1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* 3 * Cryptographic API. 4 * 5 * ARIA Cipher Algorithm. 6 * 7 * Documentation of ARIA can be found in RFC 5794. 8 * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com> 9 * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com> 10 * 11 * Information for ARIA 12 * http://210.104.33.10/ARIA/index-e.html (English) 13 * http://seed.kisa.or.kr/ (Korean) 14 * 15 * Public domain version is distributed above. 16 */ 17 18 #ifndef _CRYPTO_ARIA_H 19 #define _CRYPTO_ARIA_H 20 21 #include <linux/module.h> 22 #include <linux/init.h> 23 #include <linux/types.h> 24 #include <linux/errno.h> 25 #include <linux/crypto.h> 26 #include <asm/byteorder.h> 27 28 #define ARIA_MIN_KEY_SIZE 16 29 #define ARIA_MAX_KEY_SIZE 32 30 #define ARIA_BLOCK_SIZE 16 31 #define ARIA_MAX_RD_KEYS 17 32 #define ARIA_RD_KEY_WORDS (ARIA_BLOCK_SIZE / sizeof(u32)) 33 34 struct aria_ctx { 35 int key_length; 36 int rounds; 37 u32 enc_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS]; 38 u32 dec_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS]; 39 }; 40 41 static const u32 key_rc[5][4] = { 42 { 0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0 }, 43 { 0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0 }, 44 { 0xdb92371d, 0x2126e970, 0x03249775, 0x04e8c90e }, 45 { 0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0 }, 46 { 0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0 } 47 }; 48 49 static const u32 s1[256] = { 50 0x00636363, 0x007c7c7c, 0x00777777, 0x007b7b7b, 51 0x00f2f2f2, 0x006b6b6b, 0x006f6f6f, 0x00c5c5c5, 52 0x00303030, 0x00010101, 0x00676767, 0x002b2b2b, 53 0x00fefefe, 0x00d7d7d7, 0x00ababab, 0x00767676, 54 0x00cacaca, 0x00828282, 0x00c9c9c9, 0x007d7d7d, 55 0x00fafafa, 0x00595959, 0x00474747, 0x00f0f0f0, 56 0x00adadad, 0x00d4d4d4, 0x00a2a2a2, 0x00afafaf, 57 0x009c9c9c, 0x00a4a4a4, 0x00727272, 0x00c0c0c0, 58 0x00b7b7b7, 0x00fdfdfd, 0x00939393, 0x00262626, 59 0x00363636, 0x003f3f3f, 0x00f7f7f7, 0x00cccccc, 60 0x00343434, 0x00a5a5a5, 0x00e5e5e5, 0x00f1f1f1, 61 0x00717171, 0x00d8d8d8, 0x00313131, 0x00151515, 62 0x00040404, 0x00c7c7c7, 0x00232323, 0x00c3c3c3, 63 0x00181818, 0x00969696, 0x00050505, 0x009a9a9a, 64 0x00070707, 0x00121212, 0x00808080, 0x00e2e2e2, 65 0x00ebebeb, 0x00272727, 0x00b2b2b2, 0x00757575, 66 0x00090909, 