aboutsummaryrefslogtreecommitdiffstats
path: root/src/block
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-10-13 16:33:20 +0000
committerlloyd <[email protected]>2010-10-13 16:33:20 +0000
commitb502cefaf0f9396354d58c4c18a78ac7870f6168 (patch)
tree8e4d699bd47bcdecaa6c3b670e19743d52047bb8 /src/block
parentfc4c8f57baa06cfc9073ce83a5e3d1547bea86c0 (diff)
parenta142500346e9bef5c4b0905103eac9a494d6822e (diff)
propagate from branch 'net.randombit.botan' (head cba32f885eb7889a9711cbee120df42839deb9d0)
to branch 'net.randombit.botan.c++0x' (head 7cb9cdfda0f3dedab24f1d3bc7e7ea9b22164234)
Diffstat (limited to 'src/block')
-rw-r--r--src/block/aes/aes.cpp93
-rw-r--r--src/block/aes/aes.h8
-rw-r--r--src/block/block_cipher.h12
-rw-r--r--src/block/des/des.cpp30
-rw-r--r--src/block/idea/idea.cpp2
-rw-r--r--src/block/rc5/rc5.cpp28
-rw-r--r--src/block/rc5/rc5.h6
-rw-r--r--src/block/safer/safer_sk.cpp35
-rw-r--r--src/block/safer/safer_sk.h2
-rw-r--r--src/block/xtea_simd/xtea_simd.cpp4
10 files changed, 112 insertions, 108 deletions
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index 1530af965..b317fa735 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -9,6 +9,9 @@
#include <botan/loadstor.h>
#include <botan/rotate.h>
+#include <assert.h>
+#include <stdio.h>
+
namespace Botan {
namespace {
@@ -454,35 +457,25 @@ void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const
rotate_right(TE[get_byte(2, T1)], 16) ^
rotate_right(TE[get_byte(3, T2)], 24) ^ EK[7];
- for(u32bit j = 2; j != ROUNDS; j += 2)
+ for(u32bit r = 2*4; r < EK.size(); r += 2*4)
{
- const u32bit K0 = EK[4*j];
- const u32bit K1 = EK[4*j+1];
- const u32bit K2 = EK[4*j+2];
- const u32bit K3 = EK[4*j+3];
-
T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(1, B1)] ^
- TE2[get_byte(2, B2)] ^ TE3[get_byte(3, B3)] ^ K0;
+ TE2[get_byte(2, B2)] ^ TE3[get_byte(3, B3)] ^ EK[r];
T1 = TE0[get_byte(0, B1)] ^ TE1[get_byte(1, B2)] ^
- TE2[get_byte(2, B3)] ^ TE3[get_byte(3, B0)] ^ K1;
+ TE2[get_byte(2, B3)] ^ TE3[get_byte(3, B0)] ^ EK[r+1];
T2 = TE0[get_byte(0, B2)] ^ TE1[get_byte(1, B3)] ^
- TE2[get_byte(2, B0)] ^ TE3[get_byte(3, B1)] ^ K2;
+ TE2[get_byte(2, B0)] ^ TE3[get_byte(3, B1)] ^ EK[r+2];
T3 = TE0[get_byte(0, B3)] ^ TE1[get_byte(1, B0)] ^
- TE2[get_byte(2, B1)] ^ TE3[get_byte(3, B2)] ^ K3;
-
- const u32bit K4 = EK[4*(j+1)+0];
- const u32bit K5 = EK[4*(j+1)+1];
- const u32bit K6 = EK[4*(j+1)+2];
- const u32bit K7 = EK[4*(j+1)+3];
+ TE2[get_byte(2, B1)] ^ TE3[get_byte(3, B2)] ^ EK[r+3];
B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(1, T1)] ^
- TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ K4;
+ TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ EK[r+4];
B1 = TE0[get_byte(0, T1)] ^ TE1[get_byte(1, T2)] ^
- TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ K5;
+ TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ EK[r+5];
