xref: /openbmc/linux/include/crypto/aria.h (revision 7ae9fb1b7ecbb5d85d07857943f677fd1a559b18)
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  * Cryptographic API.
4  *
5  * ARIA Cipher Algorithm.
6  *
7  * Documentation of ARIA can be found in RFC 5794.
8  * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com>
9  * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com>
10  *
11  * Information for ARIA
12  *     http://210.104.33.10/ARIA/index-e.html (English)
13  *     http://seed.kisa.or.kr/ (Korean)
14  *
15  * Public domain version is distributed above.
16  */
17 
18 #ifndef _CRYPTO_ARIA_H
19 #define _CRYPTO_ARIA_H
20 
21 #include <crypto/algapi.h>
22 #include <linux/module.h>
23 #include <linux/init.h>
24 #include <linux/types.h>
25 #include <linux/errno.h>
26 #include <asm/byteorder.h>
27 
28 #define ARIA_MIN_KEY_SIZE	16
29 #define ARIA_MAX_KEY_SIZE	32
30 #define ARIA_BLOCK_SIZE		16
31 #define ARIA_MAX_RD_KEYS	17
32 #define ARIA_RD_KEY_WORDS	(ARIA_BLOCK_SIZE / sizeof(u32))
33 
34 struct aria_ctx {
35 	u32 enc_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS];
36 	u32 dec_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS];
37 	int rounds;
38 	int key_length;
39 };
40 
41 static const u32 s1[256] = {
42 	0x00636363, 0x007c7c7c, 0x00777777, 0x007b7b7b,
43 	0x00f2f2f2, 0x006b6b6b, 0x006f6f6f, 0x00c5c5c5,
44 	0x00303030, 0x00010101, 0x00676767, 0x002b2b2b,
45 	0x00fefefe, 0x00d7d7d7, 0x00ababab, 0x00767676,
46 	0x00cacaca, 0x00828282, 0x00c9c9c9, 0x007d7d7d,
47 	0x00fafafa, 0x00595959, 0x00474747, 0x00f0f0f0,
48 	0x00adadad, 0x00d4d4d4, 0x00a2a2a2, 0x00afafaf,
49 	0x009c9c9c, 0x00a4a4a4, 0x00727272, 0x00c0c0c0,
50 	0x00b7b7b7, 0x00fdfdfd, 0x00939393, 0x00262626,
51 	0x00363636, 0x003f3f3f, 0x00f7f7f7, 0x00cccccc,
52 	0x00343434, 0x00a5a5a5, 0x00e5e5e5, 0x00f1f1f1,
53 	0x00717171, 0x00d8d8d8, 0x00313131, 0x00151515,
54 	0x00040404, 0x00c7c7c7, 0x00232323, 0x00c3c3c3,
55 	0x00181818, 0x00969696, 0x00050505, 0x009a9a9a,
56 	0x00070707, 0x00121212, 0x00808080, 0x00e2e2e2,
57 	0x00ebebeb, 0x00272727, 0x00b2b2b2, 0x00757575,
58 	0x00090909, 0x00838383, 0x002c2c2c, 0x001a1a1a,
59 	0x001b1b1b, 0x006e6e6e, 0x005a5a5a, 0x00a0a0a0,
60 	0x00525252, 0x003b3b3b, 0x00d6d6d6, 0x00b3b3b3,
61 	0x00292929, 0x00e3e3e3, 0x002f2f2f, 0x00848484,
62 	0x00535353, 0x00d1d1d1, 0x00000000, 0x00ededed,
63 	0x00202020, 0x00fcfcfc, 0x00b1b1b1, 0x005b5b5b,
64 	0x006a6a6a, 0x00cbcbcb, 0x00bebebe, 0x00393939,
