Commit beafb5f3 authored by Niels Möller's avatar Niels Möller
Browse files

(camellia_set_encrypt_key): Inline

the expansion of camellia_setup128 and camellia_setup256, keeping
the unexpanded key in scalar variables.
(camellia_setup128): Deleted.
(camellia_setup256): Deleted.

Rev: nettle/camellia-set-encrypt-key.c:1.3
parent 55357236
......@@ -82,18 +82,24 @@
(x) = ((uint64_t) __w << 32) | (__t ^ __w); \
} while (0)
static void
camellia_setup128(uint64_t *subkey, const uint64_t *key)
void
camellia_set_encrypt_key(struct camellia_ctx *ctx,
unsigned length, const uint8_t *key)
{
uint64_t k0, k1, w;
uint64_t k0, k1;
/**
* k == k0 || k1 (|| is concatenation)
*/
k0 = key[0];
k1 = key[1];
uint64_t subkey[34];
uint64_t w, kw2, kw4;
uint32_t dw, tl, tr;
unsigned i;
k0 = READ_UINT64(key);
k1 = READ_UINT64(key + 8);
if (length == 16)
{
ctx->nkeys = 26;
/**
* generate KL dependent subkeys
*/
......@@ -113,7 +119,7 @@ camellia_setup128(uint64_t *subkey, const uint64_t *key)
/* generate KA. D1 is k0, d2 is k1. */
/* FIXME: Make notation match the spec better. */
/* For the 128-bit case, KR = 0, the construvtion of KA reduces to:
/* For the 128-bit case, KR = 0, the construction of KA reduces to:
D1 = KL >> 64;
W = KL & MASK64;
......@@ -147,26 +153,20 @@ camellia_setup128(uint64_t *subkey, const uint64_t *key)
subkey[20] = k0; subkey[21] = k1;
ROL128(17, k0, k1);
subkey[24] = k0; subkey[25] = k1;
}
else
{
uint64_t k2, k3;
ctx->nkeys = 34;
k2 = READ_UINT64(key + 16);
return;
}
static void
camellia_setup256(uint64_t *subkey, const uint64_t *key)
{
uint64_t k0, k1, k2, k3;
uint64_t w;
/**
* key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
* (|| is concatenation)
*/
k0 = key[0];
k1 = key[1];
k2 = key[2];
k3 = key[3];
if (length == 24)
k3 = ~k2;
else
{
assert (length == 32);
k3 = READ_UINT64(key + 24);
}
/* generate KL dependent subkeys */
subkey[0] = k0; subkey[1] = k1;
ROL128(45, k0, k1);
......@@ -243,46 +243,10 @@ camellia_setup256(uint64_t *subkey, const uint64_t *key)
subkey[20] = k2; subkey[21] = k3;
ROL128(51, k2, k3);
subkey[32] = k2; subkey[33] = k3;
return;
}
void
camellia_set_encrypt_key(struct camellia_ctx *ctx,
unsigned length, const uint8_t *key)
{
uint64_t k[4];
/* Subkeys according to the spec, 26 for short keys and 34 for large
keys */
uint64_t subkey[34];
uint64_t kw2, kw4;
uint32_t dw, tl, tr;
unsigned i;
k[0] = READ_UINT64(key);
k[1] = READ_UINT64(key + 8);
if (length == 16)
{
ctx->nkeys = 26;
camellia_setup128(subkey, k);
}
else
{
ctx->nkeys = 34;
k[2] = READ_UINT64(key + 16);
if (length == 24)
k[3] = ~k[2];
else
{
assert (length == 32);
k[3] = READ_UINT64(key + 24);
}
camellia_setup256(subkey, k);
}
/* At this point, the subkey array contains the subkeys as described
in the spec, 26 for short keys and 34 for large keys. */
/* absorb kw2 to other subkeys */
kw2 = subkey[1];
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment