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19),
1403 io[0],io[1],il,ir,t0,t1);
1404 CAMELLIA_ROUNDSM(io[0],io[1],
1405 CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20),
1406 io[2],io[3],il,ir,t0,t1);
1407 CAMELLIA_ROUNDSM(io[2],io[3],
1408 CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21),
1409 io[0],io[1],il,ir,t0,t1);
1410 CAMELLIA_ROUNDSM(io[0],io[1],
1411 CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22),
1412 io[2],io[3],il,ir,t0,t1);
1413 CAMELLIA_ROUNDSM(io[2],io[3],
1414 CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23),
1415 io[0],io[1],il,ir,t0,t1);
1416
1417 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1418 CAMELLIA_SUBKEY_L(24),CAMELLIA_SUBKEY_R(24),
1419 CAMELLIA_SUBKEY_L(25),CAMELLIA_SUBKEY_R(25),
1420 t0,t1,il,ir);
1421
1422 CAMELLIA_ROUNDSM(io[0],io[1],
1423 CAMELLIA_SUBKEY_L(26),CAMELLIA_SUBKEY_R(26),
1424 io[2],io[3],il,ir,t0,t1);
1425 CAMELLIA_ROUNDSM(io[2],io[3],
1426 CAMELLIA_SUBKEY_L(27),CAMELLIA_SUBKEY_R(27),
1427 io[0],io[1],il,ir,t0,t1);
1428 CAMELLIA_ROUNDSM(io[0],io[1],
1429 CAMELLIA_SUBKEY_L(28),CAMELLIA_SUBKEY_R(28),
1430 io[2],io[3],il,ir,t0,t1);
1431 CAMELLIA_ROUNDSM(io[2],io[3],
1432 CAMELLIA_SUBKEY_L(29),CAMELLIA_SUBKEY_R(29),
1433 io[0],io[1],il,ir,t0,t1);
1434 CAMELLIA_ROUNDSM(io[0],io[1],
1435 CAMELLIA_SUBKEY_L(30),CAMELLIA_SUBKEY_R(30),
1436 io[2],io[3],il,ir,t0,t1);
1437 CAMELLIA_ROUNDSM(io[2],io[3],
1438 CAMELLIA_SUBKEY_L(31),CAMELLIA_SUBKEY_R(31),
1439 io[0],io[1],il,ir,t0,t1);
1440
1441 /* post whitening but kw4 */
1442 io[2] ^= CAMELLIA_SUBKEY_L(32);
1443 io[3] ^= CAMELLIA_SUBKEY_R(32);
1444
Denys Vlasenko1721a812007-11-06 22:01:20 +08001445 io_text[0] = cpu_to_be32(io[2]);
1446 io_text[1] = cpu_to_be32(io[3]);
1447 io_text[2] = cpu_to_be32(io[0]);
1448 io_text[3] = cpu_to_be32(io[1]);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001449}
1450
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001451static void camellia_decrypt256(const u32 *subkey, __be32 *io_text)
1452{
1453 u32 il,ir,t0,t1; /* temporary valiables */
1454
1455 u32 io[4];
1456
1457 io[0] = be32_to_cpu(io_text[0]);
1458 io[1] = be32_to_cpu(io_text[1]);
1459 io[2] = be32_to_cpu(io_text[2]);
1460 io[3] = be32_to_cpu(io_text[3]);
1461
Denys Vlasenko1721a812007-11-06 22:01:20 +08001462 /* pre whitening but absorb kw2 */
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001463 io[0] ^= CAMELLIA_SUBKEY_L(32);
1464 io[1] ^= CAMELLIA_SUBKEY_R(32);
1465
1466 /* main iteration */
1467 CAMELLIA_ROUNDSM(io[0],io[1],
1468 CAMELLIA_SUBKEY_L(31),CAMELLIA_SUBKEY_R(31),
1469 io[2],io[3],il,ir,t0,t1);
1470 CAMELLIA_ROUNDSM(io[2],io[3],
1471 CAMELLIA_SUBKEY_L(30),CAMELLIA_SUBKEY_R(30),
1472 io[0],io[1],il,ir,t0,t1);
1473 CAMELLIA_ROUNDSM(io[0],io[1],
1474 CAMELLIA_SUBKEY_L(29),CAMELLIA_SUBKEY_R(29),
1475 io[2],io[3],il,ir,t0,t1);
1476 CAMELLIA_ROUNDSM(io[2],io[3],
1477 CAMELLIA_SUBKEY_L(28),CAMELLIA_SUBKEY_R(28),
1478 io[0],io[1],il,ir,t0,t1);
1479 CAMELLIA_ROUNDSM(io[0],io[1],
1480 CAMELLIA_SUBKEY_L(27),CAMELLIA_SUBKEY_R(27),
1481 io[2],io[3],il,ir,t0,t1);
1482 CAMELLIA_ROUNDSM(io[2],io[3],
1483 CAMELLIA_SUBKEY_L(26),CAMELLIA_SUBKEY_R(26),
1484 io[0],io[1],il,ir,t0,t1);
1485
1486 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1487 CAMELLIA_SUBKEY_L(25),CAMELLIA_SUBKEY_R(25),
1488 CAMELLIA_SUBKEY_L(24),CAMELLIA_SUBKEY_R(24),
1489 t0,t1,il,ir);
1490
1491 CAMELLIA_ROUNDSM(io[0],io[1],
