xref: /openbmc/linux/include/crypto/aria.h (revision dff03381)
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  * Cryptographic API.
4  *
5  * ARIA Cipher Algorithm.
6  *
7  * Documentation of ARIA can be found in RFC 5794.
8  * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com>
9  * Copyright (c) 2022 Taehee Yoo <ap420073@gmail.com>
10  *
11  * Information for ARIA
12  *     http://210.104.33.10/ARIA/index-e.html (English)
13  *     http://seed.kisa.or.kr/ (Korean)
14  *
15  * Public domain version is distributed above.
16  */
17 
18 #ifndef _CRYPTO_ARIA_H
19 #define _CRYPTO_ARIA_H
20 
21 #include <linux/module.h>
22 #include <linux/init.h>
23 #include <linux/types.h>
24 #include <linux/errno.h>
25 #include <linux/crypto.h>
26 #include <asm/byteorder.h>
27 
28 #define ARIA_MIN_KEY_SIZE	16
29 #define ARIA_MAX_KEY_SIZE	32
30 #define ARIA_BLOCK_SIZE		16
31 #define ARIA_MAX_RD_KEYS	17
32 #define ARIA_RD_KEY_WORDS	(ARIA_BLOCK_SIZE / sizeof(u32))
33 
34 struct aria_ctx {
35 	int key_length;
36 	int rounds;
37 	u32 enc_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS];
38 	u32 dec_key[ARIA_MAX_RD_KEYS][ARIA_RD_KEY_WORDS];
39 };
40 
41 static const u32 key_rc[5][4] = {
42 	{ 0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0 },
43 	{ 0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0 },
44 	{ 0xdb92371d, 0x2126e970, 0x03249775, 0x04e8c90e },
45 	{ 0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0 },
46 	{ 0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0 }
47 };
48 
49 static const u32 s1[256] = {
50 	0x00636363, 0x007c7c7c, 0x00777777, 0x007b7b7b,
51 	0x00f2f2f2, 0x006b6b6b, 0x006f6f6f, 0x00c5c5c5,
52 	0x00303030, 0x00010101, 0x00676767, 0x002b2b2b,
53 	0x00fefefe, 0x00d7d7d7, 0x00ababab, 0x00767676,
54 	0x00cacaca, 0x00828282, 0x00c9c9c9, 0x007d7d7d,
55 	0x00fafafa, 0x00595959, 0x00474747, 0x00f0f0f0,
56 	0x00adadad, 0x00d4d4d4, 0x00a2a2a2, 0x00afafaf,
57 	0x009c9c9c, 0x00a4a4a4, 0x00727272, 0x00c0c0c0,
58 	0x00b7b7b7, 0x00fdfdfd, 0x00939393, 0x00262626,
59 	0x00363636, 0x003f3f3f, 0x00f7f7f7, 0x00cccccc,
60 	0x00343434, 0x00a5a5a5, 0x00e5e5e5, 0x00f1f1f1,
61 	0x00717171, 0x00d8d8d8, 0x00313131, 0x00151515,
62 	0x00040404, 0x00c7c7c7, 0x00232323, 0x00c3c3c3,
63 	0x00181818, 0x00969696, 0x00050505, 0x009a9a9a,
64 	0x00070707, 0x00121212, 0x00808080, 0x00e2e2e2,
65 	0x00ebebeb, 0x00272727, 0x00b2b2b2, 0x00757575,
