xref: /kernel/linux/linux-6.6/arch/x86/crypto/camellia_glue.c

797 static void camellia_setup_tail(u64 *subkey, u64 *subRL, int max)
804 	subRL[3] ^= subRL[1];
806 	subRL[5] ^= subRL[1];
808 	subRL[7] ^= subRL[1];
810 	subRL[1] ^= (subRL[1] & ~subRL[9]) << 32;
812 	dw = (subRL[1] & subRL[9]) >> 32;
813 	subRL[1] ^= rol32(dw, 1);
816 	subRL[11] ^= subRL[1];
818 	subRL[13] ^= subRL[1];
820 	subRL[15] ^= subRL[1];
822 	subRL[1] ^= (subRL[1] & ~subRL[17]) << 32;
824 	dw = (subRL[1] & subRL[17]) >> 32;
825 	subRL[1] ^= rol32(dw, 1);
828 	subRL[19] ^= subRL[1];
830 	subRL[21] ^= subRL[1];
832 	subRL[23] ^= subRL[1];
836 		subRL[24] ^= subRL[1];
839 		kw4 = subRL[25];
841 		subRL[1] ^= (subRL[1] & ~subRL[25]) << 32;
843 		dw = (subRL[1] & subRL[25]) >> 32;
844 		subRL[1] ^= rol32(dw, 1);
847 		subRL[27] ^= subRL[1];
849 		subRL[29] ^= subRL[1];
851 		subRL[31] ^= subRL[1];
853 		subRL[32] ^= subRL[1];
856 		kw4 = subRL[33];
858 		subRL[30] ^= kw4;
860 		subRL[28] ^= kw4;
862 		subRL[26] ^= kw4;
864 		kw4 ^= (kw4 & ~subRL[24]) << 32;
866 		dw = (kw4 & subRL[24]) >> 32;
871 	subRL[22] ^= kw4;
873 	subRL[20] ^= kw4;
875 	subRL[18] ^= kw4;
877 	kw4 ^= (kw4 & ~subRL[16]) << 32;
879 	dw = (kw4 & subRL[16]) >> 32;
883 	subRL[14] ^= kw4;
885 	subRL[12] ^= kw4;
887 	subRL[10] ^= kw4;
889 	kw4 ^= (kw4 & ~subRL[8]) << 32;
891 	dw = (kw4 & subRL[8]) >> 32;
895 	subRL[6] ^= kw4;
897 	subRL[4] ^= kw4;
899 	subRL[2] ^= kw4;
901 	subRL[0] ^= kw4;
904 	SET_SUBKEY_LR(0, subRL[0] ^ subRL[2]);			/* kw1 */
905 	SET_SUBKEY_LR(2, subRL[3]);				/* round 1 */
906 	SET_SUBKEY_LR(3, subRL[2] ^ subRL[4]);			/* round 2 */
907 	SET_SUBKEY_LR(4, subRL[3] ^ subRL[5]);			/* round 3 */
908 	SET_SUBKEY_LR(5, subRL[4] ^ subRL[6]);			/* round 4 */
909 	SET_SUBKEY_LR(6, subRL[5] ^ subRL[7]);			/* round 5 */
911 	tl = (subRL[10] >> 32) ^ (subRL[10] & ~subRL[8]);
912 	dw = tl & (subRL[8] >> 32);				/* FL(kl1) */
913 	tr = subRL[10] ^ rol32(dw, 1);
916 	SET_SUBKEY_LR(7, subRL[6] ^ tt);			/* round 6 */
917 	SET_SUBKEY_LR(8, subRL[8]);				/* FL(kl1) */
918 	SET_SUBKEY_LR(9, subRL[9]);				/* FLinv(kl2) */
920 	tl = (subRL[7] >> 32) ^ (subRL[7] & ~subRL[9]);
921 	dw = tl & (subRL[9] >> 32);				/* FLinv(kl2) */
922 	tr = subRL[7] ^ rol32(dw, 1);
925 	SET_SUBKEY_LR(10, subRL[11] ^ tt);			/* round 7 */
926 	SET_SUBKEY_LR(11, subRL[10] ^ subRL[12]);		/* round 8 */
927 	SET_SUBKEY_LR(12, subRL[11] ^ subRL[13]);		/* round 9 */
928 	SET_SUBKEY_LR(13, subRL[12] ^ subRL[14]);		/* round 10 */
929 	SET_SUBKEY_LR(14, subRL[13] ^ subRL[15]);		/* round 11 */
931 	tl = (subRL[18] >> 32) ^ (subRL[18] & ~subRL[16]);
932 	dw = tl & (subRL[16] >> 32);				/* FL(kl3) */
933 	tr = subRL[18] ^ rol32(dw, 1);
936 	SET_SUBKEY_LR(15, subRL[14] ^ tt);			/* round 12 */
937 	SET_SUBKEY_LR(16, subRL[16]);				/* FL(kl3) */
938 	SET_SUBKEY_LR(17, subRL[17]);				/* FLinv(kl4) */
940 	tl = (subRL[15] >> 32) ^ (subRL[15] & ~subRL[17]);
941 	dw = tl & (subRL[17] >> 32);				/* FLinv(kl4) */