0x00838383, 0x002c2c2c, 0x001a1a1a, 67 0x001b1b1b, 0x006e6e6e, 0x005a5a5a, 0x00a0a0a0, 68 0x00525252, 0x003b3b3b, 0x00d6d6d6, 0x00b3b3b3, 69 0x00292929, 0x00e3e3e3, 0x002f2f2f, 0x00848484, 70 0x00535353, 0x00d1d1d1, 0x00000000, 0x00ededed, 71 0x00202020, 0x00fcfcfc, 0x00b1b1b1, 0x005b5b5b, 72 0x006a6a6a, 0x00cbcbcb, 0x00bebebe, 0x00393939, 73 0x004a4a4a, 0x004c4c4c, 0x00585858, 0x00cfcfcf, 74 0x00d0d0d0, 0x00efefef, 0x00aaaaaa, 0x00fbfbfb, 75 0x00434343, 0x004d4d4d, 0x00333333, 0x00858585, 76 0x00454545, 0x00f9f9f9, 0x00020202, 0x007f7f7f, 77 0x00505050, 0x003c3c3c, 0x009f9f9f, 0x00a8a8a8, 78 0x00515151, 0x00a3a3a3, 0x00404040, 0x008f8f8f, 79 0x00929292, 0x009d9d9d, 0x00383838, 0x00f5f5f5, 80 0x00bcbcbc, 0x00b6b6b6, 0x00dadada, 0x00212121, 81 0x00101010, 0x00ffffff, 0x00f3f3f3, 0x00d2d2d2, 82 0x00cdcdcd, 0x000c0c0c, 0x00131313, 0x00ececec, 83 0x005f5f5f, 0x00979797, 0x00444444, 0x00171717, 84 0x00c4c4c4, 0x00a7a7a7, 0x007e7e7e, 0x003d3d3d, 85 0x00646464, 0x005d5d5d, 0x00191919, 0x00737373, 86 0x00606060, 0x00818181, 0x004f4f4f, 0x00dcdcdc, 87 0x00222222, 0x002a2a2a, 0x00909090, 0x00888888, 88 0x00464646, 0x00eeeeee, 0x00b8b8b8, 0x00141414, 89 0x00dedede, 0x005e5e5e, 0x000b0b0b, 0x00dbdbdb, 90 0x00e0e0e0, 0x00323232, 0x003a3a3a, 0x000a0a0a, 91 0x00494949, 0x00060606, 0x00242424, 0x005c5c5c, 92 0x00c2c2c2, 0x00d3d3d3, 0x00acacac, 0x00626262, 93 0x00919191, 0x00959595, 0x00e4e4e4, 0x00797979, 94 0x00e7e7e7, 0x00c8c8c8, 0x00373737, 0x006d6d6d, 95 0x008d8d8d, 0x00d5d5d5, 0x004e4e4e, 0x00a9a9a9, 96 0x006c6c6c, 0x00565656, 0x00f4f4f4, 0x00eaeaea, 97 0x00656565, 0x007a7a7a, 0x00aeaeae, 0x00080808, 98 0x00bababa, 0x00787878, 0x00252525, 0x002e2e2e, 99 0x001c1c1c, 0x00a6a6a6, 0x00b4b4b4, 0x00c6c6c6, 100 0x00e8e8e8, 0x00dddddd, 0x00747474, 0x001f1f1f, 101 0x004b4b4b, 0x00bdbdbd, 0x008b8b8b, 0x008a8a8a, 102 0x00707070, 0x003e3e3e, 0x00b5b5b5, 0x00666666, 103 0x00484848, 0x00030303, 0x00f6f6f6, 0x000e0e0e, 104 0x00616161, 0x00353535, 0x00575757, 0x00b9b9b9, 105 0x00868686, 0x00c1c1c1, 0x001d1d1d, 0x009e9e9e, 106 0x00e1e1e1, 0x00f8f8f8, 0x00989898, 0x00111111, 107 0x00696969, 0x00d9d9d9, 0x008e8e8e, 0x00949494, 108 0x009b9b9b, 0x001e1e1e, 0x00878787, 0x00e9e9e9, 109 0x00cecece, 0x00555555, 0x00282828, 0x00dfdfdf, 110 0x008c8c8c, 0x00a1a1a1, 0x00898989, 0x000d0d0d, 111 0x00bfbfbf, 