Print this page
3882 remove xmod & friends
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/common/crypto/aes/aes_impl.c
+++ new/usr/src/common/crypto/aes/aes_impl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23 23 */
24 24
25 25 #include <sys/types.h>
26 26 #include <sys/systm.h>
27 27 #include <sys/sysmacros.h>
28 28 #include <netinet/in.h>
29 29 #include "aes_impl.h"
30 30 #ifndef _KERNEL
31 31 #include <strings.h>
32 32 #include <stdlib.h>
33 33 #endif /* !_KERNEL */
34 34
35 35 #ifdef __amd64
36 36
37 37 #ifdef _KERNEL
38 38 #include <sys/cpuvar.h> /* cpu_t, CPU */
39 39 #include <sys/x86_archext.h> /* x86_featureset, X86FSET_AES */
40 40 #include <sys/disp.h> /* kpreempt_disable(), kpreempt_enable */
41 41
42 42 /* Workaround for no XMM kernel thread save/restore */
43 43 #define KPREEMPT_DISABLE kpreempt_disable()
44 44 #define KPREEMPT_ENABLE kpreempt_enable()
45 45
46 46 #else
47 47 #include <sys/auxv.h> /* getisax() */
48 48 #include <sys/auxv_386.h> /* AV_386_AES bit */
49 49 #define KPREEMPT_DISABLE
50 50 #define KPREEMPT_ENABLE
51 51 #endif /* _KERNEL */
52 52 #endif /* __amd64 */
53 53
54 54
55 55 /*
56 56 * This file is derived from the file rijndael-alg-fst.c taken from the
57 57 * "optimized C code v3.0" on the "rijndael home page"
58 58 * http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/
59 59 * pointed by the NIST web-site http://csrc.nist.gov/archive/aes/
60 60 *
61 61 * The following note is from the original file:
62 62 */
63 63
64 64 /*
65 65 * rijndael-alg-fst.c
66 66 *
67 67 * @version 3.0 (December 2000)
68 68 *
69 69 * Optimised ANSI C code for the Rijndael cipher (now AES)
70 70 *
71 71 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
72 72 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
73 73 * @author Paulo Barreto <paulo.barreto@terra.com.br>
74 74 *
75 75 * This code is hereby placed in the public domain.
76 76 *
77 77 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
78 78 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
79 79 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
↓ open down ↓ |
79 lines elided |
↑ open up ↑ |
80 80 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
81 81 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
82 82 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
83 83 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
84 84 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
85 85 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
86 86 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
87 87 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
88 88 */
89 89
90 -/* EXPORT DELETE START */
91 -
92 90 #if defined(sun4u)
93 91 /* External assembly functions: */
94 92 extern void aes_encrypt_impl(const uint32_t rk[], int Nr, const uint32_t pt[4],
95 93 uint32_t ct[4]);
96 94 extern void aes_decrypt_impl(const uint32_t rk[], int Nr, const uint32_t ct[4],
97 95 uint32_t pt[4]);
98 96
99 97 #define AES_ENCRYPT_IMPL(a, b, c, d, e) aes_encrypt_impl(a, b, c, d)
100 98 #define AES_DECRYPT_IMPL(a, b, c, d, e) aes_decrypt_impl(a, b, c, d)
101 99
102 100 #elif defined(__amd64)
103 101
104 102 /* These functions are used to execute amd64 instructions for AMD or Intel: */
105 103 extern int rijndael_key_setup_enc_amd64(uint32_t rk[],
106 104 const uint32_t cipherKey[], int keyBits);
107 105 extern int rijndael_key_setup_dec_amd64(uint32_t rk[],
108 106 const uint32_t cipherKey[], int keyBits);
109 107 extern void aes_encrypt_amd64(const uint32_t rk[], int Nr,
110 108 const uint32_t pt[4], uint32_t ct[4]);
111 109 extern void aes_decrypt_amd64(const uint32_t rk[], int Nr,
112 110 const uint32_t ct[4], uint32_t pt[4]);
113 111
114 112 /* These functions are used to execute Intel-specific AES-NI instructions: */
115 113 extern int rijndael_key_setup_enc_intel(uint32_t rk[],
116 114 const uint32_t cipherKey[], uint64_t keyBits);
117 115 extern int rijndael_key_setup_dec_intel(uint32_t rk[],
118 116 const uint32_t cipherKey[], uint64_t keyBits);
119 117 extern void aes_encrypt_intel(const uint32_t rk[], int Nr,
120 118 const uint32_t pt[4], uint32_t ct[4]);
121 119 extern void aes_decrypt_intel(const uint32_t rk[], int Nr,
122 120 const uint32_t ct[4], uint32_t pt[4]);
123 121
124 122 static int intel_aes_instructions_present(void);
125 123
126 124 #define AES_ENCRYPT_IMPL(a, b, c, d, e) rijndael_encrypt(a, b, c, d, e)
127 125 #define AES_DECRYPT_IMPL(a, b, c, d, e) rijndael_decrypt(a, b, c, d, e)
128 126
129 127 #else /* Generic C implementation */
130 128
131 129 #define AES_ENCRYPT_IMPL(a, b, c, d, e) rijndael_encrypt(a, b, c, d)
132 130 #define AES_DECRYPT_IMPL(a, b, c, d, e) rijndael_decrypt(a, b, c, d)
133 131 #define rijndael_key_setup_enc_raw rijndael_key_setup_enc
134 132 #endif /* sun4u || __amd64 */
135 133
136 134 #if defined(_LITTLE_ENDIAN) && !defined(__amd64)
137 135 #define AES_BYTE_SWAP
138 136 #endif
139 137
140 138
141 139 #if !defined(__amd64)
142 140 /*
143 141 * Constant tables
144 142 */
145 143
146 144 /*
147 145 * Te0[x] = S [x].[02, 01, 01, 03];
148 146 * Te1[x] = S [x].[03, 02, 01, 01];
149 147 * Te2[x] = S [x].[01, 03, 02, 01];
150 148 * Te3[x] = S [x].[01, 01, 03, 02];
151 149 * Te4[x] = S [x].[01, 01, 01, 01];
152 150 *
153 151 * Td0[x] = Si[x].[0e, 09, 0d, 0b];
154 152 * Td1[x] = Si[x].[0b, 0e, 09, 0d];
155 153 * Td2[x] = Si[x].[0d, 0b, 0e, 09];
156 154 * Td3[x] = Si[x].[09, 0d, 0b, 0e];
157 155 * Td4[x] = Si[x].[01, 01, 01, 01];
158 156 */
159 157
160 158 /* Encrypt Sbox constants (for the substitute bytes operation) */
161 159
162 160 #ifndef sun4u
163 161
164 162 static const uint32_t Te0[256] =
165 163 {
166 164 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
167 165 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
168 166 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
169 167 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
170 168 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
171 169 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
172 170 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
173 171 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
174 172 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
175 173 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
176 174 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
177 175 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
178 176 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
179 177 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
180 178 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
181 179 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
182 180 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
183 181 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
184 182 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
185 183 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
186 184 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
187 185 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
188 186 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
189 187 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
190 188 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
191 189 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
192 190 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
193 191 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
194 192 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
195 193 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
196 194 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
197 195 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
198 196 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
199 197 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
200 198 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
201 199 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
202 200 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
203 201 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
204 202 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
205 203 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
206 204 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
207 205 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
208 206 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
209 207 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
210 208 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
211 209 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
212 210 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
213 211 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
214 212 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
215 213 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
216 214 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
217 215 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
218 216 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
219 217 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
220 218 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
221 219 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
222 220 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
223 221 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
224 222 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
225 223 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
226 224 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
227 225 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
228 226 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
229 227 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU
230 228 };
231 229
232 230
233 231 static const uint32_t Te1[256] =
234 232 {
235 233 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
236 234 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
237 235 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
238 236 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
239 237 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
240 238 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
241 239 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
242 240 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
243 241 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
244 242 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
245 243 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
246 244 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
247 245 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
248 246 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
249 247 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
250 248 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
251 249 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
252 250 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
253 251 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
254 252 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
255 253 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
256 254 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
257 255 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
258 256 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
259 257 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
260 258 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
261 259 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
262 260 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
263 261 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
264 262 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
265 263 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
266 264 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
267 265 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
268 266 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
269 267 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
270 268 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
271 269 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
272 270 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
273 271 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
274 272 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
275 273 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
276 274 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
277 275 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
278 276 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
279 277 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
280 278 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
281 279 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
282 280 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
283 281 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
284 282 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
285 283 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
286 284 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
287 285 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
288 286 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
289 287 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
290 288 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
291 289 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
292 290 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
293 291 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
294 292 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
295 293 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
296 294 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
297 295 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
298 296 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U
299 297 };
300 298
301 299
302 300 static const uint32_t Te2[256] =
303 301 {
304 302 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
305 303 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
306 304 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
307 305 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
308 306 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
309 307 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
310 308 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
311 309 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
312 310 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
313 311 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
314 312 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
315 313 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
316 314 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
317 315 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
318 316 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
319 317 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
320 318 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
321 319 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
322 320 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
323 321 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
324 322 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
325 323 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
326 324 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
327 325 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
328 326 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
329 327 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
330 328 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
331 329 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
332 330 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
333 331 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
334 332 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
335 333 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
336 334 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
337 335 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
338 336 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
339 337 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
340 338 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
341 339 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
342 340 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
343 341 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
344 342 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
345 343 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
346 344 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
347 345 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
348 346 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
349 347 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