1492 CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23),
1493 io[2],io[3],il,ir,t0,t1);
1494 CAMELLIA_ROUNDSM(io[2],io[3],
1495 CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22),
1496 io[0],io[1],il,ir,t0,t1);
1497 CAMELLIA_ROUNDSM(io[0],io[1],
1498 CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21),
1499 io[2],io[3],il,ir,t0,t1);
1500 CAMELLIA_ROUNDSM(io[2],io[3],
1501 CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20),
1502 io[0],io[1],il,ir,t0,t1);
1503 CAMELLIA_ROUNDSM(io[0],io[1],
1504 CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19),
1505 io[2],io[3],il,ir,t0,t1);
1506 CAMELLIA_ROUNDSM(io[2],io[3],
1507 CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18),
1508 io[0],io[1],il,ir,t0,t1);
1509
1510 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1511 CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17),
1512 CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16),
1513 t0,t1,il,ir);
1514
1515 CAMELLIA_ROUNDSM(io[0],io[1],
1516 CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15),
1517 io[2],io[3],il,ir,t0,t1);
1518 CAMELLIA_ROUNDSM(io[2],io[3],
1519 CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14),
1520 io[0],io[1],il,ir,t0,t1);
1521 CAMELLIA_ROUNDSM(io[0],io[1],
1522 CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13),
1523 io[2],io[3],il,ir,t0,t1);
1524 CAMELLIA_ROUNDSM(io[2],io[3],
1525 CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12),
1526 io[0],io[1],il,ir,t0,t1);
1527 CAMELLIA_ROUNDSM(io[0],io[1],
1528 CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11),
1529 io[2],io[3],il,ir,t0,t1);
1530 CAMELLIA_ROUNDSM(io[2],io[3],
1531 CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10),
1532 io[0],io[1],il,ir,t0,t1);
1533
1534 CAMELLIA_FLS(io[0],io[1],io[2],io[3],
1535 CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9),
1536 CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8),
1537 t0,t1,il,ir);
1538
1539 CAMELLIA_ROUNDSM(io[0],io[1],
1540 CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7),
1541 io[2],io[3],il,ir,t0,t1);
1542 CAMELLIA_ROUNDSM(io[2],io[3],
1543 CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6),
1544 io[0],io[1],il,ir,t0,t1);
1545 CAMELLIA_ROUNDSM(io[0],io[1],
1546 CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5),
1547 io[2],io[3],il,ir,t0,t1);
1548 CAMELLIA_ROUNDSM(io[2],io[3],
1549 CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4),
1550 io[0],io[1],il,ir,t0,t1);
1551 CAMELLIA_ROUNDSM(io[0],io[1],
1552 CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3),
1553 io[2],io[3],il,ir,t0,t1);
1554 CAMELLIA_ROUNDSM(io[2],io[3],
1555 CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2),
1556 io[0],io[1],il,ir,t0,t1);
1557
1558 /* post whitening but kw4 */
1559 io[2] ^= CAMELLIA_SUBKEY_L(0);
1560 io[3] ^= CAMELLIA_SUBKEY_R(0);
1561
Denys Vlasenko1721a812007-11-06 22:01:20 +08001562 io_text[0] = cpu_to_be32(io[2]);
1563 io_text[1] = cpu_to_be32(io[3]);
1564 io_text[2] = cpu_to_be32(io[0]);
1565 io_text[3] = cpu_to_be32(io[1]);
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001566}
1567
1568
Denys Vlasenko1721a812007-11-06 22:01:20 +08001569struct camellia_ctx {
1570 int key_length;
1571 u32 key_table[CAMELLIA_TABLE_BYTE_LEN / 4];
1572};
1573
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001574static int
1575camellia_set_key(struct crypto_tfm *tfm, const u8 *in_key,
1576 unsigned int key_len)
1577{