0x00e6e6e6, 0x00424242, 0x00686868, 112 0x00414141, 0x00999999, 0x002d2d2d, 0x000f0f0f, 113 0x00b0b0b0, 0x00545454, 0x00bbbbbb, 0x00161616 114 }; 115 116 static const u32 s2[256] = { 117 0xe200e2e2, 0x4e004e4e, 0x54005454, 0xfc00fcfc, 118 0x94009494, 0xc200c2c2, 0x4a004a4a, 0xcc00cccc, 119 0x62006262, 0x0d000d0d, 0x6a006a6a, 0x46004646, 120 0x3c003c3c, 0x4d004d4d, 0x8b008b8b, 0xd100d1d1, 121 0x5e005e5e, 0xfa00fafa, 0x64006464, 0xcb00cbcb, 122 0xb400b4b4, 0x97009797, 0xbe00bebe, 0x2b002b2b, 123 0xbc00bcbc, 0x77007777, 0x2e002e2e, 0x03000303, 124 0xd300d3d3, 0x19001919, 0x59005959, 0xc100c1c1, 125 0x1d001d1d, 0x06000606, 0x41004141, 0x6b006b6b, 126 0x55005555, 0xf000f0f0, 0x99009999, 0x69006969, 127 0xea00eaea, 0x9c009c9c, 0x18001818, 0xae00aeae, 128 0x63006363, 0xdf00dfdf, 0xe700e7e7, 0xbb00bbbb, 129 0x00000000, 0x73007373, 0x66006666, 0xfb00fbfb, 130 0x96009696, 0x4c004c4c, 0x85008585, 0xe400e4e4, 131 0x3a003a3a, 0x09000909, 0x45004545, 0xaa00aaaa, 132 0x0f000f0f, 0xee00eeee, 0x10001010, 0xeb00ebeb, 133 0x2d002d2d, 0x7f007f7f, 0xf400f4f4, 0x29002929, 134 0xac00acac, 0xcf00cfcf, 0xad00adad, 0x91009191, 135 0x8d008d8d, 0x78007878, 0xc800c8c8, 0x95009595, 136 0xf900f9f9, 0x2f002f2f, 0xce00cece, 0xcd00cdcd, 137 0x08000808, 0x7a007a7a, 0x88008888, 0x38003838, 138 0x5c005c5c, 0x83008383, 0x2a002a2a, 0x28002828, 139 0x47004747, 0xdb00dbdb, 0xb800b8b8, 0xc700c7c7, 140 0x93009393, 0xa400a4a4, 0x12001212, 0x53005353, 141 0xff00ffff, 0x87008787, 0x0e000e0e, 0x31003131, 142 0x36003636, 0x21002121, 0x58005858, 0x48004848, 143 0x01000101, 0x8e008e8e, 0x37003737, 0x74007474, 144 0x32003232, 0xca00caca, 0xe900e9e9, 0xb100b1b1, 145 0xb700b7b7, 0xab00abab, 0x0c000c0c, 0xd700d7d7, 146 0xc400c4c4, 0x56005656, 0x42004242, 0x26002626, 147 0x07000707, 0x98009898, 0x60006060, 0xd900d9d9, 148 0xb600b6b6, 0xb900b9b9, 0x11001111, 0x40004040, 149 0xec00ecec, 0x20002020, 0x8c008c8c, 0xbd00bdbd, 150 0xa000a0a0, 0xc900c9c9, 0x84008484, 0x04000404, 151 0x49004949, 0x23002323, 0xf100f1f1, 0x4f004f4f, 152 0x50005050, 0x1f001f1f, 0x13001313, 0xdc00dcdc, 153 0xd800d8d8, 0xc000c0c0, 0x9e009e9e, 0x57005757, 154 0xe300e3e3, 0xc300c3c3, 0x7b007b7b, 0x65006565, 155 0x3b003b3b, 0x02000202, 0x8f008f8f, 0x3e003e3e, 156 0xe800e8e8, 0x25002525, 0x92009292, 0xe500e5e5, 157 0x15001515, 0xdd00dddd, 0xfd00fdfd, 