350 348 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
351 349 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
352 350 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
353 351 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
354 352 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
355 353 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
356 354 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
357 355 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
358 356 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
359 357 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
360 358 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
361 359 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
362 360 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
363 361 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
364 362 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
365 363 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
366 364 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
367 365 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U
368 366 };
369 367
370 368
371 369 static const uint32_t Te3[256] =
372 370 {
373 371 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
374 372 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
375 373 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
376 374 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
377 375 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
378 376 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
379 377 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
380 378 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
381 379 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
382 380 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
383 381 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
384 382 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
385 383 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
386 384 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
387 385 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
388 386 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
389 387 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
390 388 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
391 389 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
392 390 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
393 391 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
394 392 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
395 393 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
396 394 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
397 395 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
398 396 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
399 397 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
400 398 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
401 399 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
402 400 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
403 401 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
404 402 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
405 403 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
406 404 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
407 405 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
408 406 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
409 407 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
410 408 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
411 409 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
412 410 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
413 411 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
414 412 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
415 413 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
416 414 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
417 415 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
418 416 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
419 417 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
420 418 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
421 419 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
422 420 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
423 421 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
424 422 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
425 423 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
426 424 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
427 425 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
428 426 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
429 427 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
430 428 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
431 429 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
432 430 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
433 431 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
434 432 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
435 433 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
436 434 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU
437 435 };
438 436
439 437 #endif /* !sun4u */
440 438
441 439 static const uint32_t Te4[256] =
442 440 {
443 441 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
444 442 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
445 443 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
446 444 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
447 445 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
448 446 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
449 447 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
450 448 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
451 449 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
452 450 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
453 451 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
454 452 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
455 453 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
456 454 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
457 455 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
458 456 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
459 457 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
460 458 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
461 459 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
462 460 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
463 461 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
464 462 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
465 463 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
466 464 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
467 465 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
468 466 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
469 467 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
470 468 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
471 469 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
472 470 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
473 471 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
474 472 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
475 473 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
476 474 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
477 475 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
478 476 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
479 477 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
480 478 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
481 479 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
482 480 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
483 481 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
484 482 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
485 483 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
486 484 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
487 485 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
488 486 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
489 487 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
490 488 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
491 489 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
492 490 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
493 491 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
494 492 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
495 493 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
496 494 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
497 495 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
498 496 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
499 497 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
500 498 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
501 499 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
502 500 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
503 501 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
504 502 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
505 503 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
506 504 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U
507 505 };
508 506
509 507 /* Decrypt Sbox constants (for the substitute bytes operation) */
510 508
511 509 static const uint32_t Td0[256] =
512 510 {
513 511 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
514 512 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
515 513 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
516 514 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
517 515 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
518 516 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
519 517 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
520 518 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
521 519 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
522 520 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
523 521 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
524 522 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
525 523 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
526 524 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
527 525 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
528 526 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
529 527 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
530 528 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
531 529 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
532 530 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
533 531 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
534 532 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
535 533 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
536 534 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
537 535 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
538 536 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
539 537 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
540 538 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
541 539 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
542 540 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
543 541 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
544 542 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
545 543 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
546 544 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
547 545 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
548 546 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
549 547 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
550 548 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
551 549 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
552 550 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
553 551 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
554 552 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
555 553 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
556 554 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
557 555 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
558 556 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
559 557 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
560 558 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
561 559 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
562 560 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
563 561 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
564 562 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
565 563 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
566 564 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
567 565 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
568 566 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
569 567 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
570 568 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
571 569 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
572 570 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
573 571 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
574 572 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
575 573 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
576 574 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U
577 575 };
578 576
579 577 static const uint32_t Td1[256] =
580 578 {
581 579 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
582 580 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
583 581 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
584 582 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
585 583 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
586 584 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
587 585 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
588 586 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
589 587 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
590 588 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
591 589 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
592 590 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
593 591 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
594 592 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
595 593 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
596 594 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
597 595 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
598 596 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
599 597 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
600 598 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
601 599 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
602 600 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
603 601 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
604 602 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
605 603 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
606 604 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
607 605 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
608 606 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
609 607 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
610 608 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
611 609 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
612 610 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
613 611 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
614 612 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
615 613 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
616 614 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
617 615 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
618 616 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
619 617 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
620 618 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
621 619 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
622 620 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
623 621 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
624 622 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
625 623 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
626 624 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
627 625 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
628 626 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
629 627 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
630 628 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
631 629 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
632 630 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
633 631 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
634 632 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
635 633 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
636 634 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
637 635 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
638 636 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
639 637 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
640 638 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
641 639 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
642 640 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
643 641 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
644 642 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U
645 643 };
646 644
647 645 static const uint32_t Td2[256] =
648 646 {
649 647 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
650 648 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
651 649 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
652 650 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
653 651 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
654 652 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
655 653 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
656 654 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
657 655 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
658 656 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
659 657 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
660 658 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
661 659 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
662 660 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
663 661 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
664 662 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
665 663 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
666 664 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
667 665 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
668 666 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
669 667 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
670 668 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
671 669 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
672 670 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
673 671 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
674 672 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
675 673 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
676 674 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
677 675 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
678 676 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
679 677 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
680 678 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
681 679 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
682 680 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
683 681 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
684 682 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
685 683 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
686 684 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
687 685 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
688 686 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
689 687 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
690 688 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
691 689 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
692 690 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
693 691 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
694 692 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
695 693 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
696 694 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
697 695 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
698 696 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
699 697 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
700 698 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
701 699 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
702 700 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
703 701 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
704 702 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
705 703 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
706 704 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
707 705 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
708 706 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
709 707 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
710 708 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
711 709 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
712 710 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U
713 711 };
714 712
715 713 static const uint32_t Td3[256] =
716 714 {
717 715 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
718 716 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
719 717 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
720 718 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
721 719 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
722 720 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
723 721 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
724 722 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
725 723 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
726 724 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
727 725 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
728 726 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
729 727 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
730 728 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
731 729 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
732 730 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
733 731 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
734 732 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
735 733 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
736 734 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
737 735 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
738 736 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
739 737 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
740 738 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
741 739 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
742 740 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
743 741 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
744 742 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
745 743 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
746 744 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
747 745 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
748 746 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
749 747 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
750 748 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
751 749 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
752 750 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
753 751 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
754 752 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
755 753 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
756 754 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
757 755 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
758 756 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
759 757 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
760 758 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
761 759 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
762 760 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
763 761 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
764 762 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
765 763 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
766 764 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
767 765 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
768 766 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
769 767 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
770 768 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
771 769 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
772 770 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
773 771 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
774 772 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
775 773 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
776 774 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
777 775 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
778 776 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
779 777 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
780 778 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U
781 779 };
782 780
783 781 #ifndef sun4u
784 782
785 783 static const uint32_t Td4[256] =
786 784 {
787 785 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
788 786 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
789 787 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
790 788 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
791 789 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
792 790 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
793 791 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
794 792 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
795 793 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
796 794 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
797 795 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
798 796 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
799 797 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
800 798 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
801 799 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
802 800 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
803 801 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
804 802 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
805 803 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
806 804 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
807 805 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
808 806 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
809 807 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
810 808 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
811 809 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
812 810 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
813 811 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
814 812 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
815 813 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
816 814 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
817 815 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
818 816 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
819 817 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
820 818 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
821 819 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
822 820 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
823 821 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
824 822 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
825 823 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
826 824 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
827 825 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
828 826 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
829 827 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
830 828 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
831 829 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
832 830 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
833 831 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
834 832 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
835 833 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
836 834 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
837 835 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
838 836 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
839 837 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
840 838 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
841 839 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
842 840 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
843 841 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
844 842 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
845 843 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
846 844 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
847 845 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
848 846 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
849 847 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
850 848 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU
851 849 };
852 850
853 851 #endif /* !sun4u */
854 852
855 853 /* Rcon is Round Constant; used for encryption key expansion */
856 854 static const uint32_t rcon[RC_LENGTH] =
857 855 {
858 856 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
859 857 0x01000000, 0x02000000, 0x04000000, 0x08000000,
860 858 0x10000000, 0x20000000, 0x40000000, 0x80000000,
861 859 0x1B000000, 0x36000000
862 860 };
863 861
864 862
865 863 /*
866 864 * Expand the cipher key into the encryption key schedule.
867 865 *
868 866 * Return the number of rounds for the given cipher key size.
869 867 * The size of the key schedule depends on the number of rounds
870 868 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
871 869 *
872 870 * Parameters:
873 871 * rk AES key schedule 32-bit array to be initialized
874 872 * cipherKey User key
875 873 * keyBits AES key size (128, 192, or 256 bits)
876 874 */
877 875 static int
878 876 rijndael_key_setup_enc_raw(uint32_t rk[], const uint32_t cipherKey[],
879 877 int keyBits)
880 878 {
881 879 int i = 0;
882 880 uint32_t temp;
883 881
884 882 rk[0] = cipherKey[0];
885 883 rk[1] = cipherKey[1];
886 884 rk[2] = cipherKey[2];
887 885 rk[3] = cipherKey[3];
888 886
889 887 if (keyBits == 128) {
890 888 for (;;) {
891 889 temp = rk[3];
892 890 rk[4] = rk[0] ^
893 891 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
894 892 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
895 893 (Te4[temp & 0xff] & 0x0000ff00) ^
896 894 (Te4[temp >> 24] & 0x000000ff) ^
897 895 rcon[i];
898 896 rk[5] = rk[1] ^ rk[4];
899 897 rk[6] = rk[2] ^ rk[5];
900 898 rk[7] = rk[3] ^ rk[6];
901 899
902 900 if (++i == 10) {
903 901 return (10);
904 902 }
905 903 rk += 4;
906 904 }
907 905 }
908 906
909 907 rk[4] = cipherKey[4];
910 908 rk[5] = cipherKey[5];
911 909
912 910 if (keyBits == 192) {
913 911 for (;;) {
914 912 temp = rk[5];
915 913 rk[6] = rk[0] ^
916 914 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
917 915 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
918 916 (Te4[temp & 0xff] & 0x0000ff00) ^
919 917 (Te4[temp >> 24] & 0x000000ff) ^
920 918 rcon[i];
921 919 rk[7] = rk[1] ^ rk[6];
922 920 rk[8] = rk[2] ^ rk[7];
923 921 rk[9] = rk[3] ^ rk[8];
924 922
925 923 if (++i == 8) {
926 924 return (12);
927 925 }
928 926
929 927 rk[10] = rk[4] ^ rk[9];
930 928 rk[11] = rk[5] ^ rk[10];
931 929 rk += 6;
932 930 }
933 931 }
934 932
935 933 rk[6] = cipherKey[6];
936 934 rk[7] = cipherKey[7];
937 935
938 936 if (keyBits == 256) {
939 937 for (;;) {
940 938 temp = rk[7];
941 939 rk[8] = rk[0] ^
942 940 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
943 941 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
944 942 (Te4[temp & 0xff] & 0x0000ff00) ^
945 943 (Te4[temp >> 24] & 0x000000ff) ^
946 944 rcon[i];
947 945 rk[9] = rk[1] ^ rk[8];
948 946 rk[10] = rk[2] ^ rk[9];
949 947 rk[11] = rk[3] ^ rk[10];
950 948
951 949 if (++i == 7) {
952 950 return (14);
953 951 }
954 952 temp = rk[11];
955 953 rk[12] = rk[4] ^
956 954 (Te4[temp >> 24] & 0xff000000) ^
957 955 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
958 956 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
959 957 (Te4[temp & 0xff] & 0x000000ff);
960 958 rk[13] = rk[5] ^ rk[12];
961 959 rk[14] = rk[6] ^ rk[13];
962 960 rk[15] = rk[7] ^ rk[14];
963 961
964 962 rk += 8;
965 963 }
966 964 }
967 965
968 966 return (0);
969 967 }
970 968 #endif /* !__amd64 */
971 969
972 970
973 971 #ifdef sun4u
974 972
975 973 /*
976 974 * Expand the cipher key into the encryption key schedule.
977 975 * by the sun4u optimized assembly implementation.
978 976 *
979 977 * Return the number of rounds for the given cipher key size.