65 	0x004a4a4a, 0x004c4c4c, 0x00585858, 0x00cfcfcf,
66 	0x00d0d0d0, 0x00efefef, 0x00aaaaaa, 0x00fbfbfb,
67 	0x00434343, 0x004d4d4d, 0x00333333, 0x00858585,
68 	0x00454545, 0x00f9f9f9, 0x00020202, 0x007f7f7f,
69 	0x00505050, 0x003c3c3c, 0x009f9f9f, 0x00a8a8a8,
70 	0x00515151, 0x00a3a3a3, 0x00404040, 0x008f8f8f,
71 	0x00929292, 0x009d9d9d, 0x00383838, 0x00f5f5f5,
72 	0x00bcbcbc, 0x00b6b6b6, 0x00dadada, 0x00212121,
73 	0x00101010, 0x00ffffff, 0x00f3f3f3, 0x00d2d2d2,
74 	0x00cdcdcd, 0x000c0c0c, 0x00131313, 0x00ececec,
75 	0x005f5f5f, 0x00979797, 0x00444444, 0x00171717,
76 	0x00c4c4c4, 0x00a7a7a7, 0x007e7e7e, 0x003d3d3d,
77 	0x00646464, 0x005d5d5d, 0x00191919, 0x00737373,
78 	0x00606060, 0x00818181, 0x004f4f4f, 0x00dcdcdc,
79 	0x00222222, 0x002a2a2a, 0x00909090, 0x00888888,
80 	0x00464646, 0x00eeeeee, 0x00b8b8b8, 0x00141414,
81 	0x00dedede, 0x005e5e5e, 0x000b0b0b, 0x00dbdbdb,
82 	0x00e0e0e0, 0x00323232, 0x003a3a3a, 0x000a0a0a,
83 	0x00494949, 0x00060606, 0x00242424, 0x005c5c5c,
84 	0x00c2c2c2, 0x00d3d3d3, 0x00acacac, 0x00626262,
85 	0x00919191, 0x00959595, 0x00e4e4e4, 0x00797979,
86 	0x00e7e7e7, 0x00c8c8c8, 0x00373737, 0x006d6d6d,
87 	0x008d8d8d, 0x00d5d5d5, 0x004e4e4e, 0x00a9a9a9,
88 	0x006c6c6c, 0x00565656, 0x00f4f4f4, 0x00eaeaea,
89 	0x00656565, 0x007a7a7a, 0x00aeaeae, 0x00080808,
90 	0x00bababa, 0x00787878, 0x00252525, 0x002e2e2e,
91 	0x001c1c1c, 0x00a6a6a6, 0x00b4b4b4, 0x00c6c6c6,
92 	0x00e8e8e8, 0x00dddddd, 0x00747474, 0x001f1f1f,
93 	0x004b4b4b, 0x00bdbdbd, 0x008b8b8b, 0x008a8a8a,
94 	0x00707070, 0x003e3e3e, 0x00b5b5b5, 0x00666666,
95 	0x00484848, 0x00030303, 0x00f6f6f6, 0x000e0e0e,
96 	0x00616161, 0x00353535, 0x00575757, 0x00b9b9b9,
97 	0x00868686, 0x00c1c1c1, 0x001d1d1d, 0x009e9e9e,
98 	0x00e1e1e1, 0x00f8f8f8, 0x00989898, 0x00111111,
99 	0x00696969, 0x00d9d9d9, 0x008e8e8e, 0x00949494,
100 	0x009b9b9b, 0x001e1e1e, 0x00878787, 0x00e9e9e9,
101 	0x00cecece, 0x00555555, 0x00282828, 0x00dfdfdf,
102 	0x008c8c8c, 0x00a1a1a1, 0x00898989, 0x000d0d0d,
103 	0x00bfbfbf, 0x00e6e6e6, 0x00424242, 0x00686868,
104 	0x00414141, 0x00999999, 0x002d2d2d, 0x000f0f0f,
105 	0x00b0b0b0, 0x00545454, 0x00bbbbbb, 0x00161616
106 };
107 
108 static const u32 s2[256] = {
109 	0xe200e2e2, 0x4e004e4e, 0x54005454, 0xfc00fcfc,
110 	0x94009494, 0xc200c2c2, 0x4a004a4a, 0xcc00cccc,
111 	0x62006262, 0x0d000d0d, 0x6a006a6a, 0x46004646,
112 	0x3c003c3c, 0x4d004d4d, 0x8b008b8b, 0xd100d1d1,
113 	0x5e005e5e, 0xfa00fafa, 0x64006464, 0xcb00cbcb,