0x17001717, 158 0xa900a9a9, 0xbf00bfbf, 0xd400d4d4, 0x9a009a9a, 159 0x7e007e7e, 0xc500c5c5, 0x39003939, 0x67006767, 160 0xfe00fefe, 0x76007676, 0x9d009d9d, 0x43004343, 161 0xa700a7a7, 0xe100e1e1, 0xd000d0d0, 0xf500f5f5, 162 0x68006868, 0xf200f2f2, 0x1b001b1b, 0x34003434, 163 0x70007070, 0x05000505, 0xa300a3a3, 0x8a008a8a, 164 0xd500d5d5, 0x79007979, 0x86008686, 0xa800a8a8, 165 0x30003030, 0xc600c6c6, 0x51005151, 0x4b004b4b, 166 0x1e001e1e, 0xa600a6a6, 0x27002727, 0xf600f6f6, 167 0x35003535, 0xd200d2d2, 0x6e006e6e, 0x24002424, 168 0x16001616, 0x82008282, 0x5f005f5f, 0xda00dada, 169 0xe600e6e6, 0x75007575, 0xa200a2a2, 0xef00efef, 170 0x2c002c2c, 0xb200b2b2, 0x1c001c1c, 0x9f009f9f, 171 0x5d005d5d, 0x6f006f6f, 0x80008080, 0x0a000a0a, 172 0x72007272, 0x44004444, 0x9b009b9b, 0x6c006c6c, 173 0x90009090, 0x0b000b0b, 0x5b005b5b, 0x33003333, 174 0x7d007d7d, 0x5a005a5a, 0x52005252, 0xf300f3f3, 175 0x61006161, 0xa100a1a1, 0xf700f7f7, 0xb000b0b0, 176 0xd600d6d6, 0x3f003f3f, 0x7c007c7c, 0x6d006d6d, 177 0xed00eded, 0x14001414, 0xe000e0e0, 0xa500a5a5, 178 0x3d003d3d, 0x22002222, 0xb300b3b3, 0xf800f8f8, 179 0x89008989, 0xde00dede, 0x71007171, 0x1a001a1a, 180 0xaf00afaf, 0xba00baba, 0xb500b5b5, 0x81008181 181 }; 182 183 static const u32 x1[256] = { 184 0x52520052, 0x09090009, 0x6a6a006a, 0xd5d500d5, 185 0x30300030, 0x36360036, 0xa5a500a5, 0x38380038, 186 0xbfbf00bf, 0x40400040, 0xa3a300a3, 0x9e9e009e, 187 0x81810081, 0xf3f300f3, 0xd7d700d7, 0xfbfb00fb, 188 0x7c7c007c, 0xe3e300e3, 0x39390039, 0x82820082, 189 0x9b9b009b, 0x2f2f002f, 0xffff00ff, 0x87870087, 190 0x34340034, 0x8e8e008e, 0x43430043, 0x44440044, 191 0xc4c400c4, 0xdede00de, 0xe9e900e9, 0xcbcb00cb, 192 0x54540054, 0x7b7b007b, 0x94940094, 0x32320032, 193 0xa6a600a6, 0xc2c200c2, 0x23230023, 0x3d3d003d, 194 0xeeee00ee, 0x4c4c004c, 0x95950095, 0x0b0b000b, 195 0x42420042, 0xfafa00fa, 0xc3c300c3, 0x4e4e004e, 196 0x08080008, 0x2e2e002e, 0xa1a100a1, 0x66660066, 197 0x28280028, 0xd9d900d9, 0x24240024, 0xb2b200b2, 198 0x76760076, 0x5b5b005b, 0xa2a200a2, 0x49490049, 199 0x6d6d006d, 0x8b8b008b, 0xd1d100d1, 0x25250025, 200 0x72720072, 0xf8f800f8, 0xf6f600f6, 0x64640064, 201 0x86860086, 0x68680068, 0x98980098, 0x16160016, 202 0xd4d400d4, 0xa4a400a4, 0x5c5c005c, 0xcccc00cc, 203 0x5d5d005d, 0x65650065, 0xb6b600b6, 0x92920092, 204 0x6c6c006c, 