980 978 * The size of the key schedule depends on the number of rounds
981 979 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
982 980 *
983 981 * Parameters:
984 982 * rk AES key schedule 64-bit array to be initialized
985 983 * cipherKey User key
986 984 * keyBits AES key size (128, 192, or 256 bits)
987 985 */
988 986 static int
989 987 rijndael_key_setup_enc(uint64_t rk[], const uint32_t cipherKey[], int keyBits)
990 988 {
991 989 uint32_t rk1[4 * (MAX_AES_NR + 1)];
992 990 uint64_t *rk64 = (uint64_t *)rk;
993 991 uint32_t *rkt;
994 992 uint64_t t;
995 993 int i, Nr;
996 994
997 995 Nr = rijndael_key_setup_enc_raw(rk1, cipherKey, keyBits);
998 996
999 997 for (i = 0; i < 4 * Nr; i++) {
1000 998 t = (uint64_t)(rk1[i]);
1001 999 rk64[i] = ((t & 0xff000000) << 11) |
1002 1000 ((t & 0xff0000) << 8) |
1003 1001 ((t & 0xffff) << 3);
1004 1002 }
1005 1003
1006 1004 rkt = (uint32_t *)(&(rk64[4 * Nr]));
1007 1005
1008 1006 for (i = 0; i < 4; i++) {
1009 1007 rkt[i] = rk1[4 * Nr+i];
1010 1008 }
1011 1009
1012 1010 return (Nr);
1013 1011 }
1014 1012
1015 1013
1016 1014 /*
1017 1015 * Expand the cipher key into the decryption key schedule as used
1018 1016 * by the sun4u optimized assembly implementation.
1019 1017 *
1020 1018 * Return the number of rounds for the given cipher key size.
1021 1019 * The size of the key schedule depends on the number of rounds
1022 1020 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1023 1021 *
1024 1022 * Parameters:
1025 1023 * rk AES key schedule 32-bit array to be initialized
1026 1024 * cipherKey User key
1027 1025 * keyBits AES key size (128, 192, or 256 bits)
1028 1026 */
1029 1027 static int
1030 1028 rijndael_key_setup_dec_raw(uint32_t rk[], const uint32_t cipherKey[],
1031 1029 int keyBits)
1032 1030 {
1033 1031 int Nr, i;
1034 1032 uint32_t temp;
1035 1033
1036 1034 /* expand the cipher key: */
1037 1035 Nr = rijndael_key_setup_enc_raw(rk, cipherKey, keyBits);
1038 1036
1039 1037 /* invert the order of the round keys: */
1040 1038
1041 1039 for (i = 0; i < 2 * Nr + 2; i++) {
1042 1040 temp = rk[i];
1043 1041 rk[i] = rk[4 * Nr - i + 3];
1044 1042 rk[4 * Nr - i + 3] = temp;
1045 1043 }
1046 1044
1047 1045 /*
1048 1046 * apply the inverse MixColumn transform to all
1049 1047 * round keys but the first and the last:
1050 1048 */
1051 1049 for (i = 1; i < Nr; i++) {
1052 1050 rk += 4;
1053 1051 rk[0] = Td0[Te4[rk[0] >> 24] & 0xff] ^
1054 1052 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
1055 1053 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
1056 1054 Td3[Te4[rk[0] & 0xff] & 0xff];
1057 1055 rk[1] = Td0[Te4[rk[1] >> 24] & 0xff] ^
1058 1056 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
1059 1057 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
1060 1058 Td3[Te4[rk[1] & 0xff] & 0xff];
1061 1059 rk[2] = Td0[Te4[rk[2] >> 24] & 0xff] ^
1062 1060 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
1063 1061 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
1064 1062 Td3[Te4[rk[2] & 0xff] & 0xff];
1065 1063 rk[3] = Td0[Te4[rk[3] >> 24] & 0xff] ^
1066 1064 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
1067 1065 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
1068 1066 Td3[Te4[rk[3] & 0xff] & 0xff];
1069 1067 }
1070 1068
1071 1069 return (Nr);
1072 1070 }
1073 1071
1074 1072
1075 1073 /*
1076 1074 * The size of the key schedule depends on the number of rounds
1077 1075 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1078 1076 *
1079 1077 * Parameters:
1080 1078 * rk AES key schedule 64-bit array to be initialized
1081 1079 * cipherKey User key
1082 1080 * keyBits AES key size (128, 192, or 256 bits)
1083 1081 */
1084 1082 static int
1085 1083 rijndael_key_setup_dec(uint64_t rk[], const uint32_t cipherKey[], int keyBits)
1086 1084 {
1087 1085 uint32_t rk1[4 * (MAX_AES_NR + 1)];
1088 1086 uint64_t *rk64 = (uint64_t *)rk;
1089 1087 uint32_t *rkt;
1090 1088 uint64_t t;
1091 1089 int i, Nr;
1092 1090
1093 1091 Nr = rijndael_key_setup_dec_raw(rk1, cipherKey, keyBits);
1094 1092 for (i = 0; i < 4 * Nr; i++) {
1095 1093 t = (uint64_t)(rk1[i]);
1096 1094 rk64[i] = ((t & 0xff000000) << 11) |
1097 1095 ((t & 0xff0000) << 8) |
1098 1096 ((t & 0xffff) << 3);
1099 1097 }
1100 1098
1101 1099 rkt = (uint32_t *)(&(rk64[4 * Nr]));
1102 1100
1103 1101 for (i = 0; i < 4; i++) {
1104 1102 rkt[i] = rk1[4 * Nr + i];
1105 1103 }
1106 1104
1107 1105 return (Nr);
1108 1106 }
1109 1107
1110 1108
1111 1109 /*
1112 1110 * Expand the 64-bit AES cipher key array into the encryption and decryption
1113 1111 * key schedules.
1114 1112 *
1115 1113 * Parameters:
1116 1114 * key AES key schedule to be initialized
1117 1115 * keyarr32 User key
1118 1116 * keyBits AES key size (128, 192, or 256 bits)
1119 1117 */
1120 1118 static void
1121 1119 aes_setupkeys(aes_key_t *key, const uint32_t *keyarr32, int keybits)
1122 1120 {
1123 1121 key->nr = rijndael_key_setup_enc(&(key->encr_ks.ks64[0]), keyarr32,
1124 1122 keybits);
1125 1123 key->nr = rijndael_key_setup_dec(&(key->decr_ks.ks64[0]), keyarr32,
1126 1124 keybits);
1127 1125 key->type = AES_64BIT_KS;
1128 1126 }
1129 1127
1130 1128
1131 1129 #elif defined(__amd64)
1132 1130
1133 1131 /*
1134 1132 * Expand the 32-bit AES cipher key array into the encryption and decryption
1135 1133 * key schedules.
1136 1134 *
1137 1135 * Parameters:
1138 1136 * key AES key schedule to be initialized
1139 1137 * keyarr32 User key
1140 1138 * keyBits AES key size (128, 192, or 256 bits)
1141 1139 */
1142 1140 static void
1143 1141 aes_setupkeys(aes_key_t *key, const uint32_t *keyarr32, int keybits)
1144 1142 {
1145 1143 if (intel_aes_instructions_present()) {
1146 1144 key->flags = INTEL_AES_NI_CAPABLE;
1147 1145 KPREEMPT_DISABLE;
1148 1146 key->nr = rijndael_key_setup_enc_intel(&(key->encr_ks.ks32[0]),
1149 1147 keyarr32, keybits);
1150 1148 key->nr = rijndael_key_setup_dec_intel(&(key->decr_ks.ks32[0]),
1151 1149 keyarr32, keybits);
1152 1150 KPREEMPT_ENABLE;
1153 1151 } else {
1154 1152 key->flags = 0;
1155 1153 key->nr = rijndael_key_setup_enc_amd64(&(key->encr_ks.ks32[0]),
1156 1154 keyarr32, keybits);
1157 1155 key->nr = rijndael_key_setup_dec_amd64(&(key->decr_ks.ks32[0]),
1158 1156 keyarr32, keybits);
1159 1157 }
1160 1158
1161 1159 key->type = AES_32BIT_KS;
1162 1160 }
1163 1161
1164 1162 /*
1165 1163 * Encrypt one block of data. The block is assumed to be an array
1166 1164 * of four uint32_t values, so copy for alignment (and byte-order
1167 1165 * reversal for little endian systems might be necessary on the
1168 1166 * input and output byte streams.
1169 1167 * The size of the key schedule depends on the number of rounds
1170 1168 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1171 1169 *
1172 1170 * Parameters:
1173 1171 * rk Key schedule, of aes_ks_t (60 32-bit integers)
1174 1172 * Nr Number of rounds
1175 1173 * pt Input block (plain text)
1176 1174 * ct Output block (crypto text). Can overlap with pt
1177 1175 * flags Indicates whether we're on Intel AES-NI-capable hardware
1178 1176 */
1179 1177 static void
1180 1178 rijndael_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4],
1181 1179 uint32_t ct[4], int flags) {
1182 1180 if (flags & INTEL_AES_NI_CAPABLE) {
1183 1181 KPREEMPT_DISABLE;
1184 1182 aes_encrypt_intel(rk, Nr, pt, ct);
1185 1183 KPREEMPT_ENABLE;
1186 1184 } else {
1187 1185 aes_encrypt_amd64(rk, Nr, pt, ct);
1188 1186 }
1189 1187 }
1190 1188
1191 1189 /*
1192 1190 * Decrypt one block of data. The block is assumed to be an array
1193 1191 * of four uint32_t values, so copy for alignment (and byte-order
1194 1192 * reversal for little endian systems might be necessary on the
1195 1193 * input and output byte streams.
1196 1194 * The size of the key schedule depends on the number of rounds
1197 1195 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1198 1196 *
1199 1197 * Parameters:
1200 1198 * rk Key schedule, of aes_ks_t (60 32-bit integers)
1201 1199 * Nr Number of rounds
1202 1200 * ct Input block (crypto text)
1203 1201 * pt Output block (plain text). Can overlap with pt
1204 1202 * flags Indicates whether we're on Intel AES-NI-capable hardware
1205 1203 */
1206 1204 static void
1207 1205 rijndael_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4],
1208 1206 uint32_t pt[4], int flags) {
1209 1207 if (flags & INTEL_AES_NI_CAPABLE) {
1210 1208 KPREEMPT_DISABLE;
1211 1209 aes_decrypt_intel(rk, Nr, ct, pt);
1212 1210 KPREEMPT_ENABLE;
1213 1211 } else {
1214 1212 aes_decrypt_amd64(rk, Nr, ct, pt);
1215 1213 }
1216 1214 }
1217 1215
1218 1216
1219 1217 #else /* generic C implementation */
1220 1218
1221 1219 /*
1222 1220 * Expand the cipher key into the decryption key schedule.
1223 1221 * Return the number of rounds for the given cipher key size.
1224 1222 * The size of the key schedule depends on the number of rounds
1225 1223 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1226 1224 *
1227 1225 * Parameters:
1228 1226 * rk AES key schedule 32-bit array to be initialized
1229 1227 * cipherKey User key
1230 1228 * keyBits AES key size (128, 192, or 256 bits)
1231 1229 */
1232 1230 static int
1233 1231 rijndael_key_setup_dec(uint32_t rk[], const uint32_t cipherKey[], int keyBits)
1234 1232 {
1235 1233 int Nr, i, j;
1236 1234 uint32_t temp;
1237 1235
1238 1236 /* expand the cipher key: */
1239 1237 Nr = rijndael_key_setup_enc_raw(rk, cipherKey, keyBits);
1240 1238
1241 1239 /* invert the order of the round keys: */
1242 1240 for (i = 0, j = 4 * Nr; i < j; i += 4, j -= 4) {
1243 1241 temp = rk[i];
1244 1242 rk[i] = rk[j];
1245 1243 rk[j] = temp;
1246 1244 temp = rk[i + 1];
1247 1245 rk[i + 1] = rk[j + 1];
1248 1246 rk[j + 1] = temp;
1249 1247 temp = rk[i + 2];
1250 1248 rk[i + 2] = rk[j + 2];
1251 1249 rk[j + 2] = temp;
1252 1250 temp = rk[i + 3];
1253 1251 rk[i + 3] = rk[j + 3];
1254 1252 rk[j + 3] = temp;
1255 1253 }
1256 1254
1257 1255 /*
1258 1256 * apply the inverse MixColumn transform to all
1259 1257 * round keys but the first and the last:
1260 1258 */
1261 1259 for (i = 1; i < Nr; i++) {
1262 1260 rk += 4;
1263 1261 rk[0] = Td0[Te4[rk[0] >> 24] & 0xff] ^
1264 1262 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
1265 1263 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
1266 1264 Td3[Te4[rk[0] & 0xff] & 0xff];
1267 1265 rk[1] = Td0[Te4[rk[1] >> 24] & 0xff] ^
1268 1266 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
1269 1267 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
1270 1268 Td3[Te4[rk[1] & 0xff] & 0xff];
1271 1269 rk[2] = Td0[Te4[rk[2] >> 24] & 0xff] ^
1272 1270 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
1273 1271 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
1274 1272 Td3[Te4[rk[2] & 0xff] & 0xff];
1275 1273 rk[3] = Td0[Te4[rk[3] >> 24] & 0xff] ^
1276 1274 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
1277 1275 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
1278 1276 Td3[Te4[rk[3] & 0xff] & 0xff];
1279 1277 }
1280 1278
1281 1279 return (Nr);
1282 1280 }
1283 1281
1284 1282
1285 1283 /*
1286 1284 * Expand the 32-bit AES cipher key array into the encryption and decryption
1287 1285 * key schedules.
1288 1286 *
1289 1287 * Parameters:
1290 1288 * key AES key schedule to be initialized
1291 1289 * keyarr32 User key
1292 1290 * keyBits AES key size (128, 192, or 256 bits)
1293 1291 */
1294 1292 static void
1295 1293 aes_setupkeys(aes_key_t *key, const uint32_t *keyarr32, int keybits)
1296 1294 {
1297 1295 key->nr = rijndael_key_setup_enc(&(key->encr_ks.ks32[0]), keyarr32,
1298 1296 keybits);
1299 1297 key->nr = rijndael_key_setup_dec(&(key->decr_ks.ks32[0]), keyarr32,
1300 1298 keybits);
1301 1299 key->type = AES_32BIT_KS;
1302 1300 }
1303 1301
1304 1302
1305 1303 /*
1306 1304 * Encrypt one block of data. The block is assumed to be an array
1307 1305 * of four uint32_t values, so copy for alignment (and byte-order
1308 1306 * reversal for little endian systems might be necessary on the
1309 1307 * input and output byte streams.