66 	0x00090909, 0x00838383, 0x002c2c2c, 0x001a1a1a,
67 	0x001b1b1b, 0x006e6e6e, 0x005a5a5a, 0x00a0a0a0,
68 	0x00525252, 0x003b3b3b, 0x00d6d6d6, 0x00b3b3b3,
69 	0x00292929, 0x00e3e3e3, 0x002f2f2f, 0x00848484,
70 	0x00535353, 0x00d1d1d1, 0x00000000, 0x00ededed,
71 	0x00202020, 0x00fcfcfc, 0x00b1b1b1, 0x005b5b5b,
72 	0x006a6a6a, 0x00cbcbcb, 0x00bebebe, 0x00393939,
73 	0x004a4a4a, 0x004c4c4c, 0x00585858, 0x00cfcfcf,
74 	0x00d0d0d0, 0x00efefef, 0x00aaaaaa, 0x00fbfbfb,
75 	0x00434343, 0x004d4d4d, 0x00333333, 0x00858585,
76 	0x00454545, 0x00f9f9f9, 0x00020202, 0x007f7f7f,
77 	0x00505050, 0x003c3c3c, 0x009f9f9f, 0x00a8a8a8,
78 	0x00515151, 0x00a3a3a3, 0x00404040, 0x008f8f8f,
79 	0x00929292, 0x009d9d9d, 0x00383838, 0x00f5f5f5,
80 	0x00bcbcbc, 0x00b6b6b6, 0x00dadada, 0x00212121,
81 	0x00101010, 0x00ffffff, 0x00f3f3f3, 0x00d2d2d2,
82 	0x00cdcdcd, 0x000c0c0c, 0x00131313, 0x00ececec,
83 	0x005f5f5f, 0x00979797, 0x00444444, 0x00171717,
84 	0x00c4c4c4, 0x00a7a7a7, 0x007e7e7e, 0x003d3d3d,
85 	0x00646464, 0x005d5d5d, 0x00191919, 0x00737373,
86 	0x00606060, 0x00818181, 0x004f4f4f, 0x00dcdcdc,
87 	0x00222222, 0x002a2a2a, 0x00909090, 0x00888888,
88 	0x00464646, 0x00eeeeee, 0x00b8b8b8, 0x00141414,
89 	0x00dedede, 0x005e5e5e, 0x000b0b0b, 0x00dbdbdb,
90 	0x00e0e0e0, 0x00323232, 0x003a3a3a, 0x000a0a0a,
91 	0x00494949, 0x00060606, 0x00242424, 0x005c5c5c,
92 	0x00c2c2c2, 0x00d3d3d3, 0x00acacac, 0x00626262,
93 	0x00919191, 0x00959595, 0x00e4e4e4, 0x00797979,
94 	0x00e7e7e7, 0x00c8c8c8, 0x00373737, 0x006d6d6d,
95 	0x008d8d8d, 0x00d5d5d5, 0x004e4e4e, 0x00a9a9a9,
96 	0x006c6c6c, 0x00565656, 0x00f4f4f4, 0x00eaeaea,
97 	0x00656565, 0x007a7a7a, 0x00aeaeae, 0x00080808,
98 	0x00bababa, 0x00787878, 0x00252525, 0x002e2e2e,
99 	0x001c1c1c, 0x00a6a6a6, 0x00b4b4b4, 0x00c6c6c6,
100 	0x00e8e8e8, 0x00dddddd, 0x00747474, 0x001f1f1f,
101 	0x004b4b4b, 0x00bdbdbd, 0x008b8b8b, 0x008a8a8a,
102 	0x00707070, 0x003e3e3e, 0x00b5b5b5, 0x00666666,
103 	0x00484848, 0x00030303, 0x00f6f6f6, 0x000e0e0e,
104 	0x00616161, 0x00353535, 0x00575757, 0x00b9b9b9,
105 	0x00868686, 0x00c1c1c1, 0x001d1d1d, 0x009e9e9e,
106 	0x00e1e1e1, 0x00f8f8f8, 0x00989898, 0x00111111,
107 	0x00696969, 0x00d9d9d9, 0x008e8e8e, 0x00949494,
108 	0x009b9b9b, 0x001e1e1e, 0x00878787, 0x00e9e9e9,
109 	0x00cecece, 0x00555555, 0x00282828, 0x00dfdfdf,
110 	0x008c8c8c, 0x00a1a1a1, 0x00898989, 0x000d0d0d,
111 	0x00bfbfbf, 0x00e6e6e6, 0x00424242, 0x00686868,