1578 struct camellia_ctx *cctx = crypto_tfm_ctx(tfm);
1579 const unsigned char *key = (const unsigned char *)in_key;
1580 u32 *flags = &tfm->crt_flags;
1581
1582 if (key_len != 16 && key_len != 24 && key_len != 32) {
1583 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
1584 return -EINVAL;
1585 }
1586
1587 cctx->key_length = key_len;
1588
Denys Vlasenko1721a812007-11-06 22:01:20 +08001589 switch (key_len) {
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001590 case 16:
1591 camellia_setup128(key, cctx->key_table);
1592 break;
1593 case 24:
1594 camellia_setup192(key, cctx->key_table);
1595 break;
1596 case 32:
1597 camellia_setup256(key, cctx->key_table);
1598 break;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001599 }
1600
1601 return 0;
1602}
1603
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001604static void camellia_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
1605{
1606 const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm);
1607 const __be32 *src = (const __be32 *)in;
1608 __be32 *dst = (__be32 *)out;
1609
1610 __be32 tmp[4];
1611
1612 memcpy(tmp, src, CAMELLIA_BLOCK_SIZE);
1613
1614 switch (cctx->key_length) {
1615 case 16:
1616 camellia_encrypt128(cctx->key_table, tmp);
1617 break;
1618 case 24:
1619 /* fall through */
1620 case 32:
1621 camellia_encrypt256(cctx->key_table, tmp);
1622 break;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001623 }
1624
1625 memcpy(dst, tmp, CAMELLIA_BLOCK_SIZE);
1626}
1627
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001628static void camellia_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
1629{
1630 const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm);
1631 const __be32 *src = (const __be32 *)in;
1632 __be32 *dst = (__be32 *)out;
1633
1634 __be32 tmp[4];
1635
1636 memcpy(tmp, src, CAMELLIA_BLOCK_SIZE);
1637
1638 switch (cctx->key_length) {
1639 case 16:
1640 camellia_decrypt128(cctx->key_table, tmp);
1641 break;
1642 case 24:
1643 /* fall through */
1644 case 32:
1645 camellia_decrypt256(cctx->key_table, tmp);
1646 break;
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001647 }
1648
1649 memcpy(dst, tmp, CAMELLIA_BLOCK_SIZE);
1650}
1651
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001652static struct crypto_alg camellia_alg = {
1653 .cra_name = "camellia",
1654 .cra_driver_name = "camellia-generic",
1655 .cra_priority = 100,
1656 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
1657 .cra_blocksize = CAMELLIA_BLOCK_SIZE,
1658 .cra_ctxsize = sizeof(struct camellia_ctx),
1659 .cra_alignmask = 3,
1660 .cra_module = THIS_MODULE,
1661 .cra_list = LIST_HEAD_INIT(camellia_alg.cra_list),
1662 .cra_u = {
1663 .cipher = {
1664 .cia_min_keysize = CAMELLIA_MIN_KEY_SIZE,
1665 .cia_max_keysize = CAMELLIA_MAX_KEY_SIZE,
1666 .cia_setkey = camellia_set_key,
1667 .cia_encrypt = camellia_encrypt,
1668 .cia_decrypt = camellia_decrypt
1669 }
1670 }
1671};
1672
1673static int __init camellia_init(void)
1674{
1675 return crypto_register_alg(&camellia_alg);
1676}
1677
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001678static void __exit camellia_fini(void)
1679{
1680 crypto_unregister_alg(&camellia_alg);
1681}
1682
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001683module_init(camellia_init);
1684module_exit(camellia_fini);
1685
Noriaki TAKAMIYAd64beac2007-01-24 21:47:48 +11001686MODULE_DESCRIPTION("Camellia Cipher Algorithm");
1687MODULE_LICENSE("GPL");