114 	0xb400b4b4, 0x97009797, 0xbe00bebe, 0x2b002b2b,
115 	0xbc00bcbc, 0x77007777, 0x2e002e2e, 0x03000303,
116 	0xd300d3d3, 0x19001919, 0x59005959, 0xc100c1c1,
117 	0x1d001d1d, 0x06000606, 0x41004141, 0x6b006b6b,
118 	0x55005555, 0xf000f0f0, 0x99009999, 0x69006969,
119 	0xea00eaea, 0x9c009c9c, 0x18001818, 0xae00aeae,
120 	0x63006363, 0xdf00dfdf, 0xe700e7e7, 0xbb00bbbb,
121 	0x00000000, 0x73007373, 0x66006666, 0xfb00fbfb,
122 	0x96009696, 0x4c004c4c, 0x85008585, 0xe400e4e4,
123 	0x3a003a3a, 0x09000909, 0x45004545, 0xaa00aaaa,
124 	0x0f000f0f, 0xee00eeee, 0x10001010, 0xeb00ebeb,
125 	0x2d002d2d, 0x7f007f7f, 0xf400f4f4, 0x29002929,
126 	0xac00acac, 0xcf00cfcf, 0xad00adad, 0x91009191,
127 	0x8d008d8d, 0x78007878, 0xc800c8c8, 0x95009595,
128 	0xf900f9f9, 0x2f002f2f, 0xce00cece, 0xcd00cdcd,
129 	0x08000808, 0x7a007a7a, 0x88008888, 0x38003838,
130 	0x5c005c5c, 0x83008383, 0x2a002a2a, 0x28002828,
131 	0x47004747, 0xdb00dbdb, 0xb800b8b8, 0xc700c7c7,
132 	0x93009393, 0xa400a4a4, 0x12001212, 0x53005353,
133 	0xff00ffff, 0x87008787, 0x0e000e0e, 0x31003131,
134 	0x36003636, 0x21002121, 0x58005858, 0x48004848,
135 	0x01000101, 0x8e008e8e, 0x37003737, 0x74007474,
136 	0x32003232, 0xca00caca, 0xe900e9e9, 0xb100b1b1,
137 	0xb700b7b7, 0xab00abab, 0x0c000c0c, 0xd700d7d7,
138 	0xc400c4c4, 0x56005656, 0x42004242, 0x26002626,
139 	0x07000707, 0x98009898, 0x60006060, 0xd900d9d9,
140 	0xb600b6b6, 0xb900b9b9, 0x11001111, 0x40004040,
141 	0xec00ecec, 0x20002020, 0x8c008c8c, 0xbd00bdbd,
142 	0xa000a0a0, 0xc900c9c9, 0x84008484, 0x04000404,
143 	0x49004949, 0x23002323, 0xf100f1f1, 0x4f004f4f,
144 	0x50005050, 0x1f001f1f, 0x13001313, 0xdc00dcdc,
145 	0xd800d8d8, 0xc000c0c0, 0x9e009e9e, 0x57005757,
146 	0xe300e3e3, 0xc300c3c3, 0x7b007b7b, 0x65006565,
147 	0x3b003b3b, 0x02000202, 0x8f008f8f, 0x3e003e3e,
148 	0xe800e8e8, 0x25002525, 0x92009292, 0xe500e5e5,
149 	0x15001515, 0xdd00dddd, 0xfd00fdfd, 0x17001717,
150 	0xa900a9a9, 0xbf00bfbf, 0xd400d4d4, 0x9a009a9a,
151 	0x7e007e7e, 0xc500c5c5, 0x39003939, 0x67006767,
152 	0xfe00fefe, 0x76007676, 0x9d009d9d, 0x43004343,
153 	0xa700a7a7, 0xe100e1e1, 0xd000d0d0, 0xf500f5f5,
154 	0x68006868, 0xf200f2f2, 0x1b001b1b, 0x34003434,
155 	0x70007070, 0x05000505, 0xa300a3a3, 0x8a008a8a,
156 	0xd500d5d5, 0x79007979, 0x86008686, 0xa800a8a8,
157 	0x30003030, 0xc600c6c6, 0x51005151, 0x4b004b4b,
158 	0x1e001e1e, 0xa600a6a6, 0x27002727, 0xf600f6f6,
159 	0x35003535, 0xd200d2d2, 0x6e006e6e, 0x24002424,
