diff options
| author | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
| commit | 197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch) | |
| tree | cdbd3ddaec051c72f0a757db461973d90c37b97a /src/block | |
| parent | 62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff) | |
Shuffle things around. Add NIST X.509 test to build.
Diffstat (limited to 'src/block')
117 files changed, 0 insertions, 14484 deletions
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp deleted file mode 100644 index f8d632c44..000000000 --- a/src/block/aes/aes.cpp +++ /dev/null @@ -1,752 +0,0 @@ -/* -* AES -* (C) 1999-2010 Jack Lloyd -* -* Based on the public domain reference implemenation -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/aes.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -const byte SE[256] = { - 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, - 0xFE, 0xD7, 0xAB, 0x76, 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, - 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, 0xB7, 0xFD, 0x93, 0x26, - 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, - 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, - 0xEB, 0x27, 0xB2, 0x75, 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, - 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, 0x53, 0xD1, 0x00, 0xED, - 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, - 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, - 0x50, 0x3C, 0x9F, 0xA8, 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, - 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, 0xCD, 0x0C, 0x13, 0xEC, - 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, - 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, - 0xDE, 0x5E, 0x0B, 0xDB, 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, - 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, 0xE7, 0xC8, 0x37, 0x6D, - 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, - 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, - 0x4B, 0xBD, 0x8B, 0x8A, 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, - 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, 0xE1, 0xF8, 0x98, 0x11, - 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, - 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, - 0xB0, 0x54, 0xBB, 0x16 }; - -const byte SD[256] = { - 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, - 0x81, 0xF3, 0xD7, 0xFB, 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, - 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, 0x54, 0x7B, 0x94, 0x32, - 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, - 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, - 0x6D, 0x8B, 0xD1, 0x25, 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, - 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, 0x6C, 0x70, 0x48, 0x50, - 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, - 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, - 0xB8, 0xB3, 0x45, 0x06, 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, - 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, 0x3A, 0x91, 0x11, 0x41, - 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, - 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, - 0x1C, 0x75, 0xDF, 0x6E, 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, - 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, 0xFC, 0x56, 0x3E, 0x4B, - 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, - 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, - 0x27, 0x80, 0xEC, 0x5F, 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, - 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, 0xA0, 0xE0, 0x3B, 0x4D, - 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, - 0x55, 0x21, 0x0C, 0x7D }; - -const u32bit TE[1024] = { - 0xC66363A5, 0xF87C7C84, 0xEE777799, 0xF67B7B8D, 0xFFF2F20D, 0xD66B6BBD, - 0xDE6F6FB1, 0x91C5C554, 0x60303050, 0x02010103, 0xCE6767A9, 0x562B2B7D, - 0xE7FEFE19, 0xB5D7D762, 0x4DABABE6, 0xEC76769A, 0x8FCACA45, 0x1F82829D, - 0x89C9C940, 0xFA7D7D87, 0xEFFAFA15, 0xB25959EB, 0x8E4747C9, 0xFBF0F00B, - 0x41ADADEC, 0xB3D4D467, 0x5FA2A2FD, 0x45AFAFEA, 0x239C9CBF, 0x53A4A4F7, - 0xE4727296, 0x9BC0C05B, 0x75B7B7C2, 0xE1FDFD1C, 0x3D9393AE, 0x4C26266A, - 0x6C36365A, 0x7E3F3F41, 0xF5F7F702, 0x83CCCC4F, 0x6834345C, 0x51A5A5F4, - 0xD1E5E534, 0xF9F1F108, 0xE2717193, 0xABD8D873, 0x62313153, 0x2A15153F, - 0x0804040C, 0x95C7C752, 0x46232365, 0x9DC3C35E, 0x30181828, 0x379696A1, - 0x0A05050F, 0x2F9A9AB5, 0x0E070709, 0x24121236, 0x1B80809B, 0xDFE2E23D, - 0xCDEBEB26, 0x4E272769, 0x7FB2B2CD, 0xEA75759F, 0x1209091B, 0x1D83839E, - 0x582C2C74, 0x341A1A2E, 0x361B1B2D, 0xDC6E6EB2, 0xB45A5AEE, 0x5BA0A0FB, - 0xA45252F6, 0x763B3B4D, 0xB7D6D661, 0x7DB3B3CE, 0x5229297B, 0xDDE3E33E, - 0x5E2F2F71, 0x13848497, 0xA65353F5, 0xB9D1D168, 0x00000000, 0xC1EDED2C, - 0x40202060, 0xE3FCFC1F, 0x79B1B1C8, 0xB65B5BED, 0xD46A6ABE, 0x8DCBCB46, - 0x67BEBED9, 0x7239394B, 0x944A4ADE, 0x984C4CD4, 0xB05858E8, 0x85CFCF4A, - 0xBBD0D06B, 0xC5EFEF2A, 0x4FAAAAE5, 0xEDFBFB16, 0x864343C5, 0x9A4D4DD7, - 0x66333355, 0x11858594, 0x8A4545CF, 0xE9F9F910, 0x04020206, 0xFE7F7F81, - 0xA05050F0, 0x783C3C44, 0x259F9FBA, 0x4BA8A8E3, 0xA25151F3, 0x5DA3A3FE, - 0x804040C0, 0x058F8F8A, 0x3F9292AD, 0x219D9DBC, 0x70383848, 0xF1F5F504, - 0x63BCBCDF, 0x77B6B6C1, 0xAFDADA75, 0x42212163, 0x20101030, 0xE5FFFF1A, - 0xFDF3F30E, 0xBFD2D26D, 0x81CDCD4C, 0x180C0C14, 0x26131335, 0xC3ECEC2F, - 0xBE5F5FE1, 0x359797A2, 0x884444CC, 0x2E171739, 0x93C4C457, 0x55A7A7F2, - 0xFC7E7E82, 0x7A3D3D47, 0xC86464AC, 0xBA5D5DE7, 0x3219192B, 0xE6737395, - 0xC06060A0, 0x19818198, 0x9E4F4FD1, 0xA3DCDC7F, 0x44222266, 0x542A2A7E, - 0x3B9090AB, 0x0B888883, 0x8C4646CA, 0xC7EEEE29, 0x6BB8B8D3, 0x2814143C, - 0xA7DEDE79, 0xBC5E5EE2, 0x160B0B1D, 0xADDBDB76, 0xDBE0E03B, 0x64323256, - 0x743A3A4E, 0x140A0A1E, 0x924949DB, 0x0C06060A, 0x4824246C, 0xB85C5CE4, - 0x9FC2C25D, 0xBDD3D36E, 0x43ACACEF, 0xC46262A6, 0x399191A8, 0x319595A4, - 0xD3E4E437, 0xF279798B, 0xD5E7E732, 0x8BC8C843, 0x6E373759, 0xDA6D6DB7, - 0x018D8D8C, 0xB1D5D564, 0x9C4E4ED2, 0x49A9A9E0, 0xD86C6CB4, 0xAC5656FA, - 0xF3F4F407, 0xCFEAEA25, 0xCA6565AF, 0xF47A7A8E, 0x47AEAEE9, 0x10080818, - 0x6FBABAD5, 0xF0787888, 0x4A25256F, 0x5C2E2E72, 0x381C1C24, 0x57A6A6F1, - 0x73B4B4C7, 0x97C6C651, 0xCBE8E823, 0xA1DDDD7C, 0xE874749C, 0x3E1F1F21, - 0x964B4BDD, 0x61BDBDDC, 0x0D8B8B86, 0x0F8A8A85, 0xE0707090, 0x7C3E3E42, - 0x71B5B5C4, 0xCC6666AA, 0x904848D8, 0x06030305, 0xF7F6F601, 0x1C0E0E12, - 0xC26161A3, 0x6A35355F, 0xAE5757F9, 0x69B9B9D0, 0x17868691, 0x99C1C158, - 0x3A1D1D27, 0x279E9EB9, 0xD9E1E138, 0xEBF8F813, 0x2B9898B3, 0x22111133, - 0xD26969BB, 0xA9D9D970, 0x078E8E89, 0x339494A7, 0x2D9B9BB6, 0x3C1E1E22, - 0x15878792, 0xC9E9E920, 0x87CECE49, 0xAA5555FF, 0x50282878, 0xA5DFDF7A, - 0x038C8C8F, 0x59A1A1F8, 0x09898980, 0x1A0D0D17, 0x65BFBFDA, 0xD7E6E631, - 0x844242C6, 0xD06868B8, 0x824141C3, 0x299999B0, 0x5A2D2D77, 0x1E0F0F11, - 0x7BB0B0CB, 0xA85454FC, 0x6DBBBBD6, 0x2C16163A, 0xA5C66363, 0x84F87C7C, - 0x99EE7777, 0x8DF67B7B, 0x0DFFF2F2, 0xBDD66B6B, 0xB1DE6F6F, 0x5491C5C5, - 0x50603030, 0x03020101, 0xA9CE6767, 0x7D562B2B, 0x19E7FEFE, 0x62B5D7D7, - 0xE64DABAB, 0x9AEC7676, 0x458FCACA, 0x9D1F8282, 0x4089C9C9, 0x87FA7D7D, - 0x15EFFAFA, 0xEBB25959, 0xC98E4747, 0x0BFBF0F0, 0xEC41ADAD, 0x67B3D4D4, - 0xFD5FA2A2, 0xEA45AFAF, 0xBF239C9C, 0xF753A4A4, 0x96E47272, 0x5B9BC0C0, - 0xC275B7B7, 0x1CE1FDFD, 0xAE3D9393, 0x6A4C2626, 0x5A6C3636, 0x417E3F3F, - 0x02F5F7F7, 0x4F83CCCC, 0x5C683434, 0xF451A5A5, 0x34D1E5E5, 0x08F9F1F1, - 0x93E27171, 0x73ABD8D8, 0x53623131, 0x3F2A1515, 0x0C080404, 0x5295C7C7, - 0x65462323, 0x5E9DC3C3, 0x28301818, 0xA1379696, 0x0F0A0505, 0xB52F9A9A, - 0x090E0707, 0x36241212, 0x9B1B8080, 0x3DDFE2E2, 0x26CDEBEB, 0x694E2727, - 0xCD7FB2B2, 0x9FEA7575, 0x1B120909, 0x9E1D8383, 0x74582C2C, 0x2E341A1A, - 0x2D361B1B, 0xB2DC6E6E, 0xEEB45A5A, 0xFB5BA0A0, 0xF6A45252, 0x4D763B3B, - 0x61B7D6D6, 0xCE7DB3B3, 0x7B522929, 0x3EDDE3E3, 0x715E2F2F, 0x97138484, - 0xF5A65353, 0x68B9D1D1, 0x00000000, 0x2CC1EDED, 0x60402020, 0x1FE3FCFC, - 0xC879B1B1, 0xEDB65B5B, 0xBED46A6A, 0x468DCBCB, 0xD967BEBE, 0x4B723939, - 0xDE944A4A, 0xD4984C4C, 0xE8B05858, 0x4A85CFCF, 0x6BBBD0D0, 0x2AC5EFEF, - 0xE54FAAAA, 0x16EDFBFB, 0xC5864343, 0xD79A4D4D, 0x55663333, 0x94118585, - 0xCF8A4545, 0x10E9F9F9, 0x06040202, 0x81FE7F7F, 0xF0A05050, 0x44783C3C, - 0xBA259F9F, 0xE34BA8A8, 0xF3A25151, 0xFE5DA3A3, 0xC0804040, 0x8A058F8F, - 0xAD3F9292, 0xBC219D9D, 0x48703838, 0x04F1F5F5, 0xDF63BCBC, 0xC177B6B6, - 0x75AFDADA, 0x63422121, 0x30201010, 0x1AE5FFFF, 0x0EFDF3F3, 0x6DBFD2D2, - 0x4C81CDCD, 0x14180C0C, 0x35261313, 0x2FC3ECEC, 0xE1BE5F5F, 0xA2359797, - 0xCC884444, 0x392E1717, 0x5793C4C4, 0xF255A7A7, 0x82FC7E7E, 0x477A3D3D, - 0xACC86464, 0xE7BA5D5D, 0x2B321919, 0x95E67373, 0xA0C06060, 0x98198181, - 0xD19E4F4F, 0x7FA3DCDC, 0x66442222, 0x7E542A2A, 0xAB3B9090, 0x830B8888, - 0xCA8C4646, 0x29C7EEEE, 0xD36BB8B8, 0x3C281414, 0x79A7DEDE, 0xE2BC5E5E, - 0x1D160B0B, 0x76ADDBDB, 0x3BDBE0E0, 0x56643232, 0x4E743A3A, 0x1E140A0A, - 0xDB924949, 0x0A0C0606, 0x6C482424, 0xE4B85C5C, 0x5D9FC2C2, 0x6EBDD3D3, - 0xEF43ACAC, 0xA6C46262, 0xA8399191, 0xA4319595, 0x37D3E4E4, 0x8BF27979, - 0x32D5E7E7, 0x438BC8C8, 0x596E3737, 0xB7DA6D6D, 0x8C018D8D, 0x64B1D5D5, - 0xD29C4E4E, 0xE049A9A9, 0xB4D86C6C, 0xFAAC5656, 0x07F3F4F4, 0x25CFEAEA, - 0xAFCA6565, 0x8EF47A7A, 0xE947AEAE, 0x18100808, 0xD56FBABA, 0x88F07878, - 0x6F4A2525, 0x725C2E2E, 0x24381C1C, 0xF157A6A6, 0xC773B4B4, 0x5197C6C6, - 0x23CBE8E8, 0x7CA1DDDD, 0x9CE87474, 0x213E1F1F, 0xDD964B4B, 0xDC61BDBD, - 0x860D8B8B, 0x850F8A8A, 0x90E07070, 0x427C3E3E, 0xC471B5B5, 0xAACC6666, - 0xD8904848, 0x05060303, 0x01F7F6F6, 0x121C0E0E, 0xA3C26161, 0x5F6A3535, - 0xF9AE5757, 0xD069B9B9, 0x91178686, 0x5899C1C1, 0x273A1D1D, 0xB9279E9E, - 0x38D9E1E1, 0x13EBF8F8, 0xB32B9898, 0x33221111, 0xBBD26969, 0x70A9D9D9, - 0x89078E8E, 0xA7339494, 0xB62D9B9B, 0x223C1E1E, 0x92158787, 0x20C9E9E9, - 0x4987CECE, 0xFFAA5555, 0x78502828, 0x7AA5DFDF, 0x8F038C8C, 0xF859A1A1, - 0x80098989, 0x171A0D0D, 0xDA65BFBF, 0x31D7E6E6, 0xC6844242, 0xB8D06868, - 0xC3824141, 0xB0299999, 0x775A2D2D, 0x111E0F0F, 0xCB7BB0B0, 0xFCA85454, - 0xD66DBBBB, 0x3A2C1616, 0x63A5C663, 0x7C84F87C, 0x7799EE77, 0x7B8DF67B, - 0xF20DFFF2, 0x6BBDD66B, 0x6FB1DE6F, 0xC55491C5, 0x30506030, 0x01030201, - 0x67A9CE67, 0x2B7D562B, 0xFE19E7FE, 0xD762B5D7, 0xABE64DAB, 0x769AEC76, - 0xCA458FCA, 0x829D1F82, 0xC94089C9, 0x7D87FA7D, 0xFA15EFFA, 0x59EBB259, - 0x47C98E47, 0xF00BFBF0, 0xADEC41AD, 0xD467B3D4, 0xA2FD5FA2, 0xAFEA45AF, - 0x9CBF239C, 0xA4F753A4, 0x7296E472, 0xC05B9BC0, 0xB7C275B7, 0xFD1CE1FD, - 0x93AE3D93, 0x266A4C26, 0x365A6C36, 0x3F417E3F, 0xF702F5F7, 0xCC4F83CC, - 0x345C6834, 0xA5F451A5, 0xE534D1E5, 0xF108F9F1, 0x7193E271, 0xD873ABD8, - 0x31536231, 0x153F2A15, 0x040C0804, 0xC75295C7, 0x23654623, 0xC35E9DC3, - 0x18283018, 0x96A13796, 0x050F0A05, 0x9AB52F9A, 0x07090E07, 0x12362412, - 0x809B1B80, 0xE23DDFE2, 0xEB26CDEB, 0x27694E27, 0xB2CD7FB2, 0x759FEA75, - 0x091B1209, 0x839E1D83, 0x2C74582C, 0x1A2E341A, 0x1B2D361B, 0x6EB2DC6E, - 0x5AEEB45A, 0xA0FB5BA0, 0x52F6A452, 0x3B4D763B, 0xD661B7D6, 0xB3CE7DB3, - 0x297B5229, 0xE33EDDE3, 0x2F715E2F, 0x84971384, 0x53F5A653, 0xD168B9D1, - 0x00000000, 0xED2CC1ED, 0x20604020, 0xFC1FE3FC, 0xB1C879B1, 0x5BEDB65B, - 0x6ABED46A, 0xCB468DCB, 0xBED967BE, 0x394B7239, 0x4ADE944A, 0x4CD4984C, - 0x58E8B058, 0xCF4A85CF, 0xD06BBBD0, 0xEF2AC5EF, 0xAAE54FAA, 0xFB16EDFB, - 0x43C58643, 0x4DD79A4D, 0x33556633, 0x85941185, 0x45CF8A45, 0xF910E9F9, - 0x02060402, 0x7F81FE7F, 0x50F0A050, 0x3C44783C, 0x9FBA259F, 0xA8E34BA8, - 0x51F3A251, 0xA3FE5DA3, 0x40C08040, 0x8F8A058F, 0x92AD3F92, 0x9DBC219D, - 0x38487038, 0xF504F1F5, 0xBCDF63BC, 0xB6C177B6, 0xDA75AFDA, 0x21634221, - 0x10302010, 0xFF1AE5FF, 0xF30EFDF3, 0xD26DBFD2, 0xCD4C81CD, 0x0C14180C, - 0x13352613, 0xEC2FC3EC, 0x5FE1BE5F, 0x97A23597, 0x44CC8844, 0x17392E17, - 0xC45793C4, 0xA7F255A7, 0x7E82FC7E, 0x3D477A3D, 0x64ACC864, 0x5DE7BA5D, - 0x192B3219, 0x7395E673, 0x60A0C060, 0x81981981, 0x4FD19E4F, 0xDC7FA3DC, - 0x22664422, 0x2A7E542A, 0x90AB3B90, 0x88830B88, 0x46CA8C46, 0xEE29C7EE, - 0xB8D36BB8, 0x143C2814, 0xDE79A7DE, 0x5EE2BC5E, 0x0B1D160B, 0xDB76ADDB, - 0xE03BDBE0, 0x32566432, 0x3A4E743A, 0x0A1E140A, 0x49DB9249, 0x060A0C06, - 0x246C4824, 0x5CE4B85C, 0xC25D9FC2, 0xD36EBDD3, 0xACEF43AC, 0x62A6C462, - 0x91A83991, 0x95A43195, 0xE437D3E4, 0x798BF279, 0xE732D5E7, 0xC8438BC8, - 0x37596E37, 0x6DB7DA6D, 0x8D8C018D, 0xD564B1D5, 0x4ED29C4E, 0xA9E049A9, - 0x6CB4D86C, 0x56FAAC56, 0xF407F3F4, 0xEA25CFEA, 0x65AFCA65, 0x7A8EF47A, - 0xAEE947AE, 0x08181008, 0xBAD56FBA, 0x7888F078, 0x256F4A25, 0x2E725C2E, - 0x1C24381C, 0xA6F157A6, 0xB4C773B4, 0xC65197C6, 0xE823CBE8, 0xDD7CA1DD, - 0x749CE874, 0x1F213E1F, 0x4BDD964B, 0xBDDC61BD, 0x8B860D8B, 0x8A850F8A, - 0x7090E070, 0x3E427C3E, 0xB5C471B5, 0x66AACC66, 0x48D89048, 0x03050603, - 0xF601F7F6, 0x0E121C0E, 0x61A3C261, 0x355F6A35, 0x57F9AE57, 0xB9D069B9, - 0x86911786, 0xC15899C1, 0x1D273A1D, 0x9EB9279E, 0xE138D9E1, 0xF813EBF8, - 0x98B32B98, 0x11332211, 0x69BBD269, 0xD970A9D9, 0x8E89078E, 0x94A73394, - 0x9BB62D9B, 0x1E223C1E, 0x87921587, 0xE920C9E9, 0xCE4987CE, 0x55FFAA55, - 0x28785028, 0xDF7AA5DF, 0x8C8F038C, 0xA1F859A1, 0x89800989, 0x0D171A0D, - 0xBFDA65BF, 0xE631D7E6, 0x42C68442, 0x68B8D068, 0x41C38241, 0x99B02999, - 0x2D775A2D, 0x0F111E0F, 0xB0CB7BB0, 0x54FCA854, 0xBBD66DBB, 0x163A2C16, - 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, - 0x6F6FB1DE, 0xC5C55491, 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, - 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, 0xCACA458F, 0x82829D1F, - 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, - 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, - 0x727296E4, 0xC0C05B9B, 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, - 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, 0x34345C68, 0xA5A5F451, - 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, - 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, - 0x05050F0A, 0x9A9AB52F, 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, - 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, 0x09091B12, 0x83839E1D, - 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, - 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, - 0x2F2F715E, 0x84849713, 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, - 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, 0x6A6ABED4, 0xCBCB468D, - 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, - 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, - 0x33335566, 0x85859411, 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, - 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, 0x5151F3A2, 0xA3A3FE5D, - 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, - 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, - 0xF3F30EFD, 0xD2D26DBF, 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, - 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, 0xC4C45793, 0xA7A7F255, - 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, - 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, - 0x9090AB3B, 0x8888830B, 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, - 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, 0xE0E03BDB, 0x32325664, - 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, - 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, - 0xE4E437D3, 0x79798BF2, 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, - 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, 0x6C6CB4D8, 0x5656FAAC, - 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, - 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, - 0xB4B4C773, 0xC6C65197, 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, - 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, 0x707090E0, 0x3E3E427C, - 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, - 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, - 0x1D1D273A, 0x9E9EB927, 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, - 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, 0x9B9BB62D, 0x1E1E223C, - 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, - 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, - 0x4242C684, 0x6868B8D0, 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, - 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C }; - -const u32bit TD[1024] = { - 0x51F4A750, 0x7E416553, 0x1A17A4C3, 0x3A275E96, 0x3BAB6BCB, 0x1F9D45F1, - 0xACFA58AB, 0x4BE30393, 0x2030FA55, 0xAD766DF6, 0x88CC7691, 0xF5024C25, - 0x4FE5D7FC, 0xC52ACBD7, 0x26354480, 0xB562A38F, 0xDEB15A49, 0x25BA1B67, - 0x45EA0E98, 0x5DFEC0E1, 0xC32F7502, 0x814CF012, 0x8D4697A3, 0x6BD3F9C6, - 0x038F5FE7, 0x15929C95, 0xBF6D7AEB, 0x955259DA, 0xD4BE832D, 0x587421D3, - 0x49E06929, 0x8EC9C844, 0x75C2896A, 0xF48E7978, 0x99583E6B, 0x27B971DD, - 0xBEE14FB6, 0xF088AD17, 0xC920AC66, 0x7DCE3AB4, 0x63DF4A18, 0xE51A3182, - 0x97513360, 0x62537F45, 0xB16477E0, 0xBB6BAE84, 0xFE81A01C, 0xF9082B94, - 0x70486858, 0x8F45FD19, 0x94DE6C87, 0x527BF8B7, 0xAB73D323, 0x724B02E2, - 0xE31F8F57, 0x6655AB2A, 0xB2EB2807, 0x2FB5C203, 0x86C57B9A, 0xD33708A5, - 0x302887F2, 0x23BFA5B2, 0x02036ABA, 0xED16825C, 0x8ACF1C2B, 0xA779B492, - 0xF307F2F0, 0x4E69E2A1, 0x65DAF4CD, 0x0605BED5, 0xD134621F, 0xC4A6FE8A, - 0x342E539D, 0xA2F355A0, 0x058AE132, 0xA4F6EB75, 0x0B83EC39, 0x4060EFAA, - 0x5E719F06, 0xBD6E1051, 0x3E218AF9, 0x96DD063D, 0xDD3E05AE, 0x4DE6BD46, - 0x91548DB5, 0x71C45D05, 0x0406D46F, 0x605015FF, 0x1998FB24, 0xD6BDE997, - 0x894043CC, 0x67D99E77, 0xB0E842BD, 0x07898B88, 0xE7195B38, 0x79C8EEDB, - 0xA17C0A47, 0x7C420FE9, 0xF8841EC9, 0x00000000, 0x09808683, 0x322BED48, - 0x1E1170AC, 0x6C5A724E, 0xFD0EFFFB, 0x0F853856, 0x3DAED51E, 0x362D3927, - 0x0A0FD964, 0x685CA621, 0x9B5B54D1, 0x24362E3A, 0x0C0A67B1, 0x9357E70F, - 0xB4EE96D2, 0x1B9B919E, 0x80C0C54F, 0x61DC20A2, 0x5A774B69, 0x1C121A16, - 0xE293BA0A, 0xC0A02AE5, 0x3C22E043, 0x121B171D, 0x0E090D0B, 0xF28BC7AD, - 0x2DB6A8B9, 0x141EA9C8, 0x57F11985, 0xAF75074C, 0xEE99DDBB, 0xA37F60FD, - 0xF701269F, 0x5C72F5BC, 0x44663BC5, 0x5BFB7E34, 0x8B432976, 0xCB23C6DC, - 0xB6EDFC68, 0xB8E4F163, 0xD731DCCA, 0x42638510, 0x13972240, 0x84C61120, - 0x854A247D, 0xD2BB3DF8, 0xAEF93211, 0xC729A16D, 0x1D9E2F4B, 0xDCB230F3, - 0x0D8652EC, 0x77C1E3D0, 0x2BB3166C, 0xA970B999, 0x119448FA, 0x47E96422, - 0xA8FC8CC4, 0xA0F03F1A, 0x567D2CD8, 0x223390EF, 0x87494EC7, 0xD938D1C1, - 0x8CCAA2FE, 0x98D40B36, 0xA6F581CF, 0xA57ADE28, 0xDAB78E26, 0x3FADBFA4, - 0x2C3A9DE4, 0x5078920D, 0x6A5FCC9B, 0x547E4662, 0xF68D13C2, 0x90D8B8E8, - 0x2E39F75E, 0x82C3AFF5, 0x9F5D80BE, 0x69D0937C, 0x6FD52DA9, 0xCF2512B3, - 0xC8AC993B, 0x10187DA7, 0xE89C636E, 0xDB3BBB7B, 0xCD267809, 0x6E5918F4, - 0xEC9AB701, 0x834F9AA8, 0xE6956E65, 0xAAFFE67E, 0x21BCCF08, 0xEF15E8E6, - 0xBAE79BD9, 0x4A6F36CE, 0xEA9F09D4, 0x29B07CD6, 0x31A4B2AF, 0x2A3F2331, - 0xC6A59430, 0x35A266C0, 0x744EBC37, 0xFC82CAA6, 0xE090D0B0, 0x33A7D815, - 0xF104984A, 0x41ECDAF7, 0x7FCD500E, 0x1791F62F, 0x764DD68D, 0x43EFB04D, - 0xCCAA4D54, 0xE49604DF, 0x9ED1B5E3, 0x4C6A881B, 0xC12C1FB8, 0x4665517F, - 0x9D5EEA04, 0x018C355D, 0xFA877473, 0xFB0B412E, 0xB3671D5A, 0x92DBD252, - 0xE9105633, 0x6DD64713, 0x9AD7618C, 0x37A10C7A, 0x59F8148E, 0xEB133C89, - 0xCEA927EE, 0xB761C935, 0xE11CE5ED, 0x7A47B13C, 0x9CD2DF59, 0x55F2733F, - 0x1814CE79, 0x73C737BF, 0x53F7CDEA, 0x5FFDAA5B, 0xDF3D6F14, 0x7844DB86, - 0xCAAFF381, 0xB968C43E, 0x3824342C, 0xC2A3405F, 0x161DC372, 0xBCE2250C, - 0x283C498B, 0xFF0D9541, 0x39A80171, 0x080CB3DE, 0xD8B4E49C, 0x6456C190, - 0x7BCB8461, 0xD532B670, 0x486C5C74, 0xD0B85742, 0x5051F4A7, 0x537E4165, - 0xC31A17A4, 0x963A275E, 0xCB3BAB6B, 0xF11F9D45, 0xABACFA58, 0x934BE303, - 0x552030FA, 0xF6AD766D, 0x9188CC76, 0x25F5024C, 0xFC4FE5D7, 0xD7C52ACB, - 0x80263544, 0x8FB562A3, 0x49DEB15A, 0x6725BA1B, 0x9845EA0E, 0xE15DFEC0, - 0x02C32F75, 0x12814CF0, 0xA38D4697, 0xC66BD3F9, 0xE7038F5F, 0x9515929C, - 0xEBBF6D7A, 0xDA955259, 0x2DD4BE83, 0xD3587421, 0x2949E069, 0x448EC9C8, - 0x6A75C289, 0x78F48E79, 0x6B99583E, 0xDD27B971, 0xB6BEE14F, 0x17F088AD, - 0x66C920AC, 0xB47DCE3A, 0x1863DF4A, 0x82E51A31, 0x60975133, 0x4562537F, - 0xE0B16477, 0x84BB6BAE, 0x1CFE81A0, 0x94F9082B, 0x58704868, 0x198F45FD, - 0x8794DE6C, 0xB7527BF8, 0x23AB73D3, 0xE2724B02, 0x57E31F8F, 0x2A6655AB, - 0x07B2EB28, 0x032FB5C2, 0x9A86C57B, 0xA5D33708, 0xF2302887, 0xB223BFA5, - 0xBA02036A, 0x5CED1682, 0x2B8ACF1C, 0x92A779B4, 0xF0F307F2, 0xA14E69E2, - 0xCD65DAF4, 0xD50605BE, 0x1FD13462, 0x8AC4A6FE, 0x9D342E53, 0xA0A2F355, - 0x32058AE1, 0x75A4F6EB, 0x390B83EC, 0xAA4060EF, 0x065E719F, 0x51BD6E10, - 0xF93E218A, 0x3D96DD06, 0xAEDD3E05, 0x464DE6BD, 0xB591548D, 0x0571C45D, - 0x6F0406D4, 0xFF605015, 0x241998FB, 0x97D6BDE9, 0xCC894043, 0x7767D99E, - 0xBDB0E842, 0x8807898B, 0x38E7195B, 0xDB79C8EE, 0x47A17C0A, 0xE97C420F, - 0xC9F8841E, 0x00000000, 0x83098086, 0x48322BED, 0xAC1E1170, 0x4E6C5A72, - 0xFBFD0EFF, 0x560F8538, 0x1E3DAED5, 0x27362D39, 0x640A0FD9, 0x21685CA6, - 0xD19B5B54, 0x3A24362E, 0xB10C0A67, 0x0F9357E7, 0xD2B4EE96, 0x9E1B9B91, - 0x4F80C0C5, 0xA261DC20, 0x695A774B, 0x161C121A, 0x0AE293BA, 0xE5C0A02A, - 0x433C22E0, 0x1D121B17, 0x0B0E090D, 0xADF28BC7, 0xB92DB6A8, 0xC8141EA9, - 0x8557F119, 0x4CAF7507, 0xBBEE99DD, 0xFDA37F60, 0x9FF70126, 0xBC5C72F5, - 0xC544663B, 0x345BFB7E, 0x768B4329, 0xDCCB23C6, 0x68B6EDFC, 0x63B8E4F1, - 0xCAD731DC, 0x10426385, 0x40139722, 0x2084C611, 0x7D854A24, 0xF8D2BB3D, - 0x11AEF932, 0x6DC729A1, 0x4B1D9E2F, 0xF3DCB230, 0xEC0D8652, 0xD077C1E3, - 0x6C2BB316, 0x99A970B9, 0xFA119448, 0x2247E964, 0xC4A8FC8C, 0x1AA0F03F, - 0xD8567D2C, 0xEF223390, 0xC787494E, 0xC1D938D1, 0xFE8CCAA2, 0x3698D40B, - 0xCFA6F581, 0x28A57ADE, 0x26DAB78E, 0xA43FADBF, 0xE42C3A9D, 0x0D507892, - 0x9B6A5FCC, 0x62547E46, 0xC2F68D13, 0xE890D8B8, 0x5E2E39F7, 0xF582C3AF, - 0xBE9F5D80, 0x7C69D093, 0xA96FD52D, 0xB3CF2512, 0x3BC8AC99, 0xA710187D, - 0x6EE89C63, 0x7BDB3BBB, 0x09CD2678, 0xF46E5918, 0x01EC9AB7, 0xA8834F9A, - 0x65E6956E, 0x7EAAFFE6, 0x0821BCCF, 0xE6EF15E8, 0xD9BAE79B, 0xCE4A6F36, - 0xD4EA9F09, 0xD629B07C, 0xAF31A4B2, 0x312A3F23, 0x30C6A594, 0xC035A266, - 0x37744EBC, 0xA6FC82CA, 0xB0E090D0, 0x1533A7D8, 0x4AF10498, 0xF741ECDA, - 0x0E7FCD50, 0x2F1791F6, 0x8D764DD6, 0x4D43EFB0, 0x54CCAA4D, 0xDFE49604, - 0xE39ED1B5, 0x1B4C6A88, 0xB8C12C1F, 0x7F466551, 0x049D5EEA, 0x5D018C35, - 0x73FA8774, 0x2EFB0B41, 0x5AB3671D, 0x5292DBD2, 0x33E91056, 0x136DD647, - 0x8C9AD761, 0x7A37A10C, 0x8E59F814, 0x89EB133C, 0xEECEA927, 0x35B761C9, - 0xEDE11CE5, 0x3C7A47B1, 0x599CD2DF, 0x3F55F273, 0x791814CE, 0xBF73C737, - 0xEA53F7CD, 0x5B5FFDAA, 0x14DF3D6F, 0x867844DB, 0x81CAAFF3, 0x3EB968C4, - 0x2C382434, 0x5FC2A340, 0x72161DC3, 0x0CBCE225, 0x8B283C49, 0x41FF0D95, - 0x7139A801, 0xDE080CB3, 0x9CD8B4E4, 0x906456C1, 0x617BCB84, 0x70D532B6, - 0x74486C5C, 0x42D0B857, 0xA75051F4, 0x65537E41, 0xA4C31A17, 0x5E963A27, - 0x6BCB3BAB, 0x45F11F9D, 0x58ABACFA, 0x03934BE3, 0xFA552030, 0x6DF6AD76, - 0x769188CC, 0x4C25F502, 0xD7FC4FE5, 0xCBD7C52A, 0x44802635, 0xA38FB562, - 0x5A49DEB1, 0x1B6725BA, 0x0E9845EA, 0xC0E15DFE, 0x7502C32F, 0xF012814C, - 0x97A38D46, 0xF9C66BD3, 0x5FE7038F, 0x9C951592, 0x7AEBBF6D, 0x59DA9552, - 0x832DD4BE, 0x21D35874, 0x692949E0, 0xC8448EC9, 0x896A75C2, 0x7978F48E, - 0x3E6B9958, 0x71DD27B9, 0x4FB6BEE1, 0xAD17F088, 0xAC66C920, 0x3AB47DCE, - 0x4A1863DF, 0x3182E51A, 0x33609751, 0x7F456253, 0x77E0B164, 0xAE84BB6B, - 0xA01CFE81, 0x2B94F908, 0x68587048, 0xFD198F45, 0x6C8794DE, 0xF8B7527B, - 0xD323AB73, 0x02E2724B, 0x8F57E31F, 0xAB2A6655, 0x2807B2EB, 0xC2032FB5, - 0x7B9A86C5, 0x08A5D337, 0x87F23028, 0xA5B223BF, 0x6ABA0203, 0x825CED16, - 0x1C2B8ACF, 0xB492A779, 0xF2F0F307, 0xE2A14E69, 0xF4CD65DA, 0xBED50605, - 0x621FD134, 0xFE8AC4A6, 0x539D342E, 0x55A0A2F3, 0xE132058A, 0xEB75A4F6, - 0xEC390B83, 0xEFAA4060, 0x9F065E71, 0x1051BD6E, 0x8AF93E21, 0x063D96DD, - 0x05AEDD3E, 0xBD464DE6, 0x8DB59154, 0x5D0571C4, 0xD46F0406, 0x15FF6050, - 0xFB241998, 0xE997D6BD, 0x43CC8940, 0x9E7767D9, 0x42BDB0E8, 0x8B880789, - 0x5B38E719, 0xEEDB79C8, 0x0A47A17C, 0x0FE97C42, 0x1EC9F884, 0x00000000, - 0x86830980, 0xED48322B, 0x70AC1E11, 0x724E6C5A, 0xFFFBFD0E, 0x38560F85, - 0xD51E3DAE, 0x3927362D, 0xD9640A0F, 0xA621685C, 0x54D19B5B, 0x2E3A2436, - 0x67B10C0A, 0xE70F9357, 0x96D2B4EE, 0x919E1B9B, 0xC54F80C0, 0x20A261DC, - 0x4B695A77, 0x1A161C12, 0xBA0AE293, 0x2AE5C0A0, 0xE0433C22, 0x171D121B, - 0x0D0B0E09, 0xC7ADF28B, 0xA8B92DB6, 0xA9C8141E, 0x198557F1, 0x074CAF75, - 0xDDBBEE99, 0x60FDA37F, 0x269FF701, 0xF5BC5C72, 0x3BC54466, 0x7E345BFB, - 0x29768B43, 0xC6DCCB23, 0xFC68B6ED, 0xF163B8E4, 0xDCCAD731, 0x85104263, - 0x22401397, 0x112084C6, 0x247D854A, 0x3DF8D2BB, 0x3211AEF9, 0xA16DC729, - 0x2F4B1D9E, 0x30F3DCB2, 0x52EC0D86, 0xE3D077C1, 0x166C2BB3, 0xB999A970, - 0x48FA1194, 0x642247E9, 0x8CC4A8FC, 0x3F1AA0F0, 0x2CD8567D, 0x90EF2233, - 0x4EC78749, 0xD1C1D938, 0xA2FE8CCA, 0x0B3698D4, 0x81CFA6F5, 0xDE28A57A, - 0x8E26DAB7, 0xBFA43FAD, 0x9DE42C3A, 0x920D5078, 0xCC9B6A5F, 0x4662547E, - 0x13C2F68D, 0xB8E890D8, 0xF75E2E39, 0xAFF582C3, 0x80BE9F5D, 0x937C69D0, - 0x2DA96FD5, 0x12B3CF25, 0x993BC8AC, 0x7DA71018, 0x636EE89C, 0xBB7BDB3B, - 0x7809CD26, 0x18F46E59, 0xB701EC9A, 0x9AA8834F, 0x6E65E695, 0xE67EAAFF, - 0xCF0821BC, 0xE8E6EF15, 0x9BD9BAE7, 0x36CE4A6F, 0x09D4EA9F, 0x7CD629B0, - 0xB2AF31A4, 0x23312A3F, 0x9430C6A5, 0x66C035A2, 0xBC37744E, 0xCAA6FC82, - 0xD0B0E090, 0xD81533A7, 0x984AF104, 0xDAF741EC, 0x500E7FCD, 0xF62F1791, - 0xD68D764D, 0xB04D43EF, 0x4D54CCAA, 0x04DFE496, 0xB5E39ED1, 0x881B4C6A, - 0x1FB8C12C, 0x517F4665, 0xEA049D5E, 0x355D018C, 0x7473FA87, 0x412EFB0B, - 0x1D5AB367, 0xD25292DB, 0x5633E910, 0x47136DD6, 0x618C9AD7, 0x0C7A37A1, - 0x148E59F8, 0x3C89EB13, 0x27EECEA9, 0xC935B761, 0xE5EDE11C, 0xB13C7A47, - 0xDF599CD2, 0x733F55F2, 0xCE791814, 0x37BF73C7, 0xCDEA53F7, 0xAA5B5FFD, - 0x6F14DF3D, 0xDB867844, 0xF381CAAF, 0xC43EB968, 0x342C3824, 0x405FC2A3, - 0xC372161D, 0x250CBCE2, 0x498B283C, 0x9541FF0D, 0x017139A8, 0xB3DE080C, - 0xE49CD8B4, 0xC1906456, 0x84617BCB, 0xB670D532, 0x5C74486C, 0x5742D0B8, - 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, - 0xFA58ABAC, 0xE303934B, 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, - 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, 0xB15A49DE, 0xBA1B6725, - 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, - 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, - 0xE0692949, 0xC9C8448E, 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, - 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, 0xDF4A1863, 0x1A3182E5, - 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, - 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, - 0x1F8F57E3, 0x55AB2A66, 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, - 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, 0xCF1C2B8A, 0x79B492A7, - 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, - 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, - 0x719F065E, 0x6E1051BD, 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, - 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, 0x98FB2419, 0xBDE997D6, - 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, - 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, - 0x1170AC1E, 0x5A724E6C, 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, - 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, 0x0A67B10C, 0x57E70F93, - 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, - 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, - 0xB6A8B92D, 0x1EA9C814, 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, - 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, 0x4329768B, 0x23C6DCCB, - 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, - 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, - 0x8652EC0D, 0xC1E3D077, 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, - 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, 0x494EC787, 0x38D1C1D9, - 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, - 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, - 0x39F75E2E, 0xC3AFF582, 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, - 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, 0x267809CD, 0x5918F46E, - 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, - 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, - 0xA59430C6, 0xA266C035, 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, - 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, 0x4DD68D76, 0xEFB04D43, - 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, - 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, - 0x105633E9, 0xD647136D, 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, - 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, 0xD2DF599C, 0xF2733F55, - 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, - 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, - 0x3C498B28, 0x0D9541FF, 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, - 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 }; - -/* -* AES Encryption -*/ -void aes_encrypt_n(const byte in[], byte out[], - size_t blocks, - const secure_vector<u32bit>& EK, - const secure_vector<byte>& ME) - { - BOTAN_ASSERT(EK.size() && ME.size() == 16, "Key was set"); - - const size_t BLOCK_SIZE = 16; - - const u32bit* TE0 = TE; - const u32bit* TE1 = TE + 256; - const u32bit* TE2 = TE + 512; - const u32bit* TE3 = TE + 768; - - for(size_t i = 0; i != blocks; ++i) - { - u32bit T0 = load_be<u32bit>(in, 0) ^ EK[0]; - u32bit T1 = load_be<u32bit>(in, 1) ^ EK[1]; - u32bit T2 = load_be<u32bit>(in, 2) ^ EK[2]; - u32bit T3 = load_be<u32bit>(in, 3) ^ EK[3]; - - /* Use only the first 256 entries of the TE table and do the - * rotations directly in the code. This reduces the number of - * cache lines potentially used in the first round from 64 to 16 - * (assuming a typical 64 byte cache line), which makes timing - * attacks a little harder; the first round is particularly - * vulnerable. - */ - - u32bit B0 = TE[get_byte(0, T0)] ^ - rotate_right(TE[get_byte(1, T1)], 8) ^ - rotate_right(TE[get_byte(2, T2)], 16) ^ - rotate_right(TE[get_byte(3, T3)], 24) ^ EK[4]; - - u32bit B1 = TE[get_byte(0, T1)] ^ - rotate_right(TE[get_byte(1, T2)], 8) ^ - rotate_right(TE[get_byte(2, T3)], 16) ^ - rotate_right(TE[get_byte(3, T0)], 24) ^ EK[5]; - - u32bit B2 = TE[get_byte(0, T2)] ^ - rotate_right(TE[get_byte(1, T3)], 8) ^ - rotate_right(TE[get_byte(2, T0)], 16) ^ - rotate_right(TE[get_byte(3, T1)], 24) ^ EK[6]; - - u32bit B3 = TE[get_byte(0, T3)] ^ - rotate_right(TE[get_byte(1, T0)], 8) ^ - rotate_right(TE[get_byte(2, T1)], 16) ^ - rotate_right(TE[get_byte(3, T2)], 24) ^ EK[7]; - - for(size_t r = 2*4; r < EK.size(); r += 2*4) - { - T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(1, B1)] ^ - TE2[get_byte(2, B2)] ^ TE3[get_byte(3, B3)] ^ EK[r]; - T1 = TE0[get_byte(0, B1)] ^ TE1[get_byte(1, B2)] ^ - TE2[get_byte(2, B3)] ^ TE3[get_byte(3, B0)] ^ EK[r+1]; - T2 = TE0[get_byte(0, B2)] ^ TE1[get_byte(1, B3)] ^ - TE2[get_byte(2, B0)] ^ TE3[get_byte(3, B1)] ^ EK[r+2]; - T3 = TE0[get_byte(0, B3)] ^ TE1[get_byte(1, B0)] ^ - TE2[get_byte(2, B1)] ^ TE3[get_byte(3, B2)] ^ EK[r+3]; - - B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(1, T1)] ^ - TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ EK[r+4]; - B1 = TE0[get_byte(0, T1)] ^ TE1[get_byte(1, T2)] ^ - TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ EK[r+5]; - B2 = TE0[get_byte(0, T2)] ^ TE1[get_byte(1, T3)] ^ - TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ EK[r+6]; - B3 = TE0[get_byte(0, T3)] ^ TE1[get_byte(1, T0)] ^ - TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ EK[r+7]; - } - - /* - Joseph Bonneau and Ilya Mironov's paper "Cache-Collision Timing - Attacks Against AES" describes an attack that can recover AES - keys with as few as 2**13 samples. - - http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.88.4753 - - They recommend using a byte-wide table, which still allows an attack - but increases the samples required from 2**13 to 2**25: - - """In addition to OpenSSL v. 0.9.8.(a), which was used in our - experiments, the AES implementations of Crypto++ 5.2.1 and - LibTomCrypt 1.09 use the original Rijndael C implementation with - very few changes and are highly vulnerable. The AES implementations - in libgcrypt v. 1.2.2 and Botan v. 1.4.2 are also vulnerable, but - use a smaller byte-wide final table which lessens the effectiveness - of the attacks.""" - */ - - out[ 0] = SE[get_byte(0, B0)] ^ ME[0]; - out[ 1] = SE[get_byte(1, B1)] ^ ME[1]; - out[ 2] = SE[get_byte(2, B2)] ^ ME[2]; - out[ 3] = SE[get_byte(3, B3)] ^ ME[3]; - out[ 4] = SE[get_byte(0, B1)] ^ ME[4]; - out[ 5] = SE[get_byte(1, B2)] ^ ME[5]; - out[ 6] = SE[get_byte(2, B3)] ^ ME[6]; - out[ 7] = SE[get_byte(3, B0)] ^ ME[7]; - out[ 8] = SE[get_byte(0, B2)] ^ ME[8]; - out[ 9] = SE[get_byte(1, B3)] ^ ME[9]; - out[10] = SE[get_byte(2, B0)] ^ ME[10]; - out[11] = SE[get_byte(3, B1)] ^ ME[11]; - out[12] = SE[get_byte(0, B3)] ^ ME[12]; - out[13] = SE[get_byte(1, B0)] ^ ME[13]; - out[14] = SE[get_byte(2, B1)] ^ ME[14]; - out[15] = SE[get_byte(3, B2)] ^ ME[15]; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* AES Decryption -*/ -void aes_decrypt_n(const byte in[], byte out[], size_t blocks, - const secure_vector<u32bit>& DK, - const secure_vector<byte>& MD) - { - BOTAN_ASSERT(DK.size() && MD.size() == 16, "Key was set"); - - const size_t BLOCK_SIZE = 16; - - const u32bit* TD0 = TD; - const u32bit* TD1 = TD + 256; - const u32bit* TD2 = TD + 512; - const u32bit* TD3 = TD + 768; - - for(size_t i = 0; i != blocks; ++i) - { - u32bit T0 = load_be<u32bit>(in, 0) ^ DK[0]; - u32bit T1 = load_be<u32bit>(in, 1) ^ DK[1]; - u32bit T2 = load_be<u32bit>(in, 2) ^ DK[2]; - u32bit T3 = load_be<u32bit>(in, 3) ^ DK[3]; - - u32bit B0 = TD[get_byte(0, T0)] ^ - rotate_right(TD[get_byte(1, T3)], 8) ^ - rotate_right(TD[get_byte(2, T2)], 16) ^ - rotate_right(TD[get_byte(3, T1)], 24) ^ DK[4]; - - u32bit B1 = TD[get_byte(0, T1)] ^ - rotate_right(TD[get_byte(1, T0)], 8) ^ - rotate_right(TD[get_byte(2, T3)], 16) ^ - rotate_right(TD[get_byte(3, T2)], 24) ^ DK[5]; - - u32bit B2 = TD[get_byte(0, T2)] ^ - rotate_right(TD[get_byte(1, T1)], 8) ^ - rotate_right(TD[get_byte(2, T0)], 16) ^ - rotate_right(TD[get_byte(3, T3)], 24) ^ DK[6]; - - u32bit B3 = TD[get_byte(0, T3)] ^ - rotate_right(TD[get_byte(1, T2)], 8) ^ - rotate_right(TD[get_byte(2, T1)], 16) ^ - rotate_right(TD[get_byte(3, T0)], 24) ^ DK[7]; - - for(size_t r = 2*4; r < DK.size(); r += 2*4) - { - T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(1, B3)] ^ - TD2[get_byte(2, B2)] ^ TD3[get_byte(3, B1)] ^ DK[r]; - T1 = TD0[get_byte(0, B1)] ^ TD1[get_byte(1, B0)] ^ - TD2[get_byte(2, B3)] ^ TD3[get_byte(3, B2)] ^ DK[r+1]; - T2 = TD0[get_byte(0, B2)] ^ TD1[get_byte(1, B1)] ^ - TD2[get_byte(2, B0)] ^ TD3[get_byte(3, B3)] ^ DK[r+2]; - T3 = TD0[get_byte(0, B3)] ^ TD1[get_byte(1, B2)] ^ - TD2[get_byte(2, B1)] ^ TD3[get_byte(3, B0)] ^ DK[r+3]; - - B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(1, T3)] ^ - TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ DK[r+4]; - B1 = TD0[get_byte(0, T1)] ^ TD1[get_byte(1, T0)] ^ - TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ DK[r+5]; - B2 = TD0[get_byte(0, T2)] ^ TD1[get_byte(1, T1)] ^ - TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ DK[r+6]; - B3 = TD0[get_byte(0, T3)] ^ TD1[get_byte(1, T2)] ^ - TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ DK[r+7]; - } - - out[ 0] = SD[get_byte(0, B0)] ^ MD[0]; - out[ 1] = SD[get_byte(1, B3)] ^ MD[1]; - out[ 2] = SD[get_byte(2, B2)] ^ MD[2]; - out[ 3] = SD[get_byte(3, B1)] ^ MD[3]; - out[ 4] = SD[get_byte(0, B1)] ^ MD[4]; - out[ 5] = SD[get_byte(1, B0)] ^ MD[5]; - out[ 6] = SD[get_byte(2, B3)] ^ MD[6]; - out[ 7] = SD[get_byte(3, B2)] ^ MD[7]; - out[ 8] = SD[get_byte(0, B2)] ^ MD[8]; - out[ 9] = SD[get_byte(1, B1)] ^ MD[9]; - out[10] = SD[get_byte(2, B0)] ^ MD[10]; - out[11] = SD[get_byte(3, B3)] ^ MD[11]; - out[12] = SD[get_byte(0, B3)] ^ MD[12]; - out[13] = SD[get_byte(1, B2)] ^ MD[13]; - out[14] = SD[get_byte(2, B1)] ^ MD[14]; - out[15] = SD[get_byte(3, B0)] ^ MD[15]; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -void aes_key_schedule(const byte key[], size_t length, - secure_vector<u32bit>& EK, - secure_vector<u32bit>& DK, - secure_vector<byte>& ME, - secure_vector<byte>& MD) - { - static const u32bit RC[10] = { - 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, - 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000 }; - - const size_t rounds = (length / 4) + 6; - - secure_vector<u32bit> XEK(length + 32), XDK(length + 32); - - const size_t X = length / 4; - for(size_t i = 0; i != X; ++i) - XEK[i] = load_be<u32bit>(key, i); - - for(size_t i = X; i < 4*(rounds+1); i += X) - { - XEK[i] = XEK[i-X] ^ RC[(i-X)/X] ^ - make_u32bit(SE[get_byte(1, XEK[i-1])], - SE[get_byte(2, XEK[i-1])], - SE[get_byte(3, XEK[i-1])], - SE[get_byte(0, XEK[i-1])]); - - for(size_t j = 1; j != X; ++j) - { - XEK[i+j] = XEK[i+j-X]; - - if(X == 8 && j == 4) - XEK[i+j] ^= make_u32bit(SE[get_byte(0, XEK[i+j-1])], - SE[get_byte(1, XEK[i+j-1])], - SE[get_byte(2, XEK[i+j-1])], - SE[get_byte(3, XEK[i+j-1])]); - else - XEK[i+j] ^= XEK[i+j-1]; - } - } - - for(size_t i = 0; i != 4*(rounds+1); i += 4) - { - XDK[i ] = XEK[4*rounds-i ]; - XDK[i+1] = XEK[4*rounds-i+1]; - XDK[i+2] = XEK[4*rounds-i+2]; - XDK[i+3] = XEK[4*rounds-i+3]; - } - - for(size_t i = 4; i != length + 24; ++i) - XDK[i] = TD[SE[get_byte(0, XDK[i])] + 0] ^ - TD[SE[get_byte(1, XDK[i])] + 256] ^ - TD[SE[get_byte(2, XDK[i])] + 512] ^ - TD[SE[get_byte(3, XDK[i])] + 768]; - - ME.resize(16); - MD.resize(16); - - for(size_t i = 0; i != 4; ++i) - { - store_be(XEK[i+4*rounds], &ME[4*i]); - store_be(XEK[i], &MD[4*i]); - } - - EK.resize(length + 24); - DK.resize(length + 24); - copy_mem(&EK[0], &XEK[0], EK.size()); - copy_mem(&DK[0], &XDK[0], DK.size()); - } - -} - -void AES_128::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_encrypt_n(in, out, blocks, EK, ME); - } - -void AES_128::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_decrypt_n(in, out, blocks, DK, MD); - } - -void AES_128::key_schedule(const byte key[], size_t length) - { - aes_key_schedule(key, length, EK, DK, ME, MD); - } - -void AES_128::clear() - { - zap(EK); - zap(DK); - zap(ME); - zap(MD); - } - -void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_encrypt_n(in, out, blocks, EK, ME); - } - -void AES_192::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_decrypt_n(in, out, blocks, DK, MD); - } - -void AES_192::key_schedule(const byte key[], size_t length) - { - aes_key_schedule(key, length, EK, DK, ME, MD); - } - -void AES_192::clear() - { - zap(EK); - zap(DK); - zap(ME); - zap(MD); - } - -void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_encrypt_n(in, out, blocks, EK, ME); - } - -void AES_256::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - aes_decrypt_n(in, out, blocks, DK, MD); - } - -void AES_256::key_schedule(const byte key[], size_t length) - { - aes_key_schedule(key, length, EK, DK, ME, MD); - } - -void AES_256::clear() - { - zap(EK); - zap(DK); - zap(ME); - zap(MD); - } - -} diff --git a/src/block/aes/aes.h b/src/block/aes/aes.h deleted file mode 100644 index 5ddd39b08..000000000 --- a/src/block/aes/aes.h +++ /dev/null @@ -1,77 +0,0 @@ -/* -* AES -* (C) 1999-2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_AES_H__ -#define BOTAN_AES_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* AES-128 -*/ -class BOTAN_DLL AES_128 : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - - std::string name() const { return "AES-128"; } - BlockCipher* clone() const { return new AES_128; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u32bit> EK, DK; - secure_vector<byte> ME, MD; - }; - -/** -* AES-192 -*/ -class BOTAN_DLL AES_192 : public Block_Cipher_Fixed_Params<16, 24> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - - std::string name() const { return "AES-192"; } - BlockCipher* clone() const { return new AES_192; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u32bit> EK, DK; - secure_vector<byte> ME, MD; - }; - -/** -* AES-256 -*/ -class BOTAN_DLL AES_256 : public Block_Cipher_Fixed_Params<16, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - - std::string name() const { return "AES-256"; } - BlockCipher* clone() const { return new AES_256; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u32bit> EK, DK; - secure_vector<byte> ME, MD; - }; - -} - -#endif diff --git a/src/block/aes/info.txt b/src/block/aes/info.txt deleted file mode 100644 index 09bd9a0ca..000000000 --- a/src/block/aes/info.txt +++ /dev/null @@ -1 +0,0 @@ -define AES 20131128 diff --git a/src/block/aes_ni/aes_ni.cpp b/src/block/aes_ni/aes_ni.cpp deleted file mode 100644 index c752d359c..000000000 --- a/src/block/aes_ni/aes_ni.cpp +++ /dev/null @@ -1,795 +0,0 @@ -/* -* AES using AES-NI instructions -* (C) 2009,2012 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/aes_ni.h> -#include <botan/loadstor.h> -#include <wmmintrin.h> - -namespace Botan { - -namespace { - -__m128i aes_128_key_expansion(__m128i key, __m128i key_with_rcon) - { - key_with_rcon = _mm_shuffle_epi32(key_with_rcon, _MM_SHUFFLE(3,3,3,3)); - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - return _mm_xor_si128(key, key_with_rcon); - } - -void aes_192_key_expansion(__m128i* K1, __m128i* K2, __m128i key2_with_rcon, - u32bit out[], bool last) - { - __m128i key1 = *K1; - __m128i key2 = *K2; - - key2_with_rcon = _mm_shuffle_epi32(key2_with_rcon, _MM_SHUFFLE(1,1,1,1)); - key1 = _mm_xor_si128(key1, _mm_slli_si128(key1, 4)); - key1 = _mm_xor_si128(key1, _mm_slli_si128(key1, 4)); - key1 = _mm_xor_si128(key1, _mm_slli_si128(key1, 4)); - key1 = _mm_xor_si128(key1, key2_with_rcon); - - *K1 = key1; - _mm_storeu_si128(reinterpret_cast<__m128i*>(out), key1); - - if(last) - return; - - key2 = _mm_xor_si128(key2, _mm_slli_si128(key2, 4)); - key2 = _mm_xor_si128(key2, _mm_shuffle_epi32(key1, _MM_SHUFFLE(3,3,3,3))); - - *K2 = key2; - out[4] = _mm_cvtsi128_si32(key2); - out[5] = _mm_cvtsi128_si32(_mm_srli_si128(key2, 4)); - } - -/* -* The second half of the AES-256 key expansion (other half same as AES-128) -*/ -__m128i aes_256_key_expansion(__m128i key, __m128i key2) - { - __m128i key_with_rcon = _mm_aeskeygenassist_si128(key2, 0x00); - key_with_rcon = _mm_shuffle_epi32(key_with_rcon, _MM_SHUFFLE(2,2,2,2)); - - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - key = _mm_xor_si128(key, _mm_slli_si128(key, 4)); - return _mm_xor_si128(key, key_with_rcon); - } - -} - -#define AES_ENC_4_ROUNDS(K) \ - do \ - { \ - B0 = _mm_aesenc_si128(B0, K); \ - B1 = _mm_aesenc_si128(B1, K); \ - B2 = _mm_aesenc_si128(B2, K); \ - B3 = _mm_aesenc_si128(B3, K); \ - } while(0) - -#define AES_ENC_4_LAST_ROUNDS(K) \ - do \ - { \ - B0 = _mm_aesenclast_si128(B0, K); \ - B1 = _mm_aesenclast_si128(B1, K); \ - B2 = _mm_aesenclast_si128(B2, K); \ - B3 = _mm_aesenclast_si128(B3, K); \ - } while(0) - -#define AES_DEC_4_ROUNDS(K) \ - do \ - { \ - B0 = _mm_aesdec_si128(B0, K); \ - B1 = _mm_aesdec_si128(B1, K); \ - B2 = _mm_aesdec_si128(B2, K); \ - B3 = _mm_aesdec_si128(B3, K); \ - } while(0) - -#define AES_DEC_4_LAST_ROUNDS(K) \ - do \ - { \ - B0 = _mm_aesdeclast_si128(B0, K); \ - B1 = _mm_aesdeclast_si128(B1, K); \ - B2 = _mm_aesdeclast_si128(B2, K); \ - B3 = _mm_aesdeclast_si128(B3, K); \ - } while(0) - -/* -* AES-128 Encryption -*/ -void AES_128_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&EK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_ENC_4_ROUNDS(K1); - AES_ENC_4_ROUNDS(K2); - AES_ENC_4_ROUNDS(K3); - AES_ENC_4_ROUNDS(K4); - AES_ENC_4_ROUNDS(K5); - AES_ENC_4_ROUNDS(K6); - AES_ENC_4_ROUNDS(K7); - AES_ENC_4_ROUNDS(K8); - AES_ENC_4_ROUNDS(K9); - AES_ENC_4_LAST_ROUNDS(K10); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesenc_si128(B, K1); - B = _mm_aesenc_si128(B, K2); - B = _mm_aesenc_si128(B, K3); - B = _mm_aesenc_si128(B, K4); - B = _mm_aesenc_si128(B, K5); - B = _mm_aesenc_si128(B, K6); - B = _mm_aesenc_si128(B, K7); - B = _mm_aesenc_si128(B, K8); - B = _mm_aesenc_si128(B, K9); - B = _mm_aesenclast_si128(B, K10); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-128 Decryption -*/ -void AES_128_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&DK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_DEC_4_ROUNDS(K1); - AES_DEC_4_ROUNDS(K2); - AES_DEC_4_ROUNDS(K3); - AES_DEC_4_ROUNDS(K4); - AES_DEC_4_ROUNDS(K5); - AES_DEC_4_ROUNDS(K6); - AES_DEC_4_ROUNDS(K7); - AES_DEC_4_ROUNDS(K8); - AES_DEC_4_ROUNDS(K9); - AES_DEC_4_LAST_ROUNDS(K10); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesdec_si128(B, K1); - B = _mm_aesdec_si128(B, K2); - B = _mm_aesdec_si128(B, K3); - B = _mm_aesdec_si128(B, K4); - B = _mm_aesdec_si128(B, K5); - B = _mm_aesdec_si128(B, K6); - B = _mm_aesdec_si128(B, K7); - B = _mm_aesdec_si128(B, K8); - B = _mm_aesdec_si128(B, K9); - B = _mm_aesdeclast_si128(B, K10); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-128 Key Schedule -*/ -void AES_128_NI::key_schedule(const byte key[], size_t) - { - EK.resize(44); - DK.resize(44); - - #define AES_128_key_exp(K, RCON) \ - aes_128_key_expansion(K, _mm_aeskeygenassist_si128(K, RCON)) - - __m128i K0 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key)); - __m128i K1 = AES_128_key_exp(K0, 0x01); - __m128i K2 = AES_128_key_exp(K1, 0x02); - __m128i K3 = AES_128_key_exp(K2, 0x04); - __m128i K4 = AES_128_key_exp(K3, 0x08); - __m128i K5 = AES_128_key_exp(K4, 0x10); - __m128i K6 = AES_128_key_exp(K5, 0x20); - __m128i K7 = AES_128_key_exp(K6, 0x40); - __m128i K8 = AES_128_key_exp(K7, 0x80); - __m128i K9 = AES_128_key_exp(K8, 0x1B); - __m128i K10 = AES_128_key_exp(K9, 0x36); - - __m128i* EK_mm = reinterpret_cast<__m128i*>(&EK[0]); - _mm_storeu_si128(EK_mm , K0); - _mm_storeu_si128(EK_mm + 1, K1); - _mm_storeu_si128(EK_mm + 2, K2); - _mm_storeu_si128(EK_mm + 3, K3); - _mm_storeu_si128(EK_mm + 4, K4); - _mm_storeu_si128(EK_mm + 5, K5); - _mm_storeu_si128(EK_mm + 6, K6); - _mm_storeu_si128(EK_mm + 7, K7); - _mm_storeu_si128(EK_mm + 8, K8); - _mm_storeu_si128(EK_mm + 9, K9); - _mm_storeu_si128(EK_mm + 10, K10); - - // Now generate decryption keys - - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - _mm_storeu_si128(DK_mm , K10); - _mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(K9)); - _mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(K8)); - _mm_storeu_si128(DK_mm + 3, _mm_aesimc_si128(K7)); - _mm_storeu_si128(DK_mm + 4, _mm_aesimc_si128(K6)); - _mm_storeu_si128(DK_mm + 5, _mm_aesimc_si128(K5)); - _mm_storeu_si128(DK_mm + 6, _mm_aesimc_si128(K4)); - _mm_storeu_si128(DK_mm + 7, _mm_aesimc_si128(K3)); - _mm_storeu_si128(DK_mm + 8, _mm_aesimc_si128(K2)); - _mm_storeu_si128(DK_mm + 9, _mm_aesimc_si128(K1)); - _mm_storeu_si128(DK_mm + 10, K0); - } - -/* -* Clear memory of sensitive data -*/ -void AES_128_NI::clear() - { - zap(EK); - zap(DK); - } - -/* -* AES-192 Encryption -*/ -void AES_192_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&EK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - __m128i K11 = _mm_loadu_si128(key_mm + 11); - __m128i K12 = _mm_loadu_si128(key_mm + 12); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_ENC_4_ROUNDS(K1); - AES_ENC_4_ROUNDS(K2); - AES_ENC_4_ROUNDS(K3); - AES_ENC_4_ROUNDS(K4); - AES_ENC_4_ROUNDS(K5); - AES_ENC_4_ROUNDS(K6); - AES_ENC_4_ROUNDS(K7); - AES_ENC_4_ROUNDS(K8); - AES_ENC_4_ROUNDS(K9); - AES_ENC_4_ROUNDS(K10); - AES_ENC_4_ROUNDS(K11); - AES_ENC_4_LAST_ROUNDS(K12); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesenc_si128(B, K1); - B = _mm_aesenc_si128(B, K2); - B = _mm_aesenc_si128(B, K3); - B = _mm_aesenc_si128(B, K4); - B = _mm_aesenc_si128(B, K5); - B = _mm_aesenc_si128(B, K6); - B = _mm_aesenc_si128(B, K7); - B = _mm_aesenc_si128(B, K8); - B = _mm_aesenc_si128(B, K9); - B = _mm_aesenc_si128(B, K10); - B = _mm_aesenc_si128(B, K11); - B = _mm_aesenclast_si128(B, K12); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-192 Decryption -*/ -void AES_192_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&DK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - __m128i K11 = _mm_loadu_si128(key_mm + 11); - __m128i K12 = _mm_loadu_si128(key_mm + 12); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_DEC_4_ROUNDS(K1); - AES_DEC_4_ROUNDS(K2); - AES_DEC_4_ROUNDS(K3); - AES_DEC_4_ROUNDS(K4); - AES_DEC_4_ROUNDS(K5); - AES_DEC_4_ROUNDS(K6); - AES_DEC_4_ROUNDS(K7); - AES_DEC_4_ROUNDS(K8); - AES_DEC_4_ROUNDS(K9); - AES_DEC_4_ROUNDS(K10); - AES_DEC_4_ROUNDS(K11); - AES_DEC_4_LAST_ROUNDS(K12); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesdec_si128(B, K1); - B = _mm_aesdec_si128(B, K2); - B = _mm_aesdec_si128(B, K3); - B = _mm_aesdec_si128(B, K4); - B = _mm_aesdec_si128(B, K5); - B = _mm_aesdec_si128(B, K6); - B = _mm_aesdec_si128(B, K7); - B = _mm_aesdec_si128(B, K8); - B = _mm_aesdec_si128(B, K9); - B = _mm_aesdec_si128(B, K10); - B = _mm_aesdec_si128(B, K11); - B = _mm_aesdeclast_si128(B, K12); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-192 Key Schedule -*/ -void AES_192_NI::key_schedule(const byte key[], size_t) - { - EK.resize(52); - DK.resize(52); - - __m128i K0 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key)); - __m128i K1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key + 8)); - K1 = _mm_srli_si128(K1, 8); - - load_le(&EK[0], key, 6); - - #define AES_192_key_exp(RCON, EK_OFF) \ - aes_192_key_expansion(&K0, &K1, \ - _mm_aeskeygenassist_si128(K1, RCON), \ - &EK[EK_OFF], EK_OFF == 48) - - AES_192_key_exp(0x01, 6); - AES_192_key_exp(0x02, 12); - AES_192_key_exp(0x04, 18); - AES_192_key_exp(0x08, 24); - AES_192_key_exp(0x10, 30); - AES_192_key_exp(0x20, 36); - AES_192_key_exp(0x40, 42); - AES_192_key_exp(0x80, 48); - - #undef AES_192_key_exp - - // Now generate decryption keys - const __m128i* EK_mm = reinterpret_cast<const __m128i*>(&EK[0]); - - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - _mm_storeu_si128(DK_mm , _mm_loadu_si128(EK_mm + 12)); - _mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 11))); - _mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 10))); - _mm_storeu_si128(DK_mm + 3, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 9))); - _mm_storeu_si128(DK_mm + 4, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 8))); - _mm_storeu_si128(DK_mm + 5, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 7))); - _mm_storeu_si128(DK_mm + 6, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 6))); - _mm_storeu_si128(DK_mm + 7, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 5))); - _mm_storeu_si128(DK_mm + 8, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 4))); - _mm_storeu_si128(DK_mm + 9, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 3))); - _mm_storeu_si128(DK_mm + 10, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 2))); - _mm_storeu_si128(DK_mm + 11, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 1))); - _mm_storeu_si128(DK_mm + 12, _mm_loadu_si128(EK_mm + 0)); - } - -/* -* Clear memory of sensitive data -*/ -void AES_192_NI::clear() - { - zap(EK); - zap(DK); - } - -/* -* AES-256 Encryption -*/ -void AES_256_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&EK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - __m128i K11 = _mm_loadu_si128(key_mm + 11); - __m128i K12 = _mm_loadu_si128(key_mm + 12); - __m128i K13 = _mm_loadu_si128(key_mm + 13); - __m128i K14 = _mm_loadu_si128(key_mm + 14); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_ENC_4_ROUNDS(K1); - AES_ENC_4_ROUNDS(K2); - AES_ENC_4_ROUNDS(K3); - AES_ENC_4_ROUNDS(K4); - AES_ENC_4_ROUNDS(K5); - AES_ENC_4_ROUNDS(K6); - AES_ENC_4_ROUNDS(K7); - AES_ENC_4_ROUNDS(K8); - AES_ENC_4_ROUNDS(K9); - AES_ENC_4_ROUNDS(K10); - AES_ENC_4_ROUNDS(K11); - AES_ENC_4_ROUNDS(K12); - AES_ENC_4_ROUNDS(K13); - AES_ENC_4_LAST_ROUNDS(K14); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesenc_si128(B, K1); - B = _mm_aesenc_si128(B, K2); - B = _mm_aesenc_si128(B, K3); - B = _mm_aesenc_si128(B, K4); - B = _mm_aesenc_si128(B, K5); - B = _mm_aesenc_si128(B, K6); - B = _mm_aesenc_si128(B, K7); - B = _mm_aesenc_si128(B, K8); - B = _mm_aesenc_si128(B, K9); - B = _mm_aesenc_si128(B, K10); - B = _mm_aesenc_si128(B, K11); - B = _mm_aesenc_si128(B, K12); - B = _mm_aesenc_si128(B, K13); - B = _mm_aesenclast_si128(B, K14); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-256 Decryption -*/ -void AES_256_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* key_mm = reinterpret_cast<const __m128i*>(&DK[0]); - - __m128i K0 = _mm_loadu_si128(key_mm); - __m128i K1 = _mm_loadu_si128(key_mm + 1); - __m128i K2 = _mm_loadu_si128(key_mm + 2); - __m128i K3 = _mm_loadu_si128(key_mm + 3); - __m128i K4 = _mm_loadu_si128(key_mm + 4); - __m128i K5 = _mm_loadu_si128(key_mm + 5); - __m128i K6 = _mm_loadu_si128(key_mm + 6); - __m128i K7 = _mm_loadu_si128(key_mm + 7); - __m128i K8 = _mm_loadu_si128(key_mm + 8); - __m128i K9 = _mm_loadu_si128(key_mm + 9); - __m128i K10 = _mm_loadu_si128(key_mm + 10); - __m128i K11 = _mm_loadu_si128(key_mm + 11); - __m128i K12 = _mm_loadu_si128(key_mm + 12); - __m128i K13 = _mm_loadu_si128(key_mm + 13); - __m128i K14 = _mm_loadu_si128(key_mm + 14); - - while(blocks >= 4) - { - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - B0 = _mm_xor_si128(B0, K0); - B1 = _mm_xor_si128(B1, K0); - B2 = _mm_xor_si128(B2, K0); - B3 = _mm_xor_si128(B3, K0); - - AES_DEC_4_ROUNDS(K1); - AES_DEC_4_ROUNDS(K2); - AES_DEC_4_ROUNDS(K3); - AES_DEC_4_ROUNDS(K4); - AES_DEC_4_ROUNDS(K5); - AES_DEC_4_ROUNDS(K6); - AES_DEC_4_ROUNDS(K7); - AES_DEC_4_ROUNDS(K8); - AES_DEC_4_ROUNDS(K9); - AES_DEC_4_ROUNDS(K10); - AES_DEC_4_ROUNDS(K11); - AES_DEC_4_ROUNDS(K12); - AES_DEC_4_ROUNDS(K13); - AES_DEC_4_LAST_ROUNDS(K14); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B1); - _mm_storeu_si128(out_mm + 2, B2); - _mm_storeu_si128(out_mm + 3, B3); - - blocks -= 4; - in_mm += 4; - out_mm += 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - - B = _mm_xor_si128(B, K0); - - B = _mm_aesdec_si128(B, K1); - B = _mm_aesdec_si128(B, K2); - B = _mm_aesdec_si128(B, K3); - B = _mm_aesdec_si128(B, K4); - B = _mm_aesdec_si128(B, K5); - B = _mm_aesdec_si128(B, K6); - B = _mm_aesdec_si128(B, K7); - B = _mm_aesdec_si128(B, K8); - B = _mm_aesdec_si128(B, K9); - B = _mm_aesdec_si128(B, K10); - B = _mm_aesdec_si128(B, K11); - B = _mm_aesdec_si128(B, K12); - B = _mm_aesdec_si128(B, K13); - B = _mm_aesdeclast_si128(B, K14); - - _mm_storeu_si128(out_mm + i, B); - } - } - -/* -* AES-256 Key Schedule -*/ -void AES_256_NI::key_schedule(const byte key[], size_t) - { - EK.resize(60); - DK.resize(60); - - __m128i K0 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key)); - __m128i K1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key + 16)); - - __m128i K2 = aes_128_key_expansion(K0, _mm_aeskeygenassist_si128(K1, 0x01)); - __m128i K3 = aes_256_key_expansion(K1, K2); - - __m128i K4 = aes_128_key_expansion(K2, _mm_aeskeygenassist_si128(K3, 0x02)); - __m128i K5 = aes_256_key_expansion(K3, K4); - - __m128i K6 = aes_128_key_expansion(K4, _mm_aeskeygenassist_si128(K5, 0x04)); - __m128i K7 = aes_256_key_expansion(K5, K6); - - __m128i K8 = aes_128_key_expansion(K6, _mm_aeskeygenassist_si128(K7, 0x08)); - __m128i K9 = aes_256_key_expansion(K7, K8); - - __m128i K10 = aes_128_key_expansion(K8, _mm_aeskeygenassist_si128(K9, 0x10)); - __m128i K11 = aes_256_key_expansion(K9, K10); - - __m128i K12 = aes_128_key_expansion(K10, _mm_aeskeygenassist_si128(K11, 0x20)); - __m128i K13 = aes_256_key_expansion(K11, K12); - - __m128i K14 = aes_128_key_expansion(K12, _mm_aeskeygenassist_si128(K13, 0x40)); - - __m128i* EK_mm = reinterpret_cast<__m128i*>(&EK[0]); - _mm_storeu_si128(EK_mm , K0); - _mm_storeu_si128(EK_mm + 1, K1); - _mm_storeu_si128(EK_mm + 2, K2); - _mm_storeu_si128(EK_mm + 3, K3); - _mm_storeu_si128(EK_mm + 4, K4); - _mm_storeu_si128(EK_mm + 5, K5); - _mm_storeu_si128(EK_mm + 6, K6); - _mm_storeu_si128(EK_mm + 7, K7); - _mm_storeu_si128(EK_mm + 8, K8); - _mm_storeu_si128(EK_mm + 9, K9); - _mm_storeu_si128(EK_mm + 10, K10); - _mm_storeu_si128(EK_mm + 11, K11); - _mm_storeu_si128(EK_mm + 12, K12); - _mm_storeu_si128(EK_mm + 13, K13); - _mm_storeu_si128(EK_mm + 14, K14); - - // Now generate decryption keys - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - _mm_storeu_si128(DK_mm , K14); - _mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(K13)); - _mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(K12)); - _mm_storeu_si128(DK_mm + 3, _mm_aesimc_si128(K11)); - _mm_storeu_si128(DK_mm + 4, _mm_aesimc_si128(K10)); - _mm_storeu_si128(DK_mm + 5, _mm_aesimc_si128(K9)); - _mm_storeu_si128(DK_mm + 6, _mm_aesimc_si128(K8)); - _mm_storeu_si128(DK_mm + 7, _mm_aesimc_si128(K7)); - _mm_storeu_si128(DK_mm + 8, _mm_aesimc_si128(K6)); - _mm_storeu_si128(DK_mm + 9, _mm_aesimc_si128(K5)); - _mm_storeu_si128(DK_mm + 10, _mm_aesimc_si128(K4)); - _mm_storeu_si128(DK_mm + 11, _mm_aesimc_si128(K3)); - _mm_storeu_si128(DK_mm + 12, _mm_aesimc_si128(K2)); - _mm_storeu_si128(DK_mm + 13, _mm_aesimc_si128(K1)); - _mm_storeu_si128(DK_mm + 14, K0); - } - -/* -* Clear memory of sensitive data -*/ -void AES_256_NI::clear() - { - zap(EK); - zap(DK); - } - -#undef AES_ENC_4_ROUNDS -#undef AES_ENC_4_LAST_ROUNDS -#undef AES_DEC_4_ROUNDS -#undef AES_DEC_4_LAST_ROUNDS - -} diff --git a/src/block/aes_ni/aes_ni.h b/src/block/aes_ni/aes_ni.h deleted file mode 100644 index aac6b0808..000000000 --- a/src/block/aes_ni/aes_ni.h +++ /dev/null @@ -1,77 +0,0 @@ -/* -* AES using AES-NI instructions -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_AES_NI_H__ -#define BOTAN_AES_NI_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* AES-128 using AES-NI -*/ -class BOTAN_DLL AES_128_NI : public Block_Cipher_Fixed_Params<16, 16> - { - public: - size_t parallelism() const { return 4; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-128"; } - BlockCipher* clone() const { return new AES_128_NI; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -/** -* AES-192 using AES-NI -*/ -class BOTAN_DLL AES_192_NI : public Block_Cipher_Fixed_Params<16, 24> - { - public: - size_t parallelism() const { return 4; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-192"; } - BlockCipher* clone() const { return new AES_192_NI; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -/** -* AES-256 using AES-NI -*/ -class BOTAN_DLL AES_256_NI : public Block_Cipher_Fixed_Params<16, 32> - { - public: - size_t parallelism() const { return 4; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-256"; } - BlockCipher* clone() const { return new AES_256_NI; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -} - -#endif diff --git a/src/block/aes_ni/info.txt b/src/block/aes_ni/info.txt deleted file mode 100644 index 270b00d9d..000000000 --- a/src/block/aes_ni/info.txt +++ /dev/null @@ -1,9 +0,0 @@ -define AES_NI 20131128 - -load_on auto - -need_isa aesni - -<requires> -aes_isa_eng -</requires> diff --git a/src/block/aes_ssse3/aes_ssse3.cpp b/src/block/aes_ssse3/aes_ssse3.cpp deleted file mode 100644 index 476b004bb..000000000 --- a/src/block/aes_ssse3/aes_ssse3.cpp +++ /dev/null @@ -1,608 +0,0 @@ -/* -* AES using SSSE3 -* (C) 2010 Jack Lloyd -* -* This is more or less a direct translation of public domain x86-64 -* assembly written by Mike Hamburg, described in "Accelerating AES -* with Vector Permute Instructions" (CHES 2009). His original code is -* available at http://crypto.stanford.edu/vpaes/ -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/aes_ssse3.h> -#include <tmmintrin.h> - -namespace Botan { - -namespace { - -const __m128i low_nibs = _mm_set1_epi8(0x0F); - -const __m128i k_ipt1 = _mm_set_epi32( - 0xCABAE090, 0x52227808, 0xC2B2E898, 0x5A2A7000); -const __m128i k_ipt2 = _mm_set_epi32( - 0xCD80B1FC, 0xB0FDCC81, 0x4C01307D, 0x317C4D00); - -const __m128i k_inv1 = _mm_set_epi32( - 0x04070309, 0x0A0B0C02, 0x0E05060F, 0x0D080180); -const __m128i k_inv2 = _mm_set_epi32( - 0x030D0E0C, 0x02050809, 0x01040A06, 0x0F0B0780); - -const __m128i sb1u = _mm_set_epi32( - 0xA5DF7A6E, 0x142AF544, 0xB19BE18F, 0xCB503E00); -const __m128i sb1t = _mm_set_epi32( - 0x3BF7CCC1, 0x0D2ED9EF, 0x3618D415, 0xFAE22300); - -const __m128i mc_forward[4] = { - _mm_set_epi32(0x0C0F0E0D, 0x080B0A09, 0x04070605, 0x00030201), - _mm_set_epi32(0x00030201, 0x0C0F0E0D, 0x080B0A09, 0x04070605), - _mm_set_epi32(0x04070605, 0x00030201, 0x0C0F0E0D, 0x080B0A09), - _mm_set_epi32(0x080B0A09, 0x04070605, 0x00030201, 0x0C0F0E0D) -}; - -const __m128i sr[4] = { - _mm_set_epi32(0x0F0E0D0C, 0x0B0A0908, 0x07060504, 0x03020100), - _mm_set_epi32(0x0B06010C, 0x07020D08, 0x030E0904, 0x0F0A0500), - _mm_set_epi32(0x070E050C, 0x030A0108, 0x0F060D04, 0x0B020900), - _mm_set_epi32(0x0306090C, 0x0F020508, 0x0B0E0104, 0x070A0D00), -}; - -#define mm_xor3(x, y, z) _mm_xor_si128(x, _mm_xor_si128(y, z)) - -__m128i aes_schedule_transform(__m128i input, - __m128i table_1, - __m128i table_2) - { - __m128i i_1 = _mm_and_si128(low_nibs, input); - __m128i i_2 = _mm_srli_epi32(_mm_andnot_si128(low_nibs, input), 4); - - input = _mm_and_si128(low_nibs, input); - - return _mm_xor_si128( - _mm_shuffle_epi8(table_1, i_1), - _mm_shuffle_epi8(table_2, i_2)); - } - -__m128i aes_schedule_mangle(__m128i k, byte round_no) - { - __m128i t = _mm_shuffle_epi8(_mm_xor_si128(k, _mm_set1_epi8(0x5B)), - mc_forward[0]); - - __m128i t2 = t; - - t = _mm_shuffle_epi8(t, mc_forward[0]); - - t2 = mm_xor3(t2, t, _mm_shuffle_epi8(t, mc_forward[0])); - - return _mm_shuffle_epi8(t2, sr[round_no % 4]); - } - -__m128i aes_schedule_192_smear(__m128i x, __m128i y) - { - return mm_xor3(y, - _mm_shuffle_epi32(x, 0xFE), - _mm_shuffle_epi32(y, 0x80)); - } - -__m128i aes_schedule_mangle_dec(__m128i k, byte round_no) - { - const __m128i dsk[8] = { - _mm_set_epi32(0x4AED9334, 0x82255BFC, 0xB6116FC8, 0x7ED9A700), - _mm_set_epi32(0x8BB89FAC, 0xE9DAFDCE, 0x45765162, 0x27143300), - _mm_set_epi32(0x4622EE8A, 0xADC90561, 0x27438FEB, 0xCCA86400), - _mm_set_epi32(0x73AEE13C, 0xBD602FF2, 0x815C13CE, 0x4F92DD00), - _mm_set_epi32(0xF83F3EF9, 0xFA3D3CFB, 0x03C4C502, 0x01C6C700), - _mm_set_epi32(0xA5526A9D, 0x7384BC4B, 0xEE1921D6, 0x38CFF700), - _mm_set_epi32(0xA080D3F3, 0x10306343, 0xE3C390B0, 0x53732000), - _mm_set_epi32(0x2F45AEC4, 0x8CE60D67, 0xA0CA214B, 0x036982E8) - }; - - __m128i t = aes_schedule_transform(k, dsk[0], dsk[1]); - __m128i output = _mm_shuffle_epi8(t, mc_forward[0]); - - t = aes_schedule_transform(t, dsk[2], dsk[3]); - output = _mm_shuffle_epi8(_mm_xor_si128(t, output), mc_forward[0]); - - t = aes_schedule_transform(t, dsk[4], dsk[5]); - output = _mm_shuffle_epi8(_mm_xor_si128(t, output), mc_forward[0]); - - t = aes_schedule_transform(t, dsk[6], dsk[7]); - output = _mm_shuffle_epi8(_mm_xor_si128(t, output), mc_forward[0]); - - return _mm_shuffle_epi8(output, sr[round_no % 4]); - } - -__m128i aes_schedule_mangle_last(__m128i k, byte round_no) - { - const __m128i out_tr1 = _mm_set_epi32( - 0xF7974121, 0xDEBE6808, 0xFF9F4929, 0xD6B66000); - const __m128i out_tr2 = _mm_set_epi32( - 0xE10D5DB1, 0xB05C0CE0, 0x01EDBD51, 0x50BCEC00); - - k = _mm_shuffle_epi8(k, sr[round_no % 4]); - k = _mm_xor_si128(k, _mm_set1_epi8(0x5B)); - return aes_schedule_transform(k, out_tr1, out_tr2); - } - -__m128i aes_schedule_mangle_last_dec(__m128i k) - { - const __m128i deskew1 = _mm_set_epi32( - 0x1DFEB95A, 0x5DBEF91A, 0x07E4A340, 0x47A4E300); - const __m128i deskew2 = _mm_set_epi32( - 0x2841C2AB, 0xF49D1E77, 0x5F36B5DC, 0x83EA6900); - - k = _mm_xor_si128(k, _mm_set1_epi8(0x5B)); - return aes_schedule_transform(k, deskew1, deskew2); - } - -__m128i aes_schedule_round(__m128i* rcon, __m128i input1, __m128i input2) - { - if(rcon) - { - input2 = _mm_xor_si128(_mm_alignr_epi8(_mm_setzero_si128(), *rcon, 15), - input2); - - *rcon = _mm_alignr_epi8(*rcon, *rcon, 15); // next rcon - - input1 = _mm_shuffle_epi32(input1, 0xFF); // rotate - input1 = _mm_alignr_epi8(input1, input1, 1); - } - - __m128i smeared = _mm_xor_si128(input2, _mm_slli_si128(input2, 4)); - smeared = mm_xor3(smeared, _mm_slli_si128(smeared, 8), _mm_set1_epi8(0x5B)); - - __m128i t = _mm_srli_epi32(_mm_andnot_si128(low_nibs, input1), 4); - - input1 = _mm_and_si128(low_nibs, input1); - - __m128i t2 = _mm_shuffle_epi8(k_inv2, input1); - - input1 = _mm_xor_si128(input1, t); - - __m128i t3 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, t)); - __m128i t4 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, input1)); - - __m128i t5 = _mm_xor_si128(input1, _mm_shuffle_epi8(k_inv1, t3)); - __m128i t6 = _mm_xor_si128(t, _mm_shuffle_epi8(k_inv1, t4)); - - return mm_xor3(_mm_shuffle_epi8(sb1u, t5), - _mm_shuffle_epi8(sb1t, t6), - smeared); - } - -__m128i aes_ssse3_encrypt(__m128i B, const __m128i* keys, size_t rounds) - { - const __m128i sb2u = _mm_set_epi32( - 0x5EB7E955, 0xBC982FCD, 0xE27A93C6, 0x0B712400); - const __m128i sb2t = _mm_set_epi32( - 0xC2A163C8, 0xAB82234A, 0x69EB8840, 0x0AE12900); - - const __m128i sbou = _mm_set_epi32( - 0x15AABF7A, 0xC502A878, 0xD0D26D17, 0x6FBDC700); - const __m128i sbot = _mm_set_epi32( - 0x8E1E90D1, 0x412B35FA, 0xCFE474A5, 0x5FBB6A00); - - const __m128i mc_backward[4] = { - _mm_set_epi32(0x0E0D0C0F, 0x0A09080B, 0x06050407, 0x02010003), - _mm_set_epi32(0x0A09080B, 0x06050407, 0x02010003, 0x0E0D0C0F), - _mm_set_epi32(0x06050407, 0x02010003, 0x0E0D0C0F, 0x0A09080B), - _mm_set_epi32(0x02010003, 0x0E0D0C0F, 0x0A09080B, 0x06050407), - }; - - B = mm_xor3(_mm_shuffle_epi8(k_ipt1, _mm_and_si128(low_nibs, B)), - _mm_shuffle_epi8(k_ipt2, - _mm_srli_epi32( - _mm_andnot_si128(low_nibs, B), - 4)), - _mm_loadu_si128(keys)); - - for(size_t r = 1; ; ++r) - { - const __m128i K = _mm_loadu_si128(keys + r); - - __m128i t = _mm_srli_epi32(_mm_andnot_si128(low_nibs, B), 4); - - B = _mm_and_si128(low_nibs, B); - - __m128i t2 = _mm_shuffle_epi8(k_inv2, B); - - B = _mm_xor_si128(B, t); - - __m128i t3 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, t)); - __m128i t4 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, B)); - - __m128i t5 = _mm_xor_si128(B, _mm_shuffle_epi8(k_inv1, t3)); - __m128i t6 = _mm_xor_si128(t, _mm_shuffle_epi8(k_inv1, t4)); - - if(r == rounds) - { - B = _mm_shuffle_epi8( - mm_xor3(_mm_shuffle_epi8(sbou, t5), - _mm_shuffle_epi8(sbot, t6), - K), - sr[r % 4]); - - return B; - } - - __m128i t7 = mm_xor3(_mm_shuffle_epi8(sb1t, t6), - _mm_shuffle_epi8(sb1u, t5), - K); - - __m128i t8 = mm_xor3(_mm_shuffle_epi8(sb2t, t6), - _mm_shuffle_epi8(sb2u, t5), - _mm_shuffle_epi8(t7, mc_forward[r % 4])); - - B = mm_xor3(_mm_shuffle_epi8(t8, mc_forward[r % 4]), - _mm_shuffle_epi8(t7, mc_backward[r % 4]), - t8); - } - } - -__m128i aes_ssse3_decrypt(__m128i B, const __m128i* keys, size_t rounds) - { - const __m128i k_dipt1 = _mm_set_epi32( - 0x154A411E, 0x114E451A, 0x0F505B04, 0x0B545F00); - const __m128i k_dipt2 = _mm_set_epi32( - 0x12771772, 0xF491F194, 0x86E383E6, 0x60056500); - - const __m128i sb9u = _mm_set_epi32( - 0xCAD51F50, 0x4F994CC9, 0x851C0353, 0x9A86D600); - const __m128i sb9t = _mm_set_epi32( - 0x725E2C9E, 0xB2FBA565, 0xC03B1789, 0xECD74900); - - const __m128i sbeu = _mm_set_epi32( - 0x22426004, 0x64B4F6B0, 0x46F29296, 0x26D4D000); - const __m128i sbet = _mm_set_epi32( - 0x9467F36B, 0x98593E32, 0x0C55A6CD, 0xFFAAC100); - - const __m128i sbdu = _mm_set_epi32( - 0xF56E9B13, 0x882A4439, 0x7D57CCDF, 0xE6B1A200); - const __m128i sbdt = _mm_set_epi32( - 0x2931180D, 0x15DEEFD3, 0x3CE2FAF7, 0x24C6CB00); - - const __m128i sbbu = _mm_set_epi32( - 0x602646F6, 0xB0F2D404, 0xD0226492, 0x96B44200); - const __m128i sbbt = _mm_set_epi32( - 0xF3FF0C3E, 0x3255AA6B, 0xC19498A6, 0xCD596700); - - __m128i mc = mc_forward[3]; - - __m128i t = - _mm_shuffle_epi8(k_dipt2, - _mm_srli_epi32( - _mm_andnot_si128(low_nibs, B), - 4)); - - B = mm_xor3(t, _mm_loadu_si128(keys), - _mm_shuffle_epi8(k_dipt1, _mm_and_si128(B, low_nibs))); - - for(size_t r = 1; ; ++r) - { - const __m128i K = _mm_loadu_si128(keys + r); - - t = _mm_srli_epi32(_mm_andnot_si128(low_nibs, B), 4); - - B = _mm_and_si128(low_nibs, B); - - __m128i t2 = _mm_shuffle_epi8(k_inv2, B); - - B = _mm_xor_si128(B, t); - - __m128i t3 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, t)); - __m128i t4 = _mm_xor_si128(t2, _mm_shuffle_epi8(k_inv1, B)); - __m128i t5 = _mm_xor_si128(B, _mm_shuffle_epi8(k_inv1, t3)); - __m128i t6 = _mm_xor_si128(t, _mm_shuffle_epi8(k_inv1, t4)); - - if(r == rounds) - { - const __m128i sbou = _mm_set_epi32( - 0xC7AA6DB9, 0xD4943E2D, 0x1387EA53, 0x7EF94000); - const __m128i sbot = _mm_set_epi32( - 0xCA4B8159, 0xD8C58E9C, 0x12D7560F, 0x93441D00); - - __m128i x = _mm_shuffle_epi8(sbou, t5); - __m128i y = _mm_shuffle_epi8(sbot, t6); - x = _mm_xor_si128(x, K); - x = _mm_xor_si128(x, y); - - const u32bit which_sr = ((((rounds - 1) << 4) ^ 48) & 48) / 16; - return _mm_shuffle_epi8(x, sr[which_sr]); - } - - __m128i t8 = _mm_xor_si128(_mm_shuffle_epi8(sb9t, t6), - _mm_xor_si128(_mm_shuffle_epi8(sb9u, t5), K)); - - __m128i t9 = mm_xor3(_mm_shuffle_epi8(t8, mc), - _mm_shuffle_epi8(sbdu, t5), - _mm_shuffle_epi8(sbdt, t6)); - - __m128i t12 = _mm_xor_si128( - _mm_xor_si128( - _mm_shuffle_epi8(t9, mc), - _mm_shuffle_epi8(sbbu, t5)), - _mm_shuffle_epi8(sbbt, t6)); - - B = _mm_xor_si128(_mm_xor_si128(_mm_shuffle_epi8(t12, mc), - _mm_shuffle_epi8(sbeu, t5)), - _mm_shuffle_epi8(sbet, t6)); - - mc = _mm_alignr_epi8(mc, mc, 12); - } - } - -} - -/* -* AES-128 Encryption -*/ -void AES_128_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&EK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 10)); - } - } - -/* -* AES-128 Decryption -*/ -void AES_128_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&DK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 10)); - } - } - -/* -* AES-128 Key Schedule -*/ -void AES_128_SSSE3::key_schedule(const byte keyb[], size_t) - { - __m128i rcon = _mm_set_epi32(0x702A9808, 0x4D7C7D81, - 0x1F8391B9, 0xAF9DEEB6); - - __m128i key = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb)); - - EK.resize(11*4); - DK.resize(11*4); - - __m128i* EK_mm = reinterpret_cast<__m128i*>(&EK[0]); - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - - _mm_storeu_si128(DK_mm + 10, _mm_shuffle_epi8(key, sr[2])); - - key = aes_schedule_transform(key, k_ipt1, k_ipt2); - - _mm_storeu_si128(EK_mm, key); - - for(size_t i = 1; i != 10; ++i) - { - key = aes_schedule_round(&rcon, key, key); - - _mm_storeu_si128(EK_mm + i, - aes_schedule_mangle(key, (12-i) % 4)); - - _mm_storeu_si128(DK_mm + (10-i), - aes_schedule_mangle_dec(key, (10-i) % 4)); - } - - key = aes_schedule_round(&rcon, key, key); - _mm_storeu_si128(EK_mm + 10, aes_schedule_mangle_last(key, 2)); - _mm_storeu_si128(DK_mm, aes_schedule_mangle_last_dec(key)); - } - -void AES_128_SSSE3::clear() - { - zap(EK); - zap(DK); - } - -/* -* AES-192 Encryption -*/ -void AES_192_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&EK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 12)); - } - } - -/* -* AES-192 Decryption -*/ -void AES_192_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&DK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 12)); - } - } - -/* -* AES-192 Key Schedule -*/ -void AES_192_SSSE3::key_schedule(const byte keyb[], size_t) - { - __m128i rcon = _mm_set_epi32(0x702A9808, 0x4D7C7D81, - 0x1F8391B9, 0xAF9DEEB6); - - EK.resize(13*4); - DK.resize(13*4); - - __m128i* EK_mm = reinterpret_cast<__m128i*>(&EK[0]); - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - - __m128i key1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb)); - __m128i key2 = _mm_loadu_si128(reinterpret_cast<const __m128i*>((keyb + 8))); - - _mm_storeu_si128(DK_mm + 12, _mm_shuffle_epi8(key1, sr[0])); - - key1 = aes_schedule_transform(key1, k_ipt1, k_ipt2); - key2 = aes_schedule_transform(key2, k_ipt1, k_ipt2); - - _mm_storeu_si128(EK_mm + 0, key1); - - // key2 with 8 high bytes masked off - __m128i t = _mm_slli_si128(_mm_srli_si128(key2, 8), 8); - - for(size_t i = 0; i != 4; ++i) - { - key2 = aes_schedule_round(&rcon, key2, key1); - - _mm_storeu_si128(EK_mm + 3*i+1, - aes_schedule_mangle(_mm_alignr_epi8(key2, t, 8), (i+3)%4)); - _mm_storeu_si128(DK_mm + 11-3*i, - aes_schedule_mangle_dec(_mm_alignr_epi8(key2, t, 8), (i+3)%4)); - - t = aes_schedule_192_smear(key2, t); - - _mm_storeu_si128(EK_mm + 3*i+2, - aes_schedule_mangle(t, (i+2)%4)); - _mm_storeu_si128(DK_mm + 10-3*i, - aes_schedule_mangle_dec(t, (i+2)%4)); - - key2 = aes_schedule_round(&rcon, t, key2); - - if(i == 3) - { - _mm_storeu_si128(EK_mm + 3*i+3, - aes_schedule_mangle_last(key2, (i+1)%4)); - _mm_storeu_si128(DK_mm + 9-3*i, - aes_schedule_mangle_last_dec(key2)); - } - else - { - _mm_storeu_si128(EK_mm + 3*i+3, - aes_schedule_mangle(key2, (i+1)%4)); - _mm_storeu_si128(DK_mm + 9-3*i, - aes_schedule_mangle_dec(key2, (i+1)%4)); - } - - key1 = key2; - key2 = aes_schedule_192_smear(key2, - _mm_slli_si128(_mm_srli_si128(t, 8), 8)); - t = _mm_slli_si128(_mm_srli_si128(key2, 8), 8); - } - } - -void AES_192_SSSE3::clear() - { - zap(EK); - zap(DK); - } - -/* -* AES-256 Encryption -*/ -void AES_256_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&EK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 14)); - } - } - -/* -* AES-256 Decryption -*/ -void AES_256_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - const __m128i* keys = reinterpret_cast<const __m128i*>(&DK[0]); - - for(size_t i = 0; i != blocks; ++i) - { - __m128i B = _mm_loadu_si128(in_mm + i); - _mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 14)); - } - } - -/* -* AES-256 Key Schedule -*/ -void AES_256_SSSE3::key_schedule(const byte keyb[], size_t) - { - __m128i rcon = _mm_set_epi32(0x702A9808, 0x4D7C7D81, - 0x1F8391B9, 0xAF9DEEB6); - - EK.resize(15*4); - DK.resize(15*4); - - __m128i* EK_mm = reinterpret_cast<__m128i*>(&EK[0]); - __m128i* DK_mm = reinterpret_cast<__m128i*>(&DK[0]); - - __m128i key1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb)); - __m128i key2 = _mm_loadu_si128(reinterpret_cast<const __m128i*>((keyb + 16))); - - _mm_storeu_si128(DK_mm + 14, _mm_shuffle_epi8(key1, sr[2])); - - key1 = aes_schedule_transform(key1, k_ipt1, k_ipt2); - key2 = aes_schedule_transform(key2, k_ipt1, k_ipt2); - - _mm_storeu_si128(EK_mm + 0, key1); - _mm_storeu_si128(EK_mm + 1, aes_schedule_mangle(key2, 3)); - - _mm_storeu_si128(DK_mm + 13, aes_schedule_mangle_dec(key2, 1)); - - for(size_t i = 2; i != 14; i += 2) - { - __m128i k_t = key2; - key1 = key2 = aes_schedule_round(&rcon, key2, key1); - - _mm_storeu_si128(EK_mm + i, aes_schedule_mangle(key2, i % 4)); - _mm_storeu_si128(DK_mm + (14-i), aes_schedule_mangle_dec(key2, (i+2) % 4)); - - key2 = aes_schedule_round(nullptr, _mm_shuffle_epi32(key2, 0xFF), k_t); - _mm_storeu_si128(EK_mm + i + 1, aes_schedule_mangle(key2, (i - 1) % 4)); - _mm_storeu_si128(DK_mm + (13-i), aes_schedule_mangle_dec(key2, (i+1) % 4)); - } - - key2 = aes_schedule_round(&rcon, key2, key1); - - _mm_storeu_si128(EK_mm + 14, aes_schedule_mangle_last(key2, 2)); - _mm_storeu_si128(DK_mm + 0, aes_schedule_mangle_last_dec(key2)); - } - -void AES_256_SSSE3::clear() - { - zap(EK); - zap(DK); - } - -} diff --git a/src/block/aes_ssse3/aes_ssse3.h b/src/block/aes_ssse3/aes_ssse3.h deleted file mode 100644 index 938abeae3..000000000 --- a/src/block/aes_ssse3/aes_ssse3.h +++ /dev/null @@ -1,71 +0,0 @@ -/* -* AES using SSSE3 -* (C) 2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_AES_SSSE3_H__ -#define BOTAN_AES_SSSE3_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* AES-128 using SSSE3 -*/ -class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-128"; } - BlockCipher* clone() const { return new AES_128_SSSE3; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -/** -* AES-192 using SSSE3 -*/ -class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-192"; } - BlockCipher* clone() const { return new AES_192_SSSE3; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -/** -* AES-256 using SSSE3 -*/ -class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "AES-256"; } - BlockCipher* clone() const { return new AES_256_SSSE3; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK, DK; - }; - -} - -#endif diff --git a/src/block/aes_ssse3/info.txt b/src/block/aes_ssse3/info.txt deleted file mode 100644 index 4b1aec535..000000000 --- a/src/block/aes_ssse3/info.txt +++ /dev/null @@ -1,17 +0,0 @@ -define AES_SSSE3 20131128 - -load_on auto - -need_isa ssse3 - -<requires> -simd_engine -</requires> - -# Intel C++ can't deal with syntax for defining constants :( -<cc> -gcc -clang -msvc -sunstudio -</cc> diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h deleted file mode 100644 index 5cbd6bdae..000000000 --- a/src/block/block_cipher.h +++ /dev/null @@ -1,162 +0,0 @@ -/* -* Block Cipher Base Class -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_BLOCK_CIPHER_H__ -#define BOTAN_BLOCK_CIPHER_H__ - -#include <botan/sym_algo.h> - -namespace Botan { - -/** -* This class represents a block cipher object. -*/ -class BOTAN_DLL BlockCipher : public SymmetricAlgorithm - { - public: - - /** - * @return block size of this algorithm - */ - virtual size_t block_size() const = 0; - - /** - * @return native parallelism of this cipher in blocks - */ - virtual size_t parallelism() const { return 1; } - - /** - * @return prefererred parallelism of this cipher in bytes - */ - size_t parallel_bytes() const - { - return parallelism() * block_size() * BOTAN_BLOCK_CIPHER_PAR_MULT; - } - - /** - * Encrypt a block. - * @param in The plaintext block to be encrypted as a byte array. - * Must be of length block_size(). - * @param out The byte array designated to hold the encrypted block. - * Must be of length block_size(). - */ - void encrypt(const byte in[], byte out[]) const - { encrypt_n(in, out, 1); } - - /** - * Decrypt a block. - * @param in The ciphertext block to be decypted as a byte array. - * Must be of length block_size(). - * @param out The byte array designated to hold the decrypted block. - * Must be of length block_size(). - */ - void decrypt(const byte in[], byte out[]) const - { decrypt_n(in, out, 1); } - - /** - * Encrypt a block. - * @param block the plaintext block to be encrypted - * Must be of length block_size(). Will hold the result when the function - * has finished. - */ - void encrypt(byte block[]) const { encrypt_n(block, block, 1); } - - /** - * Decrypt a block. - * @param block the ciphertext block to be decrypted - * Must be of length block_size(). Will hold the result when the function - * has finished. - */ - void decrypt(byte block[]) const { decrypt_n(block, block, 1); } - - /** - * Encrypt one or more blocks - * @param block the input/output buffer (multiple of block_size()) - */ - template<typename Alloc> - void encrypt(std::vector<byte, Alloc>& block) const - { - return encrypt_n(&block[0], &block[0], block.size() / block_size()); - } - - /** - * Decrypt one or more blocks - * @param block the input/output buffer (multiple of block_size()) - */ - template<typename Alloc> - void decrypt(std::vector<byte, Alloc>& block) const - { - return decrypt_n(&block[0], &block[0], block.size() / block_size()); - } - - /** - * Encrypt one or more blocks - * @param in the input buffer (multiple of block_size()) - * @param out the output buffer (same size as in) - */ - template<typename Alloc, typename Alloc2> - void encrypt(const std::vector<byte, Alloc>& in, - std::vector<byte, Alloc2>& out) const - { - return encrypt_n(&in[0], &out[0], in.size() / block_size()); - } - - /** - * Decrypt one or more blocks - * @param in the input buffer (multiple of block_size()) - * @param out the output buffer (same size as in) - */ - template<typename Alloc, typename Alloc2> - void decrypt(const std::vector<byte, Alloc>& in, - std::vector<byte, Alloc2>& out) const - { - return decrypt_n(&in[0], &out[0], in.size() / block_size()); - } - - /** - * Encrypt one or more blocks - * @param in the input buffer (multiple of block_size()) - * @param out the output buffer (same size as in) - * @param blocks the number of blocks to process - */ - virtual void encrypt_n(const byte in[], byte out[], - size_t blocks) const = 0; - - /** - * Decrypt one or more blocks - * @param in the input buffer (multiple of block_size()) - * @param out the output buffer (same size as in) - * @param blocks the number of blocks to process - */ - virtual void decrypt_n(const byte in[], byte out[], - size_t blocks) const = 0; - - /** - * @return new object representing the same algorithm as *this - */ - virtual BlockCipher* clone() const = 0; - }; - -/** -* Represents a block cipher with a single fixed block size -*/ -template<size_t BS, size_t KMIN, size_t KMAX = 0, size_t KMOD = 1> -class Block_Cipher_Fixed_Params : public BlockCipher - { - public: - enum { BLOCK_SIZE = BS }; - size_t block_size() const { return BS; } - - Key_Length_Specification key_spec() const - { - return Key_Length_Specification(KMIN, KMAX, KMOD); - } - }; - -} - -#endif diff --git a/src/block/blowfish/blfs_tab.cpp b/src/block/blowfish/blfs_tab.cpp deleted file mode 100644 index 070fa6c69..000000000 --- a/src/block/blowfish/blfs_tab.cpp +++ /dev/null @@ -1,190 +0,0 @@ -/* -* S-Box and P-Box Tables for Blowfish -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/blowfish.h> - -namespace Botan { - -const u32bit Blowfish::P_INIT[18] = { - 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0, - 0x082EFA98, 0xEC4E6C89, 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, - 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, 0x9216D5D9, 0x8979FB1B }; - -const u32bit Blowfish::S_INIT[1024] = { - 0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, 0xB8E1AFED, 0x6A267E96, - 0xBA7C9045, 0xF12C7F99, 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, - 0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, 0x0D95748F, 0x728EB658, - 0x718BCD58, 0x82154AEE, 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013, - 0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, 0x8E79DCB0, 0x603A180E, - 0x6C9E0E8B, 0xB01E8A3E, 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, - 0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, 0x55CA396A, 0x2AAB10B6, - 0xB4CC5C34, 0x1141E8CE, 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A, - 0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, 0xAFD6BA33, 0x6C24CF5C, - 0x7A325381, 0x28958677, 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, - 0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, 0xEF845D5D, 0xE98575B1, - 0xDC262302, 0xEB651B88, 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239, - 0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, 0x21C66842, 0xF6E96C9A, - 0x670C9C61, 0xABD388F0, 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, - 0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, 0xA1F1651D, 0x39AF0176, - 0x66CA593E, 0x82430E88, 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE, - 0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, 0x4ED3AA62, 0x363F7706, - 0x1BFEDF72, 0x429B023D, 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, - 0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, 0xE3FE501A, 0xB6794C3B, - 0x976CE0BD, 0x04C006BA, 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463, - 0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, 0x6DFC511F, 0x9B30952C, - 0xCC814544, 0xAF5EBD09, 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3, - 0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, 0x5579C0BD, 0x1A60320A, - 0xD6A100C6, 0x402C7279, 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8, - 0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, 0x323DB5FA, 0xFD238760, - 0x53317B48, 0x3E00DF82, 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB, - 0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, 0x695B27B0, 0xBBCA58C8, - 0xE1FFA35D, 0xB8F011A0, 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B, - 0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, 0xE1DDF2DA, 0xA4CB7E33, - 0x62FB1341, 0xCEE4C6E8, 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4, - 0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, 0xD08ED1D0, 0xAFC725E0, - 0x8E3C5B2F, 0x8E7594B7, 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C, - 0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, 0x2F2F2218, 0xBE0E1777, - 0xEA752DFE, 0x8B021FA1, 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299, - 0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, 0x165FA266, 0x80957705, - 0x93CC7314, 0x211A1477, 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF, - 0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, 0x00250E2D, 0x2071B35E, - 0x226800BB, 0x57B8E0AF, 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA, - 0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, 0x83260376, 0x6295CFA9, - 0x11C81968, 0x4E734A41, 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915, - 0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, 0x08BA6FB5, 0x571BE91F, - 0xF296EC6B, 0x2A0DD915, 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664, - 0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A, 0x4B7A70E9, 0xB5B32944, - 0xDB75092E, 0xC4192623, 0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266, - 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1, 0x193602A5, 0x75094C29, - 0xA0591340, 0xE4183A3E, 0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6, - 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1, 0x4CDD2086, 0x8470EB26, - 0x6382E9C6, 0x021ECC5E, 0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1, - 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737, 0x3E07841C, 0x7FDEAE5C, - 0x8E7D44EC, 0x5716F2B8, 0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF, - 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD, 0xD19113F9, 0x7CA92FF6, - 0x94324773, 0x22F54701, 0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7, - 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41, 0xE238CD99, 0x3BEA0E2F, - 0x3280BBA1, 0x183EB331, 0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF, - 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF, 0xDE9A771F, 0xD9930810, - 0xB38BAE12, 0xDCCF3F2E, 0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87, - 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C, 0xEC7AEC3A, 0xDB851DFA, - 0x63094366, 0xC464C3D2, 0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16, - 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD, 0x71DFF89E, 0x10314E55, - 0x81AC77D6, 0x5F11199B, 0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509, - 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E, 0x86E34570, 0xEAE96FB1, - 0x860E5E0A, 0x5A3E2AB3, 0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F, - 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A, 0xC6150EBA, 0x94E2EA78, - 0xA5FC3C53, 0x1E0A2DF4, 0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960, - 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66, 0xE3BC4595, 0xA67BC883, - 0xB17F37D1, 0x018CFF28, 0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802, - 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84, 0x1521B628, 0x29076170, - 0xECDD4775, 0x619F1510, 0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF, - 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14, 0xEECC86BC, 0x60622CA7, - 0x9CAB5CAB, 0xB2F3846E, 0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50, - 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7, 0x9B540B19, 0x875FA099, - 0x95F7997E, 0x623D7DA8, 0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281, - 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99, 0x57F584A5, 0x1B227263, - 0x9B83C3FF, 0x1AC24696, 0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128, - 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73, 0x5D4A14D9, 0xE864B7E3, - 0x42105D14, 0x203E13E0, 0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0, - 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105, 0xD81E799E, 0x86854DC7, - 0xE44B476A, 0x3D816250, 0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3, - 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285, 0x095BBF00, 0xAD19489D, - 0x1462B174, 0x23820E00, 0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061, - 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB, 0x7CDE3759, 0xCBEE7460, - 0x4085F2A7, 0xCE77326E, 0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735, - 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC, 0x9E447A2E, 0xC3453484, - 0xFDD56705, 0x0E1E9EC9, 0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340, - 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20, 0x153E21E7, 0x8FB03D4A, - 0xE6E39F2B, 0xDB83ADF7, 0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, - 0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068, 0xD4082471, 0x3320F46A, - 0x43B7D4B7, 0x500061AF, 0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, - 0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45, 0xBFBC09EC, 0x03BD9785, - 0x7FAC6DD0, 0x31CB8504, 0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, - 0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB, 0x68DC1462, 0xD7486900, - 0x680EC0A4, 0x27A18DEE, 0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, - 0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42, 0x20FE9E35, 0xD9F385B9, - 0xEE39D7AB, 0x3B124E8B, 0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, - 0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB, 0xFB0AF54E, 0xD8FEB397, - 0x454056AC, 0xBA489527, 0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, - 0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33, 0xA62A4A56, 0x3F3125F9, - 0x5EF47E1C, 0x9029317C, 0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, - 0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC, 0x07F9C9EE, 0x41041F0F, - 0x404779A4, 0x5D886E17, 0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, - 0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B, 0x0E12B4C2, 0x02E1329E, - 0xAF664FD1, 0xCAD18115, 0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, - 0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728, 0xD0127845, 0x95B794FD, - 0x647D0862, 0xE7CCF5F0, 0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, - 0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37, 0xA812DC60, 0xA1EBDDF8, - 0x991BE14C, 0xDB6E6B0D, 0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, - 0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B, 0x667B9FFB, 0xCEDB7D9C, - 0xA091CF0B, 0xD9155EA3, 0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, - 0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D, 0x6842ADA7, 0xC66A2B3B, - 0x12754CCC, 0x782EF11C, 0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, - 0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9, 0x44421659, 0x0A121386, - 0xD90CEC6E, 0xD5ABEA2A, 0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, - 0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D, 0xD1FD8346, 0xF6381FB0, - 0x7745AE04, 0xD736FCCC, 0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, - 0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61, 0x4E58F48F, 0xF2DDFDA2, - 0xF474EF38, 0x8789BDC2, 0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, - 0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2, 0x466E598E, 0x20B45770, - 0x8CD55591, 0xC902DE4C, 0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, - 0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633, 0xE85A1F02, 0x09F0BE8C, - 0x4A99A025, 0x1D6EFE10, 0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, - 0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52, 0x50115E01, 0xA70683FA, - 0xA002B5C4, 0x0DE6D027, 0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, - 0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62, 0x11E69ED7, 0x2338EA63, - 0x53C2DD94, 0xC2C21634, 0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, - 0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24, 0x86E3725F, 0x724D9DB9, - 0x1AC15BB4, 0xD39EB8FC, 0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, - 0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C, 0x6FD5C7E7, 0x56E14EC4, - 0x362ABFCE, 0xDDC6C837, 0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0, - 0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, 0x5CB0679E, 0x4FA33742, - 0xD3822740, 0x99BC9BBE, 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B, - 0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, 0x5748AB2F, 0xBC946E79, - 0xC6A376D2, 0x6549C2C8, 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6, - 0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, 0xA1FAD5F0, 0x6A2D519A, - 0x63EF8CE2, 0x9A86EE22, 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4, - 0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, 0x2826A2F9, 0xA73A3AE1, - 0x4BA99586, 0xEF5562E9, 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59, - 0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, 0xE990FD5A, 0x9E34D797, - 0x2CF0B7D9, 0x022B8B51, 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28, - 0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, 0xE029AC71, 0xE019A5E6, - 0x47B0ACFD, 0xED93FA9B, 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28, - 0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, 0x15056DD4, 0x88F46DBA, - 0x03A16125, 0x0564F0BD, 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A, - 0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, 0x7533D928, 0xB155FDF5, - 0x03563482, 0x8ABA3CBB, 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F, - 0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, 0xEA7A90C2, 0xFB3E7BCE, - 0x5121CE64, 0x774FBE32, 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680, - 0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, 0xB39A460A, 0x6445C0DD, - 0x586CDECF, 0x1C20C8AE, 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB, - 0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, 0x72EACEA8, 0xFA6484BB, - 0x8D6612AE, 0xBF3C6F47, 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370, - 0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, 0x4040CB08, 0x4EB4E2CC, - 0x34D2466A, 0x0115AF84, 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048, - 0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, 0x611560B1, 0xE7933FDC, - 0xBB3A792B, 0x344525BD, 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9, - 0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, 0x1A908749, 0xD44FBD9A, - 0xD0DADECB, 0xD50ADA38, 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F, - 0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, 0xBF97222C, 0x15E6FC2A, - 0x0F91FC71, 0x9B941525, 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1, - 0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, 0xE0EC6E0E, 0x1698DB3B, - 0x4C98A0BE, 0x3278E964, 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E, - 0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, 0xDF359F8D, 0x9B992F2E, - 0xE60B6F47, 0x0FE3F11D, 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F, - 0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, 0xF523F357, 0xA6327623, - 0x93A83531, 0x56CCCD02, 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC, - 0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, 0xE6C6C7BD, 0x327A140A, - 0x45E1D006, 0xC3F27B9A, 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6, - 0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, 0x53113EC0, 0x1640E3D3, - 0x38ABBD60, 0x2547ADF0, 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060, - 0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, 0x1948C25C, 0x02FB8A8C, - 0x01C36AE4, 0xD6EBE1F9, 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F, - 0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6 }; - -} diff --git a/src/block/blowfish/blowfish.cpp b/src/block/blowfish/blowfish.cpp deleted file mode 100644 index e93359141..000000000 --- a/src/block/blowfish/blowfish.cpp +++ /dev/null @@ -1,195 +0,0 @@ -/* -* Blowfish -* (C) 1999-2011 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/blowfish.h> -#include <botan/loadstor.h> - -namespace Botan { - -/* -* Blowfish Encryption -*/ -void Blowfish::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* S1 = &S[0]; - const u32bit* S2 = &S[256]; - const u32bit* S3 = &S[512]; - const u32bit* S4 = &S[768]; - - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - for(size_t j = 0; j != 16; j += 2) - { - L ^= P[j]; - R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^ - S3[get_byte(2, L)]) + S4[get_byte(3, L)]; - - R ^= P[j+1]; - L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^ - S3[get_byte(2, R)]) + S4[get_byte(3, R)]; - } - - L ^= P[16]; R ^= P[17]; - - store_be(out, R, L); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Blowfish Decryption -*/ -void Blowfish::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* S1 = &S[0]; - const u32bit* S2 = &S[256]; - const u32bit* S3 = &S[512]; - const u32bit* S4 = &S[768]; - - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - for(size_t j = 17; j != 1; j -= 2) - { - L ^= P[j]; - R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^ - S3[get_byte(2, L)]) + S4[get_byte(3, L)]; - - R ^= P[j-1]; - L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^ - S3[get_byte(2, R)]) + S4[get_byte(3, R)]; - } - - L ^= P[1]; R ^= P[0]; - - store_be(out, R, L); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Blowfish Key Schedule -*/ -void Blowfish::key_schedule(const byte key[], size_t length) - { - P.resize(18); - std::copy(P_INIT, P_INIT + 18, P.begin()); - - S.resize(1024); - std::copy(S_INIT, S_INIT + 1024, S.begin()); - - const byte null_salt[16] = { 0 }; - - key_expansion(key, length, null_salt); - } - -void Blowfish::key_expansion(const byte key[], - size_t length, - const byte salt[16]) - { - for(size_t i = 0, j = 0; i != 18; ++i, j += 4) - P[i] ^= make_u32bit(key[(j ) % length], key[(j+1) % length], - key[(j+2) % length], key[(j+3) % length]); - - u32bit L = 0, R = 0; - generate_sbox(P, L, R, salt, 0); - generate_sbox(S, L, R, salt, 2); - } - -/* -* Modified key schedule used for bcrypt password hashing -*/ -void Blowfish::eks_key_schedule(const byte key[], size_t length, - const byte salt[16], size_t workfactor) - { - // Truncate longer passwords to the 56 byte limit Blowfish enforces - length = std::min<size_t>(length, 55); - - if(workfactor == 0) - throw std::invalid_argument("Bcrypt work factor must be at least 1"); - - /* - * On a 2.8 GHz Core-i7, workfactor == 18 takes about 25 seconds to - * hash a password. This seems like a reasonable upper bound for the - * time being. - */ - if(workfactor > 18) - throw std::invalid_argument("Requested Bcrypt work factor " + - std::to_string(workfactor) + " too large"); - - P.resize(18); - std::copy(P_INIT, P_INIT + 18, P.begin()); - - S.resize(1024); - std::copy(S_INIT, S_INIT + 1024, S.begin()); - - key_expansion(key, length, salt); - - const byte null_salt[16] = { 0 }; - const size_t rounds = 1 << workfactor; - - for(size_t r = 0; r != rounds; ++r) - { - key_expansion(key, length, null_salt); - key_expansion(salt, 16, null_salt); - } - } - -/* -* Generate one of the Sboxes -*/ -void Blowfish::generate_sbox(secure_vector<u32bit>& box, - u32bit& L, u32bit& R, - const byte salt[16], - size_t salt_off) const - { - const u32bit* S1 = &S[0]; - const u32bit* S2 = &S[256]; - const u32bit* S3 = &S[512]; - const u32bit* S4 = &S[768]; - - for(size_t i = 0; i != box.size(); i += 2) - { - L ^= load_be<u32bit>(salt, (i + salt_off) % 4); - R ^= load_be<u32bit>(salt, (i + salt_off + 1) % 4); - - for(size_t j = 0; j != 16; j += 2) - { - L ^= P[j]; - R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^ - S3[get_byte(2, L)]) + S4[get_byte(3, L)]; - - R ^= P[j+1]; - L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^ - S3[get_byte(2, R)]) + S4[get_byte(3, R)]; - } - - u32bit T = R; R = L ^ P[16]; L = T ^ P[17]; - box[i] = L; - box[i+1] = R; - } - } - -/* -* Clear memory of sensitive data -*/ -void Blowfish::clear() - { - zap(P); - zap(S); - } - -} diff --git a/src/block/blowfish/blowfish.h b/src/block/blowfish/blowfish.h deleted file mode 100644 index cdf65f285..000000000 --- a/src/block/blowfish/blowfish.h +++ /dev/null @@ -1,53 +0,0 @@ -/* -* Blowfish -* (C) 1999-2011 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_BLOWFISH_H__ -#define BOTAN_BLOWFISH_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Blowfish -*/ -class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - /** - * Modified EKSBlowfish key schedule, used for bcrypt password hashing - */ - void eks_key_schedule(const byte key[], size_t key_length, - const byte salt[16], size_t workfactor); - - void clear(); - std::string name() const { return "Blowfish"; } - BlockCipher* clone() const { return new Blowfish; } - private: - void key_schedule(const byte key[], size_t length); - - void key_expansion(const byte key[], - size_t key_length, - const byte salt[16]); - - void generate_sbox(secure_vector<u32bit>& box, - u32bit& L, u32bit& R, - const byte salt[16], - size_t salt_off) const; - - static const u32bit P_INIT[18]; - static const u32bit S_INIT[1024]; - - secure_vector<u32bit> S, P; - }; - -} - -#endif diff --git a/src/block/blowfish/info.txt b/src/block/blowfish/info.txt deleted file mode 100644 index 1a33140d3..000000000 --- a/src/block/blowfish/info.txt +++ /dev/null @@ -1 +0,0 @@ -define BLOWFISH 20131128 diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp deleted file mode 100644 index a5d70d736..000000000 --- a/src/block/camellia/camellia.cpp +++ /dev/null @@ -1,394 +0,0 @@ -/* -* Camellia -* (C) 2012 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/camellia.h> -#include <botan/internal/camellia_sbox.h> -#include <botan/loadstor.h> - -namespace Botan { - -namespace Camellia_F { - -namespace { - -/* -* We use the slow byte-wise version of F in the first and last rounds -* to help protect against timing attacks -*/ -u64bit F_SLOW(u64bit v, u64bit K) - { - static const byte SBOX[256] = { - 0x70, 0x82, 0x2C, 0xEC, 0xB3, 0x27, 0xC0, 0xE5, 0xE4, 0x85, 0x57, - 0x35, 0xEA, 0x0C, 0xAE, 0x41, 0x23, 0xEF, 0x6B, 0x93, 0x45, 0x19, - 0xA5, 0x21, 0xED, 0x0E, 0x4F, 0x4E, 0x1D, 0x65, 0x92, 0xBD, 0x86, - 0xB8, 0xAF, 0x8F, 0x7C, 0xEB, 0x1F, 0xCE, 0x3E, 0x30, 0xDC, 0x5F, - 0x5E, 0xC5, 0x0B, 0x1A, 0xA6, 0xE1, 0x39, 0xCA, 0xD5, 0x47, 0x5D, - 0x3D, 0xD9, 0x01, 0x5A, 0xD6, 0x51, 0x56, 0x6C, 0x4D, 0x8B, 0x0D, - 0x9A, 0x66, 0xFB, 0xCC, 0xB0, 0x2D, 0x74, 0x12, 0x2B, 0x20, 0xF0, - 0xB1, 0x84, 0x99, 0xDF, 0x4C, 0xCB, 0xC2, 0x34, 0x7E, 0x76, 0x05, - 0x6D, 0xB7, 0xA9, 0x31, 0xD1, 0x17, 0x04, 0xD7, 0x14, 0x58, 0x3A, - 0x61, 0xDE, 0x1B, 0x11, 0x1C, 0x32, 0x0F, 0x9C, 0x16, 0x53, 0x18, - 0xF2, 0x22, 0xFE, 0x44, 0xCF, 0xB2, 0xC3, 0xB5, 0x7A, 0x91, 0x24, - 0x08, 0xE8, 0xA8, 0x60, 0xFC, 0x69, 0x50, 0xAA, 0xD0, 0xA0, 0x7D, - 0xA1, 0x89, 0x62, 0x97, 0x54, 0x5B, 0x1E, 0x95, 0xE0, 0xFF, 0x64, - 0xD2, 0x10, 0xC4, 0x00, 0x48, 0xA3, 0xF7, 0x75, 0xDB, 0x8A, 0x03, - 0xE6, 0xDA, 0x09, 0x3F, 0xDD, 0x94, 0x87, 0x5C, 0x83, 0x02, 0xCD, - 0x4A, 0x90, 0x33, 0x73, 0x67, 0xF6, 0xF3, 0x9D, 0x7F, 0xBF, 0xE2, - 0x52, 0x9B, 0xD8, 0x26, 0xC8, 0x37, 0xC6, 0x3B, 0x81, 0x96, 0x6F, - 0x4B, 0x13, 0xBE, 0x63, 0x2E, 0xE9, 0x79, 0xA7, 0x8C, 0x9F, 0x6E, - 0xBC, 0x8E, 0x29, 0xF5, 0xF9, 0xB6, 0x2F, 0xFD, 0xB4, 0x59, 0x78, - 0x98, 0x06, 0x6A, 0xE7, 0x46, 0x71, 0xBA, 0xD4, 0x25, 0xAB, 0x42, - 0x88, 0xA2, 0x8D, 0xFA, 0x72, 0x07, 0xB9, 0x55, 0xF8, 0xEE, 0xAC, - 0x0A, 0x36, 0x49, 0x2A, 0x68, 0x3C, 0x38, 0xF1, 0xA4, 0x40, 0x28, - 0xD3, 0x7B, 0xBB, 0xC9, 0x43, 0xC1, 0x15, 0xE3, 0xAD, 0xF4, 0x77, - 0xC7, 0x80, 0x9E }; - - const u64bit x = v ^ K; - - const byte t1 = SBOX[get_byte(0, x)]; - const byte t2 = rotate_left(SBOX[get_byte(1, x)], 1); - const byte t3 = rotate_left(SBOX[get_byte(2, x)], 7); - const byte t4 = SBOX[rotate_left(get_byte(3, x), 1)]; - const byte t5 = rotate_left(SBOX[get_byte(4, x)], 1); - const byte t6 = rotate_left(SBOX[get_byte(5, x)], 7); - const byte t7 = SBOX[rotate_left(get_byte(6, x), 1)]; - const byte t8 = SBOX[get_byte(7, x)]; - - const byte y1 = t1 ^ t3 ^ t4 ^ t6 ^ t7 ^ t8; - const byte y2 = t1 ^ t2 ^ t4 ^ t5 ^ t7 ^ t8; - const byte y3 = t1 ^ t2 ^ t3 ^ t5 ^ t6 ^ t8; - const byte y4 = t2 ^ t3 ^ t4 ^ t5 ^ t6 ^ t7; - const byte y5 = t1 ^ t2 ^ t6 ^ t7 ^ t8; - const byte y6 = t2 ^ t3 ^ t5 ^ t7 ^ t8; - const byte y7 = t3 ^ t4 ^ t5 ^ t6 ^ t8; - const byte y8 = t1 ^ t4 ^ t5 ^ t6 ^ t7; - - return make_u64bit(y1, y2, y3, y4, y5, y6, y7, y8); - } - -inline u64bit F(u64bit v, u64bit K) - { - const u64bit x = v ^ K; - - return Camellia_SBOX1[get_byte(0, x)] ^ - Camellia_SBOX2[get_byte(1, x)] ^ - Camellia_SBOX3[get_byte(2, x)] ^ - Camellia_SBOX4[get_byte(3, x)] ^ - Camellia_SBOX5[get_byte(4, x)] ^ - Camellia_SBOX6[get_byte(5, x)] ^ - Camellia_SBOX7[get_byte(6, x)] ^ - Camellia_SBOX8[get_byte(7, x)]; - } - -inline u64bit FL(u64bit v, u64bit K) - { - u32bit x1 = (v >> 32); - u32bit x2 = (v & 0xFFFFFFFF); - - const u32bit k1 = (K >> 32); - const u32bit k2 = (K & 0xFFFFFFFF); - - x2 ^= rotate_left(x1 & k1, 1); - x1 ^= (x2 | k2); - - return ((static_cast<u64bit>(x1) << 32) | x2); - } - -inline u64bit FLINV(u64bit v, u64bit K) - { - u32bit x1 = (v >> 32); - u32bit x2 = (v & 0xFFFFFFFF); - - const u32bit k1 = (K >> 32); - const u32bit k2 = (K & 0xFFFFFFFF); - - x1 ^= (x2 | k2); - x2 ^= rotate_left(x1 & k1, 1); - - return ((static_cast<u64bit>(x1) << 32) | x2); - } - -/* -* Camellia Encryption -*/ -void encrypt(const byte in[], byte out[], size_t blocks, - const secure_vector<u64bit>& SK, const size_t rounds) - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit D1 = load_be<u64bit>(in, 0); - u64bit D2 = load_be<u64bit>(in, 1); - - const u64bit* K = &SK[0]; - - D1 ^= *K++; - D2 ^= *K++; - - D2 ^= F_SLOW(D1, *K++); - D1 ^= F_SLOW(D2, *K++); - - for(size_t r = 1; r != rounds - 1; ++r) - { - if(r % 3 == 0) - { - D1 = FL (D1, *K++); - D2 = FLINV(D2, *K++); - } - - D2 ^= F(D1, *K++); - D1 ^= F(D2, *K++); - } - - D2 ^= F_SLOW(D1, *K++); - D1 ^= F_SLOW(D2, *K++); - - D2 ^= *K++; - D1 ^= *K++; - - store_be(out, D2, D1); - - in += 16; - out += 16; - } - } - -/* -* Camellia Decryption -*/ -void decrypt(const byte in[], byte out[], size_t blocks, - const secure_vector<u64bit>& SK, const size_t rounds) - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit D1 = load_be<u64bit>(in, 0); - u64bit D2 = load_be<u64bit>(in, 1); - - const u64bit* K = &SK[SK.size()-1]; - - D2 ^= *K--; - D1 ^= *K--; - - D2 ^= F_SLOW(D1, *K--); - D1 ^= F_SLOW(D2, *K--); - - for(size_t r = 1; r != rounds - 1; ++r) - { - if(r % 3 == 0) - { - D1 = FL (D1, *K--); - D2 = FLINV(D2, *K--); - } - - D2 ^= F(D1, *K--); - D1 ^= F(D2, *K--); - } - - D2 ^= F_SLOW(D1, *K--); - D1 ^= F_SLOW(D2, *K--); - - D1 ^= *K--; - D2 ^= *K; - - store_be(out, D2, D1); - - in += 16; - out += 16; - } - } - -u64bit left_rot_hi(u64bit h, u64bit l, size_t shift) - { - return (h << shift) | ((l >> (64-shift))); - } - -u64bit left_rot_lo(u64bit h, u64bit l, size_t shift) - { - return (h >> (64-shift)) | (l << shift); - } - -/* -* Camellia Key Schedule -*/ -void key_schedule(secure_vector<u64bit>& SK, const byte key[], size_t length) - { - const u64bit Sigma1 = 0xA09E667F3BCC908B; - const u64bit Sigma2 = 0xB67AE8584CAA73B2; - const u64bit Sigma3 = 0xC6EF372FE94F82BE; - const u64bit Sigma4 = 0x54FF53A5F1D36F1C; - const u64bit Sigma5 = 0x10E527FADE682D1D; - const u64bit Sigma6 = 0xB05688C2B3E6C1FD; - - const u64bit KL_H = load_be<u64bit>(key, 0); - const u64bit KL_L = load_be<u64bit>(key, 1); - - const u64bit KR_H = (length >= 24) ? load_be<u64bit>(key, 2) : 0; - const u64bit KR_L = - (length == 32) ? load_be<u64bit>(key, 3) : ((length == 24) ? ~KR_H : 0); - - u64bit D1 = KL_H ^ KR_H; - u64bit D2 = KL_L ^ KR_L; - D2 ^= F(D1, Sigma1); - D1 ^= F(D2, Sigma2); - D1 ^= KL_H; - D2 ^= KL_L; - D2 ^= F(D1, Sigma3); - D1 ^= F(D2, Sigma4); - - const u64bit KA_H = D1; - const u64bit KA_L = D2; - - D1 = KA_H ^ KR_H; - D2 = KA_L ^ KR_L; - D2 ^= F(D1, Sigma5); - D1 ^= F(D2, Sigma6); - - const u64bit KB_H = D1; - const u64bit KB_L = D2; - - if(length == 16) - { - SK.resize(26); - - SK[ 0] = KL_H; - SK[ 1] = KL_L; - SK[ 2] = KA_H; - SK[ 3] = KA_L; - SK[ 4] = left_rot_hi(KL_H, KL_L, 15); - SK[ 5] = left_rot_lo(KL_H, KL_L, 15); - SK[ 6] = left_rot_hi(KA_H, KA_L, 15); - SK[ 7] = left_rot_lo(KA_H, KA_L, 15); - SK[ 8] = left_rot_hi(KA_H, KA_L, 30); - SK[ 9] = left_rot_lo(KA_H, KA_L, 30); - SK[10] = left_rot_hi(KL_H, KL_L, 45); - SK[11] = left_rot_lo(KL_H, KL_L, 45); - SK[12] = left_rot_hi(KA_H, KA_L, 45); - SK[13] = left_rot_lo(KL_H, KL_L, 60); - SK[14] = left_rot_hi(KA_H, KA_L, 60); - SK[15] = left_rot_lo(KA_H, KA_L, 60); - SK[16] = left_rot_lo(KL_H, KL_L, 77-64); - SK[17] = left_rot_hi(KL_H, KL_L, 77-64); - SK[18] = left_rot_lo(KL_H, KL_L, 94-64); - SK[19] = left_rot_hi(KL_H, KL_L, 94-64); - SK[20] = left_rot_lo(KA_H, KA_L, 94-64); - SK[21] = left_rot_hi(KA_H, KA_L, 94-64); - SK[22] = left_rot_lo(KL_H, KL_L, 111-64); - SK[23] = left_rot_hi(KL_H, KL_L, 111-64); - SK[24] = left_rot_lo(KA_H, KA_L, 111-64); - SK[25] = left_rot_hi(KA_H, KA_L, 111-64); - } - else - { - SK.resize(34); - - SK[ 0] = KL_H; - SK[ 1] = KL_L; - SK[ 2] = KB_H; - SK[ 3] = KB_L; - - SK[ 4] = left_rot_hi(KR_H, KR_L, 15); - SK[ 5] = left_rot_lo(KR_H, KR_L, 15); - SK[ 6] = left_rot_hi(KA_H, KA_L, 15); - SK[ 7] = left_rot_lo(KA_H, KA_L, 15); - - SK[ 8] = left_rot_hi(KR_H, KR_L, 30); - SK[ 9] = left_rot_lo(KR_H, KR_L, 30); - SK[10] = left_rot_hi(KB_H, KB_L, 30); - SK[11] = left_rot_lo(KB_H, KB_L, 30); - - SK[12] = left_rot_hi(KL_H, KL_L, 45); - SK[13] = left_rot_lo(KL_H, KL_L, 45); - SK[14] = left_rot_hi(KA_H, KA_L, 45); - SK[15] = left_rot_lo(KA_H, KA_L, 45); - - SK[16] = left_rot_hi(KL_H, KL_L, 60); - SK[17] = left_rot_lo(KL_H, KL_L, 60); - SK[18] = left_rot_hi(KR_H, KR_L, 60); - SK[19] = left_rot_lo(KR_H, KR_L, 60); - SK[20] = left_rot_hi(KB_H, KB_L, 60); - SK[21] = left_rot_lo(KB_H, KB_L, 60); - - SK[22] = left_rot_lo(KL_H, KL_L, 77-64); - SK[23] = left_rot_hi(KL_H, KL_L, 77-64); - SK[24] = left_rot_lo(KA_H, KA_L, 77-64); - SK[25] = left_rot_hi(KA_H, KA_L, 77-64); - - SK[26] = left_rot_lo(KR_H, KR_L, 94-64); - SK[27] = left_rot_hi(KR_H, KR_L, 94-64); - SK[28] = left_rot_lo(KA_H, KA_L, 94-64); - SK[29] = left_rot_hi(KA_H, KA_L, 94-64); - SK[30] = left_rot_lo(KL_H, KL_L, 111-64); - SK[31] = left_rot_hi(KL_H, KL_L, 111-64); - SK[32] = left_rot_lo(KB_H, KB_L, 111-64); - SK[33] = left_rot_hi(KB_H, KB_L, 111-64); - } - } - -} - -} - -void Camellia_128::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::encrypt(in, out, blocks, SK, 9); - } - -void Camellia_192::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::encrypt(in, out, blocks, SK, 12); - } - -void Camellia_256::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::encrypt(in, out, blocks, SK, 12); - } - -void Camellia_128::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::decrypt(in, out, blocks, SK, 9); - } - -void Camellia_192::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::decrypt(in, out, blocks, SK, 12); - } - -void Camellia_256::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - Camellia_F::decrypt(in, out, blocks, SK, 12); - } - -void Camellia_128::key_schedule(const byte key[], size_t length) - { - Camellia_F::key_schedule(SK, key, length); - } - -void Camellia_192::key_schedule(const byte key[], size_t length) - { - Camellia_F::key_schedule(SK, key, length); - } - -void Camellia_256::key_schedule(const byte key[], size_t length) - { - Camellia_F::key_schedule(SK, key, length); - } - -void Camellia_128::clear() - { - zap(SK); - } - -void Camellia_192::clear() - { - zap(SK); - } - -void Camellia_256::clear() - { - zap(SK); - } - -} diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h deleted file mode 100644 index 09f420765..000000000 --- a/src/block/camellia/camellia.h +++ /dev/null @@ -1,71 +0,0 @@ -/* -* Camellia -* (C) 2012 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CAMELLIA_H__ -#define BOTAN_CAMELLIA_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Camellia-128 -*/ -class BOTAN_DLL Camellia_128 : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Camellia-128"; } - BlockCipher* clone() const { return new Camellia_128; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u64bit> SK; - }; - -/** -* Camellia-192 -*/ -class BOTAN_DLL Camellia_192 : public Block_Cipher_Fixed_Params<16, 24> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Camellia-192"; } - BlockCipher* clone() const { return new Camellia_192; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u64bit> SK; - }; - -/** -* Camellia-256 -*/ -class BOTAN_DLL Camellia_256 : public Block_Cipher_Fixed_Params<16, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Camellia-256"; } - BlockCipher* clone() const { return new Camellia_256; } - private: - void key_schedule(const byte key[], size_t length); - - secure_vector<u64bit> SK; - }; - -} - -#endif diff --git a/src/block/camellia/camellia_sbox.h b/src/block/camellia/camellia_sbox.h deleted file mode 100644 index 24c849a16..000000000 --- a/src/block/camellia/camellia_sbox.h +++ /dev/null @@ -1,545 +0,0 @@ -/* -* Camellia SBox Tables -* (C) 2012 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CAMELLIA_SBOX_H__ -#define BOTAN_CAMELLIA_SBOX_H__ - -#include <botan/types.h> - -namespace Botan { - -const u64bit Camellia_SBOX1[256] = { -0x7070700070000070, 0x8282820082000082, 0x2C2C2C002C00002C, 0xECECEC00EC0000EC, -0xB3B3B300B30000B3, 0x2727270027000027, 0xC0C0C000C00000C0, 0xE5E5E500E50000E5, -0xE4E4E400E40000E4, 0x8585850085000085, 0x5757570057000057, 0x3535350035000035, -0xEAEAEA00EA0000EA, 0x0C0C0C000C00000C, 0xAEAEAE00AE0000AE, 0x4141410041000041, -0x2323230023000023, 0xEFEFEF00EF0000EF, 0x6B6B6B006B00006B, 0x9393930093000093, -0x4545450045000045, 0x1919190019000019, 0xA5A5A500A50000A5, 0x2121210021000021, -0xEDEDED00ED0000ED, 0x0E0E0E000E00000E, 0x4F4F4F004F00004F, 0x4E4E4E004E00004E, -0x1D1D1D001D00001D, 0x6565650065000065, 0x9292920092000092, 0xBDBDBD00BD0000BD, -0x8686860086000086, 0xB8B8B800B80000B8, 0xAFAFAF00AF0000AF, 0x8F8F8F008F00008F, -0x7C7C7C007C00007C, 0xEBEBEB00EB0000EB, 0x1F1F1F001F00001F, 0xCECECE00CE0000CE, -0x3E3E3E003E00003E, 0x3030300030000030, 0xDCDCDC00DC0000DC, 0x5F5F5F005F00005F, -0x5E5E5E005E00005E, 0xC5C5C500C50000C5, 0x0B0B0B000B00000B, 0x1A1A1A001A00001A, -0xA6A6A600A60000A6, 0xE1E1E100E10000E1, 0x3939390039000039, 0xCACACA00CA0000CA, -0xD5D5D500D50000D5, 0x4747470047000047, 0x5D5D5D005D00005D, 0x3D3D3D003D00003D, -0xD9D9D900D90000D9, 0x0101010001000001, 0x5A5A5A005A00005A, 0xD6D6D600D60000D6, -0x5151510051000051, 0x5656560056000056, 0x6C6C6C006C00006C, 0x4D4D4D004D00004D, -0x8B8B8B008B00008B, 0x0D0D0D000D00000D, 0x9A9A9A009A00009A, 0x6666660066000066, -0xFBFBFB00FB0000FB, 0xCCCCCC00CC0000CC, 0xB0B0B000B00000B0, 0x2D2D2D002D00002D, -0x7474740074000074, 0x1212120012000012, 0x2B2B2B002B00002B, 0x2020200020000020, -0xF0F0F000F00000F0, 0xB1B1B100B10000B1, 0x8484840084000084, 0x9999990099000099, -0xDFDFDF00DF0000DF, 0x4C4C4C004C00004C, 0xCBCBCB00CB0000CB, 0xC2C2C200C20000C2, -0x3434340034000034, 0x7E7E7E007E00007E, 0x7676760076000076, 0x0505050005000005, -0x6D6D6D006D00006D, 0xB7B7B700B70000B7, 0xA9A9A900A90000A9, 0x3131310031000031, -0xD1D1D100D10000D1, 0x1717170017000017, 0x0404040004000004, 0xD7D7D700D70000D7, -0x1414140014000014, 0x5858580058000058, 0x3A3A3A003A00003A, 0x6161610061000061, -0xDEDEDE00DE0000DE, 0x1B1B1B001B00001B, 0x1111110011000011, 0x1C1C1C001C00001C, -0x3232320032000032, 0x0F0F0F000F00000F, 0x9C9C9C009C00009C, 0x1616160016000016, -0x5353530053000053, 0x1818180018000018, 0xF2F2F200F20000F2, 0x2222220022000022, -0xFEFEFE00FE0000FE, 0x4444440044000044, 0xCFCFCF00CF0000CF, 0xB2B2B200B20000B2, -0xC3C3C300C30000C3, 0xB5B5B500B50000B5, 0x7A7A7A007A00007A, 0x9191910091000091, -0x2424240024000024, 0x0808080008000008, 0xE8E8E800E80000E8, 0xA8A8A800A80000A8, -0x6060600060000060, 0xFCFCFC00FC0000FC, 0x6969690069000069, 0x5050500050000050, -0xAAAAAA00AA0000AA, 0xD0D0D000D00000D0, 0xA0A0A000A00000A0, 0x7D7D7D007D00007D, -0xA1A1A100A10000A1, 0x8989890089000089, 0x6262620062000062, 0x9797970097000097, -0x5454540054000054, 0x5B5B5B005B00005B, 0x1E1E1E001E00001E, 0x9595950095000095, -0xE0E0E000E00000E0, 0xFFFFFF00FF0000FF, 0x6464640064000064, 0xD2D2D200D20000D2, -0x1010100010000010, 0xC4C4C400C40000C4, 0x0000000000000000, 0x4848480048000048, -0xA3A3A300A30000A3, 0xF7F7F700F70000F7, 0x7575750075000075, 0xDBDBDB00DB0000DB, -0x8A8A8A008A00008A, 0x0303030003000003, 0xE6E6E600E60000E6, 0xDADADA00DA0000DA, -0x0909090009000009, 0x3F3F3F003F00003F, 0xDDDDDD00DD0000DD, 0x9494940094000094, -0x8787870087000087, 0x5C5C5C005C00005C, 0x8383830083000083, 0x0202020002000002, -0xCDCDCD00CD0000CD, 0x4A4A4A004A00004A, 0x9090900090000090, 0x3333330033000033, -0x7373730073000073, 0x6767670067000067, 0xF6F6F600F60000F6, 0xF3F3F300F30000F3, -0x9D9D9D009D00009D, 0x7F7F7F007F00007F, 0xBFBFBF00BF0000BF, 0xE2E2E200E20000E2, -0x5252520052000052, 0x9B9B9B009B00009B, 0xD8D8D800D80000D8, 0x2626260026000026, -0xC8C8C800C80000C8, 0x3737370037000037, 0xC6C6C600C60000C6, 0x3B3B3B003B00003B, -0x8181810081000081, 0x9696960096000096, 0x6F6F6F006F00006F, 0x4B4B4B004B00004B, -0x1313130013000013, 0xBEBEBE00BE0000BE, 0x6363630063000063, 0x2E2E2E002E00002E, -0xE9E9E900E90000E9, 0x7979790079000079, 0xA7A7A700A70000A7, 0x8C8C8C008C00008C, -0x9F9F9F009F00009F, 0x6E6E6E006E00006E, 0xBCBCBC00BC0000BC, 0x8E8E8E008E00008E, -0x2929290029000029, 0xF5F5F500F50000F5, 0xF9F9F900F90000F9, 0xB6B6B600B60000B6, -0x2F2F2F002F00002F, 0xFDFDFD00FD0000FD, 0xB4B4B400B40000B4, 0x5959590059000059, -0x7878780078000078, 0x9898980098000098, 0x0606060006000006, 0x6A6A6A006A00006A, -0xE7E7E700E70000E7, 0x4646460046000046, 0x7171710071000071, 0xBABABA00BA0000BA, -0xD4D4D400D40000D4, 0x2525250025000025, 0xABABAB00AB0000AB, 0x4242420042000042, -0x8888880088000088, 0xA2A2A200A20000A2, 0x8D8D8D008D00008D, 0xFAFAFA00FA0000FA, -0x7272720072000072, 0x0707070007000007, 0xB9B9B900B90000B9, 0x5555550055000055, -0xF8F8F800F80000F8, 0xEEEEEE00EE0000EE, 0xACACAC00AC0000AC, 0x0A0A0A000A00000A, -0x3636360036000036, 0x4949490049000049, 0x2A2A2A002A00002A, 0x6868680068000068, -0x3C3C3C003C00003C, 0x3838380038000038, 0xF1F1F100F10000F1, 0xA4A4A400A40000A4, -0x4040400040000040, 0x2828280028000028, 0xD3D3D300D30000D3, 0x7B7B7B007B00007B, -0xBBBBBB00BB0000BB, 0xC9C9C900C90000C9, 0x4343430043000043, 0xC1C1C100C10000C1, -0x1515150015000015, 0xE3E3E300E30000E3, 0xADADAD00AD0000AD, 0xF4F4F400F40000F4, -0x7777770077000077, 0xC7C7C700C70000C7, 0x8080800080000080, 0x9E9E9E009E00009E }; - -const u64bit Camellia_SBOX2[256] = { -0x00E0E0E0E0E00000, 0x0005050505050000, 0x0058585858580000, 0x00D9D9D9D9D90000, -0x0067676767670000, 0x004E4E4E4E4E0000, 0x0081818181810000, 0x00CBCBCBCBCB0000, -0x00C9C9C9C9C90000, 0x000B0B0B0B0B0000, 0x00AEAEAEAEAE0000, 0x006A6A6A6A6A0000, -0x00D5D5D5D5D50000, 0x0018181818180000, 0x005D5D5D5D5D0000, 0x0082828282820000, -0x0046464646460000, 0x00DFDFDFDFDF0000, 0x00D6D6D6D6D60000, 0x0027272727270000, -0x008A8A8A8A8A0000, 0x0032323232320000, 0x004B4B4B4B4B0000, 0x0042424242420000, -0x00DBDBDBDBDB0000, 0x001C1C1C1C1C0000, 0x009E9E9E9E9E0000, 0x009C9C9C9C9C0000, -0x003A3A3A3A3A0000, 0x00CACACACACA0000, 0x0025252525250000, 0x007B7B7B7B7B0000, -0x000D0D0D0D0D0000, 0x0071717171710000, 0x005F5F5F5F5F0000, 0x001F1F1F1F1F0000, -0x00F8F8F8F8F80000, 0x00D7D7D7D7D70000, 0x003E3E3E3E3E0000, 0x009D9D9D9D9D0000, -0x007C7C7C7C7C0000, 0x0060606060600000, 0x00B9B9B9B9B90000, 0x00BEBEBEBEBE0000, -0x00BCBCBCBCBC0000, 0x008B8B8B8B8B0000, 0x0016161616160000, 0x0034343434340000, -0x004D4D4D4D4D0000, 0x00C3C3C3C3C30000, 0x0072727272720000, 0x0095959595950000, -0x00ABABABABAB0000, 0x008E8E8E8E8E0000, 0x00BABABABABA0000, 0x007A7A7A7A7A0000, -0x00B3B3B3B3B30000, 0x0002020202020000, 0x00B4B4B4B4B40000, 0x00ADADADADAD0000, -0x00A2A2A2A2A20000, 0x00ACACACACAC0000, 0x00D8D8D8D8D80000, 0x009A9A9A9A9A0000, -0x0017171717170000, 0x001A1A1A1A1A0000, 0x0035353535350000, 0x00CCCCCCCCCC0000, -0x00F7F7F7F7F70000, 0x0099999999990000, 0x0061616161610000, 0x005A5A5A5A5A0000, -0x00E8E8E8E8E80000, 0x0024242424240000, 0x0056565656560000, 0x0040404040400000, -0x00E1E1E1E1E10000, 0x0063636363630000, 0x0009090909090000, 0x0033333333330000, -0x00BFBFBFBFBF0000, 0x0098989898980000, 0x0097979797970000, 0x0085858585850000, -0x0068686868680000, 0x00FCFCFCFCFC0000, 0x00ECECECECEC0000, 0x000A0A0A0A0A0000, -0x00DADADADADA0000, 0x006F6F6F6F6F0000, 0x0053535353530000, 0x0062626262620000, -0x00A3A3A3A3A30000, 0x002E2E2E2E2E0000, 0x0008080808080000, 0x00AFAFAFAFAF0000, -0x0028282828280000, 0x00B0B0B0B0B00000, 0x0074747474740000, 0x00C2C2C2C2C20000, -0x00BDBDBDBDBD0000, 0x0036363636360000, 0x0022222222220000, 0x0038383838380000, -0x0064646464640000, 0x001E1E1E1E1E0000, 0x0039393939390000, 0x002C2C2C2C2C0000, -0x00A6A6A6A6A60000, 0x0030303030300000, 0x00E5E5E5E5E50000, 0x0044444444440000, -0x00FDFDFDFDFD0000, 0x0088888888880000, 0x009F9F9F9F9F0000, 0x0065656565650000, -0x0087878787870000, 0x006B6B6B6B6B0000, 0x00F4F4F4F4F40000, 0x0023232323230000, -0x0048484848480000, 0x0010101010100000, 0x00D1D1D1D1D10000, 0x0051515151510000, -0x00C0C0C0C0C00000, 0x00F9F9F9F9F90000, 0x00D2D2D2D2D20000, 0x00A0A0A0A0A00000, -0x0055555555550000, 0x00A1A1A1A1A10000, 0x0041414141410000, 0x00FAFAFAFAFA0000, -0x0043434343430000, 0x0013131313130000, 0x00C4C4C4C4C40000, 0x002F2F2F2F2F0000, -0x00A8A8A8A8A80000, 0x00B6B6B6B6B60000, 0x003C3C3C3C3C0000, 0x002B2B2B2B2B0000, -0x00C1C1C1C1C10000, 0x00FFFFFFFFFF0000, 0x00C8C8C8C8C80000, 0x00A5A5A5A5A50000, -0x0020202020200000, 0x0089898989890000, 0x0000000000000000, 0x0090909090900000, -0x0047474747470000, 0x00EFEFEFEFEF0000, 0x00EAEAEAEAEA0000, 0x00B7B7B7B7B70000, -0x0015151515150000, 0x0006060606060000, 0x00CDCDCDCDCD0000, 0x00B5B5B5B5B50000, -0x0012121212120000, 0x007E7E7E7E7E0000, 0x00BBBBBBBBBB0000, 0x0029292929290000, -0x000F0F0F0F0F0000, 0x00B8B8B8B8B80000, 0x0007070707070000, 0x0004040404040000, -0x009B9B9B9B9B0000, 0x0094949494940000, 0x0021212121210000, 0x0066666666660000, -0x00E6E6E6E6E60000, 0x00CECECECECE0000, 0x00EDEDEDEDED0000, 0x00E7E7E7E7E70000, -0x003B3B3B3B3B0000, 0x00FEFEFEFEFE0000, 0x007F7F7F7F7F0000, 0x00C5C5C5C5C50000, -0x00A4A4A4A4A40000, 0x0037373737370000, 0x00B1B1B1B1B10000, 0x004C4C4C4C4C0000, -0x0091919191910000, 0x006E6E6E6E6E0000, 0x008D8D8D8D8D0000, 0x0076767676760000, -0x0003030303030000, 0x002D2D2D2D2D0000, 0x00DEDEDEDEDE0000, 0x0096969696960000, -0x0026262626260000, 0x007D7D7D7D7D0000, 0x00C6C6C6C6C60000, 0x005C5C5C5C5C0000, -0x00D3D3D3D3D30000, 0x00F2F2F2F2F20000, 0x004F4F4F4F4F0000, 0x0019191919190000, -0x003F3F3F3F3F0000, 0x00DCDCDCDCDC0000, 0x0079797979790000, 0x001D1D1D1D1D0000, -0x0052525252520000, 0x00EBEBEBEBEB0000, 0x00F3F3F3F3F30000, 0x006D6D6D6D6D0000, -0x005E5E5E5E5E0000, 0x00FBFBFBFBFB0000, 0x0069696969690000, 0x00B2B2B2B2B20000, -0x00F0F0F0F0F00000, 0x0031313131310000, 0x000C0C0C0C0C0000, 0x00D4D4D4D4D40000, -0x00CFCFCFCFCF0000, 0x008C8C8C8C8C0000, 0x00E2E2E2E2E20000, 0x0075757575750000, -0x00A9A9A9A9A90000, 0x004A4A4A4A4A0000, 0x0057575757570000, 0x0084848484840000, -0x0011111111110000, 0x0045454545450000, 0x001B1B1B1B1B0000, 0x00F5F5F5F5F50000, -0x00E4E4E4E4E40000, 0x000E0E0E0E0E0000, 0x0073737373730000, 0x00AAAAAAAAAA0000, -0x00F1F1F1F1F10000, 0x00DDDDDDDDDD0000, 0x0059595959590000, 0x0014141414140000, -0x006C6C6C6C6C0000, 0x0092929292920000, 0x0054545454540000, 0x00D0D0D0D0D00000, -0x0078787878780000, 0x0070707070700000, 0x00E3E3E3E3E30000, 0x0049494949490000, -0x0080808080800000, 0x0050505050500000, 0x00A7A7A7A7A70000, 0x00F6F6F6F6F60000, -0x0077777777770000, 0x0093939393930000, 0x0086868686860000, 0x0083838383830000, -0x002A2A2A2A2A0000, 0x00C7C7C7C7C70000, 0x005B5B5B5B5B0000, 0x00E9E9E9E9E90000, -0x00EEEEEEEEEE0000, 0x008F8F8F8F8F0000, 0x0001010101010000, 0x003D3D3D3D3D0000 }; - -const u64bit Camellia_SBOX3[256] = { -0x3800383800383800, 0x4100414100414100, 0x1600161600161600, 0x7600767600767600, -0xD900D9D900D9D900, 0x9300939300939300, 0x6000606000606000, 0xF200F2F200F2F200, -0x7200727200727200, 0xC200C2C200C2C200, 0xAB00ABAB00ABAB00, 0x9A009A9A009A9A00, -0x7500757500757500, 0x0600060600060600, 0x5700575700575700, 0xA000A0A000A0A000, -0x9100919100919100, 0xF700F7F700F7F700, 0xB500B5B500B5B500, 0xC900C9C900C9C900, -0xA200A2A200A2A200, 0x8C008C8C008C8C00, 0xD200D2D200D2D200, 0x9000909000909000, -0xF600F6F600F6F600, 0x0700070700070700, 0xA700A7A700A7A700, 0x2700272700272700, -0x8E008E8E008E8E00, 0xB200B2B200B2B200, 0x4900494900494900, 0xDE00DEDE00DEDE00, -0x4300434300434300, 0x5C005C5C005C5C00, 0xD700D7D700D7D700, 0xC700C7C700C7C700, -0x3E003E3E003E3E00, 0xF500F5F500F5F500, 0x8F008F8F008F8F00, 0x6700676700676700, -0x1F001F1F001F1F00, 0x1800181800181800, 0x6E006E6E006E6E00, 0xAF00AFAF00AFAF00, -0x2F002F2F002F2F00, 0xE200E2E200E2E200, 0x8500858500858500, 0x0D000D0D000D0D00, -0x5300535300535300, 0xF000F0F000F0F000, 0x9C009C9C009C9C00, 0x6500656500656500, -0xEA00EAEA00EAEA00, 0xA300A3A300A3A300, 0xAE00AEAE00AEAE00, 