112 	0x00414141, 0x00999999, 0x002d2d2d, 0x000f0f0f,
113 	0x00b0b0b0, 0x00545454, 0x00bbbbbb, 0x00161616
114 };
115 
116 static const u32 s2[256] = {
117 	0xe200e2e2, 0x4e004e4e, 0x54005454, 0xfc00fcfc,
118 	0x94009494, 0xc200c2c2, 0x4a004a4a, 0xcc00cccc,
119 	0x62006262, 0x0d000d0d, 0x6a006a6a, 0x46004646,
120 	0x3c003c3c, 0x4d004d4d, 0x8b008b8b, 0xd100d1d1,
121 	0x5e005e5e, 0xfa00fafa, 0x64006464, 0xcb00cbcb,
122 	0xb400b4b4, 0x97009797, 0xbe00bebe, 0x2b002b2b,
123 	0xbc00bcbc, 0x77007777, 0x2e002e2e, 0x03000303,
124 	0xd300d3d3, 0x19001919, 0x59005959, 0xc100c1c1,
125 	0x1d001d1d, 0x06000606, 0x41004141, 0x6b006b6b,
126 	0x55005555, 0xf000f0f0, 0x99009999, 0x69006969,
127 	0xea00eaea, 0x9c009c9c, 0x18001818, 0xae00aeae,
128 	0x63006363, 0xdf00dfdf, 0xe700e7e7, 0xbb00bbbb,
129 	0x00000000, 0x73007373, 0x66006666, 0xfb00fbfb,
130 	0x96009696, 0x4c004c4c, 0x85008585, 0xe400e4e4,
131 	0x3a003a3a, 0x09000909, 0x45004545, 0xaa00aaaa,
132 	0x0f000f0f, 0xee00eeee, 0x10001010, 0xeb00ebeb,
133 	0x2d002d2d, 0x7f007f7f, 0xf400f4f4, 0x29002929,
134 	0xac00acac, 0xcf00cfcf, 0xad00adad, 0x91009191,
135 	0x8d008d8d, 0x78007878, 0xc800c8c8, 0x95009595,
136 	0xf900f9f9, 0x2f002f2f, 0xce00cece, 0xcd00cdcd,
137 	0x08000808, 0x7a007a7a, 0x88008888, 0x38003838,
138 	0x5c005c5c, 0x83008383, 0x2a002a2a, 0x28002828,
139 	0x47004747, 0xdb00dbdb, 0xb800b8b8, 0xc700c7c7,
140 	0x93009393, 0xa400a4a4, 0x12001212, 0x53005353,
141 	0xff00ffff, 0x87008787, 0x0e000e0e, 0x31003131,
142 	0x36003636, 0x21002121, 0x58005858, 0x48004848,
143 	0x01000101, 0x8e008e8e, 0x37003737, 0x74007474,
144 	0x32003232, 0xca00caca, 0xe900e9e9, 0xb100b1b1,
145 	0xb700b7b7, 0xab00abab, 0x0c000c0c, 0xd700d7d7,
146 	0xc400c4c4, 0x56005656, 0x42004242, 0x26002626,
147 	0x07000707, 0x98009898, 0x60006060, 0xd900d9d9,
148 	0xb600b6b6, 0xb900b9b9, 0x11001111, 0x40004040,
149 	0xec00ecec, 0x20002020, 0x8c008c8c, 0xbd00bdbd,
150 	0xa000a0a0, 0xc900c9c9, 0x84008484, 0x04000404,
151 	0x49004949, 0x23002323, 0xf100f1f1, 0x4f004f4f,
152 	0x50005050, 0x1f001f1f, 0x13001313, 0xdc00dcdc,
153 	0xd800d8d8, 0xc000c0c0, 0x9e009e9e, 0x57005757,
154 	0xe300e3e3, 0xc300c3c3, 0x7b007b7b, 0x65006565,
155 	0x3b003b3b, 0x02000202, 0x8f008f8f, 0x3e003e3e,
156 	0xe800e8e8, 0x25002525, 0x92009292, 0xe500e5e5,
157 	0x15001515, 0xdd00dddd, 0xfd00fdfd, 0x17001717,
158 	0xa900a9a9, 0xbf00bfbf, 0xd400d4d4, 0x9a009a9a,
