Root/crypto/seed.c

1/*
2 * Cryptographic API.
3 *
4 * SEED Cipher Algorithm.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Documentation of SEED can be found in RFC 4269.
12 * Copyright (C) 2007 Korea Information Security Agency (KISA).
13 */
14
15#include <linux/module.h>
16#include <linux/init.h>
17#include <linux/types.h>
18#include <linux/errno.h>
19#include <linux/crypto.h>
20#include <asm/byteorder.h>
21
22#define SEED_NUM_KCONSTANTS 16
23#define SEED_KEY_SIZE 16
24#define SEED_BLOCK_SIZE 16
25#define SEED_KEYSCHED_LEN 32
26
27/*
28 * #define byte(x, nr) ((unsigned char)((x) >> (nr*8)))
29 */
30static inline u8
31byte(const u32 x, const unsigned n)
32{
33    return x >> (n << 3);
34}
35
36struct seed_ctx {
37    u32 keysched[SEED_KEYSCHED_LEN];
38};
39
40static const u32 SS0[256] = {
41    0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
42    0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
43    0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
44    0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
45    0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
46    0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
47    0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
48    0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
49    0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
50    0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
51    0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
52    0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
53    0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
54    0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
55    0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
56    0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
57    0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
58    0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
59    0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
60    0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
61    0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
62    0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
63    0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
64    0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
65    0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
66    0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
67    0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
68    0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
69    0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
70    0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
71    0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
72    0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
73    0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
74    0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
75    0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
76    0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
77    0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
78    0x36063234, 0x15051114, 0x22022220, 0x38083038,
79    0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
80    0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
81    0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
82    0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
83    0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
84    0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
85    0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
86    0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
87    0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
88    0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
89    0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
90    0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
91    0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
92    0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
93    0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
94    0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
95    0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
96    0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
97    0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
98    0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
99    0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
100    0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
101    0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
102    0x22426260, 0x29092128, 0x07070304, 0x33033330,
103    0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
104    0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298,
105};
106
107static const u32 SS1[256] = {
108    0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
109    0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
110    0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
111    0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
112    0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
113    0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
114    0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
115    0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
116    0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
117    0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
118    0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
119    0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
120    0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
121    0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
122    0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
123    0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
124    0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
125    0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
126    0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
127    0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
128    0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
129    0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
130    0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
131    0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
132    0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
133    0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
134    0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
135    0x20220222, 0x04040400, 0x68284860, 0x70314171,
136    0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
137    0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
138    0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
139    0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
140    0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
141    0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
142    0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
143    0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
144    0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
145    0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
146    0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
147    0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
148    0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
149    0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