160 	0x16001616, 0x82008282, 0x5f005f5f, 0xda00dada,
161 	0xe600e6e6, 0x75007575, 0xa200a2a2, 0xef00efef,
162 	0x2c002c2c, 0xb200b2b2, 0x1c001c1c, 0x9f009f9f,
163 	0x5d005d5d, 0x6f006f6f, 0x80008080, 0x0a000a0a,
164 	0x72007272, 0x44004444, 0x9b009b9b, 0x6c006c6c,
165 	0x90009090, 0x0b000b0b, 0x5b005b5b, 0x33003333,
166 	0x7d007d7d, 0x5a005a5a, 0x52005252, 0xf300f3f3,
167 	0x61006161, 0xa100a1a1, 0xf700f7f7, 0xb000b0b0,
168 	0xd600d6d6, 0x3f003f3f, 0x7c007c7c, 0x6d006d6d,
169 	0xed00eded, 0x14001414, 0xe000e0e0, 0xa500a5a5,
170 	0x3d003d3d, 0x22002222, 0xb300b3b3, 0xf800f8f8,
171 	0x89008989, 0xde00dede, 0x71007171, 0x1a001a1a,
172 	0xaf00afaf, 0xba00baba, 0xb500b5b5, 0x81008181
173 };
174 
175 static const u32 x1[256] = {
176 	0x52520052, 0x09090009, 0x6a6a006a, 0xd5d500d5,
177 	0x30300030, 0x36360036, 0xa5a500a5, 0x38380038,
178 	0xbfbf00bf, 0x40400040, 0xa3a300a3, 0x9e9e009e,
179 	0x81810081, 0xf3f300f3, 0xd7d700d7, 0xfbfb00fb,
180 	0x7c7c007c, 0xe3e300e3, 0x39390039, 0x82820082,
181 	0x9b9b009b, 0x2f2f002f, 0xffff00ff, 0x87870087,
182 	0x34340034, 0x8e8e008e, 0x43430043, 0x44440044,
183 	0xc4c400c4, 0xdede00de, 0xe9e900e9, 0xcbcb00cb,
184 	0x54540054, 0x7b7b007b, 0x94940094, 0x32320032,
185 	0xa6a600a6, 0xc2c200c2, 0x23230023, 0x3d3d003d,
186 	0xeeee00ee, 0x4c4c004c, 0x95950095, 0x0b0b000b,
187 	0x42420042, 0xfafa00fa, 0xc3c300c3, 0x4e4e004e,
188 	0x08080008, 0x2e2e002e, 0xa1a100a1, 0x66660066,
189 	0x28280028, 0xd9d900d9, 0x24240024, 0xb2b200b2,
190 	0x76760076, 0x5b5b005b, 0xa2a200a2, 0x49490049,
191 	0x6d6d006d, 0x8b8b008b, 0xd1d100d1, 0x25250025,
192 	0x72720072, 0xf8f800f8, 0xf6f600f6, 0x64640064,
193 	0x86860086, 0x68680068, 0x98980098, 0x16160016,
194 	0xd4d400d4, 0xa4a400a4, 0x5c5c005c, 0xcccc00cc,
195 	0x5d5d005d, 0x65650065, 0xb6b600b6, 0x92920092,
196 	0x6c6c006c, 0x70700070, 0x48480048, 0x50500050,
197 	0xfdfd00fd, 0xeded00ed, 0xb9b900b9, 0xdada00da,
198 	0x5e5e005e, 0x15150015, 0x46460046, 0x57570057,
199 	0xa7a700a7, 0x8d8d008d, 0x9d9d009d, 0x84840084,
200 	0x90900090, 0xd8d800d8, 0xabab00ab, 0x00000000,
201 	0x8c8c008c, 0xbcbc00bc, 0xd3d300d3, 0x0a0a000a,
202 	0xf7f700f7, 0xe4e400e4, 0x58580058, 0x05050005,
203 	0xb8b800b8, 0xb3b300b3, 0x45450045, 0x06060006,
204 	0xd0d000d0, 0x2c2c002c, 0x1e1e001e, 0x8f8f008f,
205 	0xcaca00ca, 0x3f3f003f, 0x0f0f000f, 0x02020002,
206 	0xc1c100c1, 0xafaf00af, 0xbdbd00bd, 0x03030003,
207 	0x01010001, 0x13130013, 0x8a8a008a, 0x6b6b006b,
208 	0x3a3a003a, 0x91910091, 0x11110011, 0x41410041,