0x9E009E9E009E9E00, -0xEC00ECEC00ECEC00, 0x8000808000808000, 0x2D002D2D002D2D00, 0x6B006B6B006B6B00, -0xA800A8A800A8A800, 0x2B002B2B002B2B00, 0x3600363600363600, 0xA600A6A600A6A600, -0xC500C5C500C5C500, 0x8600868600868600, 0x4D004D4D004D4D00, 0x3300333300333300, -0xFD00FDFD00FDFD00, 0x6600666600666600, 0x5800585800585800, 0x9600969600969600, -0x3A003A3A003A3A00, 0x0900090900090900, 0x9500959500959500, 0x1000101000101000, -0x7800787800787800, 0xD800D8D800D8D800, 0x4200424200424200, 0xCC00CCCC00CCCC00, -0xEF00EFEF00EFEF00, 0x2600262600262600, 0xE500E5E500E5E500, 0x6100616100616100, -0x1A001A1A001A1A00, 0x3F003F3F003F3F00, 0x3B003B3B003B3B00, 0x8200828200828200, -0xB600B6B600B6B600, 0xDB00DBDB00DBDB00, 0xD400D4D400D4D400, 0x9800989800989800, -0xE800E8E800E8E800, 0x8B008B8B008B8B00, 0x0200020200020200, 0xEB00EBEB00EBEB00, -0x0A000A0A000A0A00, 0x2C002C2C002C2C00, 0x1D001D1D001D1D00, 0xB000B0B000B0B000, -0x6F006F6F006F6F00, 0x8D008D8D008D8D00, 0x8800888800888800, 0x0E000E0E000E0E00, -0x1900191900191900, 0x8700878700878700, 0x4E004E4E004E4E00, 0x0B000B0B000B0B00, -0xA900A9A900A9A900, 0x0C000C0C000C0C00, 0x7900797900797900, 0x1100111100111100, -0x7F007F7F007F7F00, 0x2200222200222200, 0xE700E7E700E7E700, 0x5900595900595900, -0xE100E1E100E1E100, 0xDA00DADA00DADA00, 0x3D003D3D003D3D00, 0xC800C8C800C8C800, -0x1200121200121200, 0x0400040400040400, 0x7400747400747400, 0x5400545400545400, -0x3000303000303000, 0x7E007E7E007E7E00, 0xB400B4B400B4B400, 0x2800282800282800, -0x5500555500555500, 0x6800686800686800, 0x5000505000505000, 0xBE00BEBE00BEBE00, -0xD000D0D000D0D000, 0xC400C4C400C4C400, 0x3100313100313100, 0xCB00CBCB00CBCB00, -0x2A002A2A002A2A00, 0xAD00ADAD00ADAD00, 0x0F000F0F000F0F00, 0xCA00CACA00CACA00, -0x7000707000707000, 0xFF00FFFF00FFFF00, 0x3200323200323200, 0x6900696900696900, -0x0800080800080800, 0x6200626200626200, 0x0000000000000000, 0x2400242400242400, -0xD100D1D100D1D100, 0xFB00FBFB00FBFB00, 0xBA00BABA00BABA00, 0xED00EDED00EDED00, -0x4500454500454500, 0x8100818100818100, 0x7300737300737300, 0x6D006D6D006D6D00, -0x8400848400848400, 0x9F009F9F009F9F00, 0xEE00EEEE00EEEE00, 0x4A004A4A004A4A00, -0xC300C3C300C3C300, 0x2E002E2E002E2E00, 0xC100C1C100C1C100, 0x0100010100010100, -0xE600E6E600E6E600, 0x2500252500252500, 0x4800484800484800, 0x9900999900999900, -0xB900B9B900B9B900, 0xB300B3B300B3B300, 0x7B007B7B007B7B00, 0xF900F9F900F9F900, -0xCE00CECE00CECE00, 0xBF00BFBF00BFBF00, 0xDF00DFDF00DFDF00, 0x7100717100717100, -0x2900292900292900, 0xCD00CDCD00CDCD00, 0x6C006C6C006C6C00, 0x1300131300131300, -0x6400646400646400, 0x9B009B9B009B9B00, 0x6300636300636300, 0x9D009D9D009D9D00, -0xC000C0C000C0C000, 0x4B004B4B004B4B00, 0xB700B7B700B7B700, 0xA500A5A500A5A500, -0x8900898900898900, 0x5F005F5F005F5F00, 0xB100B1B100B1B100, 0x1700171700171700, -0xF400F4F400F4F400, 0xBC00BCBC00BCBC00, 0xD300D3D300D3D300, 0x4600464600464600, -0xCF00CFCF00CFCF00, 0x3700373700373700, 0x5E005E5E005E5E00, 0x4700474700474700, -0x9400949400949400, 0xFA00FAFA00FAFA00, 0xFC00FCFC00FCFC00, 0x5B005B5B005B5B00, -0x9700979700979700, 0xFE00FEFE00FEFE00, 0x5A005A5A005A5A00, 0xAC00ACAC00ACAC00, -0x3C003C3C003C3C00, 0x4C004C4C004C4C00, 0x0300030300030300, 0x3500353500353500, -0xF300F3F300F3F300, 0x2300232300232300, 0xB800B8B800B8B800, 0x5D005D5D005D5D00, -0x6A006A6A006A6A00, 0x9200929200929200, 0xD500D5D500D5D500, 0x2100212100212100, -0x4400444400444400, 0x5100515100515100, 0xC600C6C600C6C600, 0x7D007D7D007D7D00, -0x3900393900393900, 0x8300838300838300, 0xDC00DCDC00DCDC00, 0xAA00AAAA00AAAA00, -0x7C007C7C007C7C00, 0x7700777700777700, 0x5600565600565600, 0x0500050500050500, -0x1B001B1B001B1B00, 0xA400A4A400A4A400, 0x1500151500151500, 0x3400343400343400, -0x1E001E1E001E1E00, 0x1C001C1C001C1C00, 0xF800F8F800F8F800, 0x5200525200525200, -0x2000202000202000, 0x1400141400141400, 0xE900E9E900E9E900, 0xBD00BDBD00BDBD00, -0xDD00DDDD00DDDD00, 0xE400E4E400E4E400, 0xA100A1A100A1A100, 0xE000E0E000E0E000, -0x8A008A8A008A8A00, 0xF100F1F100F1F100, 0xD600D6D600D6D600, 0x7A007A7A007A7A00, -0xBB00BBBB00BBBB00, 0xE300E3E300E3E300, 0x4000404000404000, 0x4F004F4F004F4F00 }; - -const u64bit Camellia_SBOX4[256] = { -0x7070007000007070, 0x2C2C002C00002C2C, 0xB3B300B30000B3B3, 0xC0C000C00000C0C0, -0xE4E400E40000E4E4, 0x5757005700005757, 0xEAEA00EA0000EAEA, 0xAEAE00AE0000AEAE, -0x2323002300002323, 0x6B6B006B00006B6B, 0x4545004500004545, 0xA5A500A50000A5A5, -0xEDED00ED0000EDED, 0x4F4F004F00004F4F, 0x1D1D001D00001D1D, 0x9292009200009292, -0x8686008600008686, 0xAFAF00AF0000AFAF, 0x7C7C007C00007C7C, 0x1F1F001F00001F1F, -0x3E3E003E00003E3E, 0xDCDC00DC0000DCDC, 0x5E5E005E00005E5E, 0x0B0B000B00000B0B, -0xA6A600A60000A6A6, 0x3939003900003939, 0xD5D500D50000D5D5, 0x5D5D005D00005D5D, -0xD9D900D90000D9D9, 0x5A5A005A00005A5A, 0x5151005100005151, 0x6C6C006C00006C6C, -0x8B8B008B00008B8B, 0x9A9A009A00009A9A, 0xFBFB00FB0000FBFB, 0xB0B000B00000B0B0, -0x7474007400007474, 0x2B2B002B00002B2B, 0xF0F000F00000F0F0, 0x8484008400008484, -0xDFDF00DF0000DFDF, 0xCBCB00CB0000CBCB, 0x3434003400003434, 0x7676007600007676, -0x6D6D006D00006D6D, 0xA9A900A90000A9A9, 0xD1D100D10000D1D1, 0x0404000400000404, -0x1414001400001414, 0x3A3A003A00003A3A, 0xDEDE00DE0000DEDE, 0x1111001100001111, -0x3232003200003232, 0x9C9C009C00009C9C, 0x5353005300005353, 0xF2F200F20000F2F2, -0xFEFE00FE0000FEFE, 0xCFCF00CF0000CFCF, 0xC3C300C30000C3C3, 0x7A7A007A00007A7A, -0x2424002400002424, 0xE8E800E80000E8E8, 0x6060006000006060, 0x6969006900006969, -0xAAAA00AA0000AAAA, 0xA0A000A00000A0A0, 0xA1A100A10000A1A1, 0x6262006200006262, -0x5454005400005454, 0x1E1E001E00001E1E, 0xE0E000E00000E0E0, 0x6464006400006464, -0x1010001000001010, 0x0000000000000000, 0xA3A300A30000A3A3, 0x7575007500007575, -0x8A8A008A00008A8A, 0xE6E600E60000E6E6, 0x0909000900000909, 0xDDDD00DD0000DDDD, -0x8787008700008787, 0x8383008300008383, 0xCDCD00CD0000CDCD, 0x9090009000009090, -0x7373007300007373, 0xF6F600F60000F6F6, 0x9D9D009D00009D9D, 0xBFBF00BF0000BFBF, -0x5252005200005252, 0xD8D800D80000D8D8, 0xC8C800C80000C8C8, 0xC6C600C60000C6C6, -0x8181008100008181, 0x6F6F006F00006F6F, 0x1313001300001313, 0x6363006300006363, -0xE9E900E90000E9E9, 0xA7A700A70000A7A7, 0x9F9F009F00009F9F, 0xBCBC00BC0000BCBC, -0x2929002900002929, 0xF9F900F90000F9F9, 0x2F2F002F00002F2F, 0xB4B400B40000B4B4, -0x7878007800007878, 0x0606000600000606, 0xE7E700E70000E7E7, 0x7171007100007171, -0xD4D400D40000D4D4, 0xABAB00AB0000ABAB, 0x8888008800008888, 0x8D8D008D00008D8D, -0x7272007200007272, 0xB9B900B90000B9B9, 0xF8F800F80000F8F8, 0xACAC00AC0000ACAC, -0x3636003600003636, 0x2A2A002A00002A2A, 0x3C3C003C00003C3C, 0xF1F100F10000F1F1, -0x4040004000004040, 0xD3D300D30000D3D3, 0xBBBB00BB0000BBBB, 0x4343004300004343, -0x1515001500001515, 0xADAD00AD0000ADAD, 0x7777007700007777, 0x8080008000008080, -0x8282008200008282, 0xECEC00EC0000ECEC, 0x2727002700002727, 0xE5E500E50000E5E5, -0x8585008500008585, 0x3535003500003535, 0x0C0C000C00000C0C, 0x4141004100004141, -0xEFEF00EF0000EFEF, 0x9393009300009393, 0x1919001900001919, 0x2121002100002121, -0x0E0E000E00000E0E, 0x4E4E004E00004E4E, 0x6565006500006565, 0xBDBD00BD0000BDBD, -0xB8B800B80000B8B8, 0x8F8F008F00008F8F, 0xEBEB00EB0000EBEB, 0xCECE00CE0000CECE, -0x3030003000003030, 0x5F5F005F00005F5F, 0xC5C500C50000C5C5, 0x1A1A001A00001A1A, -0xE1E100E10000E1E1, 0xCACA00CA0000CACA, 0x4747004700004747, 0x3D3D003D00003D3D, -0x0101000100000101, 0xD6D600D60000D6D6, 0x5656005600005656, 0x4D4D004D00004D4D, -0x0D0D000D00000D0D, 0x6666006600006666, 0xCCCC00CC0000CCCC, 0x2D2D002D00002D2D, -0x1212001200001212, 0x2020002000002020, 0xB1B100B10000B1B1, 0x9999009900009999, -0x4C4C004C00004C4C, 0xC2C200C20000C2C2, 0x7E7E007E00007E7E, 0x0505000500000505, -0xB7B700B70000B7B7, 0x3131003100003131, 0x1717001700001717, 0xD7D700D70000D7D7, -0x5858005800005858, 0x6161006100006161, 0x1B1B001B00001B1B, 0x1C1C001C00001C1C, -0x0F0F000F00000F0F, 0x1616001600001616, 0x1818001800001818, 0x2222002200002222, -0x4444004400004444, 0xB2B200B20000B2B2, 0xB5B500B50000B5B5, 0x9191009100009191, -0x0808000800000808, 0xA8A800A80000A8A8, 0xFCFC00FC0000FCFC, 0x5050005000005050, -0xD0D000D00000D0D0, 0x7D7D007D00007D7D, 0x8989008900008989, 0x9797009700009797, -0x5B5B005B00005B5B, 0x9595009500009595, 0xFFFF00FF0000FFFF, 0xD2D200D20000D2D2, -0xC4C400C40000C4C4, 0x4848004800004848, 0xF7F700F70000F7F7, 0xDBDB00DB0000DBDB, -0x0303000300000303, 0xDADA00DA0000DADA, 0x3F3F003F00003F3F, 0x9494009400009494, -0x5C5C005C00005C5C, 0x0202000200000202, 0x4A4A004A00004A4A, 0x3333003300003333, -0x6767006700006767, 0xF3F300F30000F3F3, 0x7F7F007F00007F7F, 0xE2E200E20000E2E2, -0x9B9B009B00009B9B, 0x2626002600002626, 0x3737003700003737, 0x3B3B003B00003B3B, -0x9696009600009696, 0x4B4B004B00004B4B, 0xBEBE00BE0000BEBE, 0x2E2E002E00002E2E, -0x7979007900007979, 0x8C8C008C00008C8C, 0x6E6E006E00006E6E, 0x8E8E008E00008E8E, -0xF5F500F50000F5F5, 0xB6B600B60000B6B6, 0xFDFD00FD0000FDFD, 0x5959005900005959, -0x9898009800009898, 0x6A6A006A00006A6A, 0x4646004600004646, 0xBABA00BA0000BABA, -0x2525002500002525, 0x4242004200004242, 0xA2A200A20000A2A2, 0xFAFA00FA0000FAFA, -0x0707000700000707, 0x5555005500005555, 0xEEEE00EE0000EEEE, 0x0A0A000A00000A0A, -0x4949004900004949, 0x6868006800006868, 0x3838003800003838, 0xA4A400A40000A4A4, -0x2828002800002828, 0x7B7B007B00007B7B, 0xC9C900C90000C9C9, 0xC1C100C10000C1C1, -0xE3E300E30000E3E3, 0xF4F400F40000F4F4, 0xC7C700C70000C7C7, 0x9E9E009E00009E9E }; - -const u64bit Camellia_SBOX5[256] = { -0x00E0E0E000E0E0E0, 0x0005050500050505, 0x0058585800585858, 0x00D9D9D900D9D9D9, -0x0067676700676767, 0x004E4E4E004E4E4E, 0x0081818100818181, 0x00CBCBCB00CBCBCB, -0x00C9C9C900C9C9C9, 0x000B0B0B000B0B0B, 0x00AEAEAE00AEAEAE, 0x006A6A6A006A6A6A, -0x00D5D5D500D5D5D5, 0x0018181800181818, 0x005D5D5D005D5D5D, 0x0082828200828282, -0x0046464600464646, 0x00DFDFDF00DFDFDF, 0x00D6D6D600D6D6D6, 0x0027272700272727, -0x008A8A8A008A8A8A, 0x0032323200323232, 0x004B4B4B004B4B4B, 0x0042424200424242, -0x00DBDBDB00DBDBDB, 0x001C1C1C001C1C1C, 0x009E9E9E009E9E9E, 0x009C9C9C009C9C9C, -0x003A3A3A003A3A3A, 0x00CACACA00CACACA, 0x0025252500252525, 0x007B7B7B007B7B7B, -0x000D0D0D000D0D0D, 0x0071717100717171, 0x005F5F5F005F5F5F, 0x001F1F1F001F1F1F, -0x00F8F8F800F8F8F8, 0x00D7D7D700D7D7D7, 0x003E3E3E003E3E3E, 0x009D9D9D009D9D9D, -0x007C7C7C007C7C7C, 0x0060606000606060, 0x00B9B9B900B9B9B9, 0x00BEBEBE00BEBEBE, -0x00BCBCBC00BCBCBC, 0x008B8B8B008B8B8B, 0x0016161600161616, 0x0034343400343434, -0x004D4D4D004D4D4D, 0x00C3C3C300C3C3C3, 0x0072727200727272, 0x0095959500959595, -0x00ABABAB00ABABAB, 0x008E8E8E008E8E8E, 0x00BABABA00BABABA, 0x007A7A7A007A7A7A, -0x00B3B3B300B3B3B3, 0x0002020200020202, 0x00B4B4B400B4B4B4, 0x00ADADAD00ADADAD, -0x00A2A2A200A2A2A2, 0x00ACACAC00ACACAC, 0x00D8D8D800D8D8D8, 0x009A9A9A009A9A9A, -0x0017171700171717, 0x001A1A1A001A1A1A, 0x0035353500353535, 0x00CCCCCC00CCCCCC, -0x00F7F7F700F7F7F7, 0x0099999900999999, 0x0061616100616161, 0x005A5A5A005A5A5A, -0x00E8E8E800E8E8E8, 0x0024242400242424, 0x0056565600565656, 0x0040404000404040, -0x00E1E1E100E1E1E1, 0x0063636300636363, 0x0009090900090909, 0x0033333300333333, -0x00BFBFBF00BFBFBF, 0x0098989800989898, 0x0097979700979797, 0x0085858500858585, -0x0068686800686868, 0x00FCFCFC00FCFCFC, 0x00ECECEC00ECECEC, 0x000A0A0A000A0A0A, -0x00DADADA00DADADA, 0x006F6F6F006F6F6F, 0x0053535300535353, 0x0062626200626262, -0x00A3A3A300A3A3A3, 0x002E2E2E002E2E2E, 0x0008080800080808, 0x00AFAFAF00AFAFAF, -0x0028282800282828, 0x00B0B0B000B0B0B0, 0x0074747400747474, 0x00C2C2C200C2C2C2, -0x00BDBDBD00BDBDBD, 0x0036363600363636, 0x0022222200222222, 0x0038383800383838, -0x0064646400646464, 0x001E1E1E001E1E1E, 0x0039393900393939, 0x002C2C2C002C2C2C, -0x00A6A6A600A6A6A6, 0x0030303000303030, 0x00E5E5E500E5E5E5, 0x0044444400444444, -0x00FDFDFD00FDFDFD, 0x0088888800888888, 0x009F9F9F009F9F9F, 0x0065656500656565, -0x0087878700878787, 0x006B6B6B006B6B6B, 0x00F4F4F400F4F4F4, 0x0023232300232323, -0x0048484800484848, 0x0010101000101010, 0x00D1D1D100D1D1D1, 0x0051515100515151, -0x00C0C0C000C0C0C0, 0x00F9F9F900F9F9F9, 0x00D2D2D200D2D2D2, 0x00A0A0A000A0A0A0, -0x0055555500555555, 0x00A1A1A100A1A1A1, 0x0041414100414141, 0x00FAFAFA00FAFAFA, -0x0043434300434343, 0x0013131300131313, 0x00C4C4C400C4C4C4, 0x002F2F2F002F2F2F, -0x00A8A8A800A8A8A8, 0x00B6B6B600B6B6B6, 0x003C3C3C003C3C3C, 0x002B2B2B002B2B2B, -0x00C1C1C100C1C1C1, 0x00FFFFFF00FFFFFF, 0x00C8C8C800C8C8C8, 0x00A5A5A500A5A5A5, -0x0020202000202020, 0x0089898900898989, 0x0000000000000000, 0x0090909000909090, -0x0047474700474747, 0x00EFEFEF00EFEFEF, 0x00EAEAEA00EAEAEA, 0x00B7B7B700B7B7B7, -0x0015151500151515, 0x0006060600060606, 0x00CDCDCD00CDCDCD, 0x00B5B5B500B5B5B5, -0x0012121200121212, 0x007E7E7E007E7E7E, 0x00BBBBBB00BBBBBB, 0x0029292900292929, -0x000F0F0F000F0F0F, 0x00B8B8B800B8B8B8, 0x0007070700070707, 0x0004040400040404, -0x009B9B9B009B9B9B, 0x0094949400949494, 0x0021212100212121, 0x0066666600666666, -0x00E6E6E600E6E6E6, 0x00CECECE00CECECE, 0x00EDEDED00EDEDED, 0x00E7E7E700E7E7E7, -0x003B3B3B003B3B3B, 0x00FEFEFE00FEFEFE, 0x007F7F7F007F7F7F, 0x00C5C5C500C5C5C5, -0x00A4A4A400A4A4A4, 0x0037373700373737, 0x00B1B1B100B1B1B1, 0x004C4C4C004C4C4C, -0x0091919100919191, 0x006E6E6E006E6E6E, 0x008D8D8D008D8D8D, 0x0076767600767676, -0x0003030300030303, 0x002D2D2D002D2D2D, 0x00DEDEDE00DEDEDE, 0x0096969600969696, -0x0026262600262626, 0x007D7D7D007D7D7D, 0x00C6C6C600C6C6C6, 0x005C5C5C005C5C5C, -0x00D3D3D300D3D3D3, 0x00F2F2F200F2F2F2, 0x004F4F4F004F4F4F, 0x0019191900191919, -0x003F3F3F003F3F3F, 0x00DCDCDC00DCDCDC, 0x0079797900797979, 0x001D1D1D001D1D1D, -0x0052525200525252, 0x00EBEBEB00EBEBEB, 0x00F3F3F300F3F3F3, 0x006D6D6D006D6D6D, -0x005E5E5E005E5E5E, 0x00FBFBFB00FBFBFB, 0x0069696900696969, 0x00B2B2B200B2B2B2, -0x00F0F0F000F0F0F0, 0x0031313100313131, 0x000C0C0C000C0C0C, 0x00D4D4D400D4D4D4, -0x00CFCFCF00CFCFCF, 0x008C8C8C008C8C8C, 0x00E2E2E200E2E2E2, 0x0075757500757575, -0x00A9A9A900A9A9A9, 0x004A4A4A004A4A4A, 0x0057575700575757, 0x0084848400848484, -0x0011111100111111, 0x0045454500454545, 0x001B1B1B001B1B1B, 0x00F5F5F500F5F5F5, -0x00E4E4E400E4E4E4, 0x000E0E0E000E0E0E, 0x0073737300737373, 0x00AAAAAA00AAAAAA, -0x00F1F1F100F1F1F1, 0x00DDDDDD00DDDDDD, 0x0059595900595959, 0x0014141400141414, -0x006C6C6C006C6C6C, 0x0092929200929292, 0x0054545400545454, 0x00D0D0D000D0D0D0, -0x0078787800787878, 0x0070707000707070, 0x00E3E3E300E3E3E3, 0x0049494900494949, -0x0080808000808080, 0x0050505000505050, 0x00A7A7A700A7A7A7, 0x00F6F6F600F6F6F6, -0x0077777700777777, 0x0093939300939393, 0x0086868600868686, 0x0083838300838383, -0x002A2A2A002A2A2A, 0x00C7C7C700C7C7C7, 0x005B5B5B005B5B5B, 0x00E9E9E900E9E9E9, -0x00EEEEEE00EEEEEE, 0x008F8F8F008F8F8F, 0x0001010100010101, 0x003D3D3D003D3D3D }; - -const u64bit Camellia_SBOX6[256] = { -0x3800383838003838, 0x4100414141004141, 0x1600161616001616, 0x7600767676007676, -0xD900D9D9D900D9D9, 0x9300939393009393, 0x6000606060006060, 0xF200F2F2F200F2F2, -0x7200727272007272, 0xC200C2C2C200C2C2, 0xAB00ABABAB00ABAB, 0x9A009A9A9A009A9A, -0x7500757575007575, 0x0600060606000606, 0x5700575757005757, 0xA000A0A0A000A0A0, -0x9100919191009191, 0xF700F7F7F700F7F7, 0xB500B5B5B500B5B5, 0xC900C9C9C900C9C9, -0xA200A2A2A200A2A2, 0x8C008C8C8C008C8C, 0xD200D2D2D200D2D2, 0x9000909090009090, -0xF600F6F6F600F6F6, 0x0700070707000707, 0xA700A7A7A700A7A7, 0x2700272727002727, -0x8E008E8E8E008E8E, 0xB200B2B2B200B2B2, 0x4900494949004949, 0xDE00DEDEDE00DEDE, -0x4300434343004343, 0x5C005C5C5C005C5C, 0xD700D7D7D700D7D7, 0xC700C7C7C700C7C7, -0x3E003E3E3E003E3E, 0xF500F5F5F500F5F5, 0x8F008F8F8F008F8F, 0x6700676767006767, -0x1F001F1F1F001F1F, 0x1800181818001818, 0x6E006E6E6E006E6E, 0xAF00AFAFAF00AFAF, -0x2F002F2F2F002F2F, 0xE200E2E2E200E2E2, 0x8500858585008585, 0x0D000D0D0D000D0D, -0x5300535353005353, 0xF000F0F0F000F0F0, 0x9C009C9C9C009C9C, 0x6500656565006565, -0xEA00EAEAEA00EAEA, 0xA300A3A3A300A3A3, 0xAE00AEAEAE00AEAE, 0x9E009E9E9E009E9E, -0xEC00ECECEC00ECEC, 0x8000808080008080, 0x2D002D2D2D002D2D, 0x6B006B6B6B006B6B, -0xA800A8A8A800A8A8, 0x2B002B2B2B002B2B, 0x3600363636003636, 0xA600A6A6A600A6A6, -0xC500C5C5C500C5C5, 0x8600868686008686, 0x4D004D4D4D004D4D, 0x3300333333003333, -0xFD00FDFDFD00FDFD, 0x6600666666006666, 0x5800585858005858, 0x9600969696009696, -0x3A003A3A3A003A3A, 0x0900090909000909, 0x9500959595009595, 0x1000101010001010, -0x7800787878007878, 0xD800D8D8D800D8D8, 0x4200424242004242, 0xCC00CCCCCC00CCCC, -0xEF00EFEFEF00EFEF, 0x2600262626002626, 0xE500E5E5E500E5E5, 0x6100616161006161, -0x1A001A1A1A001A1A, 0x3F003F3F3F003F3F, 0x3B003B3B3B003B3B, 0x8200828282008282, -0xB600B6B6B600B6B6, 0xDB00DBDBDB00DBDB, 0xD400D4D4D400D4D4, 0x9800989898009898, -0xE800E8E8E800E8E8, 0x8B008B8B8B008B8B, 0x0200020202000202, 0xEB00EBEBEB00EBEB, -0x0A000A0A0A000A0A, 0x2C002C2C2C002C2C, 0x1D001D1D1D001D1D, 0xB000B0B0B000B0B0, -0x6F006F6F6F006F6F, 0x8D008D8D8D008D8D, 0x8800888888008888, 0x0E000E0E0E000E0E, -0x1900191919001919, 0x8700878787008787, 0x4E004E4E4E004E4E, 0x0B000B0B0B000B0B, -0xA900A9A9A900A9A9, 0x0C000C0C0C000C0C, 0x7900797979007979, 0x1100111111001111, -0x7F007F7F7F007F7F, 0x2200222222002222, 0xE700E7E7E700E7E7, 0x5900595959005959, -0xE100E1E1E100E1E1, 0xDA00DADADA00DADA, 0x3D003D3D3D003D3D, 0xC800C8C8C800C8C8, -0x1200121212001212, 0x0400040404000404, 0x7400747474007474, 0x5400545454005454, -0x3000303030003030, 0x7E007E7E7E007E7E, 0xB400B4B4B400B4B4, 0x2800282828002828, -0x5500555555005555, 0x6800686868006868, 0x5000505050005050, 0xBE00BEBEBE00BEBE, -0xD000D0D0D000D0D0, 0xC400C4C4C400C4C4, 0x3100313131003131, 0xCB00CBCBCB00CBCB, -0x2A002A2A2A002A2A, 0xAD00ADADAD00ADAD, 0x0F000F0F0F000F0F, 0xCA00CACACA00CACA, -0x7000707070007070, 0xFF00FFFFFF00FFFF, 0x3200323232003232, 0x6900696969006969, -0x0800080808000808, 0x6200626262006262, 0x0000000000000000, 0x2400242424002424, -0xD100D1D1D100D1D1, 0xFB00FBFBFB00FBFB, 0xBA00BABABA00BABA, 0xED00EDEDED00EDED, -0x4500454545004545, 0x8100818181008181, 0x7300737373007373, 0x6D006D6D6D006D6D, -0x8400848484008484, 0x9F009F9F9F009F9F, 0xEE00EEEEEE00EEEE, 0x4A004A4A4A004A4A, -0xC300C3C3C300C3C3, 0x2E002E2E2E002E2E, 0xC100C1C1C100C1C1, 0x0100010101000101, -0xE600E6E6E600E6E6, 0x2500252525002525, 0x4800484848004848, 0x9900999999009999, -0xB900B9B9B900B9B9, 0xB300B3B3B300B3B3, 0x7B007B7B7B007B7B, 0xF900F9F9F900F9F9, -0xCE00CECECE00CECE, 0xBF00BFBFBF00BFBF, 0xDF00DFDFDF00DFDF, 0x7100717171007171, -0x2900292929002929, 0xCD00CDCDCD00CDCD, 0x6C006C6C6C006C6C, 0x1300131313001313, -0x6400646464006464, 0x9B009B9B9B009B9B, 0x6300636363006363, 0x9D009D9D9D009D9D, -0xC000C0C0C000C0C0, 0x4B004B4B4B004B4B, 0xB700B7B7B700B7B7, 0xA500A5A5A500A5A5, -0x8900898989008989, 0x5F005F5F5F005F5F, 0xB100B1B1B100B1B1, 0x1700171717001717, -0xF400F4F4F400F4F4, 0xBC00BCBCBC00BCBC, 0xD300D3D3D300D3D3, 0x4600464646004646, -0xCF00CFCFCF00CFCF, 0x3700373737003737, 0x5E005E5E5E005E5E, 0x4700474747004747, -0x9400949494009494, 0xFA00FAFAFA00FAFA, 0xFC00FCFCFC00FCFC, 0x5B005B5B5B005B5B, -0x9700979797009797, 0xFE00FEFEFE00FEFE, 0x5A005A5A5A005A5A, 0xAC00ACACAC00ACAC, -0x3C003C3C3C003C3C, 0x4C004C4C4C004C4C, 0x0300030303000303, 0x3500353535003535, -0xF300F3F3F300F3F3, 0x2300232323002323, 0xB800B8B8B800B8B8, 0x5D005D5D5D005D5D, -0x6A006A6A6A006A6A, 0x9200929292009292, 0xD500D5D5D500D5D5, 0x2100212121002121, -0x4400444444004444, 0x5100515151005151, 0xC600C6C6C600C6C6, 0x7D007D7D7D007D7D, -0x3900393939003939, 0x8300838383008383, 0xDC00DCDCDC00DCDC, 0xAA00AAAAAA00AAAA, -0x7C007C7C7C007C7C, 0x7700777777007777, 0x5600565656005656, 0x0500050505000505, -0x1B001B1B1B001B1B, 0xA400A4A4A400A4A4, 0x1500151515001515, 0x3400343434003434, -0x1E001E1E1E001E1E, 0x1C001C1C1C001C1C, 0xF800F8F8F800F8F8, 0x5200525252005252, -0x2000202020002020, 0x1400141414001414, 0xE900E9E9E900E9E9, 0xBD00BDBDBD00BDBD, -0xDD00DDDDDD00DDDD, 0xE400E4E4E400E4E4, 0xA100A1A1A100A1A1, 0xE000E0E0E000E0E0, -0x8A008A8A8A008A8A, 0xF100F1F1F100F1F1, 0xD600D6D6D600D6D6, 0x7A007A7A7A007A7A, -0xBB00BBBBBB00BBBB, 0xE300E3E3E300E3E3, 0x4000404040004040, 0x4F004F4F4F004F4F }; - -const u64bit Camellia_SBOX7[256] = { -0x7070007070700070, 0x2C2C002C2C2C002C, 0xB3B300B3B3B300B3, 0xC0C000C0C0C000C0, -0xE4E400E4E4E400E4, 0x5757005757570057, 0xEAEA00EAEAEA00EA, 0xAEAE00AEAEAE00AE, -0x2323002323230023, 0x6B6B006B6B6B006B, 0x4545004545450045, 0xA5A500A5A5A500A5, -0xEDED00EDEDED00ED, 0x4F4F004F4F4F004F, 0x1D1D001D1D1D001D, 0x9292009292920092, -0x8686008686860086, 0xAFAF00AFAFAF00AF, 0x7C7C007C7C7C007C, 0x1F1F001F1F1F001F, -0x3E3E003E3E3E003E, 0xDCDC00DCDCDC00DC, 0x5E5E005E5E5E005E, 0x0B0B000B0B0B000B, -0xA6A600A6A6A600A6, 0x3939003939390039, 0xD5D500D5D5D500D5, 0x5D5D005D5D5D005D, -0xD9D900D9D9D900D9, 0x5A5A005A5A5A005A, 0x5151005151510051, 0x6C6C006C6C6C006C, -0x8B8B008B8B8B008B, 0x9A9A009A9A9A009A, 0xFBFB00FBFBFB00FB, 0xB0B000B0B0B000B0, -0x7474007474740074, 0x2B2B002B2B2B002B, 0xF0F000F0F0F000F0, 0x8484008484840084, -0xDFDF00DFDFDF00DF, 0xCBCB00CBCBCB00CB, 0x3434003434340034, 0x7676007676760076, -0x6D6D006D6D6D006D, 0xA9A900A9A9A900A9, 0xD1D100D1D1D100D1, 0x0404000404040004, -0x1414001414140014, 0x3A3A003A3A3A003A, 0xDEDE00DEDEDE00DE, 0x1111001111110011, -0x3232003232320032, 0x9C9C009C9C9C009C, 0x5353005353530053, 0xF2F200F2F2F200F2, -0xFEFE00FEFEFE00FE, 0xCFCF00CFCFCF00CF, 0xC3C300C3C3C300C3, 0x7A7A007A7A7A007A, -0x2424002424240024, 0xE8E800E8E8E800E8, 0x6060006060600060, 0x6969006969690069, -0xAAAA00AAAAAA00AA, 0xA0A000A0A0A000A0, 0xA1A100A1A1A100A1, 0x6262006262620062, -0x5454005454540054, 0x1E1E001E1E1E001E, 0xE0E000E0E0E000E0, 0x6464006464640064, -0x1010001010100010, 0x0000000000000000, 0xA3A300A3A3A300A3, 0x7575007575750075, -0x8A8A008A8A8A008A, 0xE6E600E6E6E600E6, 0x0909000909090009, 0xDDDD00DDDDDD00DD, -0x8787008787870087, 0x8383008383830083, 0xCDCD00CDCDCD00CD, 0x9090009090900090, -0x7373007373730073, 0xF6F600F6F6F600F6, 0x9D9D009D9D9D009D, 0xBFBF00BFBFBF00BF, -0x5252005252520052, 0xD8D800D8D8D800D8, 0xC8C800C8C8C800C8, 0xC6C600C6C6C600C6, -0x8181008181810081, 0x6F6F006F6F6F006F, 0x1313001313130013, 0x6363006363630063, -0xE9E900E9E9E900E9, 0xA7A700A7A7A700A7, 0x9F9F009F9F9F009F, 0xBCBC00BCBCBC00BC, -0x2929002929290029, 0xF9F900F9F9F900F9, 0x2F2F002F2F2F002F, 0xB4B400B4B4B400B4, -0x7878007878780078, 0x0606000606060006, 0xE7E700E7E7E700E7, 0x7171007171710071, -0xD4D400D4D4D400D4, 0xABAB00ABABAB00AB, 0x8888008888880088, 0x8D8D008D8D8D008D, -0x7272007272720072, 0xB9B900B9B9B900B9, 0xF8F800F8F8F800F8, 0xACAC00ACACAC00AC, -0x3636003636360036, 0x2A2A002A2A2A002A, 0x3C3C003C3C3C003C, 0xF1F100F1F1F100F1, -0x4040004040400040, 0xD3D300D3D3D300D3, 0xBBBB00BBBBBB00BB, 0x4343004343430043, -0x1515001515150015, 0xADAD00ADADAD00AD, 0x7777007777770077, 0x8080008080800080, -0x8282008282820082, 0xECEC00ECECEC00EC, 0x2727002727270027, 0xE5E500E5E5E500E5, -0x8585008585850085, 0x3535003535350035, 0x0C0C000C0C0C000C, 0x4141004141410041, -0xEFEF00EFEFEF00EF, 0x9393009393930093, 0x1919001919190019, 0x2121002121210021, -0x0E0E000E0E0E000E, 0x4E4E004E4E4E004E, 0x6565006565650065, 0xBDBD00BDBDBD00BD, -0xB8B800B8B8B800B8, 0x8F8F008F8F8F008F, 0xEBEB00EBEBEB00EB, 0xCECE00CECECE00CE, -0x3030003030300030, 0x5F5F005F5F5F005F, 0xC5C500C5C5C500C5, 0x1A1A001A1A1A001A, -0xE1E100E1E1E100E1, 0xCACA00CACACA00CA, 0x4747004747470047, 0x3D3D003D3D3D003D, -0x0101000101010001, 0xD6D600D6D6D600D6, 0x5656005656560056, 0x4D4D004D4D4D004D, -0x0D0D000D0D0D000D, 0x6666006666660066, 0xCCCC00CCCCCC00CC, 0x2D2D002D2D2D002D, -0x1212001212120012, 0x2020002020200020, 0xB1B100B1B1B100B1, 0x9999009999990099, -0x4C4C004C4C4C004C, 0xC2C200C2C2C200C2, 0x7E7E007E7E7E007E, 0x0505000505050005, -0xB7B700B7B7B700B7, 0x3131003131310031, 0x1717001717170017, 0xD7D700D7D7D700D7, -0x5858005858580058, 0x6161006161610061, 0x1B1B001B1B1B001B, 0x1C1C001C1C1C001C, -0x0F0F000F0F0F000F, 0x1616001616160016, 0x1818001818180018, 0x2222002222220022, -0x4444004444440044, 0xB2B200B2B2B200B2, 0xB5B500B5B5B500B5, 0x9191009191910091, -0x0808000808080008, 0xA8A800A8A8A800A8, 0xFCFC00FCFCFC00FC, 0x5050005050500050, -0xD0D000D0D0D000D0, 0x7D7D007D7D7D007D, 0x8989008989890089, 0x9797009797970097, -0x5B5B005B5B5B005B, 0x9595009595950095, 0xFFFF00FFFFFF00FF, 0xD2D200D2D2D200D2, -0xC4C400C4C4C400C4, 0x4848004848480048, 0xF7F700F7F7F700F7, 0xDBDB00DBDBDB00DB, -0x0303000303030003, 0xDADA00DADADA00DA, 0x3F3F003F3F3F003F, 0x9494009494940094, -0x5C5C005C5C5C005C, 0x0202000202020002, 0x4A4A004A4A4A004A, 0x3333003333330033, -0x6767006767670067, 0xF3F300F3F3F300F3, 0x7F7F007F7F7F007F, 0xE2E200E2E2E200E2, -0x9B9B009B9B9B009B, 0x2626002626260026, 0x3737003737370037, 0x3B3B003B3B3B003B, -0x9696009696960096, 0x4B4B004B4B4B004B, 0xBEBE00BEBEBE00BE, 0x2E2E002E2E2E002E, -0x7979007979790079, 0x8C8C008C8C8C008C, 0x6E6E006E6E6E006E, 0x8E8E008E8E8E008E, -0xF5F500F5F5F500F5, 0xB6B600B6B6B600B6, 0xFDFD00FDFDFD00FD, 0x5959005959590059, -0x9898009898980098, 0x6A6A006A6A6A006A, 0x4646004646460046, 0xBABA00BABABA00BA, -0x2525002525250025, 0x4242004242420042, 0xA2A200A2A2A200A2, 0xFAFA00FAFAFA00FA, -0x0707000707070007, 0x5555005555550055, 0xEEEE00EEEEEE00EE, 0x0A0A000A0A0A000A, -0x4949004949490049, 0x6868006868680068, 0x3838003838380038, 0xA4A400A4A4A400A4, -0x2828002828280028, 0x7B7B007B7B7B007B, 0xC9C900C9C9C900C9, 0xC1C100C1C1C100C1, -0xE3E300E3E3E300E3, 0xF4F400F4F4F400F4, 0xC7C700C7C7C700C7, 0x9E9E009E9E9E009E }; - -const u64bit Camellia_SBOX8[256] = { -0x7070700070707000, 0x8282820082828200, 0x2C2C2C002C2C2C00, 0xECECEC00ECECEC00, -0xB3B3B300B3B3B300, 0x2727270027272700, 0xC0C0C000C0C0C000, 0xE5E5E500E5E5E500, -0xE4E4E400E4E4E400, 0x8585850085858500, 0x5757570057575700, 0x3535350035353500, -0xEAEAEA00EAEAEA00, 0x0C0C0C000C0C0C00, 0xAEAEAE00AEAEAE00, 0x4141410041414100, -0x2323230023232300, 0xEFEFEF00EFEFEF00, 0x6B6B6B006B6B6B00, 0x9393930093939300, -0x4545450045454500, 0x1919190019191900, 0xA5A5A500A5A5A500, 0x2121210021212100, -0xEDEDED00EDEDED00, 0x0E0E0E000E0E0E00, 0x4F4F4F004F4F4F00, 0x4E4E4E004E4E4E00, -0x1D1D1D001D1D1D00, 0x6565650065656500, 0x9292920092929200, 0xBDBDBD00BDBDBD00, -0x8686860086868600, 0xB8B8B800B8B8B800, 0xAFAFAF00AFAFAF00, 0x8F8F8F008F8F8F00, -0x7C7C7C007C7C7C00, 0xEBEBEB00EBEBEB00, 0x1F1F1F001F1F1F00, 0xCECECE00CECECE00, -0x3E3E3E003E3E3E00, 0x3030300030303000, 0xDCDCDC00DCDCDC00, 0x5F5F5F005F5F5F00, -0x5E5E5E005E5E5E00, 0xC5C5C500C5C5C500, 0x0B0B0B000B0B0B00, 0x1A1A1A001A1A1A00, -0xA6A6A600A6A6A600, 0xE1E1E100E1E1E100, 0x3939390039393900, 0xCACACA00CACACA00, -0xD5D5D500D5D5D500, 0x4747470047474700, 0x5D5D5D005D5D5D00, 0x3D3D3D003D3D3D00, -0xD9D9D900D9D9D900, 0x0101010001010100, 0x5A5A5A005A5A5A00, 0xD6D6D600D6D6D600, -0x5151510051515100, 0x5656560056565600, 0x6C6C6C006C6C6C00, 0x4D4D4D004D4D4D00, -0x8B8B8B008B8B8B00, 0x0D0D0D000D0D0D00, 0x9A9A9A009A9A9A00, 0x6666660066666600, -0xFBFBFB00FBFBFB00, 0xCCCCCC00CCCCCC00, 0xB0B0B000B0B0B000, 0x2D2D2D002D2D2D00, -0x7474740074747400, 0x1212120012121200, 0x2B2B2B002B2B2B00, 0x2020200020202000, -0xF0F0F000F0F0F000, 0xB1B1B100B1B1B100, 0x8484840084848400, 0x9999990099999900, -0xDFDFDF00DFDFDF00, 0x4C4C4C004C4C4C00, 0xCBCBCB00CBCBCB00, 0xC2C2C200C2C2C200, -0x3434340034343400, 0x7E7E7E007E7E7E00, 0x7676760076767600, 0x0505050005050500, -0x6D6D6D006D6D6D00, 0xB7B7B700B7B7B700, 0xA9A9A900A9A9A900, 0x3131310031313100, -0xD1D1D100D1D1D100, 0x1717170017171700, 0x0404040004040400, 0xD7D7D700D7D7D700, -0x1414140014141400, 0x5858580058585800, 0x3A3A3A003A3A3A00, 0x6161610061616100, -0xDEDEDE00DEDEDE00, 0x1B1B1B001B1B1B00, 0x1111110011111100, 0x1C1C1C001C1C1C00, -0x3232320032323200, 0x0F0F0F000F0F0F00, 0x9C9C9C009C9C9C00, 0x1616160016161600, -0x5353530053535300, 0x1818180018181800, 0xF2F2F200F2F2F200, 0x2222220022222200, -0xFEFEFE00FEFEFE00, 0x4444440044444400, 0xCFCFCF00CFCFCF00, 0xB2B2B200B2B2B200, -0xC3C3C300C3C3C300, 0xB5B5B500B5B5B500, 0x7A7A7A007A7A7A00, 0x9191910091919100, -0x2424240024242400, 0x0808080008080800, 0xE8E8E800E8E8E800, 0xA8A8A800A8A8A800, -0x6060600060606000, 0xFCFCFC00FCFCFC00, 0x6969690069696900, 0x5050500050505000, -0xAAAAAA00AAAAAA00, 0xD0D0D000D0D0D000, 0xA0A0A000A0A0A000, 0x7D7D7D007D7D7D00, -0xA1A1A100A1A1A100, 0x8989890089898900, 0x6262620062626200, 0x9797970097979700, -0x5454540054545400, 0x5B5B5B005B5B5B00, 0x1E1E1E001E1E1E00, 0x9595950095959500, -0xE0E0E000E0E0E000, 0xFFFFFF00FFFFFF00, 0x6464640064646400, 0xD2D2D200D2D2D200, -0x1010100010101000, 0xC4C4C400C4C4C400, 0x0000000000000000, 0x4848480048484800, -0xA3A3A300A3A3A300, 0xF7F7F700F7F7F700, 0x7575750075757500, 0xDBDBDB00DBDBDB00, -0x8A8A8A008A8A8A00, 0x0303030003030300, 0xE6E6E600E6E6E600, 0xDADADA00DADADA00, -0x0909090009090900, 0x3F3F3F003F3F3F00, 0xDDDDDD00DDDDDD00, 0x9494940094949400, -0x8787870087878700, 0x5C5C5C005C5C5C00, 0x8383830083838300, 0x0202020002020200, -0xCDCDCD00CDCDCD00, 0x4A4A4A004A4A4A00, 0x9090900090909000, 0x3333330033333300, -0x7373730073737300, 0x6767670067676700, 0xF6F6F600F6F6F600, 0xF3F3F300F3F3F300, -0x9D9D9D009D9D9D00, 0x7F7F7F007F7F7F00, 0xBFBFBF00BFBFBF00, 0xE2E2E200E2E2E200, -0x5252520052525200, 0x9B9B9B009B9B9B00, 0xD8D8D800D8D8D800, 0x2626260026262600, -0xC8C8C800C8C8C800, 0x3737370037373700, 0xC6C6C600C6C6C600, 0x3B3B3B003B3B3B00, -0x8181810081818100, 0x9696960096969600, 0x6F6F6F006F6F6F00, 0x4B4B4B004B4B4B00, -0x1313130013131300, 0xBEBEBE00BEBEBE00, 0x6363630063636300, 0x2E2E2E002E2E2E00, -0xE9E9E900E9E9E900, 0x7979790079797900, 0xA7A7A700A7A7A700, 0x8C8C8C008C8C8C00, -0x9F9F9F009F9F9F00, 0x6E6E6E006E6E6E00, 0xBCBCBC00BCBCBC00, 0x8E8E8E008E8E8E00, -0x2929290029292900, 0xF5F5F500F5F5F500, 0xF9F9F900F9F9F900, 0xB6B6B600B6B6B600, -0x2F2F2F002F2F2F00, 0xFDFDFD00FDFDFD00, 0xB4B4B400B4B4B400, 0x5959590059595900, -0x7878780078787800, 0x9898980098989800, 0x0606060006060600, 0x6A6A6A006A6A6A00, -0xE7E7E700E7E7E700, 0x4646460046464600, 0x7171710071717100, 0xBABABA00BABABA00, -0xD4D4D400D4D4D400, 0x2525250025252500, 0xABABAB00ABABAB00, 0x4242420042424200, -0x8888880088888800, 0xA2A2A200A2A2A200, 0x8D8D8D008D8D8D00, 0xFAFAFA00FAFAFA00, -0x7272720072727200, 0x0707070007070700, 0xB9B9B900B9B9B900, 0x5555550055555500, -0xF8F8F800F8F8F800, 0xEEEEEE00EEEEEE00, 0xACACAC00ACACAC00, 0x0A0A0A000A0A0A00, -0x3636360036363600, 0x4949490049494900, 0x2A2A2A002A2A2A00, 0x6868680068686800, -0x3C3C3C003C3C3C00, 0x3838380038383800, 0xF1F1F100F1F1F100, 0xA4A4A400A4A4A400, -0x4040400040404000, 0x2828280028282800, 0xD3D3D300D3D3D300, 0x7B7B7B007B7B7B00, -0xBBBBBB00BBBBBB00, 0xC9C9C900C9C9C900, 0x4343430043434300, 0xC1C1C100C1C1C100, -0x1515150015151500, 0xE3E3E300E3E3E300, 0xADADAD00ADADAD00, 0xF4F4F400F4F4F400, -0x7777770077777700, 0xC7C7C700C7C7C700, 0x8080800080808000, 0x9E9E9E009E9E9E00 }; - -} - -#endif diff --git a/src/block/camellia/info.txt b/src/block/camellia/info.txt deleted file mode 100644 index 2bcfe80d0..000000000 --- a/src/block/camellia/info.txt +++ /dev/null @@ -1,9 +0,0 @@ -define CAMELLIA 20131128 - -<header:internal> -camellia_sbox.h -</header:internal> - -<header:public> -camellia.h -</header:public> diff --git a/src/block/cascade/cascade.cpp b/src/block/cascade/cascade.cpp deleted file mode 100644 index f1b1a8f2c..000000000 --- a/src/block/cascade/cascade.cpp +++ /dev/null @@ -1,98 +0,0 @@ -/* -* Block Cipher Cascade -* (C) 2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/cascade.h> - -namespace Botan { - -void Cascade_Cipher::encrypt_n(const byte in[], byte out[], - size_t blocks) const - { - size_t c1_blocks = blocks * (block_size() / cipher1->block_size()); - size_t c2_blocks = blocks * (block_size() / cipher2->block_size()); - - cipher1->encrypt_n(in, out, c1_blocks); - cipher2->encrypt_n(out, out, c2_blocks); - } - -void Cascade_Cipher::decrypt_n(const byte in[], byte out[], - size_t blocks) const - { - size_t c1_blocks = blocks * (block_size() / cipher1->block_size()); - size_t c2_blocks = blocks * (block_size() / cipher2->block_size()); - - cipher2->decrypt_n(in, out, c2_blocks); - cipher1->decrypt_n(out, out, c1_blocks); - } - -void Cascade_Cipher::key_schedule(const byte key[], size_t) - { - const byte* key2 = key + cipher1->maximum_keylength(); - - cipher1->set_key(key , cipher1->maximum_keylength()); - cipher2->set_key(key2, cipher2->maximum_keylength()); - } - -void Cascade_Cipher::clear() - { - cipher1->clear(); - cipher2->clear(); - } - -std::string Cascade_Cipher::name() const - { - return "Cascade(" + cipher1->name() + "," + cipher2->name() + ")"; - } - -BlockCipher* Cascade_Cipher::clone() const - { - return new Cascade_Cipher(cipher1->clone(), - cipher2->clone()); - } - -namespace { - -size_t euclids_algorithm(size_t a, size_t b) - { - while(b != 0) // gcd - { - size_t t = b; - b = a % b; - a = t; - } - - return a; - } - -size_t block_size_for_cascade(size_t bs, size_t bs2) - { - if(bs == bs2) - return bs; - - size_t gcd = euclids_algorithm(bs, bs2); - - return (bs * bs2) / gcd; - } - -} - -Cascade_Cipher::Cascade_Cipher(BlockCipher* c1, BlockCipher* c2) : - cipher1(c1), cipher2(c2) - { - block = block_size_for_cascade(c1->block_size(), c2->block_size()); - - if(block_size() % c1->block_size() || block_size() % c2->block_size()) - throw Internal_Error("Failure in " + name() + " constructor"); - } - -Cascade_Cipher::~Cascade_Cipher() - { - delete cipher1; - delete cipher2; - } - -} diff --git a/src/block/cascade/cascade.h b/src/block/cascade/cascade.h deleted file mode 100644 index 9b7d44fdf..000000000 --- a/src/block/cascade/cascade.h +++ /dev/null @@ -1,58 +0,0 @@ -/* -* Block Cipher Cascade -* (C) 2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CASCADE_H__ -#define BOTAN_CASCADE_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Block Cipher Cascade -*/ -class BOTAN_DLL Cascade_Cipher : public BlockCipher - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - size_t block_size() const { return block; } - - Key_Length_Specification key_spec() const - { - return Key_Length_Specification(cipher1->maximum_keylength() + - cipher2->maximum_keylength()); - } - - void clear(); - std::string name() const; - BlockCipher* clone() const; - - /** - * Create a cascade of two block ciphers - * @param cipher1 the first cipher - * @param cipher2 the second cipher - */ - Cascade_Cipher(BlockCipher* cipher1, BlockCipher* cipher2); - - Cascade_Cipher(const Cascade_Cipher&) = delete; - Cascade_Cipher& operator=(const Cascade_Cipher&) = delete; - - ~Cascade_Cipher(); - private: - void key_schedule(const byte[], size_t); - - size_t block; - BlockCipher* cipher1; - BlockCipher* cipher2; - }; - - -} - -#endif diff --git a/src/block/cascade/info.txt b/src/block/cascade/info.txt deleted file mode 100644 index 445e49086..000000000 --- a/src/block/cascade/info.txt +++ /dev/null @@ -1,9 +0,0 @@ -define CASCADE 20131128 - -<header:public> -cascade.h -</header:public> - -<source> -cascade.cpp -</source> diff --git a/src/block/cast/cast128.cpp b/src/block/cast/cast128.cpp deleted file mode 100644 index 169b18f01..000000000 --- a/src/block/cast/cast128.cpp +++ /dev/null @@ -1,376 +0,0 @@ -/* -* CAST-128 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/cast128.h> -#include <botan/internal/cast_sboxes.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* CAST-128 Round Type 1 -*/ -inline void R1(u32bit& L, u32bit R, u32bit MK, byte RK) - { - u32bit T = rotate_left(MK + R, RK); - L ^= (CAST_SBOX1[get_byte(0, T)] ^ CAST_SBOX2[get_byte(1, T)]) - - CAST_SBOX3[get_byte(2, T)] + CAST_SBOX4[get_byte(3, T)]; - } - -/* -* CAST-128 Round Type 2 -*/ -inline void R2(u32bit& L, u32bit R, u32bit MK, byte RK) - { - u32bit T = rotate_left(MK ^ R, RK); - L ^= (CAST_SBOX1[get_byte(0, T)] - CAST_SBOX2[get_byte(1, T)] + - CAST_SBOX3[get_byte(2, T)]) ^ CAST_SBOX4[get_byte(3, T)]; - } - -/* -* CAST-128 Round Type 3 -*/ -inline void R3(u32bit& L, u32bit R, u32bit MK, byte RK) - { - u32bit T = rotate_left(MK - R, RK); - L ^= ((CAST_SBOX1[get_byte(0, T)] + CAST_SBOX2[get_byte(1, T)]) ^ - CAST_SBOX3[get_byte(2, T)]) - CAST_SBOX4[get_byte(3, T)]; - } - -} - -/* -* CAST-128 Encryption -*/ -void CAST_128::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - R1(L, R, MK[ 0], RK[ 0]); - R2(R, L, MK[ 1], RK[ 1]); - R3(L, R, MK[ 2], RK[ 2]); - R1(R, L, MK[ 3], RK[ 3]); - R2(L, R, MK[ 4], RK[ 4]); - R3(R, L, MK[ 5], RK[ 5]); - R1(L, R, MK[ 6], RK[ 6]); - R2(R, L, MK[ 7], RK[ 7]); - R3(L, R, MK[ 8], RK[ 8]); - R1(R, L, MK[ 9], RK[ 9]); - R2(L, R, MK[10], RK[10]); - R3(R, L, MK[11], RK[11]); - R1(L, R, MK[12], RK[12]); - R2(R, L, MK[13], RK[13]); - R3(L, R, MK[14], RK[14]); - R1(R, L, MK[15], RK[15]); - - store_be(out, R, L); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* CAST-128 Decryption -*/ -void CAST_128::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - R1(L, R, MK[15], RK[15]); - R3(R, L, MK[14], RK[14]); - R2(L, R, MK[13], RK[13]); - R1(R, L, MK[12], RK[12]); - R3(L, R, MK[11], RK[11]); - R2(R, L, MK[10], RK[10]); - R1(L, R, MK[ 9], RK[ 9]); - R3(R, L, MK[ 8], RK[ 8]); - R2(L, R, MK[ 7], RK[ 7]); - R1(R, L, MK[ 6], RK[ 6]); - R3(L, R, MK[ 5], RK[ 5]); - R2(R, L, MK[ 4], RK[ 4]); - R1(L, R, MK[ 3], RK[ 3]); - R3(R, L, MK[ 2], RK[ 2]); - R2(L, R, MK[ 1], RK[ 1]); - R1(R, L, MK[ 0], RK[ 0]); - - store_be(out, R, L); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* CAST-128 Key Schedule -*/ -void CAST_128::key_schedule(const byte key[], size_t length) - { - MK.resize(48); - RK.resize(48); - - secure_vector<u32bit> X(4); - for(size_t i = 0; i != length; ++i) - X[i/4] = (X[i/4] << 8) + key[i]; - - cast_ks(MK, X); - - secure_vector<u32bit> RK32(48); - cast_ks(RK32, X); - - for(size_t i = 0; i != 16; ++i) - RK[i] = RK32[i] % 32; - } - -void CAST_128::clear() - { - zap(MK); - zap(RK); - } - -/* -* S-Box Based Key Expansion -*/ -void CAST_128::cast_ks(secure_vector<u32bit>& K, - secure_vector<u32bit>& X) - { - static const u32bit S5[256] = { - 0x7EC90C04, 0x2C6E74B9, 0x9B0E66DF, 0xA6337911, 0xB86A7FFF, 0x1DD358F5, - 0x44DD9D44, 0x1731167F, 0x08FBF1FA, 0xE7F511CC, 0xD2051B00, 0x735ABA00, - 0x2AB722D8, 0x386381CB, 0xACF6243A, 0x69BEFD7A, 0xE6A2E77F, 0xF0C720CD, - 0xC4494816, 0xCCF5C180, 0x38851640, 0x15B0A848, 0xE68B18CB, 0x4CAADEFF, - 0x5F480A01, 0x0412B2AA, 0x259814FC, 0x41D0EFE2, 0x4E40B48D, 0x248EB6FB, - 0x8DBA1CFE, 0x41A99B02, 0x1A550A04, 0xBA8F65CB, 0x7251F4E7, 0x95A51725, - 0xC106ECD7, 0x97A5980A, 0xC539B9AA, 0x4D79FE6A, 0xF2F3F763, 0x68AF8040, - 0xED0C9E56, 0x11B4958B, 0xE1EB5A88, 0x8709E6B0, 0xD7E07156, 0x4E29FEA7, - 0x6366E52D, 0x02D1C000, 0xC4AC8E05, 0x9377F571, 0x0C05372A, 0x578535F2, - 0x2261BE02, 0xD642A0C9, 0xDF13A280, 0x74B55BD2, 0x682199C0, 0xD421E5EC, - 0x53FB3CE8, 0xC8ADEDB3, 0x28A87FC9, 0x3D959981, 0x5C1FF900, 0xFE38D399, - 0x0C4EFF0B, 0x062407EA, 0xAA2F4FB1, 0x4FB96976, 0x90C79505, 0xB0A8A774, - 0xEF55A1FF, 0xE59CA2C2, 0xA6B62D27, 0xE66A4263, 0xDF65001F, 0x0EC50966, - 0xDFDD55BC, 0x29DE0655, 0x911E739A, 0x17AF8975, 0x32C7911C, 0x89F89468, - 0x0D01E980, 0x524755F4, 0x03B63CC9, 0x0CC844B2, 0xBCF3F0AA, 0x87AC36E9, - 0xE53A7426, 0x01B3D82B, 0x1A9E7449, 0x64EE2D7E, 0xCDDBB1DA, 0x01C94910, - 0xB868BF80, 0x0D26F3FD, 0x9342EDE7, 0x04A5C284, 0x636737B6, 0x50F5B616, - 0xF24766E3, 0x8ECA36C1, 0x136E05DB, 0xFEF18391, 0xFB887A37, 0xD6E7F7D4, - 0xC7FB7DC9, 0x3063FCDF, 0xB6F589DE, 0xEC2941DA, 0x26E46695, 0xB7566419, - 0xF654EFC5, 0xD08D58B7, 0x48925401, 0xC1BACB7F, 0xE5FF550F, 0xB6083049, - 0x5BB5D0E8, 0x87D72E5A, 0xAB6A6EE1, 0x223A66CE, 0xC62BF3CD, 0x9E0885F9, - 0x68CB3E47, 0x086C010F, 0xA21DE820, 0xD18B69DE, 0xF3F65777, 0xFA02C3F6, - 0x407EDAC3, 0xCBB3D550, 0x1793084D, 0xB0D70EBA, 0x0AB378D5, 0xD951FB0C, - 0xDED7DA56, 0x4124BBE4, 0x94CA0B56, 0x0F5755D1, 0xE0E1E56E, 0x6184B5BE, - 0x580A249F, 0x94F74BC0, 0xE327888E, 0x9F7B5561, 0xC3DC0280, 0x05687715, - 0x646C6BD7, 0x44904DB3, 0x66B4F0A3, 0xC0F1648A, 0x697ED5AF, 0x49E92FF6, - 0x309E374F, 0x2CB6356A, 0x85808573, 0x4991F840, 0x76F0AE02, 0x083BE84D, - 0x28421C9A, 0x44489406, 0x736E4CB8, 0xC1092910, 0x8BC95FC6, 0x7D869CF4, - 0x134F616F, 0x2E77118D, 0xB31B2BE1, 0xAA90B472, 0x3CA5D717, 0x7D161BBA, - 0x9CAD9010, 0xAF462BA2, 0x9FE459D2, 0x45D34559, 0xD9F2DA13, 0xDBC65487, - 0xF3E4F94E, 0x176D486F, 0x097C13EA, 0x631DA5C7, 0x445F7382, 0x175683F4, - 0xCDC66A97, 0x70BE0288, 0xB3CDCF72, 0x6E5DD2F3, 0x20936079, 0x459B80A5, - 0xBE60E2DB, 0xA9C23101, 0xEBA5315C, 0x224E42F2, 0x1C5C1572, 0xF6721B2C, - 0x1AD2FFF3, 0x8C25404E, 0x324ED72F, 0x4067B7FD, 0x0523138E, 0x5CA3BC78, - 0xDC0FD66E, 0x75922283, 0x784D6B17, 0x58EBB16E, 0x44094F85, 0x3F481D87, - 0xFCFEAE7B, 0x77B5FF76, 0x8C2302BF, 0xAAF47556, 0x5F46B02A, 0x2B092801, - 0x3D38F5F7, 0x0CA81F36, 0x52AF4A8A, 0x66D5E7C0, 0xDF3B0874, 0x95055110, - 0x1B5AD7A8, 0xF61ED5AD, 0x6CF6E479, 0x20758184, 0xD0CEFA65, 0x88F7BE58, - 0x4A046826, 0x0FF6F8F3, 0xA09C7F70, 0x5346ABA0, 0x5CE96C28, 0xE176EDA3, - 0x6BAC307F, 0x376829D2, 0x85360FA9, 0x17E3FE2A, 0x24B79767, 0xF5A96B20, - 0xD6CD2595, 0x68FF1EBF, 0x7555442C, 0xF19F06BE, 0xF9E0659A, 0xEEB9491D, - 0x34010718, 0xBB30CAB8, 0xE822FE15, 0x88570983, 0x750E6249, 0xDA627E55, - 0x5E76FFA8, 0xB1534546, 0x6D47DE08, 0xEFE9E7D4 }; - - static const u32bit S6[256] = { - 0xF6FA8F9D, 0x2CAC6CE1, 0x4CA34867, 0xE2337F7C, 0x95DB08E7, 0x016843B4, - 0xECED5CBC, 0x325553AC, 0xBF9F0960, 0xDFA1E2ED, 0x83F0579D, 0x63ED86B9, - 0x1AB6A6B8, 0xDE5EBE39, 0xF38FF732, 0x8989B138, 0x33F14961, 0xC01937BD, - 0xF506C6DA, 0xE4625E7E, 0xA308EA99, 0x4E23E33C, 0x79CBD7CC, 0x48A14367, - 0xA3149619, 0xFEC94BD5, 0xA114174A, 0xEAA01866, 0xA084DB2D, 0x09A8486F, - 0xA888614A, 0x2900AF98, 0x01665991, 0xE1992863, 0xC8F30C60, 0x2E78EF3C, - 0xD0D51932, 0xCF0FEC14, 0xF7CA07D2, 0xD0A82072, 0xFD41197E, 0x9305A6B0, - 0xE86BE3DA, 0x74BED3CD, 0x372DA53C, 0x4C7F4448, 0xDAB5D440, 0x6DBA0EC3, - 0x083919A7, 0x9FBAEED9, 0x49DBCFB0, 0x4E670C53, 0x5C3D9C01, 0x64BDB941, - 0x2C0E636A, 0xBA7DD9CD, 0xEA6F7388, 0xE70BC762, 0x35F29ADB, 0x5C4CDD8D, - 0xF0D48D8C, 0xB88153E2, 0x08A19866, 0x1AE2EAC8, 0x284CAF89, 0xAA928223, - 0x9334BE53, 0x3B3A21BF, 0x16434BE3, 0x9AEA3906, 0xEFE8C36E, 0xF890CDD9, - 0x80226DAE, 0xC340A4A3, 0xDF7E9C09, 0xA694A807, 0x5B7C5ECC, 0x221DB3A6, - 0x9A69A02F, 0x68818A54, 0xCEB2296F, 0x53C0843A, 0xFE893655, 0x25BFE68A, - 0xB4628ABC, 0xCF222EBF, 0x25AC6F48, 0xA9A99387, 0x53BDDB65, 0xE76FFBE7, - 0xE967FD78, 0x0BA93563, 0x8E342BC1, 0xE8A11BE9, 0x4980740D, 0xC8087DFC, - 0x8DE4BF99, 0xA11101A0, 0x7FD37975, 0xDA5A26C0, 0xE81F994F, 0x9528CD89, - 0xFD339FED, 0xB87834BF, 0x5F04456D, 0x22258698, 0xC9C4C83B, 0x2DC156BE, - 0x4F628DAA, 0x57F55EC5, 0xE2220ABE, 0xD2916EBF, 0x4EC75B95, 0x24F2C3C0, - 0x42D15D99, 0xCD0D7FA0, 0x7B6E27FF, 0xA8DC8AF0, 0x7345C106, 0xF41E232F, - 0x35162386, 0xE6EA8926, 0x3333B094, 0x157EC6F2, 0x372B74AF, 0x692573E4, - 0xE9A9D848, 0xF3160289, 0x3A62EF1D, 0xA787E238, 0xF3A5F676, 0x74364853, - 0x20951063, 0x4576698D, 0xB6FAD407, 0x592AF950, 0x36F73523, 0x4CFB6E87, - 0x7DA4CEC0, 0x6C152DAA, 0xCB0396A8, 0xC50DFE5D, 0xFCD707AB, 0x0921C42F, - 0x89DFF0BB, 0x5FE2BE78, 0x448F4F33, 0x754613C9, 0x2B05D08D, 0x48B9D585, - 0xDC049441, 0xC8098F9B, 0x7DEDE786, 0xC39A3373, 0x42410005, 0x6A091751, - 0x0EF3C8A6, 0x890072D6, 0x28207682, 0xA9A9F7BE, 0xBF32679D, 0xD45B5B75, - 0xB353FD00, 0xCBB0E358, 0x830F220A, 0x1F8FB214, 0xD372CF08, 0xCC3C4A13, - 0x8CF63166, 0x061C87BE, 0x88C98F88, 0x6062E397, 0x47CF8E7A, 0xB6C85283, - 0x3CC2ACFB, 0x3FC06976, 0x4E8F0252, 0x64D8314D, 0xDA3870E3, 0x1E665459, - 0xC10908F0, 0x513021A5, 0x6C5B68B7, 0x822F8AA0, 0x3007CD3E, 0x74719EEF, - 0xDC872681, 0x073340D4, 0x7E432FD9, 0x0C5EC241, 0x8809286C, 0xF592D891, - 0x08A930F6, 0x957EF305, 0xB7FBFFBD, 0xC266E96F, 0x6FE4AC98, 0xB173ECC0, - 0xBC60B42A, 0x953498DA, 0xFBA1AE12, 0x2D4BD736, 0x0F25FAAB, 0xA4F3FCEB, - 0xE2969123, 0x257F0C3D, 0x9348AF49, 0x361400BC, 0xE8816F4A, 0x3814F200, - 0xA3F94043, 0x9C7A54C2, 0xBC704F57, 0xDA41E7F9, 0xC25AD33A, 0x54F4A084, - 0xB17F5505, 0x59357CBE, 0xEDBD15C8, 0x7F97C5AB, 0xBA5AC7B5, 0xB6F6DEAF, - 0x3A479C3A, 0x5302DA25, 0x653D7E6A, 0x54268D49, 0x51A477EA, 0x5017D55B, - 0xD7D25D88, 0x44136C76, 0x0404A8C8, 0xB8E5A121, 0xB81A928A, 0x60ED5869, - 0x97C55B96, 0xEAEC991B, 0x29935913, 0x01FDB7F1, 0x088E8DFA, 0x9AB6F6F5, - 0x3B4CBF9F, 0x4A5DE3AB, 0xE6051D35, 0xA0E1D855, 0xD36B4CF1, 0xF544EDEB, - 0xB0E93524, 0xBEBB8FBD, 0xA2D762CF, 0x49C92F54, 0x38B5F331, 0x7128A454, - 0x48392905, 0xA65B1DB8, 0x851C97BD, 0xD675CF2F }; - - static const u32bit S7[256] = { - 0x85E04019, 0x332BF567, 0x662DBFFF, 0xCFC65693, 0x2A8D7F6F, 0xAB9BC912, - 0xDE6008A1, 0x2028DA1F, 0x0227BCE7, 0x4D642916, 0x18FAC300, 0x50F18B82, - 0x2CB2CB11, 0xB232E75C, 0x4B3695F2, 0xB28707DE, 0xA05FBCF6, 0xCD4181E9, - 0xE150210C, 0xE24EF1BD, 0xB168C381, 0xFDE4E789, 0x5C79B0D8, 0x1E8BFD43, - 0x4D495001, 0x38BE4341, 0x913CEE1D, 0x92A79C3F, 0x089766BE, 0xBAEEADF4, - 0x1286BECF, 0xB6EACB19, 0x2660C200, 0x7565BDE4, 0x64241F7A, 0x8248DCA9, - 0xC3B3AD66, 0x28136086, 0x0BD8DFA8, 0x356D1CF2, 0x107789BE, 0xB3B2E9CE, - 0x0502AA8F, 0x0BC0351E, 0x166BF52A, 0xEB12FF82, 0xE3486911, 0xD34D7516, - 0x4E7B3AFF, 0x5F43671B, 0x9CF6E037, 0x4981AC83, 0x334266CE, 0x8C9341B7, - 0xD0D854C0, 0xCB3A6C88, 0x47BC2829, 0x4725BA37, 0xA66AD22B, 0x7AD61F1E, - 0x0C5CBAFA, 0x4437F107, 0xB6E79962, 0x42D2D816, 0x0A961288, 0xE1A5C06E, - 0x13749E67, 0x72FC081A, 0xB1D139F7, 0xF9583745, 0xCF19DF58, 0xBEC3F756, - 0xC06EBA30, 0x07211B24, 0x45C28829, 0xC95E317F, 0xBC8EC511, 0x38BC46E9, - 0xC6E6FA14, 0xBAE8584A, 0xAD4EBC46, 0x468F508B, 0x7829435F, 0xF124183B, - 0x821DBA9F, 0xAFF60FF4, 0xEA2C4E6D, 0x16E39264, 0x92544A8B, 0x009B4FC3, - 0xABA68CED, 0x9AC96F78, 0x06A5B79A, 0xB2856E6E, 0x1AEC3CA9, 0xBE838688, - 0x0E0804E9, 0x55F1BE56, 0xE7E5363B, 0xB3A1F25D, 0xF7DEBB85, 0x61FE033C, - 0x16746233, 0x3C034C28, 0xDA6D0C74, 0x79AAC56C, 0x3CE4E1AD, 0x51F0C802, - 0x98F8F35A, 0x1626A49F, 0xEED82B29, 0x1D382FE3, 0x0C4FB99A, 0xBB325778, - 0x3EC6D97B, 0x6E77A6A9, 0xCB658B5C, 0xD45230C7, 0x2BD1408B, 0x60C03EB7, - 0xB9068D78, 0xA33754F4, 0xF430C87D, 0xC8A71302, 0xB96D8C32, 0xEBD4E7BE, - 0xBE8B9D2D, 0x7979FB06, 0xE7225308, 0x8B75CF77, 0x11EF8DA4, 0xE083C858, - 0x8D6B786F, 0x5A6317A6, 0xFA5CF7A0, 0x5DDA0033, 0xF28EBFB0, 0xF5B9C310, - 0xA0EAC280, 0x08B9767A, 0xA3D9D2B0, 0x79D34217, 0x021A718D, 0x9AC6336A, - 0x2711FD60, 0x438050E3, 0x069908A8, 0x3D7FEDC4, 0x826D2BEF, 0x4EEB8476, - 0x488DCF25, 0x36C9D566, 0x28E74E41, 0xC2610ACA, 0x3D49A9CF, 0xBAE3B9DF, - 0xB65F8DE6, 0x92AEAF64, 0x3AC7D5E6, 0x9EA80509, 0xF22B017D, 0xA4173F70, - 0xDD1E16C3, 0x15E0D7F9, 0x50B1B887, 0x2B9F4FD5, 0x625ABA82, 0x6A017962, - 0x2EC01B9C, 0x15488AA9, 0xD716E740, 0x40055A2C, 0x93D29A22, 0xE32DBF9A, - 0x058745B9, 0x3453DC1E, 0xD699296E, 0x496CFF6F, 0x1C9F4986, 0xDFE2ED07, - 0xB87242D1, 0x19DE7EAE, 0x053E561A, 0x15AD6F8C, 0x66626C1C, 0x7154C24C, - 0xEA082B2A, 0x93EB2939, 0x17DCB0F0, 0x58D4F2AE, 0x9EA294FB, 0x52CF564C, - 0x9883FE66, 0x2EC40581, 0x763953C3, 0x01D6692E, 0xD3A0C108, 0xA1E7160E, - 0xE4F2DFA6, 0x693ED285, 0x74904698, 0x4C2B0EDD, 0x4F757656, 0x5D393378, - 0xA132234F, 0x3D321C5D, 0xC3F5E194, 0x4B269301, 0xC79F022F, 0x3C997E7E, - 0x5E4F9504, 0x3FFAFBBD, 0x76F7AD0E, 0x296693F4, 0x3D1FCE6F, 0xC61E45BE, - 0xD3B5AB34, 0xF72BF9B7, 0x1B0434C0, 0x4E72B567, 0x5592A33D, 0xB5229301, - 0xCFD2A87F, 0x60AEB767, 0x1814386B, 0x30BCC33D, 0x38A0C07D, 0xFD1606F2, - 0xC363519B, 0x589DD390, 0x5479F8E6, 0x1CB8D647, 0x97FD61A9, 0xEA7759F4, - 0x2D57539D, 0x569A58CF, 0xE84E63AD, 0x462E1B78, 0x6580F87E, 0xF3817914, - 0x91DA55F4, 0x40A230F3, 0xD1988F35, 0xB6E318D2, 0x3FFA50BC, 0x3D40F021, - 0xC3C0BDAE, 0x4958C24C, 0x518F36B2, 0x84B1D370, 0x0FEDCE83, 0x878DDADA, - 0xF2A279C7, 0x94E01BE8, 0x90716F4B, 0x954B8AA3 }; - - static const u32bit S8[256] = { - 0xE216300D, 0xBBDDFFFC, 0xA7EBDABD, 0x35648095, 0x7789F8B7, 0xE6C1121B, - 0x0E241600, 0x052CE8B5, 0x11A9CFB0, 0xE5952F11, 0xECE7990A, 0x9386D174, - 0x2A42931C, 0x76E38111, 0xB12DEF3A, 0x37DDDDFC, 0xDE9ADEB1, 0x0A0CC32C, - 0xBE197029, 0x84A00940, 0xBB243A0F, 0xB4D137CF, 0xB44E79F0, 0x049EEDFD, - 0x0B15A15D, 0x480D3168, 0x8BBBDE5A, 0x669DED42, 0xC7ECE831, 0x3F8F95E7, - 0x72DF191B, 0x7580330D, 0x94074251, 0x5C7DCDFA, 0xABBE6D63, 0xAA402164, - 0xB301D40A, 0x02E7D1CA, 0x53571DAE, 0x7A3182A2, 0x12A8DDEC, 0xFDAA335D, - 0x176F43E8, 0x71FB46D4, 0x38129022, 0xCE949AD4, 0xB84769AD, 0x965BD862, - 0x82F3D055, 0x66FB9767, 0x15B80B4E, 0x1D5B47A0, 0x4CFDE06F, 0xC28EC4B8, - 0x57E8726E, 0x647A78FC, 0x99865D44, 0x608BD593, 0x6C200E03, 0x39DC5FF6, - 0x5D0B00A3, 0xAE63AFF2, 0x7E8BD632, 0x70108C0C, 0xBBD35049, 0x2998DF04, - 0x980CF42A, 0x9B6DF491, 0x9E7EDD53, 0x06918548, 0x58CB7E07, 0x3B74EF2E, - 0x522FFFB1, 0xD24708CC, 0x1C7E27CD, 0xA4EB215B, 0x3CF1D2E2, 0x19B47A38, - 0x424F7618, 0x35856039, 0x9D17DEE7, 0x27EB35E6, 0xC9AFF67B, 0x36BAF5B8, - 0x09C467CD, 0xC18910B1, 0xE11DBF7B, 0x06CD1AF8, 0x7170C608, 0x2D5E3354, - 0xD4DE495A, 0x64C6D006, 0xBCC0C62C, 0x3DD00DB3, 0x708F8F34, 0x77D51B42, - 0x264F620F, 0x24B8D2BF, 0x15C1B79E, 0x46A52564, 0xF8D7E54E, 0x3E378160, - 0x7895CDA5, 0x859C15A5, 0xE6459788, 0xC37BC75F, 0xDB07BA0C, 0x0676A3AB, - 0x7F229B1E, 0x31842E7B, 0x24259FD7, 0xF8BEF472, 0x835FFCB8, 0x6DF4C1F2, - 0x96F5B195, 0xFD0AF0FC, 0xB0FE134C, 0xE2506D3D, 0x4F9B12EA, 0xF215F225, - 0xA223736F, 0x9FB4C428, 0x25D04979, 0x34C713F8, 0xC4618187, 0xEA7A6E98, - 0x7CD16EFC, 0x1436876C, 0xF1544107, 0xBEDEEE14, 0x56E9AF27, 0xA04AA441, - 0x3CF7C899, 0x92ECBAE6, 0xDD67016D, 0x151682EB, 0xA842EEDF, 0xFDBA60B4, - 0xF1907B75, 0x20E3030F, 0x24D8C29E, 0xE139673B, 0xEFA63FB8, 0x71873054, - 0xB6F2CF3B, 0x9F326442, 0xCB15A4CC, 0xB01A4504, 0xF1E47D8D, 0x844A1BE5, - 0xBAE7DFDC, 0x42CBDA70, 0xCD7DAE0A, 0x57E85B7A, 0xD53F5AF6, 0x20CF4D8C, - 0xCEA4D428, 0x79D130A4, 0x3486EBFB, 0x33D3CDDC, 0x77853B53, 0x37EFFCB5, - 0xC5068778, 0xE580B3E6, 0x4E68B8F4, 0xC5C8B37E, 0x0D809EA2, 0x398FEB7C, - 0x132A4F94, 0x43B7950E, 0x2FEE7D1C, 0x223613BD, 0xDD06CAA2, 0x37DF932B, - 0xC4248289, 0xACF3EBC3, 0x5715F6B7, 0xEF3478DD, 0xF267616F, 0xC148CBE4, - 0x9052815E, 0x5E410FAB, 0xB48A2465, 0x2EDA7FA4, 0xE87B40E4, 0xE98EA084, - 0x5889E9E1, 0xEFD390FC, 0xDD07D35B, 0xDB485694, 0x38D7E5B2, 0x57720101, - 0x730EDEBC, 0x5B643113, 0x94917E4F, 0x503C2FBA, 0x646F1282, 0x7523D24A, - 0xE0779695, 0xF9C17A8F, 0x7A5B2121, 0xD187B896, 0x29263A4D, 0xBA510CDF, - 0x81F47C9F, 0xAD1163ED, 0xEA7B5965, 0x1A00726E, 0x11403092, 0x00DA6D77, - 0x4A0CDD61, 0xAD1F4603, 0x605BDFB0, 0x9EEDC364, 0x22EBE6A8, 0xCEE7D28A, - 0xA0E736A0, 0x5564A6B9, 0x10853209, 0xC7EB8F37, 0x2DE705CA, 0x8951570F, - 0xDF09822B, 0xBD691A6C, 0xAA12E4F2, 0x87451C0F, 0xE0F6A27A, 0x3ADA4819, - 0x4CF1764F, 0x0D771C2B, 0x67CDB156, 0x350D8384, 0x5938FA0F, 0x42399EF3, - 0x36997B07, 0x0E84093D, 0x4AA93E61, 0x8360D87B, 0x1FA98B0C, 0x1149382C, - 0xE97625A5, 0x0614D1B7, 0x0E25244B, 0x0C768347, 0x589E8D82, 0x0D2059D1, - 0xA466BB1E, 0xF8DA0A82, 0x04F19130, 0xBA6E4EC0, 0x99265164, 0x1EE7230D, - 0x50B2AD80, 0xEAEE6801, 0x8DB2A283, 0xEA8BF59E }; - - class ByteReader - { - public: - byte operator()(size_t i) { return (X[i/4] >> (8*(3 - (i%4)))); } - ByteReader(const u32bit* x) : X(x) {} - private: - const u32bit* X; - }; - - secure_vector<u32bit> Z(4); - ByteReader x(&X[0]), z(&Z[0]); - - Z[0] = X[0] ^ S5[x(13)] ^ S6[x(15)] ^ S7[x(12)] ^ S8[x(14)] ^ S7[x( 8)]; - Z[1] = X[2] ^ S5[z( 0)] ^ S6[z( 2)] ^ S7[z( 1)] ^ S8[z( 3)] ^ S8[x(10)]; - Z[2] = X[3] ^ S5[z( 7)] ^ S6[z( 6)] ^ S7[z( 5)] ^ S8[z( 4)] ^ S5[x( 9)]; - Z[3] = X[1] ^ S5[z(10)] ^ S6[z( 9)] ^ S7[z(11)] ^ S8[z( 8)] ^ S6[x(11)]; - K[ 0] = S5[z( 8)] ^ S6[z( 9)] ^ S7[z( 7)] ^ S8[z( 6)] ^ S5[z( 2)]; - K[ 1] = S5[z(10)] ^ S6[z(11)] ^ S7[z( 5)] ^ S8[z( 4)] ^ S6[z( 6)]; - K[ 2] = S5[z(12)] ^ S6[z(13)] ^ S7[z( 3)] ^ S8[z( 2)] ^ S7[z( 9)]; - K[ 3] = S5[z(14)] ^ S6[z(15)] ^ S7[z( 1)] ^ S8[z( 0)] ^ S8[z(12)]; - X[0] = Z[2] ^ S5[z( 5)] ^ S6[z( 7)] ^ S7[z( 4)] ^ S8[z( 6)] ^ S7[z( 0)]; - X[1] = Z[0] ^ S5[x( 0)] ^ S6[x( 2)] ^ S7[x( 1)] ^ S8[x( 3)] ^ S8[z( 2)]; - X[2] = Z[1] ^ S5[x( 7)] ^ S6[x( 6)] ^ S7[x( 5)] ^ S8[x( 4)] ^ S5[z( 1)]; - X[3] = Z[3] ^ S5[x(10)] ^ S6[x( 9)] ^ S7[x(11)] ^ S8[x( 8)] ^ S6[z( 3)]; - K[ 4] = S5[x( 3)] ^ S6[x( 2)] ^ S7[x(12)] ^ S8[x(13)] ^ S5[x( 8)]; - K[ 5] = S5[x( 1)] ^ S6[x( 0)] ^ S7[x(14)] ^ S8[x(15)] ^ S6[x(13)]; - K[ 6] = S5[x( 7)] ^ S6[x( 6)] ^ S7[x( 8)] ^ S8[x( 9)] ^ S7[x( 3)]; - K[ 7] = S5[x( 5)] ^ S6[x( 4)] ^ S7[x(10)] ^ S8[x(11)] ^ S8[x( 7)]; - Z[0] = X[0] ^ S5[x(13)] ^ S6[x(15)] ^ S7[x(12)] ^ S8[x(14)] ^ S7[x( 8)]; - Z[1] = X[2] ^ S5[z( 0)] ^ S6[z( 2)] ^ S7[z( 1)] ^ S8[z( 3)] ^ S8[x(10)]; - Z[2] = X[3] ^ S5[z( 7)] ^ S6[z( 6)] ^ S7[z( 5)] ^ S8[z( 4)] ^ S5[x( 9)]; - Z[3] = X[1] ^ S5[z(10)] ^ S6[z( 9)] ^ S7[z(11)] ^ S8[z( 8)] ^ S6[x(11)]; - K[ 8] = S5[z( 3)] ^ S6[z( 2)] ^ S7[z(12)] ^ S8[z(13)] ^ S5[z( 9)]; - K[ 9] = S5[z( 1)] ^ S6[z( 0)] ^ S7[z(14)] ^ S8[z(15)] ^ S6[z(12)]; - K[10] = S5[z( 7)] ^ S6[z( 6)] ^ S7[z( 8)] ^ S8[z( 9)] ^ S7[z( 2)]; - K[11] = S5[z( 5)] ^ S6[z( 4)] ^ S7[z(10)] ^ S8[z(11)] ^ S8[z( 6)]; - X[0] = Z[2] ^ S5[z( 5)] ^ S6[z( 7)] ^ S7[z( 4)] ^ S8[z( 6)] ^ S7[z( 0)]; - X[1] = Z[0] ^ S5[x( 0)] ^ S6[x( 2)] ^ S7[x( 1)] ^ S8[x( 3)] ^ S8[z( 2)]; - X[2] = Z[1] ^ S5[x( 7)] ^ S6[x( 6)] ^ S7[x( 5)] ^ S8[x( 4)] ^ S5[z( 1)]; - X[3] = Z[3] ^ S5[x(10)] ^ S6[x( 9)] ^ S7[x(11)] ^ S8[x( 8)] ^ S6[z( 3)]; - K[12] = S5[x( 8)] ^ S6[x( 9)] ^ S7[x( 7)] ^ S8[x( 6)] ^ S5[x( 3)]; - K[13] = S5[x(10)] ^ S6[x(11)] ^ S7[x( 5)] ^ S8[x( 4)] ^ S6[x( 7)]; - K[14] = S5[x(12)] ^ S6[x(13)] ^ S7[x( 3)] ^ S8[x( 2)] ^ S7[x( 8)]; - K[15] = S5[x(14)] ^ S6[x(15)] ^ S7[x( 1)] ^ S8[x( 0)] ^ S8[x(13)]; - } - -} diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h deleted file mode 100644 index 233c1e478..000000000 --- a/src/block/cast/cast128.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -* CAST-128 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CAST128_H__ -#define BOTAN_CAST128_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* CAST-128 -*/ -class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "CAST-128"; } - BlockCipher* clone() const { return new CAST_128; } - - private: - void key_schedule(const byte[], size_t); - - static void cast_ks(secure_vector<u32bit>& ks, - secure_vector<u32bit>& user_key); - - secure_vector<u32bit> MK; - secure_vector<byte> RK; - }; - -} - -#endif diff --git a/src/block/cast/cast256.cpp b/src/block/cast/cast256.cpp deleted file mode 100644 index 0c4dbb941..000000000 --- a/src/block/cast/cast256.cpp +++ /dev/null @@ -1,228 +0,0 @@ -/* -* CAST-256 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/cast256.h> -#include <botan/internal/cast_sboxes.