B2 = TE0[get_byte(0, T2)] ^ TE1[get_byte(1, T3)] ^
- TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ K6;
+ TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ EK[r+6];
B3 = TE0[get_byte(0, T3)] ^ TE1[get_byte(1, T0)] ^
- TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ K7;
+ TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ EK[r+7];
}
/*
@@ -563,35 +556,25 @@ void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const
rotate_right(TD[get_byte(2, T1)], 16) ^
rotate_right(TD[get_byte(3, T0)], 24) ^ DK[7];
- for(u32bit j = 2; j != ROUNDS; j += 2)
+ for(u32bit r = 2*4; r < DK.size(); r += 2*4)
{
- const u32bit K0 = DK[4*j+0];
- const u32bit K1 = DK[4*j+1];
- const u32bit K2 = DK[4*j+2];
- const u32bit K3 = DK[4*j+3];
-
T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(1, B3)] ^
- TD2[get_byte(2, B2)] ^ TD3[get_byte(3, B1)] ^ K0;
+ TD2[get_byte(2, B2)] ^ TD3[get_byte(3, B1)] ^ DK[r];
T1 = TD0[get_byte(0, B1)] ^ TD1[get_byte(1, B0)] ^
- TD2[get_byte(2, B3)] ^ TD3[get_byte(3, B2)] ^ K1;
+ TD2[get_byte(2, B3)] ^ TD3[get_byte(3, B2)] ^ DK[r+1];
T2 = TD0[get_byte(0, B2)] ^ TD1[get_byte(1, B1)] ^
- TD2[get_byte(2, B0)] ^ TD3[get_byte(3, B3)] ^ K2;
+ TD2[get_byte(2, B0)] ^ TD3[get_byte(3, B3)] ^ DK[r+2];
T3 = TD0[get_byte(0, B3)] ^ TD1[get_byte(1, B2)] ^
- TD2[get_byte(2, B1)] ^ TD3[get_byte(3, B0)] ^ K3;
-
- const u32bit K4 = DK[4*(j+1)+0];
- const u32bit K5 = DK[4*(j+1)+1];
- const u32bit K6 = DK[4*(j+1)+2];
- const u32bit K7 = DK[4*(j+1)+3];
+ TD2[get_byte(2, B1)] ^ TD3[get_byte(3, B0)] ^ DK[r+3];
B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(1, T3)] ^
- TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ K4;
+ TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ DK[r+4];
B1 = TD0[get_byte(0, T1)] ^ TD1[get_byte(1, T0)] ^
- TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ K5;
+ TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ DK[r+5];
B2 = TD0[get_byte(0, T2)] ^ TD1[get_byte(1, T1)] ^
- TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ K6;
+ TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ DK[r+6];
B3 = TD0[get_byte(0, T3)] ^ TD1[get_byte(1, T2)] ^
- TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ K7;
+ TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ DK[r+7];
}
out[ 0] = SD[get_byte(0, B0)] ^ MD[0];
@@ -625,7 +608,7 @@ void AES::key_schedule(const byte key[], size_t length)
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
0x40000000, 0x80000000, 0x1B000000, 0x36000000 };
- ROUNDS = (length / 4) + 6;
+ const u32bit rounds = (length / 4) + 6;
SecureVector<u32bit> XEK(64), XDK(64);
@@ -633,7 +616,7 @@ void AES::key_schedule(const byte key[], size_t length)
for(size_t i = 0; i != X; ++i)
XEK[i] = load_be<u32bit>(key, i);
- for(size_t i = X; i < 4*(ROUNDS+1); i += X)