1310 1308 * The size of the key schedule depends on the number of rounds
1311 1309 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1312 1310 *
1313 1311 * Parameters:
1314 1312 * rk Key schedule, of aes_ks_t (60 32-bit integers)
1315 1313 * Nr Number of rounds
1316 1314 * pt Input block (plain text)
1317 1315 * ct Output block (crypto text). Can overlap with pt
1318 1316 */
1319 1317 static void
1320 1318 rijndael_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4],
1321 1319 uint32_t ct[4])
1322 1320 {
1323 1321 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
1324 1322 int r;
1325 1323
1326 1324 /*
1327 1325 * map byte array block to cipher state
1328 1326 * and add initial round key:
1329 1327 */
1330 1328
1331 1329 s0 = pt[0] ^ rk[0];
1332 1330 s1 = pt[1] ^ rk[1];
1333 1331 s2 = pt[2] ^ rk[2];
1334 1332 s3 = pt[3] ^ rk[3];
1335 1333
1336 1334 /*
1337 1335 * Nr - 1 full rounds:
1338 1336 */
1339 1337
1340 1338 r = Nr >> 1;
1341 1339
1342 1340 for (;;) {
1343 1341 t0 = Te0[s0 >> 24] ^
1344 1342 Te1[(s1 >> 16) & 0xff] ^
1345 1343 Te2[(s2 >> 8) & 0xff] ^
1346 1344 Te3[s3 & 0xff] ^
1347 1345 rk[4];
1348 1346
1349 1347 t1 = Te0[s1 >> 24] ^
1350 1348 Te1[(s2 >> 16) & 0xff] ^
1351 1349 Te2[(s3 >> 8) & 0xff] ^
1352 1350 Te3[s0 & 0xff] ^
1353 1351 rk[5];
1354 1352
1355 1353 t2 = Te0[s2 >> 24] ^
1356 1354 Te1[(s3 >> 16) & 0xff] ^
1357 1355 Te2[(s0 >> 8) & 0xff] ^
1358 1356 Te3[s1 & 0xff] ^
1359 1357 rk[6];
1360 1358
1361 1359 t3 = Te0[s3 >> 24] ^
1362 1360 Te1[(s0 >> 16) & 0xff] ^
1363 1361 Te2[(s1 >> 8) & 0xff] ^
1364 1362 Te3[s2 & 0xff] ^
1365 1363 rk[7];
1366 1364
1367 1365 rk += 8;
1368 1366
1369 1367 if (--r == 0) {
1370 1368 break;
1371 1369 }
1372 1370
1373 1371 s0 = Te0[t0 >> 24] ^
1374 1372 Te1[(t1 >> 16) & 0xff] ^
1375 1373 Te2[(t2 >> 8) & 0xff] ^
1376 1374 Te3[t3 & 0xff] ^
1377 1375 rk[0];
1378 1376
1379 1377 s1 = Te0[t1 >> 24] ^
1380 1378 Te1[(t2 >> 16) & 0xff] ^
1381 1379 Te2[(t3 >> 8) & 0xff] ^
1382 1380 Te3[t0 & 0xff] ^
1383 1381 rk[1];
1384 1382
1385 1383 s2 = Te0[t2 >> 24] ^
1386 1384 Te1[(t3 >> 16) & 0xff] ^
1387 1385 Te2[(t0 >> 8) & 0xff] ^
1388 1386 Te3[t1 & 0xff] ^
1389 1387 rk[2];
1390 1388
1391 1389 s3 = Te0[t3 >> 24] ^
1392 1390 Te1[(t0 >> 16) & 0xff] ^
1393 1391 Te2[(t1 >> 8) & 0xff] ^
1394 1392 Te3[t2 & 0xff] ^
1395 1393 rk[3];
1396 1394 }
1397 1395
1398 1396 /*
1399 1397 * apply last round and
1400 1398 * map cipher state to byte array block:
1401 1399 */
1402 1400
1403 1401 s0 = (Te4[(t0 >> 24)] & 0xff000000) ^
1404 1402 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1405 1403 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1406 1404 (Te4[t3 & 0xff] & 0x000000ff) ^
1407 1405 rk[0];
1408 1406 ct[0] = s0;
1409 1407
1410 1408 s1 = (Te4[(t1 >> 24)] & 0xff000000) ^
1411 1409 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1412 1410 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1413 1411 (Te4[t0 & 0xff] & 0x000000ff) ^
1414 1412 rk[1];
1415 1413 ct[1] = s1;
1416 1414
1417 1415 s2 = (Te4[(t2 >> 24)] & 0xff000000) ^
1418 1416 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1419 1417 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1420 1418 (Te4[t1 & 0xff] & 0x000000ff) ^
1421 1419 rk[2];
1422 1420 ct[2] = s2;
1423 1421
1424 1422 s3 = (Te4[(t3 >> 24)] & 0xff000000) ^
1425 1423 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1426 1424 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1427 1425 (Te4[t2 & 0xff] & 0x000000ff) ^
1428 1426 rk[3];
1429 1427 ct[3] = s3;
1430 1428 }
1431 1429
1432 1430
1433 1431 /*
1434 1432 * Decrypt one block of data. The block is assumed to be an array
1435 1433 * of four uint32_t values, so copy for alignment (and byte-order
1436 1434 * reversal for little endian systems might be necessary on the
1437 1435 * input and output byte streams.