159 	0x7e007e7e, 0xc500c5c5, 0x39003939, 0x67006767,
160 	0xfe00fefe, 0x76007676, 0x9d009d9d, 0x43004343,
161 	0xa700a7a7, 0xe100e1e1, 0xd000d0d0, 0xf500f5f5,
162 	0x68006868, 0xf200f2f2, 0x1b001b1b, 0x34003434,
163 	0x70007070, 0x05000505, 0xa300a3a3, 0x8a008a8a,
164 	0xd500d5d5, 0x79007979, 0x86008686, 0xa800a8a8,
165 	0x30003030, 0xc600c6c6, 0x51005151, 0x4b004b4b,
166 	0x1e001e1e, 0xa600a6a6, 0x27002727, 0xf600f6f6,
167 	0x35003535, 0xd200d2d2, 0x6e006e6e, 0x24002424,
168 	0x16001616, 0x82008282, 0x5f005f5f, 0xda00dada,
169 	0xe600e6e6, 0x75007575, 0xa200a2a2, 0xef00efef,
170 	0x2c002c2c, 0xb200b2b2, 0x1c001c1c, 0x9f009f9f,
171 	0x5d005d5d, 0x6f006f6f, 0x80008080, 0x0a000a0a,
172 	0x72007272, 0x44004444, 0x9b009b9b, 0x6c006c6c,
173 	0x90009090, 0x0b000b0b, 0x5b005b5b, 0x33003333,
174 	0x7d007d7d, 0x5a005a5a, 0x52005252, 0xf300f3f3,
175 	0x61006161, 0xa100a1a1, 0xf700f7f7, 0xb000b0b0,
176 	0xd600d6d6, 0x3f003f3f, 0x7c007c7c, 0x6d006d6d,
177 	0xed00eded, 0x14001414, 0xe000e0e0, 0xa500a5a5,
178 	0x3d003d3d, 0x22002222, 0xb300b3b3, 0xf800f8f8,
179 	0x89008989, 0xde00dede, 0x71007171, 0x1a001a1a,
180 	0xaf00afaf, 0xba00baba, 0xb500b5b5, 0x81008181
181 };
182 
183 static const u32 x1[256] = {
184 	0x52520052, 0x09090009, 0x6a6a006a, 0xd5d500d5,
185 	0x30300030, 0x36360036, 0xa5a500a5, 0x38380038,
186 	0xbfbf00bf, 0x40400040, 0xa3a300a3, 0x9e9e009e,
187 	0x81810081, 0xf3f300f3, 0xd7d700d7, 0xfbfb00fb,
188 	0x7c7c007c, 0xe3e300e3, 0x39390039, 0x82820082,
189 	0x9b9b009b, 0x2f2f002f, 0xffff00ff, 0x87870087,
190 	0x34340034, 0x8e8e008e, 0x43430043, 0x44440044,
191 	0xc4c400c4, 0xdede00de, 0xe9e900e9, 0xcbcb00cb,
192 	0x54540054, 0x7b7b007b, 0x94940094, 0x32320032,
193 	0xa6a600a6, 0xc2c200c2, 0x23230023, 0x3d3d003d,
194 	0xeeee00ee, 0x4c4c004c, 0x95950095, 0x0b0b000b,
195 	0x42420042, 0xfafa00fa, 0xc3c300c3, 0x4e4e004e,
196 	0x08080008, 0x2e2e002e, 0xa1a100a1, 0x66660066,
197 	0x28280028, 0xd9d900d9, 0x24240024, 0xb2b200b2,
198 	0x76760076, 0x5b5b005b, 0xa2a200a2, 0x49490049,
199 	0x6d6d006d, 0x8b8b008b, 0xd1d100d1, 0x25250025,
200 	0x72720072, 0xf8f800f8, 0xf6f600f6, 0x64640064,
201 	0x86860086, 0x68680068, 0x98980098, 0x16160016,
202 	0xd4d400d4, 0xa4a400a4, 0x5c5c005c, 0xcccc00cc,
203 	0x5d5d005d, 0x65650065, 0xb6b600b6, 0x92920092,
204 	0x6c6c006c, 0x70700070, 0x48480048, 0x50500050,
205 	0xfdfd00fd, 0xeded00ed, 0xb9b900b9, 0xdada00da,