+ for(size_t i = X; i < 4*(rounds+1); i += X)
{
XEK[i] = XEK[i-X] ^ S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X];
for(size_t j = 1; j != X; ++j)
@@ -645,12 +628,12 @@ void AES::key_schedule(const byte key[], size_t length)
}
}
- for(size_t i = 0; i != 4*(ROUNDS+1); i += 4)
+ for(size_t i = 0; i != 4*(rounds+1); i += 4)
{
- XDK[i ] = XEK[4*ROUNDS-i ];
- XDK[i+1] = XEK[4*ROUNDS-i+1];
- XDK[i+2] = XEK[4*ROUNDS-i+2];
- XDK[i+3] = XEK[4*ROUNDS-i+3];
+ XDK[i ] = XEK[4*rounds-i ];
+ XDK[i+1] = XEK[4*rounds-i+1];
+ XDK[i+2] = XEK[4*rounds-i+2];
+ XDK[i+3] = XEK[4*rounds-i+3];
}
for(size_t i = 4; i != length + 24; ++i)
@@ -661,12 +644,12 @@ void AES::key_schedule(const byte key[], size_t length)
for(size_t i = 0; i != 4; ++i)
{
- store_be(XEK[i+4*ROUNDS], &ME[4*i]);
+ store_be(XEK[i+4*rounds], &ME[4*i]);
store_be(XEK[i], &MD[4*i]);
}
- EK.copy(&XEK[0], length + 24);
- DK.copy(&XDK[0], length + 24);
+ EK.set(&XEK[0], length + 24);
+ DK.set(&XDK[0], length + 24);
}
/*
@@ -681,12 +664,20 @@ u32bit AES::S(u32bit input)
/*
* AES Constructor
*/
-AES::AES(u32bit key_size) : BlockCipher_Fixed_Block_Size(key_size),
- EK(56), ME(16), DK(56), MD(16)
+AES::AES() : BlockCipher_Fixed_Block_Size(16, 32, 8),
+ EK(0), ME(16), DK(0), MD(16)
+ {
+ }
+
+/*
+* AES Constructor
+*/
+AES::AES(size_t key_size) : BlockCipher_Fixed_Block_Size(key_size),
+ EK(key_size+24), ME(16),
+ DK(key_size+24), MD(16)
{
if(key_size != 16 && key_size != 24 && key_size != 32)
throw Invalid_Key_Length(name(), key_size);
- ROUNDS = (key_size / 4) + 6;
}
/*
diff --git a/src/block/aes/aes.h b/src/block/aes/aes.h
index 6fa0ccaff..d2e051f83 100644
--- a/src/block/aes/aes.h
+++ b/src/block/aes/aes.h
@@ -26,21 +26,17 @@ class BOTAN_DLL AES : public BlockCipher_Fixed_Block_Size<16>
void clear();
BlockCipher* clone() const { return new AES; }
- AES() : BlockCipher_Fixed_Block_Size(16, 32, 8),
- EK(56), ME(16), DK(56), MD(16)
- { ROUNDS = 14; }
+ AES();
/**
* AES fixed to a particular key_size (16, 24, or 32 bytes)
* @param key_size the chosen fixed key size
*/
- AES(u32bit key_size);
+ AES(size_t key_size);
private:
void key_schedule(const byte[], size_t);
static u32bit S(u32bit);
- u32bit ROUNDS;
-
SecureVector<u32bit> EK;
SecureVector<byte> ME;
diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h
index e522005b9..3e14e0739 100644
--- a/src/block/block_cipher.h
+++ b/src/block/block_cipher.h
@@ -25,9 +25,9 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* @param key_max the maximum key size
* @param key_mod the modulo restriction on the key size
*/
- BlockCipher(u32bit key_min,
- u32bit key_max = 0,
- u32bit key_mod = 1) :
+ BlockCipher(size_t key_min,
+ size_t key_max = 0,
+ size_t key_mod = 1) :
SymmetricAlgorithm(key_min, key_max, key_mod) {}
virtual ~BlockCipher() {}
@@ -119,9 +119,9 @@ template<size_t N>
class BlockCipher_Fixed_Block_Size : public BlockCipher