209 	0x4f4f004f, 0x67670067, 0xdcdc00dc, 0xeaea00ea,
210 	0x97970097, 0xf2f200f2, 0xcfcf00cf, 0xcece00ce,
211 	0xf0f000f0, 0xb4b400b4, 0xe6e600e6, 0x73730073,
212 	0x96960096, 0xacac00ac, 0x74740074, 0x22220022,
213 	0xe7e700e7, 0xadad00ad, 0x35350035, 0x85850085,
214 	0xe2e200e2, 0xf9f900f9, 0x37370037, 0xe8e800e8,
215 	0x1c1c001c, 0x75750075, 0xdfdf00df, 0x6e6e006e,
216 	0x47470047, 0xf1f100f1, 0x1a1a001a, 0x71710071,
217 	0x1d1d001d, 0x29290029, 0xc5c500c5, 0x89890089,
218 	0x6f6f006f, 0xb7b700b7, 0x62620062, 0x0e0e000e,
219 	0xaaaa00aa, 0x18180018, 0xbebe00be, 0x1b1b001b,
220 	0xfcfc00fc, 0x56560056, 0x3e3e003e, 0x4b4b004b,
221 	0xc6c600c6, 0xd2d200d2, 0x79790079, 0x20200020,
222 	0x9a9a009a, 0xdbdb00db, 0xc0c000c0, 0xfefe00fe,
223 	0x78780078, 0xcdcd00cd, 0x5a5a005a, 0xf4f400f4,
224 	0x1f1f001f, 0xdddd00dd, 0xa8a800a8, 0x33330033,
225 	0x88880088, 0x07070007, 0xc7c700c7, 0x31310031,
226 	0xb1b100b1, 0x12120012, 0x10100010, 0x59590059,
227 	0x27270027, 0x80800080, 0xecec00ec, 0x5f5f005f,
228 	0x60600060, 0x51510051, 0x7f7f007f, 0xa9a900a9,
229 	0x19190019, 0xb5b500b5, 0x4a4a004a, 0x0d0d000d,
230 	0x2d2d002d, 0xe5e500e5, 0x7a7a007a, 0x9f9f009f,
231 	0x93930093, 0xc9c900c9, 0x9c9c009c, 0xefef00ef,
232 	0xa0a000a0, 0xe0e000e0, 0x3b3b003b, 0x4d4d004d,
233 	0xaeae00ae, 0x2a2a002a, 0xf5f500f5, 0xb0b000b0,
234 	0xc8c800c8, 0xebeb00eb, 0xbbbb00bb, 0x3c3c003c,
235 	0x83830083, 0x53530053, 0x99990099, 0x61610061,
236 	0x17170017, 0x2b2b002b, 0x04040004, 0x7e7e007e,
237 	0xbaba00ba, 0x77770077, 0xd6d600d6, 0x26260026,
238 	0xe1e100e1, 0x69690069, 0x14140014, 0x63630063,
239 	0x55550055, 0x21210021, 0x0c0c000c, 0x7d7d007d
240 };
241 
242 static const u32 x2[256] = {
243 	0x30303000, 0x68686800, 0x99999900, 0x1b1b1b00,
244 	0x87878700, 0xb9b9b900, 0x21212100, 0x78787800,
245 	0x50505000, 0x39393900, 0xdbdbdb00, 0xe1e1e100,
246 	0x72727200, 0x09090900, 0x62626200, 0x3c3c3c00,
247 	0x3e3e3e00, 0x7e7e7e00, 0x5e5e5e00, 0x8e8e8e00,
248 	0xf1f1f100, 0xa0a0a000, 0xcccccc00, 0xa3a3a300,
249 	0x2a2a2a00, 0x1d1d1d00, 0xfbfbfb00, 0xb6b6b600,
250 	0xd6d6d600, 0x20202000, 0xc4c4c400, 0x8d8d8d00,
251 	0x81818100, 0x65656500, 0xf5f5f500, 0x89898900,
252 	0xcbcbcb00, 0x9d9d9d00, 0x77777700, 0xc6c6c600,
253 	0x57575700, 0x43434300, 0x56565600, 0x17171700,
254 	0xd4d4d400, 0x40404000, 0x1a1a1a00, 0x4d4d4d00,
255 	0xc0c0c000, 0x63636300, 0x6c6c6c00, 0xe3e3e300,
256 	0xb7b7b700, 0xc8c8c800, 0x64646400, 0x6a6a6a00,