1438 1436 * The size of the key schedule depends on the number of rounds
1439 1437 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1440 1438 *
1441 1439 * Parameters:
1442 1440 * rk Key schedule, of aes_ks_t (60 32-bit integers)
1443 1441 * Nr Number of rounds
1444 1442 * ct Input block (crypto text)
1445 1443 * pt Output block (plain text). Can overlap with pt
1446 1444 */
1447 1445 static void
1448 1446 rijndael_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4],
1449 1447 uint32_t pt[4])
1450 1448 {
1451 1449 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
1452 1450 int r;
1453 1451
1454 1452 /*
1455 1453 * map byte array block to cipher state
1456 1454 * and add initial round key:
1457 1455 */
1458 1456 s0 = ct[0] ^ rk[0];
1459 1457 s1 = ct[1] ^ rk[1];
1460 1458 s2 = ct[2] ^ rk[2];
1461 1459 s3 = ct[3] ^ rk[3];
1462 1460
1463 1461 /*
1464 1462 * Nr - 1 full rounds:
1465 1463 */
1466 1464
1467 1465 r = Nr >> 1;
1468 1466
1469 1467 for (;;) {
1470 1468 t0 = Td0[s0 >> 24] ^
1471 1469 Td1[(s3 >> 16) & 0xff] ^
1472 1470 Td2[(s2 >> 8) & 0xff] ^
1473 1471 Td3[s1 & 0xff] ^
1474 1472 rk[4];
1475 1473
1476 1474 t1 = Td0[s1 >> 24] ^
1477 1475 Td1[(s0 >> 16) & 0xff] ^
1478 1476 Td2[(s3 >> 8) & 0xff] ^
1479 1477 Td3[s2 & 0xff] ^
1480 1478 rk[5];
1481 1479
1482 1480 t2 = Td0[s2 >> 24] ^
1483 1481 Td1[(s1 >> 16) & 0xff] ^
1484 1482 Td2[(s0 >> 8) & 0xff] ^
1485 1483 Td3[s3 & 0xff] ^
1486 1484 rk[6];
1487 1485
1488 1486 t3 = Td0[s3 >> 24] ^
1489 1487 Td1[(s2 >> 16) & 0xff] ^
1490 1488 Td2[(s1 >> 8) & 0xff] ^
1491 1489 Td3[s0 & 0xff] ^
1492 1490 rk[7];
1493 1491
1494 1492 rk += 8;
1495 1493
1496 1494 if (--r == 0) {
1497 1495 break;
1498 1496 }
1499 1497
1500 1498 s0 = Td0[t0 >> 24] ^
1501 1499 Td1[(t3 >> 16) & 0xff] ^
1502 1500 Td2[(t2 >> 8) & 0xff] ^
1503 1501 Td3[t1 & 0xff] ^
1504 1502 rk[0];
1505 1503
1506 1504 s1 = Td0[t1 >> 24] ^
1507 1505 Td1[(t0 >> 16) & 0xff] ^
1508 1506 Td2[(t3 >> 8) & 0xff] ^
1509 1507 Td3[t2 & 0xff] ^
1510 1508 rk[1];
1511 1509
1512 1510 s2 = Td0[t2 >> 24] ^
1513 1511 Td1[(t1 >> 16) & 0xff] ^
1514 1512 Td2[(t0 >> 8) & 0xff] ^
1515 1513 Td3[t3 & 0xff] ^
1516 1514 rk[2];
1517 1515
1518 1516 s3 = Td0[t3 >> 24] ^
1519 1517 Td1[(t2 >> 16) & 0xff] ^
1520 1518 Td2[(t1 >> 8) & 0xff] ^
1521 1519 Td3[t0 & 0xff] ^
1522 1520 rk[3];
1523 1521 }
1524 1522
1525 1523 /*
1526 1524 * apply last round and
1527 1525 * map cipher state to byte array block:
1528 1526 */
1529 1527
1530 1528 s0 = (Td4[t0 >> 24] & 0xff000000) ^
1531 1529 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1532 1530 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1533 1531 (Td4[t1 & 0xff] & 0x000000ff) ^
1534 1532 rk[0];
1535 1533 pt[0] = s0;
1536 1534
1537 1535 s1 = (Td4[t1 >> 24] & 0xff000000) ^
1538 1536 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1539 1537 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1540 1538 (Td4[t2 & 0xff] & 0x000000ff) ^
1541 1539 rk[1];
1542 1540 pt[1] = s1;
1543 1541
1544 1542 s2 = (Td4[t2 >> 24] & 0xff000000) ^
1545 1543 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1546 1544 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1547 1545 (Td4[t3 & 0xff] & 0x000000ff) ^
1548 1546 rk[2];
↓ open down ↓ |
1447 lines elided |
↑ open up ↑ |
1549 1547 pt[2] = s2;
1550 1548
1551 1549 s3 = (Td4[t3 >> 24] & 0xff000000) ^
1552 1550 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1553 1551 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1554 1552 (Td4[t0 & 0xff] & 0x000000ff) ^
1555 1553 rk[3];
1556 1554 pt[3] = s3;
1557 1555 }
1558 1556 #endif /* sun4u, __amd64 */
1559 -/* EXPORT DELETE END */
1560 1557
1561 1558
1562 1559 /*
1563 1560 * Initialize AES encryption and decryption key schedules.
1564 1561 *
1565 1562 * Parameters:
1566 1563 * cipherKey User key
1567 1564 * keyBits AES key size (128, 192, or 256 bits)
1568 1565 * keysched AES key schedule to be initialized, of type aes_key_t.
1569 1566 * Allocated by aes_alloc_keysched().
1570 1567 */
1571 1568 void
1572 1569 aes_init_keysched(const uint8_t *cipherKey, uint_t keyBits, void *keysched)
1573 1570 {
1574 -/* EXPORT DELETE START */
1575 1571 aes_key_t *newbie = keysched;
1576 1572 uint_t keysize, i, j;
1577 1573 union {
1578 1574 uint64_t ka64[4];
1579 1575 uint32_t ka32[8];
1580 1576 } keyarr;
1581 1577
1582 1578 switch (keyBits) {
1583 1579 case 128:
1584 1580 newbie->nr = 10;
1585 1581 break;
1586 1582
1587 1583 case 192:
1588 1584 newbie->nr = 12;
1589 1585 break;
1590 1586
1591 1587 case 256:
1592 1588 newbie->nr = 14;
1593 1589 break;
1594 1590
1595 1591 default:
1596 1592 /* should never get here */
1597 1593 return;
1598 1594 }
1599 1595 keysize = CRYPTO_BITS2BYTES(keyBits);
1600 1596
1601 1597 /*
1602 1598 * For _LITTLE_ENDIAN machines (except AMD64), reverse every
1603 1599 * 4 bytes in the key. On _BIG_ENDIAN and AMD64, copy the key
1604 1600 * without reversing bytes.
1605 1601 * For AMD64, do not byte swap for aes_setupkeys().
1606 1602 *
1607 1603 * SPARCv8/v9 uses a key schedule array with 64-bit elements.
1608 1604 * X86/AMD64 uses a key schedule array with 32-bit elements.
1609 1605 */
1610 1606 #ifndef AES_BYTE_SWAP
1611 1607 if (IS_P2ALIGNED(cipherKey, sizeof (uint64_t))) {
1612 1608 for (i = 0, j = 0; j < keysize; i++, j += 8) {
1613 1609 /* LINTED: pointer alignment */
1614 1610 keyarr.ka64[i] = *((uint64_t *)&cipherKey[j]);
1615 1611 }
1616 1612 } else {
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
1617 1613 bcopy(cipherKey, keyarr.ka32, keysize);
1618 1614 }
1619 1615
1620 1616 #else /* byte swap */
1621 1617 for (i = 0, j = 0; j < keysize; i++, j += 4) {
1622 1618 keyarr.ka32[i] = htonl(*(uint32_t *)(void *)&cipherKey[j]);
1623 1619 }
1624 1620 #endif
1625 1621
1626 1622 aes_setupkeys(newbie, keyarr.ka32, keyBits);
1627 -/* EXPORT DELETE END */
1628 1623 }
1629 1624
1630 1625
1631 1626 /*
1632 1627 * Encrypt one block using AES.
1633 1628 * Align if needed and (for x86 32-bit only) byte-swap.
