1 /******************************************************************************* 2 * Copyright 2013-2018 Intel Corporation 3 * All Rights Reserved. 4 * 5 * If this software was obtained under the Intel Simplified Software License, 6 * the following terms apply: 7 * 8 * The source code, information and material ("Material") contained herein is 9 * owned by Intel Corporation or its suppliers or licensors, and title to such 10 * Material remains with Intel Corporation or its suppliers or licensors. The 11 * Material contains proprietary information of Intel or its suppliers and 12 * licensors. The Material is protected by worldwide copyright laws and treaty 13 * provisions. No part of the Material may be used, copied, reproduced, 14 * modified, published, uploaded, posted, transmitted, distributed or disclosed 15 * in any way without Intel's prior express written permission. No license under 16 * any patent, copyright or other intellectual property rights in the Material 17 * is granted to or conferred upon you, either expressly, by implication, 18 * inducement, estoppel or otherwise. Any license under such intellectual 19 * property rights must be express and approved by Intel in writing. 20 * 21 * Unless otherwise agreed by Intel in writing, you may not remove or alter this 22 * notice or any other notice embedded in Materials by Intel or Intel's 23 * suppliers or licensors in any way. 24 * 25 * 26 * If this software was obtained under the Apache License, Version 2.0 (the 27 * "License"), the following terms apply: 28 * 29 * You may not use this file except in compliance with the License. You may 30 * obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 31 * 32 * 33 * Unless required by applicable law or agreed to in writing, software 34 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 35 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 36 * 37 * See the License for the specific language governing permissions and 38 * limitations under the License. 39 *******************************************************************************/ 40 41 /* 42 // 43 // Purpose: 44 // Cryptography Primitive. 45 // Internal Definitions and 46 // Internal SMS4 Function Prototypes 47 // 48 // 49 */ 50 51 #if !defined(_PCP_SMS4_H) 52 #define _PCP_SMS4_H 53 54 #include "owncp.h" 55 56 struct _cpSMS4 { 57 IppCtxId idCtx; /* SMS4 spec identifier */ 58 Ipp32u enc_rkeys[32]; /* enc round keys */ 59 Ipp32u dec_rkeys[32]; /* enc round keys */ 60 }; 61 62 /* 63 // access macros 64 */ 65 #define SMS4_ID(ctx) ((ctx)->idCtx) 66 #define SMS4_RK(ctx) ((ctx)->enc_rkeys) 67 #define SMS4_ERK(ctx) ((ctx)->enc_rkeys) 68 #define SMS4_DRK(ctx) ((ctx)->dec_rkeys) 69 70 /* SMS4 data block size (bytes) */ 71 #define MBS_SMS4 (16) 72 73 /* valid SMS4 context ID */ 74 #define VALID_SMS4_ID(ctx) (SMS4_ID((ctx))==idCtxSMS4) 75 76 /* alignment of AES context */ 77 #define SMS4_ALIGNMENT (4) 78 79 /* size of SMS4 context */ 80 __INLINE int cpSizeofCtx_SMS4(void) 81 { 82 return sizeof(IppsSMS4Spec) +(SMS4_ALIGNMENT-1); 83 } 84 85 /* SMS4 constants */ 86 extern const __ALIGN64 Ipp8u SMS4_Sbox[16*16]; 87 extern const Ipp32u SMS4_FK[4]; 88 extern const Ipp32u SMS4_CK[32]; 89 90 ////////////////////////////////////////////////////////////////////////////////////////////////////// 91 /* S-box substitution (endian dependent!) */ 92 93 #include "pcpbnuimpl.h" 94 #define SELECTION_BITS ((sizeof(BNU_CHUNK_T)/sizeof(Ipp8u)) -1) 95 96 #if defined(__INTEL_COMPILER) 97 __INLINE Ipp8u getSboxValue(Ipp8u x) 98 { 99 BNU_CHUNK_T selection = 0; 100 const BNU_CHUNK_T* SboxEntry = (BNU_CHUNK_T*)SMS4_Sbox; 101 102 BNU_CHUNK_T i_sel = x/sizeof(BNU_CHUNK_T); /* selection index */ 103 