0x70700070, 0x48480048, 0x50500050, 205 0xfdfd00fd, 0xeded00ed, 0xb9b900b9, 0xdada00da, 206 0x5e5e005e, 0x15150015, 0x46460046, 0x57570057, 207 0xa7a700a7, 0x8d8d008d, 0x9d9d009d, 0x84840084, 208 0x90900090, 0xd8d800d8, 0xabab00ab, 0x00000000, 209 0x8c8c008c, 0xbcbc00bc, 0xd3d300d3, 0x0a0a000a, 210 0xf7f700f7, 0xe4e400e4, 0x58580058, 0x05050005, 211 0xb8b800b8, 0xb3b300b3, 0x45450045, 0x06060006, 212 0xd0d000d0, 0x2c2c002c, 0x1e1e001e, 0x8f8f008f, 213 0xcaca00ca, 0x3f3f003f, 0x0f0f000f, 0x02020002, 214 0xc1c100c1, 0xafaf00af, 0xbdbd00bd, 0x03030003, 215 0x01010001, 0x13130013, 0x8a8a008a, 0x6b6b006b, 216 0x3a3a003a, 0x91910091, 0x11110011, 0x41410041, 217 0x4f4f004f, 0x67670067, 0xdcdc00dc, 0xeaea00ea, 218 0x97970097, 0xf2f200f2, 0xcfcf00cf, 0xcece00ce, 219 0xf0f000f0, 0xb4b400b4, 0xe6e600e6, 0x73730073, 220 0x96960096, 0xacac00ac, 0x74740074, 0x22220022, 221 0xe7e700e7, 0xadad00ad, 0x35350035, 0x85850085, 222 0xe2e200e2, 0xf9f900f9, 0x37370037, 0xe8e800e8, 223 0x1c1c001c, 0x75750075, 0xdfdf00df, 0x6e6e006e, 224 0x47470047, 0xf1f100f1, 0x1a1a001a, 0x71710071, 225 0x1d1d001d, 0x29290029, 0xc5c500c5, 0x89890089, 226 0x6f6f006f, 0xb7b700b7, 0x62620062, 0x0e0e000e, 227 0xaaaa00aa, 0x18180018, 0xbebe00be, 0x1b1b001b, 228 0xfcfc00fc, 0x56560056, 0x3e3e003e, 0x4b4b004b, 229 0xc6c600c6, 0xd2d200d2, 0x79790079, 0x20200020, 230 0x9a9a009a, 0xdbdb00db, 0xc0c000c0, 0xfefe00fe, 231 0x78780078, 0xcdcd00cd, 0x5a5a005a, 0xf4f400f4, 232 0x1f1f001f, 0xdddd00dd, 0xa8a800a8, 0x33330033, 233 0x88880088, 0x07070007, 0xc7c700c7, 0x31310031, 234 0xb1b100b1, 0x12120012, 0x10100010, 0x59590059, 235 0x27270027, 0x80800080, 0xecec00ec, 0x5f5f005f, 236 0x60600060, 0x51510051, 0x7f7f007f, 0xa9a900a9, 237 0x19190019, 0xb5b500b5, 0x4a4a004a, 0x0d0d000d, 238 0x2d2d002d, 0xe5e500e5, 0x7a7a007a, 0x9f9f009f, 239 0x93930093, 0xc9c900c9, 0x9c9c009c, 0xefef00ef, 240 0xa0a000a0, 0xe0e000e0, 0x3b3b003b, 0x4d4d004d, 241 0xaeae00ae, 0x2a2a002a, 0xf5f500f5, 0xb0b000b0, 242 0xc8c800c8, 0xebeb00eb, 0xbbbb00bb, 0x3c3c003c, 243 0x83830083, 0x53530053, 0x99990099, 0x61610061, 244 0x17170017, 0x2b2b002b, 0x04040004, 0x7e7e007e, 245 0xbaba00ba, 0x77770077, 0xd6d600d6, 0x26260026, 246 0xe1e100e1, 0x69690069, 0x14140014, 0x63630063, 247 0x55550055, 0x21210021, 0x0c0c000c, 0x7d7d007d 248 }; 249 250 static const u32 x2[256] = { 