diff options
author | lloyd <[email protected]> | 2009-03-31 04:07:32 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2009-03-31 04:07:32 +0000 |
commit | 6ff14303e0f0e7184447ded07fb06315ab63e8c4 (patch) | |
tree | daa63e4890bc5682ec12363593982f1f4bb29017 /src/block | |
parent | 856199587154a35a5e24794c667acb7be27d2596 (diff) |
Simplify the XTEA key schedule code - there really is no reason to
precompute the deltas when they are just a few additions; removing the
additions from the encrypt/decrypt rounds seems enough to me.
Diffstat (limited to 'src/block')
-rw-r--r-- | src/block/xtea/xtea.cpp | 42 |
1 files changed, 13 insertions, 29 deletions
diff --git a/src/block/xtea/xtea.cpp b/src/block/xtea/xtea.cpp index 1b24dd159..5047f6594 100644 --- a/src/block/xtea/xtea.cpp +++ b/src/block/xtea/xtea.cpp @@ -1,6 +1,6 @@ /* * XTEA -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2009 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -34,10 +34,10 @@ void XTEA::dec(const byte in[], byte out[]) const { u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1); - for(u32bit j = 32; j > 0; --j) + for(u32bit j = 0; j != 32; ++j) { - R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[2*j - 1]; - L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[2*j - 2]; + R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[63 - 2*j]; + L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[62 - 2*j]; } store_be(out, L, R); @@ -48,33 +48,17 @@ void XTEA::dec(const byte in[], byte out[]) const */ void XTEA::key_schedule(const byte key[], u32bit) { - static const u32bit DELTAS[64] = { - 0x00000000, 0x9E3779B9, 0x9E3779B9, 0x3C6EF372, 0x3C6EF372, 0xDAA66D2B, - 0xDAA66D2B, 0x78DDE6E4, 0x78DDE6E4, 0x1715609D, 0x1715609D, 0xB54CDA56, - 0xB54CDA56, 0x5384540F, 0x5384540F, 0xF1BBCDC8, 0xF1BBCDC8, 0x8FF34781, - 0x8FF34781, 0x2E2AC13A, 0x2E2AC13A, 0xCC623AF3, 0xCC623AF3, 0x6A99B4AC, - 0x6A99B4AC, 0x08D12E65, 0x08D12E65, 0xA708A81E, 0xA708A81E, 0x454021D7, - 0x454021D7, 0xE3779B90, 0xE3779B90, 0x81AF1549, 0x81AF1549, 0x1FE68F02, - 0x1FE68F02, 0xBE1E08BB, 0xBE1E08BB, 0x5C558274, 0x5C558274, 0xFA8CFC2D, - 0xFA8CFC2D, 0x98C475E6, 0x98C475E6, 0x36FBEF9F, 0x36FBEF9F, 0xD5336958, - 0xD5336958, 0x736AE311, 0x736AE311, 0x11A25CCA, 0x11A25CCA, 0xAFD9D683, - 0xAFD9D683, 0x4E11503C, 0x4E11503C, 0xEC48C9F5, 0xEC48C9F5, 0x8A8043AE, - 0x8A8043AE, 0x28B7BD67, 0x28B7BD67, 0xC6EF3720 }; - - static const byte KEY_INDEX[64] = { - 0x00, 0x03, 0x01, 0x02, 0x02, 0x01, 0x03, 0x00, 0x00, 0x00, 0x01, 0x03, - 0x02, 0x02, 0x03, 0x01, 0x00, 0x00, 0x01, 0x00, 0x02, 0x03, 0x03, 0x02, - 0x00, 0x01, 0x01, 0x01, 0x02, 0x00, 0x03, 0x03, 0x00, 0x02, 0x01, 0x01, - 0x02, 0x01, 0x03, 0x00, 0x00, 0x03, 0x01, 0x02, 0x02, 0x01, 0x03, 0x01, - 0x00, 0x00, 0x01, 0x03, 0x02, 0x02, 0x03, 0x02, 0x00, 0x01, 0x01, 0x00, - 0x02, 0x03, 0x03, 0x02 }; - SecureBuffer<u32bit, 4> UK; - for(u32bit j = 0; j != 4; ++j) - UK[j] = load_be<u32bit>(key, j); + for(u32bit i = 0; i != 4; ++i) + UK[i] = load_be<u32bit>(key, i); - for(u32bit j = 0; j != 64; ++j) - EK[j] = DELTAS[j] + UK[KEY_INDEX[j]]; + u32bit D = 0; + for(u32bit i = 0; i != 64; i += 2) + { + EK[i ] = D + UK[D % 4]; + D += 0x9E3779B9; + EK[i+1] = D + UK[(D >> 11) % 4]; + } } } |