BNU_CHUNK_T i; 104 for(i=0; i<sizeof(SMS4_Sbox)/sizeof(BNU_CHUNK_T); i++) { 105 BNU_CHUNK_T mask = (i==i_sel)? (BNU_CHUNK_T)(-1) : 0; /* ipp and IPP build specific avoid jump instruction here */ 106 selection |= SboxEntry[i] & mask; 107 } 108 selection >>= (x & SELECTION_BITS)*8; 109 return (Ipp8u)(selection & 0xFF); 110 } 111 #else 112 #include "pcpmask_ct.h" 113 __INLINE Ipp8u getSboxValue(Ipp8u x) 114 { 115 BNU_CHUNK_T selection = 0; 116 const BNU_CHUNK_T* SboxEntry = (BNU_CHUNK_T*)SMS4_Sbox; 117 118 Ipp32u _x = x/sizeof(BNU_CHUNK_T); 119 Ipp32u i; 120 for(i=0; i<sizeof(SMS4_Sbox)/sizeof(BNU_CHUNK_T); i++) { 121 BNS_CHUNK_T mask = cpIsEqu_ct(_x, i); 122 selection |= SboxEntry[i] & mask; 123 } 124 selection >>= (x & SELECTION_BITS)*8; 125 return (Ipp8u)(selection & 0xFF); 126 } 127 #endif 128 129 __INLINE Ipp32u cpSboxT_SMS4(Ipp32u x) 130 { 131 Ipp32u y = getSboxValue(x & 0xFF); 132 y |= getSboxValue((x>> 8) & 0xFF) <<8; 133 y |= getSboxValue((x>>16) & 0xFF) <<16; 134 y |= getSboxValue((x>>24) & 0xFF) <<24; 135 return y; 136 } 137 138 /* key expansion transformation: 139 - linear Lilear 140 - mixer Mix 141 */ 142 __INLINE Ipp32u cpExpKeyLinear_SMS4(Ipp32u x) 143 { 144 return x^ROL32(x,13)^ROL32(x,23); 145 } 146 147 __INLINE Ipp32u cpExpKeyMix_SMS4(Ipp32u x) 148 { 149 return cpExpKeyLinear_SMS4( cpSboxT_SMS4(x) ); 150 } 151 152 /* cipher transformations: 153 - linear Lilear 154 - mixer Mix 155 */ 156 __INLINE Ipp32u cpCipherLinear_SMS4(Ipp32u x) 157 { 158 return x^ROL32(x,2)^ROL32(x,10)^ROL32(x,18)^ROL32(x,24); 159 } 160 161 __INLINE Ipp32u cpCipherMix_SMS4(Ipp32u x) 162 { 163 return cpCipherLinear_SMS4( cpSboxT_SMS4(x) ); 164 } 165 ////////////////////////////////////////////////////////////////////////////////////////////// 166 167 168 #define cpSMS4_Cipher OWNAPI(cpSMS4_Cipher) 169 void cpSMS4_Cipher(Ipp8u* otxt, const Ipp8u* itxt, const Ipp32u* pRoundKeys); 170 171 #if (_IPP>=_IPP_P8) || (_IPP32E>=_IPP32E_Y8) 172 #define cpSMS4_SetRoundKeys_aesni OWNAPI(cpSMS4_SetRoundKeys_aesni) 173 void cpSMS4_SetRoundKeys_aesni(Ipp32u* pRounKey, const Ipp8u* pSecretKey); 174 175 #define cpSMS4_ECB_aesni_x1 OWNAPI(cpSMS4_ECB_aesni_x1) 176 void cpSMS4_ECB_aesni_x1(Ipp8u* pOut, const Ipp8u* pInp, const Ipp32u* pRKey); 177 #define cpSMS4_ECB_aesni OWNAPI(cpSMS4_ECB_aesni) 178 int cpSMS4_ECB_aesni(Ipp8u* pDst, const Ipp8u* pSrc, int nLen, const Ipp32u* pRKey); 179 #define cpSMS4_CBC_dec_aesni OWNAPI(cpSMS4_CBC_dec_aesni) 180 int cpSMS4_CBC_dec_aesni(Ipp8u* pDst, const Ipp8u* pSrc, int nLen, const Ipp32u* pRKey, Ipp8u* pIV); 181 #define cpSMS4_CTR_aesni OWNAPI(cpSMS4_CTR_aesni) 182 int cpSMS4_CTR_aesni(Ipp8u* pOut, const Ipp8u* pInp, int len, const Ipp32u* pRKey, const Ipp8u* pCtrMask, Ipp8u* pCtr); 183 184 #if (_IPP>=_IPP_H9) || (_IPP32E>=_IPP32E_L9) 185 #define cpSMS4_ECB_aesni_x12 OWNAPI(cpSMS4_ECB_aesni_x12) 186 int cpSMS4_ECB_aesni_x12(Ipp8u* pOut, const Ipp8u* pInp, int len, const Ipp32u* pRKey); 187 #define cpSMS4_CBC_dec_aesni_x12 OWNAPI(cpSMS4_CBC_dec_aesni_x12) 188 int cpSMS4_CBC_dec_aesni_x12(Ipp8u* pOut, const Ipp8u* pInp, int len, const Ipp32u* pRKey, Ipp8u* pIV); 189 #define cpSMS4_CTR_aesni_x4 OWNAPI(cpSMS4_CTR_aesni_x4) 190 int cpSMS4_CTR_aesni_x4(Ipp8u* pOut, const Ipp8u* pInp, int len, const Ipp32u* pRKey, const Ipp8u* pCtrMask, Ipp8u* pCtr); 191 #endif 192 193 #endif 194 195 #define cpProcessSMS4_ctr OWNAPI(cpProcessSMS4_ctr) 196 IppStatus cpProcessSMS4_ctr(const Ipp8u* pSrc, Ipp8u* pDst, int dataLen, const IppsSMS4Spec* pCtx, Ipp8u* pCtrValue, int ctrNumBitSize); 197 198 #define cpSMS4_SetRoundKeys OWNAPI(cpSMS4_SetRoundKeys) 199 void cpSMS4_SetRoundKeys(Ipp32u* pRounKey, const Ipp8u* pKey); 200 201 #endif /* _PCP_SMS4_H */ 202