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* CAST-256 Round Type 1 -*/ -void round1(u32bit& out, u32bit in, u32bit mask, u32bit rot) - { - u32bit temp = rotate_left(mask + in, rot); - out ^= (CAST_SBOX1[get_byte(0, temp)] ^ CAST_SBOX2[get_byte(1, temp)]) - - CAST_SBOX3[get_byte(2, temp)] + CAST_SBOX4[get_byte(3, temp)]; - } - -/* -* CAST-256 Round Type 2 -*/ -void round2(u32bit& out, u32bit in, u32bit mask, u32bit rot) - { - u32bit temp = rotate_left(mask ^ in, rot); - out ^= (CAST_SBOX1[get_byte(0, temp)] - CAST_SBOX2[get_byte(1, temp)] + - CAST_SBOX3[get_byte(2, temp)]) ^ CAST_SBOX4[get_byte(3, temp)]; - } - -/* -* CAST-256 Round Type 3 -*/ -void round3(u32bit& out, u32bit in, u32bit mask, u32bit rot) - { - u32bit temp = rotate_left(mask - in, rot); - out ^= ((CAST_SBOX1[get_byte(0, temp)] + CAST_SBOX2[get_byte(1, temp)]) ^ - CAST_SBOX3[get_byte(2, temp)]) - CAST_SBOX4[get_byte(3, temp)]; - } - -} - -/* -* CAST-256 Encryption -*/ -void CAST_256::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_be<u32bit>(in, 0); - u32bit B = load_be<u32bit>(in, 1); - u32bit C = load_be<u32bit>(in, 2); - u32bit D = load_be<u32bit>(in, 3); - - round1(C, D, MK[ 0], RK[ 0]); round2(B, C, MK[ 1], RK[ 1]); - round3(A, B, MK[ 2], RK[ 2]); round1(D, A, MK[ 3], RK[ 3]); - round1(C, D, MK[ 4], RK[ 4]); round2(B, C, MK[ 5], RK[ 5]); - round3(A, B, MK[ 6], RK[ 6]); round1(D, A, MK[ 7], RK[ 7]); - round1(C, D, MK[ 8], RK[ 8]); round2(B, C, MK[ 9], RK[ 9]); - round3(A, B, MK[10], RK[10]); round1(D, A, MK[11], RK[11]); - round1(C, D, MK[12], RK[12]); round2(B, C, MK[13], RK[13]); - round3(A, B, MK[14], RK[14]); round1(D, A, MK[15], RK[15]); - round1(C, D, MK[16], RK[16]); round2(B, C, MK[17], RK[17]); - round3(A, B, MK[18], RK[18]); round1(D, A, MK[19], RK[19]); - round1(C, D, MK[20], RK[20]); round2(B, C, MK[21], RK[21]); - round3(A, B, MK[22], RK[22]); round1(D, A, MK[23], RK[23]); - round1(D, A, MK[27], RK[27]); round3(A, B, MK[26], RK[26]); - round2(B, C, MK[25], RK[25]); round1(C, D, MK[24], RK[24]); - round1(D, A, MK[31], RK[31]); round3(A, B, MK[30], RK[30]); - round2(B, C, MK[29], RK[29]); round1(C, D, MK[28], RK[28]); - round1(D, A, MK[35], RK[35]); round3(A, B, MK[34], RK[34]); - round2(B, C, MK[33], RK[33]); round1(C, D, MK[32], RK[32]); - round1(D, A, MK[39], RK[39]); round3(A, B, MK[38], RK[38]); - round2(B, C, MK[37], RK[37]); round1(C, D, MK[36], RK[36]); - round1(D, A, MK[43], RK[43]); round3(A, B, MK[42], RK[42]); - round2(B, C, MK[41], RK[41]); round1(C, D, MK[40], RK[40]); - round1(D, A, MK[47], RK[47]); round3(A, B, MK[46], RK[46]); - round2(B, C, MK[45], RK[45]); round1(C, D, MK[44], RK[44]); - - store_be(out, A, B, C, D); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* CAST-256 Decryption -*/ -void CAST_256::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_be<u32bit>(in, 0); - u32bit B = load_be<u32bit>(in, 1); - u32bit C = load_be<u32bit>(in, 2); - u32bit D = load_be<u32bit>(in, 3); - - round1(C, D, MK[44], RK[44]); round2(B, C, MK[45], RK[45]); - round3(A, B, MK[46], RK[46]); round1(D, A, MK[47], RK[47]); - round1(C, D, MK[40], RK[40]); round2(B, C, MK[41], RK[41]); - round3(A, B, MK[42], RK[42]); round1(D, A, MK[43], RK[43]); - round1(C, D, MK[36], RK[36]); round2(B, C, MK[37], RK[37]); - round3(A, B, MK[38], RK[38]); round1(D, A, MK[39], RK[39]); - round1(C, D, MK[32], RK[32]); round2(B, C, MK[33], RK[33]); - round3(A, B, MK[34], RK[34]); round1(D, A, MK[35], RK[35]); - round1(C, D, MK[28], RK[28]); round2(B, C, MK[29], RK[29]); - round3(A, B, MK[30], RK[30]); round1(D, A, MK[31], RK[31]); - round1(C, D, MK[24], RK[24]); round2(B, C, MK[25], RK[25]); - round3(A, B, MK[26], RK[26]); round1(D, A, MK[27], RK[27]); - round1(D, A, MK[23], RK[23]); round3(A, B, MK[22], RK[22]); - round2(B, C, MK[21], RK[21]); round1(C, D, MK[20], RK[20]); - round1(D, A, MK[19], RK[19]); round3(A, B, MK[18], RK[18]); - round2(B, C, MK[17], RK[17]); round1(C, D, MK[16], RK[16]); - round1(D, A, MK[15], RK[15]); round3(A, B, MK[14], RK[14]); - round2(B, C, MK[13], RK[13]); round1(C, D, MK[12], RK[12]); - round1(D, A, MK[11], RK[11]); round3(A, B, MK[10], RK[10]); - round2(B, C, MK[ 9], RK[ 9]); round1(C, D, MK[ 8], RK[ 8]); - round1(D, A, MK[ 7], RK[ 7]); round3(A, B, MK[ 6], RK[ 6]); - round2(B, C, MK[ 5], RK[ 5]); round1(C, D, MK[ 4], RK[ 4]); - round1(D, A, MK[ 3], RK[ 3]); round3(A, B, MK[ 2], RK[ 2]); - round2(B, C, MK[ 1], RK[ 1]); round1(C, D, MK[ 0], RK[ 0]); - - store_be(out, A, B, C, D); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* CAST-256 Key Schedule -*/ -void CAST_256::key_schedule(const byte key[], size_t length) - { - static const u32bit KEY_MASK[192] = { - 0x5A827999, 0xC95C653A, 0x383650DB, 0xA7103C7C, 0x15EA281D, 0x84C413BE, - 0xF39DFF5F, 0x6277EB00, 0xD151D6A1, 0x402BC242, 0xAF05ADE3, 0x1DDF9984, - 0x8CB98525, 0xFB9370C6, 0x6A6D5C67, 0xD9474808, 0x482133A9, 0xB6FB1F4A, - 0x25D50AEB, 0x94AEF68C, 0x0388E22D, 0x7262CDCE, 0xE13CB96F, 0x5016A510, - 0xBEF090B1, 0x2DCA7C52, 0x9CA467F3, 0x0B7E5394, 0x7A583F35, 0xE9322AD6, - 0x580C1677, 0xC6E60218, 0x35BFEDB9, 0xA499D95A, 0x1373C4FB, 0x824DB09C, - 0xF1279C3D, 0x600187DE, 0xCEDB737F, 0x3DB55F20, 0xAC8F4AC1, 0x1B693662, - 0x8A432203, 0xF91D0DA4, 0x67F6F945, 0xD6D0E4E6, 0x45AAD087, 0xB484BC28, - 0x235EA7C9, 0x9238936A, 0x01127F0B, 0x6FEC6AAC, 0xDEC6564D, 0x4DA041EE, - 0xBC7A2D8F, 0x2B541930, 0x9A2E04D1, 0x0907F072, 0x77E1DC13, 0xE6BBC7B4, - 0x5595B355, 0xC46F9EF6, 0x33498A97, 0xA2237638, 0x10FD61D9, 0x7FD74D7A, - 0xEEB1391B, 0x5D8B24BC, 0xCC65105D, 0x3B3EFBFE, 0xAA18E79F, 0x18F2D340, - 0x87CCBEE1, 0xF6A6AA82, 0x65809623, 0xD45A81C4, 0x43346D65, 0xB20E5906, - 0x20E844A7, 0x8FC23048, 0xFE9C1BE9, 0x6D76078A, 0xDC4FF32B, 0x4B29DECC, - 0xBA03CA6D, 0x28DDB60E, 0x97B7A1AF, 0x06918D50, 0x756B78F1, 0xE4456492, - 0x531F5033, 0xC1F93BD4, 0x30D32775, 0x9FAD1316, 0x0E86FEB7, 0x7D60EA58, - 0xEC3AD5F9, 0x5B14C19A, 0xC9EEAD3B, 0x38C898DC, 0xA7A2847D, 0x167C701E, - 0x85565BBF, 0xF4304760, 0x630A3301, 0xD1E41EA2, 0x40BE0A43, 0xAF97F5E4, - 0x1E71E185, 0x8D4BCD26, 0xFC25B8C7, 0x6AFFA468, 0xD9D99009, 0x48B37BAA, - 0xB78D674B, 0x266752EC, 0x95413E8D, 0x041B2A2E, 0x72F515CF, 0xE1CF0170, - 0x50A8ED11, 0xBF82D8B2, 0x2E5CC453, 0x9D36AFF4, 0x0C109B95, 0x7AEA8736, - 0xE9C472D7, 0x589E5E78, 0xC7784A19, 0x365235BA, 0xA52C215B, 0x14060CFC, - 0x82DFF89D, 0xF1B9E43E, 0x6093CFDF, 0xCF6DBB80, 0x3E47A721, 0xAD2192C2, - 0x1BFB7E63, 0x8AD56A04, 0xF9AF55A5, 0x68894146, 0xD7632CE7, 0x463D1888, - 0xB5170429, 0x23F0EFCA, 0x92CADB6B, 0x01A4C70C, 0x707EB2AD, 0xDF589E4E, - 0x4E3289EF, 0xBD0C7590, 0x2BE66131, 0x9AC04CD2, 0x099A3873, 0x78742414, - 0xE74E0FB5, 0x5627FB56, 0xC501E6F7, 0x33DBD298, 0xA2B5BE39, 0x118FA9DA, - 0x8069957B, 0xEF43811C, 0x5E1D6CBD, 0xCCF7585E, 0x3BD143FF, 0xAAAB2FA0, - 0x19851B41, 0x885F06E2, 0xF738F283, 0x6612DE24, 0xD4ECC9C5, 0x43C6B566, - 0xB2A0A107, 0x217A8CA8, 0x90547849, 0xFF2E63EA, 0x6E084F8B, 0xDCE23B2C, - 0x4BBC26CD, 0xBA96126E, 0x296FFE0F, 0x9849E9B0, 0x0723D551, 0x75FDC0F2, - 0xE4D7AC93, 0x53B19834, 0xC28B83D5, 0x31656F76, 0xA03F5B17, 0x0F1946B8 }; - - static const byte KEY_ROT[32] = { - 0x13, 0x04, 0x15, 0x06, 0x17, 0x08, 0x19, 0x0A, 0x1B, 0x0C, - 0x1D, 0x0E, 0x1F, 0x10, 0x01, 0x12, 0x03, 0x14, 0x05, 0x16, - 0x07, 0x18, 0x09, 0x1A, 0x0B, 0x1C, 0x0D, 0x1E, 0x0F, 0x00, - 0x11, 0x02 }; - - MK.resize(48); - RK.resize(48); - - secure_vector<u32bit> K(8); - for(size_t i = 0; i != length; ++i) - K[i/4] = (K[i/4] << 8) + key[i]; - - u32bit A = K[0], B = K[1], C = K[2], D = K[3], - E = K[4], F = K[5], G = K[6], H = K[7]; - - for(size_t i = 0; i != 48; i += 4) - { - round1(G, H, KEY_MASK[4*i+ 0], KEY_ROT[(4*i+ 0) % 32]); - round2(F, G, KEY_MASK[4*i+ 1], KEY_ROT[(4*i+ 1) % 32]); - round3(E, F, KEY_MASK[4*i+ 2], KEY_ROT[(4*i+ 2) % 32]); - round1(D, E, KEY_MASK[4*i+ 3], KEY_ROT[(4*i+ 3) % 32]); - round2(C, D, KEY_MASK[4*i+ 4], KEY_ROT[(4*i+ 4) % 32]); - round3(B, C, KEY_MASK[4*i+ 5], KEY_ROT[(4*i+ 5) % 32]); - round1(A, B, KEY_MASK[4*i+ 6], KEY_ROT[(4*i+ 6) % 32]); - round2(H, A, KEY_MASK[4*i+ 7], KEY_ROT[(4*i+ 7) % 32]); - round1(G, H, KEY_MASK[4*i+ 8], KEY_ROT[(4*i+ 8) % 32]); - round2(F, G, KEY_MASK[4*i+ 9], KEY_ROT[(4*i+ 9) % 32]); - round3(E, F, KEY_MASK[4*i+10], KEY_ROT[(4*i+10) % 32]); - round1(D, E, KEY_MASK[4*i+11], KEY_ROT[(4*i+11) % 32]); - round2(C, D, KEY_MASK[4*i+12], KEY_ROT[(4*i+12) % 32]); - round3(B, C, KEY_MASK[4*i+13], KEY_ROT[(4*i+13) % 32]); - round1(A, B, KEY_MASK[4*i+14], KEY_ROT[(4*i+14) % 32]); - round2(H, A, KEY_MASK[4*i+15], KEY_ROT[(4*i+15) % 32]); - - RK[i ] = (A % 32); - RK[i+1] = (C % 32); - RK[i+2] = (E % 32); - RK[i+3] = (G % 32); - MK[i ] = H; - MK[i+1] = F; - MK[i+2] = D; - MK[i+3] = B; - } - } - -void CAST_256::clear() - { - zap(MK); - zap(RK); - } - -} diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h deleted file mode 100644 index cd4572c4d..000000000 --- a/src/block/cast/cast256.h +++ /dev/null @@ -1,36 +0,0 @@ -/* -* CAST-256 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CAST256_H__ -#define BOTAN_CAST256_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* CAST-256 -*/ -class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "CAST-256"; } - BlockCipher* clone() const { return new CAST_256; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> MK; - secure_vector<byte> RK; - }; - -} - -#endif diff --git a/src/block/cast/cast_sboxes.h b/src/block/cast/cast_sboxes.h deleted file mode 100644 index 95578c4a0..000000000 --- a/src/block/cast/cast_sboxes.h +++ /dev/null @@ -1,197 +0,0 @@ -/* -* S-Box Tables for CAST-128 and CAST-256 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_CAST_SBOX_TABLES_H__ -#define BOTAN_CAST_SBOX_TABLES_H__ - -#include <botan/types.h> - -namespace Botan { - -const u32bit CAST_SBOX1[256] = { - 0x30FB40D4, 0x9FA0FF0B, 0x6BECCD2F, 0x3F258C7A, 0x1E213F2F, 0x9C004DD3, - 0x6003E540, 0xCF9FC949, 0xBFD4AF27, 0x88BBBDB5, 0xE2034090, 0x98D09675, - 0x6E63A0E0, 0x15C361D2, 0xC2E7661D, 0x22D4FF8E, 0x28683B6F, 0xC07FD059, - 0xFF2379C8, 0x775F50E2, 0x43C340D3, 0xDF2F8656, 0x887CA41A, 0xA2D2BD2D, - 0xA1C9E0D6, 0x346C4819, 0x61B76D87, 0x22540F2F, 0x2ABE32E1, 0xAA54166B, - 0x22568E3A, 0xA2D341D0, 0x66DB40C8, 0xA784392F, 0x004DFF2F, 0x2DB9D2DE, - 0x97943FAC, 0x4A97C1D8, 0x527644B7, 0xB5F437A7, 0xB82CBAEF, 0xD751D159, - 0x6FF7F0ED, 0x5A097A1F, 0x827B68D0, 0x90ECF52E, 0x22B0C054, 0xBC8E5935, - 0x4B6D2F7F, 0x50BB64A2, 0xD2664910, 0xBEE5812D, 0xB7332290, 0xE93B159F, - 0xB48EE411, 0x4BFF345D, 0xFD45C240, 0xAD31973F, 0xC4F6D02E, 0x55FC8165, - 0xD5B1CAAD, 0xA1AC2DAE, 0xA2D4B76D, 0xC19B0C50, 0x882240F2, 0x0C6E4F38, - 0xA4E4BFD7, 0x4F5BA272, 0x564C1D2F, 0xC59C5319, 0xB949E354, 0xB04669FE, - 0xB1B6AB8A, 0xC71358DD, 0x6385C545, 0x110F935D, 0x57538AD5, 0x6A390493, - 0xE63D37E0, 0x2A54F6B3, 0x3A787D5F, 0x6276A0B5, 0x19A6FCDF, 0x7A42206A, - 0x29F9D4D5, 0xF61B1891, 0xBB72275E, 0xAA508167, 0x38901091, 0xC6B505EB, - 0x84C7CB8C, 0x2AD75A0F, 0x874A1427, 0xA2D1936B, 0x2AD286AF, 0xAA56D291, - 0xD7894360, 0x425C750D, 0x93B39E26, 0x187184C9, 0x6C00B32D, 0x73E2BB14, - 0xA0BEBC3C, 0x54623779, 0x64459EAB, 0x3F328B82, 0x7718CF82, 0x59A2CEA6, - 0x04EE002E, 0x89FE78E6, 0x3FAB0950, 0x325FF6C2, 0x81383F05, 0x6963C5C8, - 0x76CB5AD6, 0xD49974C9, 0xCA180DCF, 0x380782D5, 0xC7FA5CF6, 0x8AC31511, - 0x35E79E13, 0x47DA91D0, 0xF40F9086, 0xA7E2419E, 0x31366241, 0x051EF495, - 0xAA573B04, 0x4A805D8D, 0x548300D0, 0x00322A3C, 0xBF64CDDF, 0xBA57A68E, - 0x75C6372B, 0x50AFD341, 0xA7C13275, 0x915A0BF5, 0x6B54BFAB, 0x2B0B1426, - 0xAB4CC9D7, 0x449CCD82, 0xF7FBF265, 0xAB85C5F3, 0x1B55DB94, 0xAAD4E324, - 0xCFA4BD3F, 0x2DEAA3E2, 0x9E204D02, 0xC8BD25AC, 0xEADF55B3, 0xD5BD9E98, - 0xE31231B2, 0x2AD5AD6C, 0x954329DE, 0xADBE4528, 0xD8710F69, 0xAA51C90F, - 0xAA786BF6, 0x22513F1E, 0xAA51A79B, 0x2AD344CC, 0x7B5A41F0, 0xD37CFBAD, - 0x1B069505, 0x41ECE491, 0xB4C332E6, 0x032268D4, 0xC9600ACC, 0xCE387E6D, - 0xBF6BB16C, 0x6A70FB78, 0x0D03D9C9, 0xD4DF39DE, 0xE01063DA, 0x4736F464, - 0x5AD328D8, 0xB347CC96, 0x75BB0FC3, 0x98511BFB, 0x4FFBCC35, 0xB58BCF6A, - 0xE11F0ABC, 0xBFC5FE4A, 0xA70AEC10, 0xAC39570A, 0x3F04442F, 0x6188B153, - 0xE0397A2E, 0x5727CB79, 0x9CEB418F, 0x1CACD68D, 0x2AD37C96, 0x0175CB9D, - 0xC69DFF09, 0xC75B65F0, 0xD9DB40D8, 0xEC0E7779, 0x4744EAD4, 0xB11C3274, - 0xDD24CB9E, 0x7E1C54BD, 0xF01144F9, 0xD2240EB1, 0x9675B3FD, 0xA3AC3755, - 0xD47C27AF, 0x51C85F4D, 0x56907596, 0xA5BB15E6, 0x580304F0, 0xCA042CF1, - 0x011A37EA, 0x8DBFAADB, 0x35BA3E4A, 0x3526FFA0, 0xC37B4D09, 0xBC306ED9, - 0x98A52666, 0x5648F725, 0xFF5E569D, 0x0CED63D0, 0x7C63B2CF, 0x700B45E1, - 0xD5EA50F1, 0x85A92872, 0xAF1FBDA7, 0xD4234870, 0xA7870BF3, 0x2D3B4D79, - 0x42E04198, 0x0CD0EDE7, 0x26470DB8, 0xF881814C, 0x474D6AD7, 0x7C0C5E5C, - 0xD1231959, 0x381B7298, 0xF5D2F4DB, 0xAB838653, 0x6E2F1E23, 0x83719C9E, - 0xBD91E046, 0x9A56456E, 0xDC39200C, 0x20C8C571, 0x962BDA1C, 0xE1E696FF, - 0xB141AB08, 0x7CCA89B9, 0x1A69E783, 0x02CC4843, 0xA2F7C579, 0x429EF47D, - 0x427B169C, 0x5AC9F049, 0xDD8F0F00, 0x5C8165BF }; - -const u32bit CAST_SBOX2[256] = { - 0x1F201094, 0xEF0BA75B, 0x69E3CF7E, 0x393F4380, 0xFE61CF7A, 0xEEC5207A, - 0x55889C94, 0x72FC0651, 0xADA7EF79, 0x4E1D7235, 0xD55A63CE, 0xDE0436BA, - 0x99C430EF, 0x5F0C0794, 0x18DCDB7D, 0xA1D6EFF3, 0xA0B52F7B, 0x59E83605, - 0xEE15B094, 0xE9FFD909, 0xDC440086, 0xEF944459, 0xBA83CCB3, 0xE0C3CDFB, - 0xD1DA4181, 0x3B092AB1, 0xF997F1C1, 0xA5E6CF7B, 0x01420DDB, 0xE4E7EF5B, - 0x25A1FF41, 0xE180F806, 0x1FC41080, 0x179BEE7A, 0xD37AC6A9, 0xFE5830A4, - 0x98DE8B7F, 0x77E83F4E, 0x79929269, 0x24FA9F7B, 0xE113C85B, 0xACC40083, - 0xD7503525, 0xF7EA615F, 0x62143154, 0x0D554B63, 0x5D681121, 0xC866C359, - 0x3D63CF73, 0xCEE234C0, 0xD4D87E87, 0x5C672B21, 0x071F6181, 0x39F7627F, - 0x361E3084, 0xE4EB573B, 0x602F64A4, 0xD63ACD9C, 0x1BBC4635, 0x9E81032D, - 0x2701F50C, 0x99847AB4, 0xA0E3DF79, 0xBA6CF38C, 0x10843094, 0x2537A95E, - 0xF46F6FFE, 0xA1FF3B1F, 0x208CFB6A, 0x8F458C74, 0xD9E0A227, 0x4EC73A34, - 0xFC884F69, 0x3E4DE8DF, 0xEF0E0088, 0x3559648D, 0x8A45388C, 0x1D804366, - 0x721D9BFD, 0xA58684BB, 0xE8256333, 0x844E8212, 0x128D8098, 0xFED33FB4, - 0xCE280AE1, 0x27E19BA5, 0xD5A6C252, 0xE49754BD, 0xC5D655DD, 0xEB667064, - 0x77840B4D, 0xA1B6A801, 0x84DB26A9, 0xE0B56714, 0x21F043B7, 0xE5D05860, - 0x54F03084, 0x066FF472, 0xA31AA153, 0xDADC4755, 0xB5625DBF, 0x68561BE6, - 0x83CA6B94, 0x2D6ED23B, 0xECCF01DB, 0xA6D3D0BA, 0xB6803D5C, 0xAF77A709, - 0x33B4A34C, 0x397BC8D6, 0x5EE22B95, 0x5F0E5304, 0x81ED6F61, 0x20E74364, - 0xB45E1378, 0xDE18639B, 0x881CA122, 0xB96726D1, 0x8049A7E8, 0x22B7DA7B, - 0x5E552D25, 0x5272D237, 0x79D2951C, 0xC60D894C, 0x488CB402, 0x1BA4FE5B, - 0xA4B09F6B, 0x1CA815CF, 0xA20C3005, 0x8871DF63, 0xB9DE2FCB, 0x0CC6C9E9, - 0x0BEEFF53, 0xE3214517, 0xB4542835, 0x9F63293C, 0xEE41E729, 0x6E1D2D7C, - 0x50045286, 0x1E6685F3, 0xF33401C6, 0x30A22C95, 0x31A70850, 0x60930F13, - 0x73F98417, 0xA1269859, 0xEC645C44, 0x52C877A9, 0xCDFF33A6, 0xA02B1741, - 0x7CBAD9A2, 0x2180036F, 0x50D99C08, 0xCB3F4861, 0xC26BD765, 0x64A3F6AB, - 0x80342676, 0x25A75E7B, 0xE4E6D1FC, 0x20C710E6, 0xCDF0B680, 0x17844D3B, - 0x31EEF84D, 0x7E0824E4, 0x2CCB49EB, 0x846A3BAE, 0x8FF77888, 0xEE5D60F6, - 0x7AF75673, 0x2FDD5CDB, 0xA11631C1, 0x30F66F43, 0xB3FAEC54, 0x157FD7FA, - 0xEF8579CC, 0xD152DE58, 0xDB2FFD5E, 0x8F32CE19, 0x306AF97A, 0x02F03EF8, - 0x99319AD5, 0xC242FA0F, 0xA7E3EBB0, 0xC68E4906, 0xB8DA230C, 0x80823028, - 0xDCDEF3C8, 0xD35FB171, 0x088A1BC8, 0xBEC0C560, 0x61A3C9E8, 0xBCA8F54D, - 0xC72FEFFA, 0x22822E99, 0x82C570B4, 0xD8D94E89, 0x8B1C34BC, 0x301E16E6, - 0x273BE979, 0xB0FFEAA6, 0x61D9B8C6, 0x00B24869, 0xB7FFCE3F, 0x08DC283B, - 0x43DAF65A, 0xF7E19798, 0x7619B72F, 0x8F1C9BA4, 0xDC8637A0, 0x16A7D3B1, - 0x9FC393B7, 0xA7136EEB, 0xC6BCC63E, 0x1A513742, 0xEF6828BC, 0x520365D6, - 0x2D6A77AB, 0x3527ED4B, 0x821FD216, 0x095C6E2E, 0xDB92F2FB, 0x5EEA29CB, - 0x145892F5, 0x91584F7F, 0x5483697B, 0x2667A8CC, 0x85196048, 0x8C4BACEA, - 0x833860D4, 0x0D23E0F9, 0x6C387E8A, 0x0AE6D249, 0xB284600C, 0xD835731D, - 0xDCB1C647, 0xAC4C56EA, 0x3EBD81B3, 0x230EABB0, 0x6438BC87, 0xF0B5B1FA, - 0x8F5EA2B3, 0xFC184642, 0x0A036B7A, 0x4FB089BD, 0x649DA589, 0xA345415E, - 0x5C038323, 0x3E5D3BB9, 0x43D79572, 0x7E6DD07C, 0x06DFDF1E, 0x6C6CC4EF, - 0x7160A539, 0x73BFBE70, 0x83877605, 0x4523ECF1 }; - -const u32bit CAST_SBOX3[256] = { - 0x8DEFC240, 0x25FA5D9F, 0xEB903DBF, 0xE810C907, 0x47607FFF, 0x369FE44B, - 0x8C1FC644, 0xAECECA90, 0xBEB1F9BF, 0xEEFBCAEA, 0xE8CF1950, 0x51DF07AE, - 0x920E8806, 0xF0AD0548, 0xE13C8D83, 0x927010D5, 0x11107D9F, 0x07647DB9, - 0xB2E3E4D4, 0x3D4F285E, 0xB9AFA820, 0xFADE82E0, 0xA067268B, 0x8272792E, - 0x553FB2C0, 0x489AE22B, 0xD4EF9794, 0x125E3FBC, 0x21FFFCEE, 0x825B1BFD, - 0x9255C5ED, 0x1257A240, 0x4E1A8302, 0xBAE07FFF, 0x528246E7, 0x8E57140E, - 0x3373F7BF, 0x8C9F8188, 0xA6FC4EE8, 0xC982B5A5, 0xA8C01DB7, 0x579FC264, - 0x67094F31, 0xF2BD3F5F, 0x40FFF7C1, 0x1FB78DFC, 0x8E6BD2C1, 0x437BE59B, - 0x99B03DBF, 0xB5DBC64B, 0x638DC0E6, 0x55819D99, 0xA197C81C, 0x4A012D6E, - 0xC5884A28, 0xCCC36F71, 0xB843C213, 0x6C0743F1, 0x8309893C, 0x0FEDDD5F, - 0x2F7FE850, 0xD7C07F7E, 0x02507FBF, 0x5AFB9A04, 0xA747D2D0, 0x1651192E, - 0xAF70BF3E, 0x58C31380, 0x5F98302E, 0x727CC3C4, 0x0A0FB402, 0x0F7FEF82, - 0x8C96FDAD, 0x5D2C2AAE, 0x8EE99A49, 0x50DA88B8, 0x8427F4A0, 0x1EAC5790, - 0x796FB449, 0x8252DC15, 0xEFBD7D9B, 0xA672597D, 0xADA840D8, 0x45F54504, - 0xFA5D7403, 0xE83EC305, 0x4F91751A, 0x925669C2, 0x23EFE941, 0xA903F12E, - 0x60270DF2, 0x0276E4B6, 0x94FD6574, 0x927985B2, 0x8276DBCB, 0x02778176, - 0xF8AF918D, 0x4E48F79E, 0x8F616DDF, 0xE29D840E, 0x842F7D83, 0x340CE5C8, - 0x96BBB682, 0x93B4B148, 0xEF303CAB, 0x984FAF28, 0x779FAF9B, 0x92DC560D, - 0x224D1E20, 0x8437AA88, 0x7D29DC96, 0x2756D3DC, 0x8B907CEE, 0xB51FD240, - 0xE7C07CE3, 0xE566B4A1, 0xC3E9615E, 0x3CF8209D, 0x6094D1E3, 0xCD9CA341, - 0x5C76460E, 0x00EA983B, 0xD4D67881, 0xFD47572C, 0xF76CEDD9, 0xBDA8229C, - 0x127DADAA, 0x438A074E, 0x1F97C090, 0x081BDB8A, 0x93A07EBE, 0xB938CA15, - 0x97B03CFF, 0x3DC2C0F8, 0x8D1AB2EC, 0x64380E51, 0x68CC7BFB, 0xD90F2788, - 0x12490181, 0x5DE5FFD4, 0xDD7EF86A, 0x76A2E214, 0xB9A40368, 0x925D958F, - 0x4B39FFFA, 0xBA39AEE9, 0xA4FFD30B, 0xFAF7933B, 0x6D498623, 0x193CBCFA, - 0x27627545, 0x825CF47A, 0x61BD8BA0, 0xD11E42D1, 0xCEAD04F4, 0x127EA392, - 0x10428DB7, 0x8272A972, 0x9270C4A8, 0x127DE50B, 0x285BA1C8, 0x3C62F44F, - 0x35C0EAA5, 0xE805D231, 0x428929FB, 0xB4FCDF82, 0x4FB66A53, 0x0E7DC15B, - 0x1F081FAB, 0x108618AE, 0xFCFD086D, 0xF9FF2889, 0x694BCC11, 0x236A5CAE, - 0x12DECA4D, 0x2C3F8CC5, 0xD2D02DFE, 0xF8EF5896, 0xE4CF52DA, 0x95155B67, - 0x494A488C, 0xB9B6A80C, 0x5C8F82BC, 0x89D36B45, 0x3A609437, 0xEC00C9A9, - 0x44715253, 0x0A874B49, 0xD773BC40, 0x7C34671C, 0x02717EF6, 0x4FEB5536, - 0xA2D02FFF, 0xD2BF60C4, 0xD43F03C0, 0x50B4EF6D, 0x07478CD1, 0x006E1888, - 0xA2E53F55, 0xB9E6D4BC, 0xA2048016, 0x97573833, 0xD7207D67, 0xDE0F8F3D, - 0x72F87B33, 0xABCC4F33, 0x7688C55D, 0x7B00A6B0, 0x947B0001, 0x570075D2, - 0xF9BB88F8, 0x8942019E, 0x4264A5FF, 0x856302E0, 0x72DBD92B, 0xEE971B69, - 0x6EA22FDE, 0x5F08AE2B, 0xAF7A616D, 0xE5C98767, 0xCF1FEBD2, 0x61EFC8C2, - 0xF1AC2571, 0xCC8239C2, 0x67214CB8, 0xB1E583D1, 0xB7DC3E62, 0x7F10BDCE, - 0xF90A5C38, 0x0FF0443D, 0x606E6DC6, 0x60543A49, 0x5727C148, 0x2BE98A1D, - 0x8AB41738, 0x20E1BE24, 0xAF96DA0F, 0x68458425, 0x99833BE5, 0x600D457D, - 0x282F9350, 0x8334B362, 0xD91D1120, 0x2B6D8DA0, 0x642B1E31, 0x9C305A00, - 0x52BCE688, 0x1B03588A, 0xF7BAEFD5, 0x4142ED9C, 0xA4315C11, 0x83323EC5, - 0xDFEF4636, 0xA133C501, 0xE9D3531C, 0xEE353783 }; - -const u32bit CAST_SBOX4[256] = { - 0x9DB30420, 0x1FB6E9DE, 0xA7BE7BEF, 0xD273A298, 0x4A4F7BDB, 0x64AD8C57, - 0x85510443, 0xFA020ED1, 0x7E287AFF, 0xE60FB663, 0x095F35A1, 0x79EBF120, - 0xFD059D43, 0x6497B7B1, 0xF3641F63, 0x241E4ADF, 0x28147F5F, 0x4FA2B8CD, - 0xC9430040, 0x0CC32220, 0xFDD30B30, 0xC0A5374F, 0x1D2D00D9, 0x24147B15, - 0xEE4D111A, 0x0FCA5167, 0x71FF904C, 0x2D195FFE, 0x1A05645F, 0x0C13FEFE, - 0x081B08CA, 0x05170121, 0x80530100, 0xE83E5EFE, 0xAC9AF4F8, 0x7FE72701, - 0xD2B8EE5F, 0x06DF4261, 0xBB9E9B8A, 0x7293EA25, 0xCE84FFDF, 0xF5718801, - 0x3DD64B04, 0xA26F263B, 0x7ED48400, 0x547EEBE6, 0x446D4CA0, 0x6CF3D6F5, - 0x2649ABDF, 0xAEA0C7F5, 0x36338CC1, 0x503F7E93, 0xD3772061, 0x11B638E1, - 0x72500E03, 0xF80EB2BB, 0xABE0502E, 0xEC8D77DE, 0x57971E81, 0xE14F6746, - 0xC9335400, 0x6920318F, 0x081DBB99, 0xFFC304A5, 0x4D351805, 0x7F3D5CE3, - 0xA6C866C6, 0x5D5BCCA9, 0xDAEC6FEA, 0x9F926F91, 0x9F46222F, 0x3991467D, - 0xA5BF6D8E, 0x1143C44F, 0x43958302, 0xD0214EEB, 0x022083B8, 0x3FB6180C, - 0x18F8931E, 0x281658E6, 0x26486E3E, 0x8BD78A70, 0x7477E4C1, 0xB506E07C, - 0xF32D0A25, 0x79098B02, 0xE4EABB81, 0x28123B23, 0x69DEAD38, 0x1574CA16, - 0xDF871B62, 0x211C40B7, 0xA51A9EF9, 0x0014377B, 0x041E8AC8, 0x09114003, - 0xBD59E4D2, 0xE3D156D5, 0x4FE876D5, 0x2F91A340, 0x557BE8DE, 0x00EAE4A7, - 0x0CE5C2EC, 0x4DB4BBA6, 0xE756BDFF, 0xDD3369AC, 0xEC17B035, 0x06572327, - 0x99AFC8B0, 0x56C8C391, 0x6B65811C, 0x5E146119, 0x6E85CB75, 0xBE07C002, - 0xC2325577, 0x893FF4EC, 0x5BBFC92D, 0xD0EC3B25, 0xB7801AB7, 0x8D6D3B24, - 0x20C763EF, 0xC366A5FC, 0x9C382880, 0x0ACE3205, 0xAAC9548A, 0xECA1D7C7, - 0x041AFA32, 0x1D16625A, 0x6701902C, 0x9B757A54, 0x31D477F7, 0x9126B031, - 0x36CC6FDB, 0xC70B8B46, 0xD9E66A48, 0x56E55A79, 0x026A4CEB, 0x52437EFF, - 0x2F8F76B4, 0x0DF980A5, 0x8674CDE3, 0xEDDA04EB, 0x17A9BE04, 0x2C18F4DF, - 0xB7747F9D, 0xAB2AF7B4, 0xEFC34D20, 0x2E096B7C, 0x1741A254, 0xE5B6A035, - 0x213D42F6, 0x2C1C7C26, 0x61C2F50F, 0x6552DAF9, 0xD2C231F8, 0x25130F69, - 0xD8167FA2, 0x0418F2C8, 0x001A96A6, 0x0D1526AB, 0x63315C21, 0x5E0A72EC, - 0x49BAFEFD, 0x187908D9, 0x8D0DBD86, 0x311170A7, 0x3E9B640C, 0xCC3E10D7, - 0xD5CAD3B6, 0x0CAEC388, 0xF73001E1, 0x6C728AFF, 0x71EAE2A1, 0x1F9AF36E, - 0xCFCBD12F, 0xC1DE8417, 0xAC07BE6B, 0xCB44A1D8, 0x8B9B0F56, 0x013988C3, - 0xB1C52FCA, 0xB4BE31CD, 0xD8782806, 0x12A3A4E2, 0x6F7DE532, 0x58FD7EB6, - 0xD01EE900, 0x24ADFFC2, 0xF4990FC5, 0x9711AAC5, 0x001D7B95, 0x82E5E7D2, - 0x109873F6, 0x00613096, 0xC32D9521, 0xADA121FF, 0x29908415, 0x7FBB977F, - 0xAF9EB3DB, 0x29C9ED2A, 0x5CE2A465, 0xA730F32C, 0xD0AA3FE8, 0x8A5CC091, - 0xD49E2CE7, 0x0CE454A9, 0xD60ACD86, 0x015F1919, 0x77079103, 0xDEA03AF6, - 0x78A8565E, 0xDEE356DF, 0x21F05CBE, 0x8B75E387, 0xB3C50651, 0xB8A5C3EF, - 0xD8EEB6D2, 0xE523BE77, 0xC2154529, 0x2F69EFDF, 0xAFE67AFB, 0xF470C4B2, - 0xF3E0EB5B, 0xD6CC9876, 0x39E4460C, 0x1FDA8538, 0x1987832F, 0xCA007367, - 0xA99144F8, 0x296B299E, 0x492FC295, 0x9266BEAB, 0xB5676E69, 0x9BD3DDDA, - 0xDF7E052F, 0xDB25701C, 0x1B5E51EE, 0xF65324E6, 0x6AFCE36C, 0x0316CC04, - 0x8644213E, 0xB7DC59D0, 0x7965291F, 0xCCD6FD43, 0x41823979, 0x932BCDF6, - 0xB657C34D, 0x4EDFD282, 0x7AE5290C, 0x3CB9536B, 0x851E20FE, 0x9833557E, - 0x13ECF0B0, 0xD3FFB372, 0x3F85C5C1, 0x0AEF7ED2 }; - -} - -#endif diff --git a/src/block/cast/info.txt b/src/block/cast/info.txt deleted file mode 100644 index be4cb7510..000000000 --- a/src/block/cast/info.txt +++ /dev/null @@ -1,10 +0,0 @@ -define CAST 20131128 - -<header:internal> -cast_sboxes.h -</header:internal> - -<header:public> -cast128.h -cast256.h -</header:public> diff --git a/src/block/des/des.cpp b/src/block/des/des.cpp deleted file mode 100644 index a87b4d6bc..000000000 --- a/src/block/des/des.cpp +++ /dev/null @@ -1,304 +0,0 @@ -/* -* DES -* (C) 1999-2008 Jack Lloyd -* -* Based on a public domain implemenation by Phil Karn (who in turn -* credited Richard Outerbridge and Jim Gillogly) -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/des.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* DES Key Schedule -*/ -void des_key_schedule(u32bit round_key[32], const byte key[8]) - { - static const byte ROT[16] = { 1, 1, 2, 2, 2, 2, 2, 2, - 1, 2, 2, 2, 2, 2, 2, 1 }; - - u32bit C = ((key[7] & 0x80) << 20) | ((key[6] & 0x80) << 19) | - ((key[5] & 0x80) << 18) | ((key[4] & 0x80) << 17) | - ((key[3] & 0x80) << 16) | ((key[2] & 0x80) << 15) | - ((key[1] & 0x80) << 14) | ((key[0] & 0x80) << 13) | - ((key[7] & 0x40) << 13) | ((key[6] & 0x40) << 12) | - ((key[5] & 0x40) << 11) | ((key[4] & 0x40) << 10) | - ((key[3] & 0x40) << 9) | ((key[2] & 0x40) << 8) | - ((key[1] & 0x40) << 7) | ((key[0] & 0x40) << 6) | - ((key[7] & 0x20) << 6) | ((key[6] & 0x20) << 5) | - ((key[5] & 0x20) << 4) | ((key[4] & 0x20) << 3) | - ((key[3] & 0x20) << 2) | ((key[2] & 0x20) << 1) | - ((key[1] & 0x20) ) | ((key[0] & 0x20) >> 1) | - ((key[7] & 0x10) >> 1) | ((key[6] & 0x10) >> 2) | - ((key[5] & 0x10) >> 3) | ((key[4] & 0x10) >> 4); - u32bit D = ((key[7] & 0x02) << 26) | ((key[6] & 0x02) << 25) | - ((key[5] & 0x02) << 24) | ((key[4] & 0x02) << 23) | - ((key[3] & 0x02) << 22) | ((key[2] & 0x02) << 21) | - ((key[1] & 0x02) << 20) | ((key[0] & 0x02) << 19) | - ((key[7] & 0x04) << 17) | ((key[6] & 0x04) << 16) | - ((key[5] & 0x04) << 15) | ((key[4] & 0x04) << 14) | - ((key[3] & 0x04) << 13) | ((key[2] & 0x04) << 12) | - ((key[1] & 0x04) << 11) | ((key[0] & 0x04) << 10) | - ((key[7] & 0x08) << 8) | ((key[6] & 0x08) << 7) | - ((key[5] & 0x08) << 6) | ((key[4] & 0x08) << 5) | - ((key[3] & 0x08) << 4) | ((key[2] & 0x08) << 3) | - ((key[1] & 0x08) << 2) | ((key[0] & 0x08) << 1) | - ((key[3] & 0x10) >> 1) | ((key[2] & 0x10) >> 2) | - ((key[1] & 0x10) >> 3) | ((key[0] & 0x10) >> 4); - - for(size_t i = 0; i != 16; ++i) - { - C = ((C << ROT[i]) | (C >> (28-ROT[i]))) & 0x0FFFFFFF; - D = ((D << ROT[i]) | (D >> (28-ROT[i]))) & 0x0FFFFFFF; - round_key[2*i ] = ((C & 0x00000010) << 22) | ((C & 0x00000800) << 17) | - ((C & 0x00000020) << 16) | ((C & 0x00004004) << 15) | - ((C & 0x00000200) << 11) | ((C & 0x00020000) << 10) | - ((C & 0x01000000) >> 6) | ((C & 0x00100000) >> 4) | - ((C & 0x00010000) << 3) | ((C & 0x08000000) >> 2) | - ((C & 0x00800000) << 1) | ((D & 0x00000010) << 8) | - ((D & 0x00000002) << 7) | ((D & 0x00000001) << 2) | - ((D & 0x00000200) ) | ((D & 0x00008000) >> 2) | - ((D & 0x00000088) >> 3) | ((D & 0x00001000) >> 7) | - ((D & 0x00080000) >> 9) | ((D & 0x02020000) >> 14) | - ((D & 0x00400000) >> 21); - round_key[2*i+1] = ((C & 0x00000001) << 28) | ((C & 0x00000082) << 18) | - ((C & 0x00002000) << 14) | ((C & 0x00000100) << 10) | - ((C & 0x00001000) << 9) | ((C & 0x00040000) << 6) | - ((C & 0x02400000) << 4) | ((C & 0x00008000) << 2) | - ((C & 0x00200000) >> 1) | ((C & 0x04000000) >> 10) | - ((D & 0x00000020) << 6) | ((D & 0x00000100) ) | - ((D & 0x00000800) >> 1) | ((D & 0x00000040) >> 3) | - ((D & 0x00010000) >> 4) | ((D & 0x00000400) >> 5) | - ((D & 0x00004000) >> 10) | ((D & 0x04000000) >> 13) | - ((D & 0x00800000) >> 14) | ((D & 0x00100000) >> 18) | - ((D & 0x01000000) >> 24) | ((D & 0x08000000) >> 26); - } - } - -/* -* DES Encryption -*/ -void des_encrypt(u32bit& L, u32bit& R, - const u32bit round_key[32]) - { - for(size_t i = 0; i != 16; i += 2) - { - u32bit T0, T1; - - T0 = rotate_right(R, 4) ^ round_key[2*i]; - T1 = R ^ round_key[2*i + 1]; - - L ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^ - DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^ - DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^ - DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)]; - - T0 = rotate_right(L, 4) ^ round_key[2*i + 2]; - T1 = L ^ round_key[2*i + 3]; - - R ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^ - DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^ - DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^ - DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)]; - } - } - -/* -* DES Decryption -*/ -void des_decrypt(u32bit& L, u32bit& R, - const u32bit round_key[32]) - { - for(size_t i = 16; i != 0; i -= 2) - { - u32bit T0, T1; - - T0 = rotate_right(R, 4) ^ round_key[2*i - 2]; - T1 = R ^ round_key[2*i - 1]; - - L ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^ - DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^ - DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^ - DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)]; - - T0 = rotate_right(L, 4) ^ round_key[2*i - 4]; - T1 = L ^ round_key[2*i - 3]; - - R ^= DES_SPBOX1[get_byte(0, T0)] ^ DES_SPBOX2[get_byte(0, T1)] ^ - DES_SPBOX3[get_byte(1, T0)] ^ DES_SPBOX4[get_byte(1, T1)] ^ - DES_SPBOX5[get_byte(2, T0)] ^ DES_SPBOX6[get_byte(2, T1)] ^ - DES_SPBOX7[get_byte(3, T0)] ^ DES_SPBOX8[get_byte(3, T1)]; - } - } - -} - -/* -* DES Encryption -*/ -void DES::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) | - (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) | - (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) | - (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] ); - - u32bit L = static_cast<u32bit>(T >> 32); - u32bit R = static_cast<u32bit>(T); - - des_encrypt(L, R, &round_key[0]); - - T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) | - (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) | - (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) | - (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] ); - T = rotate_left(T, 32); - - store_be(T, out); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* DES Decryption -*/ -void DES::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) | - (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) | - (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) | - (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] ); - - u32bit L = static_cast<u32bit>(T >> 32); - u32bit R = static_cast<u32bit>(T); - - des_decrypt(L, R, &round_key[0]); - - T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) | - (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) | - (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) | - (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] ); - - T = rotate_left(T, 32); - - store_be(T, out); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* DES Key Schedule -*/ -void DES::key_schedule(const byte key[], size_t) - { - round_key.resize(32); - des_key_schedule(&round_key[0], key); - } - -void DES::clear() - { - zap(round_key); - } - -/* -* TripleDES Encryption -*/ -void TripleDES::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) | - (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) | - (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) | - (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] ); - - u32bit L = static_cast<u32bit>(T >> 32); - u32bit R = static_cast<u32bit>(T); - - des_encrypt(L, R, &round_key[0]); - des_decrypt(R, L, &round_key[32]); - des_encrypt(L, R, &round_key[64]); - - T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) | - (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) | - (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) | - (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] ); - - T = rotate_left(T, 32); - - store_be(T, out); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* TripleDES Decryption -*/ -void TripleDES::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) | - (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) | - (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) | - (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] ); - - u32bit L = static_cast<u32bit>(T >> 32); - u32bit R = static_cast<u32bit>(T); - - des_decrypt(L, R, &round_key[64]); - des_encrypt(R, L, &round_key[32]); - des_decrypt(L, R, &round_key[0]); - - T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) | - (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) | - (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) | - (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] ); - - T = rotate_left(T, 32); - - store_be(T, out); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* TripleDES Key Schedule -*/ -void TripleDES::key_schedule(const byte key[], size_t length) - { - round_key.resize(3*32); - des_key_schedule(&round_key[0], key); - des_key_schedule(&round_key[32], key + 8); - - if(length == 24) - des_key_schedule(&round_key[64], key + 16); - else - copy_mem(&round_key[64], &round_key[0], 32); - } - -void TripleDES::clear() - { - zap(round_key); - } - -} diff --git a/src/block/des/des.h b/src/block/des/des.h deleted file mode 100644 index 4f3811bcf..000000000 --- a/src/block/des/des.h +++ /dev/null @@ -1,70 +0,0 @@ -/* -* DES -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_DES_H__ -#define BOTAN_DES_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* DES -*/ -class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "DES"; } - BlockCipher* clone() const { return new DES; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> round_key; - }; - -/** -* Triple DES -*/ -class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "TripleDES"; } - BlockCipher* clone() const { return new TripleDES; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> round_key; - }; - -/* -* DES Tables -*/ -extern const u32bit DES_SPBOX1[256]; -extern const u32bit DES_SPBOX2[256]; -extern const u32bit DES_SPBOX3[256]; -extern const u32bit DES_SPBOX4[256]; -extern const u32bit DES_SPBOX5[256]; -extern const u32bit DES_SPBOX6[256]; -extern const u32bit DES_SPBOX7[256]; -extern const u32bit DES_SPBOX8[256]; - -extern const u64bit DES_IPTAB1[256]; -extern const u64bit DES_IPTAB2[256]; -extern const u64bit DES_FPTAB1[256]; -extern const u64bit DES_FPTAB2[256]; - -} - -#endif diff --git a/src/block/des/des_tab.cpp b/src/block/des/des_tab.cpp deleted file mode 100644 index b46ca3063..000000000 --- a/src/block/des/des_tab.cpp +++ /dev/null @@ -1,636 +0,0 @@ -/* -* Substitution/Permutation Tables for DES -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/des.h> - -namespace Botan { - -const u32bit DES_SPBOX1[256] = { - 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, - 0x00000004, 0x00010000, 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, 0x00000404, 0x01000400, - 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, - 0x00010404, 0x01000000, 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, 0x01010004, 0x00010000, - 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, - 0x00010404, 0x01010400, 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004, 0x01010400, 0x00000000, - 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, - 0x01000000, 0x00000004, 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, 0x00010004, 0x01000004, - 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, - 0x01000000, 0x00000400, 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, 0x01010404, 0x00010004, - 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, - 0x00000000, 0x01010004, 0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, 0x00000400, 0x01010400, - 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, - 0x01010000, 0x01000404, 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, 0x00010000, 0x01010404, - 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, - 0x01000404, 0x00010404, 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, 0x00000404, 0x01000400, - 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004, - 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, - 0x00000004, 0x00010000, 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, 0x00000404, 0x01000400, - 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, - 0x00010404, 0x01000000, 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, 0x01010004, 0x00010000, - 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, - 0x00010404, 0x01010400, 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004 }; - -const u32bit DES_SPBOX2[256] = { - 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, - 0x80100020, 0x80008020, 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, 0x00108000, 0x00100020, - 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, - 0x80100000, 0x00008020, 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, 0x80100000, 0x80008000, - 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, - 0x80000020, 0x00100020, 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000, 0x80108020, 0x80008000, - 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, - 0x00000020, 0x80100020, 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, 0x00100020, 0x80000020, - 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, - 0x80108000, 0x00008000, 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, 0x00008020, 0x80108000, - 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, - 0x80108020, 0x00108000, 0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, 0x80000020, 0x80108020, - 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, - 0x00108020, 0x80100000, 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, 0x00000000, 0x00108020, - 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, - 0x00008000, 0x80000000, 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, 0x00108000, 0x00000000, - 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000, - 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, - 0x80100020, 0x80008020, 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, 0x00108000, 0x00100020, - 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, - 0x80100000, 0x00008020, 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, 0x80100000, 0x80008000, - 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, - 0x80000020, 0x00100020, 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000 }; - -const u32bit DES_SPBOX3[256] = { - 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, - 0x00020208, 0x08000200, 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, 0x08000000, 0x00000008, - 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, - 0x00000200, 0x08000000, 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, 0x00000200, 0x00020008, - 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, - 0x00020200, 0x08000008, 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200, 0x00000208, 0x08020200, - 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, - 0x08020000, 0x00000208, 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, 0x08000208, 0x00020200, - 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, - 0x08000200, 0x00000000, 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, 0x08000208, 0x00020000, - 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, - 0x08020008, 0x00020200, 0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, 0x00020008, 0x08000008, - 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, - 0x08020008, 0x00020208, 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, 0x08020200, 0x08000000, - 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, - 0x00000000, 0x08020008, 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, 0x08020000, 0x08000208, - 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200, - 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, - 0x00020208, 0x08000200, 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, 0x08000000, 0x00000008, - 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, - 0x00000200, 0x08000000, 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, 0x00000200, 0x00020008, - 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, - 0x00020200, 0x08000008, 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200 }; - -const u32bit DES_SPBOX4[256] = { - 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, - 0x00800001, 0x00002001, 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, 0x00000001, 0x00002000, - 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, - 0x00802081, 0x00000081, 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, 0x00002080, 0x00800080, - 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, - 0x00802080, 0x00800081, 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080, 0x00802001, 0x00002081, - 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, - 0x00800080, 0x00800001, 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, 0x00800081, 0x00000001, - 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, - 0x00000000, 0x00802000, 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802081, 0x00000081, - 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, - 0x00002000, 0x00802080, 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, 0x00000000, 0x00802000, - 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, - 0x00002001, 0x00002080, 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, 0x00800080, 0x00800001, - 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, - 0x00002081, 0x00000080, 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, 0x00002001, 0x00002080, - 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, - 0x00800001, 0x00002001, 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, 0x00000001, 0x00002000, - 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, - 0x00802081, 0x00000081, 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, 0x00002080, 0x00800080, - 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, - 0x00802080, 0x00800081, 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080 }; - -const u32bit DES_SPBOX5[256] = { - 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, - 0x40000000, 0x02080000, 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, 0x02000000, 0x40080000, - 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, - 0x42000000, 0x00080100, 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, 0x02000100, 0x40000000, - 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, - 0x40080000, 0x42000000, 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100, 0x00000100, 0x02080100, - 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, - 0x00080100, 0x40000000, 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, 0x42080000, 0x40000100, - 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, - 0x42000100, 0x40080100, 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, 0x42080100, 0x00080100, - 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, - 0x02080100, 0x40000100, 0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, 0x40080100, 0x00080000, - 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, - 0x42080100, 0x02000100, 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, 0x00080000, 0x42000100, - 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, - 0x02000000, 0x42080000, 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, 0x00080100, 0x02000100, - 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100, - 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, - 0x40000000, 0x02080000, 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, 0x02000000, 0x40080000, - 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, - 0x42000000, 0x00080100, 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, 0x02000100, 0x40000000, - 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, - 0x40080000, 0x42000000, 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100 }; - -const u32bit DES_SPBOX6[256] = { - 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, - 0x20404010, 0x00400000, 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, 0x00000000, 0x00400010, - 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, - 0x20404000, 0x20000000, 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, 0x00400000, 0x20004000, - 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, - 0x20400000, 0x00404010, 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010, 0x20000010, 0x20400000, - 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, - 0x20000000, 0x00004010, 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, 0x20400010, 0x00000000, - 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, - 0x00004010, 0x20000010, 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, 0x00404010, 0x20404000, - 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, - 0x00400010, 0x20004010, 0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, 0x20004000, 0x00404010, - 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, - 0x00000010, 0x20400010, 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, 0x20004000, 0x00000010, - 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, - 0x00404000, 0x20400000, 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, 0x00004000, 0x00400010, - 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010, - 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, - 0x20404010, 0x00400000, 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, 0x00000000, 0x00400010, - 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, - 0x20404000, 0x20000000, 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, 0x00400000, 0x20004000, - 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, - 0x20400000, 0x00404010, 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010 }; - -const u32bit DES_SPBOX7[256] = { - 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, - 0x00200802, 0x04200800, 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, 0x04000800, 0x00200802, - 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, - 0x04000000, 0x00200800, 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, 0x00200002, 0x04000000, - 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, - 0x00000002, 0x04200802, 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002, 0x00200000, 0x04200002, - 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, - 0x04200002, 0x00000802, 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, 0x04200000, 0x00000800, - 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, - 0x04200002, 0x00000002, 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, 0x00000802, 0x04000002, - 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, - 0x00000800, 0x00200002, 0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, 0x04200802, 0x00200000, - 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, - 0x04200800, 0x00200002, 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, 0x04000000, 0x00200800, - 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, - 0x00200802, 0x04200800, 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, 0x00000000, 0x00200802, - 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002, - 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, - 0x00200802, 0x04200800, 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, 0x04000800, 0x00200802, - 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, - 0x04000000, 0x00200800, 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, 0x00200002, 0x04000000, - 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, - 0x00000002, 0x04200802, 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002 }; - -const u32bit DES_SPBOX8[256] = { - 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, - 0x00000040, 0x10000000, 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, 0x10040000, 0x10000040, - 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, - 0x00041040, 0x00040000, 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, 0x10001000, 0x00000040, - 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, - 0x10001040, 0x00000000, 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000, 0x10001040, 0x00001000, - 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, - 0x00001000, 0x00000040, 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, 0x00001040, 0x00000000, - 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, - 0x00001000, 0x00041040, 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, 0x00000000, 0x10041040, - 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, - 0x10000000, 0x10041000, 0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, 0x00040040, 0x10040000, - 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, - 0x10040040, 0x10041000, 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, 0x00041040, 0x00040000, - 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, - 0x00040000, 0x10001040, 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, 0x10041040, 0x00041000, - 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000, - 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, - 0x00000040, 0x10000000, 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, 0x10040000, 0x10000040, - 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, - 0x00041040, 0x00040000, 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, 0x10001000, 0x00000040, - 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, - 0x10001040, 0x00000000, 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000 }; - -const u64bit DES_IPTAB1[256] = { -0x0000000000000000, 0x0000000200000000, 0x0000000000000002, 0x0000000200000002, -0x0000020000000000, 0x0000020200000000, 0x0000020000000002, 0x0000020200000002, -0x0000000000000200, 0x0000000200000200, 0x0000000000000202, 0x0000000200000202, -0x0000020000000200, 0x0000020200000200, 0x0000020000000202, 0x0000020200000202, -0x0002000000000000, 0x0002000200000000, 0x0002000000000002, 0x0002000200000002, -0x0002020000000000, 0x0002020200000000, 0x0002020000000002, 0x0002020200000002, -0x0002000000000200, 0x0002000200000200, 0x0002000000000202, 0x0002000200000202, -0x0002020000000200, 0x0002020200000200, 0x0002020000000202, 0x0002020200000202, -0x0000000000020000, 0x0000000200020000, 0x0000000000020002, 0x0000000200020002, -0x0000020000020000, 0x0000020200020000, 0x0000020000020002, 0x0000020200020002, -0x0000000000020200, 0x0000000200020200, 0x0000000000020202, 0x0000000200020202, -0x0000020000020200, 0x0000020200020200, 0x0000020000020202, 0x0000020200020202, -0x0002000000020000, 0x0002000200020000, 0x0002000000020002, 0x0002000200020002, -0x0002020000020000, 0x0002020200020000, 0x0002020000020002, 0x0002020200020002, -0x0002000000020200, 0x0002000200020200, 0x0002000000020202, 0x0002000200020202, -0x0002020000020200, 0x0002020200020200, 0x0002020000020202, 0x0002020200020202, -0x0200000000000000, 0x0200000200000000, 0x0200000000000002, 0x0200000200000002, -0x0200020000000000, 0x0200020200000000, 0x0200020000000002, 0x0200020200000002, -0x0200000000000200, 0x0200000200000200, 0x0200000000000202, 0x0200000200000202, -0x0200020000000200, 0x0200020200000200, 0x0200020000000202, 0x0200020200000202, -0x0202000000000000, 0x0202000200000000, 0x0202000000000002, 0x0202000200000002, -0x0202020000000000, 0x0202020200000000, 0x0202020000000002, 0x0202020200000002, -0x0202000000000200, 0x0202000200000200, 0x0202000000000202, 0x0202000200000202, -0x0202020000000200, 0x0202020200000200, 0x0202020000000202, 0x0202020200000202, -0x0200000000020000, 0x0200000200020000, 0x0200000000020002, 0x0200000200020002, -0x0200020000020000, 0x0200020200020000, 0x0200020000020002, 0x0200020200020002, -0x0200000000020200, 0x0200000200020200, 0x0200000000020202, 0x0200000200020202, -0x0200020000020200, 0x0200020200020200, 0x0200020000020202, 0x0200020200020202, -0x0202000000020000, 0x0202000200020000, 0x0202000000020002, 0x0202000200020002, -0x0202020000020000, 0x0202020200020000, 0x0202020000020002, 0x0202020200020002, -0x0202000000020200, 0x0202000200020200, 0x0202000000020202, 0x0202000200020202, -0x0202020000020200, 0x0202020200020200, 0x0202020000020202, 0x0202020200020202, -0x0000000002000000, 0x0000000202000000, 0x0000000002000002, 0x0000000202000002, -0x0000020002000000, 0x0000020202000000, 0x0000020002000002, 0x0000020202000002, -0x0000000002000200, 0x0000000202000200, 0x0000000002000202, 0x0000000202000202, -0x0000020002000200, 0x0000020202000200, 0x0000020002000202, 0x0000020202000202, -0x0002000002000000, 0x0002000202000000, 0x0002000002000002, 0x0002000202000002, -0x0002020002000000, 0x0002020202000000, 0x0002020002000002, 0x0002020202000002, -0x0002000002000200, 0x0002000202000200, 0x0002000002000202, 0x0002000202000202, -0x0002020002000200, 0x0002020202000200, 0x0002020002000202, 0x0002020202000202, -0x0000000002020000, 0x0000000202020000, 0x0000000002020002, 0x0000000202020002, -0x0000020002020000, 0x0000020202020000, 0x0000020002020002, 0x0000020202020002, -0x0000000002020200, 0x0000000202020200, 0x0000000002020202, 0x0000000202020202, -0x0000020002020200, 0x0000020202020200, 0x0000020002020202, 0x0000020202020202, -0x0002000002020000, 0x0002000202020000, 0x0002000002020002, 0x0002000202020002, -0x0002020002020000, 0x0002020202020000, 0x0002020002020002, 0x0002020202020002, -0x0002000002020200, 0x0002000202020200, 0x0002000002020202, 0x0002000202020202, -0x0002020002020200, 0x0002020202020200, 0x0002020002020202, 0x0002020202020202, -0x0200000002000000, 0x0200000202000000, 0x0200000002000002, 0x0200000202000002, -0x0200020002000000, 0x0200020202000000, 0x0200020002000002, 0x0200020202000002, -0x0200000002000200, 0x0200000202000200, 0x0200000002000202, 0x0200000202000202, -0x0200020002000200, 0x0200020202000200, 0x0200020002000202, 0x0200020202000202, -0x0202000002000000, 0x0202000202000000, 0x0202000002000002, 0x0202000202000002, -0x0202020002000000, 0x0202020202000000, 0x0202020002000002, 0x0202020202000002, -0x0202000002000200, 0x0202000202000200, 0x0202000002000202, 0x0202000202000202, -0x0202020002000200, 0x0202020202000200, 0x0202020002000202, 0x0202020202000202, -0x0200000002020000, 0x0200000202020000, 0x0200000002020002, 0x0200000202020002, -0x0200020002020000, 0x0200020202020000, 0x0200020002020002, 0x0200020202020002, -0x0200000002020200, 0x0200000202020200, 0x0200000002020202, 0x0200000202020202, -0x0200020002020200, 0x0200020202020200, 0x0200020002020202, 0x0200020202020202, -0x0202000002020000, 0x0202000202020000, 0x0202000002020002, 0x0202000202020002, -0x0202020002020000, 0x0202020202020000, 0x0202020002020002, 0x0202020202020002, -0x0202000002020200, 0x0202000202020200, 0x0202000002020202, 0x0202000202020202, -0x0202020002020200, 0x0202020202020200, 0x0202020002020202, 0x0202020202020202 }; - -const u64bit DES_IPTAB2[256] = { -0x0000000000000000, 0x0000010000000000, 0x0000000000000100, 0x0000010000000100, -0x0001000000000000, 0x0001010000000000, 0x0001000000000100, 0x0001010000000100, -0x0000000000010000, 0x0000010000010000, 0x0000000000010100, 0x0000010000010100, -0x0001000000010000, 0x0001010000010000, 0x0001000000010100, 0x0001010000010100, -0x0100000000000000, 0x0100010000000000, 0x0100000000000100, 0x0100010000000100, -0x0101000000000000, 0x0101010000000000, 0x0101000000000100, 0x0101010000000100, -0x0100000000010000, 0x0100010000010000, 0x0100000000010100, 0x0100010000010100, -0x0101000000010000, 0x0101010000010000, 0x0101000000010100, 0x0101010000010100, -0x0000000001000000, 0x0000010001000000, 0x0000000001000100, 0x0000010001000100, -0x0001000001000000, 0x0001010001000000, 0x0001000001000100, 0x0001010001000100, -0x0000000001010000, 0x0000010001010000, 0x0000000001010100, 0x0000010001010100, -0x0001000001010000, 0x0001010001010000, 0x0001000001010100, 0x0001010001010100, -0x0100000001000000, 0x0100010001000000, 0x0100000001000100, 0x0100010001000100, -0x0101000001000000, 0x0101010001000000, 0x0101000001000100, 0x0101010001000100, -0x0100000001010000, 0x0100010001010000, 0x0100000001010100, 0x0100010001010100, -0x0101000001010000, 0x0101010001010000, 0x0101000001010100, 0x0101010001010100, -0x0000000100000000, 0x0000010100000000, 0x0000000100000100, 0x0000010100000100, -0x0001000100000000, 0x0001010100000000, 0x0001000100000100, 0x0001010100000100, -0x0000000100010000, 0x0000010100010000, 0x0000000100010100, 0x0000010100010100, -0x0001000100010000, 0x0001010100010000, 0x0001000100010100, 0x0001010100010100, -0x0100000100000000, 0x0100010100000000, 0x0100000100000100, 0x0100010100000100, -0x0101000100000000, 0x0101010100000000, 0x0101000100000100, 0x0101010100000100, -0x0100000100010000, 0x0100010100010000, 0x0100000100010100, 0x0100010100010100, -0x0101000100010000, 0x0101010100010000, 0x0101000100010100, 0x0101010100010100, -0x0000000101000000, 0x0000010101000000, 0x0000000101000100, 0x0000010101000100, -0x0001000101000000, 0x0001010101000000, 0x0001000101000100, 0x0001010101000100, -0x0000000101010000, 0x0000010101010000, 0x0000000101010100, 0x0000010101010100, -0x0001000101010000, 0x0001010101010000, 0x0001000101010100, 0x0001010101010100, -0x0100000101000000, 0x0100010101000000, 0x0100000101000100, 0x0100010101000100, -0x0101000101000000, 0x0101010101000000, 0x0101000101000100, 0x0101010101000100, -0x0100000101010000, 0x0100010101010000, 0x0100000101010100, 0x0100010101010100, -0x0101000101010000, 0x0101010101010000, 0x0101000101010100, 0x0101010101010100, -0x0000000000000001, 0x0000010000000001, 0x0000000000000101, 0x0000010000000101, -0x0001000000000001, 0x0001010000000001, 0x0001000000000101, 0x0001010000000101, -0x0000000000010001, 0x0000010000010001, 0x0000000000010101, 0x0000010000010101, -0x0001000000010001, 0x0001010000010001, 0x0001000000010101, 0x0001010000010101, -0x0100000000000001, 0x0100010000000001, 0x0100000000000101, 0x0100010000000101, -0x0101000000000001, 0x0101010000000001, 0x0101000000000101, 0x0101010000000101, -0x0100000000010001, 0x0100010000010001, 0x0100000000010101, 0x0100010000010101, -0x0101000000010001, 0x0101010000010001, 0x0101000000010101, 0x0101010000010101, -0x0000000001000001, 0x0000010001000001, 0x0000000001000101, 0x0000010001000101, -0x0001000001000001, 0x0001010001000001, 0x0001000001000101, 0x0001010001000101, -0x0000000001010001, 0x0000010001010001, 0x0000000001010101, 0x0000010001010101, -0x0001000001010001, 0x0001010001010001, 0x0001000001010101, 0x0001010001010101, -0x0100000001000001, 0x0100010001000001, 0x0100000001000101, 0x0100010001000101, -0x0101000001000001, 0x0101010001000001, 0x0101000001000101, 0x0101010001000101, -0x0100000001010001, 0x0100010001010001, 0x0100000001010101, 0x0100010001010101, -0x0101000001010001, 0x0101010001010001, 0x0101000001010101, 0x0101010001010101, -0x0000000100000001, 0x0000010100000001, 0x0000000100000101, 0x0000010100000101, -0x0001000100000001, 0x0001010100000001, 0x0001000100000101, 0x0001010100000101, -0x0000000100010001, 0x0000010100010001, 0x0000000100010101, 0x0000010100010101, -0x0001000100010001, 0x0001010100010001, 0x0001000100010101, 0x0001010100010101, -0x0100000100000001, 0x0100010100000001, 0x0100000100000101, 0x0100010100000101, -0x0101000100000001, 0x0101010100000001, 0x0101000100000101, 0x0101010100000101, -0x0100000100010001, 0x0100010100010001, 0x0100000100010101, 0x0100010100010101, -0x0101000100010001, 0x0101010100010001, 0x0101000100010101, 0x0101010100010101, -0x0000000101000001, 0x0000010101000001, 0x0000000101000101, 0x0000010101000101, -0x0001000101000001, 0x0001010101000001, 0x0001000101000101, 0x0001010101000101, -0x0000000101010001, 0x0000010101010001, 0x0000000101010101, 0x0000010101010101, -0x0001000101010001, 0x0001010101010001, 0x0001000101010101, 0x0001010101010101, -0x0100000101000001, 0x0100010101000001, 0x0100000101000101, 0x0100010101000101, -0x0101000101000001, 0x0101010101000001, 0x0101000101000101, 0x0101010101000101, -0x0100000101010001, 0x0100010101010001, 0x0100000101010101, 0x0100010101010101, -0x0101000101010001, 0x0101010101010001, 0x0101000101010101, 0x0101010101010101 }; - -const u64bit DES_FPTAB1[256] = { -0x0000000000000000, 0x0000000100000000, 0x0000000004000000, 0x0000000104000000, -0x0000000000040000, 0x0000000100040000, 0x0000000004040000, 0x0000000104040000, -0x0000000000000400, 0x0000000100000400, 0x0000000004000400, 0x0000000104000400, -0x0000000000040400, 0x0000000100040400, 0x0000000004040400, 0x0000000104040400, -0x0000000000000004, 0x0000000100000004, 0x0000000004000004, 0x0000000104000004, -0x0000000000040004, 0x0000000100040004, 0x0000000004040004, 0x0000000104040004, -0x0000000000000404, 0x0000000100000404, 0x0000000004000404, 0x0000000104000404, -0x0000000000040404, 0x0000000100040404, 0x0000000004040404, 0x0000000104040404, -0x0400000000000000, 0x0400000100000000, 0x0400000004000000, 0x0400000104000000, -0x0400000000040000, 0x0400000100040000, 0x0400000004040000, 0x0400000104040000, -0x0400000000000400, 0x0400000100000400, 0x0400000004000400, 0x0400000104000400, -0x0400000000040400, 0x0400000100040400, 0x0400000004040400, 0x0400000104040400, -0x0400000000000004, 0x0400000100000004, 0x0400000004000004, 0x0400000104000004, -0x0400000000040004, 0x0400000100040004, 0x0400000004040004, 0x0400000104040004, -0x0400000000000404, 0x0400000100000404, 0x0400000004000404, 0x0400000104000404, -0x0400000000040404, 0x0400000100040404, 0x0400000004040404, 0x0400000104040404, -0x0004000000000000, 0x0004000100000000, 0x0004000004000000, 0x0004000104000000, -0x0004000000040000, 0x0004000100040000, 0x0004000004040000, 0x0004000104040000, -0x0004000000000400, 0x0004000100000400, 0x0004000004000400, 0x0004000104000400, -0x0004000000040400, 0x0004000100040400, 0x0004000004040400, 0x0004000104040400, -0x0004000000000004, 0x0004000100000004, 0x0004000004000004, 0x0004000104000004, -0x0004000000040004, 0x0004000100040004, 0x0004000004040004, 0x0004000104040004, -0x0004000000000404, 0x0004000100000404, 0x0004000004000404, 0x0004000104000404, -0x0004000000040404, 0x0004000100040404, 0x0004000004040404, 0x0004000104040404, -0x0404000000000000, 0x0404000100000000, 0x0404000004000000, 0x0404000104000000, -0x0404000000040000, 0x0404000100040000, 0x0404000004040000, 0x0404000104040000, -0x0404000000000400, 0x0404000100000400, 0x0404000004000400, 0x0404000104000400, -0x0404000000040400, 0x0404000100040400, 0x0404000004040400, 0x0404000104040400, -0x0404000000000004, 0x0404000100000004, 0x0404000004000004, 0x0404000104000004, -0x0404000000040004, 0x0404000100040004, 0x0404000004040004, 0x0404000104040004, -0x0404000000000404, 0x0404000100000404, 0x0404000004000404, 0x0404000104000404, -0x0404000000040404, 0x0404000100040404, 0x0404000004040404, 0x0404000104040404, -0x0000040000000000, 0x0000040100000000, 0x0000040004000000, 0x0000040104000000, -0x0000040000040000, 0x0000040100040000, 0x0000040004040000, 0x0000040104040000, -0x0000040000000400, 0x0000040100000400, 0x0000040004000400, 0x0000040104000400, -0x0000040000040400, 0x0000040100040400, 0x0000040004040400, 0x0000040104040400, -0x0000040000000004, 0x0000040100000004, 0x0000040004000004, 0x0000040104000004, -0x0000040000040004, 0x0000040100040004, 0x0000040004040004, 0x0000040104040004, -0x0000040000000404, 0x0000040100000404, 0x0000040004000404, 0x0000040104000404, -0x0000040000040404, 0x0000040100040404, 0x0000040004040404, 0x0000040104040404, -0x0400040000000000, 0x0400040100000000, 0x0400040004000000, 0x0400040104000000, -0x0400040000040000, 0x0400040100040000, 0x0400040004040000, 0x0400040104040000, -0x0400040000000400, 0x0400040100000400, 0x0400040004000400, 0x0400040104000400, -0x0400040000040400, 0x0400040100040400, 0x0400040004040400, 0x0400040104040400, -0x0400040000000004, 0x0400040100000004, 0x0400040004000004, 0x0400040104000004, -0x0400040000040004, 0x0400040100040004, 0x0400040004040004, 0x0400040104040004, -0x0400040000000404, 0x0400040100000404, 0x0400040004000404, 0x0400040104000404, -0x0400040000040404, 0x0400040100040404, 0x0400040004040404, 0x0400040104040404, -0x0004040000000000, 0x0004040100000000, 0x0004040004000000, 0x0004040104000000, -0x0004040000040000, 0x0004040100040000, 0x0004040004040000, 0x0004040104040000, -0x0004040000000400, 0x0004040100000400, 0x0004040004000400, 0x0004040104000400, -0x0004040000040400, 0x0004040100040400, 0x0004040004040400, 0x0004040104040400, -0x0004040000000004, 0x0004040100000004, 0x0004040004000004, 0x0004040104000004, -0x0004040000040004, 0x0004040100040004, 0x0004040004040004, 0x0004040104040004, -0x0004040000000404, 0x0004040100000404, 0x0004040004000404, 0x0004040104000404, -0x0004040000040404, 0x0004040100040404, 0x0004040004040404, 0x0004040104040404, -0x0404040000000000, 0x0404040100000000, 0x0404040004000000, 0x0404040104000000, -0x0404040000040000, 0x0404040100040000, 0x0404040004040000, 0x0404040104040000, -0x0404040000000400, 0x0404040100000400, 0x0404040004000400, 0x0404040104000400, -0x0404040000040400, 0x0404040100040400, 0x0404040004040400, 0x0404040104040400, -0x0404040000000004, 0x0404040100000004, 0x0404040004000004, 0x0404040104000004, -0x0404040000040004, 0x0404040100040004, 0x0404040004040004, 0x0404040104040004, -0x0404040000000404, 0x0404040100000404, 0x0404040004000404, 0x0404040104000404, -0x0404040000040404, 0x0404040100040404, 0x0404040004040404, 0x0404040104040404 }; - -const u64bit DES_FPTAB2[256] = { -0x0000000000000000, 0x0000004000000000, 0x0000000001000000, 0x0000004001000000, -0x0000000000010000, 0x0000004000010000, 0x0000000001010000, 0x0000004001010000, -0x0000000000000100, 0x0000004000000100, 0x0000000001000100, 0x0000004001000100, -0x0000000000010100, 0x0000004000010100, 0x0000000001010100, 0x0000004001010100, -0x0000000000000001, 0x0000004000000001, 0x0000000001000001, 0x0000004001000001, -0x0000000000010001, 0x0000004000010001, 0x0000000001010001, 0x0000004001010001, -0x0000000000000101, 0x0000004000000101, 0x0000000001000101, 0x0000004001000101, -0x0000000000010101, 0x0000004000010101, 0x0000000001010101, 0x0000004001010101, -0x0100000000000000, 0x0100004000000000, 0x0100000001000000, 0x0100004001000000, -0x0100000000010000, 0x0100004000010000, 0x0100000001010000, 0x0100004001010000, -0x0100000000000100, 0x0100004000000100, 0x0100000001000100, 0x0100004001000100, -0x0100000000010100, 0x0100004000010100, 0x0100000001010100, 0x0100004001010100, -0x0100000000000001, 0x0100004000000001, 0x0100000001000001, 0x0100004001000001, -0x0100000000010001, 0x0100004000010001, 0x0100000001010001, 0x0100004001010001, -0x0100000000000101, 0x0100004000000101, 0x0100000001000101, 0x0100004001000101, -0x0100000000010101, 0x0100004000010101, 0x0100000001010101, 0x0100004001010101, -0x0001000000000000, 0x0001004000000000, 0x0001000001000000, 0x0001004001000000, -0x0001000000010000, 0x0001004000010000, 0x0001000001010000, 0x0001004001010000, -0x0001000000000100, 0x0001004000000100, 0x0001000001000100, 0x0001004001000100, -0x0001000000010100, 0x0001004000010100, 0x0001000001010100, 0x0001004001010100, -0x0001000000000001, 0x0001004000000001, 0x0001000001000001, 0x0001004001000001, -0x0001000000010001, 0x0001004000010001, 0x0001000001010001, 0x0001004001010001, -0x0001000000000101, 0x0001004000000101, 0x0001000001000101, 0x0001004001000101, -0x0001000000010101, 0x0001004000010101, 0x0001000001010101, 0x0001004001010101, -0x0101000000000000, 0x0101004000000000, 0x0101000001000000, 0x0101004001000000, -0x0101000000010000, 0x0101004000010000, 0x0101000001010000, 0x0101004001010000, -0x0101000000000100, 0x0101004000000100, 0x0101000001000100, 0x0101004001000100, -0x0101000000010100, 0x0101004000010100, 0x0101000001010100, 0x0101004001010100, -0x0101000000000001, 0x0101004000000001, 0x0101000001000001, 0x0101004001000001, -0x0101000000010001, 0x0101004000010001, 0x0101000001010001, 0x0101004001010001, -0x0101000000000101, 0x0101004000000101, 0x0101000001000101, 0x0101004001000101, -0x0101000000010101, 0x0101004000010101, 0x0101000001010101, 0x0101004001010101, -0x0000010000000000, 0x0000014000000000, 0x0000010001000000, 0x0000014001000000, -0x0000010000010000, 0x0000014000010000, 0x0000010001010000, 0x0000014001010000, -0x0000010000000100, 0x0000014000000100, 0x0000010001000100, 0x0000014001000100, -0x0000010000010100, 0x0000014000010100, 0x0000010001010100, 0x0000014001010100, -0x0000010000000001, 0x0000014000000001, 0x0000010001000001, 0x0000014001000001, -0x0000010000010001, 0x0000014000010001, 0x0000010001010001, 0x0000014001010001, -0x0000010000000101, 0x0000014000000101, 0x0000010001000101, 0x0000014001000101, -0x0000010000010101, 0x0000014000010101, 0x0000010001010101, 0x0000014001010101, -0x0100010000000000, 0x0100014000000000, 0x0100010001000000, 0x0100014001000000, -0x0100010000010000, 0x0100014000010000, 0x0100010001010000, 0x0100014001010000, -0x0100010000000100, 0x0100014000000100, 0x0100010001000100, 0x0100014001000100, -0x0100010000010100, 0x0100014000010100, 0x0100010001010100, 0x0100014001010100, -0x0100010000000001, 0x0100014000000001, 0x0100010001000001, 0x0100014001000001, -0x0100010000010001, 0x0100014000010001, 0x0100010001010001, 0x0100014001010001, -0x0100010000000101, 0x0100014000000101, 0x0100010001000101, 0x0100014001000101, -0x0100010000010101, 0x0100014000010101, 0x0100010001010101, 0x0100014001010101, -0x0001010000000000, 0x0001014000000000, 0x0001010001000000, 0x0001014001000000, -0x0001010000010000, 0x0001014000010000, 0x0001010001010000, 0x0001014001010000, -0x0001010000000100, 0x0001014000000100, 0x0001010001000100, 0x0001014001000100, -0x0001010000010100, 0x0001014000010100, 0x0001010001010100, 0x0001014001010100, -0x0001010000000001, 0x0001014000000001, 0x0001010001000001, 0x0001014001000001, -0x0001010000010001, 0x0001014000010001, 0x0001010001010001, 0x0001014001010001, -0x0001010000000101, 0x0001014000000101, 0x0001010001000101, 0x0001014001000101, -0x0001010000010101, 0x0001014000010101, 0x0001010001010101, 0x0001014001010101, -0x0101010000000000, 0x0101014000000000, 0x0101010001000000, 0x0101014001000000, -0x0101010000010000, 0x0101014000010000, 0x0101010001010000, 0x0101014001010000, -0x0101010000000100, 0x0101014000000100, 0x0101010001000100, 0x0101014001000100, -0x0101010000010100, 0x0101014000010100, 0x0101010001010100, 0x0101014001010100, -0x0101010000000001, 0x0101014000000001, 0x0101010001000001, 0x0101014001000001, -0x0101010000010001, 0x0101014000010001, 0x0101010001010001, 0x0101014001010001, -0x0101010000000101, 0x0101014000000101, 0x0101010001000101, 0x0101014001000101, -0x0101010000010101, 0x0101014000010101, 0x0101010001010101, 0x0101014001010101 }; - -} diff --git a/src/block/des/desx.cpp b/src/block/des/desx.cpp deleted file mode 100644 index 879e73ee9..000000000 --- a/src/block/des/desx.cpp +++ /dev/null @@ -1,62 +0,0 @@ -/* -* DES -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/desx.h> -#include <botan/internal/xor_buf.h> - -namespace Botan { - -/* -* DESX Encryption -*/ -void DESX::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - xor_buf(out, in, &K1[0], BLOCK_SIZE); - des.encrypt(out); - xor_buf(out, &K2[0], BLOCK_SIZE); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* DESX Decryption -*/ -void DESX::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - xor_buf(out, in, &K2[0], BLOCK_SIZE); - des.decrypt(out); - xor_buf(out, &K1[0], BLOCK_SIZE); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* DESX Key Schedule -*/ -void DESX::key_schedule(const byte key[], size_t) - { - K1.assign(key, key + 8); - des.set_key(key + 8, 8); - K2.assign(key + 16, key + 24); - } - -void DESX::clear() - { - des.clear(); - zap(K1); - zap(K2); - } - -} diff --git a/src/block/des/desx.h b/src/block/des/desx.h deleted file mode 100644 index aeda3f3c4..000000000 --- a/src/block/des/desx.h +++ /dev/null @@ -1,35 +0,0 @@ -/* -* DESX -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_DESX_H__ -#define BOTAN_DESX_H__ - -#include <botan/des.h> - -namespace Botan { - -/** -* DESX -*/ -class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "DESX"; } - BlockCipher* clone() const { return new DESX; } - private: - void key_schedule(const byte[], size_t); - secure_vector<byte> K1, K2; - DES des; - }; - -} - -#endif diff --git a/src/block/des/info.txt b/src/block/des/info.txt deleted file mode 100644 index a5d50d56e..000000000 --- a/src/block/des/info.txt +++ /dev/null @@ -1 +0,0 @@ -define DES 20131128 diff --git a/src/block/gost_28147/gost_28147.cpp b/src/block/gost_28147/gost_28147.cpp deleted file mode 100644 index 09ca9a57e..000000000 --- a/src/block/gost_28147/gost_28147.cpp +++ /dev/null @@ -1,177 +0,0 @@ -/* -* GOST 28147-89 -* (C) 1999-2009,2011 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/gost_28147.