{
public:
- BlockCipher_Fixed_Block_Size(u32bit kmin,
- u32bit kmax = 0,
- u32bit kmod = 1) :
+ BlockCipher_Fixed_Block_Size(size_t kmin,
+ size_t kmax = 0,
+ size_t kmod = 1) :
BlockCipher(kmin, kmax, kmod) {}
enum { BLOCK_SIZE = N };
diff --git a/src/block/des/des.cpp b/src/block/des/des.cpp
index 15c771bda..739dfe87c 100644
--- a/src/block/des/des.cpp
+++ b/src/block/des/des.cpp
@@ -50,11 +50,11 @@ void des_key_schedule(u32bit round_key[32], const byte key[8])
((key[3] & 0x10) >> 1) | ((key[2] & 0x10) >> 2) |
((key[1] & 0x10) >> 3) | ((key[0] & 0x10) >> 4);
- for(u32bit j = 0; j != 16; ++j)
+ for(size_t i = 0; i != 16; ++i)
{
- C = ((C << ROT[j]) | (C >> (28-ROT[j]))) & 0x0FFFFFFF;
- D = ((D << ROT[j]) | (D >> (28-ROT[j]))) & 0x0FFFFFFF;
- round_key[2*j ] = ((C & 0x00000010) << 22) | ((C & 0x00000800) << 17) |
+ C = ((C << ROT[i]) | (C >> (28-ROT[i]))) & 0x0FFFFFFF;
+ D = ((D << ROT[i]) | (D >> (28-ROT[i]))) & 0x0FFFFFFF;
+ round_key[2*i ] = ((C & 0x00000010) << 22) | ((C & 0x00000800) << 17) |
((C & 0x00000020) << 16) | ((C & 0x00004004) << 15) |
((C & 0x00000200) << 11) | ((C & 0x00020000) << 10) |
((C & 0x01000000) >> 6) | ((C & 0x00100000) >> 4) |
@@ -65,7 +65,7 @@ void des_key_schedule(u32bit round_key[32], const byte key[8])
((D & 0x00000088) >> 3) | ((D & 0x00001000) >> 7) |
((D & 0x00080000) >> 9) | ((D & 0x02020000) >> 14) |
((D & 0x00400000) >> 21);
- round_key[2*j+1] = ((C & 0x00000001) << 28) | ((C & 0x00000082) << 18) |
+ round_key[2*i+1] = ((C & 0x00000001) << 28) | ((C & 0x00000082) << 18) |
((C & 0x00002000) << 14) | ((C & 0x00000100) << 10) |
((C & 0x00001000) << 9) | ((C & 0x00040000) << 6) |
((C & 0x02400000) << 4) | ((C & 0x00008000) << 2) |
@@ -85,20 +85,20 @@ void des_key_schedule(u32bit round_key[32], const byte key[8])
void des_encrypt(u32bit& L, u32bit& R,
const u32bit round_key[32])
{
- for(u32bit j = 0; j != 16; j += 2)
+ for(size_t i = 0; i != 16; i += 2)
{
u32bit T0, T1;
- T0 = rotate_right(R, 4) ^ round_key[2*j];
- T1 = R ^ round_key[2*j + 1];
+ T0 = rotate_right(R, 4) ^ round_key[2*i];
+ T1 = R ^ round_key[2*i + 1];
L ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^
DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^
DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^
DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)];
- T0 = rotate_right(L, 4) ^ round_key[2*j + 2];
- T1 = L ^ round_key[2*j + 3];
+ T0 = rotate_right(L, 4) ^ round_key[2*i + 2];
+ T1 = L ^ round_key[2*i + 3];
R ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^
DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^
@@ -113,20 +113,20 @@ void des_encrypt(u32bit& L, u32bit& R,
void des_decrypt(u32bit& L, u32bit& R,
const u32bit round_key[32])
{
- for(u32bit j = 16; j != 0; j -= 2)
+ for(size_t i = 16; i != 0; i -= 2)
{
u32bit T0, T1;