206 	0x5e5e005e, 0x15150015, 0x46460046, 0x57570057,
207 	0xa7a700a7, 0x8d8d008d, 0x9d9d009d, 0x84840084,
208 	0x90900090, 0xd8d800d8, 0xabab00ab, 0x00000000,
209 	0x8c8c008c, 0xbcbc00bc, 0xd3d300d3, 0x0a0a000a,
210 	0xf7f700f7, 0xe4e400e4, 0x58580058, 0x05050005,
211 	0xb8b800b8, 0xb3b300b3, 0x45450045, 0x06060006,
212 	0xd0d000d0, 0x2c2c002c, 0x1e1e001e, 0x8f8f008f,
213 	0xcaca00ca, 0x3f3f003f, 0x0f0f000f, 0x02020002,
214 	0xc1c100c1, 0xafaf00af, 0xbdbd00bd, 0x03030003,
215 	0x01010001, 0x13130013, 0x8a8a008a, 0x6b6b006b,
216 	0x3a3a003a, 0x91910091, 0x11110011, 0x41410041,
217 	0x4f4f004f, 0x67670067, 0xdcdc00dc, 0xeaea00ea,
218 	0x97970097, 0xf2f200f2, 0xcfcf00cf, 0xcece00ce,
219 	0xf0f000f0, 0xb4b400b4, 0xe6e600e6, 0x73730073,
220 	0x96960096, 0xacac00ac, 0x74740074, 0x22220022,
221 	0xe7e700e7, 0xadad00ad, 0x35350035, 0x85850085,
222 	0xe2e200e2, 0xf9f900f9, 0x37370037, 0xe8e800e8,
223 	0x1c1c001c, 0x75750075, 0xdfdf00df, 0x6e6e006e,
224 	0x47470047, 0xf1f100f1, 0x1a1a001a, 0x71710071,
225 	0x1d1d001d, 0x29290029, 0xc5c500c5, 0x89890089,
226 	0x6f6f006f, 0xb7b700b7, 0x62620062, 0x0e0e000e,
227 	0xaaaa00aa, 0x18180018, 0xbebe00be, 0x1b1b001b,
228 	0xfcfc00fc, 0x56560056, 0x3e3e003e, 0x4b4b004b,
229 	0xc6c600c6, 0xd2d200d2, 0x79790079, 0x20200020,
230 	0x9a9a009a, 0xdbdb00db, 0xc0c000c0, 0xfefe00fe,
231 	0x78780078, 0xcdcd00cd, 0x5a5a005a, 0xf4f400f4,
232 	0x1f1f001f, 0xdddd00dd, 0xa8a800a8, 0x33330033,
233 	0x88880088, 0x07070007, 0xc7c700c7, 0x31310031,
234 	0xb1b100b1, 0x12120012, 0x10100010, 0x59590059,
235 	0x27270027, 0x80800080, 0xecec00ec, 0x5f5f005f,
236 	0x60600060, 0x51510051, 0x7f7f007f, 0xa9a900a9,
237 	0x19190019, 0xb5b500b5, 0x4a4a004a, 0x0d0d000d,
238 	0x2d2d002d, 0xe5e500e5, 0x7a7a007a, 0x9f9f009f,
239 	0x93930093, 0xc9c900c9, 0x9c9c009c, 0xefef00ef,
240 	0xa0a000a0, 0xe0e000e0, 0x3b3b003b, 0x4d4d004d,
241 	0xaeae00ae, 0x2a2a002a, 0xf5f500f5, 0xb0b000b0,
242 	0xc8c800c8, 0xebeb00eb, 0xbbbb00bb, 0x3c3c003c,
243 	0x83830083, 0x53530053, 0x99990099, 0x61610061,
244 	0x17170017, 0x2b2b002b, 0x04040004, 0x7e7e007e,
245 	0xbaba00ba, 0x77770077, 0xd6d600d6, 0x26260026,
246 	0xe1e100e1, 0x69690069, 0x14140014, 0x63630063,
247 	0x55550055, 0x21210021, 0x0c0c000c, 0x7d7d007d
248 };
249 
250 static const u32 x2[256] = {
251 	0x30303000, 0x68686800, 0x99999900, 0x1b1b1b00,
252 	0x87878700, 0xb9b9b900, 0x21212100, 0x78787800,