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -byte GOST_28147_89_Params::sbox_entry(size_t row, size_t col) const - { - byte x = sboxes[4 * col + (row / 2)]; - - return (row % 2 == 0) ? (x >> 4) : (x & 0x0F); - } - -GOST_28147_89_Params::GOST_28147_89_Params(const std::string& n) : name(n) - { - // Encoded in the packed fromat from RFC 4357 - - // GostR3411_94_TestParamSet (OID 1.2.643.2.2.31.0) - static const byte GOST_R_3411_TEST_PARAMS[64] = { - 0x4E, 0x57, 0x64, 0xD1, 0xAB, 0x8D, 0xCB, 0xBF, 0x94, 0x1A, 0x7A, - 0x4D, 0x2C, 0xD1, 0x10, 0x10, 0xD6, 0xA0, 0x57, 0x35, 0x8D, 0x38, - 0xF2, 0xF7, 0x0F, 0x49, 0xD1, 0x5A, 0xEA, 0x2F, 0x8D, 0x94, 0x62, - 0xEE, 0x43, 0x09, 0xB3, 0xF4, 0xA6, 0xA2, 0x18, 0xC6, 0x98, 0xE3, - 0xC1, 0x7C, 0xE5, 0x7E, 0x70, 0x6B, 0x09, 0x66, 0xF7, 0x02, 0x3C, - 0x8B, 0x55, 0x95, 0xBF, 0x28, 0x39, 0xB3, 0x2E, 0xCC }; - - // GostR3411-94-CryptoProParamSet (OID 1.2.643.2.2.31.1) - static const byte GOST_R_3411_CRYPTOPRO_PARAMS[64] = { - 0xA5, 0x74, 0x77, 0xD1, 0x4F, 0xFA, 0x66, 0xE3, 0x54, 0xC7, 0x42, - 0x4A, 0x60, 0xEC, 0xB4, 0x19, 0x82, 0x90, 0x9D, 0x75, 0x1D, 0x4F, - 0xC9, 0x0B, 0x3B, 0x12, 0x2F, 0x54, 0x79, 0x08, 0xA0, 0xAF, 0xD1, - 0x3E, 0x1A, 0x38, 0xC7, 0xB1, 0x81, 0xC6, 0xE6, 0x56, 0x05, 0x87, - 0x03, 0x25, 0xEB, 0xFE, 0x9C, 0x6D, 0xF8, 0x6D, 0x2E, 0xAB, 0xDE, - 0x20, 0xBA, 0x89, 0x3C, 0x92, 0xF8, 0xD3, 0x53, 0xBC }; - - if(name == "R3411_94_TestParam") - sboxes = GOST_R_3411_TEST_PARAMS; - else if(name == "R3411_CryptoPro") - sboxes = GOST_R_3411_CRYPTOPRO_PARAMS; - else - throw Invalid_Argument("GOST_28147_89_Params: Unknown " + name); - } - -/* -* GOST Constructor -*/ -GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) : SBOX(1024) - { - // Convert the parallel 4x4 sboxes into larger word-based sboxes - for(size_t i = 0; i != 4; ++i) - for(size_t j = 0; j != 256; ++j) - { - const u32bit T = (param.sbox_entry(2*i , j % 16)) | - (param.sbox_entry(2*i+1, j / 16) << 4); - SBOX[256*i+j] = rotate_left(T, (11+8*i) % 32); - } - } - -std::string GOST_28147_89::name() const - { - /* - 'Guess' the right name for the sbox on the basis of the values. - This would need to be updated if support for other sbox parameters - is added. Preferably, we would just store the string value in the - constructor, but can't break binary compat. - */ - std::string sbox_name = ""; - if(SBOX[0] == 0x00072000) - sbox_name = "R3411_94_TestParam"; - else if(SBOX[0] == 0x0002D000) - sbox_name = "R3411_CryptoPro"; - else - throw Internal_Error("GOST-28147 unrecognized sbox value"); - - return "GOST-28147-89(" + sbox_name + ")"; - } - -/* -* Two rounds of GOST -*/ -#define GOST_2ROUND(N1, N2, R1, R2) \ - do { \ - u32bit T0 = N1 + EK[R1]; \ - N2 ^= SBOX[get_byte(3, T0)] | \ - SBOX[get_byte(2, T0)+256] | \ - SBOX[get_byte(1, T0)+512] | \ - SBOX[get_byte(0, T0)+768]; \ - \ - u32bit T1 = N2 + EK[R2]; \ - N1 ^= SBOX[get_byte(3, T1)] | \ - SBOX[get_byte(2, T1)+256] | \ - SBOX[get_byte(1, T1)+512] | \ - SBOX[get_byte(0, T1)+768]; \ - } while(0) - -/* -* GOST Encryption -*/ -void GOST_28147_89::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit N1 = load_le<u32bit>(in, 0); - u32bit N2 = load_le<u32bit>(in, 1); - - for(size_t j = 0; j != 3; ++j) - { - GOST_2ROUND(N1, N2, 0, 1); - GOST_2ROUND(N1, N2, 2, 3); - GOST_2ROUND(N1, N2, 4, 5); - GOST_2ROUND(N1, N2, 6, 7); - } - - GOST_2ROUND(N1, N2, 7, 6); - GOST_2ROUND(N1, N2, 5, 4); - GOST_2ROUND(N1, N2, 3, 2); - GOST_2ROUND(N1, N2, 1, 0); - - store_le(out, N2, N1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* GOST Decryption -*/ -void GOST_28147_89::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit N1 = load_le<u32bit>(in, 0); - u32bit N2 = load_le<u32bit>(in, 1); - - GOST_2ROUND(N1, N2, 0, 1); - GOST_2ROUND(N1, N2, 2, 3); - GOST_2ROUND(N1, N2, 4, 5); - GOST_2ROUND(N1, N2, 6, 7); - - for(size_t j = 0; j != 3; ++j) - { - GOST_2ROUND(N1, N2, 7, 6); - GOST_2ROUND(N1, N2, 5, 4); - GOST_2ROUND(N1, N2, 3, 2); - GOST_2ROUND(N1, N2, 1, 0); - } - - store_le(out, N2, N1); - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* GOST Key Schedule -*/ -void GOST_28147_89::key_schedule(const byte key[], size_t) - { - EK.resize(8); - for(size_t i = 0; i != 8; ++i) - EK[i] = load_le<u32bit>(key, i); - } - -void GOST_28147_89::clear() - { - zap(EK); - } - -} diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h deleted file mode 100644 index 34b99197e..000000000 --- a/src/block/gost_28147/gost_28147.h +++ /dev/null @@ -1,84 +0,0 @@ -/* -* GOST 28147-89 -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_GOST_28147_89_H__ -#define BOTAN_GOST_28147_89_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* The GOST 28147-89 block cipher uses a set of 4 bit Sboxes, however -* the standard does not actually define these Sboxes; they are -* considered a local configuration issue. Several different sets are -* used. -*/ -class BOTAN_DLL GOST_28147_89_Params - { - public: - /** - * @param row the row - * @param col the column - * @return sbox entry at this row/column - */ - byte sbox_entry(size_t row, size_t col) const; - - /** - * @return name of this parameter set - */ - std::string param_name() const { return name; } - - /** - * Default GOST parameters are the ones given in GOST R 34.11 for - * testing purposes; these sboxes are also used by Crypto++, and, - * at least according to Wikipedia, the Central Bank of Russian - * Federation - * @param name of the parameter set - */ - GOST_28147_89_Params(const std::string& name = "R3411_94_TestParam"); - private: - const byte* sboxes; - std::string name; - }; - -/** -* GOST 28147-89 -*/ -class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - - std::string name() const; - BlockCipher* clone() const { return new GOST_28147_89(SBOX); } - - /** - * @param params the sbox parameters to use - */ - GOST_28147_89(const GOST_28147_89_Params& params); - private: - GOST_28147_89(const std::vector<u32bit>& other_SBOX) : - SBOX(other_SBOX), EK(8) {} - - void key_schedule(const byte[], size_t); - - /* - * The sbox is not secret, this is just a larger expansion of it - * which we generate at runtime for faster execution - */ - std::vector<u32bit> SBOX; - - secure_vector<u32bit> EK; - }; - -} - -#endif diff --git a/src/block/gost_28147/info.txt b/src/block/gost_28147/info.txt deleted file mode 100644 index 396557248..000000000 --- a/src/block/gost_28147/info.txt +++ /dev/null @@ -1 +0,0 @@ -define GOST_28147_89 20131128 diff --git a/src/block/idea/idea.cpp b/src/block/idea/idea.cpp deleted file mode 100644 index 61a938c57..000000000 --- a/src/block/idea/idea.cpp +++ /dev/null @@ -1,169 +0,0 @@ -/* -* IDEA -* (C) 1999-2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/idea.h> -#include <botan/loadstor.h> - -namespace Botan { - -namespace { - -/* -* Multiplication modulo 65537 -*/ -inline u16bit mul(u16bit x, u16bit y) - { - const u32bit P = static_cast<u32bit>(x) * y; - - // P ? 0xFFFF : 0 - const u16bit P_mask = !P - 1; - - const u32bit P_hi = P >> 16; - const u32bit P_lo = P & 0xFFFF; - - const u16bit r_1 = (P_lo - P_hi) + (P_lo < P_hi); - const u16bit r_2 = 1 - x - y; - - return (r_1 & P_mask) | (r_2 & ~P_mask); - } - -/* -* Find multiplicative inverses modulo 65537 -* -* 65537 is prime; thus Fermat's little theorem tells us that -* x^65537 == x modulo 65537, which means -* x^(65537-2) == x^-1 modulo 65537 since -* x^(65537-2) * x == 1 mod 65537 -* -* Do the exponentiation with a basic square and multiply: all bits are -* of exponent are 1 so we always multiply -*/ -u16bit mul_inv(u16bit x) - { - u16bit y = x; - - for(size_t i = 0; i != 15; ++i) - { - y = mul(y, y); // square - y = mul(y, x); - } - - return y; - } - -/** -* IDEA is involutional, depending only on the key schedule -*/ -void idea_op(const byte in[], byte out[], size_t blocks, const u16bit K[52]) - { - const size_t BLOCK_SIZE = 8; - - for(size_t i = 0; i != blocks; ++i) - { - u16bit X1 = load_be<u16bit>(in, 0); - u16bit X2 = load_be<u16bit>(in, 1); - u16bit X3 = load_be<u16bit>(in, 2); - u16bit X4 = load_be<u16bit>(in, 3); - - for(size_t j = 0; j != 8; ++j) - { - X1 = mul(X1, K[6*j+0]); - X2 += K[6*j+1]; - X3 += K[6*j+2]; - X4 = mul(X4, K[6*j+3]); - - u16bit T0 = X3; - X3 = mul(X3 ^ X1, K[6*j+4]); - - u16bit T1 = X2; - X2 = mul((X2 ^ X4) + X3, K[6*j+5]); - X3 += X2; - - X1 ^= X2; - X4 ^= X3; - X2 ^= T0; - X3 ^= T1; - } - - X1 = mul(X1, K[48]); - X2 += K[50]; - X3 += K[49]; - X4 = mul(X4, K[51]); - - store_be(out, X1, X3, X2, X4); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -} - -/* -* IDEA Encryption -*/ -void IDEA::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - idea_op(in, out, blocks, &EK[0]); - } - -/* -* IDEA Decryption -*/ -void IDEA::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - idea_op(in, out, blocks, &DK[0]); - } - -/* -* IDEA Key Schedule -*/ -void IDEA::key_schedule(const byte key[], size_t) - { - EK.resize(52); - DK.resize(52); - - for(size_t i = 0; i != 8; ++i) - EK[i] = load_be<u16bit>(key, i); - - for(size_t i = 1, j = 8, offset = 0; j != 52; i %= 8, ++i, ++j) - { - EK[i+7+offset] = static_cast<u16bit>((EK[(i % 8) + offset] << 9) | - (EK[((i+1) % 8) + offset] >> 7)); - offset += (i == 8) ? 8 : 0; - } - - DK[51] = mul_inv(EK[3]); - DK[50] = -EK[2]; - DK[49] = -EK[1]; - DK[48] = mul_inv(EK[0]); - - for(size_t i = 1, j = 4, counter = 47; i != 8; ++i, j += 6) - { - DK[counter--] = EK[j+1]; - DK[counter--] = EK[j]; - DK[counter--] = mul_inv(EK[j+5]); - DK[counter--] = -EK[j+3]; - DK[counter--] = -EK[j+4]; - DK[counter--] = mul_inv(EK[j+2]); - } - - DK[5] = EK[47]; - DK[4] = EK[46]; - DK[3] = mul_inv(EK[51]); - DK[2] = -EK[50]; - DK[1] = -EK[49]; - DK[0] = mul_inv(EK[48]); - } - -void IDEA::clear() - { - zap(EK); - zap(DK); - } - -} diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h deleted file mode 100644 index da5dc4cb6..000000000 --- a/src/block/idea/idea.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -* IDEA -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_IDEA_H__ -#define BOTAN_IDEA_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* IDEA -*/ -class BOTAN_DLL IDEA : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "IDEA"; } - BlockCipher* clone() const { return new IDEA; } - protected: - /** - * @return const reference to encryption subkeys - */ - const secure_vector<u16bit>& get_EK() const { return EK; } - - /** - * @return const reference to decryption subkeys - */ - const secure_vector<u16bit>& get_DK() const { return DK; } - - private: - void key_schedule(const byte[], size_t); - - secure_vector<u16bit> EK, DK; - }; - -} - -#endif diff --git a/src/block/idea/info.txt b/src/block/idea/info.txt deleted file mode 100644 index dbca72c8d..000000000 --- a/src/block/idea/info.txt +++ /dev/null @@ -1 +0,0 @@ -define IDEA 20131128 diff --git a/src/block/idea_sse2/idea_sse2.cpp b/src/block/idea_sse2/idea_sse2.cpp deleted file mode 100644 index 70698560d..000000000 --- a/src/block/idea_sse2/idea_sse2.cpp +++ /dev/null @@ -1,234 +0,0 @@ -/* -* IDEA in SSE2 -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/idea_sse2.h> -#include <emmintrin.h> - -namespace Botan { - -namespace { - -inline __m128i mul(__m128i X, u16bit K_16) - { - const __m128i zeros = _mm_set1_epi16(0); - const __m128i ones = _mm_set1_epi16(1); - - const __m128i K = _mm_set1_epi16(K_16); - - const __m128i X_is_zero = _mm_cmpeq_epi16(X, zeros); - const __m128i K_is_zero = _mm_cmpeq_epi16(K, zeros); - - const __m128i mul_lo = _mm_mullo_epi16(X, K); - const __m128i mul_hi = _mm_mulhi_epu16(X, K); - - __m128i T = _mm_sub_epi16(mul_lo, mul_hi); - - // Unsigned compare; cmp = 1 if mul_lo < mul_hi else 0 - const __m128i subs = _mm_subs_epu16(mul_hi, mul_lo); - const __m128i cmp = _mm_min_epu8( - _mm_or_si128(subs, _mm_srli_epi16(subs, 8)), ones); - - T = _mm_add_epi16(T, cmp); - - /* Selection: if X[i] is zero then assign 1-K - if K is zero then assign 1-X[i] - - Could if() off value of K_16 for the second, but this gives a - constant time implementation which is a nice bonus. - */ - - T = _mm_or_si128( - _mm_andnot_si128(X_is_zero, T), - _mm_and_si128(_mm_sub_epi16(ones, K), X_is_zero)); - - T = _mm_or_si128( - _mm_andnot_si128(K_is_zero, T), - _mm_and_si128(_mm_sub_epi16(ones, X), K_is_zero)); - - return T; - } - -/* -* 4x8 matrix transpose -* -* FIXME: why do I need the extra set of unpack_epi32 here? Inverse in -* transpose_out doesn't need it. Something with the shuffle? Removing -* that extra unpack could easily save 3-4 cycles per block, and would -* also help a lot with register pressure on 32-bit x86 -*/ -void transpose_in(__m128i& B0, __m128i& B1, __m128i& B2, __m128i& B3) - { - __m128i T0 = _mm_unpackhi_epi32(B0, B1); - __m128i T1 = _mm_unpacklo_epi32(B0, B1); - __m128i T2 = _mm_unpackhi_epi32(B2, B3); - __m128i T3 = _mm_unpacklo_epi32(B2, B3); - - __m128i T4 = _mm_unpacklo_epi32(T0, T1); - __m128i T5 = _mm_unpackhi_epi32(T0, T1); - __m128i T6 = _mm_unpacklo_epi32(T2, T3); - __m128i T7 = _mm_unpackhi_epi32(T2, T3); - - T0 = _mm_shufflehi_epi16(T4, _MM_SHUFFLE(1, 3, 0, 2)); - T1 = _mm_shufflehi_epi16(T5, _MM_SHUFFLE(1, 3, 0, 2)); - T2 = _mm_shufflehi_epi16(T6, _MM_SHUFFLE(1, 3, 0, 2)); - T3 = _mm_shufflehi_epi16(T7, _MM_SHUFFLE(1, 3, 0, 2)); - - T0 = _mm_shufflelo_epi16(T0, _MM_SHUFFLE(1, 3, 0, 2)); - T1 = _mm_shufflelo_epi16(T1, _MM_SHUFFLE(1, 3, 0, 2)); - T2 = _mm_shufflelo_epi16(T2, _MM_SHUFFLE(1, 3, 0, 2)); - T3 = _mm_shufflelo_epi16(T3, _MM_SHUFFLE(1, 3, 0, 2)); - - T0 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(3, 1, 2, 0)); - T1 = _mm_shuffle_epi32(T1, _MM_SHUFFLE(3, 1, 2, 0)); - T2 = _mm_shuffle_epi32(T2, _MM_SHUFFLE(3, 1, 2, 0)); - T3 = _mm_shuffle_epi32(T3, _MM_SHUFFLE(3, 1, 2, 0)); - - B0 = _mm_unpacklo_epi64(T0, T2); - B1 = _mm_unpackhi_epi64(T0, T2); - B2 = _mm_unpacklo_epi64(T1, T3); - B3 = _mm_unpackhi_epi64(T1, T3); - } - -/* -* 4x8 matrix transpose (reverse) -*/ -void transpose_out(__m128i& B0, __m128i& B1, __m128i& B2, __m128i& B3) - { - __m128i T0 = _mm_unpacklo_epi64(B0, B1); - __m128i T1 = _mm_unpacklo_epi64(B2, B3); - __m128i T2 = _mm_unpackhi_epi64(B0, B1); - __m128i T3 = _mm_unpackhi_epi64(B2, B3); - - T0 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(3, 1, 2, 0)); - T1 = _mm_shuffle_epi32(T1, _MM_SHUFFLE(3, 1, 2, 0)); - T2 = _mm_shuffle_epi32(T2, _MM_SHUFFLE(3, 1, 2, 0)); - T3 = _mm_shuffle_epi32(T3, _MM_SHUFFLE(3, 1, 2, 0)); - - T0 = _mm_shufflehi_epi16(T0, _MM_SHUFFLE(3, 1, 2, 0)); - T1 = _mm_shufflehi_epi16(T1, _MM_SHUFFLE(3, 1, 2, 0)); - T2 = _mm_shufflehi_epi16(T2, _MM_SHUFFLE(3, 1, 2, 0)); - T3 = _mm_shufflehi_epi16(T3, _MM_SHUFFLE(3, 1, 2, 0)); - - T0 = _mm_shufflelo_epi16(T0, _MM_SHUFFLE(3, 1, 2, 0)); - T1 = _mm_shufflelo_epi16(T1, _MM_SHUFFLE(3, 1, 2, 0)); - T2 = _mm_shufflelo_epi16(T2, _MM_SHUFFLE(3, 1, 2, 0)); - T3 = _mm_shufflelo_epi16(T3, _MM_SHUFFLE(3, 1, 2, 0)); - - B0 = _mm_unpacklo_epi32(T0, T1); - B1 = _mm_unpackhi_epi32(T0, T1); - B2 = _mm_unpacklo_epi32(T2, T3); - B3 = _mm_unpackhi_epi32(T2, T3); - } - -/* -* IDEA encryption/decryption in SSE2 -*/ -void idea_op_8(const byte in[64], byte out[64], const u16bit EK[52]) - { - const __m128i* in_mm = reinterpret_cast<const __m128i*>(in); - - __m128i B0 = _mm_loadu_si128(in_mm + 0); - __m128i B1 = _mm_loadu_si128(in_mm + 1); - __m128i B2 = _mm_loadu_si128(in_mm + 2); - __m128i B3 = _mm_loadu_si128(in_mm + 3); - - transpose_in(B0, B1, B2, B3); - - // byte swap - B0 = _mm_or_si128(_mm_slli_epi16(B0, 8), _mm_srli_epi16(B0, 8)); - B1 = _mm_or_si128(_mm_slli_epi16(B1, 8), _mm_srli_epi16(B1, 8)); - B2 = _mm_or_si128(_mm_slli_epi16(B2, 8), _mm_srli_epi16(B2, 8)); - B3 = _mm_or_si128(_mm_slli_epi16(B3, 8), _mm_srli_epi16(B3, 8)); - - for(size_t i = 0; i != 8; ++i) - { - B0 = mul(B0, EK[6*i+0]); - B1 = _mm_add_epi16(B1, _mm_set1_epi16(EK[6*i+1])); - B2 = _mm_add_epi16(B2, _mm_set1_epi16(EK[6*i+2])); - B3 = mul(B3, EK[6*i+3]); - - __m128i T0 = B2; - - B2 = _mm_xor_si128(B2, B0); - B2 = mul(B2, EK[6*i+4]); - - __m128i T1 = B1; - - B1 = _mm_xor_si128(B1, B3); - B1 = _mm_add_epi16(B1, B2); - B1 = mul(B1, EK[6*i+5]); - - B2 = _mm_add_epi16(B2, B1); - - B0 = _mm_xor_si128(B0, B1); - B1 = _mm_xor_si128(B1, T0); - B3 = _mm_xor_si128(B3, B2); - B2 = _mm_xor_si128(B2, T1); - } - - B0 = mul(B0, EK[48]); - B1 = _mm_add_epi16(B1, _mm_set1_epi16(EK[50])); - B2 = _mm_add_epi16(B2, _mm_set1_epi16(EK[49])); - B3 = mul(B3, EK[51]); - - // byte swap - B0 = _mm_or_si128(_mm_slli_epi16(B0, 8), _mm_srli_epi16(B0, 8)); - B1 = _mm_or_si128(_mm_slli_epi16(B1, 8), _mm_srli_epi16(B1, 8)); - B2 = _mm_or_si128(_mm_slli_epi16(B2, 8), _mm_srli_epi16(B2, 8)); - B3 = _mm_or_si128(_mm_slli_epi16(B3, 8), _mm_srli_epi16(B3, 8)); - - transpose_out(B0, B2, B1, B3); - - __m128i* out_mm = reinterpret_cast<__m128i*>(out); - - _mm_storeu_si128(out_mm + 0, B0); - _mm_storeu_si128(out_mm + 1, B2); - _mm_storeu_si128(out_mm + 2, B1); - _mm_storeu_si128(out_mm + 3, B3); - } - -} - -/* -* IDEA Encryption -*/ -void IDEA_SSE2::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u16bit* KS = &this->get_EK()[0]; - - while(blocks >= 8) - { - idea_op_8(in, out, KS); - in += 8 * BLOCK_SIZE; - out += 8 * BLOCK_SIZE; - blocks -= 8; - } - - if(blocks) - IDEA::encrypt_n(in, out, blocks); - } - -/* -* IDEA Decryption -*/ -void IDEA_SSE2::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u16bit* KS = &this->get_DK()[0]; - - while(blocks >= 8) - { - idea_op_8(in, out, KS); - in += 8 * BLOCK_SIZE; - out += 8 * BLOCK_SIZE; - blocks -= 8; - } - - if(blocks) - IDEA::decrypt_n(in, out, blocks); - } - -} diff --git a/src/block/idea_sse2/idea_sse2.h b/src/block/idea_sse2/idea_sse2.h deleted file mode 100644 index 8e475568e..000000000 --- a/src/block/idea_sse2/idea_sse2.h +++ /dev/null @@ -1,31 +0,0 @@ -/* -* IDEA in SSE2 -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_IDEA_SSE2_H__ -#define BOTAN_IDEA_SSE2_H__ - -#include <botan/idea.h> - -namespace Botan { - -/** -* IDEA in SSE2 -*/ -class BOTAN_DLL IDEA_SSE2 : public IDEA - { - public: - size_t parallelism() const { return 8; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - BlockCipher* clone() const { return new IDEA_SSE2; } - }; - -} - -#endif diff --git a/src/block/idea_sse2/info.txt b/src/block/idea_sse2/info.txt deleted file mode 100644 index cfaaa374a..000000000 --- a/src/block/idea_sse2/info.txt +++ /dev/null @@ -1,7 +0,0 @@ -define IDEA_SSE2 20131128 - -need_isa sse2 - -<requires> -idea -</requires> diff --git a/src/block/info.txt b/src/block/info.txt deleted file mode 100644 index 70e2b2ca2..000000000 --- a/src/block/info.txt +++ /dev/null @@ -1,5 +0,0 @@ -define BLOCK_CIPHER 20131128 - -<requires> -algo_base -</requires> diff --git a/src/block/kasumi/info.txt b/src/block/kasumi/info.txt deleted file mode 100644 index 3dd2a3ac0..000000000 --- a/src/block/kasumi/info.txt +++ /dev/null @@ -1 +0,0 @@ -define KASUMI 20131128 diff --git a/src/block/kasumi/kasumi.cpp b/src/block/kasumi/kasumi.cpp deleted file mode 100644 index 69f146ebb..000000000 --- a/src/block/kasumi/kasumi.cpp +++ /dev/null @@ -1,234 +0,0 @@ -/* -* KASUMI -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/kasumi.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* KASUMI S-Boxes -*/ -const byte KASUMI_SBOX_S7[128] = { - 0x36, 0x32, 0x3E, 0x38, 0x16, 0x22, 0x5E, 0x60, 0x26, 0x06, 0x3F, 0x5D, - 0x02, 0x12, 0x7B, 0x21, 0x37, 0x71, 0x27, 0x72, 0x15, 0x43, 0x41, 0x0C, - 0x2F, 0x49, 0x2E, 0x1B, 0x19, 0x6F, 0x7C, 0x51, 0x35, 0x09, 0x79, 0x4F, - 0x34, 0x3C, 0x3A, 0x30, 0x65, 0x7F, 0x28, 0x78, 0x68, 0x46, 0x47, 0x2B, - 0x14, 0x7A, 0x48, 0x3D, 0x17, 0x6D, 0x0D, 0x64, 0x4D, 0x01, 0x10, 0x07, - 0x52, 0x0A, 0x69, 0x62, 0x75, 0x74, 0x4C, 0x0B, 0x59, 0x6A, 0x00, 0x7D, - 0x76, 0x63, 0x56, 0x45, 0x1E, 0x39, 0x7E, 0x57, 0x70, 0x33, 0x11, 0x05, - 0x5F, 0x0E, 0x5A, 0x54, 0x5B, 0x08, 0x23, 0x67, 0x20, 0x61, 0x1C, 0x42, - 0x66, 0x1F, 0x1A, 0x2D, 0x4B, 0x04, 0x55, 0x5C, 0x25, 0x4A, 0x50, 0x31, - 0x44, 0x1D, 0x73, 0x2C, 0x40, 0x6B, 0x6C, 0x18, 0x6E, 0x53, 0x24, 0x4E, - 0x2A, 0x13, 0x0F, 0x29, 0x58, 0x77, 0x3B, 0x03 }; - -const u16bit KASUMI_SBOX_S9[512] = { - 0x00A7, 0x00EF, 0x00A1, 0x017B, 0x0187, 0x014E, 0x0009, 0x0152, 0x0026, - 0x00E2, 0x0030, 0x0166, 0x01C4, 0x0181, 0x005A, 0x018D, 0x00B7, 0x00FD, - 0x0093, 0x014B, 0x019F, 0x0154, 0x0033, 0x016A, 0x0132, 0x01F4, 0x0106, - 0x0052, 0x00D8, 0x009F, 0x0164, 0x00B1, 0x00AF, 0x00F1, 0x01E9, 0x0025, - 0x00CE, 0x0011, 0x0000, 0x014D, 0x002C, 0x00FE, 0x017A, 0x003A, 0x008F, - 0x00DC, 0x0051, 0x0190, 0x005F, 0x0003, 0x013B, 0x00F5, 0x0036, 0x00EB, - 0x00DA, 0x0195, 0x01D8, 0x0108, 0x00AC, 0x01EE, 0x0173, 0x0122, 0x018F, - 0x004C, 0x00A5, 0x00C5, 0x018B, 0x0079, 0x0101, 0x01E0, 0x01A7, 0x00D4, - 0x00F0, 0x001C, 0x01CE, 0x00B0, 0x0196, 0x01FB, 0x0120, 0x00DF, 0x01F5, - 0x0197, 0x00F9, 0x0109, 0x0059, 0x00BA, 0x00DD, 0x01AC, 0x00A4, 0x004A, - 0x01B8, 0x00C4, 0x01CA, 0x01A5, 0x015E, 0x00A3, 0x00E8, 0x009E, 0x0086, - 0x0162, 0x000D, 0x00FA, 0x01EB, 0x008E, 0x00BF, 0x0045, 0x00C1, 0x01A9, - 0x0098, 0x00E3, 0x016E, 0x0087, 0x0158, 0x012C, 0x0114, 0x00F2, 0x01B5, - 0x0140, 0x0071, 0x0116, 0x000B, 0x00F3, 0x0057, 0x013D, 0x0024, 0x005D, - 0x01F0, 0x001B, 0x01E7, 0x01BE, 0x01E2, 0x0029, 0x0044, 0x009C, 0x01C9, - 0x0083, 0x0146, 0x0193, 0x0153, 0x0014, 0x0027, 0x0073, 0x01BA, 0x007C, - 0x01DB, 0x0180, 0x01FC, 0x0035, 0x0070, 0x00AA, 0x01DF, 0x0097, 0x007E, - 0x00A9, 0x0049, 0x010C, 0x0117, 0x0141, 0x00A8, 0x016C, 0x016B, 0x0124, - 0x002E, 0x01F3, 0x0189, 0x0147, 0x0144, 0x0018, 0x01C8, 0x010B, 0x009D, - 0x01CC, 0x01E8, 0x01AA, 0x0135, 0x00E5, 0x01B7, 0x01FA, 0x00D0, 0x010F, - 0x015D, 0x0191, 0x01B2, 0x00EC, 0x0010, 0x00D1, 0x0167, 0x0034, 0x0038, - 0x0078, 0x00C7, 0x0115, 0x01D1, 0x01A0, 0x00FC, 0x011F, 0x00F6, 0x0006, - 0x0053, 0x0131, 0x01A4, 0x0159, 0x0099, 0x01F6, 0x0041, 0x003D, 0x00F4, - 0x011A, 0x00AD, 0x00DE, 0x01A2, 0x0043, 0x0182, 0x0170, 0x0105, 0x0065, - 0x01DC, 0x0123, 0x00C3, 0x01AE, 0x0031, 0x004F, 0x00A6, 0x014A, 0x0118, - 0x017F, 0x0175, 0x0080, 0x017E, 0x0198, 0x009B, 0x01EF, 0x016F, 0x0184, - 0x0112, 0x006B, 0x01CB, 0x01A1, 0x003E, 0x01C6, 0x0084, 0x00E1, 0x00CB, - 0x013C, 0x00EA, 0x000E, 0x012D, 0x005B, 0x01F7, 0x011E, 0x01A8, 0x00D3, - 0x015B, 0x0133, 0x008C, 0x0176, 0x0023, 0x0067, 0x007D, 0x01AB, 0x0013, - 0x00D6, 0x01C5, 0x0092, 0x01F2, 0x013A, 0x01BC, 0x00E6, 0x0100, 0x0149, - 0x00C6, 0x011D, 0x0032, 0x0074, 0x004E, 0x019A, 0x000A, 0x00CD, 0x01FE, - 0x00AB, 0x00E7, 0x002D, 0x008B, 0x01D3, 0x001D, 0x0056, 0x01F9, 0x0020, - 0x0048, 0x001A, 0x0156, 0x0096, 0x0139, 0x01EA, 0x01AF, 0x00EE, 0x019B, - 0x0145, 0x0095, 0x01D9, 0x0028, 0x0077, 0x00AE, 0x0163, 0x00B9, 0x00E9, - 0x0185, 0x0047, 0x01C0, 0x0111, 0x0174, 0x0037, 0x006E, 0x00B2, 0x0142, - 0x000C, 0x01D5, 0x0188, 0x0171, 0x00BE, 0x0001, 0x006D, 0x0177, 0x0089, - 0x00B5, 0x0058, 0x004B, 0x0134, 0x0104, 0x01E4, 0x0062, 0x0110, 0x0172, - 0x0113, 0x019C, 0x006F, 0x0150, 0x013E, 0x0004, 0x01F8, 0x01EC, 0x0103, - 0x0130, 0x004D, 0x0151, 0x01B3, 0x0015, 0x0165, 0x012F, 0x014C, 0x01E3, - 0x0012, 0x002F, 0x0055, 0x0019, 0x01F1, 0x01DA, 0x0121, 0x0064, 0x010D, - 0x0128, 0x01DE, 0x010E, 0x006A, 0x001F, 0x0068, 0x01B1, 0x0054, 0x019E, - 0x01E6, 0x018A, 0x0060, 0x0063, 0x009A, 0x01FF, 0x0094, 0x019D, 0x0169, - 0x0199, 0x00FF, 0x00A2, 0x00D7, 0x012E, 0x00C9, 0x010A, 0x015F, 0x0157, - 0x0090, 0x01B9, 0x016D, 0x006C, 0x012A, 0x00FB, 0x0022, 0x00B6, 0x01FD, - 0x008A, 0x00D2, 0x014F, 0x0085, 0x0137, 0x0160, 0x0148, 0x008D, 0x018C, - 0x015A, 0x007B, 0x013F, 0x01C2, 0x0119, 0x01AD, 0x00E4, 0x01BB, 0x01E1, - 0x005C, 0x0194, 0x01E5, 0x01A6, 0x00F8, 0x0129, 0x0017, 0x00D5, 0x0082, - 0x01D2, 0x0016, 0x00D9, 0x011B, 0x0046, 0x0126, 0x0168, 0x01A3, 0x007F, - 0x0138, 0x0179, 0x0007, 0x01D4, 0x00C2, 0x0002, 0x0075, 0x0127, 0x01CF, - 0x0102, 0x00E0, 0x01BF, 0x00F7, 0x00BB, 0x0050, 0x018E, 0x011C, 0x0161, - 0x0069, 0x0186, 0x012B, 0x01D7, 0x01D6, 0x00B8, 0x0039, 0x00C8, 0x015C, - 0x003F, 0x00CC, 0x00BC, 0x0021, 0x01C3, 0x0061, 0x001E, 0x0136, 0x00DB, - 0x005E, 0x00A0, 0x0081, 0x01ED, 0x0040, 0x00B3, 0x0107, 0x0066, 0x00BD, - 0x00CF, 0x0072, 0x0192, 0x01B6, 0x01DD, 0x0183, 0x007A, 0x00C0, 0x002A, - 0x017D, 0x0005, 0x0091, 0x0076, 0x00B4, 0x01C1, 0x0125, 0x0143, 0x0088, - 0x017C, 0x002B, 0x0042, 0x003C, 0x01C7, 0x0155, 0x01BD, 0x00CA, 0x01B0, - 0x0008, 0x00ED, 0x000F, 0x0178, 0x01B4, 0x01D0, 0x003B, 0x01CD }; - -/* -* KASUMI FI Function -*/ -u16bit FI(u16bit I, u16bit K) - { - u16bit D9 = (I >> 7); - byte D7 = (I & 0x7F); - D9 = KASUMI_SBOX_S9[D9] ^ D7; - D7 = KASUMI_SBOX_S7[D7] ^ (D9 & 0x7F); - - D7 ^= (K >> 9); - D9 = KASUMI_SBOX_S9[D9 ^ (K & 0x1FF)] ^ D7; - D7 = KASUMI_SBOX_S7[D7] ^ (D9 & 0x7F); - return (D7 << 9) | D9; - } - -} - -/* -* KASUMI Encryption -*/ -void KASUMI::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit B0 = load_be<u16bit>(in, 0); - u16bit B1 = load_be<u16bit>(in, 1); - u16bit B2 = load_be<u16bit>(in, 2); - u16bit B3 = load_be<u16bit>(in, 3); - - for(size_t j = 0; j != 8; j += 2) - { - const u16bit* K = &EK[8*j]; - - u16bit R = B1 ^ (rotate_left(B0, 1) & K[0]); - u16bit L = B0 ^ (rotate_left(R, 1) | K[1]); - - L = FI(L ^ K[ 2], K[ 3]) ^ R; - R = FI(R ^ K[ 4], K[ 5]) ^ L; - L = FI(L ^ K[ 6], K[ 7]) ^ R; - - R = B2 ^= R; - L = B3 ^= L; - - R = FI(R ^ K[10], K[11]) ^ L; - L = FI(L ^ K[12], K[13]) ^ R; - R = FI(R ^ K[14], K[15]) ^ L; - - R ^= (rotate_left(L, 1) & K[8]); - L ^= (rotate_left(R, 1) | K[9]); - - B0 ^= L; - B1 ^= R; - } - - store_be(out, B0, B1, B2, B3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* KASUMI Decryption -*/ -void KASUMI::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit B0 = load_be<u16bit>(in, 0); - u16bit B1 = load_be<u16bit>(in, 1); - u16bit B2 = load_be<u16bit>(in, 2); - u16bit B3 = load_be<u16bit>(in, 3); - - for(size_t j = 0; j != 8; j += 2) - { - const u16bit* K = &EK[8*(6-j)]; - - u16bit L = B2, R = B3; - - L = FI(L ^ K[10], K[11]) ^ R; - R = FI(R ^ K[12], K[13]) ^ L; - L = FI(L ^ K[14], K[15]) ^ R; - - L ^= (rotate_left(R, 1) & K[8]); - R ^= (rotate_left(L, 1) | K[9]); - - R = B0 ^= R; - L = B1 ^= L; - - L ^= (rotate_left(R, 1) & K[0]); - R ^= (rotate_left(L, 1) | K[1]); - - R = FI(R ^ K[2], K[3]) ^ L; - L = FI(L ^ K[4], K[5]) ^ R; - R = FI(R ^ K[6], K[7]) ^ L; - - B2 ^= L; - B3 ^= R; - } - - store_be(out, B0, B1, B2, B3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* KASUMI Key Schedule -*/ -void KASUMI::key_schedule(const byte key[], size_t) - { - static const u16bit RC[] = { 0x0123, 0x4567, 0x89AB, 0xCDEF, - 0xFEDC, 0xBA98, 0x7654, 0x3210 }; - - secure_vector<u16bit> K(16); - for(size_t i = 0; i != 8; ++i) - { - K[i] = load_be<u16bit>(key, i); - K[i+8] = K[i] ^ RC[i]; - } - - EK.resize(64); - - for(size_t i = 0; i != 8; ++i) - { - EK[8*i ] = rotate_left(K[(i+0) % 8 ], 2); - EK[8*i+1] = rotate_left(K[(i+2) % 8 + 8], 1); - EK[8*i+2] = rotate_left(K[(i+1) % 8 ], 5); - EK[8*i+3] = K[(i+4) % 8 + 8]; - EK[8*i+4] = rotate_left(K[(i+5) % 8 ], 8); - EK[8*i+5] = K[(i+3) % 8 + 8]; - EK[8*i+6] = rotate_left(K[(i+6) % 8 ], 13); - EK[8*i+7] = K[(i+7) % 8 + 8]; - } - } - -void KASUMI::clear() - { - zap(EK); - } - -} diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h deleted file mode 100644 index b91a2eb77..000000000 --- a/src/block/kasumi/kasumi.h +++ /dev/null @@ -1,35 +0,0 @@ -/* -* KASUMI -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_KASUMI_H__ -#define BOTAN_KASUMI_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* KASUMI, the block cipher used in 3G telephony -*/ -class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "KASUMI"; } - BlockCipher* clone() const { return new KASUMI; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u16bit> EK; - }; - -} - -#endif diff --git a/src/block/lion/info.txt b/src/block/lion/info.txt deleted file mode 100644 index c775ff428..000000000 --- a/src/block/lion/info.txt +++ /dev/null @@ -1,6 +0,0 @@ -define LION 20131128 - -<requires> -hash -stream -</requires> diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp deleted file mode 100644 index bba48c89f..000000000 --- a/src/block/lion/lion.cpp +++ /dev/null @@ -1,128 +0,0 @@ -/* -* Lion -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/lion.h> -#include <botan/internal/xor_buf.h> -#include <botan/parsing.h> - -namespace Botan { - -/* -* Lion Encryption -*/ -void Lion::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - secure_vector<byte> buffer_vec(LEFT_SIZE); - byte* buffer = &buffer_vec[0]; - - for(size_t i = 0; i != blocks; ++i) - { - xor_buf(buffer, in, &key1[0], LEFT_SIZE); - cipher->set_key(buffer, LEFT_SIZE); - cipher->cipher(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE); - - hash->update(out + LEFT_SIZE, RIGHT_SIZE); - hash->final(buffer); - xor_buf(out, in, buffer, LEFT_SIZE); - - xor_buf(buffer, out, &key2[0], LEFT_SIZE); - cipher->set_key(buffer, LEFT_SIZE); - cipher->cipher1(out + LEFT_SIZE, RIGHT_SIZE); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Lion Decryption -*/ -void Lion::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - secure_vector<byte> buffer_vec(LEFT_SIZE); - byte* buffer = &buffer_vec[0]; - - for(size_t i = 0; i != blocks; ++i) - { - xor_buf(buffer, in, &key2[0], LEFT_SIZE); - cipher->set_key(buffer, LEFT_SIZE); - cipher->cipher(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE); - - hash->update(out + LEFT_SIZE, RIGHT_SIZE); - hash->final(buffer); - xor_buf(out, in, buffer, LEFT_SIZE); - - xor_buf(buffer, out, &key1[0], LEFT_SIZE); - cipher->set_key(buffer, LEFT_SIZE); - cipher->cipher1(out + LEFT_SIZE, RIGHT_SIZE); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Lion Key Schedule -*/ -void Lion::key_schedule(const byte key[], size_t length) - { - clear(); - - key1.assign(key, key + (length / 2)); - key2.assign(key + (length / 2), key + length); - } - -/* -* Return the name of this type -*/ -std::string Lion::name() const - { - return "Lion(" + hash->name() + "," + - cipher->name() + "," + - std::to_string(BLOCK_SIZE) + ")"; - } - -/* -* Return a clone of this object -*/ -BlockCipher* Lion::clone() const - { - return new Lion(hash->clone(), cipher->clone(), BLOCK_SIZE); - } - -/* -* Clear memory of sensitive data -*/ -void Lion::clear() - { - zap(key1); - zap(key2); - hash->clear(); - cipher->clear(); - } - -/* -* Lion Constructor -*/ -Lion::Lion(HashFunction* hash_in, StreamCipher* sc_in, size_t block_len) : - BLOCK_SIZE(std::max<size_t>(2*hash_in->output_length() + 1, block_len)), - LEFT_SIZE(hash_in->output_length()), - RIGHT_SIZE(BLOCK_SIZE - LEFT_SIZE), - hash(hash_in), - cipher(sc_in) - { - if(2*LEFT_SIZE + 1 > BLOCK_SIZE) - throw Invalid_Argument(name() + ": Chosen block size is too small"); - - if(!cipher->valid_keylength(LEFT_SIZE)) - throw Invalid_Argument(name() + ": This stream/hash combo is invalid"); - - key1.resize(LEFT_SIZE); - key2.resize(LEFT_SIZE); - } - -} diff --git a/src/block/lion/lion.h b/src/block/lion/lion.h deleted file mode 100644 index 37aad19f2..000000000 --- a/src/block/lion/lion.h +++ /dev/null @@ -1,67 +0,0 @@ -/* -* Lion -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_LION_H__ -#define BOTAN_LION_H__ - -#include <botan/block_cipher.h> -#include <botan/stream_cipher.h> -#include <botan/hash.h> - -namespace Botan { - -/** -* Lion is a block cipher construction designed by Ross Anderson and -* Eli Biham, described in "Two Practical and Provably Secure Block -* Ciphers: BEAR and LION". It has a variable block size and is -* designed to encrypt very large blocks (up to a megabyte) - -* http://www.cl.cam.ac.uk/~rja14/Papers/bear-lion.pdf -*/ -class BOTAN_DLL Lion : public BlockCipher - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - size_t block_size() const { return BLOCK_SIZE; } - - Key_Length_Specification key_spec() const - { - return Key_Length_Specification(2, 2*hash->output_length(), 2); - } - - void clear(); - std::string name() const; - BlockCipher* clone() const; - - /** - * @param hash the hash to use internally - * @param cipher the stream cipher to use internally - * @param block_size the size of the block to use - */ - Lion(HashFunction* hash, - StreamCipher* cipher, - size_t block_size); - - Lion(const Lion&) = delete; - Lion& operator=(const Lion&) = delete; - - ~Lion() { delete hash; delete cipher; } - private: - void key_schedule(const byte[], size_t); - - const size_t BLOCK_SIZE, LEFT_SIZE, RIGHT_SIZE; - - HashFunction* hash; - StreamCipher* cipher; - secure_vector<byte> key1, key2; - }; - -} - -#endif diff --git a/src/block/lubyrack/info.txt b/src/block/lubyrack/info.txt deleted file mode 100644 index 1d83a0bac..000000000 --- a/src/block/lubyrack/info.txt +++ /dev/null @@ -1,5 +0,0 @@ -define LUBY_RACKOFF 20131128 - -<requires> -hash -</requires> diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp deleted file mode 100644 index 9be079003..000000000 --- a/src/block/lubyrack/lubyrack.cpp +++ /dev/null @@ -1,129 +0,0 @@ -/* -* Luby-Rackoff -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/lubyrack.h> -#include <botan/internal/xor_buf.h> - -namespace Botan { - -/* -* Luby-Rackoff Encryption -*/ -void LubyRackoff::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const size_t len = hash->output_length(); - - secure_vector<byte> buffer_vec(len); - byte* buffer = &buffer_vec[0]; - - for(size_t i = 0; i != blocks; ++i) - { - hash->update(K1); - hash->update(in, len); - hash->final(buffer); - xor_buf(out + len, in + len, buffer, len); - - hash->update(K2); - hash->update(out + len, len); - hash->final(buffer); - xor_buf(out, in, buffer, len); - - hash->update(K1); - hash->update(out, len); - hash->final(buffer); - xor_buf(out + len, buffer, len); - - hash->update(K2); - hash->update(out + len, len); - hash->final(buffer); - xor_buf(out, buffer, len); - - in += 2 * len; - out += 2 * len; - } - } - -/* -* Luby-Rackoff Decryption -*/ -void LubyRackoff::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const size_t len = hash->output_length(); - - secure_vector<byte> buffer_vec(len); - byte* buffer = &buffer_vec[0]; - - for(size_t i = 0; i != blocks; ++i) - { - hash->update(K2); - hash->update(in + len, len); - hash->final(buffer); - xor_buf(out, in, buffer, len); - - hash->update(K1); - hash->update(out, len); - hash->final(buffer); - xor_buf(out + len, in + len, buffer, len); - - hash->update(K2); - hash->update(out + len, len); - hash->final(buffer); - xor_buf(out, buffer, len); - - hash->update(K1); - hash->update(out, len); - hash->final(buffer); - xor_buf(out + len, buffer, len); - - in += 2 * len; - out += 2 * len; - } - } - -/* -* Luby-Rackoff Key Schedule -*/ -void LubyRackoff::key_schedule(const byte key[], size_t length) - { - K1.assign(key, key + (length / 2)); - K2.assign(key + (length / 2), key + length); - } - -/* -* Clear memory of sensitive data -*/ -void LubyRackoff::clear() - { - zap(K1); - zap(K2); - hash->clear(); - } - -/* -* Return a clone of this object -*/ -BlockCipher* LubyRackoff::clone() const - { - return new LubyRackoff(hash->clone()); - } - -/* -* Return the name of this type -*/ -std::string LubyRackoff::name() const - { - return "Luby-Rackoff(" + hash->name() + ")"; - } - -/* -* Luby-Rackoff Constructor -*/ -LubyRackoff::LubyRackoff(HashFunction* h) : hash(h) - { - } - -} diff --git a/src/block/lubyrack/lubyrack.h b/src/block/lubyrack/lubyrack.h deleted file mode 100644 index e28c60be7..000000000 --- a/src/block/lubyrack/lubyrack.h +++ /dev/null @@ -1,50 +0,0 @@ -/* -* Luby-Rackoff -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_LUBY_RACKOFF_H__ -#define BOTAN_LUBY_RACKOFF_H__ - -#include <botan/block_cipher.h> -#include <botan/hash.h> - -namespace Botan { - -/** -* Luby-Rackoff block cipher construction -*/ -class BOTAN_DLL LubyRackoff : public BlockCipher - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - size_t block_size() const { return 2 * hash->output_length(); } - - Key_Length_Specification key_spec() const - { - return Key_Length_Specification(2, 32, 2); - } - - void clear(); - std::string name() const; - BlockCipher* clone() const; - - /** - * @param hash function to use to form the block cipher - */ - LubyRackoff(HashFunction* hash); - ~LubyRackoff() { delete hash; } - private: - void key_schedule(const byte[], size_t); - - HashFunction* hash; - secure_vector<byte> K1, K2; - }; - -} - -#endif diff --git a/src/block/mars/info.txt b/src/block/mars/info.txt deleted file mode 100644 index 0af3d7955..000000000 --- a/src/block/mars/info.txt +++ /dev/null @@ -1 +0,0 @@ -define MARS 20131128 diff --git a/src/block/mars/mars.cpp b/src/block/mars/mars.cpp deleted file mode 100644 index ca4e6f5c7..000000000 --- a/src/block/mars/mars.cpp +++ /dev/null @@ -1,393 +0,0 @@ -/* -* MARS -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/mars.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/** -* The MARS sbox -*/ -const u32bit SBOX[512] = { - 0x09D0C479, 0x28C8FFE0, 0x84AA6C39, 0x9DAD7287, 0x7DFF9BE3, 0xD4268361, - 0xC96DA1D4, 0x7974CC93, 0x85D0582E, 0x2A4B5705, 0x1CA16A62, 0xC3BD279D, - 0x0F1F25E5, 0x5160372F, 0xC695C1FB, 0x4D7FF1E4, 0xAE5F6BF4, 0x0D72EE46, - 0xFF23DE8A, 0xB1CF8E83, 0xF14902E2, 0x3E981E42, 0x8BF53EB6, 0x7F4BF8AC, - 0x83631F83, 0x25970205, 0x76AFE784, 0x3A7931D4, 0x4F846450, 0x5C64C3F6, - 0x210A5F18, 0xC6986A26, 0x28F4E826, 0x3A60A81C, 0xD340A664, 0x7EA820C4, - 0x526687C5, 0x7EDDD12B, 0x32A11D1D, 0x9C9EF086, 0x80F6E831, 0xAB6F04AD, - 0x56FB9B53, 0x8B2E095C, 0xB68556AE, 0xD2250B0D, 0x294A7721, 0xE21FB253, - 0xAE136749, 0xE82AAE86, 0x93365104, 0x99404A66, 0x78A784DC, 0xB69BA84B, - 0x04046793, 0x23DB5C1E, 0x46CAE1D6, 0x2FE28134, 0x5A223942, 0x1863CD5B, - 0xC190C6E3, 0x07DFB846, 0x6EB88816, 0x2D0DCC4A, 0xA4CCAE59, 0x3798670D, - 0xCBFA9493, 0x4F481D45, 0xEAFC8CA8, 0xDB1129D6, 0xB0449E20, 0x0F5407FB, - 0x6167D9A8, 0xD1F45763, 0x4DAA96C3, 0x3BEC5958, 0xABABA014, 0xB6CCD201, - 0x38D6279F, 0x02682215, 0x8F376CD5, 0x092C237E, 0xBFC56593, 0x32889D2C, - 0x854B3E95, 0x05BB9B43, 0x7DCD5DCD, 0xA02E926C, 0xFAE527E5, 0x36A1C330, - 0x3412E1AE, 0xF257F462, 0x3C4F1D71, 0x30A2E809, 0x68E5F551, 0x9C61BA44, - 0x5DED0AB8, 0x75CE09C8, 0x9654F93E, 0x698C0CCA, 0x243CB3E4, 0x2B062B97, - 0x0F3B8D9E, 0x00E050DF, 0xFC5D6166, 0xE35F9288, 0xC079550D, 0x0591AEE8, - 0x8E531E74, 0x75FE3578, 0x2F6D829A, 0xF60B21AE, 0x95E8EB8D, 0x6699486B, - 0x901D7D9B, 0xFD6D6E31, 0x1090ACEF, 0xE0670DD8, 0xDAB2E692, 0xCD6D4365, - 0xE5393514, 0x3AF345F0, 0x6241FC4D, 0x460DA3A3, 0x7BCF3729, 0x8BF1D1E0, - 0x14AAC070, 0x1587ED55, 0x3AFD7D3E, 0xD2F29E01, 0x29A9D1F6, 0xEFB10C53, - 0xCF3B870F, 0xB414935C, 0x664465ED, 0x024ACAC7, 0x59A744C1, 0x1D2936A7, - 0xDC580AA6, 0xCF574CA8, 0x040A7A10, 0x6CD81807, 0x8A98BE4C, 0xACCEA063, - 0xC33E92B5, 0xD1E0E03D, 0xB322517E, 0x2092BD13, 0x386B2C4A, 0x52E8DD58, - 0x58656DFB, 0x50820371, 0x41811896, 0xE337EF7E, 0xD39FB119, 0xC97F0DF6, - 0x68FEA01B, 0xA150A6E5, 0x55258962, 0xEB6FF41B, 0xD7C9CD7A, 0xA619CD9E, - 0xBCF09576, 0x2672C073, 0xF003FB3C, 0x4AB7A50B, 0x1484126A, 0x487BA9B1, - 0xA64FC9C6, 0xF6957D49, 0x38B06A75, 0xDD805FCD, 0x63D094CF, 0xF51C999E, - 0x1AA4D343, 0xB8495294, 0xCE9F8E99, 0xBFFCD770, 0xC7C275CC, 0x378453A7, - 0x7B21BE33, 0x397F41BD, 0x4E94D131, 0x92CC1F98, 0x5915EA51, 0x99F861B7, - 0xC9980A88, 0x1D74FD5F, 0xB0A495F8, 0x614DEED0, 0xB5778EEA, 0x5941792D, - 0xFA90C1F8, 0x33F824B4, 0xC4965372, 0x3FF6D550, 0x4CA5FEC0, 0x8630E964, - 0x5B3FBBD6, 0x7DA26A48, 0xB203231A, 0x04297514, 0x2D639306, 0x2EB13149, - 0x16A45272, 0x532459A0, 0x8E5F4872, 0xF966C7D9, 0x07128DC0, 0x0D44DB62, - 0xAFC8D52D, 0x06316131, 0xD838E7CE, 0x1BC41D00, 0x3A2E8C0F, 0xEA83837E, - 0xB984737D, 0x13BA4891, 0xC4F8B949, 0xA6D6ACB3, 0xA215CDCE, 0x8359838B, - 0x6BD1AA31, 0xF579DD52, 0x21B93F93, 0xF5176781, 0x187DFDDE, 0xE94AEB76, - 0x2B38FD54, 0x431DE1DA, 0xAB394825, 0x9AD3048F, 0xDFEA32AA, 0x659473E3, - 0x623F7863, 0xF3346C59, 0xAB3AB685, 0x3346A90B, 0x6B56443E, 0xC6DE01F8, - 0x8D421FC0, 0x9B0ED10C, 0x88F1A1E9, 0x54C1F029, 0x7DEAD57B, 0x8D7BA426, - 0x4CF5178A, 0x551A7CCA, 0x1A9A5F08, 0xFCD651B9, 0x25605182, 0xE11FC6C3, - 0xB6FD9676, 0x337B3027, 0xB7C8EB14, 0x9E5FD030, 0x6B57E354, 0xAD913CF7, - 0x7E16688D, 0x58872A69, 0x2C2FC7DF, 0xE389CCC6, 0x30738DF1, 0x0824A734, - 0xE1797A8B, 0xA4A8D57B, 0x5B5D193B, 0xC8A8309B, 0x73F9A978, 0x73398D32, - 0x0F59573E, 0xE9DF2B03, 0xE8A5B6C8, 0x848D0704, 0x98DF93C2, 0x720A1DC3, - 0x684F259A, 0x943BA848, 0xA6370152, 0x863B5EA3, 0xD17B978B, 0x6D9B58EF, - 0x0A700DD4, 0xA73D36BF, 0x8E6A0829, 0x8695BC14, 0xE35B3447, 0x933AC568, - 0x8894B022, 0x2F511C27, 0xDDFBCC3C, 0x006662B6, 0x117C83FE, 0x4E12B414, - 0xC2BCA766, 0x3A2FEC10, 0xF4562420, 0x55792E2A, 0x46F5D857, 0xCEDA25CE, - 0xC3601D3B, 0x6C00AB46, 0xEFAC9C28, 0xB3C35047, 0x611DFEE3, 0x257C3207, - 0xFDD58482, 0x3B14D84F, 0x23BECB64, 0xA075F3A3, 0x088F8EAD, 0x07ADF158, - 0x7796943C, 0xFACABF3D, 0xC09730CD, 0xF7679969, 0xDA44E9ED, 0x2C854C12, - 0x35935FA3, 0x2F057D9F, 0x690624F8, 0x1CB0BAFD, 0x7B0DBDC6, 0x810F23BB, - 0xFA929A1A, 0x6D969A17, 0x6742979B, 0x74AC7D05, 0x010E65C4, 0x86A3D963, - 0xF907B5A0, 0xD0042BD3, 0x158D7D03, 0x287A8255, 0xBBA8366F, 0x096EDC33, - 0x21916A7B, 0x77B56B86, 0x951622F9, 0xA6C5E650, 0x8CEA17D1, 0xCD8C62BC, - 0xA3D63433, 0x358A68FD, 0x0F9B9D3C, 0xD6AA295B, 0xFE33384A, 0xC000738E, - 0xCD67EB2F, 0xE2EB6DC2, 0x97338B02, 0x06C9F246, 0x419CF1AD, 0x2B83C045, - 0x3723F18A, 0xCB5B3089, 0x160BEAD7, 0x5D494656, 0x35F8A74B, 0x1E4E6C9E, - 0x000399BD, 0x67466880, 0xB4174831, 0xACF423B2, 0xCA815AB3, 0x5A6395E7, - 0x302A67C5, 0x8BDB446B, 0x108F8FA4, 0x10223EDA, 0x92B8B48B, 0x7F38D0EE, - 0xAB2701D4, 0x0262D415, 0xAF224A30, 0xB3D88ABA, 0xF8B2C3AF, 0xDAF7EF70, - 0xCC97D3B7, 0xE9614B6C, 0x2BAEBFF4, 0x70F687CF, 0x386C9156, 0xCE092EE5, - 0x01E87DA6, 0x6CE91E6A, 0xBB7BCC84, 0xC7922C20, 0x9D3B71FD, 0x060E41C6, - 0xD7590F15, 0x4E03BB47, 0x183C198E, 0x63EEB240, 0x2DDBF49A, 0x6D5CBA54, - 0x923750AF, 0xF9E14236, 0x7838162B, 0x59726C72, 0x81B66760, 0xBB2926C1, - 0x48A0CE0D, 0xA6C0496D, 0xAD43507B, 0x718D496A, 0x9DF057AF, 0x44B1BDE6, - 0x054356DC, 0xDE7CED35, 0xD51A138B, 0x62088CC9, 0x35830311, 0xC96EFCA2, - 0x686F86EC, 0x8E77CB68, 0x63E1D6B8, 0xC80F9778, 0x79C491FD, 0x1B4C67F2, - 0x72698D7D, 0x5E368C31, 0xF7D95E2E, 0xA1D3493F, 0xDCD9433E, 0x896F1552, - 0x4BC4CA7A, 0xA6D1BAF4, 0xA5A96DCC, 0x0BEF8B46, 0xA169FDA7, 0x74DF40B7, - 0x4E208804, 0x9A756607, 0x038E87C8, 0x20211E44, 0x8B7AD4BF, 0xC6403F35, - 0x1848E36D, 0x80BDB038, 0x1E62891C, 0x643D2107, 0xBF04D6F8, 0x21092C8C, - 0xF644F389, 0x0778404E, 0x7B78ADB8, 0xA2C52D53, 0x42157ABE, 0xA2253E2E, - 0x7BF3F4AE, 0x80F594F9, 0x953194E7, 0x77EB92ED, 0xB3816930, 0xDA8D9336, - 0xBF447469, 0xF26D9483, 0xEE6FAED5, 0x71371235, 0xDE425F73, 0xB4E59F43, - 0x7DBE2D4E, 0x2D37B185, 0x49DC9A63, 0x98C39D98, 0x1301C9A2, 0x389B1BBF, - 0x0C18588D, 0xA421C1BA, 0x7AA3865C, 0x71E08558, 0x3C5CFCAA, 0x7D239CA4, - 0x0297D9DD, 0xD7DC2830, 0x4B37802B, 0x7428AB54, 0xAEEE0347, 0x4B3FBB85, - 0x692F2F08, 0x134E578E, 0x36D9E0BF, 0xAE8B5FCF, 0xEDB93ECF, 0x2B27248E, - 0x170EB1EF, 0x7DC57FD6, 0x1E760F16, 0xB1136601, 0x864E1B9B, 0xD7EA7319, - 0x3AB871BD, 0xCFA4D76F, 0xE31BD782, 0x0DBEB469, 0xABB96061, 0x5370F85D, - 0xFFB07E37, 0xDA30D0FB, 0xEBC977B6, 0x0B98B40F, 0x3A4D0FE6, 0xDF4FC26B, - 0x159CF22A, 0xC298D6E2, 0x2B78EF6A, 0x61A94AC0, 0xAB561187, 0x14EEA0F0, - 0xDF0D4164, 0x19AF70EE }; - -/* -* MARS Encryption Round -*/ -inline void encrypt_round(u32bit& A, u32bit& B, u32bit& C, u32bit& D, - u32bit EK1, u32bit EK2) - { - const u32bit X = A + EK1; - A = rotate_left(A, 13); - u32bit Y = A * EK2; - u32bit Z = SBOX[X % 512]; - - Y = rotate_left(Y, 5); - Z ^= Y; - C += rotate_left(X, Y % 32); - Y = rotate_left(Y, 5); - Z ^= Y; - D ^= Y; - B += rotate_left(Z, Y % 32); - } - -/* -* MARS Decryption Round -*/ -inline void decrypt_round(u32bit& A, u32bit& B, u32bit& C, u32bit& D, - u32bit EK1, u32bit EK2) - { - u32bit Y = A * EK1; - A = rotate_right(A, 13); - const u32bit X = A + EK2; - u32bit Z = SBOX[X % 512]; - - Y = rotate_left(Y, 5); - Z ^= Y; - C -= rotate_left(X, Y % 32); - Y = rotate_left(Y, 5); - Z ^= Y; - D ^= Y; - B -= rotate_left(Z, Y % 32); - } - -/* -* MARS Forward Mixing Operation -*/ -void forward_mix(u32bit& A, u32bit& B, u32bit& C, u32bit& D) - { - for(size_t j = 0; j != 2; ++j) - { - B ^= SBOX[get_byte(3, A)]; B += SBOX[get_byte(2, A) + 256]; - C += SBOX[get_byte(1, A)]; D ^= SBOX[get_byte(0, A) + 256]; - A = rotate_right(A, 24) + D; - - C ^= SBOX[get_byte(3, B)]; C += SBOX[get_byte(2, B) + 256]; - D += SBOX[get_byte(1, B)]; A ^= SBOX[get_byte(0, B) + 256]; - B = rotate_right(B, 24) + C; - - D ^= SBOX[get_byte(3, C)]; D += SBOX[get_byte(2, C) + 256]; - A += SBOX[get_byte(1, C)]; B ^= SBOX[get_byte(0, C) + 256]; - C = rotate_right(C, 24); - - A ^= SBOX[get_byte(3, D)]; A += SBOX[get_byte(2, D) + 256]; - B += SBOX[get_byte(1, D)]; C ^= SBOX[get_byte(0, D) + 256]; - D = rotate_right(D, 24); - } - } - -/* -* MARS Reverse Mixing Operation -*/ -void reverse_mix(u32bit& A, u32bit& B, u32bit& C, u32bit& D) - { - for(size_t j = 0; j != 2; ++j) - { - B ^= SBOX[get_byte(3, A) + 256]; C -= SBOX[get_byte(0, A)]; - D -= SBOX[get_byte(1, A) + 256]; D ^= SBOX[get_byte(2, A)]; - A = rotate_left(A, 24); - - C ^= SBOX[get_byte(3, B) + 256]; D -= SBOX[get_byte(0, B)]; - A -= SBOX[get_byte(1, B) + 256]; A ^= SBOX[get_byte(2, B)]; - C -= (B = rotate_left(B, 24)); - - D ^= SBOX[get_byte(3, C) + 256]; A -= SBOX[get_byte(0, C)]; - B -= SBOX[get_byte(1, C) + 256]; B ^= SBOX[get_byte(2, C)]; - C = rotate_left(C, 24); - D -= A; - - A ^= SBOX[get_byte(3, D) + 256]; B -= SBOX[get_byte(0, D)]; - C -= SBOX[get_byte(1, D) + 256]; C ^= SBOX[get_byte(2, D)]; - D = rotate_left(D, 24); - } - } - -/* -* Generate a mask for runs of bits -*/ -u32bit gen_mask(u32bit input) - { - u32bit mask = 0; - - for(u32bit j = 2; j != 31; ++j) - { - const u32bit region = (input >> (j-1)) & 0x07; - - if(region == 0x00 || region == 0x07) - { - const u32bit low = (j < 9) ? 0 : (j - 9); - const u32bit high = (j < 23) ? j : 23; - - for(u32bit k = low; k != high; ++k) - { - const u32bit value = (input >> k) & 0x3FF; - - if(value == 0 || value == 0x3FF) - { - mask |= 1 << j; - break; - } - } - } - } - - return mask; - } - -} - -/* -* MARS Encryption -*/ -void MARS::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0) + EK[0]; - u32bit B = load_le<u32bit>(in, 1) + EK[1]; - u32bit C = load_le<u32bit>(in, 2) + EK[2]; - u32bit D = load_le<u32bit>(in, 3) + EK[3]; - - forward_mix(A, B, C, D); - - encrypt_round(A, B, C, D, EK[ 4], EK[ 5]); - encrypt_round(B, C, D, A, EK[ 6], EK[ 7]); - encrypt_round(C, D, A, B, EK[ 8], EK[ 9]); - encrypt_round(D, A, B, C, EK[10], EK[11]); - encrypt_round(A, B, C, D, EK[12], EK[13]); - encrypt_round(B, C, D, A, EK[14], EK[15]); - encrypt_round(C, D, A, B, EK[16], EK[17]); - encrypt_round(D, A, B, C, EK[18], EK[19]); - - encrypt_round(A, D, C, B, EK[20], EK[21]); - encrypt_round(B, A, D, C, EK[22], EK[23]); - encrypt_round(C, B, A, D, EK[24], EK[25]); - encrypt_round(D, C, B, A, EK[26], EK[27]); - encrypt_round(A, D, C, B, EK[28], EK[29]); - encrypt_round(B, A, D, C, EK[30], EK[31]); - encrypt_round(C, B, A, D, EK[32], EK[33]); - encrypt_round(D, C, B, A, EK[34], EK[35]); - - reverse_mix(A, B, C, D); - - A -= EK[36]; B -= EK[37]; C -= EK[38]; D -= EK[39]; - - store_le(out, A, B, C, D); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* MARS Decryption -*/ -void MARS::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 3) + EK[39]; - u32bit B = load_le<u32bit>(in, 2) + EK[38]; - u32bit C = load_le<u32bit>(in, 1) + EK[37]; - u32bit D = load_le<u32bit>(in, 0) + EK[36]; - - forward_mix(A, B, C, D); - - decrypt_round(A, B, C, D, EK[35], EK[34]); - decrypt_round(B, C, D, A, EK[33], EK[32]); - decrypt_round(C, D, A, B, EK[31], EK[30]); - decrypt_round(D, A, B, C, EK[29], EK[28]); - decrypt_round(A, B, C, D, EK[27], EK[26]); - decrypt_round(B, C, D, A, EK[25], EK[24]); - decrypt_round(C, D, A, B, EK[23], EK[22]); - decrypt_round(D, A, B, C, EK[21], EK[20]); - - decrypt_round(A, D, C, B, EK[19], EK[18]); - decrypt_round(B, A, D, C, EK[17], EK[16]); - decrypt_round(C, B, A, D, EK[15], EK[14]); - decrypt_round(D, C, B, A, EK[13], EK[12]); - decrypt_round(A, D, C, B, EK[11], EK[10]); - decrypt_round(B, A, D, C, EK[ 9], EK[ 8]); - decrypt_round(C, B, A, D, EK[ 7], EK[ 6]); - decrypt_round(D, C, B, A, EK[ 5], EK[ 4]); - - reverse_mix(A, B, C, D); - - A -= EK[3]; B -= EK[2]; C -= EK[1]; D -= EK[0]; - - store_le(out, D, C, B, A); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* MARS Key Schedule -*/ -void MARS::key_schedule(const byte key[], size_t length) - { - secure_vector<u32bit> T(15); - for(size_t i = 0; i != length / 4; ++i) - T[i] = load_le<u32bit>(key, i); - - T[length / 4] = static_cast<u32bit>(length) / 4; - - EK.resize(40); - - for(u32bit i = 0; i != 4; ++i) - { - T[ 0] ^= rotate_left(T[ 8] ^ T[13], 3) ^ (i ); - T[ 1] ^= rotate_left(T[ 9] ^ T[14], 3) ^ (i + 4); - T[ 2] ^= rotate_left(T[10] ^ T[ 0], 3) ^ (i + 8); - T[ 3] ^= rotate_left(T[11] ^ T[ 1], 3) ^ (i + 12); - T[ 4] ^= rotate_left(T[12] ^ T[ 2], 3) ^ (i + 16); - T[ 5] ^= rotate_left(T[13] ^ T[ 3], 3) ^ (i + 20); - T[ 6] ^= rotate_left(T[14] ^ T[ 4], 3) ^ (i + 24); - T[ 7] ^= rotate_left(T[ 0] ^ T[ 5], 3) ^ (i + 28); - T[ 8] ^= rotate_left(T[ 1] ^ T[ 6], 3) ^ (i + 32); - T[ 9] ^= rotate_left(T[ 2] ^ T[ 7], 3) ^ (i + 36); - T[10] ^= rotate_left(T[ 3] ^ T[ 8], 3) ^ (i + 40); - T[11] ^= rotate_left(T[ 4] ^ T[ 9], 3) ^ (i + 44); - T[12] ^= rotate_left(T[ 5] ^ T[10], 3) ^ (i + 48); - T[13] ^= rotate_left(T[ 6] ^ T[11], 3) ^ (i + 52); - T[14] ^= rotate_left(T[ 7] ^ T[12], 3) ^ (i + 56); - - for(size_t j = 0; j != 4; ++j) - { - T[ 0] = rotate_left(T[ 0] + SBOX[T[14] % 512], 9); - T[ 1] = rotate_left(T[ 1] + SBOX[T[ 0] % 512], 9); - T[ 2] = rotate_left(T[ 2] + SBOX[T[ 1] % 512], 9); - T[ 3] = rotate_left(T[ 3] + SBOX[T[ 2] % 512], 9); - T[ 4] = rotate_left(T[ 4] + SBOX[T[ 3] % 512], 9); - T[ 5] = rotate_left(T[ 5] + SBOX[T[ 4] % 512], 9); - T[ 6] = rotate_left(T[ 6] + SBOX[T[ 5] % 512], 9); - T[ 7] = rotate_left(T[ 7] + SBOX[T[ 6] % 512], 9); - T[ 8] = rotate_left(T[ 8] + SBOX[T[ 7] % 512], 9); - T[ 9] = rotate_left(T[ 9] + SBOX[T[ 8] % 512], 9); - T[10] = rotate_left(T[10] + SBOX[T[ 9] % 512], 9); - T[11] = rotate_left(T[11] + SBOX[T[10] % 512], 9); - T[12] = rotate_left(T[12] + SBOX[T[11] % 512], 9); - T[13] = rotate_left(T[13] + SBOX[T[12] % 512], 9); - T[14] = rotate_left(T[14] + SBOX[T[13] % 512], 9); - } - - EK[10*i + 0] = T[ 0]; - EK[10*i + 1] = T[ 4]; - EK[10*i + 2] = T[ 8]; - EK[10*i + 3] = T[12]; - EK[10*i + 4] = T[ 1]; - EK[10*i + 5] = T[ 5]; - EK[10*i + 6] = T[ 9]; - EK[10*i + 7] = T[13]; - EK[10*i + 8] = T[ 2]; - EK[10*i + 9] = T[ 6]; - } - - for(size_t i = 5; i != 37; i += 2) - { - const u32bit key3 = EK[i] & 3; - EK[i] |= 3; - EK[i] ^= rotate_left(SBOX[265 + key3], EK[i-1] % 32) & gen_mask(EK[i]); - } - } - -void MARS::clear() - { - zap(EK); - } - -} diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h deleted file mode 100644 index 90f6480e6..000000000 --- a/src/block/mars/mars.h +++ /dev/null @@ -1,35 +0,0 @@ -/* -* MARS -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_MARS_H__ -#define BOTAN_MARS_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* MARS, IBM's candidate for AES -*/ -class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "MARS"; } - BlockCipher* clone() const { return new MARS; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> EK; - }; - -} - -#endif diff --git a/src/block/misty1/info.txt b/src/block/misty1/info.txt deleted file mode 100644 index 568f13574..000000000 --- a/src/block/misty1/info.txt +++ /dev/null @@ -1 +0,0 @@ -define MISTY1 20131128 diff --git a/src/block/misty1/misty1.cpp b/src/block/misty1/misty1.cpp deleted file mode 100644 index 98f20eee8..000000000 --- a/src/block/misty1/misty1.cpp +++ /dev/null @@ -1,270 +0,0 @@ -/* -* MISTY1 -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/misty1.h> -#include <botan/loadstor.h> -#include <botan/parsing.h> - -namespace Botan { - -namespace { - -static const byte MISTY1_SBOX_S7[128] = { - 0x1B, 0x32, 0x33, 0x5A, 0x3B, 0x10, 0x17, 0x54, 0x5B, 0x1A, 0x72, 0x73, - 0x6B, 0x2C, 0x66, 0x49, 0x1F, 0x24, 0x13, 0x6C, 0x37, 0x2E, 0x3F, 0x4A, - 0x5D, 0x0F, 0x40, 0x56, 0x25, 0x51, 0x1C, 0x04, 0x0B, 0x46, 0x20, 0x0D, - 0x7B, 0x35, 0x44, 0x42, 0x2B, 0x1E, 0x41, 0x14, 0x4B, 0x79, 0x15, 0x6F, - 0x0E, 0x55, 0x09, 0x36, 0x74, 0x0C, 0x67, 0x53, 0x28, 0x0A, 0x7E, 0x38, - 0x02, 0x07, 0x60, 0x29, 0x19, 0x12, 0x65, 0x2F, 0x30, 0x39, 0x08, 0x68, - 0x5F, 0x78, 0x2A, 0x4C, 0x64, 0x45, 0x75, 0x3D, 0x59, 0x48, 0x03, 0x57, - 0x7C, 0x4F, 0x62, 0x3C, 0x1D, 0x21, 0x5E, 0x27, 0x6A, 0x70, 0x4D, 0x3A, - 0x01, 0x6D, 0x6E, 0x63, 0x18, 0x77, 0x23, 0x05, 0x26, 0x76, 0x00, 0x31, - 0x2D, 0x7A, 0x7F, 0x61, 0x50, 0x22, 0x11, 0x06, 0x47, 0x16, 0x52, 0x4E, - 0x71, 0x3E, 0x69, 0x43, 0x34, 0x5C, 0x58, 0x7D }; - -static const u16bit MISTY1_SBOX_S9[512] = { - 0x01C3, 0x00CB, 0x0153, 0x019F, 0x01E3, 0x00E9, 0x00FB, 0x0035, 0x0181, - 0x00B9, 0x0117, 0x01EB, 0x0133, 0x0009, 0x002D, 0x00D3, 0x00C7, 0x014A, - 0x0037, 0x007E, 0x00EB, 0x0164, 0x0193, 0x01D8, 0x00A3, 0x011E, 0x0055, - 0x002C, 0x001D, 0x01A2, 0x0163, 0x0118, 0x014B, 0x0152, 0x01D2, 0x000F, - 0x002B, 0x0030, 0x013A, 0x00E5, 0x0111, 0x0138, 0x018E, 0x0063, 0x00E3, - 0x00C8, 0x01F4, 0x001B, 0x0001, 0x009D, 0x00F8, 0x01A0, 0x016D, 0x01F3, - 0x001C, 0x0146, 0x007D, 0x00D1, 0x0082, 0x01EA, 0x0183, 0x012D, 0x00F4, - 0x019E, 0x01D3, 0x00DD, 0x01E2, 0x0128, 0x01E0, 0x00EC, 0x0059, 0x0091, - 0x0011, 0x012F, 0x0026, 0x00DC, 0x00B0, 0x018C, 0x010F, 0x01F7, 0x00E7, - 0x016C, 0x00B6, 0x00F9, 0x00D8, 0x0151, 0x0101, 0x014C, 0x0103, 0x00B8, - 0x0154, 0x012B, 0x01AE, 0x0017, 0x0071, 0x000C, 0x0047, 0x0058, 0x007F, - 0x01A4, 0x0134, 0x0129, 0x0084, 0x015D, 0x019D, 0x01B2, 0x01A3, 0x0048, - 0x007C, 0x0051, 0x01CA, 0x0023, 0x013D, 0x01A7, 0x0165, 0x003B, 0x0042, - 0x00DA, 0x0192, 0x00CE, 0x00C1, 0x006B, 0x009F, 0x01F1, 0x012C, 0x0184, - 0x00FA, 0x0196, 0x01E1, 0x0169, 0x017D, 0x0031, 0x0180, 0x010A, 0x0094, - 0x01DA, 0x0186, 0x013E, 0x011C, 0x0060, 0x0175, 0x01CF, 0x0067, 0x0119, - 0x0065, 0x0068, 0x0099, 0x0150, 0x0008, 0x0007, 0x017C, 0x00B7, 0x0024, - 0x0019, 0x00DE, 0x0127, 0x00DB, 0x00E4, 0x01A9, 0x0052, 0x0109, 0x0090, - 0x019C, 0x01C1, 0x0028, 0x01B3, 0x0135, 0x016A, 0x0176, 0x00DF, 0x01E5, - 0x0188, 0x00C5, 0x016E, 0x01DE, 0x01B1, 0x00C3, 0x01DF, 0x0036, 0x00EE, - 0x01EE, 0x00F0, 0x0093, 0x0049, 0x009A, 0x01B6, 0x0069, 0x0081, 0x0125, - 0x000B, 0x005E, 0x00B4, 0x0149, 0x01C7, 0x0174, 0x003E, 0x013B, 0x01B7, - 0x008E, 0x01C6, 0x00AE, 0x0010, 0x0095, 0x01EF, 0x004E, 0x00F2, 0x01FD, - 0x0085, 0x00FD, 0x00F6, 0x00A0, 0x016F, 0x0083, 0x008A, 0x0156, 0x009B, - 0x013C, 0x0107, 0x0167, 0x0098, 0x01D0, 0x01E9, 0x0003, 0x01FE, 0x00BD, - 0x0122, 0x0089, 0x00D2, 0x018F, 0x0012, 0x0033, 0x006A, 0x0142, 0x00ED, - 0x0170, 0x011B, 0x00E2, 0x014F, 0x0158, 0x0131, 0x0147, 0x005D, 0x0113, - 0x01CD, 0x0079, 0x0161, 0x01A5, 0x0179, 0x009E, 0x01B4, 0x00CC, 0x0022, - 0x0132, 0x001A, 0x00E8, 0x0004, 0x0187, 0x01ED, 0x0197, 0x0039, 0x01BF, - 0x01D7, 0x0027, 0x018B, 0x00C6, 0x009C, 0x00D0, 0x014E, 0x006C, 0x0034, - 0x01F2, 0x006E, 0x00CA, 0x0025, 0x00BA, 0x0191, 0x00FE, 0x0013, 0x0106, - 0x002F, 0x01AD, 0x0172, 0x01DB, 0x00C0, 0x010B, 0x01D6, 0x00F5, 0x01EC, - 0x010D, 0x0076, 0x0114, 0x01AB, 0x0075, 0x010C, 0x01E4, 0x0159, 0x0054, - 0x011F, 0x004B, 0x00C4, 0x01BE, 0x00F7, 0x0029, 0x00A4, 0x000E, 0x01F0, - 0x0077, 0x004D, 0x017A, 0x0086, 0x008B, 0x00B3, 0x0171, 0x00BF, 0x010E, - 0x0104, 0x0097, 0x015B, 0x0160, 0x0168, 0x00D7, 0x00BB, 0x0066, 0x01CE, - 0x00FC, 0x0092, 0x01C5, 0x006F, 0x0016, 0x004A, 0x00A1, 0x0139, 0x00AF, - 0x00F1, 0x0190, 0x000A, 0x01AA, 0x0143, 0x017B, 0x0056, 0x018D, 0x0166, - 0x00D4, 0x01FB, 0x014D, 0x0194, 0x019A, 0x0087, 0x01F8, 0x0123, 0x00A7, - 0x01B8, 0x0141, 0x003C, 0x01F9, 0x0140, 0x002A, 0x0155, 0x011A, 0x01A1, - 0x0198, 0x00D5, 0x0126, 0x01AF, 0x0061, 0x012E, 0x0157, 0x01DC, 0x0072, - 0x018A, 0x00AA, 0x0096, 0x0115, 0x00EF, 0x0045, 0x007B, 0x008D, 0x0145, - 0x0053, 0x005F, 0x0178, 0x00B2, 0x002E, 0x0020, 0x01D5, 0x003F, 0x01C9, - 0x01E7, 0x01AC, 0x0044, 0x0038, 0x0014, 0x00B1, 0x016B, 0x00AB, 0x00B5, - 0x005A, 0x0182, 0x01C8, 0x01D4, 0x0018, 0x0177, 0x0064, 0x00CF, 0x006D, - 0x0100, 0x0199, 0x0130, 0x015A, 0x0005, 0x0120, 0x01BB, 0x01BD, 0x00E0, - 0x004F, 0x00D6, 0x013F, 0x01C4, 0x012A, 0x0015, 0x0006, 0x00FF, 0x019B, - 0x00A6, 0x0043, 0x0088, 0x0050, 0x015F, 0x01E8, 0x0121, 0x0073, 0x017E, - 0x00BC, 0x00C2, 0x00C9, 0x0173, 0x0189, 0x01F5, 0x0074, 0x01CC, 0x01E6, - 0x01A8, 0x0195, 0x001F, 0x0041, 0x000D, 0x01BA, 0x0032, 0x003D, 0x01D1, - 0x0080, 0x00A8, 0x0057, 0x01B9, 0x0162, 0x0148, 0x00D9, 0x0105, 0x0062, - 0x007A, 0x0021, 0x01FF, 0x0112, 0x0108, 0x01C0, 0x00A9, 0x011D, 0x01B0, - 0x01A6, 0x00CD, 0x00F3, 0x005C, 0x0102, 0x005B, 0x01D9, 0x0144, 0x01F6, - 0x00AD, 0x00A5, 0x003A, 0x01CB, 0x0136, 0x017F, 0x0046, 0x00E1, 0x001E, - 0x01DD, 0x00E6, 0x0137, 0x01FA, 0x0185, 0x008C, 0x008F, 0x0040, 0x01B5, - 0x00BE, 0x0078, 0x0000, 0x00AC, 0x0110, 0x015E, 0x0124, 0x0002, 0x01BC, - 0x00A2, 0x00EA, 0x0070, 0x01FC, 0x0116, 0x015C, 0x004C, 0x01C2 }; - -/* -* MISTY1 FI Function -*/ -u16bit FI(u16bit input, u16bit key7, u16bit key9) - { - u16bit D9 = input >> 7, D7 = input & 0x7F; - D9 = MISTY1_SBOX_S9[D9] ^ D7; - D7 = (MISTY1_SBOX_S7[D7] ^ key7 ^ D9) & 0x7F; - D9 = MISTY1_SBOX_S9[D9 ^ key9] ^ D7; - return static_cast<u16bit>((D7 << 9) | D9); - } - -} - -/* -* MISTY1 Encryption -*/ -void MISTY1::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit B0 = load_be<u16bit>(in, 0); - u16bit B1 = load_be<u16bit>(in, 1); - u16bit B2 = load_be<u16bit>(in, 2); - u16bit B3 = load_be<u16bit>(in, 3); - - for(size_t j = 0; j != 12; j += 3) - { - const u16bit* RK = &EK[8 * j]; - - B1 ^= B0 & RK[0]; - B0 ^= B1 | RK[1]; - B3 ^= B2 & RK[2]; - B2 ^= B3 | RK[3]; - - u32bit T0, T1; - - T0 = FI(B0 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B1; - T1 = FI(B1 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0; - T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1; - - B2 ^= T1 ^ RK[13]; - B3 ^= T0; - - T0 = FI(B2 ^ RK[14], RK[15], RK[16]) ^ B3; - T1 = FI(B3 ^ RK[17], RK[18], RK[19]) ^ T0; - T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1; - - B0 ^= T1 ^ RK[23]; - B1 ^= T0; - } - - B1 ^= B0 & EK[96]; - B0 ^= B1 | EK[97]; - B3 ^= B2 & EK[98]; - B2 ^= B3 | EK[99]; - - store_be(out, B2, B3, B0, B1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* MISTY1 Decryption -*/ -void MISTY1::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit B0 = load_be<u16bit>(in, 2); - u16bit B1 = load_be<u16bit>(in, 3); - u16bit B2 = load_be<u16bit>(in, 0); - u16bit B3 = load_be<u16bit>(in, 1); - - for(size_t j = 0; j != 12; j += 3) - { - const u16bit* RK = &DK[8 * j]; - - B2 ^= B3 | RK[0]; - B3 ^= B2 & RK[1]; - B0 ^= B1 | RK[2]; - B1 ^= B0 & RK[3]; - - u32bit T0, T1; - - T0 = FI(B2 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B3; - T1 = FI(B3 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0; - T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1; - - B0 ^= T1 ^ RK[13]; - B1 ^= T0; - - T0 = FI(B0 ^ RK[14], RK[15], RK[16]) ^ B1; - T1 = FI(B1 ^ RK[17], RK[18], RK[19]) ^ T0; - T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1; - - B2 ^= T1 ^ RK[23]; - B3 ^= T0; - } - - B2 ^= B3 | DK[96]; - B3 ^= B2 & DK[97]; - B0 ^= B1 | DK[98]; - B1 ^= B0 & DK[99]; - - store_be(out, B0, B1, B2, B3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* MISTY1 Key Schedule -*/ -void MISTY1::key_schedule(const byte key[], size_t length) - { - secure_vector<u16bit> KS(32); - for(size_t i = 0; i != length / 2; ++i) - KS[i] = load_be<u16bit>(key, i); - - for(size_t i = 0; i != 8; ++i) - { - KS[i+ 8] = FI(KS[i], KS[(i+1) % 8] >> 9, KS[(i+1) % 8] & 0x1FF); - KS[i+16] = KS[i+8] >> 9; - KS[i+24] = KS[i+8] & 0x1FF; - } - - /* - * Precomputed indexes for the orderings of the subkeys (MISTY1 reuses - * values) - */ - static const byte EK_ORDER[100] = { - 0x00, 0x0E, 0x0A, 0x04, 0x00, 0x15, 0x1D, 0x02, 0x11, 0x19, 0x07, 0x13, - 0x1B, 0x04, 0x01, 0x16, 0x1E, 0x03, 0x12, 0x1A, 0x00, 0x14, 0x1C, 0x05, - 0x01, 0x0F, 0x0B, 0x05, 0x02, 0x17, 0x1F, 0x04, 0x13, 0x1B, 0x01, 0x15, - 0x1D, 0x06, 0x03, 0x10, 0x18, 0x05, 0x14, 0x1C, 0x02, 0x16, 0x1E, 0x07, - 0x02, 0x08, 0x0C, 0x06, 0x04, 0x11, 0x19, 0x06, 0x15, 0x1D, 0x03, 0x17, - 0x1F, 0x00, 0x05, 0x12, 0x1A, 0x07, 0x16, 0x1E, 0x04, 0x10, 0x18, 0x01, - 0x03, 0x09, 0x0D, 0x07, 0x06, 0x13, 0x1B, 0x00, 0x17, 0x1F, 0x05, 0x11, - 0x19, 0x02, 0x07, 0x14, 0x1C, 0x01, 0x10, 0x18, 0x06, 0x12, 0x1A, 0x03, - 0x04, 0x0A, 0x0E, 0x00 }; - - static const byte DK_ORDER[100] = { - 0x00, 0x0E, 0x0A, 0x04, 0x07, 0x14, 0x1C, 0x01, 0x10, 0x18, 0x06, 0x12, - 0x1A, 0x03, 0x06, 0x13, 0x1B, 0x00, 0x17, 0x1F, 0x05, 0x11, 0x19, 0x02, - 0x07, 0x0D, 0x09, 0x03, 0x05, 0x12, 0x1A, 0x07, 0x16, 0x1E, 0x04, 0x10, - 0x18, 0x01, 0x04, 0x11, 0x19, 0x06, 0x15, 0x1D, 0x03, 0x17, 0x1F, 0x00, - 0x06, 0x0C, 0x08, 0x02, 0x03, 0x10, 0x18, 0x05, 0x14, 0x1C, 0x02, 0x16, - 0x1E, 0x07, 0x02, 0x17, 0x1F, 0x04, 0x13, 0x1B, 0x01, 0x15, 0x1D, 0x06, - 0x05, 0x0B, 0x0F, 0x01, 0x01, 0x16, 0x1E, 0x03, 0x12, 0x1A, 0x00, 0x14, - 0x1C, 0x05, 0x00, 0x15, 0x1D, 0x02, 0x11, 0x19, 0x07, 0x13, 0x1B, 0x04, - 0x04, 0x0A, 0x0E, 0x00 }; - - EK.resize(100); - DK.resize(100); - - for(size_t i = 0; i != 100; ++i) - { - EK[i] = KS[EK_ORDER[i]]; - DK[i] = KS[DK_ORDER[i]]; - } - } - -void MISTY1::clear() - { - zap(EK); - zap(DK); - } - -/* -* MISTY1 Constructor -*/ -MISTY1::MISTY1(size_t rounds) - { - if(rounds != 8) - throw Invalid_Argument("MISTY1: Invalid number of rounds: " - + std::to_string(rounds)); - } - -} diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h deleted file mode 100644 index 40917b08b..000000000 --- a/src/block/misty1/misty1.h +++ /dev/null @@ -1,41 +0,0 @@ -/* -* MISTY1 -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_MISTY1_H__ -#define BOTAN_MISTY1_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* MISTY1 -*/ -class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "MISTY1"; } - BlockCipher* clone() const { return new MISTY1; } - - /** - * @param rounds the number of rounds. Must be 8 with the current - * implementation - */ - MISTY1(size_t rounds = 8); - private: - void key_schedule(const byte[], size_t); - - secure_vector<u16bit> EK, DK; - }; - -} - -#endif diff --git a/src/block/noekeon/info.txt b/src/block/noekeon/info.txt deleted file mode 100644 index 769d7150e..000000000 --- a/src/block/noekeon/info.txt +++ /dev/null @@ -1 +0,0 @@ -define NOEKEON 20131128 diff --git a/src/block/noekeon/noekeon.cpp b/src/block/noekeon/noekeon.cpp deleted file mode 100644 index 53e67e5e6..000000000 --- a/src/block/noekeon/noekeon.cpp +++ /dev/null @@ -1,212 +0,0 @@ -/* -* Noekeon -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/noekeon.