257 	0x53535300, 0xaaaaaa00, 0x38383800, 0x98989800,
258 	0x0c0c0c00, 0xf4f4f400, 0x9b9b9b00, 0xededed00,
259 	0x7f7f7f00, 0x22222200, 0x76767600, 0xafafaf00,
260 	0xdddddd00, 0x3a3a3a00, 0x0b0b0b00, 0x58585800,
261 	0x67676700, 0x88888800, 0x06060600, 0xc3c3c300,
262 	0x35353500, 0x0d0d0d00, 0x01010100, 0x8b8b8b00,
263 	0x8c8c8c00, 0xc2c2c200, 0xe6e6e600, 0x5f5f5f00,
264 	0x02020200, 0x24242400, 0x75757500, 0x93939300,
265 	0x66666600, 0x1e1e1e00, 0xe5e5e500, 0xe2e2e200,
266 	0x54545400, 0xd8d8d800, 0x10101000, 0xcecece00,
267 	0x7a7a7a00, 0xe8e8e800, 0x08080800, 0x2c2c2c00,
268 	0x12121200, 0x97979700, 0x32323200, 0xababab00,
269 	0xb4b4b400, 0x27272700, 0x0a0a0a00, 0x23232300,
270 	0xdfdfdf00, 0xefefef00, 0xcacaca00, 0xd9d9d900,
271 	0xb8b8b800, 0xfafafa00, 0xdcdcdc00, 0x31313100,
272 	0x6b6b6b00, 0xd1d1d100, 0xadadad00, 0x19191900,
273 	0x49494900, 0xbdbdbd00, 0x51515100, 0x96969600,
274 	0xeeeeee00, 0xe4e4e400, 0xa8a8a800, 0x41414100,
275 	0xdadada00, 0xffffff00, 0xcdcdcd00, 0x55555500,
276 	0x86868600, 0x36363600, 0xbebebe00, 0x61616100,
277 	0x52525200, 0xf8f8f800, 0xbbbbbb00, 0x0e0e0e00,
278 	0x82828200, 0x48484800, 0x69696900, 0x9a9a9a00,
279 	0xe0e0e000, 0x47474700, 0x9e9e9e00, 0x5c5c5c00,
280 	0x04040400, 0x4b4b4b00, 0x34343400, 0x15151500,
281 	0x79797900, 0x26262600, 0xa7a7a700, 0xdedede00,
282 	0x29292900, 0xaeaeae00, 0x92929200, 0xd7d7d700,
283 	0x84848400, 0xe9e9e900, 0xd2d2d200, 0xbababa00,
284 	0x5d5d5d00, 0xf3f3f300, 0xc5c5c500, 0xb0b0b000,
285 	0xbfbfbf00, 0xa4a4a400, 0x3b3b3b00, 0x71717100,
286 	0x44444400, 0x46464600, 0x2b2b2b00, 0xfcfcfc00,
287 	0xebebeb00, 0x6f6f6f00, 0xd5d5d500, 0xf6f6f600,
288 	0x14141400, 0xfefefe00, 0x7c7c7c00, 0x70707000,
289 	0x5a5a5a00, 0x7d7d7d00, 0xfdfdfd00, 0x2f2f2f00,
290 	0x18181800, 0x83838300, 0x16161600, 0xa5a5a500,
291 	0x91919100, 0x1f1f1f00, 0x05050500, 0x95959500,
292 	0x74747400, 0xa9a9a900, 0xc1c1c100, 0x5b5b5b00,
293 	0x4a4a4a00, 0x85858500, 0x6d6d6d00, 0x13131300,
294 	0x07070700, 0x4f4f4f00, 0x4e4e4e00, 0x45454500,
295 	0xb2b2b200, 0x0f0f0f00, 0xc9c9c900, 0x1c1c1c00,
296 	0xa6a6a600, 0xbcbcbc00, 0xececec00, 0x73737300,
297 	0x90909000, 0x7b7b7b00, 0xcfcfcf00, 0x59595900,
298 	0x8f8f8f00, 0xa1a1a100, 0xf9f9f900, 0x2d2d2d00,
299 	0xf2f2f200, 0xb1b1b100, 0x00000000, 0x94949400,
300 	0x37373700, 0x9f9f9f00, 0xd0d0d000, 0x2e2e2e00,
301 	0x9c9c9c00, 0x6e6e6e00, 0x28282800, 0x3f3f3f00,
302 	0x80808000, 0xf0f0f000, 0x3d3d3d00, 0xd3d3d300,