- T0 = rotate_right(R, 4) ^ round_key[2*j - 2];
- T1 = R ^ round_key[2*j - 1];
+ T0 = rotate_right(R, 4) ^ round_key[2*i - 2];
+ T1 = R ^ round_key[2*i - 1];
L ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^
DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^
DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^
DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)];
- T0 = rotate_right(L, 4) ^ round_key[2*j - 4];
- T1 = L ^ round_key[2*j - 3];
+ T0 = rotate_right(L, 4) ^ round_key[2*i - 4];
+ T1 = L ^ round_key[2*i - 3];
R ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^
DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^
diff --git a/src/block/idea/idea.cpp b/src/block/idea/idea.cpp
index be7680b2c..f9b6cc874 100644
--- a/src/block/idea/idea.cpp
+++ b/src/block/idea/idea.cpp
@@ -60,7 +60,7 @@ u16bit mul_inv(u16bit x)
*/
void idea_op(const byte in[], byte out[], size_t blocks, const u16bit K[52])
{
- const u32bit BLOCK_SIZE = 8;
+ const size_t BLOCK_SIZE = 8;
for(size_t i = 0; i != blocks; ++i)
{
diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp
index ebcbaf69f..d08b44425 100644
--- a/src/block/rc5/rc5.cpp
+++ b/src/block/rc5/rc5.cpp
@@ -18,20 +18,25 @@ namespace Botan {
*/
void RC5::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ const size_t rounds = (S.size() - 2) / 2;
+
for(size_t i = 0; i != blocks; ++i)
{
u32bit A = load_le<u32bit>(in, 0);
u32bit B = load_le<u32bit>(in, 1);
A += S[0]; B += S[1];
- for(size_t j = 0; j != ROUNDS; j += 4)
+ for(size_t j = 0; j != rounds; j += 4)
{
A = rotate_left(A ^ B, B % 32) + S[2*j+2];
B = rotate_left(B ^ A, A % 32) + S[2*j+3];
+
A = rotate_left(A ^ B, B % 32) + S[2*j+4];
B = rotate_left(B ^ A, A % 32) + S[2*j+5];
+
A = rotate_left(A ^ B, B % 32) + S[2*j+6];
B = rotate_left(B ^ A, A % 32) + S[2*j+7];
+
A = rotate_left(A ^ B, B % 32) + S[2*j+8];
B = rotate_left(B ^ A, A % 32) + S[2*j+9];
}
@@ -48,19 +53,24 @@ void RC5::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void RC5::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ const size_t rounds = (S.size() - 2) / 2;
+
for(size_t i = 0; i != blocks; ++i)
{
u32bit A = load_le<u32bit>(in, 0);
u32bit B = load_le<u32bit>(in, 1);
- for(size_t j = ROUNDS; j != 0; j -= 4)
+ for(size_t j = rounds; j != 0; j -= 4)
{
B = rotate_right(B - S[2*j+1], A % 32) ^ A;
A = rotate_right(A - S[2*j ], B % 32) ^ B;
+
B = rotate_right(B - S[2*j-1], A % 32) ^ A;
A = rotate_right(A - S[2*j-2], B % 32) ^ B;
+
B = rotate_right(B - S[2*j-3], A % 32) ^ A;
A = rotate_right(A - S[2*j-4], B % 32) ^ B;
+
B = rotate_right(B - S[2*j-5], A % 32) ^ A;
A = rotate_right(A - S[2*j-6], B % 32) ^ B;
}
@@ -106,19 +116,19 @@ void RC5::key_schedule(const byte key[], size_t length)
*/
std::string RC5::name() const
{
- return "RC5(" + std::to_string(ROUNDS) + ")";
+ return "RC5(" + std::to_string(get_rounds()) + ")";
