]> git.cryptolib.org Git - avr-crypto-lib.git/blob - camellia128-stub.c
bug fixed in md5-asm.S ( wrong values for length_b%512=505..511 )
[avr-crypto-lib.git] / camellia128-stub.c
1 /* camellia128-stub.c */
2 /*
3     This file is part of the AVR-Crypto-Lib.
4     Copyright (C) 2008  Daniel Otte (daniel.otte@rub.de)
5
6     This program is free software: you can redistribute it and/or modify
7     it under the terms of the GNU General Public License as published by
8     the Free Software Foundation, either version 3 of the License, or
9     (at your option) any later version.
10
11     This program is distributed in the hope that it will be useful,
12     but WITHOUT ANY WARRANTY; without even the implied warranty of
13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14     GNU General Public License for more details.
15
16     You should have received a copy of the GNU General Public License
17     along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19 /**
20  * 
21  * 
22  * 
23  * 
24  */
25  
26 #include <stdint.h>
27 #include <avr/io.h>
28 #include <avr/pgmspace.h>
29 #include "camellia.h"
30 #if 0
31  #include "uart.h"
32  #include "debug.h"
33  #include <util/delay.h>
34 #endif
35 /*****************************************************************************/
36 uint64_t camellia_f(uint64_t x, uint64_t k);
37 /*****************************************************************************/
38 uint64_t camellia_fl(uint64_t x, uint64_t k);
39 /*****************************************************************************/
40 uint64_t camellia_fl_inv(uint64_t y, uint64_t k);
41 /*****************************************************************************/
42 void change_endian(void* data, uint8_t length);
43 /*
44 uint64_t PROGMEM camellia_sigma[6]={ / * 64 byte table * /
45         0xA09E667F3BCC908BLL,
46         0xB67AE8584CAA73B2LL,
47         0xC6EF372FE94F82BELL,
48         0x54FF53A5F1D36F1CLL,
49         0x10E527FADE682D1DLL,
50         0xB05688C2B3E6C1FDLL
51 };      
52 */
53 uint32_t PROGMEM camellia_sigma[12]={ /* 48 byte table */
54          0x3BCC908BL, 0xA09E667FL,
55          0x4CAA73B2L, 0xB67AE858L,
56          0xE94F82BEL, 0xC6EF372FL,
57          0xF1D36F1CL, 0x54FF53A5L,
58          0xDE682D1DL, 0x10E527FAL,
59          0xB3E6C1FDL, 0xB05688C2L
60 };
61
62 /* an ugly macro to load an entry form the table above */
63 /*
64 #define SIGMA(p) (( ((uint64_t)(pgm_read_dword((prog_uint32_t*)camellia_sigma+2*(p)+1)))<<32) | \
65                     ((uint64_t)(pgm_read_dword((prog_uint32_t*)camellia_sigma+2*(p)+0))) )
66 */
67 #define SIGMA(p) (( ((uint64_t)(pgm_read_dword(&(((prog_uint32_t*)camellia_sigma)[2*(p)+1]))))<<32) | \
68                     ((uint64_t)(pgm_read_dword(&(((prog_uint32_t*)camellia_sigma)[2*(p)+0])))) )
69
70
71
72 /*****************************************************************************/
73 /*
74 void camellia128_ctx_dump(camellia128_ctx_t *s){
75         uart_putstr_P(PSTR("\r\n==State Dump=="));
76         uart_putstr_P(PSTR("\n\rKAl: ")); uart_hexdump(&(s->kal), 8);
77         uart_putstr_P(PSTR("\n\rKAr: ")); uart_hexdump(&(s->kar), 8);
78         uart_putstr_P(PSTR("\n\rKLl: ")); uart_hexdump(&(s->kll), 8);
79         uart_putstr_P(PSTR("\n\rKLr: ")); uart_hexdump(&(s->klr), 8);   
80         return;
81 }
82 */
83 /*****************************************************************************/
84 /* extern prog_uint64_t camellia_sigma[6]; */
85
86 void camellia128_init(const void* key, camellia128_ctx_t* s){
87         uint8_t i;
88         s->kll = 0; /* ((uint64_t*)key)[0]; */
89         
90         /* load the key, endian-adjusted, to kll,klr */
91         for(i=0; i<8; ++i){
92                 s->kll <<= 8;
93                 s->kll |= *((uint8_t*)key);
94                 key = (uint8_t*)key+1;
95         }
96         for(i=0; i<8; ++i){
97                 s->klr <<= 8;
98                 s->klr |= *((uint8_t*)key);
99                 key = (uint8_t*)key+1;
100         }
101
102         s->kal = s->kll;
103         s->kar = s->klr;
104         
105         s->kar ^= camellia_f(s->kal, SIGMA(0));
106         s->kal ^= camellia_f(s->kar, SIGMA(1));
107         
108         s->kal ^= s->kll;
109         s->kar ^= s->klr;
110         
111         s->kar ^= camellia_f(s->kal, SIGMA(2));
112         s->kal ^= camellia_f(s->kar, SIGMA(3));
113 }
114
115 /*****************************************************************************/
116 void camellia128_keyop(camellia128_ctx_t* s, int8_t q);
117 /*****************************************************************************/