253 	0x50505000, 0x39393900, 0xdbdbdb00, 0xe1e1e100,
254 	0x72727200, 0x09090900, 0x62626200, 0x3c3c3c00,
255 	0x3e3e3e00, 0x7e7e7e00, 0x5e5e5e00, 0x8e8e8e00,
256 	0xf1f1f100, 0xa0a0a000, 0xcccccc00, 0xa3a3a300,
257 	0x2a2a2a00, 0x1d1d1d00, 0xfbfbfb00, 0xb6b6b600,
258 	0xd6d6d600, 0x20202000, 0xc4c4c400, 0x8d8d8d00,
259 	0x81818100, 0x65656500, 0xf5f5f500, 0x89898900,
260 	0xcbcbcb00, 0x9d9d9d00, 0x77777700, 0xc6c6c600,
261 	0x57575700, 0x43434300, 0x56565600, 0x17171700,
262 	0xd4d4d400, 0x40404000, 0x1a1a1a00, 0x4d4d4d00,
263 	0xc0c0c000, 0x63636300, 0x6c6c6c00, 0xe3e3e300,
264 	0xb7b7b700, 0xc8c8c800, 0x64646400, 0x6a6a6a00,
265 	0x53535300, 0xaaaaaa00, 0x38383800, 0x98989800,
266 	0x0c0c0c00, 0xf4f4f400, 0x9b9b9b00, 0xededed00,
267 	0x7f7f7f00, 0x22222200, 0x76767600, 0xafafaf00,
268 	0xdddddd00, 0x3a3a3a00, 0x0b0b0b00, 0x58585800,
269 	0x67676700, 0x88888800, 0x06060600, 0xc3c3c300,
270 	0x35353500, 0x0d0d0d00, 0x01010100, 0x8b8b8b00,
271 	0x8c8c8c00, 0xc2c2c200, 0xe6e6e600, 0x5f5f5f00,
272 	0x02020200, 0x24242400, 0x75757500, 0x93939300,
273 	0x66666600, 0x1e1e1e00, 0xe5e5e500, 0xe2e2e200,
274 	0x54545400, 0xd8d8d800, 0x10101000, 0xcecece00,
275 	0x7a7a7a00, 0xe8e8e800, 0x08080800, 0x2c2c2c00,
276 	0x12121200, 0x97979700, 0x32323200, 0xababab00,
277 	0xb4b4b400, 0x27272700, 0x0a0a0a00, 0x23232300,
278 	0xdfdfdf00, 0xefefef00, 0xcacaca00, 0xd9d9d900,
279 	0xb8b8b800, 0xfafafa00, 0xdcdcdc00, 0x31313100,
280 	0x6b6b6b00, 0xd1d1d100, 0xadadad00, 0x19191900,
281 	0x49494900, 0xbdbdbd00, 0x51515100, 0x96969600,
282 	0xeeeeee00, 0xe4e4e400, 0xa8a8a800, 0x41414100,
283 	0xdadada00, 0xffffff00, 0xcdcdcd00, 0x55555500,
284 	0x86868600, 0x36363600, 0xbebebe00, 0x61616100,
285 	0x52525200, 0xf8f8f800, 0xbbbbbb00, 0x0e0e0e00,
286 	0x82828200, 0x48484800, 0x69696900, 0x9a9a9a00,
287 	0xe0e0e000, 0x47474700, 0x9e9e9e00, 0x5c5c5c00,
288 	0x04040400, 0x4b4b4b00, 0x34343400, 0x15151500,
289 	0x79797900, 0x26262600, 0xa7a7a700, 0xdedede00,
290 	0x29292900, 0xaeaeae00, 0x92929200, 0xd7d7d700,
291 	0x84848400, 0xe9e9e900, 0xd2d2d200, 0xbababa00,
292 	0x5d5d5d00, 0xf3f3f300, 0xc5c5c500, 0xb0b0b000,
293 	0xbfbfbf00, 0xa4a4a400, 0x3b3b3b00, 0x71717100,
294 	0x44444400, 0x46464600, 0x2b2b2b00, 0xfcfcfc00,
295 	0xebebeb00, 0x6f6f6f00, 0xd5d5d500, 0xf6f6f600,
296 	0x14141400, 0xfefefe00, 0x7c7c7c00, 0x70707000,
297 	0x5a5a5a00, 0x7d7d7d00, 0xfdfdfd00, 0x2f2f2f00,
298 	0x18181800, 0x83838300, 0x16161600, 0xa5a5a500,