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* Noekeon's Theta Operation -*/ -inline void theta(u32bit& A0, u32bit& A1, - u32bit& A2, u32bit& A3, - const u32bit EK[4]) - { - u32bit T = A0 ^ A2; - T ^= rotate_left(T, 8) ^ rotate_right(T, 8); - A1 ^= T; - A3 ^= T; - - A0 ^= EK[0]; - A1 ^= EK[1]; - A2 ^= EK[2]; - A3 ^= EK[3]; - - T = A1 ^ A3; - T ^= rotate_left(T, 8) ^ rotate_right(T, 8); - A0 ^= T; - A2 ^= T; - } - -/* -* Theta With Null Key -*/ -inline void theta(u32bit& A0, u32bit& A1, - u32bit& A2, u32bit& A3) - { - u32bit T = A0 ^ A2; - T ^= rotate_left(T, 8) ^ rotate_right(T, 8); - A1 ^= T; - A3 ^= T; - - T = A1 ^ A3; - T ^= rotate_left(T, 8) ^ rotate_right(T, 8); - A0 ^= T; - A2 ^= T; - } - -/* -* Noekeon's Gamma S-Box Layer -*/ -inline void gamma(u32bit& A0, u32bit& A1, u32bit& A2, u32bit& A3) - { - A1 ^= ~A3 & ~A2; - A0 ^= A2 & A1; - - u32bit T = A3; - A3 = A0; - A0 = T; - - A2 ^= A0 ^ A1 ^ A3; - - A1 ^= ~A3 & ~A2; - A0 ^= A2 & A1; - } - -} - -/* -* Noekeon Round Constants -*/ -const byte Noekeon::RC[] = { - 0x80, 0x1B, 0x36, 0x6C, 0xD8, 0xAB, 0x4D, 0x9A, - 0x2F, 0x5E, 0xBC, 0x63, 0xC6, 0x97, 0x35, 0x6A, - 0xD4 }; - -/* -* Noekeon Encryption -*/ -void Noekeon::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A0 = load_be<u32bit>(in, 0); - u32bit A1 = load_be<u32bit>(in, 1); - u32bit A2 = load_be<u32bit>(in, 2); - u32bit A3 = load_be<u32bit>(in, 3); - - for(size_t j = 0; j != 16; ++j) - { - A0 ^= RC[j]; - theta(A0, A1, A2, A3, &EK[0]); - - A1 = rotate_left(A1, 1); - A2 = rotate_left(A2, 5); - A3 = rotate_left(A3, 2); - - gamma(A0, A1, A2, A3); - - A1 = rotate_right(A1, 1); - A2 = rotate_right(A2, 5); - A3 = rotate_right(A3, 2); - } - - A0 ^= RC[16]; - theta(A0, A1, A2, A3, &EK[0]); - - store_be(out, A0, A1, A2, A3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Noekeon Encryption -*/ -void Noekeon::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A0 = load_be<u32bit>(in, 0); - u32bit A1 = load_be<u32bit>(in, 1); - u32bit A2 = load_be<u32bit>(in, 2); - u32bit A3 = load_be<u32bit>(in, 3); - - for(size_t j = 16; j != 0; --j) - { - theta(A0, A1, A2, A3, &DK[0]); - A0 ^= RC[j]; - - A1 = rotate_left(A1, 1); - A2 = rotate_left(A2, 5); - A3 = rotate_left(A3, 2); - - gamma(A0, A1, A2, A3); - - A1 = rotate_right(A1, 1); - A2 = rotate_right(A2, 5); - A3 = rotate_right(A3, 2); - } - - theta(A0, A1, A2, A3, &DK[0]); - A0 ^= RC[0]; - - store_be(out, A0, A1, A2, A3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Noekeon Key Schedule -*/ -void Noekeon::key_schedule(const byte key[], size_t) - { - u32bit A0 = load_be<u32bit>(key, 0); - u32bit A1 = load_be<u32bit>(key, 1); - u32bit A2 = load_be<u32bit>(key, 2); - u32bit A3 = load_be<u32bit>(key, 3); - - for(size_t i = 0; i != 16; ++i) - { - A0 ^= RC[i]; - theta(A0, A1, A2, A3); - - A1 = rotate_left(A1, 1); - A2 = rotate_left(A2, 5); - A3 = rotate_left(A3, 2); - - gamma(A0, A1, A2, A3); - - A1 = rotate_right(A1, 1); - A2 = rotate_right(A2, 5); - A3 = rotate_right(A3, 2); - } - - A0 ^= RC[16]; - - DK.resize(4); - DK[0] = A0; - DK[1] = A1; - DK[2] = A2; - DK[3] = A3; - - theta(A0, A1, A2, A3); - - EK.resize(4); - EK[0] = A0; - EK[1] = A1; - EK[2] = A2; - EK[3] = A3; - } - -/* -* Clear memory of sensitive data -*/ -void Noekeon::clear() - { - zap(EK); - zap(DK); - } - -} diff --git a/src/block/noekeon/noekeon.h b/src/block/noekeon/noekeon.h deleted file mode 100644 index 108b34cd6..000000000 --- a/src/block/noekeon/noekeon.h +++ /dev/null @@ -1,50 +0,0 @@ -/* -* Noekeon -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_NOEKEON_H__ -#define BOTAN_NOEKEON_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Noekeon -*/ -class BOTAN_DLL Noekeon : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Noekeon"; } - BlockCipher* clone() const { return new Noekeon; } - protected: - /** - * The Noekeon round constants - */ - static const byte RC[17]; - - /** - * @return const reference to encryption subkeys - */ - const secure_vector<u32bit>& get_EK() const { return EK; } - - /** - * @return const reference to decryption subkeys - */ - const secure_vector<u32bit>& get_DK() const { return DK; } - - private: - void key_schedule(const byte[], size_t); - secure_vector<u32bit> EK, DK; - }; - -} - -#endif diff --git a/src/block/noekeon_simd/info.txt b/src/block/noekeon_simd/info.txt deleted file mode 100644 index 78b9d5f12..000000000 --- a/src/block/noekeon_simd/info.txt +++ /dev/null @@ -1,7 +0,0 @@ -define NOEKEON_SIMD 20131128 - -<requires> -noekeon -simd -simd_engine -</requires> diff --git a/src/block/noekeon_simd/noekeon_simd.cpp b/src/block/noekeon_simd/noekeon_simd.cpp deleted file mode 100644 index 2a4c1fd74..000000000 --- a/src/block/noekeon_simd/noekeon_simd.cpp +++ /dev/null @@ -1,177 +0,0 @@ -/* -* Noekeon in SIMD -* (C) 2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/noekeon_simd.h> -#include <botan/internal/simd_32.h> - -namespace Botan { - -/* -* Noekeon's Theta Operation -*/ -#define NOK_SIMD_THETA(A0, A1, A2, A3, K0, K1, K2, K3) \ - do { \ - SIMD_32 T = A0 ^ A2; \ - SIMD_32 T_l8 = T; \ - SIMD_32 T_r8 = T; \ - T_l8.rotate_left(8); \ - T_r8.rotate_right(8); \ - T ^= T_l8; \ - T ^= T_r8; \ - A1 ^= T; \ - A3 ^= T; \ - \ - A0 ^= K0; \ - A1 ^= K1; \ - A2 ^= K2; \ - A3 ^= K3; \ - \ - T = A1 ^ A3; \ - T_l8 = T; \ - T_r8 = T; \ - T_l8.rotate_left(8); \ - T_r8.rotate_right(8); \ - T ^= T_l8; \ - T ^= T_r8; \ - A0 ^= T; \ - A2 ^= T; \ - } while(0) - -/* -* Noekeon's Gamma S-Box Layer -*/ -#define NOK_SIMD_GAMMA(A0, A1, A2, A3) \ - do \ - { \ - A1 ^= A3.andc(~A2); \ - A0 ^= A2 & A1; \ - \ - SIMD_32 T = A3; \ - A3 = A0; \ - A0 = T; \ - \ - A2 ^= A0 ^ A1 ^ A3; \ - \ - A1 ^= A3.andc(~A2); \ - A0 ^= A2 & A1; \ - } while(0) - -/* -* Noekeon Encryption -*/ -void Noekeon_SIMD::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const secure_vector<u32bit>& EK = this->get_EK(); - - SIMD_32 K0 = SIMD_32(EK[0]); - SIMD_32 K1 = SIMD_32(EK[1]); - SIMD_32 K2 = SIMD_32(EK[2]); - SIMD_32 K3 = SIMD_32(EK[3]); - - while(blocks >= 4) - { - SIMD_32 A0 = SIMD_32::load_be(in ); - SIMD_32 A1 = SIMD_32::load_be(in + 16); - SIMD_32 A2 = SIMD_32::load_be(in + 32); - SIMD_32 A3 = SIMD_32::load_be(in + 48); - - SIMD_32::transpose(A0, A1, A2, A3); - - for(size_t i = 0; i != 16; ++i) - { - A0 ^= SIMD_32(RC[i]); - - NOK_SIMD_THETA(A0, A1, A2, A3, K0, K1, K2, K3); - - A1.rotate_left(1); - A2.rotate_left(5); - A3.rotate_left(2); - - NOK_SIMD_GAMMA(A0, A1, A2, A3); - - A1.rotate_right(1); - A2.rotate_right(5); - A3.rotate_right(2); - } - - A0 ^= SIMD_32(RC[16]); - NOK_SIMD_THETA(A0, A1, A2, A3, K0, K1, K2, K3); - - SIMD_32::transpose(A0, A1, A2, A3); - - A0.store_be(out); - A1.store_be(out + 16); - A2.store_be(out + 32); - A3.store_be(out + 48); - - in += 64; - out += 64; - blocks -= 4; - } - - if(blocks) - Noekeon::encrypt_n(in, out, blocks); - } - -/* -* Noekeon Encryption -*/ -void Noekeon_SIMD::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const secure_vector<u32bit>& DK = this->get_DK(); - - SIMD_32 K0 = SIMD_32(DK[0]); - SIMD_32 K1 = SIMD_32(DK[1]); - SIMD_32 K2 = SIMD_32(DK[2]); - SIMD_32 K3 = SIMD_32(DK[3]); - - while(blocks >= 4) - { - SIMD_32 A0 = SIMD_32::load_be(in ); - SIMD_32 A1 = SIMD_32::load_be(in + 16); - SIMD_32 A2 = SIMD_32::load_be(in + 32); - SIMD_32 A3 = SIMD_32::load_be(in + 48); - - SIMD_32::transpose(A0, A1, A2, A3); - - for(size_t i = 0; i != 16; ++i) - { - NOK_SIMD_THETA(A0, A1, A2, A3, K0, K1, K2, K3); - - A0 ^= SIMD_32(RC[16-i]); - - A1.rotate_left(1); - A2.rotate_left(5); - A3.rotate_left(2); - - NOK_SIMD_GAMMA(A0, A1, A2, A3); - - A1.rotate_right(1); - A2.rotate_right(5); - A3.rotate_right(2); - } - - NOK_SIMD_THETA(A0, A1, A2, A3, K0, K1, K2, K3); - A0 ^= SIMD_32(RC[0]); - - SIMD_32::transpose(A0, A1, A2, A3); - - A0.store_be(out); - A1.store_be(out + 16); - A2.store_be(out + 32); - A3.store_be(out + 48); - - in += 64; - out += 64; - blocks -= 4; - } - - if(blocks) - Noekeon::decrypt_n(in, out, blocks); - } - -} diff --git a/src/block/noekeon_simd/noekeon_simd.h b/src/block/noekeon_simd/noekeon_simd.h deleted file mode 100644 index 5cc2d8b09..000000000 --- a/src/block/noekeon_simd/noekeon_simd.h +++ /dev/null @@ -1,31 +0,0 @@ -/* -* Noekeon in SIMD -* (C) 2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_NOEKEON_SIMD_H__ -#define BOTAN_NOEKEON_SIMD_H__ - -#include <botan/noekeon.h> - -namespace Botan { - -/** -* Noekeon implementation using SIMD operations -*/ -class BOTAN_DLL Noekeon_SIMD : public Noekeon - { - public: - size_t parallelism() const { return 4; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - BlockCipher* clone() const { return new Noekeon_SIMD; } - }; - -} - -#endif diff --git a/src/block/rc2/info.txt b/src/block/rc2/info.txt deleted file mode 100644 index fae09cf23..000000000 --- a/src/block/rc2/info.txt +++ /dev/null @@ -1 +0,0 @@ -define RC2 20131128 diff --git a/src/block/rc2/rc2.cpp b/src/block/rc2/rc2.cpp deleted file mode 100644 index d7c76a7a6..000000000 --- a/src/block/rc2/rc2.cpp +++ /dev/null @@ -1,182 +0,0 @@ -/* -* RC2 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/rc2.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -/* -* RC2 Encryption -*/ -void RC2::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit R0 = load_le<u16bit>(in, 0); - u16bit R1 = load_le<u16bit>(in, 1); - u16bit R2 = load_le<u16bit>(in, 2); - u16bit R3 = load_le<u16bit>(in, 3); - - for(size_t j = 0; j != 16; ++j) - { - R0 += (R1 & ~R3) + (R2 & R3) + K[4*j]; - R0 = rotate_left(R0, 1); - - R1 += (R2 & ~R0) + (R3 & R0) + K[4*j + 1]; - R1 = rotate_left(R1, 2); - - R2 += (R3 & ~R1) + (R0 & R1) + K[4*j + 2]; - R2 = rotate_left(R2, 3); - - R3 += (R0 & ~R2) + (R1 & R2) + K[4*j + 3]; - R3 = rotate_left(R3, 5); - - if(j == 4 || j == 10) - { - R0 += K[R3 % 64]; - R1 += K[R0 % 64]; - R2 += K[R1 % 64]; - R3 += K[R2 % 64]; - } - } - - store_le(out, R0, R1, R2, R3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC2 Decryption -*/ -void RC2::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u16bit R0 = load_le<u16bit>(in, 0); - u16bit R1 = load_le<u16bit>(in, 1); - u16bit R2 = load_le<u16bit>(in, 2); - u16bit R3 = load_le<u16bit>(in, 3); - - for(size_t j = 0; j != 16; ++j) - { - R3 = rotate_right(R3, 5); - R3 -= (R0 & ~R2) + (R1 & R2) + K[63 - (4*j + 0)]; - - R2 = rotate_right(R2, 3); - R2 -= (R3 & ~R1) + (R0 & R1) + K[63 - (4*j + 1)]; - - R1 = rotate_right(R1, 2); - R1 -= (R2 & ~R0) + (R3 & R0) + K[63 - (4*j + 2)]; - - R0 = rotate_right(R0, 1); - R0 -= (R1 & ~R3) + (R2 & R3) + K[63 - (4*j + 3)]; - - if(j == 4 || j == 10) - { - R3 -= K[R2 % 64]; - R2 -= K[R1 % 64]; - R1 -= K[R0 % 64]; - R0 -= K[R3 % 64]; - } - } - - store_le(out, R0, R1, R2, R3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC2 Key Schedule -*/ -void RC2::key_schedule(const byte key[], size_t length) - { - static const byte TABLE[256] = { - 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, 0x28, 0xE9, 0xFD, 0x79, - 0x4A, 0xA0, 0xD8, 0x9D, 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, - 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, 0x17, 0x9A, 0x59, 0xF5, - 0x87, 0xB3, 0x4F, 0x13, 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, - 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, 0xF0, 0x95, 0x21, 0x22, - 0x5C, 0x6B, 0x4E, 0x82, 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, - 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, 0x12, 0x75, 0xCA, 0x1F, - 0x3B, 0xBE, 0xE4, 0xD1, 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, - 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, 0x27, 0xF2, 0x1D, 0x9B, - 0xBC, 0x94, 0x43, 0x03, 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, - 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, 0x08, 0xE8, 0xEA, 0xDE, - 0x80, 0x52, 0xEE, 0xF7, 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, - 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, 0x4B, 0x9F, 0xD0, 0x5E, - 0x04, 0x18, 0xA4, 0xEC, 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, - 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, 0x99, 0x7C, 0x3A, 0x85, - 0x23, 0xB8, 0xB4, 0x7A, 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, - 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, 0x05, 0xDF, 0x29, 0x10, - 0x67, 0x6C, 0xBA, 0xC9, 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, - 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, 0x0D, 0x38, 0x34, 0x1B, - 0xAB, 0x33, 0xFF, 0xB0, 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, - 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, 0x0A, 0xA6, 0x20, 0x68, - 0xFE, 0x7F, 0xC1, 0xAD }; - - secure_vector<byte> L(128); - copy_mem(&L[0], key, length); - - for(size_t i = length; i != 128; ++i) - L[i] = TABLE[(L[i-1] + L[i-length]) % 256]; - - L[128-length] = TABLE[L[128-length]]; - - for(s32bit i = 127-length; i >= 0; --i) - L[i] = TABLE[L[i+1] ^ L[i+length]]; - - K.resize(64); - load_le<u16bit>(&K[0], &L[0], 64); - } - -void RC2::clear() - { - zap(K); - } - -/* -* Return the code of the effective key bits -*/ -byte RC2::EKB_code(size_t ekb) - { - const byte EKB[256] = { - 0xBD, 0x56, 0xEA, 0xF2, 0xA2, 0xF1, 0xAC, 0x2A, 0xB0, 0x93, 0xD1, 0x9C, - 0x1B, 0x33, 0xFD, 0xD0, 0x30, 0x04, 0xB6, 0xDC, 0x7D, 0xDF, 0x32, 0x4B, - 0xF7, 0xCB, 0x45, 0x9B, 0x31, 0xBB, 0x21, 0x5A, 0x41, 0x9F, 0xE1, 0xD9, - 0x4A, 0x4D, 0x9E, 0xDA, 0xA0, 0x68, 0x2C, 0xC3, 0x27, 0x5F, 0x80, 0x36, - 0x3E, 0xEE, 0xFB, 0x95, 0x1A, 0xFE, 0xCE, 0xA8, 0x34, 0xA9, 0x13, 0xF0, - 0xA6, 0x3F, 0xD8, 0x0C, 0x78, 0x24, 0xAF, 0x23, 0x52, 0xC1, 0x67, 0x17, - 0xF5, 0x66, 0x90, 0xE7, 0xE8, 0x07, 0xB8, 0x60, 0x48, 0xE6, 0x1E, 0x53, - 0xF3, 0x92, 0xA4, 0x72, 0x8C, 0x08, 0x15, 0x6E, 0x86, 0x00, 0x84, 0xFA, - 0xF4, 0x7F, 0x8A, 0x42, 0x19, 0xF6, 0xDB, 0xCD, 0x14, 0x8D, 0x50, 0x12, - 0xBA, 0x3C, 0x06, 0x4E, 0xEC, 0xB3, 0x35, 0x11, 0xA1, 0x88, 0x8E, 0x2B, - 0x94, 0x99, 0xB7, 0x71, 0x74, 0xD3, 0xE4, 0xBF, 0x3A, 0xDE, 0x96, 0x0E, - 0xBC, 0x0A, 0xED, 0x77, 0xFC, 0x37, 0x6B, 0x03, 0x79, 0x89, 0x62, 0xC6, - 0xD7, 0xC0, 0xD2, 0x7C, 0x6A, 0x8B, 0x22, 0xA3, 0x5B, 0x05, 0x5D, 0x02, - 0x75, 0xD5, 0x61, 0xE3, 0x18, 0x8F, 0x55, 0x51, 0xAD, 0x1F, 0x0B, 0x5E, - 0x85, 0xE5, 0xC2, 0x57, 0x63, 0xCA, 0x3D, 0x6C, 0xB4, 0xC5, 0xCC, 0x70, - 0xB2, 0x91, 0x59, 0x0D, 0x47, 0x20, 0xC8, 0x4F, 0x58, 0xE0, 0x01, 0xE2, - 0x16, 0x38, 0xC4, 0x6F, 0x3B, 0x0F, 0x65, 0x46, 0xBE, 0x7E, 0x2D, 0x7B, - 0x82, 0xF9, 0x40, 0xB5, 0x1D, 0x73, 0xF8, 0xEB, 0x26, 0xC7, 0x87, 0x97, - 0x25, 0x54, 0xB1, 0x28, 0xAA, 0x98, 0x9D, 0xA5, 0x64, 0x6D, 0x7A, 0xD4, - 0x10, 0x81, 0x44, 0xEF, 0x49, 0xD6, 0xAE, 0x2E, 0xDD, 0x76, 0x5C, 0x2F, - 0xA7, 0x1C, 0xC9, 0x09, 0x69, 0x9A, 0x83, 0xCF, 0x29, 0x39, 0xB9, 0xE9, - 0x4C, 0xFF, 0x43, 0xAB }; - - if(ekb < 256) - return EKB[ekb]; - else - throw Encoding_Error("RC2::EKB_code: EKB is too large"); - } - -} diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h deleted file mode 100644 index ae41c9ce2..000000000 --- a/src/block/rc2/rc2.h +++ /dev/null @@ -1,42 +0,0 @@ -/* -* RC2 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_RC2_H__ -#define BOTAN_RC2_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* RC2 -*/ -class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - /** - * Return the code of the effective key bits - * @param bits key length - * @return EKB code - */ - static byte EKB_code(size_t bits); - - void clear(); - std::string name() const { return "RC2"; } - BlockCipher* clone() const { return new RC2; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u16bit> K; - }; - -} - -#endif diff --git a/src/block/rc5/info.txt b/src/block/rc5/info.txt deleted file mode 100644 index 2c2c613ba..000000000 --- a/src/block/rc5/info.txt +++ /dev/null @@ -1 +0,0 @@ -define RC5 20131128 diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp deleted file mode 100644 index f370e6cfb..000000000 --- a/src/block/rc5/rc5.cpp +++ /dev/null @@ -1,135 +0,0 @@ -/* -* RC5 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/rc5.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> -#include <botan/parsing.h> -#include <algorithm> - -namespace Botan { - -/* -* RC5 Encryption -*/ -void RC5::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0); - u32bit B = load_le<u32bit>(in, 1); - - A += S[0]; B += S[1]; - for(size_t j = 0; j != rounds; j += 4) - { - A = rotate_left(A ^ B, B % 32) + S[2*j+2]; - B = rotate_left(B ^ A, A % 32) + S[2*j+3]; - - A = rotate_left(A ^ B, B % 32) + S[2*j+4]; - B = rotate_left(B ^ A, A % 32) + S[2*j+5]; - - A = rotate_left(A ^ B, B % 32) + S[2*j+6]; - B = rotate_left(B ^ A, A % 32) + S[2*j+7]; - - A = rotate_left(A ^ B, B % 32) + S[2*j+8]; - B = rotate_left(B ^ A, A % 32) + S[2*j+9]; - } - - store_le(out, A, B); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC5 Decryption -*/ -void RC5::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0); - u32bit B = load_le<u32bit>(in, 1); - - for(size_t j = rounds; j != 0; j -= 4) - { - B = rotate_right(B - S[2*j+1], A % 32) ^ A; - A = rotate_right(A - S[2*j ], B % 32) ^ B; - - B = rotate_right(B - S[2*j-1], A % 32) ^ A; - A = rotate_right(A - S[2*j-2], B % 32) ^ B; - - B = rotate_right(B - S[2*j-3], A % 32) ^ A; - A = rotate_right(A - S[2*j-4], B % 32) ^ B; - - B = rotate_right(B - S[2*j-5], A % 32) ^ A; - A = rotate_right(A - S[2*j-6], B % 32) ^ B; - } - B -= S[1]; A -= S[0]; - - store_le(out, A, B); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC5 Key Schedule -*/ -void RC5::key_schedule(const byte key[], size_t length) - { - S.resize(2*rounds + 2); - - const size_t WORD_KEYLENGTH = (((length - 1) / 4) + 1); - const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, S.size()); - - S[0] = 0xB7E15163; - for(size_t i = 1; i != S.size(); ++i) - S[i] = S[i-1] + 0x9E3779B9; - - secure_vector<u32bit> K(8); - - for(s32bit i = length-1; i >= 0; --i) - K[i/4] = (K[i/4] << 8) + key[i]; - - u32bit A = 0, B = 0; - - for(size_t i = 0; i != MIX_ROUNDS; ++i) - { - A = rotate_left(S[i % S.size()] + A + B, 3); - B = rotate_left(K[i % WORD_KEYLENGTH] + A + B, (A + B) % 32); - S[i % S.size()] = A; - K[i % WORD_KEYLENGTH] = B; - } - } - -void RC5::clear() - { - zap(S); - } - -/* -* Return the name of this type -*/ -std::string RC5::name() const - { - return "RC5(" + std::to_string(rounds) + ")"; - } - -/* -* RC5 Constructor -*/ -RC5::RC5(size_t r) : rounds(r) - { - if(rounds < 8 || rounds > 32 || (rounds % 4 != 0)) - throw Invalid_Argument("RC5: Invalid number of rounds " + - std::to_string(rounds)); - } - -} diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h deleted file mode 100644 index 9055974e5..000000000 --- a/src/block/rc5/rc5.h +++ /dev/null @@ -1,42 +0,0 @@ -/* -* RC5 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_RC5_H__ -#define BOTAN_RC5_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* RC5 -*/ -class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const; - BlockCipher* clone() const { return new RC5(rounds); } - - /** - * @param rounds the number of RC5 rounds to run. Must be between - * 8 and 32 and a multiple of 4. - */ - RC5(size_t rounds); - private: - void key_schedule(const byte[], size_t); - - size_t rounds; - secure_vector<u32bit> S; - }; - -} - -#endif diff --git a/src/block/rc6/info.txt b/src/block/rc6/info.txt deleted file mode 100644 index e54379f65..000000000 --- a/src/block/rc6/info.txt +++ /dev/null @@ -1 +0,0 @@ -define RC6 20131128 diff --git a/src/block/rc6/rc6.cpp b/src/block/rc6/rc6.cpp deleted file mode 100644 index 01255954d..000000000 --- a/src/block/rc6/rc6.cpp +++ /dev/null @@ -1,145 +0,0 @@ -/* -* RC6 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/rc6.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> -#include <algorithm> - -namespace Botan { - -/* -* RC6 Encryption -*/ -void RC6::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0); - u32bit B = load_le<u32bit>(in, 1); - u32bit C = load_le<u32bit>(in, 2); - u32bit D = load_le<u32bit>(in, 3); - - B += S[0]; D += S[1]; - - for(size_t j = 0; j != 20; j += 4) - { - u32bit T1, T2; - - T1 = rotate_left(B*(2*B+1), 5); - T2 = rotate_left(D*(2*D+1), 5); - A = rotate_left(A ^ T1, T2 % 32) + S[2*j+2]; - C = rotate_left(C ^ T2, T1 % 32) + S[2*j+3]; - - T1 = rotate_left(C*(2*C+1), 5); - T2 = rotate_left(A*(2*A+1), 5); - B = rotate_left(B ^ T1, T2 % 32) + S[2*j+4]; - D = rotate_left(D ^ T2, T1 % 32) + S[2*j+5]; - - T1 = rotate_left(D*(2*D+1), 5); - T2 = rotate_left(B*(2*B+1), 5); - C = rotate_left(C ^ T1, T2 % 32) + S[2*j+6]; - A = rotate_left(A ^ T2, T1 % 32) + S[2*j+7]; - - T1 = rotate_left(A*(2*A+1), 5); - T2 = rotate_left(C*(2*C+1), 5); - D = rotate_left(D ^ T1, T2 % 32) + S[2*j+8]; - B = rotate_left(B ^ T2, T1 % 32) + S[2*j+9]; - } - - A += S[42]; C += S[43]; - - store_le(out, A, B, C, D); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC6 Decryption -*/ -void RC6::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0); - u32bit B = load_le<u32bit>(in, 1); - u32bit C = load_le<u32bit>(in, 2); - u32bit D = load_le<u32bit>(in, 3); - - C -= S[43]; A -= S[42]; - - for(size_t j = 0; j != 20; j += 4) - { - u32bit T1, T2; - - T1 = rotate_left(A*(2*A+1), 5); - T2 = rotate_left(C*(2*C+1), 5); - B = rotate_right(B - S[41 - 2*j], T1 % 32) ^ T2; - D = rotate_right(D - S[40 - 2*j], T2 % 32) ^ T1; - - T1 = rotate_left(D*(2*D+1), 5); - T2 = rotate_left(B*(2*B+1), 5); - A = rotate_right(A - S[39 - 2*j], T1 % 32) ^ T2; - C = rotate_right(C - S[38 - 2*j], T2 % 32) ^ T1; - - T1 = rotate_left(C*(2*C+1), 5); - T2 = rotate_left(A*(2*A+1), 5); - D = rotate_right(D - S[37 - 2*j], T1 % 32) ^ T2; - B = rotate_right(B - S[36 - 2*j], T2 % 32) ^ T1; - - T1 = rotate_left(B*(2*B+1), 5); - T2 = rotate_left(D*(2*D+1), 5); - C = rotate_right(C - S[35 - 2*j], T1 % 32) ^ T2; - A = rotate_right(A - S[34 - 2*j], T2 % 32) ^ T1; - } - - D -= S[1]; B -= S[0]; - - store_le(out, A, B, C, D); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* RC6 Key Schedule -*/ -void RC6::key_schedule(const byte key[], size_t length) - { - S.resize(44); - - const size_t WORD_KEYLENGTH = (((length - 1) / 4) + 1); - const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, S.size()); - - S[0] = 0xB7E15163; - for(size_t i = 1; i != S.size(); ++i) - S[i] = S[i-1] + 0x9E3779B9; - - secure_vector<u32bit> K(8); - - for(s32bit i = length-1; i >= 0; --i) - K[i/4] = (K[i/4] << 8) + key[i]; - - u32bit A = 0, B = 0; - for(size_t i = 0; i != MIX_ROUNDS; ++i) - { - A = rotate_left(S[i % S.size()] + A + B, 3); - B = rotate_left(K[i % WORD_KEYLENGTH] + A + B, (A + B) % 32); - S[i % S.size()] = A; - K[i % WORD_KEYLENGTH] = B; - } - } - -void RC6::clear() - { - zap(S); - } - -} diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h deleted file mode 100644 index 4331c3e0f..000000000 --- a/src/block/rc6/rc6.h +++ /dev/null @@ -1,35 +0,0 @@ -/* -* RC6 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_RC6_H__ -#define BOTAN_RC6_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* RC6, Ron Rivest's AES candidate -*/ -class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "RC6"; } - BlockCipher* clone() const { return new RC6; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<u32bit> S; - }; - -} - -#endif diff --git a/src/block/safer/info.txt b/src/block/safer/info.txt deleted file mode 100644 index ad7841dab..000000000 --- a/src/block/safer/info.txt +++ /dev/null @@ -1 +0,0 @@ -define SAFER 20131128 diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp deleted file mode 100644 index 3e93ab8cf..000000000 --- a/src/block/safer/safer_sk.cpp +++ /dev/null @@ -1,256 +0,0 @@ -/* -* SAFER-SK -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/safer_sk.h> -#include <botan/rotate.h> -#include <botan/parsing.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -const byte EXP[256] = { - 0x01, 0x2D, 0xE2, 0x93, 0xBE, 0x45, 0x15, 0xAE, 0x78, 0x03, 0x87, 0xA4, - 0xB8, 0x38, 0xCF, 0x3F, 0x08, 0x67, 0x09, 0x94, 0xEB, 0x26, 0xA8, 0x6B, - 0xBD, 0x18, 0x34, 0x1B, 0xBB, 0xBF, 0x72, 0xF7, 0x40, 0x35, 0x48, 0x9C, - 0x51, 0x2F, 0x3B, 0x55, 0xE3, 0xC0, 0x9F, 0xD8, 0xD3, 0xF3, 0x8D, 0xB1, - 0xFF, 0xA7, 0x3E, 0xDC, 0x86, 0x77, 0xD7, 0xA6, 0x11, 0xFB, 0xF4, 0xBA, - 0x92, 0x91, 0x64, 0x83, 0xF1, 0x33, 0xEF, 0xDA, 0x2C, 0xB5, 0xB2, 0x2B, - 0x88, 0xD1, 0x99, 0xCB, 0x8C, 0x84, 0x1D, 0x14, 0x81, 0x97, 0x71, 0xCA, - 0x5F, 0xA3, 0x8B, 0x57, 0x3C, 0x82, 0xC4, 0x52, 0x5C, 0x1C, 0xE8, 0xA0, - 0x04, 0xB4, 0x85, 0x4A, 0xF6, 0x13, 0x54, 0xB6, 0xDF, 0x0C, 0x1A, 0x8E, - 0xDE, 0xE0, 0x39, 0xFC, 0x20, 0x9B, 0x24, 0x4E, 0xA9, 0x98, 0x9E, 0xAB, - 0xF2, 0x60, 0xD0, 0x6C, 0xEA, 0xFA, 0xC7, 0xD9, 0x00, 0xD4, 0x1F, 0x6E, - 0x43, 0xBC, 0xEC, 0x53, 0x89, 0xFE, 0x7A, 0x5D, 0x49, 0xC9, 0x32, 0xC2, - 0xF9, 0x9A, 0xF8, 0x6D, 0x16, 0xDB, 0x59, 0x96, 0x44, 0xE9, 0xCD, 0xE6, - 0x46, 0x42, 0x8F, 0x0A, 0xC1, 0xCC, 0xB9, 0x65, 0xB0, 0xD2, 0xC6, 0xAC, - 0x1E, 0x41, 0x62, 0x29, 0x2E, 0x0E, 0x74, 0x50, 0x02, 0x5A, 0xC3, 0x25, - 0x7B, 0x8A, 0x2A, 0x5B, 0xF0, 0x06, 0x0D, 0x47, 0x6F, 0x70, 0x9D, 0x7E, - 0x10, 0xCE, 0x12, 0x27, 0xD5, 0x4C, 0x4F, 0xD6, 0x79, 0x30, 0x68, 0x36, - 0x75, 0x7D, 0xE4, 0xED, 0x80, 0x6A, 0x90, 0x37, 0xA2, 0x5E, 0x76, 0xAA, - 0xC5, 0x7F, 0x3D, 0xAF, 0xA5, 0xE5, 0x19, 0x61, 0xFD, 0x4D, 0x7C, 0xB7, - 0x0B, 0xEE, 0xAD, 0x4B, 0x22, 0xF5, 0xE7, 0x73, 0x23, 0x21, 0xC8, 0x05, - 0xE1, 0x66, 0xDD, 0xB3, 0x58, 0x69, 0x63, 0x56, 0x0F, 0xA1, 0x31, 0x95, - 0x17, 0x07, 0x3A, 0x28 }; - -const byte LOG[512] = { - 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, 0x10, 0x12, 0x9F, 0xE4, - 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, 0x4F, 0x06, 0x94, 0xFC, - 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, 0x70, 0xED, 0xE8, 0xEC, - 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, 0x44, 0x01, 0xAC, 0x25, - 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, 0x0D, 0x6E, 0xFE, 0x26, - 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, 0x98, 0x05, 0x9C, 0xBB, - 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, 0xAF, 0x24, 0x5B, 0x87, - 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, 0x5C, 0x8B, 0xD5, 0x54, - 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, 0xCA, 0xF5, 0xD1, 0x17, - 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, 0xAE, 0xCC, 0xD6, 0x35, - 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, 0xD0, 0x50, 0x59, 0x3F, - 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, 0x4C, 0x2E, 0x6B, 0x9E, - 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, 0x75, 0x4A, 0x91, 0x71, - 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, 0x0B, 0xDC, 0x37, 0x31, - 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, 0xA4, 0x2F, 0x46, 0xF3, - 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, 0x85, 0x18, 0x04, 0x1D, - 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, 0xEE, 0x8D, 0x53, 0x4B, - 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, 0x81, 0xC4, 0xC7, 0x36, - 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, 0x6D, 0xF0, 0x02, 0x28, - 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, 0x86, 0xCF, 0xE5, 0x42, - 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, 0x92, 0x90, 0x7D, 0x39, - 0x6F, 0xE0, 0x89, 0x30, 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, - 0x10, 0x12, 0x9F, 0xE4, 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, - 0x4F, 0x06, 0x94, 0xFC, 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, - 0x70, 0xED, 0xE8, 0xEC, 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, - 0x44, 0x01, 0xAC, 0x25, 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, - 0x0D, 0x6E, 0xFE, 0x26, 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, - 0x98, 0x05, 0x9C, 0xBB, 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, - 0xAF, 0x24, 0x5B, 0x87, 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, - 0x5C, 0x8B, 0xD5, 0x54, 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, - 0xCA, 0xF5, 0xD1, 0x17, 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, - 0xAE, 0xCC, 0xD6, 0x35, 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, - 0xD0, 0x50, 0x59, 0x3F, 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, - 0x4C, 0x2E, 0x6B, 0x9E, 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, - 0x75, 0x4A, 0x91, 0x71, 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, - 0x0B, 0xDC, 0x37, 0x31, 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, - 0xA4, 0x2F, 0x46, 0xF3, 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, - 0x85, 0x18, 0x04, 0x1D, 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, - 0xEE, 0x8D, 0x53, 0x4B, 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, - 0x81, 0xC4, 0xC7, 0x36, 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, - 0x6D, 0xF0, 0x02, 0x28, 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, - 0x86, 0xCF, 0xE5, 0x42, 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, - 0x92, 0x90, 0x7D, 0x39, 0x6F, 0xE0, 0x89, 0x30 }; - -} - -/* -* SAFER-SK Encryption -*/ -void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - byte A = in[0], B = in[1], C = in[2], D = in[3], - E = in[4], F = in[5], G = in[6], H = in[7], X, Y; - - for(size_t j = 0; j != 16*rounds; j += 16) - { - A = EXP[A ^ EK[j ]]; B = LOG[B + EK[j+1]]; - C = LOG[C + EK[j+2]]; D = EXP[D ^ EK[j+3]]; - E = EXP[E ^ EK[j+4]]; F = LOG[F + EK[j+5]]; - G = LOG[G + EK[j+6]]; H = EXP[H ^ EK[j+7]]; - - A += EK[j+ 8]; B ^= EK[j+ 9]; C ^= EK[j+10]; D += EK[j+11]; - E += EK[j+12]; F ^= EK[j+13]; G ^= EK[j+14]; H += EK[j+15]; - - B += A; D += C; F += E; H += G; A += B; C += D; E += F; G += H; - C += A; G += E; D += B; H += F; A += C; E += G; B += D; F += H; - H += D; Y = D + H; D = B + F; X = B + D; B = A + E; - A += B; F = C + G; E = C + F; C = X; G = Y; - } - - out[0] = A ^ EK[16*rounds+0]; out[1] = B + EK[16*rounds+1]; - out[2] = C + EK[16*rounds+2]; out[3] = D ^ EK[16*rounds+3]; - out[4] = E ^ EK[16*rounds+4]; out[5] = F + EK[16*rounds+5]; - out[6] = G + EK[16*rounds+6]; out[7] = H ^ EK[16*rounds+7]; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* SAFER-SK Decryption -*/ -void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - byte A = in[0], B = in[1], C = in[2], D = in[3], - E = in[4], F = in[5], G = in[6], H = in[7]; - - A ^= EK[16*rounds+0]; B -= EK[16*rounds+1]; C -= EK[16*rounds+2]; - D ^= EK[16*rounds+3]; E ^= EK[16*rounds+4]; F -= EK[16*rounds+5]; - G -= EK[16*rounds+6]; H ^= EK[16*rounds+7]; - - for(s32bit j = 16*(rounds-1); j >= 0; j -= 16) - { - byte T = E; E = B; B = C; C = T; T = F; F = D; D = G; G = T; - A -= E; B -= F; C -= G; D -= H; E -= A; F -= B; G -= C; H -= D; - A -= C; E -= G; B -= D; F -= H; C -= A; G -= E; D -= B; H -= F; - A -= B; C -= D; E -= F; G -= H; B -= A; D -= C; F -= E; H -= G; - - A = LOG[A - EK[j+8 ] + 256]; B = EXP[B ^ EK[j+9 ]]; - C = EXP[C ^ EK[j+10]]; D = LOG[D - EK[j+11] + 256]; - E = LOG[E - EK[j+12] + 256]; F = EXP[F ^ EK[j+13]]; - G = EXP[G ^ EK[j+14]]; H = LOG[H - EK[j+15] + 256]; - - A ^= EK[j+0]; B -= EK[j+1]; C -= EK[j+2]; D ^= EK[j+3]; - E ^= EK[j+4]; F -= EK[j+5]; G -= EK[j+6]; H ^= EK[j+7]; - } - - out[0] = A; out[1] = B; out[2] = C; out[3] = D; - out[4] = E; out[5] = F; out[6] = G; out[7] = H; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* SAFER-SK Key Schedule -*/ -void SAFER_SK::key_schedule(const byte key[], size_t) - { - const byte BIAS[208] = { - 0x16, 0x73, 0x3B, 0x1E, 0x8E, 0x70, 0xBD, 0x86, 0x47, 0x7E, 0x24, 0x56, - 0xF1, 0x77, 0x88, 0x46, 0xB1, 0xBA, 0xA3, 0xB7, 0x10, 0x0A, 0xC5, 0x37, - 0xC9, 0x5A, 0x28, 0xAC, 0x64, 0xA5, 0xEC, 0xAB, 0xC6, 0x67, 0x95, 0x58, - 0x0D, 0xF8, 0x9A, 0xF6, 0x66, 0xDC, 0x05, 0x3D, 0xD3, 0x8A, 0xC3, 0xD8, - 0x6A, 0xE9, 0x36, 0x49, 0x43, 0xBF, 0xEB, 0xD4, 0x9B, 0x68, 0xA0, 0x65, - 0x5D, 0x57, 0x92, 0x1F, 0x71, 0x5C, 0xBB, 0x22, 0xC1, 0xBE, 0x7B, 0xBC, - 0x63, 0x94, 0x5F, 0x2A, 0x61, 0xB8, 0x34, 0x32, 0xFD, 0xFB, 0x17, 0x40, - 0xE6, 0x51, 0x1D, 0x41, 0x8F, 0x29, 0xDD, 0x04, 0x80, 0xDE, 0xE7, 0x31, - 0x7F, 0x01, 0xA2, 0xF7, 0x39, 0xDA, 0x6F, 0x23, 0xFE, 0x3A, 0xD0, 0x1C, - 0xD1, 0x30, 0x3E, 0x12, 0xCD, 0x0F, 0xE0, 0xA8, 0xAF, 0x82, 0x59, 0x2C, - 0x7D, 0xAD, 0xB2, 0xEF, 0xC2, 0x87, 0xCE, 0x75, 0x13, 0x02, 0x90, 0x4F, - 0x2E, 0x72, 0x33, 0x85, 0x8D, 0xCF, 0xA9, 0x81, 0xE2, 0xC4, 0x27, 0x2F, - 0x7A, 0x9F, 0x52, 0xE1, 0x15, 0x38, 0x2B, 0xFC, 0x42, 0xC7, 0x08, 0xE4, - 0x09, 0x55, 0x5E, 0x8C, 0x76, 0x60, 0xFF, 0xDF, 0xD7, 0x98, 0xFA, 0x0B, - 0x00, 0x1A, 0xF9, 0xA6, 0xB9, 0xE8, 0x9E, 0x62, 0xD9, 0x91, 0x50, 0xD2, - 0xEE, 0x18, 0xB4, 0x07, 0xEA, 0x5B, 0xA4, 0xC8, 0x0E, 0xCB, 0x48, 0x69, - 0x4E, 0x9C, 0x35, 0x79, 0x45, 0x4D, 0x54, 0xE5, 0x3C, 0x0C, 0x4A, 0x8B, - 0x3F, 0xCC, 0xA7, 0xDB }; - - const byte KEY_INDEX[208] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, - 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, - 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, - 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x02, 0x03, 0x04, 0x05, - 0x06, 0x07, 0x08, 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, - 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x0E, 0x0F, 0x10, 0x11, - 0x09, 0x0A, 0x0B, 0x0C, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, - 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x08, 0x00, 0x01, 0x02, - 0x03, 0x04, 0x05, 0x06, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, - 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, - 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, - 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F }; - - EK.resize(16 * rounds + 8); - - secure_vector<byte> KB(18); - - for(size_t i = 0; i != 8; ++i) - { - KB[ 8] ^= KB[i] = rotate_left(key[i], 5); - KB[17] ^= KB[i+9] = EK[i] = key[i+8]; - } - - for(size_t i = 0; i != rounds; ++i) - { - for(size_t j = 0; j != 18; ++j) - KB[j] = rotate_left(KB[j], 6); - for(size_t j = 0; j != 16; ++j) - EK[16*i+j+8] = KB[KEY_INDEX[16*i+j]] + BIAS[16*i+j]; - } - } - -void SAFER_SK::clear() - { - zap(EK); - } - -/* -* Return the name of this type -*/ -std::string SAFER_SK::name() const - { - return "SAFER-SK(" + std::to_string(rounds) + ")"; - } - -/* -* Return a clone of this object -*/ -BlockCipher* SAFER_SK::clone() const - { - return new SAFER_SK(rounds); - } - -/* -* SAFER-SK Constructor -*/ -SAFER_SK::SAFER_SK(size_t r) : rounds(r) - { - if(rounds > 13 || rounds == 0) - throw Invalid_Argument(name() + ": Invalid number of rounds"); - } - -} diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h deleted file mode 100644 index 043ecb456..000000000 --- a/src/block/safer/safer_sk.h +++ /dev/null @@ -1,42 +0,0 @@ -/* -* SAFER-SK -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SAFER_SK_H__ -#define BOTAN_SAFER_SK_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* SAFER-SK -*/ -class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const; - BlockCipher* clone() const; - - /** - * @param rounds the number of rounds to use - must be between 1 - * and 13 - */ - SAFER_SK(size_t rounds); - private: - void key_schedule(const byte[], size_t); - - size_t rounds; - secure_vector<byte> EK; - }; - -} - -#endif diff --git a/src/block/seed/info.txt b/src/block/seed/info.txt deleted file mode 100644 index 1c6b28792..000000000 --- a/src/block/seed/info.txt +++ /dev/null @@ -1 +0,0 @@ -define SEED 20131128 diff --git a/src/block/seed/seed.cpp b/src/block/seed/seed.cpp deleted file mode 100644 index d133e4153..000000000 --- a/src/block/seed/seed.cpp +++ /dev/null @@ -1,146 +0,0 @@ -/* -* SEED -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/seed.h> -#include <botan/loadstor.h> - -namespace Botan { - -/* -* SEED G Function -*/ -u32bit SEED::G_FUNC::operator()(u32bit X) const - { - return (S0[get_byte(3, X)] ^ S1[get_byte(2, X)] ^ - S2[get_byte(1, X)] ^ S3[get_byte(0, X)]); - } - -/* -* SEED Encryption -*/ -void SEED::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0 = load_be<u32bit>(in, 0); - u32bit B1 = load_be<u32bit>(in, 1); - u32bit B2 = load_be<u32bit>(in, 2); - u32bit B3 = load_be<u32bit>(in, 3); - - G_FUNC G; - - for(size_t j = 0; j != 16; j += 2) - { - u32bit T0, T1; - - T0 = B2 ^ K[2*j]; - T1 = G(B2 ^ B3 ^ K[2*j+1]); - T0 = G(T1 + T0); - T1 = G(T1 + T0); - B1 ^= T1; - B0 ^= T0 + T1; - - T0 = B0 ^ K[2*j+2]; - T1 = G(B0 ^ B1 ^ K[2*j+3]); - T0 = G(T1 + T0); - T1 = G(T1 + T0); - B3 ^= T1; - B2 ^= T0 + T1; - } - - store_be(out, B2, B3, B0, B1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* SEED Decryption -*/ -void SEED::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0 = load_be<u32bit>(in, 0); - u32bit B1 = load_be<u32bit>(in, 1); - u32bit B2 = load_be<u32bit>(in, 2); - u32bit B3 = load_be<u32bit>(in, 3); - - G_FUNC G; - - for(size_t j = 0; j != 16; j += 2) - { - u32bit T0, T1; - - T0 = B2 ^ K[30-2*j]; - T1 = G(B2 ^ B3 ^ K[31-2*j]); - T0 = G(T1 + T0); - T1 = G(T1 + T0); - B1 ^= T1; - B0 ^= T0 + T1; - - T0 = B0 ^ K[28-2*j]; - T1 = G(B0 ^ B1 ^ K[29-2*j]); - T0 = G(T1 + T0); - T1 = G(T1 + T0); - B3 ^= T1; - B2 ^= T0 + T1; - } - - store_be(out, B2, B3, B0, B1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* SEED Key Schedule -*/ -void SEED::key_schedule(const byte key[], size_t) - { - const u32bit RC[16] = { - 0x9E3779B9, 0x3C6EF373, 0x78DDE6E6, 0xF1BBCDCC, - 0xE3779B99, 0xC6EF3733, 0x8DDE6E67, 0x1BBCDCCF, - 0x3779B99E, 0x6EF3733C, 0xDDE6E678, 0xBBCDCCF1, - 0x779B99E3, 0xEF3733C6, 0xDE6E678D, 0xBCDCCF1B - }; - - secure_vector<u32bit> WK(4); - - for(size_t i = 0; i != 4; ++i) - WK[i] = load_be<u32bit>(key, i); - - G_FUNC G; - - K.resize(32); - - for(size_t i = 0; i != 16; i += 2) - { - K[2*i ] = G(WK[0] + WK[2] - RC[i]); - K[2*i+1] = G(WK[1] - WK[3] + RC[i]) ^ K[2*i]; - - byte T = get_byte(3, WK[0]); - WK[0] = (WK[0] >> 8) | (get_byte(3, WK[1]) << 24); - WK[1] = (WK[1] >> 8) | (T << 24); - - K[2*i+2] = G(WK[0] + WK[2] - RC[i+1]); - K[2*i+3] = G(WK[1] - WK[3] + RC[i+1]) ^ K[2*i+2]; - - T = get_byte(0, WK[3]); - WK[3] = (WK[3] << 8) | get_byte(0, WK[2]); - WK[2] = (WK[2] << 8) | T; - } - } - -void SEED::clear() - { - zap(K); - } - -} diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h deleted file mode 100644 index 25138a700..000000000 --- a/src/block/seed/seed.h +++ /dev/null @@ -1,43 +0,0 @@ -/* -* SEED -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SEED_H__ -#define BOTAN_SEED_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* SEED, a Korean block cipher -*/ -class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "SEED"; } - BlockCipher* clone() const { return new SEED; } - private: - void key_schedule(const byte[], size_t); - - class G_FUNC - { - public: - u32bit operator()(u32bit) const; - private: - static const u32bit S0[256], S1[256], S2[256], S3[256]; - }; - - secure_vector<u32bit> K; - }; - -} - -#endif diff --git a/src/block/seed/seed_tab.cpp b/src/block/seed/seed_tab.cpp deleted file mode 100644 index 6ada36e52..000000000 --- a/src/block/seed/seed_tab.cpp +++ /dev/null @@ -1,192 +0,0 @@ -/* -* S-Box Tables for SEED -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/seed.h> - -namespace Botan { - -const u32bit SEED::G_FUNC::S0[256] = { - 0x2989A1A8, 0x05858184, 0x16C6D2D4, 0x13C3D3D0, 0x14445054, 0x1D0D111C, - 0x2C8CA0AC, 0x25052124, 0x1D4D515C, 0x03434340, 0x18081018, 0x1E0E121C, - 0x11415150, 0x3CCCF0FC, 0x0ACAC2C8, 0x23436360, 0x28082028, 0x04444044, - 0x20002020, 0x1D8D919C, 0x20C0E0E0, 0x22C2E2E0, 0x08C8C0C8, 0x17071314, - 0x2585A1A4, 0x0F8F838C, 0x03030300, 0x3B4B7378, 0x3B8BB3B8, 0x13031310, - 0x12C2D2D0, 0x2ECEE2EC, 0x30407070, 0x0C8C808C, 0x3F0F333C, 0x2888A0A8, - 0x32023230, 0x1DCDD1DC, 0x36C6F2F4, 0x34447074, 0x2CCCE0EC, 0x15859194, - 0x0B0B0308, 0x17475354, 0x1C4C505C, 0x1B4B5358, 0x3D8DB1BC, 0x01010100, - 0x24042024, 0x1C0C101C, 0x33437370, 0x18889098, 0x10001010, 0x0CCCC0CC, - 0x32C2F2F0, 0x19C9D1D8, 0x2C0C202C, 0x27C7E3E4, 0x32427270, 0x03838380, - 0x1B8B9398, 0x11C1D1D0, 0x06868284, 0x09C9C1C8, 0x20406060, 0x10405050, - 0x2383A3A0, 0x2BCBE3E8, 0x0D0D010C, 0x3686B2B4, 0x1E8E929C, 0x0F4F434C, - 0x3787B3B4, 0x1A4A5258, 0x06C6C2C4, 0x38487078, 0x2686A2A4, 0x12021210, - 0x2F8FA3AC, 0x15C5D1D4, 0x21416160, 0x03C3C3C0, 0x3484B0B4, 0x01414140, - 0x12425250, 0x3D4D717C, 0x0D8D818C, 0x08080008, 0x1F0F131C, 0x19899198, - 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37C7F3F4, 0x21C1E1E0, - 0x3DCDF1FC, 0x36467274, 0x2F0F232C, 0x27072324, 0x3080B0B0, 0x0B8B8388, - 0x0E0E020C, 0x2B8BA3A8, 0x2282A2A0, 0x2E4E626C, 0x13839390, 0x0D4D414C, - 0x29496168, 0x3C4C707C, 0x09090108, 0x0A0A0208, 0x3F8FB3BC, 0x2FCFE3EC, - 0x33C3F3F0, 0x05C5C1C4, 0x07878384, 0x14041014, 0x3ECEF2FC, 0x24446064, - 0x1ECED2DC, 0x2E0E222C, 0x0B4B4348, 0x1A0A1218, 0x06060204, 0x21012120, - 0x2B4B6368, 0x26466264, 0x02020200, 0x35C5F1F4, 0x12829290, 0x0A8A8288, - 0x0C0C000C, 0x3383B3B0, 0x3E4E727C, 0x10C0D0D0, 0x3A4A7278, 0x07474344, - 0x16869294, 0x25C5E1E4, 0x26062224, 0x00808080, 0x2D8DA1AC, 0x1FCFD3DC, - 0x2181A1A0, 0x30003030, 0x37073334, 0x2E8EA2AC, 0x36063234, 0x15051114, - 0x22022220, 0x38083038, 0x34C4F0F4, 0x2787A3A4, 0x05454144, 0x0C4C404C, - 0x01818180, 0x29C9E1E8, 0x04848084, 0x17879394, 0x35053134, 0x0BCBC3C8, - 0x0ECEC2CC, 0x3C0C303C, 0x31417170, 0x11011110, 0x07C7C3C4, 0x09898188, - 0x35457174, 0x3BCBF3F8, 0x1ACAD2D8, 0x38C8F0F8, 0x14849094, 0x19495158, - 0x02828280, 0x04C4C0C4, 0x3FCFF3FC, 0x09494148, 0x39093138, 0x27476364, - 0x00C0C0C0, 0x0FCFC3CC, 0x17C7D3D4, 0x3888B0B8, 0x0F0F030C, 0x0E8E828C, - 0x02424240, 0x23032320, 0x11819190, 0x2C4C606C, 0x1BCBD3D8, 0x2484A0A4, - 0x34043034, 0x31C1F1F0, 0x08484048, 0x02C2C2C0, 0x2F4F636C, 0x3D0D313C, - 0x2D0D212C, 0x00404040, 0x3E8EB2BC, 0x3E0E323C, 0x3C8CB0BC, 0x01C1C1C0, - 0x2A8AA2A8, 0x3A8AB2B8, 0x0E4E424C, 0x15455154, 0x3B0B3338, 0x1CCCD0DC, - 0x28486068, 0x3F4F737C, 0x1C8C909C, 0x18C8D0D8, 0x0A4A4248, 0x16465254, - 0x37477374, 0x2080A0A0, 0x2DCDE1EC, 0x06464244, 0x3585B1B4, 0x2B0B2328, - 0x25456164, 0x3ACAF2F8, 0x23C3E3E0, 0x3989B1B8, 0x3181B1B0, 0x1F8F939C, - 0x1E4E525C, 0x39C9F1F8, 0x26C6E2E4, 0x3282B2B0, 0x31013130, 0x2ACAE2E8, - 0x2D4D616C, 0x1F4F535C, 0x24C4E0E4, 0x30C0F0F0, 0x0DCDC1CC, 0x08888088, - 0x16061214, 0x3A0A3238, 0x18485058, 0x14C4D0D4, 0x22426260, 0x29092128, - 0x07070304, 0x33033330, 0x28C8E0E8, 0x1B0B1318, 0x05050104, 0x39497178, - 0x10809090, 0x2A4A6268, 0x2A0A2228, 0x1A8A9298 }; - -const u32bit SEED::G_FUNC::S1[256] = { - 0x38380830, 0xE828C8E0, 0x2C2D0D21, 0xA42686A2, 0xCC0FCFC3, 0xDC1ECED2, - 0xB03383B3, 0xB83888B0, 0xAC2F8FA3, 0x60204060, 0x54154551, 0xC407C7C3, - 0x44044440, 0x6C2F4F63, 0x682B4B63, 0x581B4B53, 0xC003C3C3, 0x60224262, - 0x30330333, 0xB43585B1, 0x28290921, 0xA02080A0, 0xE022C2E2, 0xA42787A3, - 0xD013C3D3, 0x90118191, 0x10110111, 0x04060602, 0x1C1C0C10, 0xBC3C8CB0, - 0x34360632, 0x480B4B43, 0xEC2FCFE3, 0x88088880, 0x6C2C4C60, 0xA82888A0, - 0x14170713, 0xC404C4C0, 0x14160612, 0xF434C4F0, 0xC002C2C2, 0x44054541, - 0xE021C1E1, 0xD416C6D2, 0x3C3F0F33, 0x3C3D0D31, 0x8C0E8E82, 0x98188890, - 0x28280820, 0x4C0E4E42, 0xF436C6F2, 0x3C3E0E32, 0xA42585A1, 0xF839C9F1, - 0x0C0D0D01, 0xDC1FCFD3, 0xD818C8D0, 0x282B0B23, 0x64264662, 0x783A4A72, - 0x24270723, 0x2C2F0F23, 0xF031C1F1, 0x70324272, 0x40024242, 0xD414C4D0, - 0x40014141, 0xC000C0C0, 0x70334373, 0x64274763, 0xAC2C8CA0, 0x880B8B83, - 0xF437C7F3, 0xAC2D8DA1, 0x80008080, 0x1C1F0F13, 0xC80ACAC2, 0x2C2C0C20, - 0xA82A8AA2, 0x34340430, 0xD012C2D2, 0x080B0B03, 0xEC2ECEE2, 0xE829C9E1, - 0x5C1D4D51, 0x94148490, 0x18180810, 0xF838C8F0, 0x54174753, 0xAC2E8EA2, - 0x08080800, 0xC405C5C1, 0x10130313, 0xCC0DCDC1, 0x84068682, 0xB83989B1, - 0xFC3FCFF3, 0x7C3D4D71, 0xC001C1C1, 0x30310131, 0xF435C5F1, 0x880A8A82, - 0x682A4A62, 0xB03181B1, 0xD011C1D1, 0x20200020, 0xD417C7D3, 0x00020202, - 0x20220222, 0x04040400, 0x68284860, 0x70314171, 0x04070703, 0xD81BCBD3, - 0x9C1D8D91, 0x98198991, 0x60214161, 0xBC3E8EB2, 0xE426C6E2, 0x58194951, - 0xDC1DCDD1, 0x50114151, 0x90108090, 0xDC1CCCD0, 0x981A8A92, 0xA02383A3, - 0xA82B8BA3, 0xD010C0D0, 0x80018181, 0x0C0F0F03, 0x44074743, 0x181A0A12, - 0xE023C3E3, 0xEC2CCCE0, 0x8C0D8D81, 0xBC3F8FB3, 0x94168692, 0x783B4B73, - 0x5C1C4C50, 0xA02282A2, 0xA02181A1, 0x60234363, 0x20230323, 0x4C0D4D41, - 0xC808C8C0, 0x9C1E8E92, 0x9C1C8C90, 0x383A0A32, 0x0C0C0C00, 0x2C2E0E22, - 0xB83A8AB2, 0x6C2E4E62, 0x9C1F8F93, 0x581A4A52, 0xF032C2F2, 0x90128292, - 0xF033C3F3, 0x48094941, 0x78384870, 0xCC0CCCC0, 0x14150511, 0xF83BCBF3, - 0x70304070, 0x74354571, 0x7C3F4F73, 0x34350531, 0x10100010, 0x00030303, - 0x64244460, 0x6C2D4D61, 0xC406C6C2, 0x74344470, 0xD415C5D1, 0xB43484B0, - 0xE82ACAE2, 0x08090901, 0x74364672, 0x18190911, 0xFC3ECEF2, 0x40004040, - 0x10120212, 0xE020C0E0, 0xBC3D8DB1, 0x04050501, 0xF83ACAF2, 0x00010101, - 0xF030C0F0, 0x282A0A22, 0x5C1E4E52, 0xA82989A1, 0x54164652, 0x40034343, - 0x84058581, 0x14140410, 0x88098981, 0x981B8B93, 0xB03080B0, 0xE425C5E1, - 0x48084840, 0x78394971, 0x94178793, 0xFC3CCCF0, 0x1C1E0E12, 0x80028282, - 0x20210121, 0x8C0C8C80, 0x181B0B13, 0x5C1F4F53, 0x74374773, 0x54144450, - 0xB03282B2, 0x1C1D0D11, 0x24250521, 0x4C0F4F43, 0x00000000, 0x44064642, - 0xEC2DCDE1, 0x58184850, 0x50124252, 0xE82BCBE3, 0x7C3E4E72, 0xD81ACAD2, - 0xC809C9C1, 0xFC3DCDF1, 0x30300030, 0x94158591, 0x64254561, 0x3C3C0C30, - 0xB43686B2, 0xE424C4E0, 0xB83B8BB3, 0x7C3C4C70, 0x0C0E0E02, 0x50104050, - 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393, - 0x34370733, 0xE427C7E3, 0x24240420, 0xA42484A0, 0xC80BCBC3, 0x50134353, - 0x080A0A02, 0x84078783, 0xD819C9D1, 0x4C0C4C40, 0x80038383, 0x8C0F8F83, - 0xCC0ECEC2, 0x383B0B33, 0x480A4A42, 0xB43787B3 }; - -const u32bit SEED::G_FUNC::S2[256] = { - 0xA1A82989, 0x81840585, 0xD2D416C6, 0xD3D013C3, 0x50541444, 0x111C1D0D, - 0xA0AC2C8C, 0x21242505, 0x515C1D4D, 0x43400343, 0x10181808, 0x121C1E0E, - 0x51501141, 0xF0FC3CCC, 0xC2C80ACA, 0x63602343, 0x20282808, 0x40440444, - 0x20202000, 0x919C1D8D, 0xE0E020C0, 0xE2E022C2, 0xC0C808C8, 0x13141707, - 0xA1A42585, 0x838C0F8F, 0x03000303, 0x73783B4B, 0xB3B83B8B, 0x13101303, - 0xD2D012C2, 0xE2EC2ECE, 0x70703040, 0x808C0C8C, 0x333C3F0F, 0xA0A82888, - 0x32303202, 0xD1DC1DCD, 0xF2F436C6, 0x70743444, 0xE0EC2CCC, 0x91941585, - 0x03080B0B, 0x53541747, 0x505C1C4C, 0x53581B4B, 0xB1BC3D8D, 0x01000101, - 0x20242404, 0x101C1C0C, 0x73703343, 0x90981888, 0x10101000, 0xC0CC0CCC, - 0xF2F032C2, 0xD1D819C9, 0x202C2C0C, 0xE3E427C7, 0x72703242, 0x83800383, - 0x93981B8B, 0xD1D011C1, 0x82840686, 0xC1C809C9, 0x60602040, 0x50501040, - 0xA3A02383, 0xE3E82BCB, 0x010C0D0D, 0xB2B43686, 0x929C1E8E, 0x434C0F4F, - 0xB3B43787, 0x52581A4A, 0xC2C406C6, 0x70783848, 0xA2A42686, 0x12101202, - 0xA3AC2F8F, 0xD1D415C5, 0x61602141, 0xC3C003C3, 0xB0B43484, 0x41400141, - 0x52501242, 0x717C3D4D, 0x818C0D8D, 0x00080808, 0x131C1F0F, 0x91981989, - 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xF3F437C7, 0xE1E021C1, - 0xF1FC3DCD, 0x72743646, 0x232C2F0F, 0x23242707, 0xB0B03080, 0x83880B8B, - 0x020C0E0E, 0xA3A82B8B, 0xA2A02282, 0x626C2E4E, 0x93901383, 0x414C0D4D, - 0x61682949, 0x707C3C4C, 0x01080909, 0x02080A0A, 0xB3BC3F8F, 0xE3EC2FCF, - 0xF3F033C3, 0xC1C405C5, 0x83840787, 0x10141404, 0xF2FC3ECE, 0x60642444, - 0xD2DC1ECE, 0x222C2E0E, 0x43480B4B, 0x12181A0A, 0x02040606, 0x21202101, - 0x63682B4B, 0x62642646, 0x02000202, 0xF1F435C5, 0x92901282, 0x82880A8A, - 0x000C0C0C, 0xB3B03383, 0x727C3E4E, 0xD0D010C0, 0x72783A4A, 0x43440747, - 0x92941686, 0xE1E425C5, 0x22242606, 0x80800080, 0xA1AC2D8D, 0xD3DC1FCF, - 0xA1A02181, 0x30303000, 0x33343707, 0xA2AC2E8E, 0x32343606, 0x11141505, - 0x22202202, 0x30383808, 0xF0F434C4, 0xA3A42787, 0x41440545, 0x404C0C4C, - 0x81800181, 0xE1E829C9, 0x80840484, 0x93941787, 0x31343505, 0xC3C80BCB, - 0xC2CC0ECE, 0x303C3C0C, 0x71703141, 0x11101101, 0xC3C407C7, 0x81880989, - 0x71743545, 0xF3F83BCB, 0xD2D81ACA, 0xF0F838C8, 0x90941484, 0x51581949, - 0x82800282, 0xC0C404C4, 0xF3FC3FCF, 0x41480949, 0x31383909, 0x63642747, - 0xC0C000C0, 0xC3CC0FCF, 0xD3D417C7, 0xB0B83888, 0x030C0F0F, 0x828C0E8E, - 0x42400242, 0x23202303, 0x91901181, 0x606C2C4C, 0xD3D81BCB, 0xA0A42484, - 0x30343404, 0xF1F031C1, 0x40480848, 0xC2C002C2, 0x636C2F4F, 0x313C3D0D, - 0x212C2D0D, 0x40400040, 0xB2BC3E8E, 0x323C3E0E, 0xB0BC3C8C, 0xC1C001C1, - 0xA2A82A8A, 0xB2B83A8A, 0x424C0E4E, 0x51541545, 0x33383B0B, 0xD0DC1CCC, - 0x60682848, 0x737C3F4F, 0x909C1C8C, 0xD0D818C8, 0x42480A4A, 0x52541646, - 0x73743747, 0xA0A02080, 0xE1EC2DCD, 0x42440646, 0xB1B43585, 0x23282B0B, - 0x61642545, 0xF2F83ACA, 0xE3E023C3, 0xB1B83989, 0xB1B03181, 0x939C1F8F, - 0x525C1E4E, 0xF1F839C9, 0xE2E426C6, 0xB2B03282, 0x31303101, 0xE2E82ACA, - 0x616C2D4D, 0x535C1F4F, 0xE0E424C4, 0xF0F030C0, 0xC1CC0DCD, 0x80880888, - 0x12141606, 0x32383A0A, 0x50581848, 0xD0D414C4, 0x62602242, 0x21282909, - 0x03040707, 0x33303303, 0xE0E828C8, 0x13181B0B, 0x01040505, 0x71783949, - 0x90901080, 0x62682A4A, 0x22282A0A, 0x92981A8A }; - -const u32bit SEED::G_FUNC::S3[256] = { - 0x08303838, 0xC8E0E828, 0x0D212C2D, 0x86A2A426, 0xCFC3CC0F, 0xCED2DC1E, - 0x83B3B033, 0x88B0B838, 0x8FA3AC2F, 0x40606020, 0x45515415, 0xC7C3C407, - 0x44404404, 0x4F636C2F, 0x4B63682B, 0x4B53581B, 0xC3C3C003, 0x42626022, - 0x03333033, 0x85B1B435, 0x09212829, 0x80A0A020, 0xC2E2E022, 0x87A3A427, - 0xC3D3D013, 0x81919011, 0x01111011, 0x06020406, 0x0C101C1C, 0x8CB0BC3C, - 0x06323436, 0x4B43480B, 0xCFE3EC2F, 0x88808808, 0x4C606C2C, 0x88A0A828, - 0x07131417, 0xC4C0C404, 0x06121416, 0xC4F0F434, 0xC2C2C002, 0x45414405, - 0xC1E1E021, 0xC6D2D416, 0x0F333C3F, 0x0D313C3D, 0x8E828C0E, 0x88909818, - 0x08202828, 0x4E424C0E, 0xC6F2F436, 0x0E323C3E, 0x85A1A425, 0xC9F1F839, - 0x0D010C0D, 0xCFD3DC1F, 0xC8D0D818, 0x0B23282B, 0x46626426, 0x4A72783A, - 0x07232427, 0x0F232C2F, 0xC1F1F031, 0x42727032, 0x42424002, 0xC4D0D414, - 0x41414001, 0xC0C0C000, 0x43737033, 0x47636427, 0x8CA0AC2C, 0x8B83880B, - 0xC7F3F437, 0x8DA1AC2D, 0x80808000, 0x0F131C1F, 0xCAC2C80A, 0x0C202C2C, - 0x8AA2A82A, 0x04303434, 0xC2D2D012, 0x0B03080B, 0xCEE2EC2E, 0xC9E1E829, - 0x4D515C1D, 0x84909414, 0x08101818, 0xC8F0F838, 0x47535417, 0x8EA2AC2E, - 0x08000808, 0xC5C1C405, 0x03131013, 0xCDC1CC0D, 0x86828406, 0x89B1B839, - 0xCFF3FC3F, 0x4D717C3D, 0xC1C1C001, 0x01313031, 0xC5F1F435, 0x8A82880A, - 0x4A62682A, 0x81B1B031, 0xC1D1D011, 0x00202020, 0xC7D3D417, 0x02020002, - 0x02222022, 0x04000404, 0x48606828, 0x41717031, 0x07030407, 0xCBD3D81B, - 0x8D919C1D, 0x89919819, 0x41616021, 0x8EB2BC3E, 0xC6E2E426, 0x49515819, - 0xCDD1DC1D, 0x41515011, 0x80909010, 0xCCD0DC1C, 0x8A92981A, 0x83A3A023, - 0x8BA3A82B, 0xC0D0D010, 0x81818001, 0x0F030C0F, 0x47434407, 0x0A12181A, - 0xC3E3E023, 0xCCE0EC2C, 0x8D818C0D, 0x8FB3BC3F, 0x86929416, 0x4B73783B, - 0x4C505C1C, 0x82A2A022, 0x81A1A021, 0x43636023, 0x03232023, 0x4D414C0D, - 0xC8C0C808, 0x8E929C1E, 0x8C909C1C, 0x0A32383A, 0x0C000C0C, 0x0E222C2E, - 0x8AB2B83A, 0x4E626C2E, 0x8F939C1F, 0x4A52581A, 0xC2F2F032, 0x82929012, - 0xC3F3F033, 0x49414809, 0x48707838, 0xCCC0CC0C, 0x05111415, 0xCBF3F83B, - 0x40707030, 0x45717435, 0x4F737C3F, 0x05313435, 0x00101010, 0x03030003, - 0x44606424, 0x4D616C2D, 0xC6C2C406, 0x44707434, 0xC5D1D415, 0x84B0B434, - 0xCAE2E82A, 0x09010809, 0x46727436, 0x09111819, 0xCEF2FC3E, 0x40404000, - 0x02121012, 0xC0E0E020, 0x8DB1BC3D, 0x05010405, 0xCAF2F83A, 0x01010001, - 0xC0F0F030, 0x0A22282A, 0x4E525C1E, 0x89A1A829, 0x46525416, 0x43434003, - 0x85818405, 0x04101414, 0x89818809, 0x8B93981B, 0x80B0B030, 0xC5E1E425, - 0x48404808, 0x49717839, 0x87939417, 0xCCF0FC3C, 0x0E121C1E, 0x82828002, - 0x01212021, 0x8C808C0C, 0x0B13181B, 0x4F535C1F, 0x47737437, 0x44505414, - 0x82B2B032, 0x0D111C1D, 0x05212425, 0x4F434C0F, 0x00000000, 0x46424406, - 0xCDE1EC2D, 0x48505818, 0x42525012, 0xCBE3E82B, 0x4E727C3E, 0xCAD2D81A, - 0xC9C1C809, 0xCDF1FC3D, 0x00303030, 0x85919415, 0x45616425, 0x0C303C3C, - 0x86B2B436, 0xC4E0E424, 0x8BB3B83B, 0x4C707C3C, 0x0E020C0E, 0x40505010, - 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013, - 0x07333437, 0xC7E3E427, 0x04202424, 0x84A0A424, 0xCBC3C80B, 0x43535013, - 0x0A02080A, 0x87838407, 0xC9D1D819, 0x4C404C0C, 0x83838003, 0x8F838C0F, - 0xCEC2CC0E, 0x0B33383B, 0x4A42480A, 0x87B3B437 }; - -} diff --git a/src/block/serpent/info.txt b/src/block/serpent/info.txt deleted file mode 100644 index aa29c567f..000000000 --- a/src/block/serpent/info.txt +++ /dev/null @@ -1,13 +0,0 @@ -define SERPENT 20131128 - -<header:public> -serpent.h -</header:public> - -<header:internal> -serpent_sbox.h -</header:internal> - -<source> -serpent.cpp -</source> diff --git a/src/block/serpent/serpent.cpp b/src/block/serpent/serpent.cpp deleted file mode 100644 index 7b75d6b84..000000000 --- a/src/block/serpent/serpent.cpp +++ /dev/null @@ -1,205 +0,0 @@ -/* -* Serpent -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/serpent.h> -#include <botan/internal/serpent_sbox.