118 void camellia128_keyop_inv(camellia128_ctx_t* s, int8_t q); 
119 /*****************************************************************************/
120
121 #define SEL_KA 1
122 #define SEL_KL 0
123
124 #define KEY_POSTC1              0x00
125 #define KEY_POSTC2              0x01
126 #define KEY_INC2                0x02
127
128 #define KEY_DIR                 0x04
129 #define KEY_DIR_NORM    0x00
130 #define KEY_DIR_INV             0x04
131
132 #define KEY_AMMOUNT             0x08 
133 #define KEY_ROL17               0x08
134 #define KEY_ROL15               0x00
135
136 void camellia_6rounds(const camellia128_ctx_t* s, uint64_t* bl, uint64_t* br, 
137                       uint8_t roundop, uint8_t keychoice);
138 /*****************************************************************************/
139
140
141 void camellia128_enc(void* block, const camellia128_ctx_t* s){
142
143         #define BL (((uint64_t*)block)[0])
144         #define BR (((uint64_t*)block)[1])
145         /* endian adjustment */
146          /*BL*/
147          /* 1 2 3 4 5 6 7 8
148           *     8 7 6 5 4 3 2 1
149           */
150          
151         uint64_t temp64;
152         
153         change_endian(&BL, 64/8);       
154         change_endian(&BR, 64/8);
155         
156         /* Prewhitening */
157         BL ^= s->kll;
158         BR ^= s->klr;
159         
160         /* the first 6 */
161         camellia_6rounds(s, &BL, &BR, KEY_ROL15 | KEY_DIR_NORM | KEY_POSTC1 , 0x33);
162         /* FL injection  */
163    camellia128_keyop((camellia128_ctx_t*)s, -1);
164         BL = camellia_fl(BL, s->kal);
165         BR = camellia_fl_inv(BR, s->kar);
166    camellia128_keyop((camellia128_ctx_t*)s, -1);
167         /* middle 6 */
168         camellia_6rounds(s, &BL, &BR, KEY_ROL15 | KEY_DIR_NORM | KEY_INC2 , 0x34);
169         /* FL injection  */
170    camellia128_keyop((camellia128_ctx_t*)s, 1);
171         BL = camellia_fl(BL, s->kll);
172         BR = camellia_fl_inv(BR, s->klr);
173    camellia128_keyop((camellia128_ctx_t*)s, 1);
174    /* last 6 */
175         camellia_6rounds(s, &BL, &BR, KEY_ROL17 | KEY_DIR_NORM | KEY_POSTC2 , 0x0C);
176         /* Postwhitening */
177         BR ^= s->kal;
178         BL ^= s->kar;
179         
180         temp64 = BR;
181         BR = BL;
182         BL = temp64;
183
184         camellia128_keyop((camellia128_ctx_t*)s,1);
185         
186         change_endian(&BL, 64/8);       
187         change_endian(&BR, 64/8);
188                 
189         #undef BL
190         #undef BR       
191 }
192
193 /*****************************************************************************/
194
195 void camellia128_dec(void* block, const camellia128_ctx_t* s){
196
197         #define BL (((uint64_t*)block)[1])
198         #define BR (((uint64_t*)block)[0])
199         /* endian adjustment */
200          /*BL*/
201          /* 1 2 3 4 5 6 7 8
202           * 8 7 6 5 4 3 2 1
203           */
204          
205         uint64_t temp64;
206                 
207         change_endian(&BL, 64/8);       
208         change_endian(&BR, 64/8);
209                 
210         camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
211         /* Prewhitening */
212         BR ^= s->kal; /* kw3 */
213         BL ^= s->kar; /* kw4 */
214         /* the first 6 */
215         camellia_6rounds(s, &BR, &BL, KEY_ROL17 | KEY_DIR_INV | KEY_POSTC1 , 0x0C);
216         /* FL injection  */
217    camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
218         BR = camellia_fl(BR, s->klr);
219         BL = camellia_fl_inv(BL, s->kll);
220    camellia128_keyop_inv((camellia128_ctx_t*)s, 1);
221         /* middle 6 */  
222         camellia_6rounds(s, &BR, &BL, KEY_ROL15 | KEY_DIR_INV | KEY_INC2 , 0x0B);
223         /* FL injection  */
224    camellia128_keyop_inv((camellia128_ctx_t*)s, -1);
225         BR = camellia_fl(BR, s->kar);
226         BL = camellia_fl_inv(BL, s->kal);
227    camellia128_keyop_inv((camellia128_ctx_t*)s, -1);
228    /* last 6 */
229         camellia_6rounds(s, &BR, &BL, KEY_ROL15 | KEY_DIR_INV | KEY_POSTC2 , 0x33);
230         
231         /* Postwhitening */
232         BL ^= s->kll; /* kw1 */ 
233         BR ^= s->klr; /* kw2 */
234         
235         temp64 = BR;
236         BR = BL;
237         BL = temp64;
238         
239         change_endian(&BL, 64/8);       
240         change_endian(&BR, 64/8);
241                 
242 }
243
244 /*****************************************************************************/
245 /*****************************************************************************/
246
247
248
249 /* EOF */