251 0x30303000, 0x68686800, 0x99999900, 0x1b1b1b00, 252 0x87878700, 0xb9b9b900, 0x21212100, 0x78787800, 253 0x50505000, 0x39393900, 0xdbdbdb00, 0xe1e1e100, 254 0x72727200, 0x09090900, 0x62626200, 0x3c3c3c00, 255 0x3e3e3e00, 0x7e7e7e00, 0x5e5e5e00, 0x8e8e8e00, 256 0xf1f1f100, 0xa0a0a000, 0xcccccc00, 0xa3a3a300, 257 0x2a2a2a00, 0x1d1d1d00, 0xfbfbfb00, 0xb6b6b600, 258 0xd6d6d600, 0x20202000, 0xc4c4c400, 0x8d8d8d00, 259 0x81818100, 0x65656500, 0xf5f5f500, 0x89898900, 260 0xcbcbcb00, 0x9d9d9d00, 0x77777700, 0xc6c6c600, 261 0x57575700, 0x43434300, 0x56565600, 0x17171700, 262 0xd4d4d400, 0x40404000, 0x1a1a1a00, 0x4d4d4d00, 263 0xc0c0c000, 0x63636300, 0x6c6c6c00, 0xe3e3e300, 264 0xb7b7b700, 0xc8c8c800, 0x64646400, 0x6a6a6a00, 265 0x53535300, 0xaaaaaa00, 0x38383800, 0x98989800, 266 0x0c0c0c00, 0xf4f4f400, 0x9b9b9b00, 0xededed00, 267 0x7f7f7f00, 0x22222200, 0x76767600, 0xafafaf00, 268 0xdddddd00, 0x3a3a3a00, 0x0b0b0b00, 0x58585800, 269 0x67676700, 0x88888800, 0x06060600, 0xc3c3c300, 270 0x35353500, 0x0d0d0d00, 0x01010100, 0x8b8b8b00, 271 0x8c8c8c00, 0xc2c2c200, 0xe6e6e600, 0x5f5f5f00, 272 0x02020200, 0x24242400, 0x75757500, 0x93939300, 273 0x66666600, 0x1e1e1e00, 0xe5e5e500, 0xe2e2e200, 274 0x54545400, 0xd8d8d800, 0x10101000, 0xcecece00, 275 0x7a7a7a00, 0xe8e8e800, 0x08080800, 0x2c2c2c00, 276 0x12121200, 0x97979700, 0x32323200, 0xababab00, 277 0xb4b4b400, 0x27272700, 0x0a0a0a00, 0x23232300, 278 0xdfdfdf00, 0xefefef00, 0xcacaca00, 0xd9d9d900, 279 0xb8b8b800, 0xfafafa00, 0xdcdcdc00, 0x31313100, 280 0x6b6b6b00, 0xd1d1d100, 0xadadad00, 0x19191900, 281 0x49494900, 0xbdbdbd00, 0x51515100, 0x96969600, 282 0xeeeeee00, 0xe4e4e400, 0xa8a8a800, 0x41414100, 283 0xdadada00, 0xffffff00, 0xcdcdcd00, 0x55555500, 284 0x86868600, 0x36363600, 0xbebebe00, 0x61616100, 285 0x52525200, 0xf8f8f800, 0xbbbbbb00, 0x0e0e0e00, 286 0x82828200, 0x48484800, 0x69696900, 0x9a9a9a00, 287 0xe0e0e000, 0x47474700, 0x9e9e9e00, 0x5c5c5c00, 288 0x04040400, 0x4b4b4b00, 0x34343400, 0x15151500, 289 0x79797900, 0x26262600, 0xa7a7a700, 0xdedede00, 290 0x29292900, 0xaeaeae00, 0x92929200, 0xd7d7d700, 291 0x84848400, 0xe9e9e900, 0xd2d2d200, 0xbababa00, 292 0x5d5d5d00, 0xf3f3f300, 0xc5c5c500, 0xb0b0b000, 293 0xbfbfbf00, 0xa4a4a400, 0x3b3b3b00, 0x71717100, 294 0x44444400, 0x46464600, 0x2b2b2b00, 0xfcfcfc00, 295 0xebebeb00, 