linux/crypto/seed.c
<<
>>
Prefs
   1/*
   2 * Cryptographic API.
   3 *
   4 * SEED Cipher Algorithm.
   5 *
   6 * This program is free software; you can redistribute it and/or modify
   7 * it under the terms of the GNU General Public License as published by
   8 * the Free Software Foundation; either version 2 of the License, or
   9 * (at your option) any later version.
  10 *
  11 * Documentation of SEED can be found in RFC 4269.
  12 * Copyright (C) 2007 Korea Information Security Agency (KISA).
  13 */
  14
  15#include <linux/module.h>
  16#include <linux/init.h>
  17#include <linux/types.h>
  18#include <linux/errno.h>
  19#include <linux/crypto.h>
  20#include <asm/byteorder.h>
  21
  22#define SEED_NUM_KCONSTANTS     16
  23#define SEED_KEY_SIZE           16
  24#define SEED_BLOCK_SIZE         16
  25#define SEED_KEYSCHED_LEN       32
  26
  27/*
  28 * #define byte(x, nr) ((unsigned char)((x) >> (nr*8)))
  29 */
  30static inline u8
  31byte(const u32 x, const unsigned n)
  32{
  33        return x >> (n << 3);
  34}
  35
  36struct seed_ctx {
  37        u32 keysched[SEED_KEYSCHED_LEN];
  38};
  39
  40static const u32 SS0[256] = {
  41        0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
  42        0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
  43        0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
  44        0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
  45        0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
  46        0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
  47        0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
  48        0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
  49        0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
  50        0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
  51        0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
  52        0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
  53        0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
  54        0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
  55        0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
  56        0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
  57        0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
  58        0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
  59        0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
  60        0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
  61        0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
  62        0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
  63        0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
  64        0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
  65        0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
  66        0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
  67        0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
  68        0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
  69        0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
  70        0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
  71        0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
  72        0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
  73        0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
  74        0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
  75        0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
  76        0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
  77        0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
  78        0x36063234, 0x15051114, 0x22022220, 0x38083038,
  79        0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
  80        0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
  81        0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
  82        0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
  83        0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
  84        0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
  85        0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
  86        0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
  87        0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
  88        0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
  89        0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
  90        0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
  91        0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
  92        0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
  93        0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
  94        0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
  95        0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
  96        0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
  97        0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
  98        0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
  99        0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
 100        0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
 101        0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
 102        0x22426260, 0x29092128, 0x07070304, 0x33033330,
 103        0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
 104        0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298,
 105};
 106
 107static const u32 SS1[256] = {
 108        0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
 109        0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
 110        0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
 111        0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
 112        0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
 113        0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
 114        0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
 115        0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
 116        0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
 117        0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
 118        0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
 119        0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
 120        0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
 121        0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
 122        0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
 123        0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
 124        0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
 125        0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
 126        0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
 127        0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
 128        0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
 129        0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
 130        0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
 131        0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
 132        0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
 133        0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
 134        0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
 135        0x20220222, 0x04040400, 0x68284860, 0x70314171,
 136        0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
 137        0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
 138        0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
 139        0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
 140        0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
 141        0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
 142        0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
 143        0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
 144        0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
 145        0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
 146        0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
 147        0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
 148        0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
 149        0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
 150        0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