150    0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
151    0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
152    0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
153    0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
154    0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
155    0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
156    0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
157    0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
158    0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
159    0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
160    0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
161    0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
162    0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
163    0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
164    0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
165    0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
166    0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
167    0x30320232, 0x84048480, 0x68294961, 0x90138393,
168    0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
169    0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
170    0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
171    0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3,
172};
173
174static const u32 SS2[256] = {
175    0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
176    0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
177    0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
178    0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
179    0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
180    0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
181    0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
182    0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
183    0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
184    0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
185    0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
186    0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
187    0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
188    0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
189    0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
190    0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
191    0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
192    0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
193    0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
194    0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
195    0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
196    0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
197    0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
198    0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
199    0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
200    0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
201    0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
202    0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
203    0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
204    0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
205    0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
206    0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
207    0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
208    0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
209    0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
210    0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
211    0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
212    0x32343606, 0x11141505, 0x22202202, 0x30383808,
213    0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
214    0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
215    0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
216    0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
217    0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
218    0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
219    0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
220    0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
221    0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
222    0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
223    0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
224    0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
225    0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
226    0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
227    0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
228    0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
229    0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
230    0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
231    0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
232    0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
233    0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
234    0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
235    0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
236    0x62602242, 0x21282909, 0x03040707, 0x33303303,
237    0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
238    0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a,
239};
240
241static const u32 SS3[256] = {
242    0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
243    0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
244    0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
245    0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
246    0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
247    0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
248    0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
249    0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
250    0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
251    0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
252    0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
253    0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
254    0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
255    0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
256    0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
257    0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
258    0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
259    0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
260    0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
261    0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
262    0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
263    0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
264    0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
265    0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
266    0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
267    0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
268    0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
269    0x02222022, 0x04000404, 0x48606828, 0x41717031,
270    0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
271    0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
272    0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
273    0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