303 	0x25252500, 0x8a8a8a00, 0xb5b5b500, 0xe7e7e700,
304 	0x42424200, 0xb3b3b300, 0xc7c7c700, 0xeaeaea00,
305 	0xf7f7f700, 0x4c4c4c00, 0x11111100, 0x33333300,
306 	0x03030300, 0xa2a2a200, 0xacacac00, 0x60606000
307 };
308 
rotl32(u32 v,u32 r)309 static inline u32 rotl32(u32 v, u32 r)
310 {
311 	return ((v << r) | (v >> (32 - r)));
312 }
313 
rotr32(u32 v,u32 r)314 static inline u32 rotr32(u32 v, u32 r)
315 {
316 	return ((v >> r) | (v << (32 - r)));
317 }
318 
bswap32(u32 v)319 static inline u32 bswap32(u32 v)
320 {
321 	return ((v << 24) ^
322 		(v >> 24) ^
323 		((v & 0x0000ff00) << 8) ^
324 		((v & 0x00ff0000) >> 8));
325 }
326 
get_u8(u32 x,u32 y)327 static inline u8 get_u8(u32 x, u32 y)
328 {
329 	return (x >> ((3 - y) * 8));
330 }
331 
make_u32(u8 v0,u8 v1,u8 v2,u8 v3)332 static inline u32 make_u32(u8 v0, u8 v1, u8 v2, u8 v3)
333 {
334 	return ((u32)v0 << 24) | ((u32)v1 << 16) | ((u32)v2 <<  8) | ((u32)v3);
335 }
336 
aria_m(u32 t0)337 static inline u32 aria_m(u32 t0)
338 {
339 	return rotr32(t0, 8) ^ rotr32(t0 ^ rotr32(t0, 8), 16);
340 }
341 
342 /* S-Box Layer 1 + M */
aria_sbox_layer1_with_pre_diff(u32 * t0,u32 * t1,u32 * t2,u32 * t3)343 static inline void aria_sbox_layer1_with_pre_diff(u32 *t0, u32 *t1, u32 *t2,
344 						  u32 *t3)
345 {
346 	*t0 = s1[get_u8(*t0, 0)] ^
347 	      s2[get_u8(*t0, 1)] ^
348 	      x1[get_u8(*t0, 2)] ^
349 	      x2[get_u8(*t0, 3)];
350 	*t1 = s1[get_u8(*t1, 0)] ^
351 	      s2[get_u8(*t1, 1)] ^
352 	      x1[get_u8(*t1, 2)] ^
353 	      x2[get_u8(*t1, 3)];
354 	*t2 = s1[get_u8(*t2, 0)] ^
355 	      s2[get_u8(*t2, 1)] ^
356 	      x1[get_u8(*t2, 2)] ^
357 	      x2[get_u8(*t2, 3)];
358 	*t3 = s1[get_u8(*t3, 0)] ^
359 	      s2[get_u8(*t3, 1)] ^
360 	      x1[get_u8(*t3, 2)] ^
361 	      x2[get_u8(*t3, 3)];
362 }
363 
364 /* S-Box Layer 2 + M */
aria_sbox_layer2_with_pre_diff(u32 * t0,u32 * t1,u32 * t2,u32 * t3)365 static inline void aria_sbox_layer2_with_pre_diff(u32 *t0, u32 *t1, u32 *t2,
366 						  u32 *t3)
367 {
368 	*t0 = x1[get_u8(*t0, 0)] ^
369 	      x2[get_u8(*t0, 1)] ^
370 	      s1[get_u8(*t0, 2)] ^
371 	      s2[get_u8(*t0, 3)];
372 	*t1 = x1[get_u8(*t1, 0)] ^
373 	      x2[get_u8(*t1, 1)] ^
374 	      s1[get_u8(*t1, 2)] ^
375 	      s2[get_u8(*t1, 3)];
376 	*t2 = x1[get_u8(*t2, 0)] ^
377 	      x2[get_u8(*t2, 1)] ^
378 	      s1[get_u8(*t2, 2)] ^
379 	      s2[get_u8(*t2, 3)];
380 	*t3 = x1[get_u8(*t3, 0)] ^
381 	      x2[get_u8(*t3, 1)] ^
382 	      s1[get_u8(*t3, 2)] ^
383 	      s2[get_u8(*t3, 3)];
384 }
385 
386 /* Word-level diffusion */
aria_diff_word(u32 * t0,u32 * t1,u32 * t2,u32 * t3)387 static inline void aria_diff_word(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
388 {
389 	*t1 ^= *t2;
390 	*t2 ^= *t3;
391 	*t0 ^= *t1;
392 
393 	*t3 ^= *t1;
394 	*t2 ^= *t0;
395 	*t1 ^= *t2;
396 }
397 
398 /* Byte-level diffusion */
aria_diff_byte(u32 * t1,u32 * t2,u32 * t3)399 static inline void aria_diff_byte(u32 *t1, u32 *t2, u32 *t3)
400 {
401 	*t1 = ((*t1 << 8) & 0xff00ff00) ^ ((*t1 >> 8) & 0x00ff00ff);
402 	*t2 = rotr32(*t2, 16);
403 	*t3 = bswap32(*t3);
404 }
405 
406 /* Key XOR Layer */
aria_add_round_key(u32 * rk,u32 * t0,u32 * t1,u32 * t2,u32 * t3)407 static inline void aria_add_round_key(u32 *rk, u32 *t0, u32 *t1, u32 *t2,
408 				      u32 *t3)
409 {
410 	*t0 ^= rk[0];
411 	*t1 ^= rk[1];
412 	*t2 ^= rk[2];
413 	*t3 ^= rk[3];
414 }
415 /* Odd round Substitution & Diffusion */
aria_subst_diff_odd(u32 * t0,u32 * t1,u32 * t2,u32 * t3)416 static inline void aria_subst_diff_odd(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
417 {
418 	aria_sbox_layer1_with_pre_diff(t0, t1, t2, t3);
419 	aria_diff_word(t0, t1, t2, t3);
420 	aria_diff_byte(t1, t2, t3);
421 	aria_diff_word(t0, t1, t2, t3);
422 }
423 
424 /* Even round Substitution & Diffusion */
aria_subst_diff_even(u32 * t0,u32 * t1,u32 * t2,u32 * t3)425 static inline void aria_subst_diff_even(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
426 {
427 	aria_sbox_layer2_with_pre_diff(t0, t1, t2, t3);
428 	aria_diff_word(t0, t1, t2, t3);
429 	aria_diff_byte(t3, t0, t1);
430 	aria_diff_word(t0, t1, t2, t3);
431 }
432 
433 /* Q, R Macro expanded ARIA GSRK */
aria_gsrk(u32 * rk,u32 * x,u32 * y,u32 n)434 static inline void aria_gsrk(u32 *rk, u32 *x, u32 *y, u32 n)
435 {
436 	int q = 4 - (n / 32);
437 	int r = n % 32;
438 
439 	rk[0] = (x[0]) ^
440 		((y[q % 4]) >> r) ^
441 		((y[(q + 3) % 4]) << (32 - r));
442 	rk[1] = (x[1]) ^
443 		((y[(q + 1) % 4]) >> r) ^
444 		((y[q % 4]) << (32 - r));
445 	rk[2] = (x[2]) ^
446 		((y[(q + 2) % 4]) >> r) ^
447 		((y[(q + 1) % 4]) << (32 - r));
448 	rk[3] =	(x[3]) ^
449 		((y[(q + 3) % 4]) >> r) ^
450 		((y[(q + 2) % 4]) << (32 - r));
451 }
452 
453 void aria_encrypt(void *ctx, u8 *out, const u8 *in);
454 void aria_decrypt(void *ctx, u8 *out, const u8 *in);
455 int aria_set_key(struct crypto_tfm *tfm, const u8 *in_key,
456 		 unsigned int key_len);
457 
458 #endif
459