 151        0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
 152        0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
 153        0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
 154        0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
 155        0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
 156        0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
 157        0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
 158        0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
 159        0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
 160        0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
 161        0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
 162        0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
 163        0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
 164        0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
 165        0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
 166        0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
 167        0x30320232, 0x84048480, 0x68294961, 0x90138393,
 168        0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
 169        0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
 170        0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
 171        0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3,
 172};
 173
 174static const u32 SS2[256] = {
 175        0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
 176        0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
 177        0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
 178        0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
 179        0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
 180        0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
 181        0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
 182        0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
 183        0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
 184        0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
 185        0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
 186        0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
 187        0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
 188        0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
 189        0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
 190        0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
 191        0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
 192        0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
 193        0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
 194        0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
 195        0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
 196        0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
 197        0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
 198        0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
 199        0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
 200        0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
 201        0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
 202        0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
 203        0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
 204        0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
 205        0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
 206        0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
 207        0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
 208        0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
 209        0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
 210        0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
 211        0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
 212        0x32343606, 0x11141505, 0x22202202, 0x30383808,
 213        0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
 214        0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
 215        0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
 216        0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
 217        0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
 218        0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
 219        0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
 220        0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
 221        0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
 222        0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
 223        0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
 224        0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
 225        0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
 226        0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
 227        0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
 228        0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
 229        0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
 230        0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
 231        0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
 232        0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
 233        0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
 234        0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
 235        0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
 236        0x62602242, 0x21282909, 0x03040707, 0x33303303,
 237        0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
 238        0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a,
 239};
 240
 241static const u32 SS3[256] = {
 242        0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
 243        0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
 244        0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
 245        0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
 246        0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
 247        0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
 248        0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
 249        0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
 250        0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
 251        0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
 252        0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
 253        0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
 254        0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
 255        0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
 256        0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
 257        0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
 258        0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
 259        0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
 260        0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
 261        0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
 262        0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
 263        0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
 264        0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
 265        0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
 266        0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
 267        0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
 268        0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
 269        0x02222022, 0x04000404, 0x48606828, 0x41717031,
 270        0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
 271        0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
 272        0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
 273        0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
 274        0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
 275        0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
 276        0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
 277        0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
 278        0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
 279        0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
 280        0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