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -namespace { - -/* -* Serpent's Linear Transformation -*/ -inline void transform(u32bit& B0, u32bit& B1, u32bit& B2, u32bit& B3) - { - B0 = rotate_left(B0, 13); B2 = rotate_left(B2, 3); - B1 ^= B0 ^ B2; B3 ^= B2 ^ (B0 << 3); - B1 = rotate_left(B1, 1); B3 = rotate_left(B3, 7); - B0 ^= B1 ^ B3; B2 ^= B3 ^ (B1 << 7); - B0 = rotate_left(B0, 5); B2 = rotate_left(B2, 22); - } - -/* -* Serpent's Inverse Linear Transformation -*/ -inline void i_transform(u32bit& B0, u32bit& B1, u32bit& B2, u32bit& B3) - { - B2 = rotate_right(B2, 22); B0 = rotate_right(B0, 5); - B2 ^= B3 ^ (B1 << 7); B0 ^= B1 ^ B3; - B3 = rotate_right(B3, 7); B1 = rotate_right(B1, 1); - B3 ^= B2 ^ (B0 << 3); B1 ^= B0 ^ B2; - B2 = rotate_right(B2, 3); B0 = rotate_right(B0, 13); - } - -} - -/* -* XOR a key block with a data block -*/ -#define key_xor(round, B0, B1, B2, B3) \ - B0 ^= round_key[4*round ]; \ - B1 ^= round_key[4*round+1]; \ - B2 ^= round_key[4*round+2]; \ - B3 ^= round_key[4*round+3]; - -/* -* Serpent Encryption -*/ -void Serpent::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0 = load_le<u32bit>(in, 0); - u32bit B1 = load_le<u32bit>(in, 1); - u32bit B2 = load_le<u32bit>(in, 2); - u32bit B3 = load_le<u32bit>(in, 3); - - key_xor( 0,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 1,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 2,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 3,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 4,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 5,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 6,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 7,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 8,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 9,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(10,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(11,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(12,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(13,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(14,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(15,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(16,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(17,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(18,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(19,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(20,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(21,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(22,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(23,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(24,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(25,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(26,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(27,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(28,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(29,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(30,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(31,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); key_xor(32,B0,B1,B2,B3); - - store_le(out, B0, B1, B2, B3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Serpent Decryption -*/ -void Serpent::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0 = load_le<u32bit>(in, 0); - u32bit B1 = load_le<u32bit>(in, 1); - u32bit B2 = load_le<u32bit>(in, 2); - u32bit B3 = load_le<u32bit>(in, 3); - - key_xor(32,B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(31,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(30,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(29,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(28,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(27,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(26,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(25,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(24,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(23,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(22,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(21,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(20,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(19,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(18,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(17,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(16,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(15,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(14,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(13,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(12,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(11,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(10,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 9,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 8,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor( 7,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor( 6,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor( 5,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor( 4,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor( 3,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor( 2,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 1,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 0,B0,B1,B2,B3); - - store_le(out, B0, B1, B2, B3); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -#undef key_xor -#undef transform -#undef i_transform - -/* -* Serpent Key Schedule -*/ -void Serpent::key_schedule(const byte key[], size_t length) - { - const u32bit PHI = 0x9E3779B9; - - secure_vector<u32bit> W(140); - for(size_t i = 0; i != length / 4; ++i) - W[i] = load_le<u32bit>(key, i); - - W[length / 4] |= u32bit(1) << ((length%4)*8); - - for(size_t i = 8; i != 140; ++i) - { - u32bit wi = W[i-8] ^ W[i-5] ^ W[i-3] ^ W[i-1] ^ PHI ^ u32bit(i-8); - W[i] = rotate_left(wi, 11); - } - - SBoxE4(W[ 8],W[ 9],W[ 10],W[ 11]); SBoxE3(W[ 12],W[ 13],W[ 14],W[ 15]); - SBoxE2(W[ 16],W[ 17],W[ 18],W[ 19]); SBoxE1(W[ 20],W[ 21],W[ 22],W[ 23]); - SBoxE8(W[ 24],W[ 25],W[ 26],W[ 27]); SBoxE7(W[ 28],W[ 29],W[ 30],W[ 31]); - SBoxE6(W[ 32],W[ 33],W[ 34],W[ 35]); SBoxE5(W[ 36],W[ 37],W[ 38],W[ 39]); - SBoxE4(W[ 40],W[ 41],W[ 42],W[ 43]); SBoxE3(W[ 44],W[ 45],W[ 46],W[ 47]); - SBoxE2(W[ 48],W[ 49],W[ 50],W[ 51]); SBoxE1(W[ 52],W[ 53],W[ 54],W[ 55]); - SBoxE8(W[ 56],W[ 57],W[ 58],W[ 59]); SBoxE7(W[ 60],W[ 61],W[ 62],W[ 63]); - SBoxE6(W[ 64],W[ 65],W[ 66],W[ 67]); SBoxE5(W[ 68],W[ 69],W[ 70],W[ 71]); - SBoxE4(W[ 72],W[ 73],W[ 74],W[ 75]); SBoxE3(W[ 76],W[ 77],W[ 78],W[ 79]); - SBoxE2(W[ 80],W[ 81],W[ 82],W[ 83]); SBoxE1(W[ 84],W[ 85],W[ 86],W[ 87]); - SBoxE8(W[ 88],W[ 89],W[ 90],W[ 91]); SBoxE7(W[ 92],W[ 93],W[ 94],W[ 95]); - SBoxE6(W[ 96],W[ 97],W[ 98],W[ 99]); SBoxE5(W[100],W[101],W[102],W[103]); - SBoxE4(W[104],W[105],W[106],W[107]); SBoxE3(W[108],W[109],W[110],W[111]); - SBoxE2(W[112],W[113],W[114],W[115]); SBoxE1(W[116],W[117],W[118],W[119]); - SBoxE8(W[120],W[121],W[122],W[123]); SBoxE7(W[124],W[125],W[126],W[127]); - SBoxE6(W[128],W[129],W[130],W[131]); SBoxE5(W[132],W[133],W[134],W[135]); - SBoxE4(W[136],W[137],W[138],W[139]); - - round_key.assign(&W[8], &W[140]); - } - -void Serpent::clear() - { - zap(round_key); - } - -} diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h deleted file mode 100644 index dc539c9f3..000000000 --- a/src/block/serpent/serpent.h +++ /dev/null @@ -1,51 +0,0 @@ -/* -* Serpent -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SERPENT_H__ -#define BOTAN_SERPENT_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Serpent, an AES finalist -*/ -class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Serpent"; } - BlockCipher* clone() const { return new Serpent; } - protected: - /** - * For use by subclasses using SIMD, asm, etc - * @return const reference to the key schedule - */ - const secure_vector<u32bit>& get_round_keys() const - { return round_key; } - - /** - * For use by subclasses that implement the key schedule - * @param ks is the new key schedule value to set - */ - void set_round_keys(const u32bit ks[132]) - { - round_key.assign(&ks[0], &ks[132]); - } - - private: - void key_schedule(const byte key[], size_t length); - secure_vector<u32bit> round_key; - }; - -} - -#endif diff --git a/src/block/serpent/serpent_sbox.h b/src/block/serpent/serpent_sbox.h deleted file mode 100644 index fb396120e..000000000 --- a/src/block/serpent/serpent_sbox.h +++ /dev/null @@ -1,428 +0,0 @@ -/* -* Serpent SBox Expressions -* (C) 1999-2007,2013 Jack Lloyd -* -* The sbox expressions used here were discovered by Dag Arne Osvik and -* are described in his paper "Speeding Up Serpent". -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SERPENT_SBOX_H__ -#define BOTAN_SERPENT_SBOX_H__ - -#define SBoxE1(B0, B1, B2, B3) \ - do { \ - B3 ^= B0; \ - auto B4 = B1; \ - B1 &= B3; \ - B4 ^= B2; \ - B1 ^= B0; \ - B0 |= B3; \ - B0 ^= B4; \ - B4 ^= B3; \ - B3 ^= B2; \ - B2 |= B1; \ - B2 ^= B4; \ - B4 = ~B4; \ - B4 |= B1; \ - B1 ^= B3; \ - B1 ^= B4; \ - B3 |= B0; \ - B1 ^= B3; \ - B4 ^= B3; \ - B3 = B0; \ - B0 = B1; \ - B1 = B4; \ - } while(0); - -#define SBoxE2(B0, B1, B2, B3) \ - do { \ - B0 = ~B0; \ - B2 = ~B2; \ - auto B4 = B0; \ - B0 &= B1; \ - B2 ^= B0; \ - B0 |= B3; \ - B3 ^= B2; \ - B1 ^= B0; \ - B0 ^= B4; \ - B4 |= B1; \ - B1 ^= B3; \ - B2 |= B0; \ - B2 &= B4; \ - B0 ^= B1; \ - B1 &= B2; \ - B1 ^= B0; \ - B0 &= B2; \ - B4 ^= B0; \ - B0 = B2; \ - B2 = B3; \ - B3 = B1; \ - B1 = B4; \ - } while(0); - -#define SBoxE3(B0, B1, B2, B3) \ - do { \ - auto B4 = B0; \ - B0 &= B2; \ - B0 ^= B3; \ - B2 ^= B1; \ - B2 ^= B0; \ - B3 |= B4; \ - B3 ^= B1; \ - B4 ^= B2; \ - B1 = B3; \ - B3 |= B4; \ - B3 ^= B0; \ - B0 &= B1; \ - B4 ^= B0; \ - B1 ^= B3; \ - B1 ^= B4; \ - B0 = B2; \ - B2 = B1; \ - B1 = B3; \ - B3 = ~B4; \ - } while(0); - -#define SBoxE4(B0, B1, B2, B3) \ - do { \ - auto B4 = B0; \ - B0 |= B3; \ - B3 ^= B1; \ - B1 &= B4; \ - B4 ^= B2; \ - B2 ^= B3; \ - B3 &= B0; \ - B4 |= B1; \ - B3 ^= B4; \ - B0 ^= B1; \ - B4 &= B0; \ - B1 ^= B3; \ - B4 ^= B2; \ - B1 |= B0; \ - B1 ^= B2; \ - B0 ^= B3; \ - B2 = B1; \ - B1 |= B3; \ - B0 ^= B1; \ - B1 = B2; \ - B2 = B3; \ - B3 = B4; \ - } while(0); - -#define SBoxE5(B0, B1, B2, B3) \ - do { \ - B1 ^= B3; \ - B3 = ~B3; \ - B2 ^= B3; \ - B3 ^= B0; \ - auto B4 = B1; \ - B1 &= B3; \ - B1 ^= B2; \ - B4 ^= B3; \ - B0 ^= B4; \ - B2 &= B4; \ - B2 ^= B0; \ - B0 &= B1; \ - B3 ^= B0; \ - B4 |= B1; \ - B4 ^= B0; \ - B0 |= B3; \ - B0 ^= B2; \ - B2 &= B3; \ - B0 = ~B0; \ - B4 ^= B2; \ - B2 = B0; \ - B0 = B1; \ - B1 = B4; \ - } while(0); - -#define SBoxE6(B0, B1, B2, B3) \ - do { \ - B0 ^= B1; \ - B1 ^= B3; \ - B3 = ~B3; \ - auto B4 = B1; \ - B1 &= B0; \ - B2 ^= B3; \ - B1 ^= B2; \ - B2 |= B4; \ - B4 ^= B3; \ - B3 &= B1; \ - B3 ^= B0; \ - B4 ^= B1; \ - B4 ^= B2; \ - B2 ^= B0; \ - B0 &= B3; \ - B2 = ~B2; \ - B0 ^= B4; \ - B4 |= B3; \ - B4 ^= B2; \ - B2 = B0; \ - B0 = B1; \ - B1 = B3; \ - B3 = B4; \ - } while(0); - -#define SBoxE7(B0, B1, B2, B3) \ - do { \ - B2 = ~B2; \ - auto B4 = B3; \ - B3 &= B0; \ - B0 ^= B4; \ - B3 ^= B2; \ - B2 |= B4; \ - B1 ^= B3; \ - B2 ^= B0; \ - B0 |= B1; \ - B2 ^= B1; \ - B4 ^= B0; \ - B0 |= B3; \ - B0 ^= B2; \ - B4 ^= B3; \ - B4 ^= B0; \ - B3 = ~B3; \ - B2 &= B4; \ - B3 ^= B2; \ - B2 = B4; \ - } while(0); - -#define SBoxE8(B0, B1, B2, B3) \ - do { \ - auto B4 = B1; \ - B1 |= B2; \ - B1 ^= B3; \ - B4 ^= B2; \ - B2 ^= B1; \ - B3 |= B4; \ - B3 &= B0; \ - B4 ^= B2; \ - B3 ^= B1; \ - B1 |= B4; \ - B1 ^= B0; \ - B0 |= B4; \ - B0 ^= B2; \ - B1 ^= B4; \ - B2 ^= B1; \ - B1 &= B0; \ - B1 ^= B4; \ - B2 = ~B2; \ - B2 |= B0; \ - B4 ^= B2; \ - B2 = B1; \ - B1 = B3; \ - B3 = B0; \ - B0 = B4; \ - } while(0); - -#define SBoxD1(B0, B1, B2, B3) \ - do { \ - B2 = ~B2; \ - auto B4 = B1; \ - B1 |= B0; \ - B4 = ~B4; \ - B1 ^= B2; \ - B2 |= B4; \ - B1 ^= B3; \ - B0 ^= B4; \ - B2 ^= B0; \ - B0 &= B3; \ - B4 ^= B0; \ - B0 |= B1; \ - B0 ^= B2; \ - B3 ^= B4; \ - B2 ^= B1; \ - B3 ^= B0; \ - B3 ^= B1; \ - B2 &= B3; \ - B4 ^= B2; \ - B2 = B1; \ - B1 = B4; \ - } while(0); - -#define SBoxD2(B0, B1, B2, B3) \ - do { \ - auto B4 = B1; \ - B1 ^= B3; \ - B3 &= B1; \ - B4 ^= B2; \ - B3 ^= B0; \ - B0 |= B1; \ - B2 ^= B3; \ - B0 ^= B4; \ - B0 |= B2; \ - B1 ^= B3; \ - B0 ^= B1; \ - B1 |= B3; \ - B1 ^= B0; \ - B4 = ~B4; \ - B4 ^= B1; \ - B1 |= B0; \ - B1 ^= B0; \ - B1 |= B4; \ - B3 ^= B1; \ - B1 = B0; \ - B0 = B4; \ - B4 = B2; \ - B2 = B3; \ - B3 = B4; \ - } while(0); - -#define SBoxD3(B0, B1, B2, B3) \ - do { \ - B2 ^= B3; \ - B3 ^= B0; \ - auto B4 = B3; \ - B3 &= B2; \ - B3 ^= B1; \ - B1 |= B2; \ - B1 ^= B4; \ - B4 &= B3; \ - B2 ^= B3; \ - B4 &= B0; \ - B4 ^= B2; \ - B2 &= B1; \ - B2 |= B0; \ - B3 = ~B3; \ - B2 ^= B3; \ - B0 ^= B3; \ - B0 &= B1; \ - B3 ^= B4; \ - B3 ^= B0; \ - B0 = B1; \ - B1 = B4; \ - } while(0); - -#define SBoxD4(B0, B1, B2, B3) \ - do { \ - auto B4 = B2; \ - B2 ^= B1; \ - B0 ^= B2; \ - B4 &= B2; \ - B4 ^= B0; \ - B0 &= B1; \ - B1 ^= B3; \ - B3 |= B4; \ - B2 ^= B3; \ - B0 ^= B3; \ - B1 ^= B4; \ - B3 &= B2; \ - B3 ^= B1; \ - B1 ^= B0; \ - B1 |= B2; \ - B0 ^= B3; \ - B1 ^= B4; \ - B0 ^= B1; \ - B4 = B0; \ - B0 = B2; \ - B2 = B3; \ - B3 = B4; \ - } while(0); - -#define SBoxD5(B0, B1, B2, B3) \ - do { \ - auto B4 = B2; \ - B2 &= B3; \ - B2 ^= B1; \ - B1 |= B3; \ - B1 &= B0; \ - B4 ^= B2; \ - B4 ^= B1; \ - B1 &= B2; \ - B0 = ~B0; \ - B3 ^= B4; \ - B1 ^= B3; \ - B3 &= B0; \ - B3 ^= B2; \ - B0 ^= B1; \ - B2 &= B0; \ - B3 ^= B0; \ - B2 ^= B4; \ - B2 |= B3; \ - B3 ^= B0; \ - B2 ^= B1; \ - B1 = B3; \ - B3 = B4; \ - } while(0); - -#define SBoxD6(B0, B1, B2, B3) \ - do { \ - B1 = ~B1; \ - auto B4 = B3; \ - B2 ^= B1; \ - B3 |= B0; \ - B3 ^= B2; \ - B2 |= B1; \ - B2 &= B0; \ - B4 ^= B3; \ - B2 ^= B4; \ - B4 |= B0; \ - B4 ^= B1; \ - B1 &= B2; \ - B1 ^= B3; \ - B4 ^= B2; \ - B3 &= B4; \ - B4 ^= B1; \ - B3 ^= B4; \ - B4 = ~B4; \ - B3 ^= B0; \ - B0 = B1; \ - B1 = B4; \ - B4 = B3; \ - B3 = B2; \ - B2 = B4; \ - } while(0); - -#define SBoxD7(B0, B1, B2, B3) \ - do { \ - B0 ^= B2; \ - auto B4 = B2; \ - B2 &= B0; \ - B4 ^= B3; \ - B2 = ~B2; \ - B3 ^= B1; \ - B2 ^= B3; \ - B4 |= B0; \ - B0 ^= B2; \ - B3 ^= B4; \ - B4 ^= B1; \ - B1 &= B3; \ - B1 ^= B0; \ - B0 ^= B3; \ - B0 |= B2; \ - B3 ^= B1; \ - B4 ^= B0; \ - B0 = B1; \ - B1 = B2; \ - B2 = B4; \ - } while(0); - -#define SBoxD8(B0, B1, B2, B3) \ - do { \ - auto B4 = B2; \ - B2 ^= B0; \ - B0 &= B3; \ - B4 |= B3; \ - B2 = ~B2; \ - B3 ^= B1; \ - B1 |= B0; \ - B0 ^= B2; \ - B2 &= B4; \ - B3 &= B4; \ - B1 ^= B2; \ - B2 ^= B0; \ - B0 |= B2; \ - B4 ^= B1; \ - B0 ^= B3; \ - B3 ^= B4; \ - B4 |= B0; \ - B3 ^= B2; \ - B4 ^= B2; \ - B2 = B1; \ - B1 = B0; \ - B0 = B3; \ - B3 = B4; \ - } while(0); - -#endif diff --git a/src/block/serpent_simd/info.txt b/src/block/serpent_simd/info.txt deleted file mode 100644 index f33548823..000000000 --- a/src/block/serpent_simd/info.txt +++ /dev/null @@ -1,15 +0,0 @@ -define SERPENT_SIMD 20131128 - -<requires> -serpent -simd -simd_engine -</requires> - -<source> -serp_simd.cpp -</source> - -<header:public> -serp_simd.h -</header:public> diff --git a/src/block/serpent_simd/serp_simd.cpp b/src/block/serpent_simd/serp_simd.cpp deleted file mode 100644 index bedf20122..000000000 --- a/src/block/serpent_simd/serp_simd.cpp +++ /dev/null @@ -1,216 +0,0 @@ -/* -* Serpent (SIMD) -* (C) 2009,2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/serp_simd.h> -#include <botan/internal/serpent_sbox.h> -#include <botan/internal/simd_32.h> -#include <botan/loadstor.h> - -namespace Botan { - -namespace { - -#define key_xor(round, B0, B1, B2, B3) \ - do { \ - B0 ^= SIMD_32(keys[4*round ]); \ - B1 ^= SIMD_32(keys[4*round+1]); \ - B2 ^= SIMD_32(keys[4*round+2]); \ - B3 ^= SIMD_32(keys[4*round+3]); \ - } while(0); - -/* -* Serpent's linear transformations -*/ -#define transform(B0, B1, B2, B3) \ - do { \ - B0.rotate_left(13); \ - B2.rotate_left(3); \ - B1 ^= B0 ^ B2; \ - B3 ^= B2 ^ (B0 << 3); \ - B1.rotate_left(1); \ - B3.rotate_left(7); \ - B0 ^= B1 ^ B3; \ - B2 ^= B3 ^ (B1 << 7); \ - B0.rotate_left(5); \ - B2.rotate_left(22); \ - } while(0); - -#define i_transform(B0, B1, B2, B3) \ - do { \ - B2.rotate_right(22); \ - B0.rotate_right(5); \ - B2 ^= B3 ^ (B1 << 7); \ - B0 ^= B1 ^ B3; \ - B3.rotate_right(7); \ - B1.rotate_right(1); \ - B3 ^= B2 ^ (B0 << 3); \ - B1 ^= B0 ^ B2; \ - B2.rotate_right(3); \ - B0.rotate_right(13); \ - } while(0); - -/* -* SIMD Serpent Encryption of 4 blocks in parallel -*/ -void serpent_encrypt_4(const byte in[64], - byte out[64], - const u32bit keys[132]) - { - SIMD_32 B0 = SIMD_32::load_le(in); - SIMD_32 B1 = SIMD_32::load_le(in + 16); - SIMD_32 B2 = SIMD_32::load_le(in + 32); - SIMD_32 B3 = SIMD_32::load_le(in + 48); - - SIMD_32::transpose(B0, B1, B2, B3); - - key_xor( 0,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 1,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 2,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 3,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 4,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 5,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 6,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 7,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - - key_xor( 8,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor( 9,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(10,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(11,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(12,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(13,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(14,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(15,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - - key_xor(16,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(17,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(18,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(19,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(20,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(21,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(22,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(23,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3); - - key_xor(24,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(25,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(26,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(27,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(28,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(29,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(30,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3); - key_xor(31,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); key_xor(32,B0,B1,B2,B3); - - SIMD_32::transpose(B0, B1, B2, B3); - - B0.store_le(out); - B1.store_le(out + 16); - B2.store_le(out + 32); - B3.store_le(out + 48); - } - -/* -* SIMD Serpent Decryption of 4 blocks in parallel -*/ -void serpent_decrypt_4(const byte in[64], - byte out[64], - const u32bit keys[132]) - { - SIMD_32 B0 = SIMD_32::load_le(in); - SIMD_32 B1 = SIMD_32::load_le(in + 16); - SIMD_32 B2 = SIMD_32::load_le(in + 32); - SIMD_32 B3 = SIMD_32::load_le(in + 48); - - SIMD_32::transpose(B0, B1, B2, B3); - - key_xor(32,B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(31,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(30,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(29,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(28,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(27,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(26,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(25,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(24,B0,B1,B2,B3); - - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(23,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(22,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(21,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(20,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(19,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(18,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(17,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(16,B0,B1,B2,B3); - - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(15,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(14,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(13,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(12,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(11,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(10,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 9,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 8,B0,B1,B2,B3); - - i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor( 7,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor( 6,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor( 5,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor( 4,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor( 3,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor( 2,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 1,B0,B1,B2,B3); - i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 0,B0,B1,B2,B3); - - SIMD_32::transpose(B0, B1, B2, B3); - - B0.store_le(out); - B1.store_le(out + 16); - B2.store_le(out + 32); - B3.store_le(out + 48); - } - -} - -#undef key_xor -#undef transform -#undef i_transform - -/* -* Serpent Encryption -*/ -void Serpent_SIMD::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* KS = &(this->get_round_keys()[0]); - - while(blocks >= 4) - { - serpent_encrypt_4(in, out, KS); - in += 4 * BLOCK_SIZE; - out += 4 * BLOCK_SIZE; - blocks -= 4; - } - - if(blocks) - Serpent::encrypt_n(in, out, blocks); - } - -/* -* Serpent Decryption -*/ -void Serpent_SIMD::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* KS = &(this->get_round_keys()[0]); - - while(blocks >= 4) - { - serpent_decrypt_4(in, out, KS); - in += 4 * BLOCK_SIZE; - out += 4 * BLOCK_SIZE; - blocks -= 4; - } - - if(blocks) - Serpent::decrypt_n(in, out, blocks); - } - -} diff --git a/src/block/serpent_simd/serp_simd.h b/src/block/serpent_simd/serp_simd.h deleted file mode 100644 index b3c0b06c8..000000000 --- a/src/block/serpent_simd/serp_simd.h +++ /dev/null @@ -1,31 +0,0 @@ -/* -* Serpent (SIMD) -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SERPENT_SIMD_H__ -#define BOTAN_SERPENT_SIMD_H__ - -#include <botan/serpent.h> - -namespace Botan { - -/** -* Serpent implementation using SIMD -*/ -class BOTAN_DLL Serpent_SIMD : public Serpent - { - public: - size_t parallelism() const { return 4; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - BlockCipher* clone() const { return new Serpent_SIMD; } - }; - -} - -#endif diff --git a/src/block/serpent_x86_32/info.txt b/src/block/serpent_x86_32/info.txt deleted file mode 100644 index 370213e87..000000000 --- a/src/block/serpent_x86_32/info.txt +++ /dev/null @@ -1,12 +0,0 @@ -define SERPENT_X86_32 20131128 - -load_on asm_ok - -<arch> -x86_32 -</arch> - -<requires> -asm_x86_32 -serpent -</requires> diff --git a/src/block/serpent_x86_32/serp_x86_32.cpp b/src/block/serpent_x86_32/serp_x86_32.cpp deleted file mode 100644 index afff5835c..000000000 --- a/src/block/serpent_x86_32/serp_x86_32.cpp +++ /dev/null @@ -1,88 +0,0 @@ -/* -* Serpent in x86-32 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/serp_x86_32.h> -#include <botan/loadstor.h> - -namespace Botan { - -extern "C" { - -/** -* Entry point for Serpent encryption in x86 asm -* @param in the input block -* @param out the output block -* @param ks the key schedule -*/ -void botan_serpent_x86_32_encrypt(const byte in[16], - byte out[16], - const u32bit ks[132]); - -/** -* Entry point for Serpent decryption in x86 asm -* @param in the input block -* @param out the output block -* @param ks the key schedule -*/ -void botan_serpent_x86_32_decrypt(const byte in[16], - byte out[16], - const u32bit ks[132]); - -/** -* Entry point for Serpent key schedule in x86 asm -* @param ks holds the initial working key (padded), and is set to the - final key schedule -*/ -void botan_serpent_x86_32_key_schedule(u32bit ks[140]); - -} - -/* -* Serpent Encryption -*/ -void Serpent_X86_32::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - auto keys = this->get_round_keys(); - - for(size_t i = 0; i != blocks; ++i) - { - botan_serpent_x86_32_encrypt(in, out, &keys[0]); - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Serpent Decryption -*/ -void Serpent_X86_32::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - auto keys = this->get_round_keys(); - - for(size_t i = 0; i != blocks; ++i) - { - botan_serpent_x86_32_decrypt(in, out, &keys[0]); - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Serpent Key Schedule -*/ -void Serpent_X86_32::key_schedule(const byte key[], size_t length) - { - secure_vector<u32bit> W(140); - for(size_t i = 0; i != length / 4; ++i) - W[i] = load_le<u32bit>(key, i); - W[length / 4] |= u32bit(1) << ((length%4)*8); - - botan_serpent_x86_32_key_schedule(&W[0]); - this->set_round_keys(&W[8]); - } - -} diff --git a/src/block/serpent_x86_32/serp_x86_32.h b/src/block/serpent_x86_32/serp_x86_32.h deleted file mode 100644 index f6c4d564a..000000000 --- a/src/block/serpent_x86_32/serp_x86_32.h +++ /dev/null @@ -1,31 +0,0 @@ -/* -* Serpent in x86-32 asm -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SERPENT_X86_32_H__ -#define BOTAN_SERPENT_X86_32_H__ - -#include <botan/serpent.h> - -namespace Botan { - -/** -* Serpent implementation in x86-32 assembly -*/ -class BOTAN_DLL Serpent_X86_32 : public Serpent - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - BlockCipher* clone() const { return new Serpent_X86_32; } - private: - void key_schedule(const byte[], size_t); - }; - -} - -#endif diff --git a/src/block/serpent_x86_32/serp_x86_32_imp.S b/src/block/serpent_x86_32/serp_x86_32_imp.S deleted file mode 100644 index e2549a099..000000000 --- a/src/block/serpent_x86_32/serp_x86_32_imp.S +++ /dev/null @@ -1,669 +0,0 @@ -/* -* Serpent in x86-32 assembler -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/asm_x86_32.h> - -START_LISTING(serp_x86_32.S) - -#define SBOX_E1(A, B, C, D, T) \ - XOR(D, A) ; \ - ASSIGN(T, B) ; \ - AND(B, D) ; \ - XOR(T, C) ; \ - XOR(B, A) ; \ - OR(A, D) ; \ - XOR(A, T) ; \ - XOR(T, D) ; \ - XOR(D, C) ; \ - OR(C, B) ; \ - XOR(C, T) ; \ - NOT(T) ; \ - OR(T, B) ; \ - XOR(B, D) ; \ - XOR(B, T) ; \ - OR(D, A) ; \ - XOR(B, D) ; \ - XOR(T, D) ; \ - ASSIGN(D, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, T) ; - -#define SBOX_E2(A, B, C, D, T) \ - NOT(A) ; \ - NOT(C) ; \ - ASSIGN(T, A) ; \ - AND(A, B) ; \ - XOR(C, A) ; \ - OR(A, D) ; \ - XOR(D, C) ; \ - XOR(B, A) ; \ - XOR(A, T) ; \ - OR(T, B) ; \ - XOR(B, D) ; \ - OR(C, A) ; \ - AND(C, T) ; \ - XOR(A, B) ; \ - AND(B, C) ; \ - XOR(B, A) ; \ - AND(A, C) ; \ - XOR(T, A) ; \ - ASSIGN(A, C) ; \ - ASSIGN(C, D) ; \ - ASSIGN(D, B) ; \ - ASSIGN(B, T) ; - -#define SBOX_E3(A, B, C, D, T) \ - ASSIGN(T, A) ; \ - AND(A, C) ; \ - XOR(A, D) ; \ - XOR(C, B) ; \ - XOR(C, A) ; \ - OR(D, T) ; \ - XOR(D, B) ; \ - XOR(T, C) ; \ - ASSIGN(B, D) ; \ - OR(D, T) ; \ - XOR(D, A) ; \ - AND(A, B) ; \ - XOR(T, A) ; \ - XOR(B, D) ; \ - XOR(B, T) ; \ - NOT(T) ; \ - ASSIGN(A, C) ; \ - ASSIGN(C, B) ; \ - ASSIGN(B, D) ; \ - ASSIGN(D, T) ; - -#define SBOX_E4(A, B, C, D, T) \ - ASSIGN(T, A) ; \ - OR(A, D) ; \ - XOR(D, B) ; \ - AND(B, T) ; \ - XOR(T, C) ; \ - XOR(C, D) ; \ - AND(D, A) ; \ - OR(T, B) ; \ - XOR(D, T) ; \ - XOR(A, B) ; \ - AND(T, A) ; \ - XOR(B, D) ; \ - XOR(T, C) ; \ - OR(B, A) ; \ - XOR(B, C) ; \ - XOR(A, D) ; \ - ASSIGN(C, B) ; \ - OR(B, D) ; \ - XOR(B, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, C) ; \ - ASSIGN(C, D) ; \ - ASSIGN(D, T) ; - -#define SBOX_E5(A, B, C, D, T) \ - XOR(B, D) ; \ - NOT(D) ; \ - XOR(C, D) ; \ - XOR(D, A) ; \ - ASSIGN(T, B) ; \ - AND(B, D) ; \ - XOR(B, C) ; \ - XOR(T, D) ; \ - XOR(A, T) ; \ - AND(C, T) ; \ - XOR(C, A) ; \ - AND(A, B) ; \ - XOR(D, A) ; \ - OR(T, B) ; \ - XOR(T, A) ; \ - OR(A, D) ; \ - XOR(A, C) ; \ - AND(C, D) ; \ - NOT(A) ; \ - XOR(T, C) ; \ - ASSIGN(C, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, T) ; - -#define SBOX_E6(A, B, C, D, T) \ - XOR(A, B) ; \ - XOR(B, D) ; \ - NOT(D) ; \ - ASSIGN(T, B) ; \ - AND(B, A) ; \ - XOR(C, D) ; \ - XOR(B, C) ; \ - OR(C, T) ; \ - XOR(T, D) ; \ - AND(D, B) ; \ - XOR(D, A) ; \ - XOR(T, B) ; \ - XOR(T, C) ; \ - XOR(C, A) ; \ - AND(A, D) ; \ - NOT(C) ; \ - XOR(A, T) ; \ - OR(T, D) ; \ - XOR(T, C) ; \ - ASSIGN(C, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, D) ; \ - ASSIGN(D, T) ; - -#define SBOX_E7(A, B, C, D, T) \ - NOT(C) ; \ - ASSIGN(T, D) ; \ - AND(D, A) ; \ - XOR(A, T) ; \ - XOR(D, C) ; \ - OR(C, T) ; \ - XOR(B, D) ; \ - XOR(C, A) ; \ - OR(A, B) ; \ - XOR(C, B) ; \ - XOR(T, A) ; \ - OR(A, D) ; \ - XOR(A, C) ; \ - XOR(T, D) ; \ - XOR(T, A) ; \ - NOT(D) ; \ - AND(C, T) ; \ - XOR(C, D) ; \ - ASSIGN(D, C) ; \ - ASSIGN(C, T) ; - -#define SBOX_E8(A, B, C, D, T) \ - ASSIGN(T, B) ; \ - OR(B, C) ; \ - XOR(B, D) ; \ - XOR(T, C) ; \ - XOR(C, B) ; \ - OR(D, T) ; \ - AND(D, A) ; \ - XOR(T, C) ; \ - XOR(D, B) ; \ - OR(B, T) ; \ - XOR(B, A) ; \ - OR(A, T) ; \ - XOR(A, C) ; \ - XOR(B, T) ; \ - XOR(C, B) ; \ - AND(B, A) ; \ - XOR(B, T) ; \ - NOT(C) ; \ - OR(C, A) ; \ - XOR(T, C) ; \ - ASSIGN(C, B) ; \ - ASSIGN(B, D) ; \ - ASSIGN(D, A) ; \ - ASSIGN(A, T) ; - -#define SBOX_D1(A, B, C, D, T) \ - NOT(C) ; \ - ASSIGN(T, B) ; \ - OR(B, A) ; \ - NOT(T) ; \ - XOR(B, C) ; \ - OR(C, T) ; \ - XOR(B, D) ; \ - XOR(A, T) ; \ - XOR(C, A) ; \ - AND(A, D) ; \ - XOR(T, A) ; \ - OR(A, B) ; \ - XOR(A, C) ; \ - XOR(D, T) ; \ - XOR(C, B) ; \ - XOR(D, A) ; \ - XOR(D, B) ; \ - AND(C, D) ; \ - XOR(T, C) ; \ - ASSIGN(C, B) ; \ - ASSIGN(B, T) ; - -#define SBOX_D2(A, B, C, D, T) \ - ASSIGN(T, B) ; \ - XOR(B, D) ; \ - AND(D, B) ; \ - XOR(T, C) ; \ - XOR(D, A) ; \ - OR(A, B) ; \ - XOR(C, D) ; \ - XOR(A, T) ; \ - OR(A, C) ; \ - XOR(B, D) ; \ - XOR(A, B) ; \ - OR(B, D) ; \ - XOR(B, A) ; \ - NOT(T) ; \ - XOR(T, B) ; \ - OR(B, A) ; \ - XOR(B, A) ; \ - OR(B, T) ; \ - XOR(D, B) ; \ - ASSIGN(B, A) ; \ - ASSIGN(A, T) ; \ - ASSIGN(T, D) ; \ - ASSIGN(D, C) ; \ - ASSIGN(C, T) ; - -#define SBOX_D3(A, B, C, D, T) \ - XOR(C, D) ; \ - XOR(D, A) ; \ - ASSIGN(T, D) ; \ - AND(D, C) ; \ - XOR(D, B) ; \ - OR(B, C) ; \ - XOR(B, T) ; \ - AND(T, D) ; \ - XOR(C, D) ; \ - AND(T, A) ; \ - XOR(T, C) ; \ - AND(C, B) ; \ - OR(C, A) ; \ - NOT(D) ; \ - XOR(C, D) ; \ - XOR(A, D) ; \ - AND(A, B) ; \ - XOR(D, T) ; \ - XOR(D, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, T) ; - -#define SBOX_D4(A, B, C, D, T) \ - ASSIGN(T, C) ; \ - XOR(C, B) ; \ - XOR(A, C) ; \ - AND(T, C) ; \ - XOR(T, A) ; \ - AND(A, B) ; \ - XOR(B, D) ; \ - OR(D, T) ; \ - XOR(C, D) ; \ - XOR(A, D) ; \ - XOR(B, T) ; \ - AND(D, C) ; \ - XOR(D, B) ; \ - XOR(B, A) ; \ - OR(B, C) ; \ - XOR(A, D) ; \ - XOR(B, T) ; \ - XOR(A, B) ; \ - ASSIGN(T, A) ; \ - ASSIGN(A, C) ; \ - ASSIGN(C, D) ; \ - ASSIGN(D, T) ; - -#define SBOX_D5(A, B, C, D, T) \ - ASSIGN(T, C) ; \ - AND(C, D) ; \ - XOR(C, B) ; \ - OR(B, D) ; \ - AND(B, A) ; \ - XOR(T, C) ; \ - XOR(T, B) ; \ - AND(B, C) ; \ - NOT(A) ; \ - XOR(D, T) ; \ - XOR(B, D) ; \ - AND(D, A) ; \ - XOR(D, C) ; \ - XOR(A, B) ; \ - AND(C, A) ; \ - XOR(D, A) ; \ - XOR(C, T) ; \ - OR(C, D) ; \ - XOR(D, A) ; \ - XOR(C, B) ; \ - ASSIGN(B, D) ; \ - ASSIGN(D, T) ; - -#define SBOX_D6(A, B, C, D, T) \ - NOT(B) ; \ - ASSIGN(T, D) ; \ - XOR(C, B) ; \ - OR(D, A) ; \ - XOR(D, C) ; \ - OR(C, B) ; \ - AND(C, A) ; \ - XOR(T, D) ; \ - XOR(C, T) ; \ - OR(T, A) ; \ - XOR(T, B) ; \ - AND(B, C) ; \ - XOR(B, D) ; \ - XOR(T, C) ; \ - AND(D, T) ; \ - XOR(T, B) ; \ - XOR(D, T) ; \ - NOT(T) ; \ - XOR(D, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, T) ; \ - ASSIGN(T, D) ; \ - ASSIGN(D, C) ; \ - ASSIGN(C, T) ; - -#define SBOX_D7(A, B, C, D, T) \ - XOR(A, C) ; \ - ASSIGN(T, C) ; \ - AND(C, A) ; \ - XOR(T, D) ; \ - NOT(C) ; \ - XOR(D, B) ; \ - XOR(C, D) ; \ - OR(T, A) ; \ - XOR(A, C) ; \ - XOR(D, T) ; \ - XOR(T, B) ; \ - AND(B, D) ; \ - XOR(B, A) ; \ - XOR(A, D) ; \ - OR(A, C) ; \ - XOR(D, B) ; \ - XOR(T, A) ; \ - ASSIGN(A, B) ; \ - ASSIGN(B, C) ; \ - ASSIGN(C, T) ; - -#define SBOX_D8(A, B, C, D, T) \ - ASSIGN(T, C) ; \ - XOR(C, A) ; \ - AND(A, D) ; \ - OR(T, D) ; \ - NOT(C) ; \ - XOR(D, B) ; \ - OR(B, A) ; \ - XOR(A, C) ; \ - AND(C, T) ; \ - AND(D, T) ; \ - XOR(B, C) ; \ - XOR(C, A) ; \ - OR(A, C) ; \ - XOR(T, B) ; \ - XOR(A, D) ; \ - XOR(D, T) ; \ - OR(T, A) ; \ - XOR(D, C) ; \ - XOR(T, C) ; \ - ASSIGN(C, B) ; \ - ASSIGN(B, A) ; \ - ASSIGN(A, D) ; \ - ASSIGN(D, T) ; - -#define TRANSFORM(A, B, C, D, T) \ - ROTL_IMM(A, 13) ; \ - ROTL_IMM(C, 3) ; \ - SHL2_3(T, A) ; \ - XOR(B, A) ; \ - XOR(D, C) ; \ - XOR(B, C) ; \ - XOR(D, T) ; \ - ROTL_IMM(B, 1) ; \ - ROTL_IMM(D, 7) ; \ - ASSIGN(T, B) ; \ - SHL_IMM(T, 7) ; \ - XOR(A, B) ; \ - XOR(C, D) ; \ - XOR(A, D) ; \ - XOR(C, T) ; \ - ROTL_IMM(A, 5) ; \ - ROTL_IMM(C, 22) ; - -#define I_TRANSFORM(A, B, C, D, T) \ - ROTR_IMM(C, 22) ; \ - ROTR_IMM(A, 5) ; \ - ASSIGN(T, B) ; \ - SHL_IMM(T, 7) ; \ - XOR(A, B) ; \ - XOR(C, D) ; \ - XOR(A, D) ; \ - XOR(C, T) ; \ - ROTR_IMM(D, 7) ; \ - ROTR_IMM(B, 1) ; \ - SHL2_3(T, A) ; \ - XOR(B, C) ; \ - XOR(D, C) ; \ - XOR(B, A) ; \ - XOR(D, T) ; \ - ROTR_IMM(C, 3) ; \ - ROTR_IMM(A, 13) ; - -#define KEY_XOR(A, B, C, D, N) \ - XOR(A, ARRAY4(EDI, (4*N ))) ; \ - XOR(B, ARRAY4(EDI, (4*N+1))) ; \ - XOR(C, ARRAY4(EDI, (4*N+2))) ; \ - XOR(D, ARRAY4(EDI, (4*N+3))) ; - -/* -* Serpent Encryption -*/ -START_FUNCTION(botan_serpent_x86_32_encrypt) - SPILL_REGS() -#define PUSHED 4 - - ASSIGN(EBP, ARG(1)) /* input block */ - ASSIGN(EAX, ARRAY4(EBP, 0)) - ASSIGN(EBX, ARRAY4(EBP, 1)) - ASSIGN(ECX, ARRAY4(EBP, 2)) - ASSIGN(EDX, ARRAY4(EBP, 3)) - - ASSIGN(EDI, ARG(3)) /* round keys */ - ZEROIZE(EBP) - -#define E_ROUND(A, B, C, D, T, N, SBOX) \ - KEY_XOR(A, B, C, D, N) \ - SBOX(A, B, C, D, T) \ - TRANSFORM(A, B, C, D, T) - - - E_ROUND(EAX, EBX, ECX, EDX, EBP, 0, SBOX_E1) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 1, SBOX_E2) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 2, SBOX_E3) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 3, SBOX_E4) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 4, SBOX_E5) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 5, SBOX_E6) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 6, SBOX_E7) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 7, SBOX_E8) - - E_ROUND(EAX, EBX, ECX, EDX, EBP, 8, SBOX_E1) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 9, SBOX_E2) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 10, SBOX_E3) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 11, SBOX_E4) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 12, SBOX_E5) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 13, SBOX_E6) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 14, SBOX_E7) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 15, SBOX_E8) - - E_ROUND(EAX, EBX, ECX, EDX, EBP, 16, SBOX_E1) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 17, SBOX_E2) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 18, SBOX_E3) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 19, SBOX_E4) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 20, SBOX_E5) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 21, SBOX_E6) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 22, SBOX_E7) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 23, SBOX_E8) - - E_ROUND(EAX, EBX, ECX, EDX, EBP, 24, SBOX_E1) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 25, SBOX_E2) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 26, SBOX_E3) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 27, SBOX_E4) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 28, SBOX_E5) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 29, SBOX_E6) - E_ROUND(EAX, EBX, ECX, EDX, EBP, 30, SBOX_E7) - - KEY_XOR(EAX, EBX, ECX, EDX, 31) - SBOX_E8(EAX, EBX, ECX, EDX, EBP) - KEY_XOR(EAX, EBX, ECX, EDX, 32) - - ASSIGN(EBP, ARG(2)) /* output block */ - ASSIGN(ARRAY4(EBP, 0), EAX) - ASSIGN(ARRAY4(EBP, 1), EBX) - ASSIGN(ARRAY4(EBP, 2), ECX) - ASSIGN(ARRAY4(EBP, 3), EDX) - - RESTORE_REGS() -#undef PUSHED -END_FUNCTION(botan_serpent_x86_32_encrypt) - -/* -* Serpent Decryption -*/ -START_FUNCTION(botan_serpent_x86_32_decrypt) - SPILL_REGS() -#define PUSHED 4 - - ASSIGN(EBP, ARG(1)) /* input block */ - ASSIGN(EAX, ARRAY4(EBP, 0)) - ASSIGN(EBX, ARRAY4(EBP, 1)) - ASSIGN(ECX, ARRAY4(EBP, 2)) - ASSIGN(EDX, ARRAY4(EBP, 3)) - - ASSIGN(EDI, ARG(3)) /* round keys */ - - ZEROIZE(EBP) - -#define D_ROUND(A, B, C, D, T, N, SBOX) \ - I_TRANSFORM(A, B, C, D, T) \ - SBOX(A, B, C, D, T) \ - KEY_XOR(A, B, C, D, N) \ - - KEY_XOR(EAX, EBX, ECX, EDX, 32) - SBOX_D8(EAX, EBX, ECX, EDX, EBP) - KEY_XOR(EAX, EBX, ECX, EDX, 31) - - D_ROUND(EAX, EBX, ECX, EDX, EBP, 30, SBOX_D7) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 29, SBOX_D6) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 28, SBOX_D5) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 27, SBOX_D4) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 26, SBOX_D3) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 25, SBOX_D2) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 24, SBOX_D1) - - D_ROUND(EAX, EBX, ECX, EDX, EBP, 23, SBOX_D8) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 22, SBOX_D7) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 21, SBOX_D6) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 20, SBOX_D5) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 19, SBOX_D4) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 18, SBOX_D3) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 17, SBOX_D2) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 16, SBOX_D1) - - D_ROUND(EAX, EBX, ECX, EDX, EBP, 15, SBOX_D8) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 14, SBOX_D7) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 13, SBOX_D6) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 12, SBOX_D5) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 11, SBOX_D4) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 10, SBOX_D3) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 9, SBOX_D2) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 8, SBOX_D1) - - D_ROUND(EAX, EBX, ECX, EDX, EBP, 7, SBOX_D8) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 6, SBOX_D7) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 5, SBOX_D6) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 4, SBOX_D5) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 3, SBOX_D4) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 2, SBOX_D3) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 1, SBOX_D2) - D_ROUND(EAX, EBX, ECX, EDX, EBP, 0, SBOX_D1) - - ASSIGN(EBP, ARG(2)) /* output block */ - ASSIGN(ARRAY4(EBP, 0), EAX) - ASSIGN(ARRAY4(EBP, 1), EBX) - ASSIGN(ARRAY4(EBP, 2), ECX) - ASSIGN(ARRAY4(EBP, 3), EDX) - - RESTORE_REGS() -#undef PUSHED -END_FUNCTION(botan_serpent_x86_32_decrypt) - -/* -* Serpent Key Schedule -*/ -START_FUNCTION(botan_serpent_x86_32_key_schedule) - SPILL_REGS() -#define PUSHED 4 - - ASSIGN(EDI, ARG(1)) /* round keys */ - ASSIGN(ESI, IMM(8)) - ADD_IMM(EDI, 32) - -START_LOOP(.L_SERP_EXPANSION) - ASSIGN(EAX, ARRAY4(EDI, -1)) - ASSIGN(EBX, ARRAY4(EDI, -3)) - ASSIGN(ECX, ARRAY4(EDI, -5)) - ASSIGN(EDX, ARRAY4(EDI, -8)) - - ASSIGN(EBP, ESI) - SUB_IMM(EBP, 8) - XOR(EBP, IMM(0x9E3779B9)) - XOR(EAX, EBX) - XOR(ECX, EDX) - XOR(EAX, EBP) - XOR(EAX, ECX) - - ROTL_IMM(EAX, 11) - - ASSIGN(ARRAY4(EDI, 0), EAX) - - ADD_IMM(ESI, 1) - ADD_IMM(EDI, 4) -LOOP_UNTIL_EQ(ESI, 140, .L_SERP_EXPANSION) - - ASSIGN(EDI, ARG(1)) /* round keys */ - -#define LOAD_AND_SBOX(MSG, SBOX) \ - ASSIGN(EAX, ARRAY4(EDI, (4*MSG+ 8))) ; \ - ASSIGN(EBX, ARRAY4(EDI, (4*MSG+ 9))) ; \ - ASSIGN(ECX, ARRAY4(EDI, (4*MSG+10))) ; \ - ASSIGN(EDX, ARRAY4(EDI, (4*MSG+11))) ; \ - SBOX(EAX, EBX, ECX, EDX, EBP) ; \ - ASSIGN(ARRAY4(EDI, (4*MSG+ 8)), EAX) ; \ - ASSIGN(ARRAY4(EDI, (4*MSG+ 9)), EBX) ; \ - ASSIGN(ARRAY4(EDI, (4*MSG+10)), ECX) ; \ - ASSIGN(ARRAY4(EDI, (4*MSG+11)), EDX) - - LOAD_AND_SBOX( 0, SBOX_E4) - LOAD_AND_SBOX( 1, SBOX_E3) - LOAD_AND_SBOX( 2, SBOX_E2) - LOAD_AND_SBOX( 3, SBOX_E1) - - LOAD_AND_SBOX( 4, SBOX_E8) - LOAD_AND_SBOX( 5, SBOX_E7) - LOAD_AND_SBOX( 6, SBOX_E6) - LOAD_AND_SBOX( 7, SBOX_E5) - LOAD_AND_SBOX( 8, SBOX_E4) - LOAD_AND_SBOX( 9, SBOX_E3) - LOAD_AND_SBOX(10, SBOX_E2) - LOAD_AND_SBOX(11, SBOX_E1) - - LOAD_AND_SBOX(12, SBOX_E8) - LOAD_AND_SBOX(13, SBOX_E7) - LOAD_AND_SBOX(14, SBOX_E6) - LOAD_AND_SBOX(15, SBOX_E5) - LOAD_AND_SBOX(16, SBOX_E4) - LOAD_AND_SBOX(17, SBOX_E3) - LOAD_AND_SBOX(18, SBOX_E2) - LOAD_AND_SBOX(19, SBOX_E1) - - LOAD_AND_SBOX(20, SBOX_E8) - LOAD_AND_SBOX(21, SBOX_E7) - LOAD_AND_SBOX(22, SBOX_E6) - LOAD_AND_SBOX(23, SBOX_E5) - LOAD_AND_SBOX(24, SBOX_E4) - LOAD_AND_SBOX(25, SBOX_E3) - LOAD_AND_SBOX(26, SBOX_E2) - LOAD_AND_SBOX(27, SBOX_E1) - - LOAD_AND_SBOX(28, SBOX_E8) - LOAD_AND_SBOX(29, SBOX_E7) - LOAD_AND_SBOX(30, SBOX_E6) - LOAD_AND_SBOX(31, SBOX_E5) - LOAD_AND_SBOX(32, SBOX_E4) - - RESTORE_REGS() -#undef PUSHED -END_FUNCTION(botan_serpent_x86_32_key_schedule) diff --git a/src/block/skipjack/info.txt b/src/block/skipjack/info.txt deleted file mode 100644 index fb2bf70a5..000000000 --- a/src/block/skipjack/info.txt +++ /dev/null @@ -1 +0,0 @@ -define SKIPJACK 20131128 diff --git a/src/block/skipjack/skipjack.cpp b/src/block/skipjack/skipjack.cpp deleted file mode 100644 index be4024ad4..000000000 --- a/src/block/skipjack/skipjack.cpp +++ /dev/null @@ -1,200 +0,0 @@ -/* -* Skipjack -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/skipjack.h> -#include <botan/loadstor.h> - -namespace Botan { - -namespace { - -/* -* Skipjack Stepping Rule 'A' -*/ -void step_A(u16bit& W1, u16bit& W4, size_t round, const byte FTAB[]) - { - byte G1 = get_byte(0, W1), G2 = get_byte(1, W1), G3; - - G3 = FTAB[((4*round-4)%10)*256 + G2] ^ G1; - G1 = FTAB[((4*round-3)%10)*256 + G3] ^ G2; - G2 = FTAB[((4*round-2)%10)*256 + G1] ^ G3; - G3 = FTAB[((4*round-1)%10)*256 + G2] ^ G1; - - W1 = make_u16bit(G2, G3); - W4 ^= W1 ^ round; - } - -/* -* Skipjack Stepping Rule 'B' -*/ -void step_B(u16bit& W1, u16bit& W2, size_t round, const byte FTAB[]) - { - W2 ^= W1 ^ round; - byte G1 = get_byte(0, W1), G2 = get_byte(1, W1), G3; - G3 = FTAB[((4*round-4)%10)*256 + G2] ^ G1; - G1 = FTAB[((4*round-3)%10)*256 + G3] ^ G2; - G2 = FTAB[((4*round-2)%10)*256 + G1] ^ G3; - G3 = FTAB[((4*round-1)%10)*256 + G2] ^ G1; - W1 = make_u16bit(G2, G3); - } - -/* -* Skipjack Invserse Stepping Rule 'A' -*/ -void step_Ai(u16bit& W1, u16bit& W2, size_t round, const byte FTAB[]) - { - W1 ^= W2 ^ round; - byte G1 = get_byte(1, W2), G2 = get_byte(0, W2), G3; - G3 = FTAB[((4 * round - 1) % 10)*256 + G2] ^ G1; - G1 = FTAB[((4 * round - 2) % 10)*256 + G3] ^ G2; - G2 = FTAB[((4 * round - 3) % 10)*256 + G1] ^ G3; - G3 = FTAB[((4 * round - 4) % 10)*256 + G2] ^ G1; - W2 = make_u16bit(G3, G2); - } - -/* -* Skipjack Invserse Stepping Rule 'B' -*/ -void step_Bi(u16bit& W2, u16bit& W3, size_t round, const byte FTAB[]) - { - byte G1 = get_byte(1, W2), G2 = get_byte(0, W2), G3; - G3 = FTAB[((4 * round - 1) % 10)*256 + G2] ^ G1; - G1 = FTAB[((4 * round - 2) % 10)*256 + G3] ^ G2; - G2 = FTAB[((4 * round - 3) % 10)*256 + G1] ^ G3; - G3 = FTAB[((4 * round - 4) % 10)*256 + G2] ^ G1; - W2 = make_u16bit(G3, G2); - W3 ^= W2 ^ round; - } - -} - -/* -* Skipjack Encryption -*/ -void Skipjack::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const byte* ftab = &FTAB[0]; - - for(size_t i = 0; i != blocks; ++i) - { - u16bit W1 = load_le<u16bit>(in, 3); - u16bit W2 = load_le<u16bit>(in, 2); - u16bit W3 = load_le<u16bit>(in, 1); - u16bit W4 = load_le<u16bit>(in, 0); - - step_A(W1, W4, 1, ftab); step_A(W4, W3, 2, ftab); - step_A(W3, W2, 3, ftab); step_A(W2, W1, 4, ftab); - step_A(W1, W4, 5, ftab); step_A(W4, W3, 6, ftab); - step_A(W3, W2, 7, ftab); step_A(W2, W1, 8, ftab); - - step_B(W1, W2, 9, ftab); step_B(W4, W1, 10, ftab); - step_B(W3, W4, 11, ftab); step_B(W2, W3, 12, ftab); - step_B(W1, W2, 13, ftab); step_B(W4, W1, 14, ftab); - step_B(W3, W4, 15, ftab); step_B(W2, W3, 16, ftab); - - step_A(W1, W4, 17, ftab); step_A(W4, W3, 18, ftab); - step_A(W3, W2, 19, ftab); step_A(W2, W1, 20, ftab); - step_A(W1, W4, 21, ftab); step_A(W4, W3, 22, ftab); - step_A(W3, W2, 23, ftab); step_A(W2, W1, 24, ftab); - - step_B(W1, W2, 25, ftab); step_B(W4, W1, 26, ftab); - step_B(W3, W4, 27, ftab); step_B(W2, W3, 28, ftab); - step_B(W1, W2, 29, ftab); step_B(W4, W1, 30, ftab); - step_B(W3, W4, 31, ftab); step_B(W2, W3, 32, ftab); - - store_le(out, W4, W3, W2, W1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Skipjack Decryption -*/ -void Skipjack::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const byte* ftab = &FTAB[0]; - - for(size_t i = 0; i != blocks; ++i) - { - u16bit W1 = load_le<u16bit>(in, 3); - u16bit W2 = load_le<u16bit>(in, 2); - u16bit W3 = load_le<u16bit>(in, 1); - u16bit W4 = load_le<u16bit>(in, 0); - - step_Bi(W2, W3, 32, ftab); step_Bi(W3, W4, 31, ftab); - step_Bi(W4, W1, 30, ftab); step_Bi(W1, W2, 29, ftab); - step_Bi(W2, W3, 28, ftab); step_Bi(W3, W4, 27, ftab); - step_Bi(W4, W1, 26, ftab); step_Bi(W1, W2, 25, ftab); - - step_Ai(W1, W2, 24, ftab); step_Ai(W2, W3, 23, ftab); - step_Ai(W3, W4, 22, ftab); step_Ai(W4, W1, 21, ftab); - step_Ai(W1, W2, 20, ftab); step_Ai(W2, W3, 19, ftab); - step_Ai(W3, W4, 18, ftab); step_Ai(W4, W1, 17, ftab); - - step_Bi(W2, W3, 16, ftab); step_Bi(W3, W4, 15, ftab); - step_Bi(W4, W1, 14, ftab); step_Bi(W1, W2, 13, ftab); - step_Bi(W2, W3, 12, ftab); step_Bi(W3, W4, 11, ftab); - step_Bi(W4, W1, 10, ftab); step_Bi(W1, W2, 9, ftab); - - step_Ai(W1, W2, 8, ftab); step_Ai(W2, W3, 7, ftab); - step_Ai(W3, W4, 6, ftab); step_Ai(W4, W1, 5, ftab); - step_Ai(W1, W2, 4, ftab); step_Ai(W2, W3, 3, ftab); - step_Ai(W3, W4, 2, ftab); step_Ai(W4, W1, 1, ftab); - - store_le(out, W4, W3, W2, W1); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Skipjack Key Schedule -*/ -void Skipjack::key_schedule(const byte key[], size_t) - { - static const byte F[256] = { - 0xA3, 0xD7, 0x09, 0x83, 0xF8, 0x48, 0xF6, 0xF4, 0xB3, 0x21, 0x15, 0x78, - 0x99, 0xB1, 0xAF, 0xF9, 0xE7, 0x2D, 0x4D, 0x8A, 0xCE, 0x4C, 0xCA, 0x2E, - 0x52, 0x95, 0xD9, 0x1E, 0x4E, 0x38, 0x44, 0x28, 0x0A, 0xDF, 0x02, 0xA0, - 0x17, 0xF1, 0x60, 0x68, 0x12, 0xB7, 0x7A, 0xC3, 0xE9, 0xFA, 0x3D, 0x53, - 0x96, 0x84, 0x6B, 0xBA, 0xF2, 0x63, 0x9A, 0x19, 0x7C, 0xAE, 0xE5, 0xF5, - 0xF7, 0x16, 0x6A, 0xA2, 0x39, 0xB6, 0x7B, 0x0F, 0xC1, 0x93, 0x81, 0x1B, - 0xEE, 0xB4, 0x1A, 0xEA, 0xD0, 0x91, 0x2F, 0xB8, 0x55, 0xB9, 0xDA, 0x85, - 0x3F, 0x41, 0xBF, 0xE0, 0x5A, 0x58, 0x80, 0x5F, 0x66, 0x0B, 0xD8, 0x90, - 0x35, 0xD5, 0xC0, 0xA7, 0x33, 0x06, 0x65, 0x69, 0x45, 0x00, 0x94, 0x56, - 0x6D, 0x98, 0x9B, 0x76, 0x97, 0xFC, 0xB2, 0xC2, 0xB0, 0xFE, 0xDB, 0x20, - 0xE1, 0xEB, 0xD6, 0xE4, 0xDD, 0x47, 0x4A, 0x1D, 0x42, 0xED, 0x9E, 0x6E, - 0x49, 0x3C, 0xCD, 0x43, 0x27, 0xD2, 0x07, 0xD4, 0xDE, 0xC7, 0x67, 0x18, - 0x89, 0xCB, 0x30, 0x1F, 0x8D, 0xC6, 0x8F, 0xAA, 0xC8, 0x74, 0xDC, 0xC9, - 0x5D, 0x5C, 0x31, 0xA4, 0x70, 0x88, 0x61, 0x2C, 0x9F, 0x0D, 0x2B, 0x87, - 0x50, 0x82, 0x54, 0x64, 0x26, 0x7D, 0x03, 0x40, 0x34, 0x4B, 0x1C, 0x73, - 0xD1, 0xC4, 0xFD, 0x3B, 0xCC, 0xFB, 0x7F, 0xAB, 0xE6, 0x3E, 0x5B, 0xA5, - 0xAD, 0x04, 0x23, 0x9C, 0x14, 0x51, 0x22, 0xF0, 0x29, 0x79, 0x71, 0x7E, - 0xFF, 0x8C, 0x0E, 0xE2, 0x0C, 0xEF, 0xBC, 0x72, 0x75, 0x6F, 0x37, 0xA1, - 0xEC, 0xD3, 0x8E, 0x62, 0x8B, 0x86, 0x10, 0xE8, 0x08, 0x77, 0x11, 0xBE, - 0x92, 0x4F, 0x24, 0xC5, 0x32, 0x36, 0x9D, 0xCF, 0xF3, 0xA6, 0xBB, 0xAC, - 0x5E, 0x6C, 0xA9, 0x13, 0x57, 0x25, 0xB5, 0xE3, 0xBD, 0xA8, 0x3A, 0x01, - 0x05, 0x59, 0x2A, 0x46 }; - - FTAB.resize(256*10); - for(size_t i = 0; i != 10; ++i) - for(size_t j = 0; j != 256; ++j) - FTAB[256*i+j] = F[j ^ key[9-i]]; - } - -/* -* Clear memory of sensitive data -*/ -void Skipjack::clear() - { - zap(FTAB); - } - -} diff --git a/src/block/skipjack/skipjack.h b/src/block/skipjack/skipjack.h deleted file mode 100644 index 60a55c8a5..000000000 --- a/src/block/skipjack/skipjack.h +++ /dev/null @@ -1,35 +0,0 @@ -/* -* Skipjack -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SKIPJACK_H__ -#define BOTAN_SKIPJACK_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Skipjack, a NSA designed cipher used in Fortezza -*/ -class BOTAN_DLL Skipjack : public Block_Cipher_Fixed_Params<8, 10> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Skipjack"; } - BlockCipher* clone() const { return new Skipjack; } - private: - void key_schedule(const byte[], size_t); - - secure_vector<byte> FTAB; - }; - -} - -#endif diff --git a/src/block/square/info.txt b/src/block/square/info.txt deleted file mode 100644 index 1335b35b2..000000000 --- a/src/block/square/info.txt +++ /dev/null @@ -1 +0,0 @@ -define SQUARE 20131128 diff --git a/src/block/square/sqr_tab.cpp b/src/block/square/sqr_tab.cpp deleted file mode 100644 index 331bf3ea1..000000000 --- a/src/block/square/sqr_tab.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* -* S-Box and Diffusion Tables for Square -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/square.h> - -namespace Botan { - -const byte Square::SE[256] = { -0xB1, 0xCE, 0xC3, 0x95, 0x5A, 0xAD, 0xE7, 0x02, 0x4D, 0x44, 0xFB, 0x91, 0x0C, -0x87, 0xA1, 0x50, 0xCB, 0x67, 0x54, 0xDD, 0x46, 0x8F, 0xE1, 0x4E, 0xF0, 0xFD, -0xFC, 0xEB, 0xF9, 0xC4, 0x1A, 0x6E, 0x5E, 0xF5, 0xCC, 0x8D, 0x1C, 0x56, 0x43, -0xFE, 0x07, 0x61, 0xF8, 0x75, 0x59, 0xFF, 0x03, 0x22, 0x8A, 0xD1, 0x13, 0xEE, -0x88, 0x00, 0x0E, 0x34, 0x15, 0x80, 0x94, 0xE3, 0xED, 0xB5, 0x53, 0x23, 0x4B, -0x47, 0x17, 0xA7, 0x90, 0x35, 0xAB, 0xD8, 0xB8, 0xDF, 0x4F, 0x57, 0x9A, 0x92, -0xDB, 0x1B, 0x3C, 0xC8, 0x99, 0x04, 0x8E, 0xE0, 0xD7, 0x7D, 0x85, 0xBB, 0x40, -0x2C, 0x3A, 0x45, 0xF1, 0x42, 0x65, 0x20, 0x41, 0x18, 0x72, 0x25, 0x93, 0x70, -0x36, 0x05, 0xF2, 0x0B, 0xA3, 0x79, 0xEC, 0x08, 0x27, 0x31, 0x32, 0xB6, 0x7C, -0xB0, 0x0A, 0x73, 0x5B, 0x7B, 0xB7, 0x81, 0xD2, 0x0D, 0x6A, 0x26, 0x9E, 0x58, -0x9C, 0x83, 0x74, 0xB3, 0xAC, 0x30, 0x7A, 0x69, 0x77, 0x0F, 0xAE, 0x21, 0xDE, -0xD0, 0x2E, 0x97, 0x10, 0xA4, 0x98, 0xA8, 0xD4, 0x68, 0x2D, 0x62, 0x29, 0x6D, -0x16, 0x49, 0x76, 0xC7, 0xE8, 0xC1, 0x96, 0x37, 0xE5, 0xCA, 0xF4, 0xE9, 0x63, -0x12, 0xC2, 0xA6, 0x14, 0xBC, 0xD3, 0x28, 0xAF, 0x2F, 0xE6, 0x24, 0x52, 0xC6, -0xA0, 0x09, 0xBD, 0x8C, 0xCF, 0x5D, 0x11, 0x5F, 0x01, 0xC5, 0x9F, 0x3D, 0xA2, -0x9B, 0xC9, 0x3B, 0xBE, 0x51, 0x19, 0x1F, 0x3F, 0x5C, 0xB2, 0xEF, 0x4A, 0xCD, -0xBF, 0xBA, 0x6F, 0x64, 0xD9, 0xF3, 0x3E, 0xB4, 0xAA, 0xDC, 0xD5, 0x06, 0xC0, -0x7E, 0xF6, 0x66, 0x6C, 0x84, 0x71, 0x38, 0xB9, 0x1D, 0x7F, 0x9D, 0x48, 0x8B, -0x2A, 0xDA, 0xA5, 0x33, 0x82, 0x39, 0xD6, 0x78, 0x86, 0xFA, 0xE4, 0x2B, 0xA9, -0x1E, 0x89, 0x60, 0x6B, 0xEA, 0x55, 0x4C, 0xF7, 0xE2 }; - -const byte Square::SD[256] = { -0x35, 0xBE, 0x07, 0x2E, 0x53, 0x69, 0xDB, 0x28, 0x6F, 0xB7, 0x76, 0x6B, 0x0C, -0x7D, 0x36, 0x8B, 0x92, 0xBC, 0xA9, 0x32, 0xAC, 0x38, 0x9C, 0x42, 0x63, 0xC8, -0x1E, 0x4F, 0x24, 0xE5, 0xF7, 0xC9, 0x61, 0x8D, 0x2F, 0x3F, 0xB3, 0x65, 0x7F, -0x70, 0xAF, 0x9A, 0xEA, 0xF5, 0x5B, 0x98, 0x90, 0xB1, 0x87, 0x71, 0x72, 0xED, -0x37, 0x45, 0x68, 0xA3, 0xE3, 0xEF, 0x5C, 0xC5, 0x50, 0xC1, 0xD6, 0xCA, 0x5A, -0x62, 0x5F, 0x26, 0x09, 0x5D, 0x14, 0x41, 0xE8, 0x9D, 0xCE, 0x40, 0xFD, 0x08, -0x17, 0x4A, 0x0F, 0xC7, 0xB4, 0x3E, 0x12, 0xFC, 0x25, 0x4B, 0x81, 0x2C, 0x04, -0x78, 0xCB, 0xBB, 0x20, 0xBD, 0xF9, 0x29, 0x99, 0xA8, 0xD3, 0x60, 0xDF, 0x11, -0x97, 0x89, 0x7E, 0xFA, 0xE0, 0x9B, 0x1F, 0xD2, 0x67, 0xE2, 0x64, 0x77, 0x84, -0x2B, 0x9E, 0x8A, 0xF1, 0x6D, 0x88, 0x79, 0x74, 0x57, 0xDD, 0xE6, 0x39, 0x7B, -0xEE, 0x83, 0xE1, 0x58, 0xF2, 0x0D, 0x34, 0xF8, 0x30, 0xE9, 0xB9, 0x23, 0x54, -0x15, 0x44, 0x0B, 0x4D, 0x66, 0x3A, 0x03, 0xA2, 0x91, 0x94, 0x52, 0x4C, 0xC3, -0x82, 0xE7, 0x80, 0xC0, 0xB6, 0x0E, 0xC2, 0x6C, 0x93, 0xEC, 0xAB, 0x43, 0x95, -0xF6, 0xD8, 0x46, 0x86, 0x05, 0x8C, 0xB0, 0x75, 0x00, 0xCC, 0x85, 0xD7, 0x3D, -0x73, 0x7A, 0x48, 0xE4, 0xD1, 0x59, 0xAD, 0xB8, 0xC6, 0xD0, 0xDC, 0xA1, 0xAA, -0x02, 0x1D, 0xBF, 0xB5, 0x9F, 0x51, 0xC4, 0xA5, 0x10, 0x22, 0xCF, 0x01, 0xBA, -0x8F, 0x31, 0x7C, 0xAE, 0x96, 0xDA, 0xF0, 0x56, 0x47, 0xD4, 0xEB, 0x4E, 0xD9, -0x13, 0x8E, 0x49, 0x55, 0x16, 0xFF, 0x3B, 0xF4, 0xA4, 0xB2, 0x06, 0xA0, 0xA7, -0xFB, 0x1B, 0x6E, 0x3C, 0x33, 0xCD, 0x18, 0x5E, 0x6A, 0xD5, 0xA6, 0x21, 0xDE, -0xFE, 0x2A, 0x1C, 0xF3, 0x0A, 0x1A, 0x19, 0x27, 0x2D }; - -const byte Square::Log[256] = { -0x00, 0x00, 0x01, 0x86, 0x02, 0x0D, 0x87, 0x4C, 0x03, 0xD2, 0x0E, 0xAE, 0x88, -0x22, 0x4D, 0x93, 0x04, 0x1A, 0xD3, 0xCB, 0x0F, 0x98, 0xAF, 0xA8, 0x89, 0xF0, -0x23, 0x59, 0x4E, 0x35, 0x94, 0x09, 0x05, 0x8F, 0x1B, 0x6E, 0xD4, 0x39, 0xCC, -0xBB, 0x10, 0x68, 0x99, 0x77, 0xB0, 0xDF, 0xA9, 0x72, 0x8A, 0xFA, 0xF1, 0xA0, -0x24, 0x52, 0x5A, 0x60, 0x4F, 0x2F, 0x36, 0xDC, 0x95, 0x32, 0x0A, 0x1F, 0x06, -0xA5, 0x90, 0x49, 0x1C, 0x5D, 0x6F, 0xB8, 0xD5, 0xC1, 0x3A, 0xB5, 0xCD, 0x63, -0xBC, 0x3D, 0x11, 0x44, 0x69, 0x81, 0x9A, 0x27, 0x78, 0xC4, 0xB1, 0xE6, 0xE0, -0xEA, 0xAA, 0x55, 0x73, 0xD8, 0x8B, 0xF6, 0xFB, 0x16, 0xF2, 0xF4, 0xA1, 0x40, -0x25, 0x42, 0x53, 0xE4, 0x5B, 0xA3, 0x61, 0xBF, 0x50, 0xF8, 0x30, 0x2D, 0x37, -0x8D, 0xDD, 0x66, 0x96, 0x18, 0x33, 0xEE, 0x0B, 0xFD, 0x20, 0xD0, 0x07, 0x57, -0xA6, 0xC9, 0x91, 0xAC, 0x4A, 0x84, 0x1D, 0xDA, 0x5E, 0x9E, 0x70, 0x75, 0xB9, -0x6C, 0xD6, 0xE8, 0xC2, 0x7F, 0x3B, 0xB3, 0xB6, 0x47, 0xCE, 0xEC, 0x64, 0x2B, -0xBD, 0xE2, 0x3E, 0x14, 0x12, 0x29, 0x45, 0x7D, 0x6A, 0x9C, 0x82, 0xC7, 0x9B, -0xC6, 0x28, 0x7C, 0x79, 0x7A, 0xC5, 0x7B, 0xB2, 0x46, 0xE7, 0x7E, 0xE1, 0x13, -0xEB, 0x2A, 0xAB, 0x83, 0x56, 0xC8, 0x74, 0x6B, 0xD9, 0x9D, 0x8C, 0x65, 0xF7, -0x2C, 0xFC, 0xCF, 0x17, 0xED, 0xF3, 0x3F, 0xF5, 0x15, 0xA2, 0xBE, 0x41, 0xE3, -0x26, 0xC3, 0x43, 0x80, 0x54, 0xD7, 0xE5, 0xE9, 0x5C, 0xB7, 0xA4, 0x48, 0x62, -0x3C, 0xC0, 0xB4, 0x51, 0x5F, 0xF9, 0x9F, 0x31, 0x1E, 0x2E, 0xDB, 0x38, 0xBA, -0x8E, 0x6D, 0xDE, 0x71, 0x67, 0x76, 0x97, 0xA7, 0x19, 0xCA, 0x34, 0x08, 0xEF, -0x58, 0x0C, 0x4B, 0xFE, 0x85, 0x21, 0x92, 0xD1, 0xAD }; - -const byte Square::ALog[255] = { -0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0xF5, 0x1F, 0x3E, 0x7C, 0xF8, -0x05, 0x0A, 0x14, 0x28, 0x50, 0xA0, 0xB5, 0x9F, 0xCB, 0x63, 0xC6, 0x79, 0xF2, -0x11, 0x22, 0x44, 0x88, 0xE5, 0x3F, 0x7E, 0xFC, 0x0D, 0x1A, 0x34, 0x68, 0xD0, -0x55, 0xAA, 0xA1, 0xB7, 0x9B, 0xC3, 0x73, 0xE6, 0x39, 0x72, 0xE4, 0x3D, 0x7A, -0xF4, 0x1D, 0x3A, 0x74, 0xE8, 0x25, 0x4A, 0x94, 0xDD, 0x4F, 0x9E, 0xC9, 0x67, -0xCE, 0x69, 0xD2, 0x51, 0xA2, 0xB1, 0x97, 0xDB, 0x43, 0x86, 0xF9, 0x07, 0x0E, -0x1C, 0x38, 0x70, 0xE0, 0x35, 0x6A, 0xD4, 0x5D, 0xBA, 0x81, 0xF7, 0x1B, 0x36, -0x6C, 0xD8, 0x45, 0x8A, 0xE1, 0x37, 0x6E, 0xDC, 0x4D, 0x9A, 0xC1, 0x77, 0xEE, -0x29, 0x52, 0xA4, 0xBD, 0x8F, 0xEB, 0x23, 0x46, 0x8C, 0xED, 0x2F, 0x5E, 0xBC, -0x8D, 0xEF, 0x2B, 0x56, 0xAC, 0xAD, 0xAF, 0xAB, 0xA3, 0xB3, 0x93, 0xD3, 0x53, -0xA6, 0xB9, 0x87, 0xFB, 0x03, 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0x75, 0xEA, -0x21, 0x42, 0x84, 0xFD, 0x0F, 0x1E, 0x3C, 0x78, 0xF0, 0x15, 0x2A, 0x54, 0xA8, -0xA5, 0xBF, 0x8B, 0xE3, 0x33, 0x66, 0xCC, 0x6D, 0xDA, 0x41, 0x82, 0xF1, 0x17, -0x2E, 0x5C, 0xB8, 0x85, 0xFF, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x95, 0xDF, 0x4B, -0x96, 0xD9, 0x47, 0x8E, 0xE9, 0x27, 0x4E, 0x9C, 0xCD, 0x6F, 0xDE, 0x49, 0x92, -0xD1, 0x57, 0xAE, 0xA9, 0xA7, 0xBB, 0x83, 0xF3, 0x13, 0x26, 0x4C, 0x98, 0xC5, -0x7F, 0xFE, 0x09, 0x12, 0x24, 0x48, 0x90, 0xD5, 0x5F, 0xBE, 0x89, 0xE7, 0x3B, -0x76, 0xEC, 0x2D, 0x5A, 0xB4, 0x9D, 0xCF, 0x6B, 0xD6, 0x59, 0xB2, 0x91, 0xD7, -0x5B, 0xB6, 0x99, 0xC7, 0x7B, 0xF6, 0x19, 0x32, 0x64, 0xC8, 0x65, 0xCA, 0x61, -0xC2, 0x71, 0xE2, 0x31, 0x62, 0xC4, 0x7D, 0xFA }; - -const u32bit Square::TE0[256] = { -0x97B1B126, 0x69CECEA7, 0x73C3C3B0, 0xDF95954A, 0xB45A5AEE, 0xAFADAD02, -0x3BE7E7DC, 0x04020206, 0x9A4D4DD7, 0x884444CC, 0x03FBFBF8, 0xD7919146, -0x180C0C14, 0xFB87877C, 0xB7A1A116, 0xA05050F0, 0x63CBCBA8, 0xCE6767A9, -0xA85454FC, 0x4FDDDD92, 0x8C4646CA, 0xEB8F8F64, 0x37E1E1D6, 0x9C4E4ED2, -0x15F0F0E5, 0x0FFDFDF2, 0x0DFCFCF1, 0x23EBEBC8, 0x07F9F9FE, 0x7DC4C4B9, -0x341A1A2E, 0xDC6E6EB2, 0xBC5E5EE2, 0x1FF5F5EA, 0x6DCCCCA1, 0xEF8D8D62, -0x381C1C24, 0xAC5656FA, 0x864343C5, 0x09FEFEF7, 0x0E070709, 0xC26161A3, -0x05F8F8FD, 0xEA75759F, 0xB25959EB, 0x0BFFFFF4, 0x06030305, 0x44222266, -0xE18A8A6B, 0x57D1D186, 0x26131335, 0x29EEEEC7, 0xE588886D, 0x00000000, -0x1C0E0E12, 0x6834345C, 0x2A15153F, 0xF5808075, 0xDD949449, 0x33E3E3D0, -0x2FEDEDC2, 0x9FB5B52A, 0xA65353F5, 0x46232365, 0x964B4BDD, 0x8E4747C9, -0x2E171739, 0xBBA7A71C, 0xD5909045, 0x6A35355F, 0xA3ABAB08, 0x45D8D89D, -0x85B8B83D, 0x4BDFDF94, 0x9E4F4FD1, 0xAE5757F9, 0xC19A9A5B, 0xD1929243, -0x43DBDB98, 0x361B1B2D, 0x783C3C44, 0x65C8C8AD, 0xC799995E, 0x0804040C, -0xE98E8E67, 0x35E0E0D5, 0x5BD7D78C, 0xFA7D7D87, 0xFF85857A, 0x83BBBB38, -0x804040C0, 0x582C2C74, 0x743A3A4E, 0x8A4545CF, 0x17F1F1E6, 0x844242C6, -0xCA6565AF, 0x40202060, 0x824141C3, 0x30181828, 0xE4727296, 0x4A25256F, -0xD3939340, 0xE0707090, 0x6C36365A, 0x0A05050F, 0x11F2F2E3, 0x160B0B1D, -0xB3A3A310, 0xF279798B, 0x2DECECC1, 0x10080818, 0x4E272769, 0x62313153, -0x64323256, 0x99B6B62F, 0xF87C7C84, 0x95B0B025, 0x140A0A1E, 0xE6737395, -0xB65B5BED, 0xF67B7B8D, 0x9BB7B72C, 0xF7818176, 0x51D2D283, 0x1A0D0D17, -0xD46A6ABE, 0x4C26266A, 0xC99E9E57, 0xB05858E8, 0xCD9C9C51, 0xF3838370, -0xE874749C, 0x93B3B320, 0xADACAC01, 0x60303050, 0xF47A7A8E, 0xD26969BB, -0xEE777799, 0x1E0F0F11, 0xA9AEAE07, 0x42212163, 0x49DEDE97, 0x55D0D085, -0x5C2E2E72, 0xDB97974C, 0x20101030, 0xBDA4A419, 0xC598985D, 0xA5A8A80D, -0x5DD4D489, 0xD06868B8, 0x5A2D2D77, 0xC46262A6, 0x5229297B, 0xDA6D6DB7, -0x2C16163A, 0x924949DB, 0xEC76769A, 0x7BC7C7BC, 0x25E8E8CD, 0x77C1C1B6, -0xD996964F, 0x6E373759, 0x3FE5E5DA, 0x61CACAAB, 0x1DF4F4E9, 0x27E9E9CE, -0xC66363A5, 0x24121236, 0x71C2C2B3, 0xB9A6A61F, 0x2814143C, 0x8DBCBC31, -0x53D3D380, 0x50282878, 0xABAFAF04, 0x5E2F2F71, 0x39E6E6DF, 0x4824246C, -0xA45252F6, 0x79C6C6BF, 0xB5A0A015, 0x1209091B, 0x8FBDBD32, 0xED8C8C61, -0x6BCFCFA4, 0xBA5D5DE7, 0x22111133, 0xBE5F5FE1, 0x02010103, 0x7FC5C5BA, -0xCB9F9F54, 0x7A3D3D47, 0xB1A2A213, 0xC39B9B58, 0x67C9C9AE, 0x763B3B4D, -0x89BEBE37, 0xA25151F3, 0x3219192B, 0x3E1F1F21, 0x7E3F3F41, 0xB85C5CE4, -0x91B2B223, 0x2BEFEFC4, 0x944A4ADE, 0x6FCDCDA2, 0x8BBFBF34, 0x81BABA3B, -0xDE6F6FB1, 0xC86464AC, 0x47D9D99E, 0x13F3F3E0, 0x7C3E3E42, 0x9DB4B429, -0xA1AAAA0B, 0x4DDCDC91, 0x5FD5D58A, 0x0C06060A, 0x75C0C0B5, 0xFC7E7E82, -0x19F6F6EF, 0xCC6666AA, 0xD86C6CB4, 0xFD848479, 0xE2717193, 0x70383848, -0x87B9B93E, 0x3A1D1D27, 0xFE7F7F81, 0xCF9D9D52, 0x904848D8, 0xE38B8B68, -0x542A2A7E, 0x41DADA9B, 0xBFA5A51A, 0x66333355, 0xF1828273, 0x7239394B, -0x59D6D68F, 0xF0787888, 0xF986867F, 0x01FAFAFB, 0x3DE4E4D9, 0x562B2B7D, -0xA7A9A90E, 0x3C1E1E22, 0xE789896E, 0xC06060A0, 0xD66B6BBD, 0x21EAEACB, -0xAA5555FF, 0x984C4CD4, 0x1BF7F7EC, 0x31E2E2D3 }; - -const u32bit Square::TE1[256] = { -0x2697B1B1, 0xA769CECE, 0xB073C3C3, 0x4ADF9595, 0xEEB45A5A, 0x02AFADAD, -0xDC3BE7E7, 0x06040202, 0xD79A4D4D, 0xCC884444, 0xF803FBFB, 0x46D79191, -0x14180C0C, 0x7CFB8787, 0x16B7A1A1, 0xF0A05050, 0xA863CBCB, 0xA9CE6767, -0xFCA85454, 0x924FDDDD, 0xCA8C4646, 0x64EB8F8F, 0xD637E1E1, 0xD29C4E4E, -0xE515F0F0, 0xF20FFDFD, 0xF10DFCFC, 0xC823EBEB, 0xFE07F9F9, 0xB97DC4C4, -0x2E341A1A, 0xB2DC6E6E, 0xE2BC5E5E, 0xEA1FF5F5, 0xA16DCCCC, 0x62EF8D8D, -0x24381C1C, 0xFAAC5656, 0xC5864343, 0xF709FEFE, 0x090E0707, 0xA3C26161, -0xFD05F8F8, 0x9FEA7575, 0xEBB25959, 0xF40BFFFF, 0x05060303, 0x66442222, -0x6BE18A8A, 0x8657D1D1, 0x35261313, 0xC729EEEE, 0x6DE58888, 0x00000000, -0x121C0E0E, 0x5C683434, 0x3F2A1515, 0x75F58080, 0x49DD9494, 0xD033E3E3, -0xC22FEDED, 0x2A9FB5B5, 0xF5A65353, 0x65462323, 0xDD964B4B, 0xC98E4747, -0x392E1717, 0x1CBBA7A7, 0x45D59090, 0x5F6A3535, 0x08A3ABAB, 0x9D45D8D8, -0x3D85B8B8, 0x944BDFDF, 0xD19E4F4F, 0xF9AE5757, 0x5BC19A9A, 0x43D19292, -0x9843DBDB, 0x2D361B1B, 0x44783C3C, 0xAD65C8C8, 0x5EC79999, 0x0C080404, -0x67E98E8E, 0xD535E0E0, 0x8C5BD7D7, 0x87FA7D7D, 0x7AFF8585, 0x3883BBBB, -0xC0804040, 0x74582C2C, 0x4E743A3A, 0xCF8A4545, 0xE617F1F1, 0xC6844242, -0xAFCA6565, 0x60402020, 0xC3824141, 0x28301818, 0x96E47272, 0x6F4A2525, -0x40D39393, 0x90E07070, 0x5A6C3636, 0x0F0A0505, 0xE311F2F2, 0x1D160B0B, -0x10B3A3A3, 0x8BF27979, 0xC12DECEC, 0x18100808, 0x694E2727, 0x53623131, -0x56643232, 0x2F99B6B6, 0x84F87C7C, 0x2595B0B0, 0x1E140A0A, 0x95E67373, -0xEDB65B5B, 0x8DF67B7B, 0x2C9BB7B7, 0x76F78181, 0x8351D2D2, 0x171A0D0D, -0xBED46A6A, 0x6A4C2626, 0x57C99E9E, 0xE8B05858, 0x51CD9C9C, 0x70F38383, -0x9CE87474, 0x2093B3B3, 0x01ADACAC, 0x50603030, 0x8EF47A7A, 0xBBD26969, -0x99EE7777, 0x111E0F0F, 0x07A9AEAE, 0x63422121, 0x9749DEDE, 0x8555D0D0, -0x725C2E2E, 0x4CDB9797, 0x30201010, 0x19BDA4A4, 0x5DC59898, 0x0DA5A8A8, -0x895DD4D4, 0xB8D06868, 0x775A2D2D, 0xA6C46262, 0x7B522929, 0xB7DA6D6D, -0x3A2C1616, 0xDB924949, 0x9AEC7676, 0xBC7BC7C7, 0xCD25E8E8, 0xB677C1C1, -0x4FD99696, 0x596E3737, 0xDA3FE5E5, 0xAB61CACA, 0xE91DF4F4, 0xCE27E9E9, -0xA5C66363, 0x36241212, 0xB371C2C2, 0x1FB9A6A6, 0x3C281414, 0x318DBCBC, -0x8053D3D3, 0x78502828, 0x04ABAFAF, 0x715E2F2F, 0xDF39E6E6, 0x6C482424, -0xF6A45252, 0xBF79C6C6, 0x15B5A0A0, 0x1B120909, 0x328FBDBD, 0x61ED8C8C, -0xA46BCFCF, 0xE7BA5D5D, 0x33221111, 0xE1BE5F5F, 0x03020101, 0xBA7FC5C5, -0x54CB9F9F, 0x477A3D3D, 0x13B1A2A2, 0x58C39B9B, 0xAE67C9C9, 0x4D763B3B, -0x3789BEBE, 0xF3A25151, 0x2B321919, 0x213E1F1F, 0x417E3F3F, 0xE4B85C5C, -0x2391B2B2, 0xC42BEFEF, 0xDE944A4A, 0xA26FCDCD, 0x348BBFBF, 0x3B81BABA, -0xB1DE6F6F, 0xACC86464, 0x9E47D9D9, 0xE013F3F3, 0x427C3E3E, 0x299DB4B4, -0x0BA1AAAA, 0x914DDCDC, 0x8A5FD5D5, 0x0A0C0606, 0xB575C0C0, 0x82FC7E7E, -0xEF19F6F6, 0xAACC6666, 0xB4D86C6C, 0x79FD8484, 0x93E27171, 0x48703838, -0x3E87B9B9, 0x273A1D1D, 0x81FE7F7F, 0x52CF9D9D, 0xD8904848, 0x68E38B8B, -0x7E542A2A, 0x9B41DADA, 0x1ABFA5A5, 0x55663333, 0x73F18282, 0x4B723939, -0x8F59D6D6, 0x88F07878, 0x7FF98686, 0xFB01FAFA, 0xD93DE4E4, 0x7D562B2B, -0x0EA7A9A9, 0x223C1E1E, 0x6EE78989, 0xA0C06060, 0xBDD66B6B, 0xCB21EAEA, -0xFFAA5555, 0xD4984C4C, 0xEC1BF7F7, 0xD331E2E2 }; - -const u32bit Square::TE2[256] = { -0xB12697B1, 0xCEA769CE, 0xC3B073C3, 0x954ADF95, 0x5AEEB45A, 0xAD02AFAD, -0xE7DC3BE7, 0x02060402, 0x4DD79A4D, 0x44CC8844, 0xFBF803FB, 0x9146D791, -0x0C14180C, 0x877CFB87, 0xA116B7A1, 0x50F0A050, 0xCBA863CB, 0x67A9CE67, -0x54FCA854, 0xDD924FDD, 0x46CA8C46, 0x8F64EB8F, 0xE1D637E1, 0x4ED29C4E, -0xF0E515F0, 0xFDF20FFD, 0xFCF10DFC, 0xEBC823EB, 0xF9FE07F9, 0xC4B97DC4, -0x1A2E341A, 0x6EB2DC6E, 0x5EE2BC5E, 0xF5EA1FF5, 0xCCA16DCC, 0x8D62EF8D, -0x1C24381C, 0x56FAAC56, 0x43C58643, 0xFEF709FE, 0x07090E07, 0x61A3C261, -0xF8FD05F8, 0x759FEA75, 0x59EBB259, 0xFFF40BFF, 0x03050603, 0x22664422, -0x8A6BE18A, 0xD18657D1, 0x13352613, 0xEEC729EE, 0x886DE588, 0x00000000, -0x0E121C0E, 0x345C6834, 0x153F2A15, 0x8075F580, 0x9449DD94, 0xE3D033E3, -0xEDC22FED, 0xB52A9FB5, 0x53F5A653, 0x23654623, 0x4BDD964B, 0x47C98E47, -0x17392E17, 0xA71CBBA7, 0x9045D590, 0x355F6A35, 0xAB08A3AB, 0xD89D45D8, -0xB83D85B8, 0xDF944BDF, 0x4FD19E4F, 0x57F9AE57, 0x9A5BC19A, 0x9243D192, -0xDB9843DB, 0x1B2D361B, 0x3C44783C, 0xC8AD65C8, 0x995EC799, 0x040C0804, -0x8E67E98E, 0xE0D535E0, 0xD78C5BD7, 0x7D87FA7D, 0x857AFF85, 0xBB3883BB, -0x40C08040, 0x2C74582C, 0x3A4E743A, 0x45CF8A45, 0xF1E617F1, 0x42C68442, -0x65AFCA65, 0x20604020, 0x41C38241, 0x18283018, 0x7296E472, 0x256F4A25, -0x9340D393, 0x7090E070, 0x365A6C36, 0x050F0A05, 0xF2E311F2, 0x0B1D160B, -0xA310B3A3, 0x798BF279, 0xECC12DEC, 0x08181008, 0x27694E27, 0x31536231, -0x32566432, 0xB62F99B6, 0x7C84F87C, 0xB02595B0, 0x0A1E140A, 0x7395E673, -0x5BEDB65B, 0x7B8DF67B, 0xB72C9BB7, 0x8176F781, 0xD28351D2, 0x0D171A0D, -0x6ABED46A, 0x266A4C26, 0x9E57C99E, 0x58E8B058, 0x9C51CD9C, 0x8370F383, -0x749CE874, 0xB32093B3, 0xAC01ADAC, 0x30506030, 0x7A8EF47A, 0x69BBD269, -0x7799EE77, 0x0F111E0F, 0xAE07A9AE, 0x21634221, 0xDE9749DE, 0xD08555D0, -0x2E725C2E, 0x974CDB97, 0x10302010, 0xA419BDA4, 0x985DC598, 0xA80DA5A8, -0xD4895DD4, 0x68B8D068, 0x2D775A2D, 0x62A6C462, 0x297B5229, 0x6DB7DA6D, -0x163A2C16, 0x49DB9249, 0x769AEC76, 0xC7BC7BC7, 0xE8CD25E8, 0xC1B677C1, -0x964FD996, 0x37596E37, 0xE5DA3FE5, 0xCAAB61CA, 0xF4E91DF4, 0xE9CE27E9, -0x63A5C663, 0x12362412, 0xC2B371C2, 0xA61FB9A6, 0x143C2814, 0xBC318DBC, -0xD38053D3, 0x28785028, 0xAF04ABAF, 0x2F715E2F, 0xE6DF39E6, 0x246C4824, -0x52F6A452, 0xC6BF79C6, 0xA015B5A0, 0x091B1209, 0xBD328FBD, 0x8C61ED8C, -0xCFA46BCF, 0x5DE7BA5D, 0x11332211, 0x5FE1BE5F, 0x01030201, 0xC5BA7FC5, -0x9F54CB9F, 0x3D477A3D, 0xA213B1A2, 0x9B58C39B, 0xC9AE67C9, 0x3B4D763B, -0xBE3789BE, 0x51F3A251, 0x192B3219, 0x1F213E1F, 0x3F417E3F, 0x5CE4B85C, -0xB22391B2, 0xEFC42BEF, 0x4ADE944A, 0xCDA26FCD, 0xBF348BBF, 0xBA3B81BA, -0x6FB1DE6F, 0x64ACC864, 0xD99E47D9, 0xF3E013F3, 0x3E427C3E, 0xB4299DB4, -0xAA0BA1AA, 0xDC914DDC, 0xD58A5FD5, 0x060A0C06, 0xC0B575C0, 0x7E82FC7E, -0xF6EF19F6, 0x66AACC66, 0x6CB4D86C, 0x8479FD84, 0x7193E271, 0x38487038, -0xB93E87B9, 0x1D273A1D, 0x7F81FE7F, 0x9D52CF9D, 0x48D89048, 0x8B68E38B, -0x2A7E542A, 0xDA9B41DA, 0xA51ABFA5, 0x33556633, 0x8273F182, 0x394B7239, -0xD68F59D6, 0x7888F078, 0x867FF986, 0xFAFB01FA, 0xE4D93DE4, 0x2B7D562B, -0xA90EA7A9, 0x1E223C1E, 0x896EE789, 0x60A0C060, 0x6BBDD66B, 0xEACB21EA, -0x55FFAA55, 0x4CD4984C, 0xF7EC1BF7, 0xE2D331E2 }; - -const u32bit Square::TE3[256] = { -0xB1B12697, 0xCECEA769, 0xC3C3B073, 0x95954ADF, 0x5A5AEEB4, 0xADAD02AF, -0xE7E7DC3B, 0x02020604, 0x4D4DD79A, 0x4444CC88, 0xFBFBF803, 0x919146D7, -0x0C0C1418, 0x87877CFB, 0xA1A116B7, 0x5050F0A0, 0xCBCBA863, 0x6767A9CE, -0x5454FCA8, 0xDDDD924F, 0x4646CA8C, 0x8F8F64EB, 0xE1E1D637, 0x4E4ED29C, -0xF0F0E515, 0xFDFDF20F, 0xFCFCF10D, 0xEBEBC823, 0xF9F9FE07, 0xC4C4B97D, -0x1A1A2E34, 0x6E6EB2DC, 0x5E5EE2BC, 0xF5F5EA1F, 0xCCCCA16D, 0x8D8D62EF, -0x1C1C2438, 0x5656FAAC, 0x4343C586, 0xFEFEF709, 0x0707090E, 0x6161A3C2, -0xF8F8FD05, 0x75759FEA, 0x5959EBB2, 0xFFFFF40B, 0x03030506, 0x22226644, -0x8A8A6BE1, 0xD1D18657, 0x13133526, 0xEEEEC729, 0x88886DE5, 0x00000000, -0x0E0E121C, 0x34345C68, 0x15153F2A, 0x808075F5, 0x949449DD, 0xE3E3D033, -0xEDEDC22F, 0xB5B52A9F, 0x5353F5A6, 0x23236546, 0x4B4BDD96, 0x4747C98E, -0x1717392E, 0xA7A71CBB, 0x909045D5, 0x35355F6A, 0xABAB08A3, 0xD8D89D45, -0xB8B83D85, 0xDFDF944B, 0x4F4FD19E, 0x5757F9AE, 0x9A9A5BC1, 0x929243D1, -0xDBDB9843, 0x1B1B2D36, 0x3C3C4478, 0xC8C8AD65, 0x99995EC7, 0x04040C08, -0x8E8E67E9, 0xE0E0D535, 0xD7D78C5B, 0x7D7D87FA, 0x85857AFF, 0xBBBB3883, -0x4040C080, 0x2C2C7458, 0x3A3A4E74, 0x4545CF8A, 0xF1F1E617, 0x4242C684, -0x6565AFCA, 0x20206040, 0x4141C382, 0x18182830, 0x727296E4, 0x25256F4A, -0x939340D3, 0x707090E0, 0x36365A6C, 0x05050F0A, 0xF2F2E311, 0x0B0B1D16, -0xA3A310B3, 0x79798BF2, 0xECECC12D, 0x08081810, 0x2727694E, 0x31315362, -0x32325664, 0xB6B62F99, 0x7C7C84F8, 0xB0B02595, 0x0A0A1E14, 0x737395E6, -0x5B5BEDB6, 0x7B7B8DF6, 0xB7B72C9B, 0x818176F7, 0xD2D28351, 0x0D0D171A, -0x6A6ABED4, 0x26266A4C, 0x9E9E57C9, 0x5858E8B0, 0x9C9C51CD, 0x838370F3, -0x74749CE8, 0xB3B32093, 0xACAC01AD, 0x30305060, 0x7A7A8EF4, 0x6969BBD2, -0x777799EE, 0x0F0F111E, 0xAEAE07A9, 0x21216342, 0xDEDE9749, 0xD0D08555, -0x2E2E725C, 0x97974CDB, 0x10103020, 0xA4A419BD, 0x98985DC5, 0xA8A80DA5, -0xD4D4895D, 0x6868B8D0, 0x2D2D775A, 0x6262A6C4, 0x29297B52, 0x6D6DB7DA, -0x16163A2C, 0x4949DB92, 0x76769AEC, 0xC7C7BC7B, 0xE8E8CD25, 0xC1C1B677, -0x96964FD9, 0x3737596E, 0xE5E5DA3F, 0xCACAAB61, 0xF4F4E91D, 0xE9E9CE27, -0x6363A5C6, 0x12123624, 0xC2C2B371, 0xA6A61FB9, 0x14143C28, 0xBCBC318D, -0xD3D38053, 0x28287850, 0xAFAF04AB, 0x2F2F715E, 0xE6E6DF39, 0x24246C48, -0x5252F6A4, 0xC6C6BF79, 0xA0A015B5, 0x09091B12, 0xBDBD328F, 0x8C8C61ED, -0xCFCFA46B, 0x5D5DE7BA, 0x11113322, 0x5F5FE1BE, 0x01010302, 0xC5C5BA7F, -0x9F9F54CB, 0x3D3D477A, 0xA2A213B1, 0x9B9B58C3, 0xC9C9AE67, 0x3B3B4D76, -0xBEBE3789, 0x5151F3A2, 0x19192B32, 0x1F1F213E, 0x3F3F417E, 0x5C5CE4B8, -0xB2B22391, 0xEFEFC42B, 0x4A4ADE94, 0xCDCDA26F, 0xBFBF348B, 0xBABA3B81, -0x6F6FB1DE, 0x6464ACC8, 0xD9D99E47, 0xF3F3E013, 0x3E3E427C, 0xB4B4299D, -0xAAAA0BA1, 0xDCDC914D, 0xD5D58A5F, 0x06060A0C, 0xC0C0B575, 0x7E7E82FC, -0xF6F6EF19, 0x6666AACC, 0x6C6CB4D8, 0x848479FD, 0x717193E2, 0x38384870, -0xB9B93E87, 0x1D1D273A, 0x7F7F81FE, 0x9D9D52CF, 0x4848D890, 0x8B8B68E3, -0x2A2A7E54, 0xDADA9B41, 0xA5A51ABF, 0x33335566, 0x828273F1, 0x39394B72, -0xD6D68F59, 0x787888F0, 0x86867FF9, 0xFAFAFB01, 0xE4E4D93D, 0x2B2B7D56, -0xA9A90EA7, 0x1E1E223C, 0x89896EE7, 0x6060A0C0, 0x6B6BBDD6, 0xEAEACB21, -0x5555FFAA, 0x4C4CD498, 0xF7F7EC1B, 0xE2E2D331 }; - -const u32bit Square::TD0[256] = { -0xE368BC02, 0x5585620C, 0x2A3F2331, 0x61AB13F7, 0x98D46D72, 0x21CB9A19, -0x3C22A461, 0x459D3DCD, 0x05FDB423, 0x2BC4075F, 0x9B2C01C0, 0x3DD9800F, -0x486C5C74, 0xF97F7E85, 0xF173AB1F, 0xB6EDDE0E, 0x283C6BED, 0x4997781A, -0x9F2A918D, 0xC9579F33, 0xA907A8AA, 0xA50DED7D, 0x7C422D8F, 0x764DB0C9, -0x4D91E857, 0xCEA963CC, 0xB4EE96D2, 0x3028E1B6, 0x0DF161B9, 0xBD196726, -0x419BAD80, 0xC0A06EC7, 0x5183F241, 0x92DBF034, 0x6FA21EFC, 0x8F32CE4C, -0x13E03373, 0x69A7C66D, 0xE56D6493, 0xBF1A2FFA, 0xBB1CBFB7, 0x587403B5, -0xE76E2C4F, 0x5D89B796, 0xE89C052A, 0x446619A3, 0x342E71FB, 0x0FF22965, -0xFE81827A, 0xB11322F1, 0xA30835EC, 0xCD510F7E, 0xFF7AA614, 0x5C7293F8, -0x2FC29712, 0xF370E3C3, 0x992F491C, 0xD1431568, 0xC2A3261B, 0x88CC32B3, -0x8ACF7A6F, 0xB0E8069F, 0x7A47F51E, 0xD2BB79DA, 0xE6950821, 0x4398E55C, -0xD0B83106, 0x11E37BAF, 0x7E416553, 0xCCAA2B10, 0xD8B4E49C, 0x6456A7D4, -0xFB7C3659, 0x724B2084, 0xEA9F4DF6, 0x6A5FAADF, 0x2DC1DFCE, 0x70486858, -0xCAAFF381, 0x0605D891, 0x5A774B69, 0x94DE28A5, 0x39DF1042, 0x813BC347, -0xFC82CAA6, 0x23C8D2C5, 0x03F86CB2, 0x080CD59A, 0xDAB7AC40, 0x7DB909E1, -0x3824342C, 0xCF5247A2, 0xDCB274D1, 0x63A85B2B, 0x35D55595, 0x479E7511, -0x15E5EBE2, 0x4B9430C6, 0x4A6F14A8, 0x91239C86, 0x4C6ACC39, 0x5F8AFF4A, -0x0406904D, 0xEE99DDBB, 0x1E1152CA, 0xAAFFC418, 0xEB646998, 0x07FEFCFF, -0x8B345E01, 0x567D0EBE, 0xBAE79BD9, 0x4263C132, 0x75B5DC7B, 0x97264417, -0x67AECB66, 0x95250CCB, 0xEC9A9567, 0x57862AD0, 0x60503799, 0xB8E4D305, -0x65AD83BA, 0x19EFAE35, 0xA4F6C913, 0xC15B4AA9, 0x873E1BD6, 0xA0F0595E, -0x18148A5B, 0xAF02703B, 0xAB04E076, 0xDD4950BF, 0xDF4A1863, 0xC6A5B656, -0x853D530A, 0xFA871237, 0x77B694A7, 0x4665517F, 0xED61B109, 0x1BECE6E9, -0xD5458525, 0xF5753B52, 0x7FBA413D, 0x27CE4288, 0xB2EB4E43, 0xD6BDE997, -0x527B9EF3, 0x62537F45, 0x2C3AFBA0, 0x7BBCD170, 0xB91FF76B, 0x121B171D, -0xFD79EEC8, 0x3A277CF0, 0x0C0A45D7, 0x96DD6079, 0x2233F6AB, 0xACFA1C89, -0xC8ACBB5D, 0xA10B7D30, 0xD4BEA14B, 0xBEE10B94, 0x25CD0A54, 0x547E4662, -0xA2F31182, 0x17E6A33E, 0x263566E6, 0xC3580275, 0x83388B9B, 0x7844BDC2, -0x020348DC, 0x4F92A08B, 0x2E39B37C, 0x4E6984E5, 0xF0888F71, 0x362D3927, -0x9CD2FD3F, 0x01FB246E, 0x893716DD, 0x00000000, 0xF68D57E0, 0xE293986C, -0x744EF815, 0x9320D45A, 0xAD0138E7, 0xD3405DB4, 0x1A17C287, 0xB3106A2D, -0x5078D62F, 0xF48E1F3C, 0xA70EA5A1, 0x71B34C36, 0x9AD725AE, 0x5E71DB24, -0x161D8750, 0xEF62F9D5, 0x8D318690, 0x1C121A16, 0xA6F581CF, 0x5B8C6F07, -0x37D61D49, 0x6E593A92, 0x84C67764, 0x86C53FB8, 0xD746CDF9, 0xE090D0B0, -0x29C74F83, 0xE49640FD, 0x0E090D0B, 0x6DA15620, 0x8EC9EA22, 0xDB4C882E, -0xF776738E, 0xB515B2BC, 0x10185FC1, 0x322BA96A, 0x6BA48EB1, 0xAEF95455, -0x406089EE, 0x6655EF08, 0xE9672144, 0x3E21ECBD, 0x2030BE77, 0xF28BC7AD, -0x80C0E729, 0x141ECF8C, 0xBCE24348, 0xC4A6FE8A, 0x31D3C5D8, 0xB716FA60, -0x5380BA9D, 0xD94FC0F2, 0x1DE93E78, 0x24362E3A, 0xE16BF4DE, 0xCB54D7EF, -0x09F7F1F4, 0x82C3AFF5, 0x0BF4B928, 0x9D29D951, 0xC75E9238, 0xF8845AEB, -0x90D8B8E8, 0xDEB13C0D, 0x33D08D04, 0x685CE203, 0xC55DDAE4, 0x3BDC589E, -0x0A0F9D46, 0x3FDAC8D3, 0x598F27DB, 0xA8FC8CC4, 0x79BF99AC, 0x6C5A724E, -0x8CCAA2FE, 0x9ED1B5E3, 0x1FEA76A4, 0x73B004EA }; - -const u32bit Square::TD1[256] = { -0x02E368BC, 0x0C558562, 0x312A3F23, 0xF761AB13, 0x7298D46D, 0x1921CB9A, -0x613C22A4, 0xCD459D3D, 0x2305FDB4, 0x5F2BC407, 0xC09B2C01, 0x0F3DD980, -0x74486C5C, 0x85F97F7E, 0x1FF173AB, 0x0EB6EDDE, 0xED283C6B, 0x1A499778, -0x8D9F2A91, 0x33C9579F, 0xAAA907A8, 0x7DA50DED, 0x8F7C422D, 0xC9764DB0, -0x574D91E8, 0xCCCEA963, 