274    0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
275    0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
276    0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
277    0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
278    0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
279    0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
280    0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
281    0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
282    0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
283    0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
284    0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
285    0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
286    0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
287    0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
288    0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
289    0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
290    0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
291    0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
292    0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
293    0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
294    0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
295    0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
296    0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
297    0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
298    0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
299    0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
300    0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
301    0x02323032, 0x84808404, 0x49616829, 0x83939013,
302    0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
303    0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
304    0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
305    0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437,
306};
307
308static const u32 KC[SEED_NUM_KCONSTANTS] = {
309    0x9e3779b9, 0x3c6ef373, 0x78dde6e6, 0xf1bbcdcc,
310    0xe3779b99, 0xc6ef3733, 0x8dde6e67, 0x1bbcdccf,
311    0x3779b99e, 0x6ef3733c, 0xdde6e678, 0xbbcdccf1,
312    0x779b99e3, 0xef3733c6, 0xde6e678d, 0xbcdccf1b,
313};
314
315#define OP(X1, X2, X3, X4, rbase) \
316    t0 = X3 ^ ks[rbase]; \
317    t1 = X4 ^ ks[rbase+1]; \
318    t1 ^= t0; \
319    t1 = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^ \
320        SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)]; \
321    t0 += t1; \
322    t0 = SS0[byte(t0, 0)] ^ SS1[byte(t0, 1)] ^ \
323        SS2[byte(t0, 2)] ^ SS3[byte(t0, 3)]; \
324    t1 += t0; \
325    t1 = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^ \
326        SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)]; \
327    t0 += t1; \
328    X1 ^= t0; \
329    X2 ^= t1;
330
331static int seed_set_key(struct crypto_tfm *tfm, const u8 *in_key,
332                unsigned int key_len)
333{
334    struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
335    u32 *keyout = ctx->keysched;
336    const __be32 *key = (const __be32 *)in_key;
337    u32 i, t0, t1, x1, x2, x3, x4;
338
339    x1 = be32_to_cpu(key[0]);
340    x2 = be32_to_cpu(key[1]);
341    x3 = be32_to_cpu(key[2]);
342    x4 = be32_to_cpu(key[3]);
343
344    for (i = 0; i < SEED_NUM_KCONSTANTS; i++) {
345        t0 = x1 + x3 - KC[i];
346        t1 = x2 + KC[i] - x4;
347        *(keyout++) = SS0[byte(t0, 0)] ^ SS1[byte(t0, 1)] ^
348                SS2[byte(t0, 2)] ^ SS3[byte(t0, 3)];
349        *(keyout++) = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^
350                SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)];
351
352        if (i % 2 == 0) {
353            t0 = x1;
354            x1 = (x1 >> 8) ^ (x2 << 24);
355            x2 = (x2 >> 8) ^ (t0 << 24);
356        } else {
357            t0 = x3;
358            x3 = (x3 << 8) ^ (x4 >> 24);
359            x4 = (x4 << 8) ^ (t0 >> 24);
360        }
361    }
362
363    return 0;
364}
365
366/* encrypt a block of text */
367
368static void seed_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
369{
370    const struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
371    const __be32 *src = (const __be32 *)in;
372    __be32 *dst = (__be32 *)out;
373    u32 x1, x2, x3, x4, t0, t1;
374    const u32 *ks = ctx->keysched;
375
376    x1 = be32_to_cpu(src[0]);
377    x2 = be32_to_cpu(src[1]);
378    x3 = be32_to_cpu(src[2]);
379    x4 = be32_to_cpu(src[3]);
380
381    OP(x1, x2, x3, x4, 0);
382    OP(x3, x4, x1, x2, 2);
383    OP(x1, x2, x3, x4, 4);
384    OP(x3, x4, x1, x2, 6);
385    OP(x1, x2, x3, x4, 8);
386    OP(x3, x4, x1, x2, 10);
387    OP(x1, x2, x3, x4, 12);
388    OP(x3, x4, x1, x2, 14);
389    OP(x1, x2, x3, x4, 16);
390    OP(x3, x4, x1, x2, 18);
391    OP(x1, x2, x3, x4, 20);
392    OP(x3, x4, x1, x2, 22);
393    OP(x1, x2, x3, x4, 24);
394    OP(x3, x4, x1, x2, 26);
395    OP(x1, x2, x3, x4, 28);
396    OP(x3, x4, x1, x2, 30);
397
398    dst[0] = cpu_to_be32(x3);
399    dst[1] = cpu_to_be32(x4);
400    dst[2] = cpu_to_be32(x1);
401    dst[3] = cpu_to_be32(x2);
402}
403
404/* decrypt a block of text */
405
406static void seed_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
407{
408    const struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
409    const __be32 *src = (const __be32 *)in;
410    __be32 *dst = (__be32 *)out;
411    u32 x1, x2, x3, x4, t0, t1;
412    const u32 *ks = ctx->keysched;
413
414    x1 = be32_to_cpu(src[0]);
415    x2 = be32_to_cpu(src[1]);
416    x3 = be32_to_cpu(src[2]);
417    x4 = be32_to_cpu(src[3]);
418
419    OP(x1, x2, x3, x4, 30);
420    OP(x3, x4, x1, x2, 28);
421    OP(x1, x2, x3, x4, 26);
422    OP(x3, x4, x1, x2, 24);
423    OP(x1, x2, x3, x4, 22);
424    OP(x3, x4, x1, x2, 20);
425    OP(x1, x2, x3, x4, 18);
426    OP(x3, x4, x1, x2, 16);
427    OP(x1, x2, x3, x4, 14);
428    OP(x3, x4, x1, x2, 12);
429    OP(x1, x2, x3, x4, 10);
430    OP(x3, x4, x1, x2, 8);
431    OP(x1, x2, x3, x4, 6);
432    OP(x3, x4, x1, x2, 4);
433    OP(x1, x2, x3, x4, 2);
434    OP(x3, x4, x1, x2, 0);
435
436    dst[0] = cpu_to_be32(x3);
437    dst[1] = cpu_to_be32(x4);
438    dst[2] = cpu_to_be32(x1);
439    dst[3] = cpu_to_be32(x2);
440}
441
442
443static struct crypto_alg seed_alg = {
444    .cra_name = "seed",
445    .cra_driver_name = "seed-generic",
446    .cra_priority = 100,
447    .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
448    .cra_blocksize = SEED_BLOCK_SIZE,
449    .cra_ctxsize = sizeof(struct seed_ctx),
450    .cra_alignmask = 3,
451    .cra_module = THIS_MODULE,
452    .cra_u = {
453        .cipher = {
454            .cia_min_keysize = SEED_KEY_SIZE,
455            .cia_max_keysize = SEED_KEY_SIZE,
456            .cia_setkey = seed_set_key,
457            .cia_encrypt = seed_encrypt,
458            .cia_decrypt = seed_decrypt
459        }
460    }
461};
462
463static int __init seed_init(void)
464{
465    return crypto_register_alg(&seed_alg);
466}
467
468static void __exit seed_fini(void)
469{
470    crypto_unregister_alg(&seed_alg);
471}
472
473module_init(seed_init);
474module_exit(seed_fini);
475
476MODULE_DESCRIPTION("SEED Cipher Algorithm");
477MODULE_LICENSE("GPL");
478MODULE_AUTHOR("Hye-Shik Chang <perky@FreeBSD.org>, Kim Hyun <hkim@kisa.or.kr>");
479

Archive Download this file



interactive