 281        0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
 282        0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
 283        0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
 284        0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
 285        0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
 286        0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
 287        0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
 288        0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
 289        0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
 290        0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
 291        0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
 292        0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
 293        0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
 294        0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
 295        0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
 296        0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
 297        0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
 298        0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
 299        0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
 300        0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
 301        0x02323032, 0x84808404, 0x49616829, 0x83939013,
 302        0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
 303        0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
 304        0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
 305        0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437,
 306};
 307
 308static const u32 KC[SEED_NUM_KCONSTANTS] = {
 309        0x9e3779b9, 0x3c6ef373, 0x78dde6e6, 0xf1bbcdcc,
 310        0xe3779b99, 0xc6ef3733, 0x8dde6e67, 0x1bbcdccf,
 311        0x3779b99e, 0x6ef3733c, 0xdde6e678, 0xbbcdccf1,
 312        0x779b99e3, 0xef3733c6, 0xde6e678d, 0xbcdccf1b,
 313};
 314
 315#define OP(X1, X2, X3, X4, rbase)                       \
 316        t0 = X3 ^ ks[rbase];                            \
 317        t1 = X4 ^ ks[rbase+1];                          \
 318        t1 ^= t0;                                       \
 319        t1 = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^      \
 320                SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)];    \
 321        t0 += t1;                                       \
 322        t0 = SS0[byte(t0, 0)] ^ SS1[byte(t0, 1)] ^      \
 323                SS2[byte(t0, 2)] ^ SS3[byte(t0, 3)];    \
 324        t1 += t0;                                       \
 325        t1 = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^      \
 326                SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)];    \
 327        t0 += t1;                                       \
 328        X1 ^= t0;                                       \
 329        X2 ^= t1;
 330
 331static int seed_set_key(struct crypto_tfm *tfm, const u8 *in_key,
 332                        unsigned int key_len)
 333{
 334        struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
 335        u32 *keyout = ctx->keysched;
 336        const __be32 *key = (const __be32 *)in_key;
 337        u32 i, t0, t1, x1, x2, x3, x4;
 338
 339        x1 = be32_to_cpu(key[0]);
 340        x2 = be32_to_cpu(key[1]);
 341        x3 = be32_to_cpu(key[2]);
 342        x4 = be32_to_cpu(key[3]);
 343
 344        for (i = 0; i < SEED_NUM_KCONSTANTS; i++) {
 345                t0 = x1 + x3 - KC[i];
 346                t1 = x2 + KC[i] - x4;
 347                *(keyout++) = SS0[byte(t0, 0)] ^ SS1[byte(t0, 1)] ^
 348                                SS2[byte(t0, 2)] ^ SS3[byte(t0, 3)];
 349                *(keyout++) = SS0[byte(t1, 0)] ^ SS1[byte(t1, 1)] ^
 350                                SS2[byte(t1, 2)] ^ SS3[byte(t1, 3)];
 351
 352                if (i % 2 == 0) {
 353                        t0 = x1;
 354                        x1 = (x1 >> 8) ^ (x2 << 24);
 355                        x2 = (x2 >> 8) ^ (t0 << 24);
 356                } else {
 357                        t0 = x3;
 358                        x3 = (x3 << 8) ^ (x4 >> 24);
 359                        x4 = (x4 << 8) ^ (t0 >> 24);
 360                }
 361        }
 362
 363        return 0;
 364}
 365
 366/* encrypt a block of text */
 367
 368static void seed_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 369{
 370        const struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
 371        const __be32 *src = (const __be32 *)in;
 372        __be32 *dst = (__be32 *)out;
 373        u32 x1, x2, x3, x4, t0, t1;
 374        const u32 *ks = ctx->keysched;
 375
 376        x1 = be32_to_cpu(src[0]);
 377        x2 = be32_to_cpu(src[1]);
 378        x3 = be32_to_cpu(src[2]);
 379        x4 = be32_to_cpu(src[3]);
 380
 381        OP(x1, x2, x3, x4, 0);
 382        OP(x3, x4, x1, x2, 2);
 383        OP(x1, x2, x3, x4, 4);
 384        OP(x3, x4, x1, x2, 6);
 385        OP(x1, x2, x3, x4, 8);
 386        OP(x3, x4, x1, x2, 10);
 387        OP(x1, x2, x3, x4, 12);
 388        OP(x3, x4, x1, x2, 14);
 389        OP(x1, x2, x3, x4, 16);
 390        OP(x3, x4, x1, x2, 18);
 391        OP(x1, x2, x3, x4, 20);
 392        OP(x3, x4, x1, x2, 22);
 393        OP(x1, x2, x3, x4, 24);
 394        OP(x3, x4, x1, x2, 26);
 395        OP(x1, x2, x3, x4, 28);
 396        OP(x3, x4, x1, x2, 30);
 397
 398        dst[0] = cpu_to_be32(x3);
 399        dst[1] = cpu_to_be32(x4);
 400        dst[2] = cpu_to_be32(x1);
 401        dst[3] = cpu_to_be32(x2);
 402}
 403
 404/* decrypt a block of text */
 405
 406static void seed_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 407{
 408        const struct seed_ctx *ctx = crypto_tfm_ctx(tfm);
 409        const __be32 *src = (const __be32 *)in;
 410        __be32 *dst = (__be32 *)out;
 411        u32 x1, x2, x3, x4, t0, t1;
 412        const u32 *ks = ctx->keysched;
 413
 414        x1 = be32_to_cpu(src[0]);
 415        x2 = be32_to_cpu(src[1]);
 416        x3 = be32_to_cpu(src[2]);
 417        x4 = be32_to_cpu(src[3]);
 418
 419        OP(x1, x2, x3, x4, 30);
 420        OP(x3, x4, x1, x2, 28);
 421        OP(x1, x2, x3, x4, 26);
 422        OP(x3, x4, x1, x2, 24);
 423        OP(x1, x2, x3, x4, 22);
 424        OP(x3, x4, x1, x2, 20);
 425        OP(x1, x2, x3, x4, 18);
 426        OP(x3, x4, x1, x2, 16);
 427        OP(x1, x2, x3, x4, 14);
 428        OP(x3, x4, x1, x2, 12);
 429        OP(x1, x2, x3, x4, 10);
 430        OP(x3, x4, x1, x2, 8);
 431        OP(x1, x2, x3, x4, 6);
 432        OP(x3, x4, x1, x2, 4);
 433        OP(x1, x2, x3, x4, 2);
 434        OP(x3, x4, x1, x2, 0);
 435
 436        dst[0] = cpu_to_be32(x3);
 437        dst[1] = cpu_to_be32(x4);
 438        dst[2] = cpu_to_be32(x1);
 439        dst[3] = cpu_to_be32(x2);
 440}
 441
 442
 443static struct crypto_alg seed_alg = {
 444        .cra_name               =       "seed",
 445        .cra_driver_name        =       "seed-generic",
 446        .cra_priority           =       100,
 447        .cra_flags              =       CRYPTO_ALG_TYPE_CIPHER,
 448        .cra_blocksize          =       SEED_BLOCK_SIZE,
 449        .cra_ctxsize            =       sizeof(struct seed_ctx),
 450        .cra_alignmask          =       3,
 451        .cra_module             =       THIS_MODULE,
 452        .cra_u                  =       {
 453                .cipher = {
 454                        .cia_min_keysize        =       SEED_KEY_SIZE,
 455                        .cia_max_keysize        =       SEED_KEY_SIZE,
 456                        .cia_setkey             =       seed_set_key,
 457                        .cia_encrypt            =       seed_encrypt,
 458                        .cia_decrypt            =       seed_decrypt
 459                }
 460        }
 461};
 462
 463static int __init seed_init(void)
 464{
 465        return crypto_register_alg(&seed_alg);
 466}
 467
 468static void __exit seed_fini(void)
 469{
 470        crypto_unregister_alg(&seed_alg);
 471}
 472
 473module_init(seed_init);
 474module_exit(seed_fini);
 475
 476MODULE_DESCRIPTION("SEED Cipher Algorithm");
 477MODULE_LICENSE("GPL");
 478MODULE_AUTHOR("Hye-Shik Chang <perky@FreeBSD.org>, Kim Hyun <hkim@kisa.or.kr>");
 479MODULE_ALIAS_CRYPTO("seed");
 480