359     uint32_t w[4][4], *w2;  in mbedtls_aria_setkey_enc()  local
366     w[0][0] = MBEDTLS_GET_UINT32_LE(key,  0);  in mbedtls_aria_setkey_enc()
367     w[0][1] = MBEDTLS_GET_UINT32_LE(key,  4);  in mbedtls_aria_setkey_enc()
368     w[0][2] = MBEDTLS_GET_UINT32_LE(key,  8);  in mbedtls_aria_setkey_enc()
369     w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12);  in mbedtls_aria_setkey_enc()
371     memset(w[1], 0, 16);  in mbedtls_aria_setkey_enc()
373         w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16);    // 192 bit key  in mbedtls_aria_setkey_enc()
374         w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20);  in mbedtls_aria_setkey_enc()
377         w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24);    // 256 bit key  in mbedtls_aria_setkey_enc()
378         w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28);  in mbedtls_aria_setkey_enc()
384     aria_fo_xor(w[1], w[0], rc[i], w[1]);   // W1 = FO(W0, CK1) ^ KR  in mbedtls_aria_setkey_enc()
386     aria_fe_xor(w[2], w[1], rc[i], w[0]);   // W2 = FE(W1, CK2) ^ W0  in mbedtls_aria_setkey_enc()
388     aria_fo_xor(w[3], w[2], rc[i], w[1]);   // W3 = FO(W2, CK3) ^ W1  in mbedtls_aria_setkey_enc()
391         w2 = w[(i + 1) & 3];  in mbedtls_aria_setkey_enc()
392         aria_rot128(ctx->rk[i], w[i], w2, 128 - 19);  in mbedtls_aria_setkey_enc()
393         aria_rot128(ctx->rk[i +  4], w[i], w2, 128 - 31);  in mbedtls_aria_setkey_enc()
394         aria_rot128(ctx->rk[i +  8], w[i], w2,       61);  in mbedtls_aria_setkey_enc()
395         aria_rot128(ctx->rk[i + 12], w[i], w2,       31);  in mbedtls_aria_setkey_enc()
397     aria_rot128(ctx->rk[16], w[0], w[1], 19);  in mbedtls_aria_setkey_enc()
400     mbedtls_platform_zeroize(w, sizeof(w));  in mbedtls_aria_setkey_enc()