299 	0x91919100, 0x1f1f1f00, 0x05050500, 0x95959500,
300 	0x74747400, 0xa9a9a900, 0xc1c1c100, 0x5b5b5b00,
301 	0x4a4a4a00, 0x85858500, 0x6d6d6d00, 0x13131300,
302 	0x07070700, 0x4f4f4f00, 0x4e4e4e00, 0x45454500,
303 	0xb2b2b200, 0x0f0f0f00, 0xc9c9c900, 0x1c1c1c00,
304 	0xa6a6a600, 0xbcbcbc00, 0xececec00, 0x73737300,
305 	0x90909000, 0x7b7b7b00, 0xcfcfcf00, 0x59595900,
306 	0x8f8f8f00, 0xa1a1a100, 0xf9f9f900, 0x2d2d2d00,
307 	0xf2f2f200, 0xb1b1b100, 0x00000000, 0x94949400,
308 	0x37373700, 0x9f9f9f00, 0xd0d0d000, 0x2e2e2e00,
309 	0x9c9c9c00, 0x6e6e6e00, 0x28282800, 0x3f3f3f00,
310 	0x80808000, 0xf0f0f000, 0x3d3d3d00, 0xd3d3d300,
311 	0x25252500, 0x8a8a8a00, 0xb5b5b500, 0xe7e7e700,
312 	0x42424200, 0xb3b3b300, 0xc7c7c700, 0xeaeaea00,
313 	0xf7f7f700, 0x4c4c4c00, 0x11111100, 0x33333300,
314 	0x03030300, 0xa2a2a200, 0xacacac00, 0x60606000
315 };
316 
317 static inline u32 rotl32(u32 v, u32 r)
318 {
319 	return ((v << r) | (v >> (32 - r)));
320 }
321 
322 static inline u32 rotr32(u32 v, u32 r)
323 {
324 	return ((v >> r) | (v << (32 - r)));
325 }
326 
327 static inline u32 bswap32(u32 v)
328 {
329 	return ((v << 24) ^
330 		(v >> 24) ^
331 		((v & 0x0000ff00) << 8) ^
332 		((v & 0x00ff0000) >> 8));
333 }
334 
335 static inline u8 get_u8(u32 x, u32 y)
336 {
337 	return (x >> ((3 - y) * 8));
338 }
339 
340 static inline u32 make_u32(u8 v0, u8 v1, u8 v2, u8 v3)
341 {
342 	return ((u32)v0 << 24) | ((u32)v1 << 16) | ((u32)v2 <<  8) | ((u32)v3);
343 }
344 
345 static inline u32 aria_m(u32 t0)
346 {
347 	return rotr32(t0, 8) ^ rotr32(t0 ^ rotr32(t0, 8), 16);
348 }
349 
350 /* S-Box Layer 1 + M */
351 static inline void aria_sbox_layer1_with_pre_diff(u32 *t0, u32 *t1, u32 *t2,
352 						  u32 *t3)
353 {
354 	*t0 = s1[get_u8(*t0, 0)] ^
355 	      s2[get_u8(*t0, 1)] ^
356 	      x1[get_u8(*t0, 2)] ^
357 	      x2[get_u8(*t0, 3)];
358 	*t1 = s1[get_u8(*t1, 0)] ^
359 	      s2[get_u8(*t1, 1)] ^
360 	      x1[get_u8(*t1, 2)] ^
361 	      x2[get_u8(*t1, 3)];
362 	*t2 = s1[get_u8(*t2, 0)] ^
363 	      s2[get_u8(*t2, 1)] ^
364 	      x1[get_u8(*t2, 2)] ^
365 	      x2[get_u8(*t2, 3)];
366 	*t3 = s1[get_u8(*t3, 0)] ^
367 	      s2[get_u8(*t3, 1)] ^
368 	      x1[get_u8(*t3, 2)] ^
369 	      x2[get_u8(*t3, 3)];
370 }
371 
372 /* S-Box Layer 2 + M */
373 static inline void aria_sbox_layer2_with_pre_diff(u32 *t0, u32 *t1, u32 *t2,
374 						  u32 *t3)
375 {
376 	*t0 = x1[get_u8(*t0, 0)] ^
377 	      x2[get_u8(*t0, 1)] ^
378 	      s1[get_u8(*t0, 2)] ^
379 	      s2[get_u8(*t0, 3)];
380 	*t1 = x1[get_u8(*t1, 0)] ^
381 	      x2[get_u8(*t1, 1)] ^
382 	      s1[get_u8(*t1, 2)] ^
383 	      s2[get_u8(*t1, 3)];
384 	*t2 = x1[get_u8(*t2, 0)] ^
385 	      x2[get_u8(*t2, 1)] ^
386 	      s1[get_u8(*t2, 2)] ^
387 	      s2[get_u8(*t2, 3)];
388 	*t3 = x1[get_u8(*t3, 0)] ^
389 	      x2[get_u8(*t3, 1)] ^
390 	      s1[get_u8(*t3, 2)] ^
391 	      s2[get_u8(*t3, 3)];
392 }
393 
394 /* Word-level diffusion */
395 static inline void aria_diff_word(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
396 {
397 	*t1 ^= *t2;
398 	*t2 ^= *t3;
399 	*t0 ^= *t1;
400 
401 	*t3 ^= *t1;
402 	*t2 ^= *t0;
403 	*t1 ^= *t2;
404 }
405 
406 /* Byte-level diffusion */
407 static inline void aria_diff_byte(u32 *t1, u32 *t2, u32 *t3)
408 {
409 	*t1 = ((*t1 << 8) & 0xff00ff00) ^ ((*t1 >> 8) & 0x00ff00ff);
410 	*t2 = rotr32(*t2, 16);
411 	*t3 = bswap32(*t3);
412 }
413 
414 /* Key XOR Layer */
415 static inline void aria_add_round_key(u32 *rk, u32 *t0, u32 *t1, u32 *t2,
416 				      u32 *t3)
417 {
418 	*t0 ^= rk[0];
419 	*t1 ^= rk[1];
420 	*t2 ^= rk[2];
421 	*t3 ^= rk[3];
422 }
423 /* Odd round Substitution & Diffusion */
424 static inline void aria_subst_diff_odd(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
425 {
426 	aria_sbox_layer1_with_pre_diff(t0, t1, t2, t3);
427 	aria_diff_word(t0, t1, t2, t3);
428 	aria_diff_byte(t1, t2, t3);
429 	aria_diff_word(t0, t1, t2, t3);
430 }
431 
432 /* Even round Substitution & Diffusion */
433 static inline void aria_subst_diff_even(u32 *t0, u32 *t1, u32 *t2, u32 *t3)
434 {
435 	aria_sbox_layer2_with_pre_diff(t0, t1, t2, t3);
436 	aria_diff_word(t0, t1, t2, t3);
437 	aria_diff_byte(t3, t0, t1);
438 	aria_diff_word(t0, t1, t2, t3);
439 }
440 
441 /* Q, R Macro expanded ARIA GSRK */
442 static inline void aria_gsrk(u32 *rk, u32 *x, u32 *y, u32 n)
443 {
444 	int q = 4 - (n / 32);
445 	int r = n % 32;
446 
447 	rk[0] = (x[0]) ^
448 		((y[q % 4]) >> r) ^
449 		((y[(q + 3) % 4]) << (32 - r));
450 	rk[1] = (x[1]) ^
451 		((y[(q + 1) % 4]) >> r) ^
452 		((y[q % 4]) << (32 - r));
453 	rk[2] = (x[2]) ^
454 		((y[(q + 2) % 4]) >> r) ^
455 		((y[(q + 1) % 4]) << (32 - r));
456 	rk[3] =	(x[3]) ^
457 		((y[(q + 3) % 4]) >> r) ^
458 		((y[(q + 2) % 4]) << (32 - r));
459 }
460 
461 #endif
462