942 	tr = subRL[15] ^ rol32(dw, 1);
945 	SET_SUBKEY_LR(18, subRL[19] ^ tt);			/* round 13 */
946 	SET_SUBKEY_LR(19, subRL[18] ^ subRL[20]);		/* round 14 */
947 	SET_SUBKEY_LR(20, subRL[19] ^ subRL[21]);		/* round 15 */
948 	SET_SUBKEY_LR(21, subRL[20] ^ subRL[22]);		/* round 16 */
949 	SET_SUBKEY_LR(22, subRL[21] ^ subRL[23]);		/* round 17 */
952 		SET_SUBKEY_LR(23, subRL[22]);			/* round 18 */
953 		SET_SUBKEY_LR(24, subRL[24] ^ subRL[23]);	/* kw3 */
955 		tl = (subRL[26] >> 32) ^ (subRL[26] & ~subRL[24]);
956 		dw = tl & (subRL[24] >> 32);			/* FL(kl5) */
957 		tr = subRL[26] ^ rol32(dw, 1);
960 		SET_SUBKEY_LR(23, subRL[22] ^ tt);		/* round 18 */
961 		SET_SUBKEY_LR(24, subRL[24]);			/* FL(kl5) */
962 		SET_SUBKEY_LR(25, subRL[25]);			/* FLinv(kl6) */
964 		tl = (subRL[23] >> 32) ^ (subRL[23] & ~subRL[25]);
965 		dw = tl & (subRL[25] >> 32);			/* FLinv(kl6) */
966 		tr = subRL[23] ^ rol32(dw, 1);
969 		SET_SUBKEY_LR(26, subRL[27] ^ tt);		/* round 19 */
970 		SET_SUBKEY_LR(27, subRL[26] ^ subRL[28]);	/* round 20 */
971 		SET_SUBKEY_LR(28, subRL[27] ^ subRL[29]);	/* round 21 */
972 		SET_SUBKEY_LR(29, subRL[28] ^ subRL[30]);	/* round 22 */
973 		SET_SUBKEY_LR(30, subRL[29] ^ subRL[31]);	/* round 23 */
974 		SET_SUBKEY_LR(31, subRL[30]);			/* round 24 */
975 		SET_SUBKEY_LR(32, subRL[32] ^ subRL[31]);	/* kw3 */
982 	u64 subRL[26];
992 	subRL[0] = kl;
994 	subRL[1] = kr;
1000 	subRL[4] = kl;
1002 	subRL[5] = kr;
1008 	subRL[10] = kl;
1010 	subRL[11] = kr;
1016 	subRL[13] = kr;
1021 	subRL[16] = kl;
1023 	subRL[17] = kr;
1029 	subRL[18] = kl;
1031 	subRL[19] = kr;
1037 	subRL[22] = kl;
1039 	subRL[23] = kr;
1042 	kl = subRL[0];
1043 	kr = subRL[1];
1056 	subRL[2] = kl;
1057 	subRL[3] = kr;
1060 	subRL[6] = kl;
1061 	subRL[7] = kr;
1064 	subRL[8] = kl;
1065 	subRL[9] = kr;
1068 	subRL[12] = kl;
1071 	subRL[14] = kl;
1072 	subRL[15] = kr;
1075 	subRL[20] = kl;
1076 	subRL[21] = kr;
1079 	subRL[24] = kl;
1080 	subRL[25] = kr;
1082 	camellia_setup_tail(subkey, subRL, 24);
1090 	u64 subRL[34];
1102 	subRL[0] = kl;
1104 	subRL[1] = kr;
1107 	subRL[12] = kl;
1109 	subRL[13] = kr;
1112 	subRL[16] = kl;
1114 	subRL[17] = kr;
1117 	subRL[22] = kl;
1119 	subRL[23] = kr;
1122 	subRL[30] = kl;
1124 	subRL[31] = kr;
1129 	subRL[4] = krl;
1131 	subRL[5] = krr;
1134 	subRL[8] = krl;
1136 	subRL[9] = krr;
1139 	subRL[18] = krl;
1141 	subRL[19] = krr;
1144 	subRL[26] = krl;
1146 	subRL[27] = krr;
1150 	kl = subRL[0] ^ krl;
1151 	kr = subRL[1] ^ krr;
1173 	subRL[6] = kl;
1175 	subRL[7] = kr;
1178 	subRL[14] = kl;
1180 	subRL[15] = kr;
1184 	subRL[24] = kl;
1186 	subRL[25] = kr;
1190 	subRL[28] = kl;
1192 	subRL[29] = kr;
1196 	subRL[2] = krl;
1198 	subRL[3] = krr;
1201 	subRL[10] = krl;
1203 	subRL[11] = krr;
1206 	subRL[20] = krl;
1208 	subRL[21] = krr;
1211 	subRL[32] = krl;
1213 	subRL[33] = krr;
1215 	camellia_setup_tail(subkey, subRL, 32);

Indexes created Thu Nov 07 10:32:03 CST 2024