1634 1629 *
1635 1630 * Parameters:
1636 1631 * ks Key schedule, of type aes_key_t
1637 1632 * pt Input block (plain text)
1638 1633 * ct Output block (crypto text). Can overlap with pt
1639 1634 */
1640 1635 int
1641 1636 aes_encrypt_block(const void *ks, const uint8_t *pt, uint8_t *ct)
1642 1637 {
1643 -/* EXPORT DELETE START */
1644 1638 aes_key_t *ksch = (aes_key_t *)ks;
1645 1639
1646 1640 #ifndef AES_BYTE_SWAP
1647 1641 if (IS_P2ALIGNED2(pt, ct, sizeof (uint32_t))) {
1648 1642 /* LINTED: pointer alignment */
1649 1643 AES_ENCRYPT_IMPL(&ksch->encr_ks.ks32[0], ksch->nr,
1650 1644 /* LINTED: pointer alignment */
1651 1645 (uint32_t *)pt, (uint32_t *)ct, ksch->flags);
1652 1646 } else {
1653 1647 #endif
1654 1648 uint32_t buffer[AES_BLOCK_LEN / sizeof (uint32_t)];
1655 1649
1656 1650 /* Copy input block into buffer */
1657 1651 #ifndef AES_BYTE_SWAP
1658 1652 bcopy(pt, &buffer, AES_BLOCK_LEN);
1659 1653
1660 1654 #else /* byte swap */
1661 1655 buffer[0] = htonl(*(uint32_t *)(void *)&pt[0]);
1662 1656 buffer[1] = htonl(*(uint32_t *)(void *)&pt[4]);
1663 1657 buffer[2] = htonl(*(uint32_t *)(void *)&pt[8]);
1664 1658 buffer[3] = htonl(*(uint32_t *)(void *)&pt[12]);
1665 1659 #endif
1666 1660
1667 1661 AES_ENCRYPT_IMPL(&ksch->encr_ks.ks32[0], ksch->nr,
1668 1662 buffer, buffer, ksch->flags);
1669 1663
1670 1664 /* Copy result from buffer to output block */
↓ open down ↓ |
17 lines elided |
↑ open up ↑ |
1671 1665 #ifndef AES_BYTE_SWAP
1672 1666 bcopy(&buffer, ct, AES_BLOCK_LEN);
1673 1667 }
1674 1668
1675 1669 #else /* byte swap */
1676 1670 *(uint32_t *)(void *)&ct[0] = htonl(buffer[0]);
1677 1671 *(uint32_t *)(void *)&ct[4] = htonl(buffer[1]);
1678 1672 *(uint32_t *)(void *)&ct[8] = htonl(buffer[2]);
1679 1673 *(uint32_t *)(void *)&ct[12] = htonl(buffer[3]);
1680 1674 #endif
1681 -/* EXPORT DELETE END */
1682 1675 return (CRYPTO_SUCCESS);
1683 1676 }
1684 1677
1685 1678
1686 1679 /*
1687 1680 * Decrypt one block using AES.
1688 1681 * Align and byte-swap if needed.
1689 1682 *
1690 1683 * Parameters:
1691 1684 * ks Key schedule, of type aes_key_t
1692 1685 * ct Input block (crypto text)
1693 1686 * pt Output block (plain text). Can overlap with pt
1694 1687 */
1695 1688 int
1696 1689 aes_decrypt_block(const void *ks, const uint8_t *ct, uint8_t *pt)
1697 1690 {
1698 -/* EXPORT DELETE START */
1699 1691 aes_key_t *ksch = (aes_key_t *)ks;
1700 1692
1701 1693 #ifndef AES_BYTE_SWAP
1702 1694 if (IS_P2ALIGNED2(ct, pt, sizeof (uint32_t))) {
1703 1695 /* LINTED: pointer alignment */
1704 1696 AES_DECRYPT_IMPL(&ksch->decr_ks.ks32[0], ksch->nr,
1705 1697 /* LINTED: pointer alignment */
1706 1698 (uint32_t *)ct, (uint32_t *)pt, ksch->flags);
1707 1699 } else {
1708 1700 #endif
1709 1701 uint32_t buffer[AES_BLOCK_LEN / sizeof (uint32_t)];
1710 1702
1711 1703 /* Copy input block into buffer */
1712 1704 #ifndef AES_BYTE_SWAP
1713 1705 bcopy(ct, &buffer, AES_BLOCK_LEN);
1714 1706
1715 1707 #else /* byte swap */
1716 1708 buffer[0] = htonl(*(uint32_t *)(void *)&ct[0]);
1717 1709 buffer[1] = htonl(*(uint32_t *)(void *)&ct[4]);
1718 1710 buffer[2] = htonl(*(uint32_t *)(void *)&ct[8]);
1719 1711 buffer[3] = htonl(*(uint32_t *)(void *)&ct[12]);
1720 1712 #endif
1721 1713
1722 1714 AES_DECRYPT_IMPL(&ksch->decr_ks.ks32[0], ksch->nr,
1723 1715 buffer, buffer, ksch->flags);
1724 1716
1725 1717 /* Copy result from buffer to output block */
1726 1718 #ifndef AES_BYTE_SWAP
↓ open down ↓ |
18 lines elided |
↑ open up ↑ |
1727 1719 bcopy(&buffer, pt, AES_BLOCK_LEN);
1728 1720 }
1729 1721
1730 1722 #else /* byte swap */
1731 1723 *(uint32_t *)(void *)&pt[0] = htonl(buffer[0]);
1732 1724 *(uint32_t *)(void *)&pt[4] = htonl(buffer[1]);
1733 1725 *(uint32_t *)(void *)&pt[8] = htonl(buffer[2]);
1734 1726 *(uint32_t *)(void *)&pt[12] = htonl(buffer[3]);
1735 1727 #endif
1736 1728
1737 -/* EXPORT DELETE END */
1738 1729 return (CRYPTO_SUCCESS);
1739 1730 }
1740 1731
1741 1732
1742 1733 /*
1743 1734 * Allocate key schedule for AES.
1744 1735 *
1745 1736 * Return the pointer and set size to the number of bytes allocated.
1746 1737 * Memory allocated must be freed by the caller when done.
1747 1738 *
1748 1739 * Parameters:
1749 1740 * size Size of key schedule allocated, in bytes
1750 1741 * kmflag Flag passed to kmem_alloc(9F); ignored in userland.
1751 1742 */
1752 1743 /* ARGSUSED */
1753 1744 void *
1754 1745 aes_alloc_keysched(size_t *size, int kmflag)
1755 1746 {
1756 -/* EXPORT DELETE START */
1757 1747 aes_key_t *keysched;
1758 1748
1759 1749 #ifdef _KERNEL
1760 1750 keysched = (aes_key_t *)kmem_alloc(sizeof (aes_key_t), kmflag);
1761 1751 #else /* !_KERNEL */
1762 1752 keysched = (aes_key_t *)malloc(sizeof (aes_key_t));
1763 1753 #endif /* _KERNEL */
1764 1754
1765 1755 if (keysched != NULL) {
1766 1756 *size = sizeof (aes_key_t);
1767 1757 return (keysched);
1768 1758 }
1769 -/* EXPORT DELETE END */
1770 1759 return (NULL);
1771 1760 }
1772 1761
1773 1762
1774 1763 #ifdef __amd64
1775 1764 /*
1776 1765 * Return 1 if executing on Intel with AES-NI instructions,
1777 1766 * otherwise 0 (i.e., Intel without AES-NI or AMD64).
1778 1767 * Cache the result, as the CPU can't change.
1779 1768 *
1780 1769 * Note: the userland version uses getisax(). The kernel version uses
1781 1770 * global variable x86_featureset.
1782 1771 */
1783 1772 static int
1784 1773 intel_aes_instructions_present(void)
1785 1774 {
1786 1775 static int cached_result = -1;
1787 1776
1788 1777 if (cached_result == -1) { /* first time */
1789 1778 #ifdef _KERNEL
1790 1779 cached_result = is_x86_feature(x86_featureset, X86FSET_AES);
1791 1780 #else
1792 1781 uint_t ui = 0;
1793 1782
1794 1783 (void) getisax(&ui, 1);
1795 1784 cached_result = (ui & AV_386_AES) != 0;
1796 1785 #endif /* _KERNEL */
1797 1786 }
1798 1787
1799 1788 return (cached_result);
1800 1789 }
1801 1790 #endif /* __amd64 */
↓ open down ↓ |
22 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX