camellia128-stub.c

   1 /* camellia128-stub.c */
   2 /*
   3     This file is part of the Crypto-avr-lib/microcrypt-lib.
   4     Copyright (C) 2008  Daniel Otte (daniel.otte@rub.de)
   5
   6     This program is free software: you can redistribute it and/or modify
   7     it under the terms of the GNU General Public License as published by
   8     the Free Software Foundation, either version 3 of the License, or
   9     (at your option) any later version.
  10
  11     This program is distributed in the hope that it will be useful,
  12     but WITHOUT ANY WARRANTY; without even the implied warranty of
  13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14     GNU General Public License for more details.
  15
  16     You should have received a copy of the GNU General Public License
  17     along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19 /**
  20  *
  21  *
  22  *
  23  *
  24  */
  25
  26 #include <stdint.h>
  27 #include <avr/io.h>
  28 #include <avr/pgmspace.h>
  29 #include "camellia.h"
  30 #if 0
  31  #include "uart.h"
  32  #include "debug.h"
  33  #include <util/delay.h>
  34 #endif
  35 /*****************************************************************************/
  36 uint64_t camellia_f(uint64_t x, uint64_t k);
  37 /*****************************************************************************/
  38 uint64_t camellia_fl(uint64_t x, uint64_t k);
  39 /*****************************************************************************/
  40 uint64_t camellia_fl_inv(uint64_t y, uint64_t k);
  41 /*****************************************************************************/
  42 void change_endian(void* data, uint8_t length);
  43 /*
  44 uint64_t PROGMEM camellia_sigma[6]={ / * 64 byte table * /
  45         0xA09E667F3BCC908BLL,
  46         0xB67AE8584CAA73B2LL,
  47         0xC6EF372FE94F82BELL,
  48         0x54FF53A5F1D36F1CLL,
  49         0x10E527FADE682D1DLL,
  50         0xB05688C2B3E6C1FDLL
  51 };
  52 */
  53 uint32_t PROGMEM camellia_sigma[12]={ /* 48 byte table */
  54          0x3BCC908BL, 0xA09E667FL,
  55          0x4CAA73B2L, 0xB67AE858L,
  56          0xE94F82BEL, 0xC6EF372FL,
  57          0xF1D36F1CL, 0x54FF53A5L,
  58          0xDE682D1DL, 0x10E527FAL,
  59          0xB3E6C1FDL, 0xB05688C2L
  60 };
  61
  62 /* an ugly macro to load an entry form the table above */
  63 /*
  64 #define SIGMA(p) (( ((uint64_t)(pgm_read_dword((prog_uint32_t*)camellia_sigma+2*(p)+1)))<<32) | \
  65                     ((uint64_t)(pgm_read_dword((prog_uint32_t*)camellia_sigma+2*(p)+0))) )
  66 */
  67 #define SIGMA(p) (( ((uint64_t)(pgm_read_dword(&(((prog_uint32_t*)camellia_sigma)[2*(p)+1]))))<<32) | \
  68                     ((uint64_t)(pgm_read_dword(&(((prog_uint32_t*)camellia_sigma)[2*(p)+0])))) )
  69
  70
  71
  72 /*****************************************************************************/
  73 /*
  74 void camellia128_ctx_dump(camellia128_ctx_t *s){
  75         uart_putstr_P(PSTR("\r\n==State Dump=="));
  76         uart_putstr_P(PSTR("\n\rKAl: ")); uart_hexdump(&(s->kal), 8);
  77         uart_putstr_P(PSTR("\n\rKAr: ")); uart_hexdump(&(s->kar), 8);
  78         uart_putstr_P(PSTR("\n\rKLl: ")); uart_hexdump(&(s->kll), 8);
  79         uart_putstr_P(PSTR("\n\rKLr: ")); uart_hexdump(&(s->klr), 8);
  80         return;
  81 }
  82 */
  83 /*****************************************************************************/
  84 /* extern prog_uint64_t camellia_sigma[6]; */
  85
  86 void camellia128_init(const void* key, camellia128_ctx_t* s){
  87         uint8_t i;
  88         s->kll = 0; /* ((uint64_t*)key)[0]; */
  89
  90         /* load the key, endian-adjusted, to kll,klr */
  91         for(i=0; i<8; ++i){
  92                 s->kll <<= 8;
  93                 s->kll |= *((uint8_t*)key);
  94                 key = (uint8_t*)key+1;
  95         }
  96         for(i=0; i<8; ++i){
  97                 s->klr <<= 8;
  98                 s->klr |= *((uint8_t*)key);
  99                 key = (uint8_t*)key+1;
 100         }
 101
 102         s->kal = s->kll;
 103         s->kar = s->klr;
 104
 105         s->kar ^= camellia_f(s->kal, SIGMA(0));
 106         s->kal ^= camellia_f(s->kar, SIGMA(1));
 107
 108         s->kal ^= s->kll;
 109         s->kar ^= s->klr;
 110
 111         s->kar ^= camellia_f(s->kal, SIGMA(2));
 112         s->kal ^= camellia_f(s->kar, SIGMA(3));
 113 }
 114
 115 /*****************************************************************************/
 116 void camellia128_keyop(camellia128_ctx_t* s, int8_t q);
 117 /*****************************************************************************/
 118 void camellia128_keyop_inv(camellia128_ctx_t* s, int8_t q);
 119 /*****************************************************************************/
 120
 121 #define SEL_KA 1
 122 #define SEL_KL 0
 123
 124 #define KEY_POSTC1              0x00
 125 #define KEY_POSTC2              0x01
 126 #define KEY_INC2                0x02
 127
 128 #define KEY_DIR                 0x04
 129 #define KEY_DIR_NORM    0x00
 130 #define KEY_DIR_INV             0x04
 131
 132 #define KEY_AMMOUNT             0x08
 133 #define KEY_ROL17               0x08
 134 #define KEY_ROL15               0x00
 135
 136 void camellia_6rounds(const camellia128_ctx_t* s, uint64_t* bl, uint64_t* br,
 137                       uint8_t roundop, uint8_t keychoice);
 138 /*****************************************************************************/
 139
 140
 141 void camellia128_enc(void* block, const camellia128_ctx_t* s){
 142
 143         #define BL (((uint64_t*)block)[0])
 144         #define BR (((uint64_t*)block)[1])
 145         /* endian adjustment */
 146          /*BL*/
 147          /* 1 2 3 4 5 6 7 8
 148           *     8 7 6 5 4 3 2 1
 149           */
 150
 151         uint64_t temp64;
 152
 153         change_endian(&BL, 64/8);
 154         change_endian(&BR, 64/8);
 155
 156         /* Prewhitening */
 157         BL ^= s->kll;
 158         BR ^= s->klr;
 159
 160         /* the first 6 */
 161         camellia_6rounds(s, &BL, &BR, KEY_ROL15 | KEY_DIR_NORM | KEY_POSTC1 , 0x33);
 162         /* FL injection  */
 163    camellia128_keyop((camellia128_ctx_t*)s, -1);
 164         BL = camellia_fl(BL, s->kal);
 165         BR = camellia_fl_inv(BR, s->kar);
 166    camellia128_keyop((camellia128_ctx_t*)s, -1);
 167         /* middle 6 */
 168         camellia_6rounds(s, &BL, &BR, KEY_ROL15 | KEY_DIR_NORM | KEY_INC2 , 0x34);
 169         /* FL injection  */
 170    camellia128_keyop((camellia128_ctx_t*)s, 1);
 171         BL = camellia_fl(BL, s->kll);
 172         BR = camellia_fl_inv(BR, s->klr);
 173    camellia128_keyop((camellia128_ctx_t*)s, 1);
 174    /* last 6 */
 175         camellia_6rounds(s, &BL, &BR, KEY_ROL17 | KEY_DIR_NORM | KEY_POSTC2 , 0x0C);
 176         /* Postwhitening */
 177         BR ^= s->kal;
 178         BL ^= s->kar;
 179
 180         temp64 = BR;
 181         BR = BL;
 182         BL = temp64;
 183
 184         camellia128_keyop((camellia128_ctx_t*)s,1);
 185
 186         change_endian(&BL, 64/8);
 187         change_endian(&BR, 64/8);
 188
 189         #undef BL
 190         #undef BR
 191 }
 192
 193 /*****************************************************************************/
 194
 195 void camellia128_dec(void* block, const camellia128_ctx_t* s){
 196
 197         #define BL (((uint64_t*)block)[1])
 198         #define BR (((uint64_t*)block)[0])
 199         /* endian adjustment */
 200          /*BL*/
 201          /* 1 2 3 4 5 6 7 8
 202           * 8 7 6 5 4 3 2 1
 203           */
 204
 205         uint64_t temp64;
 206
 207         change_endian(&BL, 64/8);
 208         change_endian(&BR, 64/8);
 209
 210         camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
 211         /* Prewhitening */
 212         BR ^= s->kal; /* kw3 */
 213         BL ^= s->kar; /* kw4 */
 214         /* the first 6 */
 215         camellia_6rounds(s, &BR, &BL, KEY_ROL17 | KEY_DIR_INV | KEY_POSTC1 , 0x0C);
 216         /* FL injection  */
 217    camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
 218         BR = camellia_fl(BR, s->klr);
 219         BL = camellia_fl_inv(BL, s->kll);
 220    camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
 221         /* middle 6 */
 222         camellia_6rounds(s, &BR, &BL, KEY_ROL15 | KEY_DIR_INV | KEY_INC2 , 0x0B);
 223         /* FL injection  */
 224    camellia128_keyop_inv((camellia128_ctx_t*)s, -1);
 225         BR = camellia_fl(BR, s->kar);
 226         BL = camellia_fl_inv(BL, s->kal);
 227    camellia128_keyop_inv((camellia128_ctx_t*)s, -1);
 228    /* last 6 */
 229         camellia_6rounds(s, &BR, &BL, KEY_ROL15 | KEY_DIR_INV | KEY_POSTC2 , 0x33);
 230
 231         /* Postwhitening */
 232         BL ^= s->kll; /* kw1 */
 233         BR ^= s->klr; /* kw2 */
 234
 235         temp64 = BR;
 236         BR = BL;
 237         BL = temp64;
 238
 239         change_endian(&BL, 64/8);
 240         change_endian(&BR, 64/8);
 241
 242 }
 243
 244 /*****************************************************************************/
 245 /*****************************************************************************/
 246
 247
 248
 249 /* EOF */