}
/*
* RC5 Constructor
*/
-RC5::RC5(size_t r) :
- BlockCipher_Fixed_Block_Size(1, 32),
- ROUNDS(r)
+RC5::RC5(size_t rounds) : BlockCipher_Fixed_Block_Size(1, 32)
{
- if(ROUNDS < 8 || ROUNDS > 32 || (ROUNDS % 4 != 0))
- throw Invalid_Argument(name() + ": Invalid number of rounds");
- S.resize(2*ROUNDS + 2);
+ if(rounds < 8 || rounds > 32 || (rounds % 4 != 0))
+ throw Invalid_Argument("RC5: Invalid number of rounds " +
+ std::to_string(rounds));
+
+ S.resize(2*rounds + 2);
}
}
diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h
index a9f3b5b0e..cb282af4e 100644
--- a/src/block/rc5/rc5.h
+++ b/src/block/rc5/rc5.h
@@ -23,7 +23,7 @@ class BOTAN_DLL RC5 : public BlockCipher_Fixed_Block_Size<8>
void clear() { zeroise(S); }
std::string name() const;
- BlockCipher* clone() const { return new RC5(ROUNDS); }
+ BlockCipher* clone() const { return new RC5(get_rounds()); }
/**
* @param rounds the number of RC5 rounds to run. Must be between
@@ -31,9 +31,11 @@ class BOTAN_DLL RC5 : public BlockCipher_Fixed_Block_Size<8>
*/
RC5(size_t rounds);
private:
+ size_t get_rounds() const { return (S.size() - 2) / 2; }
+
void key_schedule(const byte[], size_t);
+
SecureVector<u32bit> S;
- const size_t ROUNDS;
};
}
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp
index 2e6c3a1d6..a91e5f687 100644
--- a/src/block/safer/safer_sk.cpp
+++ b/src/block/safer/safer_sk.cpp
@@ -17,12 +17,14 @@ namespace Botan {
*/
void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ const size_t rounds = get_rounds();
+
for(size_t i = 0; i != blocks; ++i)
{
byte A = in[0], B = in[1], C = in[2], D = in[3],
E = in[4], F = in[5], G = in[6], H = in[7], X, Y;
- for(size_t j = 0; j != 16*ROUNDS; j += 16)
+ for(size_t j = 0; j != 16*rounds; j += 16)
{
A = EXP[A ^ EK[j ]]; B = LOG[B + EK[j+1]];
C = LOG[C + EK[j+2]]; D = EXP[D ^ EK[j+3]];
@@ -38,10 +40,10 @@ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const
A += B; F = C + G; E = C + F; C = X; G = Y;
}
- out[0] = A ^ EK[16*ROUNDS+0]; out[1] = B + EK[16*ROUNDS+1];
- out[2] = C + EK[16*ROUNDS+2]; out[3] = D ^ EK[16*ROUNDS+3];
- out[4] = E ^ EK[16*ROUNDS+4]; out[5] = F + EK[16*ROUNDS+5];
- out[6] = G + EK[16*ROUNDS+6]; out[7] = H ^ EK[16*ROUNDS+7];
+ out[0] = A ^ EK[16*rounds+0]; out[1] = B + EK[16*rounds+1];
+ out[2] = C + EK[16*rounds+2]; out[3] = D ^ EK[16*rounds+3];
+ out[4] = E ^ EK[16*rounds+4]; out[5] = F + EK[16*rounds+5];
+ out[6] = G + EK[16*rounds+6]; out[7] = H ^ EK[16*rounds+7];
in += BLOCK_SIZE;
out += BLOCK_SIZE;
@@ -53,16 +55,18 @@ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ const size_t rounds = get_rounds();
+
for(size_t i = 0; i != blocks; ++i)
{
byte A = in[0], B = in[1], C = in[2], D = in[3],
E = in[4], F = in[5], G = in[6], H = in[7];
- A ^= EK[16*ROUNDS+0]; B -= EK[16*ROUNDS+1]; C -= EK[16*ROUNDS+2];