0x6f6f6f00, 0xd5d5d500, 0xf6f6f600, 296 0x14141400, 0xfefefe00, 0x7c7c7c00, 0x70707000, 297 0x5a5a5a00, 0x7d7d7d00, 0xfdfdfd00, 0x2f2f2f00, 298 0x18181800, 0x83838300, 0x16161600, 0xa5a5a500, 299 0x91919100, 0x1f1f1f00, 0x05050500, 0x95959500, 300 0x74747400, 0xa9a9a900, 0xc1c1c100, 0x5b5b5b00, 301 0x4a4a4a00, 0x85858500, 0x6d6d6d00, 0x13131300, 302 0x07070700, 0x4f4f4f00, 0x4e4e4e00, 0x45454500, 303 0xb2b2b200, 0x0f0f0f00, 0xc9c9c900, 0x1c1c1c00, 304 0xa6a6a600, 0xbcbcbc00, 0xececec00, 0x73737300, 305 0x90909000, 0x7b7b7b00, 0xcfcfcf00, 0x59595900, 306 0x8f8f8f00, 0xa1a1a100, 0xf9f9f900, 0x2d2d2d00, 307 0xf2f2f200, 0xb1b1b100, 0x00000000, 0x94949400, 308 0x37373700, 0x9f9f9f00, 0xd0d0d000, 0x2e2e2e00, 309 0x9c9c9c00, 0x6e6e6e00, 0x28282800, 0x3f3f3f00, 310 0x80808000, 0xf0f0f000, 0x3d3d3d00, 0xd3d3d300, 311 0x25252500, 0x8a8a8a00, 0xb5b5b500, 0xe7e7e700, 312 0x42424200, 0xb3b3b300, 0xc7c7c700, 0xeaeaea00, 313 0xf7f7f700, 0x4c4c4c00, 0x11111100, 0x33333300, 314 0x03030300, 0xa2a2a200, 0xacacac00, 0x60606000 315 }; 316 317 static inline u32 rotl32(u32 v, u32 r) 318 { 319 return ((v << r) | (v >> (32 - r))); 320 } 321 322 static inline u32 rotr32(u32 v, u32 r) 323 { 324 return ((v >> r) | (v << (32 - r))); 325 } 326 327 static inline u32 bswap32(u32 v) 328 { 329 return ((v << 24) ^ 330 (v >> 24) ^ 331 ((v & 0x0000ff00) << 8) ^ 332 ((v & 0x00ff0000) >> 8)); 333 } 334 335 static inline u8 get_u8(u32 x, u32 y) 336 { 337 return (x >> ((3 - y) * 8)); 338 } 339 340 static inline u32 make_u32(u8 v0, u8 v1, u8 v2, u8 v3) 341 { 342 return ((u32)v0 << 24) | ((u32)v1 << 16) | ((u32)v2 << 8) | ((u32)v3); 343 } 344 345 static inline u32 aria_m(u32 t0) 346 { 347 return rotr32(t0, 8) ^ rotr32(t0 ^ rotr32(t0, 8), 16); 348 } 349 350 /* S-Box Layer 1 + M */ 351 static inline void aria_sbox_layer1_with_pre_diff(u32 *t0, u32 *t1, u32 *t2, 352 u32 *t3) 353 { 354 *t0 = s1[get_u8(*t0, 0)] ^ 355 s2[get_u8(*t0, 1)] ^ 356 x1[get_u8(*t0, 2)] ^ 357 x2[get_u8(*t0, 3)]; 358 *t1 = s1[get_u8(*t1, 0)] ^ 359 s2[get_u8(*t1, 1)] ^ 360 x1[get_u8(*t1, 2)] ^ 361 x2[get_u8(*t1, 3)]; 362 *t2 = s1[get_u8(*t2, 0)] ^ 363 s2[get_u8(*t2, 1)] ^ 364 x1[get_u8(*t2, 2)] ^ 365 x2[get_u8(*t2, 3)]; 366 *t3 = s1[get_u8(*t3, 0)] ^ 367 s2[get_u8(*t3, 1)] ^ 368 x1[get_u8(*t3, 2)] ^ 369 x2[get_u8(*t3, 3)]; 370 } 371 372 /* S-Box Layer 2 + M */ 373 static inline void aria_sbox_layer2_with_pre_diff(u32 *t0, u32 *t1, u32 *t2, 374 u32 *t3) 375 { 376 *t0 = x1[get_u8(*t0, 0)] ^ 377 x2[get_u8(*t0, 1)] ^ 378 s1[get_u8(*t0, 2)] ^ 379 s2[get_u8(*t0, 3)]; 380 *t1 = x1[get_u8(*t1, 0)] ^ 381 x2[get_u8(*t1, 1)] ^ 382 s1[get_u8(*t1, 2)] ^ 383 s2[get_u8(*t1, 3)]; 384 *t2 = x1[get_u8(*t2, 0)] ^ 385 x2[get_u8(*t2, 1)] ^ 386 s1[get_u8(*t2, 2)] ^ 387 s2[get_u8(*t2, 3)]; 388 *t3 = x1[get_u8(*t3, 0)] ^ 389 x2[get_u8(*t3, 1)] ^ 390 s1[get_u8(*t3, 2)] ^ 391 s2[get_u8(*t3, 3)]; 392 } 393 394 /* Word-level diffusion */ 395 static inline void aria_diff_word(u32 *t0, u32 *t1, u32 *t2, u32 *t3) 396 { 397 *t1 ^= *t2; 398 *t2 ^= *t3; 399 *t0 ^= *t1; 400 401 *t3 ^= *t1; 402 *t2 ^= *t0; 403 *t1 ^= *t2; 404 } 405 406 /* Byte-level diffusion */ 407 static inline void aria_diff_byte(u32 *t1, u32 *t2, u32 *t3) 408 { 409 *t1 = ((*t1 << 8) & 0xff00ff00) ^ ((*t1 >> 8) & 0x00ff00ff); 410 *t2 = rotr32(*t2, 16); 411 *t3 = bswap32(*t3); 412 } 413 414 /* Key XOR Layer */ 415 static inline void aria_add_round_key(u32 *rk, u32 *t0, u32 *t1, u32 *t2, 416 u32 *t3) 417 { 418 *t0 ^= rk[0]; 419 *t1 ^= rk[1]; 420 *t2 ^= rk[2]; 421 *t3 ^= rk[3]; 422 } 423 /* Odd round Substitution & Diffusion */ 424 static inline void aria_subst_diff_odd(u32 *t0, u32 *t1, u32 *t2, u32 *t3) 425 { 426 aria_sbox_layer1_with_pre_diff(t0, t1, t2, t3); 427 aria_diff_word(t0, t1, t2, t3); 428 aria_diff_byte(t1, t2, t3); 429 aria_diff_word(t0, t1, t2, t3); 430 } 431 432 /* Even round Substitution & Diffusion */ 433 static inline void aria_subst_diff_even(u32 *t0, u32 *t1, u32 *t2, u32 *t3) 434 { 435 aria_sbox_layer2_with_pre_diff(t0, t1, t2, t3); 436 aria_diff_word(t0, t1, t2, t3); 437 aria_diff_byte(t3, t0, t1); 438 aria_diff_word(t0, t1, t2, t3); 439 } 440 441 /* Q, R Macro expanded ARIA GSRK */ 442 static inline void aria_gsrk(u32 *rk, u32 *x, u32 *y, u32 n) 443 { 444 int q = 4 - (n / 32); 445 int r = n % 32; 446 447 rk[0] = (x[0]) ^ 448 ((y[q % 4]) >> r) ^ 449 ((y[(q + 3) % 4]) << (32 - r)); 450 rk[1] = (x[1]) ^ 451 ((y[(q + 1) % 4]) >> r) ^ 452 ((y[q % 4]) << (32 - r)); 453 rk[2] = (x[2]) ^ 454 ((y[(q + 2) % 4]) >> r) ^ 455 ((y[(q + 1) % 4]) << (32 - r)); 456 rk[3] = (x[3]) ^ 457 ((y[(q + 3) % 4]) >> r) ^ 458 ((y[(q + 2) % 4]) << (32 - r)); 459 } 460 461 #endif 462