- D ^= EK[16*ROUNDS+3]; E ^= EK[16*ROUNDS+4]; F -= EK[16*ROUNDS+5];
- G -= EK[16*ROUNDS+6]; H ^= EK[16*ROUNDS+7];
+ A ^= EK[16*rounds+0]; B -= EK[16*rounds+1]; C -= EK[16*rounds+2];
+ D ^= EK[16*rounds+3]; E ^= EK[16*rounds+4]; F -= EK[16*rounds+5];
+ G -= EK[16*rounds+6]; H ^= EK[16*rounds+7];
- for(s32bit j = 16*(ROUNDS-1); j >= 0; j -= 16)
+ for(s32bit j = 16*(rounds-1); j >= 0; j -= 16)
{
byte T = E; E = B; B = C; C = T; T = F; F = D; D = G; G = T;
A -= E; B -= F; C -= G; D -= H; E -= A; F -= B; G -= C; H -= D;
@@ -99,7 +103,7 @@ void SAFER_SK::key_schedule(const byte key[], size_t)
KB[17] ^= KB[i+9] = EK[i] = key[i+8];
}
- for(size_t i = 0; i != ROUNDS; ++i)
+ for(size_t i = 0; i != get_rounds(); ++i)
{
for(size_t j = 0; j != 18; ++j)
KB[j] = rotate_left(KB[j], 6);
@@ -113,7 +117,7 @@ void SAFER_SK::key_schedule(const byte key[], size_t)
*/
std::string SAFER_SK::name() const
{
- return "SAFER-SK(" + std::to_string(ROUNDS) + ")";
+ return "SAFER-SK(" + std::to_string(get_rounds()) + ")";
}
/*
@@ -121,18 +125,19 @@ std::string SAFER_SK::name() const
*/
BlockCipher* SAFER_SK::clone() const
{
- return new SAFER_SK(ROUNDS);
+ return new SAFER_SK(get_rounds());
}
/*
* SAFER-SK Constructor
*/
SAFER_SK::SAFER_SK(size_t rounds) :
- BlockCipher_Fixed_Block_Size(16),
- EK(16 * rounds + 8), ROUNDS(rounds)
+ BlockCipher_Fixed_Block_Size(16)
{
- if(ROUNDS > 13 || ROUNDS == 0)
+ if(rounds > 13 || rounds == 0)
throw Invalid_Argument(name() + ": Invalid number of rounds");
+
+ EK.resize(16 * rounds + 8);
}
}
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index 5e8d32b0a..2fde757bd 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -31,6 +31,7 @@ class BOTAN_DLL SAFER_SK : public BlockCipher_Fixed_Block_Size<8>
*/
SAFER_SK(size_t rounds);
private:
+ size_t get_rounds() const { return (EK.size() - 8) / 16; }
void key_schedule(const byte[], size_t);
static const byte EXP[256];
@@ -39,7 +40,6 @@ class BOTAN_DLL SAFER_SK : public BlockCipher_Fixed_Block_Size<8>
static const byte KEY_INDEX[208];
SecureVector<byte> EK;
- const size_t ROUNDS;
};
}
diff --git a/src/block/xtea_simd/xtea_simd.cpp b/src/block/xtea_simd/xtea_simd.cpp
index 831cc0359..d684eca5a 100644
--- a/src/block/xtea_simd/xtea_simd.cpp
+++ b/src/block/xtea_simd/xtea_simd.cpp
@@ -22,7 +22,7 @@ void xtea_encrypt_8(const byte in[64], byte out[64], const u32bit EK[64])
SIMD_32::transpose(L0, R0, L1, R1);
- for(u32bit i = 0; i != 32; i += 2)
+ for(size_t i = 0; i != 32; i += 2)
{
SIMD_32 K0(EK[2*i ]);
SIMD_32 K1(EK[2*i+1]);
@@ -59,7 +59,7 @@ void xtea_decrypt_8(const byte in[64], byte out[64], const u32bit EK[64])
SIMD_32::transpose(L0, R0, L1, R1);
- for(u32bit i = 0; i != 32; i += 2)
+ for(size_t i = 0; i != 32; i += 2)
{
SIMD_32 K0(EK[63 - 2*i]);
SIMD_32 K1(EK[62 - 2*i]);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-18 06:05:44 +0000