0xD2B4EE96, 0xB63028E1, 0xB90DF161, 0x26BD1967, -0x80419BAD, 0xC7C0A06E, 0x415183F2, 0x3492DBF0, 0xFC6FA21E, 0x4C8F32CE, -0x7313E033, 0x6D69A7C6, 0x93E56D64, 0xFABF1A2F, 0xB7BB1CBF, 0xB5587403, -0x4FE76E2C, 0x965D89B7, 0x2AE89C05, 0xA3446619, 0xFB342E71, 0x650FF229, -0x7AFE8182, 0xF1B11322, 0xECA30835, 0x7ECD510F, 0x14FF7AA6, 0xF85C7293, -0x122FC297, 0xC3F370E3, 0x1C992F49, 0x68D14315, 0x1BC2A326, 0xB388CC32, -0x6F8ACF7A, 0x9FB0E806, 0x1E7A47F5, 0xDAD2BB79, 0x21E69508, 0x5C4398E5, -0x06D0B831, 0xAF11E37B, 0x537E4165, 0x10CCAA2B, 0x9CD8B4E4, 0xD46456A7, -0x59FB7C36, 0x84724B20, 0xF6EA9F4D, 0xDF6A5FAA, 0xCE2DC1DF, 0x58704868, -0x81CAAFF3, 0x910605D8, 0x695A774B, 0xA594DE28, 0x4239DF10, 0x47813BC3, -0xA6FC82CA, 0xC523C8D2, 0xB203F86C, 0x9A080CD5, 0x40DAB7AC, 0xE17DB909, -0x2C382434, 0xA2CF5247, 0xD1DCB274, 0x2B63A85B, 0x9535D555, 0x11479E75, -0xE215E5EB, 0xC64B9430, 0xA84A6F14, 0x8691239C, 0x394C6ACC, 0x4A5F8AFF, -0x4D040690, 0xBBEE99DD, 0xCA1E1152, 0x18AAFFC4, 0x98EB6469, 0xFF07FEFC, -0x018B345E, 0xBE567D0E, 0xD9BAE79B, 0x324263C1, 0x7B75B5DC, 0x17972644, -0x6667AECB, 0xCB95250C, 0x67EC9A95, 0xD057862A, 0x99605037, 0x05B8E4D3, -0xBA65AD83, 0x3519EFAE, 0x13A4F6C9, 0xA9C15B4A, 0xD6873E1B, 0x5EA0F059, -0x5B18148A, 0x3BAF0270, 0x76AB04E0, 0xBFDD4950, 0x63DF4A18, 0x56C6A5B6, -0x0A853D53, 0x37FA8712, 0xA777B694, 0x7F466551, 0x09ED61B1, 0xE91BECE6, -0x25D54585, 0x52F5753B, 0x3D7FBA41, 0x8827CE42, 0x43B2EB4E, 0x97D6BDE9, -0xF3527B9E, 0x4562537F, 0xA02C3AFB, 0x707BBCD1, 0x6BB91FF7, 0x1D121B17, -0xC8FD79EE, 0xF03A277C, 0xD70C0A45, 0x7996DD60, 0xAB2233F6, 0x89ACFA1C, -0x5DC8ACBB, 0x30A10B7D, 0x4BD4BEA1, 0x94BEE10B, 0x5425CD0A, 0x62547E46, -0x82A2F311, 0x3E17E6A3, 0xE6263566, 0x75C35802, 0x9B83388B, 0xC27844BD, -0xDC020348, 0x8B4F92A0, 0x7C2E39B3, 0xE54E6984, 0x71F0888F, 0x27362D39, -0x3F9CD2FD, 0x6E01FB24, 0xDD893716, 0x00000000, 0xE0F68D57, 0x6CE29398, -0x15744EF8, 0x5A9320D4, 0xE7AD0138, 0xB4D3405D, 0x871A17C2, 0x2DB3106A, -0x2F5078D6, 0x3CF48E1F, 0xA1A70EA5, 0x3671B34C, 0xAE9AD725, 0x245E71DB, -0x50161D87, 0xD5EF62F9, 0x908D3186, 0x161C121A, 0xCFA6F581, 0x075B8C6F, -0x4937D61D, 0x926E593A, 0x6484C677, 0xB886C53F, 0xF9D746CD, 0xB0E090D0, -0x8329C74F, 0xFDE49640, 0x0B0E090D, 0x206DA156, 0x228EC9EA, 0x2EDB4C88, -0x8EF77673, 0xBCB515B2, 0xC110185F, 0x6A322BA9, 0xB16BA48E, 0x55AEF954, -0xEE406089, 0x086655EF, 0x44E96721, 0xBD3E21EC, 0x772030BE, 0xADF28BC7, -0x2980C0E7, 0x8C141ECF, 0x48BCE243, 0x8AC4A6FE, 0xD831D3C5, 0x60B716FA, -0x9D5380BA, 0xF2D94FC0, 0x781DE93E, 0x3A24362E, 0xDEE16BF4, 0xEFCB54D7, -0xF409F7F1, 0xF582C3AF, 0x280BF4B9, 0x519D29D9, 0x38C75E92, 0xEBF8845A, -0xE890D8B8, 0x0DDEB13C, 0x0433D08D, 0x03685CE2, 0xE4C55DDA, 0x9E3BDC58, -0x460A0F9D, 0xD33FDAC8, 0xDB598F27, 0xC4A8FC8C, 0xAC79BF99, 0x4E6C5A72, -0xFE8CCAA2, 0xE39ED1B5, 0xA41FEA76, 0xEA73B004 }; - -const u32bit Square::TD2[256] = { -0xBC02E368, 0x620C5585, 0x23312A3F, 0x13F761AB, 0x6D7298D4, 0x9A1921CB, -0xA4613C22, 0x3DCD459D, 0xB42305FD, 0x075F2BC4, 0x01C09B2C, 0x800F3DD9, -0x5C74486C, 0x7E85F97F, 0xAB1FF173, 0xDE0EB6ED, 0x6BED283C, 0x781A4997, -0x918D9F2A, 0x9F33C957, 0xA8AAA907, 0xED7DA50D, 0x2D8F7C42, 0xB0C9764D, -0xE8574D91, 0x63CCCEA9, 0x96D2B4EE, 0xE1B63028, 0x61B90DF1, 0x6726BD19, -0xAD80419B, 0x6EC7C0A0, 0xF2415183, 0xF03492DB, 0x1EFC6FA2, 0xCE4C8F32, -0x337313E0, 0xC66D69A7, 0x6493E56D, 0x2FFABF1A, 0xBFB7BB1C, 0x03B55874, -0x2C4FE76E, 0xB7965D89, 0x052AE89C, 0x19A34466, 0x71FB342E, 0x29650FF2, -0x827AFE81, 0x22F1B113, 0x35ECA308, 0x0F7ECD51, 0xA614FF7A, 0x93F85C72, -0x97122FC2, 0xE3C3F370, 0x491C992F, 0x1568D143, 0x261BC2A3, 0x32B388CC, -0x7A6F8ACF, 0x069FB0E8, 0xF51E7A47, 0x79DAD2BB, 0x0821E695, 0xE55C4398, -0x3106D0B8, 0x7BAF11E3, 0x65537E41, 0x2B10CCAA, 0xE49CD8B4, 0xA7D46456, -0x3659FB7C, 0x2084724B, 0x4DF6EA9F, 0xAADF6A5F, 0xDFCE2DC1, 0x68587048, -0xF381CAAF, 0xD8910605, 0x4B695A77, 0x28A594DE, 0x104239DF, 0xC347813B, -0xCAA6FC82, 0xD2C523C8, 0x6CB203F8, 0xD59A080C, 0xAC40DAB7, 0x09E17DB9, -0x342C3824, 0x47A2CF52, 0x74D1DCB2, 0x5B2B63A8, 0x559535D5, 0x7511479E, -0xEBE215E5, 0x30C64B94, 0x14A84A6F, 0x9C869123, 0xCC394C6A, 0xFF4A5F8A, -0x904D0406, 0xDDBBEE99, 0x52CA1E11, 0xC418AAFF, 0x6998EB64, 0xFCFF07FE, -0x5E018B34, 0x0EBE567D, 0x9BD9BAE7, 0xC1324263, 0xDC7B75B5, 0x44179726, -0xCB6667AE, 0x0CCB9525, 0x9567EC9A, 0x2AD05786, 0x37996050, 0xD305B8E4, -0x83BA65AD, 0xAE3519EF, 0xC913A4F6, 0x4AA9C15B, 0x1BD6873E, 0x595EA0F0, -0x8A5B1814, 0x703BAF02, 0xE076AB04, 0x50BFDD49, 0x1863DF4A, 0xB656C6A5, -0x530A853D, 0x1237FA87, 0x94A777B6, 0x517F4665, 0xB109ED61, 0xE6E91BEC, -0x8525D545, 0x3B52F575, 0x413D7FBA, 0x428827CE, 0x4E43B2EB, 0xE997D6BD, -0x9EF3527B, 0x7F456253, 0xFBA02C3A, 0xD1707BBC, 0xF76BB91F, 0x171D121B, -0xEEC8FD79, 0x7CF03A27, 0x45D70C0A, 0x607996DD, 0xF6AB2233, 0x1C89ACFA, -0xBB5DC8AC, 0x7D30A10B, 0xA14BD4BE, 0x0B94BEE1, 0x0A5425CD, 0x4662547E, -0x1182A2F3, 0xA33E17E6, 0x66E62635, 0x0275C358, 0x8B9B8338, 0xBDC27844, -0x48DC0203, 0xA08B4F92, 0xB37C2E39, 0x84E54E69, 0x8F71F088, 0x3927362D, -0xFD3F9CD2, 0x246E01FB, 0x16DD8937, 0x00000000, 0x57E0F68D, 0x986CE293, -0xF815744E, 0xD45A9320, 0x38E7AD01, 0x5DB4D340, 0xC2871A17, 0x6A2DB310, -0xD62F5078, 0x1F3CF48E, 0xA5A1A70E, 0x4C3671B3, 0x25AE9AD7, 0xDB245E71, -0x8750161D, 0xF9D5EF62, 0x86908D31, 0x1A161C12, 0x81CFA6F5, 0x6F075B8C, -0x1D4937D6, 0x3A926E59, 0x776484C6, 0x3FB886C5, 0xCDF9D746, 0xD0B0E090, -0x4F8329C7, 0x40FDE496, 0x0D0B0E09, 0x56206DA1, 0xEA228EC9, 0x882EDB4C, -0x738EF776, 0xB2BCB515, 0x5FC11018, 0xA96A322B, 0x8EB16BA4, 0x5455AEF9, -0x89EE4060, 0xEF086655, 0x2144E967, 0xECBD3E21, 0xBE772030, 0xC7ADF28B, -0xE72980C0, 0xCF8C141E, 0x4348BCE2, 0xFE8AC4A6, 0xC5D831D3, 0xFA60B716, -0xBA9D5380, 0xC0F2D94F, 0x3E781DE9, 0x2E3A2436, 0xF4DEE16B, 0xD7EFCB54, -0xF1F409F7, 0xAFF582C3, 0xB9280BF4, 0xD9519D29, 0x9238C75E, 0x5AEBF884, -0xB8E890D8, 0x3C0DDEB1, 0x8D0433D0, 0xE203685C, 0xDAE4C55D, 0x589E3BDC, -0x9D460A0F, 0xC8D33FDA, 0x27DB598F, 0x8CC4A8FC, 0x99AC79BF, 0x724E6C5A, -0xA2FE8CCA, 0xB5E39ED1, 0x76A41FEA, 0x04EA73B0 }; - -const u32bit Square::TD3[256] = { -0x68BC02E3, 0x85620C55, 0x3F23312A, 0xAB13F761, 0xD46D7298, 0xCB9A1921, -0x22A4613C, 0x9D3DCD45, 0xFDB42305, 0xC4075F2B, 0x2C01C09B, 0xD9800F3D, -0x6C5C7448, 0x7F7E85F9, 0x73AB1FF1, 0xEDDE0EB6, 0x3C6BED28, 0x97781A49, -0x2A918D9F, 0x579F33C9, 0x07A8AAA9, 0x0DED7DA5, 0x422D8F7C, 0x4DB0C976, -0x91E8574D, 0xA963CCCE, 0xEE96D2B4, 0x28E1B630, 0xF161B90D, 0x196726BD, -0x9BAD8041, 0xA06EC7C0, 0x83F24151, 0xDBF03492, 0xA21EFC6F, 0x32CE4C8F, -0xE0337313, 0xA7C66D69, 0x6D6493E5, 0x1A2FFABF, 0x1CBFB7BB, 0x7403B558, -0x6E2C4FE7, 0x89B7965D, 0x9C052AE8, 0x6619A344, 0x2E71FB34, 0xF229650F, -0x81827AFE, 0x1322F1B1, 0x0835ECA3, 0x510F7ECD, 0x7AA614FF, 0x7293F85C, -0xC297122F, 0x70E3C3F3, 0x2F491C99, 0x431568D1, 0xA3261BC2, 0xCC32B388, -0xCF7A6F8A, 0xE8069FB0, 0x47F51E7A, 0xBB79DAD2, 0x950821E6, 0x98E55C43, -0xB83106D0, 0xE37BAF11, 0x4165537E, 0xAA2B10CC, 0xB4E49CD8, 0x56A7D464, -0x7C3659FB, 0x4B208472, 0x9F4DF6EA, 0x5FAADF6A, 0xC1DFCE2D, 0x48685870, -0xAFF381CA, 0x05D89106, 0x774B695A, 0xDE28A594, 0xDF104239, 0x3BC34781, -0x82CAA6FC, 0xC8D2C523, 0xF86CB203, 0x0CD59A08, 0xB7AC40DA, 0xB909E17D, -0x24342C38, 0x5247A2CF, 0xB274D1DC, 0xA85B2B63, 0xD5559535, 0x9E751147, -0xE5EBE215, 0x9430C64B, 0x6F14A84A, 0x239C8691, 0x6ACC394C, 0x8AFF4A5F, -0x06904D04, 0x99DDBBEE, 0x1152CA1E, 0xFFC418AA, 0x646998EB, 0xFEFCFF07, -0x345E018B, 0x7D0EBE56, 0xE79BD9BA, 0x63C13242, 0xB5DC7B75, 0x26441797, -0xAECB6667, 0x250CCB95, 0x9A9567EC, 0x862AD057, 0x50379960, 0xE4D305B8, -0xAD83BA65, 0xEFAE3519, 0xF6C913A4, 0x5B4AA9C1, 0x3E1BD687, 0xF0595EA0, -0x148A5B18, 0x02703BAF, 0x04E076AB, 0x4950BFDD, 0x4A1863DF, 0xA5B656C6, -0x3D530A85, 0x871237FA, 0xB694A777, 0x65517F46, 0x61B109ED, 0xECE6E91B, -0x458525D5, 0x753B52F5, 0xBA413D7F, 0xCE428827, 0xEB4E43B2, 0xBDE997D6, -0x7B9EF352, 0x537F4562, 0x3AFBA02C, 0xBCD1707B, 0x1FF76BB9, 0x1B171D12, -0x79EEC8FD, 0x277CF03A, 0x0A45D70C, 0xDD607996, 0x33F6AB22, 0xFA1C89AC, -0xACBB5DC8, 0x0B7D30A1, 0xBEA14BD4, 0xE10B94BE, 0xCD0A5425, 0x7E466254, -0xF31182A2, 0xE6A33E17, 0x3566E626, 0x580275C3, 0x388B9B83, 0x44BDC278, -0x0348DC02, 0x92A08B4F, 0x39B37C2E, 0x6984E54E, 0x888F71F0, 0x2D392736, -0xD2FD3F9C, 0xFB246E01, 0x3716DD89, 0x00000000, 0x8D57E0F6, 0x93986CE2, -0x4EF81574, 0x20D45A93, 0x0138E7AD, 0x405DB4D3, 0x17C2871A, 0x106A2DB3, -0x78D62F50, 0x8E1F3CF4, 0x0EA5A1A7, 0xB34C3671, 0xD725AE9A, 0x71DB245E, -0x1D875016, 0x62F9D5EF, 0x3186908D, 0x121A161C, 0xF581CFA6, 0x8C6F075B, -0xD61D4937, 0x593A926E, 0xC6776484, 0xC53FB886, 0x46CDF9D7, 0x90D0B0E0, -0xC74F8329, 0x9640FDE4, 0x090D0B0E, 0xA156206D, 0xC9EA228E, 0x4C882EDB, -0x76738EF7, 0x15B2BCB5, 0x185FC110, 0x2BA96A32, 0xA48EB16B, 0xF95455AE, -0x6089EE40, 0x55EF0866, 0x672144E9, 0x21ECBD3E, 0x30BE7720, 0x8BC7ADF2, -0xC0E72980, 0x1ECF8C14, 0xE24348BC, 0xA6FE8AC4, 0xD3C5D831, 0x16FA60B7, -0x80BA9D53, 0x4FC0F2D9, 0xE93E781D, 0x362E3A24, 0x6BF4DEE1, 0x54D7EFCB, -0xF7F1F409, 0xC3AFF582, 0xF4B9280B, 0x29D9519D, 0x5E9238C7, 0x845AEBF8, -0xD8B8E890, 0xB13C0DDE, 0xD08D0433, 0x5CE20368, 0x5DDAE4C5, 0xDC589E3B, -0x0F9D460A, 0xDAC8D33F, 0x8F27DB59, 0xFC8CC4A8, 0xBF99AC79, 0x5A724E6C, -0xCAA2FE8C, 0xD1B5E39E, 0xEA76A41F, 0xB004EA73 }; - -} diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp deleted file mode 100644 index 544f809fc..000000000 --- a/src/block/square/square.cpp +++ /dev/null @@ -1,221 +0,0 @@ -/* -* Square -* (C) 1999-2007 Jack Lloyd -* -* Based on the public domain reference implemenation -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/square.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -/* -* Square Encryption -*/ -void Square::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0, B1, B2, B3; - - B0 = TE0[in[ 0] ^ ME[ 0]] ^ TE1[in[ 4] ^ ME[ 4]] ^ - TE2[in[ 8] ^ ME[ 8]] ^ TE3[in[12] ^ ME[12]] ^ EK[0]; - B1 = TE0[in[ 1] ^ ME[ 1]] ^ TE1[in[ 5] ^ ME[ 5]] ^ - TE2[in[ 9] ^ ME[ 9]] ^ TE3[in[13] ^ ME[13]] ^ EK[1]; - B2 = TE0[in[ 2] ^ ME[ 2]] ^ TE1[in[ 6] ^ ME[ 6]] ^ - TE2[in[10] ^ ME[10]] ^ TE3[in[14] ^ ME[14]] ^ EK[2]; - B3 = TE0[in[ 3] ^ ME[ 3]] ^ TE1[in[ 7] ^ ME[ 7]] ^ - TE2[in[11] ^ ME[11]] ^ TE3[in[15] ^ ME[15]] ^ EK[3]; - - for(size_t j = 1; j != 7; j += 2) - { - u32bit T0, T1, T2, T3; - T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(0, B1)] ^ - TE2[get_byte(0, B2)] ^ TE3[get_byte(0, B3)] ^ EK[4*j+0]; - T1 = TE0[get_byte(1, B0)] ^ TE1[get_byte(1, B1)] ^ - TE2[get_byte(1, B2)] ^ TE3[get_byte(1, B3)] ^ EK[4*j+1]; - T2 = TE0[get_byte(2, B0)] ^ TE1[get_byte(2, B1)] ^ - TE2[get_byte(2, B2)] ^ TE3[get_byte(2, B3)] ^ EK[4*j+2]; - T3 = TE0[get_byte(3, B0)] ^ TE1[get_byte(3, B1)] ^ - TE2[get_byte(3, B2)] ^ TE3[get_byte(3, B3)] ^ EK[4*j+3]; - - B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(0, T1)] ^ - TE2[get_byte(0, T2)] ^ TE3[get_byte(0, T3)] ^ EK[4*j+4]; - B1 = TE0[get_byte(1, T0)] ^ TE1[get_byte(1, T1)] ^ - TE2[get_byte(1, T2)] ^ TE3[get_byte(1, T3)] ^ EK[4*j+5]; - B2 = TE0[get_byte(2, T0)] ^ TE1[get_byte(2, T1)] ^ - TE2[get_byte(2, T2)] ^ TE3[get_byte(2, T3)] ^ EK[4*j+6]; - B3 = TE0[get_byte(3, T0)] ^ TE1[get_byte(3, T1)] ^ - TE2[get_byte(3, T2)] ^ TE3[get_byte(3, T3)] ^ EK[4*j+7]; - } - - out[ 0] = SE[get_byte(0, B0)] ^ ME[16]; - out[ 1] = SE[get_byte(0, B1)] ^ ME[17]; - out[ 2] = SE[get_byte(0, B2)] ^ ME[18]; - out[ 3] = SE[get_byte(0, B3)] ^ ME[19]; - out[ 4] = SE[get_byte(1, B0)] ^ ME[20]; - out[ 5] = SE[get_byte(1, B1)] ^ ME[21]; - out[ 6] = SE[get_byte(1, B2)] ^ ME[22]; - out[ 7] = SE[get_byte(1, B3)] ^ ME[23]; - out[ 8] = SE[get_byte(2, B0)] ^ ME[24]; - out[ 9] = SE[get_byte(2, B1)] ^ ME[25]; - out[10] = SE[get_byte(2, B2)] ^ ME[26]; - out[11] = SE[get_byte(2, B3)] ^ ME[27]; - out[12] = SE[get_byte(3, B0)] ^ ME[28]; - out[13] = SE[get_byte(3, B1)] ^ ME[29]; - out[14] = SE[get_byte(3, B2)] ^ ME[30]; - out[15] = SE[get_byte(3, B3)] ^ ME[31]; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Square Decryption -*/ -void Square::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit B0, B1, B2, B3; - - B0 = TD0[in[ 0] ^ MD[ 0]] ^ TD1[in[ 4] ^ MD[ 4]] ^ - TD2[in[ 8] ^ MD[ 8]] ^ TD3[in[12] ^ MD[12]] ^ DK[0]; - B1 = TD0[in[ 1] ^ MD[ 1]] ^ TD1[in[ 5] ^ MD[ 5]] ^ - TD2[in[ 9] ^ MD[ 9]] ^ TD3[in[13] ^ MD[13]] ^ DK[1]; - B2 = TD0[in[ 2] ^ MD[ 2]] ^ TD1[in[ 6] ^ MD[ 6]] ^ - TD2[in[10] ^ MD[10]] ^ TD3[in[14] ^ MD[14]] ^ DK[2]; - B3 = TD0[in[ 3] ^ MD[ 3]] ^ TD1[in[ 7] ^ MD[ 7]] ^ - TD2[in[11] ^ MD[11]] ^ TD3[in[15] ^ MD[15]] ^ DK[3]; - - for(size_t j = 1; j != 7; j += 2) - { - u32bit T0, T1, T2, T3; - T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(0, B1)] ^ - TD2[get_byte(0, B2)] ^ TD3[get_byte(0, B3)] ^ DK[4*j+0]; - T1 = TD0[get_byte(1, B0)] ^ TD1[get_byte(1, B1)] ^ - TD2[get_byte(1, B2)] ^ TD3[get_byte(1, B3)] ^ DK[4*j+1]; - T2 = TD0[get_byte(2, B0)] ^ TD1[get_byte(2, B1)] ^ - TD2[get_byte(2, B2)] ^ TD3[get_byte(2, B3)] ^ DK[4*j+2]; - T3 = TD0[get_byte(3, B0)] ^ TD1[get_byte(3, B1)] ^ - TD2[get_byte(3, B2)] ^ TD3[get_byte(3, B3)] ^ DK[4*j+3]; - - B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(0, T1)] ^ - TD2[get_byte(0, T2)] ^ TD3[get_byte(0, T3)] ^ DK[4*j+4]; - B1 = TD0[get_byte(1, T0)] ^ TD1[get_byte(1, T1)] ^ - TD2[get_byte(1, T2)] ^ TD3[get_byte(1, T3)] ^ DK[4*j+5]; - B2 = TD0[get_byte(2, T0)] ^ TD1[get_byte(2, T1)] ^ - TD2[get_byte(2, T2)] ^ TD3[get_byte(2, T3)] ^ DK[4*j+6]; - B3 = TD0[get_byte(3, T0)] ^ TD1[get_byte(3, T1)] ^ - TD2[get_byte(3, T2)] ^ TD3[get_byte(3, T3)] ^ DK[4*j+7]; - } - - out[ 0] = SD[get_byte(0, B0)] ^ MD[16]; - out[ 1] = SD[get_byte(0, B1)] ^ MD[17]; - out[ 2] = SD[get_byte(0, B2)] ^ MD[18]; - out[ 3] = SD[get_byte(0, B3)] ^ MD[19]; - out[ 4] = SD[get_byte(1, B0)] ^ MD[20]; - out[ 5] = SD[get_byte(1, B1)] ^ MD[21]; - out[ 6] = SD[get_byte(1, B2)] ^ MD[22]; - out[ 7] = SD[get_byte(1, B3)] ^ MD[23]; - out[ 8] = SD[get_byte(2, B0)] ^ MD[24]; - out[ 9] = SD[get_byte(2, B1)] ^ MD[25]; - out[10] = SD[get_byte(2, B2)] ^ MD[26]; - out[11] = SD[get_byte(2, B3)] ^ MD[27]; - out[12] = SD[get_byte(3, B0)] ^ MD[28]; - out[13] = SD[get_byte(3, B1)] ^ MD[29]; - out[14] = SD[get_byte(3, B2)] ^ MD[30]; - out[15] = SD[get_byte(3, B3)] ^ MD[31]; - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Square Key Schedule -*/ -void Square::key_schedule(const byte key[], size_t) - { - secure_vector<u32bit> XEK(36), XDK(36); - - for(size_t i = 0; i != 4; ++i) - XEK[i] = load_be<u32bit>(key, i); - - for(size_t i = 0; i != 8; ++i) - { - XEK[4*i+4] = XEK[4*i ] ^ rotate_left(XEK[4*i+3], 8) ^ (0x01000000 << i); - XEK[4*i+5] = XEK[4*i+1] ^ XEK[4*i+4]; - XEK[4*i+6] = XEK[4*i+2] ^ XEK[4*i+5]; - XEK[4*i+7] = XEK[4*i+3] ^ XEK[4*i+6]; - - for(size_t j = 0; j != 4; ++j) - XDK[28 - 4*i + j] = XEK[4*(i+1)+j]; - - transform(&XEK[4*i]); - } - - EK.assign(&XEK[4], &XEK[36]); - DK.assign(&XDK[4], &XDK[36]); - - ME.resize(32); - MD.resize(32); - - for(size_t i = 0; i != 4; ++i) - for(size_t j = 0; j != 4; ++j) - { - ME[4*i+j ] = get_byte(j, XEK[i ]); - ME[4*i+j+16] = get_byte(j, XEK[i+32]); - MD[4*i+j ] = get_byte(j, XDK[i ]); - MD[4*i+j+16] = get_byte(j, XEK[i ]); - } - } - -/* -* Square's Inverse Linear Transformation -*/ -void Square::transform(u32bit round_key[4]) - { - static const byte G[4][4] = { - { 2, 1, 1, 3 }, - { 3, 2, 1, 1 }, - { 1, 3, 2, 1 }, - { 1, 1, 3, 2 } }; - - for(size_t i = 0; i != 4; ++i) - { - byte A[4] = { 0 }, B[4] = { 0 }; - - store_be(round_key[i], A); - - for(size_t j = 0; j != 4; ++j) - for(size_t k = 0; k != 4; ++k) - { - const byte a = A[k]; - const byte b = G[k][j]; - - if(a && b) - B[j] ^= ALog[(Log[a] + Log[b]) % 255]; - } - - round_key[i] = load_be<u32bit>(B, 0); - } - } - -/* -* Clear memory of sensitive data -*/ -void Square::clear() - { - zap(EK); - zap(DK); - zap(ME); - zap(MD); - } - -} diff --git a/src/block/square/square.h b/src/block/square/square.h deleted file mode 100644 index 618dbf6d9..000000000 --- a/src/block/square/square.h +++ /dev/null @@ -1,52 +0,0 @@ -/* -* Square -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_SQUARE_H__ -#define BOTAN_SQUARE_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Square -*/ -class BOTAN_DLL Square : public Block_Cipher_Fixed_Params<16, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Square"; } - BlockCipher* clone() const { return new Square; } - private: - void key_schedule(const byte[], size_t); - - static void transform(u32bit[4]); - - static const byte SE[256]; - static const byte SD[256]; - static const byte Log[256]; - static const byte ALog[255]; - - static const u32bit TE0[256]; - static const u32bit TE1[256]; - static const u32bit TE2[256]; - static const u32bit TE3[256]; - static const u32bit TD0[256]; - static const u32bit TD1[256]; - static const u32bit TD2[256]; - static const u32bit TD3[256]; - - secure_vector<u32bit> EK, DK; - secure_vector<byte> ME, MD; - }; - -} - -#endif diff --git a/src/block/tea/info.txt b/src/block/tea/info.txt deleted file mode 100644 index 14edfdb03..000000000 --- a/src/block/tea/info.txt +++ /dev/null @@ -1 +0,0 @@ -define TEA 20131128 diff --git a/src/block/tea/tea.cpp b/src/block/tea/tea.cpp deleted file mode 100644 index 2accab700..000000000 --- a/src/block/tea/tea.cpp +++ /dev/null @@ -1,78 +0,0 @@ -/* -* TEA -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/tea.h> -#include <botan/loadstor.h> - -namespace Botan { - -/* -* TEA Encryption -*/ -void TEA::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - u32bit S = 0; - for(size_t j = 0; j != 32; ++j) - { - S += 0x9E3779B9; - L += ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]); - R += ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]); - } - - store_be(out, L, R); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* TEA Decryption -*/ -void TEA::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - u32bit S = 0xC6EF3720; - for(size_t j = 0; j != 32; ++j) - { - R -= ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]); - L -= ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]); - S -= 0x9E3779B9; - } - - store_be(out, L, R); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* TEA Key Schedule -*/ -void TEA::key_schedule(const byte key[], size_t) - { - K.resize(4); - for(size_t i = 0; i != 4; ++i) - K[i] = load_be<u32bit>(key, i); - } - -void TEA::clear() - { - zap(K); - } - -} diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h deleted file mode 100644 index 0d203975e..000000000 --- a/src/block/tea/tea.h +++ /dev/null @@ -1,34 +0,0 @@ -/* -* TEA -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_TEA_H__ -#define BOTAN_TEA_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* TEA -*/ -class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "TEA"; } - BlockCipher* clone() const { return new TEA; } - private: - void key_schedule(const byte[], size_t); - secure_vector<u32bit> K; - }; - -} - -#endif diff --git a/src/block/threefish/info.txt b/src/block/threefish/info.txt deleted file mode 100644 index 15843cdd3..000000000 --- a/src/block/threefish/info.txt +++ /dev/null @@ -1 +0,0 @@ -define THREEFISH_512 20131224 diff --git a/src/block/threefish/threefish.cpp b/src/block/threefish/threefish.cpp deleted file mode 100644 index 587a76a12..000000000 --- a/src/block/threefish/threefish.cpp +++ /dev/null @@ -1,205 +0,0 @@ -/* -* Threefish-512 -* (C) 2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/threefish.h> -#include <botan/rotate.h> -#include <botan/loadstor.h> - -namespace Botan { - -void Threefish_512::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - BOTAN_ASSERT(m_K.size() == 9, "Key was set"); - BOTAN_ASSERT(m_T.size() == 3, "Tweak was set"); - -#define THREEFISH_ROUND(X0,X1,X2,X3,X4,X5,X6,X7,ROT1,ROT2,ROT3,ROT4) \ - do { \ - X0 += X4; \ - X1 += X5; \ - X2 += X6; \ - X3 += X7; \ - X4 = rotate_left(X4, ROT1); \ - X5 = rotate_left(X5, ROT2); \ - X6 = rotate_left(X6, ROT3); \ - X7 = rotate_left(X7, ROT4); \ - X4 ^= X0; \ - X5 ^= X1; \ - X6 ^= X2; \ - X7 ^= X3; \ - } while(0) - -#define THREEFISH_INJECT_KEY(r) \ - do { \ - X0 += m_K[(r ) % 9]; \ - X1 += m_K[(r+1) % 9]; \ - X2 += m_K[(r+2) % 9]; \ - X3 += m_K[(r+3) % 9]; \ - X4 += m_K[(r+4) % 9]; \ - X5 += m_K[(r+5) % 9] + m_T[(r ) % 3]; \ - X6 += m_K[(r+6) % 9] + m_T[(r+1) % 3]; \ - X7 += m_K[(r+7) % 9] + (r); \ - } while(0) - -#define THREEFISH_ENC_8_ROUNDS(R1,R2) \ - do { \ - THREEFISH_ROUND(X0,X2,X4,X6, X1,X3,X5,X7, 46,36,19,37); \ - THREEFISH_ROUND(X2,X4,X6,X0, X1,X7,X5,X3, 33,27,14,42); \ - THREEFISH_ROUND(X4,X6,X0,X2, X1,X3,X5,X7, 17,49,36,39); \ - THREEFISH_ROUND(X6,X0,X2,X4, X1,X7,X5,X3, 44, 9,54,56); \ - THREEFISH_INJECT_KEY(R1); \ - \ - THREEFISH_ROUND(X0,X2,X4,X6, X1,X3,X5,X7, 39,30,34,24); \ - THREEFISH_ROUND(X2,X4,X6,X0, X1,X7,X5,X3, 13,50,10,17); \ - THREEFISH_ROUND(X4,X6,X0,X2, X1,X3,X5,X7, 25,29,39,43); \ - THREEFISH_ROUND(X6,X0,X2,X4, X1,X7,X5,X3, 8,35,56,22); \ - THREEFISH_INJECT_KEY(R2); \ - } while(0) - - for(size_t i = 0; i != blocks; ++i) - { - u64bit X0 = load_le<u64bit>(in, 0); - u64bit X1 = load_le<u64bit>(in, 1); - u64bit X2 = load_le<u64bit>(in, 2); - u64bit X3 = load_le<u64bit>(in, 3); - u64bit X4 = load_le<u64bit>(in, 4); - u64bit X5 = load_le<u64bit>(in, 5); - u64bit X6 = load_le<u64bit>(in, 6); - u64bit X7 = load_le<u64bit>(in, 7); - - THREEFISH_INJECT_KEY(0); - - THREEFISH_ENC_8_ROUNDS(1,2); - THREEFISH_ENC_8_ROUNDS(3,4); - THREEFISH_ENC_8_ROUNDS(5,6); - THREEFISH_ENC_8_ROUNDS(7,8); - THREEFISH_ENC_8_ROUNDS(9,10); - THREEFISH_ENC_8_ROUNDS(11,12); - THREEFISH_ENC_8_ROUNDS(13,14); - THREEFISH_ENC_8_ROUNDS(15,16); - THREEFISH_ENC_8_ROUNDS(17,18); - - store_le(out, X0, X1, X2, X3, X4, X5, X6, X7); - - in += 64; - out += 64; - } - -#undef THREEFISH_ENC_8_ROUNDS -#undef THREEFISH_INJECT_KEY -#undef THREEFISH_ROUND - } - -void Threefish_512::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - BOTAN_ASSERT(m_K.size() == 9, "Key was set"); - BOTAN_ASSERT(m_T.size() == 3, "Tweak was set"); - -#define THREEFISH_ROUND(X0,X1,X2,X3,X4,X5,X6,X7,ROT1,ROT2,ROT3,ROT4) \ - do { \ - X4 ^= X0; \ - X5 ^= X1; \ - X6 ^= X2; \ - X7 ^= X3; \ - X4 = rotate_right(X4, ROT1); \ - X5 = rotate_right(X5, ROT2); \ - X6 = rotate_right(X6, ROT3); \ - X7 = rotate_right(X7, ROT4); \ - X0 -= X4; \ - X1 -= X5; \ - X2 -= X6; \ - X3 -= X7; \ - } while(0) - -#define THREEFISH_INJECT_KEY(r) \ - do { \ - X0 -= m_K[(r ) % 9]; \ - X1 -= m_K[(r+1) % 9]; \ - X2 -= m_K[(r+2) % 9]; \ - X3 -= m_K[(r+3) % 9]; \ - X4 -= m_K[(r+4) % 9]; \ - X5 -= m_K[(r+5) % 9] + m_T[(r ) % 3]; \ - X6 -= m_K[(r+6) % 9] + m_T[(r+1) % 3]; \ - X7 -= m_K[(r+7) % 9] + (r); \ - } while(0) - -#define THREEFISH_DEC_8_ROUNDS(R1,R2) \ - do { \ - THREEFISH_ROUND(X6,X0,X2,X4, X1,X7,X5,X3, 8,35,56,22); \ - THREEFISH_ROUND(X4,X6,X0,X2, X1,X3,X5,X7, 25,29,39,43); \ - THREEFISH_ROUND(X2,X4,X6,X0, X1,X7,X5,X3, 13,50,10,17); \ - THREEFISH_ROUND(X0,X2,X4,X6, X1,X3,X5,X7, 39,30,34,24); \ - THREEFISH_INJECT_KEY(R1); \ - \ - THREEFISH_ROUND(X6,X0,X2,X4, X1,X7,X5,X3, 44, 9,54,56); \ - THREEFISH_ROUND(X4,X6,X0,X2, X1,X3,X5,X7, 17,49,36,39); \ - THREEFISH_ROUND(X2,X4,X6,X0, X1,X7,X5,X3, 33,27,14,42); \ - THREEFISH_ROUND(X0,X2,X4,X6, X1,X3,X5,X7, 46,36,19,37); \ - THREEFISH_INJECT_KEY(R2); \ - } while(0) - - for(size_t i = 0; i != blocks; ++i) - { - u64bit X0 = load_le<u64bit>(in, 0); - u64bit X1 = load_le<u64bit>(in, 1); - u64bit X2 = load_le<u64bit>(in, 2); - u64bit X3 = load_le<u64bit>(in, 3); - u64bit X4 = load_le<u64bit>(in, 4); - u64bit X5 = load_le<u64bit>(in, 5); - u64bit X6 = load_le<u64bit>(in, 6); - u64bit X7 = load_le<u64bit>(in, 7); - - THREEFISH_INJECT_KEY(18); - - THREEFISH_DEC_8_ROUNDS(17,16); - THREEFISH_DEC_8_ROUNDS(15,14); - THREEFISH_DEC_8_ROUNDS(13,12); - THREEFISH_DEC_8_ROUNDS(11,10); - THREEFISH_DEC_8_ROUNDS(9,8); - THREEFISH_DEC_8_ROUNDS(7,6); - THREEFISH_DEC_8_ROUNDS(5,4); - THREEFISH_DEC_8_ROUNDS(3,2); - THREEFISH_DEC_8_ROUNDS(1,0); - - store_le(out, X0, X1, X2, X3, X4, X5, X6, X7); - - in += 64; - out += 64; - } - -#undef THREEFISH_DEC_8_ROUNDS -#undef THREEFISH_INJECT_KEY -#undef THREEFISH_ROUND - } - -void Threefish_512::set_tweak(const byte tweak[], size_t len) - { - if(len != 16) - throw std::runtime_error("Unsupported twofish tweak length"); - m_T[0] = load_le<u64bit>(tweak, 0); - m_T[1] = load_le<u64bit>(tweak, 1); - m_T[2] = m_T[0] ^ m_T[1]; - } - -void Threefish_512::key_schedule(const byte key[], size_t) - { - // todo: define key schedule for smaller keys - m_K.resize(9); - - for(size_t i = 0; i != 8; ++i) - m_K[i] = load_le<u64bit>(key, i); - - m_K[8] = m_K[0] ^ m_K[1] ^ m_K[2] ^ m_K[3] ^ - m_K[4] ^ m_K[5] ^ m_K[6] ^ m_K[7] ^ 0x1BD11BDAA9FC1A22; - } - -void Threefish_512::clear() - { - zeroise(m_K); - zeroise(m_T); - } - -} diff --git a/src/block/threefish/threefish.h b/src/block/threefish/threefish.h deleted file mode 100644 index 327e54843..000000000 --- a/src/block/threefish/threefish.h +++ /dev/null @@ -1,43 +0,0 @@ -/* -* Threefish -* (C) 2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_THREEFISH_H__ -#define BOTAN_THREEFISH_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Threefish-512 -*/ -class BOTAN_DLL Threefish_512 : public Block_Cipher_Fixed_Params<64, 64> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const override; - void decrypt_n(const byte in[], byte out[], size_t blocks) const override; - - void set_tweak(const byte tweak[], size_t len); - - void clear() override; - std::string name() const override { return "Threefish-512"; } - BlockCipher* clone() const override { return new Threefish_512; } - - Threefish_512() : m_T(3) {} - protected: - const secure_vector<u64bit>& get_T() const { return m_T; } - const secure_vector<u64bit>& get_K() const { return m_K; } - private: - void key_schedule(const byte key[], size_t key_len) override; - - secure_vector<u64bit> m_T; - secure_vector<u64bit> m_K; - }; - -} - -#endif diff --git a/src/block/threefish_avx2/info.txt b/src/block/threefish_avx2/info.txt deleted file mode 100644 index 3f62629b9..000000000 --- a/src/block/threefish_avx2/info.txt +++ /dev/null @@ -1,3 +0,0 @@ -define THREEFISH_512_AVX2 20131224 - -need_isa avx2 diff --git a/src/block/threefish_avx2/threefish_avx2.cpp b/src/block/threefish_avx2/threefish_avx2.cpp deleted file mode 100644 index 9fad9bdcc..000000000 --- a/src/block/threefish_avx2/threefish_avx2.cpp +++ /dev/null @@ -1,341 +0,0 @@ -/* -* Threefish-512 -* (C) 2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/threefish_avx2.h> -#include <immintrin.h> - -namespace Botan { - -namespace { - -inline void interleave_epi64(__m256i& X0, __m256i& X1) - { - // interleave X0 and X1 qwords - // (X0,X1,X2,X3),(X4,X5,X6,X7) -> (X0,X2,X4,X6),(X1,X3,X5,X7) - - const __m256i T0 = _mm256_unpacklo_epi64(X0, X1); - const __m256i T1 = _mm256_unpackhi_epi64(X0, X1); - - X0 = _mm256_permute4x64_epi64(T0, _MM_SHUFFLE(3,1,2,0)); - X1 = _mm256_permute4x64_epi64(T1, _MM_SHUFFLE(3,1,2,0)); - } - -inline void deinterleave_epi64(__m256i& X0, __m256i& X1) - { - const __m256i T0 = _mm256_permute4x64_epi64(X0, _MM_SHUFFLE(3,1,2,0)); - const __m256i T1 = _mm256_permute4x64_epi64(X1, _MM_SHUFFLE(3,1,2,0)); - - X0 = _mm256_unpacklo_epi64(T0, T1); - X1 = _mm256_unpackhi_epi64(T0, T1); - } - -} - -void Threefish_512_AVX2::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u64bit* K = &get_K()[0]; - const u64bit* T_64 = &get_T()[0]; - - const __m256i ROTATE_1 = _mm256_set_epi64x(37,19,36,46); - const __m256i ROTATE_2 = _mm256_set_epi64x(42,14,27,33); - const __m256i ROTATE_3 = _mm256_set_epi64x(39,36,49,17); - const __m256i ROTATE_4 = _mm256_set_epi64x(56,54, 9,44); - const __m256i ROTATE_5 = _mm256_set_epi64x(24,34,30,39); - const __m256i ROTATE_6 = _mm256_set_epi64x(17,10,50,13); - const __m256i ROTATE_7 = _mm256_set_epi64x(43,39,29,25); - const __m256i ROTATE_8 = _mm256_set_epi64x(22,56,35, 8); - -#define THREEFISH_ROUND(X0, X1, SHL) \ - do { \ - const __m256i SHR = _mm256_sub_epi64(_mm256_set1_epi64x(64), SHL); \ - X0 = _mm256_add_epi64(X0, X1); \ - X1 = _mm256_or_si256(_mm256_sllv_epi64(X1, SHL), _mm256_srlv_epi64(X1, SHR)); \ - X1 = _mm256_xor_si256(X1, X0); \ - X0 = _mm256_permute4x64_epi64(X0, _MM_SHUFFLE(0, 3, 2, 1)); \ - X1 = _mm256_permute4x64_epi64(X1, _MM_SHUFFLE(1, 2, 3, 0)); \ - } while(0) - -#define THREEFISH_ROUND_2(X0, X1, X2, X3, SHL) \ - do { \ - const __m256i SHR = _mm256_sub_epi64(_mm256_set1_epi64x(64), SHL); \ - X0 = _mm256_add_epi64(X0, X1); \ - X2 = _mm256_add_epi64(X2, X3); \ - X1 = _mm256_or_si256(_mm256_sllv_epi64(X1, SHL), _mm256_srlv_epi64(X1, SHR)); \ - X3 = _mm256_or_si256(_mm256_sllv_epi64(X3, SHL), _mm256_srlv_epi64(X3, SHR)); \ - X1 = _mm256_xor_si256(X1, X0); \ - X3 = _mm256_xor_si256(X3, X2); \ - X0 = _mm256_permute4x64_epi64(X0, _MM_SHUFFLE(0, 3, 2, 1)); \ - X2 = _mm256_permute4x64_epi64(X2, _MM_SHUFFLE(0, 3, 2, 1)); \ - X1 = _mm256_permute4x64_epi64(X1, _MM_SHUFFLE(1, 2, 3, 0)); \ - X3 = _mm256_permute4x64_epi64(X3, _MM_SHUFFLE(1, 2, 3, 0)); \ - } while(0) - -#define THREEFISH_INJECT_KEY(X0, X1, R, K0, K1, T0I, T1I) \ - do { \ - const __m256i T0 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(T0I, 0, 0, 0)); \ - const __m256i T1 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(0, T1I, 0, 0)); \ - X0 = _mm256_add_epi64(X0, K0); \ - X1 = _mm256_add_epi64(X1, K1); \ - X1 = _mm256_add_epi64(X1, R); \ - X0 = _mm256_add_epi64(X0, T0); \ - X1 = _mm256_add_epi64(X1, T1); \ - R = _mm256_add_epi64(R, ONE); \ - } while(0) - -#define THREEFISH_INJECT_KEY_2(X0, X1, X2, X3, R, K0, K1, T0I, T1I) \ - do { \ - const __m256i T0 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(T0I, 0, 0, 0)); \ - __m256i T1 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(0, T1I, 0, 0)); \ - X0 = _mm256_add_epi64(X0, K0); \ - X2 = _mm256_add_epi64(X2, K0); \ - X1 = _mm256_add_epi64(X1, K1); \ - X3 = _mm256_add_epi64(X3, K1); \ - T1 = _mm256_add_epi64(T1, R); \ - X0 = _mm256_add_epi64(X0, T0); \ - X2 = _mm256_add_epi64(X2, T0); \ - X1 = _mm256_add_epi64(X1, T1); \ - X3 = _mm256_add_epi64(X3, T1); \ - R = _mm256_add_epi64(R, ONE); \ - } while(0) - -#define THREEFISH_ENC_8_ROUNDS(X0, X1, R, K1, K2, K3, T0, T1, T2) \ - do { \ - THREEFISH_ROUND(X0, X1, ROTATE_1); \ - THREEFISH_ROUND(X0, X1, ROTATE_2); \ - THREEFISH_ROUND(X0, X1, ROTATE_3); \ - THREEFISH_ROUND(X0, X1, ROTATE_4); \ - THREEFISH_INJECT_KEY(X0, X1, R, K1, K2, T0, T1); \ - \ - THREEFISH_ROUND(X0, X1, ROTATE_5); \ - THREEFISH_ROUND(X0, X1, ROTATE_6); \ - THREEFISH_ROUND(X0, X1, ROTATE_7); \ - THREEFISH_ROUND(X0, X1, ROTATE_8); \ - THREEFISH_INJECT_KEY(X0, X1, R, K2, K3, T2, T0); \ - } while(0) - -#define THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K1, K2, K3, T0, T1, T2) \ - do { \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_1); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_2); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_3); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_4); \ - THREEFISH_INJECT_KEY_2(X0, X1, X2, X3, R, K1, K2, T0, T1); \ - \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_5); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_6); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_7); \ - THREEFISH_ROUND_2(X0, X1, X2, X3, ROTATE_8); \ - THREEFISH_INJECT_KEY_2(X0, X1, X2, X3, R, K2, K3, T2, T0); \ - } while(0) - - /* - v1.0 key schedule: 9 ymm registers (only need 2 or 3) - (0,1,2,3),(4,5,6,7) [8] - then mutating with vpermq - */ - const __m256i K0 = _mm256_set_epi64x(K[6], K[4], K[2], K[0]); - const __m256i K1 = _mm256_set_epi64x(K[7], K[5], K[3], K[1]); - const __m256i K2 = _mm256_set_epi64x(K[8], K[6], K[4], K[2]); - const __m256i K3 = _mm256_set_epi64x(K[0], K[7], K[5], K[3]); - const __m256i K4 = _mm256_set_epi64x(K[1], K[8], K[6], K[4]); - const __m256i K5 = _mm256_set_epi64x(K[2], K[0], K[7], K[5]); - const __m256i K6 = _mm256_set_epi64x(K[3], K[1], K[8], K[6]); - const __m256i K7 = _mm256_set_epi64x(K[4], K[2], K[0], K[7]); - const __m256i K8 = _mm256_set_epi64x(K[5], K[3], K[1], K[8]); - - const __m256i ONE = _mm256_set_epi64x(1, 0, 0, 0); - - const __m256i* in_mm = reinterpret_cast<const __m256i*>(in); - __m256i* out_mm = reinterpret_cast<__m256i*>(out); - - while(blocks >= 2) - { - __m256i X0 = _mm256_loadu_si256(in_mm++); - __m256i X1 = _mm256_loadu_si256(in_mm++); - __m256i X2 = _mm256_loadu_si256(in_mm++); - __m256i X3 = _mm256_loadu_si256(in_mm++); - - const __m256i T = _mm256_set_epi64x(T_64[0], T_64[1], T_64[2], 0); - - __m256i R = _mm256_set_epi64x(0, 0, 0, 0); - - interleave_epi64(X0, X1); - interleave_epi64(X2, X3); - - THREEFISH_INJECT_KEY_2(X0, X1, X2, X3, R, K0, K1, 2, 3); - - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K1,K2,K3, 1, 2, 3); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K3,K4,K5, 2, 3, 1); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K5,K6,K7, 3, 1, 2); - - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K7,K8,K0, 1, 2, 3); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K0,K1,K2, 2, 3, 1); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K2,K3,K4, 3, 1, 2); - - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K4,K5,K6, 1, 2, 3); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K6,K7,K8, 2, 3, 1); - THREEFISH_ENC_2_8_ROUNDS(X0, X1, X2, X3, R, K8,K0,K1, 3, 1, 2); - - deinterleave_epi64(X0, X1); - deinterleave_epi64(X2, X3); - - _mm256_storeu_si256(out_mm++, X0); - _mm256_storeu_si256(out_mm++, X1); - _mm256_storeu_si256(out_mm++, X2); - _mm256_storeu_si256(out_mm++, X3); - - blocks -= 2; - } - - for(size_t i = 0; i != blocks; ++i) - { - __m256i X0 = _mm256_loadu_si256(in_mm++); - __m256i X1 = _mm256_loadu_si256(in_mm++); - - const __m256i T = _mm256_set_epi64x(T_64[0], T_64[1], T_64[2], 0); - - __m256i R = _mm256_set_epi64x(0, 0, 0, 0); - - interleave_epi64(X0, X1); - - THREEFISH_INJECT_KEY(X0, X1, R, K0, K1, 2, 3); - - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K1,K2,K3, 1, 2, 3); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K3,K4,K5, 2, 3, 1); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K5,K6,K7, 3, 1, 2); - - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K7,K8,K0, 1, 2, 3); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K0,K1,K2, 2, 3, 1); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K2,K3,K4, 3, 1, 2); - - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K4,K5,K6, 1, 2, 3); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K6,K7,K8, 2, 3, 1); - THREEFISH_ENC_8_ROUNDS(X0, X1, R, K8,K0,K1, 3, 1, 2); - - deinterleave_epi64(X0, X1); - - _mm256_storeu_si256(out_mm++, X0); - _mm256_storeu_si256(out_mm++, X1); - } - -#undef THREEFISH_ENC_8_ROUNDS -#undef THREEFISH_ROUND -#undef THREEFISH_INJECT_KEY -#undef THREEFISH_ENC_2_8_ROUNDS -#undef THREEFISH_ROUND_2 -#undef THREEFISH_INJECT_KEY_2 - } - -void Threefish_512_AVX2::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u64bit* K = &get_K()[0]; - const u64bit* T_64 = &get_T()[0]; - - const __m256i ROTATE_1 = _mm256_set_epi64x(37,19,36,46); - const __m256i ROTATE_2 = _mm256_set_epi64x(42,14,27,33); - const __m256i ROTATE_3 = _mm256_set_epi64x(39,36,49,17); - const __m256i ROTATE_4 = _mm256_set_epi64x(56,54, 9,44); - const __m256i ROTATE_5 = _mm256_set_epi64x(24,34,30,39); - const __m256i ROTATE_6 = _mm256_set_epi64x(17,10,50,13); - const __m256i ROTATE_7 = _mm256_set_epi64x(43,39,29,25); - const __m256i ROTATE_8 = _mm256_set_epi64x(22,56,35, 8); - -#define THREEFISH_ROUND(X0, X1, SHR) \ - do { \ - const __m256i SHL = _mm256_sub_epi64(_mm256_set1_epi64x(64), SHR); \ - X0 = _mm256_permute4x64_epi64(X0, _MM_SHUFFLE(2, 1, 0, 3)); \ - X1 = _mm256_permute4x64_epi64(X1, _MM_SHUFFLE(1, 2, 3, 0)); \ - X1 = _mm256_xor_si256(X1, X0); \ - X1 = _mm256_or_si256(_mm256_sllv_epi64(X1, SHL), _mm256_srlv_epi64(X1, SHR)); \ - X0 = _mm256_sub_epi64(X0, X1); \ - } while(0) - -#define THREEFISH_INJECT_KEY(X0, X1, R, K0, K1, T0I, T1I) \ - do { \ - const __m256i T0 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(T0I, 0, 0, 0)); \ - const __m256i T1 = _mm256_permute4x64_epi64(T, _MM_SHUFFLE(0, T1I, 0, 0)); \ - X0 = _mm256_sub_epi64(X0, K0); \ - X1 = _mm256_sub_epi64(X1, K1); \ - X1 = _mm256_sub_epi64(X1, R); \ - R = _mm256_sub_epi64(R, ONE); \ - X0 = _mm256_sub_epi64(X0, T0); \ - X1 = _mm256_sub_epi64(X1, T1); \ - } while(0) - -#define THREEFISH_DEC_8_ROUNDS(X0, X1, R, K1, K2, K3, T0, T1, T2) \ - do { \ - THREEFISH_INJECT_KEY(X0, X1, R, K2, K3, T2, T0); \ - THREEFISH_ROUND(X0, X1, ROTATE_8); \ - THREEFISH_ROUND(X0, X1, ROTATE_7); \ - THREEFISH_ROUND(X0, X1, ROTATE_6); \ - THREEFISH_ROUND(X0, X1, ROTATE_5); \ - \ - THREEFISH_INJECT_KEY(X0, X1, R, K1, K2, T0, T1); \ - THREEFISH_ROUND(X0, X1, ROTATE_4); \ - THREEFISH_ROUND(X0, X1, ROTATE_3); \ - THREEFISH_ROUND(X0, X1, ROTATE_2); \ - THREEFISH_ROUND(X0, X1, ROTATE_1); \ - } while(0) - - /* - v1.0 key schedule: 9 ymm registers (only need 2 or 3) - (0,1,2,3),(4,5,6,7) [8] - then mutating with vpermq - */ - const __m256i K0 = _mm256_set_epi64x(K[6], K[4], K[2], K[0]); - const __m256i K1 = _mm256_set_epi64x(K[7], K[5], K[3], K[1]); - const __m256i K2 = _mm256_set_epi64x(K[8], K[6], K[4], K[2]); - const __m256i K3 = _mm256_set_epi64x(K[0], K[7], K[5], K[3]); - const __m256i K4 = _mm256_set_epi64x(K[1], K[8], K[6], K[4]); - const __m256i K5 = _mm256_set_epi64x(K[2], K[0], K[7], K[5]); - const __m256i K6 = _mm256_set_epi64x(K[3], K[1], K[8], K[6]); - const __m256i K7 = _mm256_set_epi64x(K[4], K[2], K[0], K[7]); - const __m256i K8 = _mm256_set_epi64x(K[5], K[3], K[1], K[8]); - - const __m256i ONE = _mm256_set_epi64x(1, 0, 0, 0); - - const __m256i* in_mm = reinterpret_cast<const __m256i*>(in); - __m256i* out_mm = reinterpret_cast<__m256i*>(out); - - for(size_t i = 0; i != blocks; ++i) - { - __m256i X0 = _mm256_loadu_si256(in_mm++); - __m256i X1 = _mm256_loadu_si256(in_mm++); - - const __m256i T = _mm256_set_epi64x(T_64[0], T_64[1], T_64[2], 0); - - __m256i R = _mm256_set_epi64x(18, 0, 0, 0); - - interleave_epi64(X0, X1); - - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K8,K0,K1, 3, 1, 2); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K6,K7,K8, 2, 3, 1); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K4,K5,K6, 1, 2, 3); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K2,K3,K4, 3, 1, 2); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K0,K1,K2, 2, 3, 1); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K7,K8,K0, 1, 2, 3); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K5,K6,K7, 3, 1, 2); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K3,K4,K5, 2, 3, 1); - THREEFISH_DEC_8_ROUNDS(X0, X1, R, K1,K2,K3, 1, 2, 3); - - THREEFISH_INJECT_KEY(X0, X1, R, K0, K1, 2, 3); - - deinterleave_epi64(X0, X1); - - _mm256_storeu_si256(out_mm++, X0); - _mm256_storeu_si256(out_mm++, X1); - } - -#undef THREEFISH_DEC_8_ROUNDS -#undef THREEFISH_ROUND -#undef THREEFISH_INJECT_KEY -#undef THREEFISH_DEC_2_8_ROUNDS -#undef THREEFISH_ROUND_2 -#undef THREEFISH_INJECT_KEY_2 - } - -} diff --git a/src/block/threefish_avx2/threefish_avx2.h b/src/block/threefish_avx2/threefish_avx2.h deleted file mode 100644 index ed0da00d6..000000000 --- a/src/block/threefish_avx2/threefish_avx2.h +++ /dev/null @@ -1,28 +0,0 @@ -/* -* Threefish-512 in AVX2 -* (C) 2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_THREEFISH_AVX2_H__ -#define BOTAN_THREEFISH_AVX2_H__ - -#include <botan/threefish.h> - -namespace Botan { - -/** -* Threefish-512 -*/ -class BOTAN_DLL Threefish_512_AVX2 : public Threefish_512 - { - private: - void encrypt_n(const byte in[], byte out[], size_t blocks) const override; - void decrypt_n(const byte in[], byte out[], size_t blocks) const override; - BlockCipher* clone() const override { return new Threefish_512_AVX2; } - }; - -} - -#endif diff --git a/src/block/twofish/info.txt b/src/block/twofish/info.txt deleted file mode 100644 index c4351db59..000000000 --- a/src/block/twofish/info.txt +++ /dev/null @@ -1 +0,0 @@ -define TWOFISH 20131128 diff --git a/src/block/twofish/two_tab.cpp b/src/block/twofish/two_tab.cpp deleted file mode 100644 index 19ba58de6..000000000 --- a/src/block/twofish/two_tab.cpp +++ /dev/null @@ -1,293 +0,0 @@ -/* -* S-Box and MDS Tables for Twofish -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/twofish.h> - -namespace Botan { - -const byte Twofish::Q0[256] = { - 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, - 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, - 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30, - 0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, - 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE, - 0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, - 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45, - 0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, - 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF, - 0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, - 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED, - 0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, - 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B, - 0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, - 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F, - 0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, - 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17, - 0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, - 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68, - 0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, - 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42, - 0x4A, 0x5E, 0xC1, 0xE0 }; - -const byte Twofish::Q1[256] = { - 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, - 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, - 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B, - 0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, - 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54, - 0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, - 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7, - 0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, - 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF, - 0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, - 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D, - 0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, - 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21, - 0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, - 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E, - 0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, - 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44, - 0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, - 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B, - 0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, - 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56, - 0x55, 0x09, 0xBE, 0x91 }; - -const byte Twofish::RS[32] = { - 0x01, 0xA4, 0x02, 0xA4, 0xA4, 0x56, 0xA1, 0x55, 0x55, 0x82, 0xFC, 0x87, - 0x87, 0xF3, 0xC1, 0x5A, 0x5A, 0x1E, 0x47, 0x58, 0x58, 0xC6, 0xAE, 0xDB, - 0xDB, 0x68, 0x3D, 0x9E, 0x9E, 0xE5, 0x19, 0x03 }; - -const byte Twofish::EXP_TO_POLY[255] = { - 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x4D, 0x9A, 0x79, 0xF2, - 0xA9, 0x1F, 0x3E, 0x7C, 0xF8, 0xBD, 0x37, 0x6E, 0xDC, 0xF5, 0xA7, 0x03, - 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0xCD, 0xD7, 0xE3, 0x8B, 0x5B, 0xB6, - 0x21, 0x42, 0x84, 0x45, 0x8A, 0x59, 0xB2, 0x29, 0x52, 0xA4, 0x05, 0x0A, - 0x14, 0x28, 0x50, 0xA0, 0x0D, 0x1A, 0x34, 0x68, 0xD0, 0xED, 0x97, 0x63, - 0xC6, 0xC1, 0xCF, 0xD3, 0xEB, 0x9B, 0x7B, 0xF6, 0xA1, 0x0F, 0x1E, 0x3C, - 0x78, 0xF0, 0xAD, 0x17, 0x2E, 0x5C, 0xB8, 0x3D, 0x7A, 0xF4, 0xA5, 0x07, - 0x0E, 0x1C, 0x38, 0x70, 0xE0, 0x8D, 0x57, 0xAE, 0x11, 0x22, 0x44, 0x88, - 0x5D, 0xBA, 0x39, 0x72, 0xE4, 0x85, 0x47, 0x8E, 0x51, 0xA2, 0x09, 0x12, - 0x24, 0x48, 0x90, 0x6D, 0xDA, 0xF9, 0xBF, 0x33, 0x66, 0xCC, 0xD5, 0xE7, - 0x83, 0x4B, 0x96, 0x61, 0xC2, 0xC9, 0xDF, 0xF3, 0xAB, 0x1B, 0x36, 0x6C, - 0xD8, 0xFD, 0xB7, 0x23, 0x46, 0x8C, 0x55, 0xAA, 0x19, 0x32, 0x64, 0xC8, - 0xDD, 0xF7, 0xA3, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x2D, 0x5A, 0xB4, 0x25, - 0x4A, 0x94, 0x65, 0xCA, 0xD9, 0xFF, 0xB3, 0x2B, 0x56, 0xAC, 0x15, 0x2A, - 0x54, 0xA8, 0x1D, 0x3A, 0x74, 0xE8, 0x9D, 0x77, 0xEE, 0x91, 0x6F, 0xDE, - 0xF1, 0xAF, 0x13, 0x26, 0x4C, 0x98, 0x7D, 0xFA, 0xB9, 0x3F, 0x7E, 0xFC, - 0xB5, 0x27, 0x4E, 0x9C, 0x75, 0xEA, 0x99, 0x7F, 0xFE, 0xB1, 0x2F, 0x5E, - 0xBC, 0x35, 0x6A, 0xD4, 0xE5, 0x87, 0x43, 0x86, 0x41, 0x82, 0x49, 0x92, - 0x69, 0xD2, 0xE9, 0x9F, 0x73, 0xE6, 0x81, 0x4F, 0x9E, 0x71, 0xE2, 0x89, - 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB, 0xDB, 0xFB, 0xBB, - 0x3B, 0x76, 0xEC, 0x95, 0x67, 0xCE, 0xD1, 0xEF, 0x93, 0x6B, 0xD6, 0xE1, - 0x8F, 0x53, 0xA6 }; - -const byte Twofish::POLY_TO_EXP[255] = { - 0x00, 0x01, 0x17, 0x02, 0x2E, 0x18, 0x53, 0x03, 0x6A, 0x2F, 0x93, 0x19, - 0x34, 0x54, 0x45, 0x04, 0x5C, 0x6B, 0xB6, 0x30, 0xA6, 0x94, 0x4B, 0x1A, - 0x8C, 0x35, 0x81, 0x55, 0xAA, 0x46, 0x0D, 0x05, 0x24, 0x5D, 0x87, 0x6C, - 0x9B, 0xB7, 0xC1, 0x31, 0x2B, 0xA7, 0xA3, 0x95, 0x98, 0x4C, 0xCA, 0x1B, - 0xE6, 0x8D, 0x73, 0x36, 0xCD, 0x82, 0x12, 0x56, 0x62, 0xAB, 0xF0, 0x47, - 0x4F, 0x0E, 0xBD, 0x06, 0xD4, 0x25, 0xD2, 0x5E, 0x27, 0x88, 0x66, 0x6D, - 0xD6, 0x9C, 0x79, 0xB8, 0x08, 0xC2, 0xDF, 0x32, 0x68, 0x2C, 0xFD, 0xA8, - 0x8A, 0xA4, 0x5A, 0x96, 0x29, 0x99, 0x22, 0x4D, 0x60, 0xCB, 0xE4, 0x1C, - 0x7B, 0xE7, 0x3B, 0x8E, 0x9E, 0x74, 0xF4, 0x37, 0xD8, 0xCE, 0xF9, 0x83, - 0x6F, 0x13, 0xB2, 0x57, 0xE1, 0x63, 0xDC, 0xAC, 0xC4, 0xF1, 0xAF, 0x48, - 0x0A, 0x50, 0x42, 0x0F, 0xBA, 0xBE, 0xC7, 0x07, 0xDE, 0xD5, 0x78, 0x26, - 0x65, 0xD3, 0xD1, 0x5F, 0xE3, 0x28, 0x21, 0x89, 0x59, 0x67, 0xFC, 0x6E, - 0xB1, 0xD7, 0xF8, 0x9D, 0xF3, 0x7A, 0x3A, 0xB9, 0xC6, 0x09, 0x41, 0xC3, - 0xAE, 0xE0, 0xDB, 0x33, 0x44, 0x69, 0x92, 0x2D, 0x52, 0xFE, 0x16, 0xA9, - 0x0C, 0x8B, 0x80, 0xA5, 0x4A, 0x5B, 0xB5, 0x97, 0xC9, 0x2A, 0xA2, 0x9A, - 0xC0, 0x23, 0x86, 0x4E, 0xBC, 0x61, 0xEF, 0xCC, 0x11, 0xE5, 0x72, 0x1D, - 0x3D, 0x7C, 0xEB, 0xE8, 0xE9, 0x3C, 0xEA, 0x8F, 0x7D, 0x9F, 0xEC, 0x75, - 0x1E, 0xF5, 0x3E, 0x38, 0xF6, 0xD9, 0x3F, 0xCF, 0x76, 0xFA, 0x1F, 0x84, - 0xA0, 0x70, 0xED, 0x14, 0x90, 0xB3, 0x7E, 0x58, 0xFB, 0xE2, 0x20, 0x64, - 0xD0, 0xDD, 0x77, 0xAD, 0xDA, 0xC5, 0x40, 0xF2, 0x39, 0xB0, 0xF7, 0x49, - 0xB4, 0x0B, 0x7F, 0x51, 0x15, 0x43, 0x91, 0x10, 0x71, 0xBB, 0xEE, 0xBF, - 0x85, 0xC8, 0xA1 }; - -const u32bit Twofish::MDS0[256] = { - 0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, - 0xE2E22BFB, 0x9E9EFAC8, 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, - 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, 0x3C3C57D6, 0x93938A32, - 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, - 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, - 0xB0B0B306, 0x7575DE3F, 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, - 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, 0xAEAE2C6D, 0x7F7FABC1, - 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, - 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, - 0x3131272C, 0x808065A3, 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, - 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, 0x2A2A3638, 0xC4C49CB0, - 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, - 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, - 0x6767C027, 0xE9E9AF8C, 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, - 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, 0x29294CCA, 0xF0F035E3, - 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, - 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, - 0xC8C81DC3, 0x9999FFCC, 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, - 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, 0xB5B53D79, 0x09090F0C, - 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, - 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, - 0xEDEDD07A, 0x4343FC17, 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, - 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, 0x5656E70B, 0xE3E3DA72, - 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, - 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, - 0x8181942A, 0x91910149, 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, - 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, 0x7878AEC5, 0xC5C56D39, - 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, - 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, - 0x55559DF9, 0x7E7E5A48, 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, - 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, 0x0606F48D, 0x404086E5, - 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, - 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, - 0x2D2D333C, 0x3030D6A5, 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, - 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, 0xD9D97929, 0x8686912E, - 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, - 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, - 0xC1C112CF, 0x8585EBDC, 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, - 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, 0xABABA212, 0x6F6F3EA2, - 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, - 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, - 0x04047FF6, 0x272746C2, 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, - 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91 }; - -const u32bit Twofish::MDS1[256] = { - 0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, - 0xA3658080, 0x76DFE4E4, 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, - 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, 0x0D54E6E6, 0xC6432020, - 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, - 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, - 0x94B1FBFB, 0x485A7E7E, 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, - 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, 0x1945FDFD, 0x5BA33A3A, - 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, - 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, - 0x9B53AAAA, 0x7C635D5D, 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, - 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, 0xC0F09090, 0x8CAFE9E9, - 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, - 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, - 0xB499C3C3, 0xF1975B5B, 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, - 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, 0xCCFF9999, 0x95EA1414, - 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, - 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, - 0xBF7E9595, 0xBA207D7D, 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, - 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, 0x81FB0F0F, 0x793DB5B5, - 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, - 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, - 0x86135050, 0xE730F7F7, 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, - 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, 0x410B9F9F, 0x7B8B0202, - 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, - 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, - 0xB1C72B2B, 0xAB6F8E8E, 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, - 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, 0x91EF1313, 0x85FE0808, - 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, - 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, - 0x6929A9A9, 0x647D4F4F, 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, - 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, 0xAC87D1D1, 0x7F8E0505, - 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, - 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, - 0x4C5F7979, 0x02B6B7B7, 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, - 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, 0x57AC3333, 0xC718CFCF, - 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, - 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, - 0x99E51D1D, 0x34392323, 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, - 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, 0xC8FA9E9E, 0xA882D6D6, - 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, - 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, - 0x0FE25151, 0x00000000, 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, - 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8 }; - -const u32bit Twofish::MDS2[256] = { - 0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, - 0xE2FBE22B, 0x9EC89EFA, 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, - 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, 0x3CD63C57, 0x9332938A, - 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, - 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, - 0xB006B0B3, 0x753F75DE, 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, - 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, 0xAE6DAE2C, 0x7FC17FAB, - 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, - 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, - 0x312C3127, 0x80A38065, 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, - 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, 0x2A382A36, 0xC4B0C49C, - 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, - 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, - 0x672767C0, 0xE98CE9AF, 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, - 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, 0x29CA294C, 0xF0E3F035, - 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, - 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, - 0xC8C3C81D, 0x99CC99FF, 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, - 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, 0xB579B53D, 0x090C090F, - 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, - 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, - 0xED7AEDD0, 0x431743FC, 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, - 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, 0x560B56E7, 0xE372E3DA, - 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, - 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, - 0x812A8194, 0x91499101, 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, - 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, 0x78C578AE, 0xC539C56D, - 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, - 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, - 0x55F9559D, 0x7E487E5A, 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, - 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, 0x068D06F4, 0x40E54086, - 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, - 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, - 0x2D3C2D33, 0x30A530D6, 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, - 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, 0xD929D979, 0x862E8691, - 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, - 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, - 0xC1CFC112, 0x85DC85EB, 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, - 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, 0xAB12ABA2, 0x6FA26F3E, - 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, - 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, - 0x04F6047F, 0x27C22746, 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, - 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF }; - -const u32bit Twofish::MDS3[256] = { - 0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, - 0x6580A365, 0xDFE476DF, 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, - 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, 0x54E60D54, 0x4320C643, - 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, - 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, - 0xB1FB94B1, 0x5A7E485A, 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, - 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, 0x45FD1945, 0xA33A5BA3, - 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, - 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, - 0x53AA9B53, 0x635D7C63, 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, - 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, 0xF090C0F0, 0xAFE98CAF, - 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, - 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, - 0x99C3B499, 0x975BF197, 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, - 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, 0xFF99CCFF, 0xEA1495EA, - 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, - 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, - 0x7E95BF7E, 0x207DBA20, 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, - 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, 0xFB0F81FB, 0x3DB5793D, - 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, - 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, - 0x13508613, 0x30F7E730, 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, - 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, 0x0B9F410B, 0x8B027B8B, - 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, - 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, - 0xC72BB1C7, 0x6F8EAB6F, 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, - 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, 0xEF1391EF, 0xFE0885FE, - 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, - 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, - 0x29A96929, 0x7D4F647D, 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, - 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, 0x87D1AC87, 0x8E057F8E, - 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, - 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, - 0x5F794C5F, 0xB6B702B6, 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, - 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, 0xAC3357AC, 0x18CFC718, - 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, - 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, - 0xE51D99E5, 0x39233439, 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, - 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, 0xFA9EC8FA, 0x82D6A882, - 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, - 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, - 0xE2510FE2, 0x00000000, 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, - 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8 }; - -} diff --git a/src/block/twofish/twofish.cpp b/src/block/twofish/twofish.cpp deleted file mode 100644 index 4ea8a799e..000000000 --- a/src/block/twofish/twofish.cpp +++ /dev/null @@ -1,245 +0,0 @@ -/* -* Twofish -* (C) 1999-2007 Jack Lloyd -* -* The key schedule implemenation is based on a public domain -* implementation by Matthew Skala -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/twofish.h> -#include <botan/loadstor.h> -#include <botan/rotate.h> - -namespace Botan { - -/* -* Twofish Encryption -*/ -void Twofish::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0) ^ RK[0]; - u32bit B = load_le<u32bit>(in, 1) ^ RK[1]; - u32bit C = load_le<u32bit>(in, 2) ^ RK[2]; - u32bit D = load_le<u32bit>(in, 3) ^ RK[3]; - - for(size_t j = 0; j != 16; j += 2) - { - u32bit X, Y; - - X = SB[ get_byte(3, A)] ^ SB[256+get_byte(2, A)] ^ - SB[512+get_byte(1, A)] ^ SB[768+get_byte(0, A)]; - Y = SB[ get_byte(0, B)] ^ SB[256+get_byte(3, B)] ^ - SB[512+get_byte(2, B)] ^ SB[768+get_byte(1, B)]; - X += Y; - Y += X + RK[2*j + 9]; - X += RK[2*j + 8]; - - C = rotate_right(C ^ X, 1); - D = rotate_left(D, 1) ^ Y; - - X = SB[ get_byte(3, C)] ^ SB[256+get_byte(2, C)] ^ - SB[512+get_byte(1, C)] ^ SB[768+get_byte(0, C)]; - Y = SB[ get_byte(0, D)] ^ SB[256+get_byte(3, D)] ^ - SB[512+get_byte(2, D)] ^ SB[768+get_byte(1, D)]; - X += Y; - Y += X + RK[2*j + 11]; - X += RK[2*j + 10]; - - A = rotate_right(A ^ X, 1); - B = rotate_left(B, 1) ^ Y; - } - - C ^= RK[4]; - D ^= RK[5]; - A ^= RK[6]; - B ^= RK[7]; - - store_le(out, C, D, A, B); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Twofish Decryption -*/ -void Twofish::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - for(size_t i = 0; i != blocks; ++i) - { - u32bit A = load_le<u32bit>(in, 0) ^ RK[4]; - u32bit B = load_le<u32bit>(in, 1) ^ RK[5]; - u32bit C = load_le<u32bit>(in, 2) ^ RK[6]; - u32bit D = load_le<u32bit>(in, 3) ^ RK[7]; - - for(size_t j = 0; j != 16; j += 2) - { - u32bit X, Y; - - X = SB[ get_byte(3, A)] ^ SB[256+get_byte(2, A)] ^ - SB[512+get_byte(1, A)] ^ SB[768+get_byte(0, A)]; - Y = SB[ get_byte(0, B)] ^ SB[256+get_byte(3, B)] ^ - SB[512+get_byte(2, B)] ^ SB[768+get_byte(1, B)]; - X += Y; - Y += X + RK[39 - 2*j]; - X += RK[38 - 2*j]; - - C = rotate_left(C, 1) ^ X; - D = rotate_right(D ^ Y, 1); - - X = SB[ get_byte(3, C)] ^ SB[256+get_byte(2, C)] ^ - SB[512+get_byte(1, C)] ^ SB[768+get_byte(0, C)]; - Y = SB[ get_byte(0, D)] ^ SB[256+get_byte(3, D)] ^ - SB[512+get_byte(2, D)] ^ SB[768+get_byte(1, D)]; - X += Y; - Y += X + RK[37 - 2*j]; - X += RK[36 - 2*j]; - - A = rotate_left(A, 1) ^ X; - B = rotate_right(B ^ Y, 1); - } - - C ^= RK[0]; - D ^= RK[1]; - A ^= RK[2]; - B ^= RK[3]; - - store_le(out, C, D, A, B); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* Twofish Key Schedule -*/ -void Twofish::key_schedule(const byte key[], size_t length) - { - SB.resize(1024); - RK.resize(40); - - secure_vector<byte> S(16); - - for(size_t i = 0; i != length; ++i) - rs_mul(&S[4*(i/8)], key[i], i); - - if(length == 16) - { - for(size_t i = 0; i != 256; ++i) - { - SB[ i] = MDS0[Q0[Q0[i]^S[ 0]]^S[ 4]]; - SB[256+i] = MDS1[Q0[Q1[i]^S[ 1]]^S[ 5]]; - SB[512+i] = MDS2[Q1[Q0[i]^S[ 2]]^S[ 6]]; - SB[768+i] = MDS3[Q1[Q1[i]^S[ 3]]^S[ 7]]; - } - - for(size_t i = 0; i != 40; i += 2) - { - u32bit X = MDS0[Q0[Q0[i ]^key[ 8]]^key[ 0]] ^ - MDS1[Q0[Q1[i ]^key[ 9]]^key[ 1]] ^ - MDS2[Q1[Q0[i ]^key[10]]^key[ 2]] ^ - MDS3[Q1[Q1[i ]^key[11]]^key[ 3]]; - u32bit Y = MDS0[Q0[Q0[i+1]^key[12]]^key[ 4]] ^ - MDS1[Q0[Q1[i+1]^key[13]]^key[ 5]] ^ - MDS2[Q1[Q0[i+1]^key[14]]^key[ 6]] ^ - MDS3[Q1[Q1[i+1]^key[15]]^key[ 7]]; - Y = rotate_left(Y, 8); - X += Y; Y += X; - - RK[i] = X; - RK[i+1] = rotate_left(Y, 9); - } - } - else if(length == 24) - { - for(size_t i = 0; i != 256; ++i) - { - SB[ i] = MDS0[Q0[Q0[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]]; - SB[256+i] = MDS1[Q0[Q1[Q1[i]^S[ 1]]^S[ 5]]^S[ 9]]; - SB[512+i] = MDS2[Q1[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]]; - SB[768+i] = MDS3[Q1[Q1[Q0[i]^S[ 3]]^S[ 7]]^S[11]]; - } - - for(size_t i = 0; i != 40; i += 2) - { - u32bit X = MDS0[Q0[Q0[Q1[i ]^key[16]]^key[ 8]]^key[ 0]] ^ - MDS1[Q0[Q1[Q1[i ]^key[17]]^key[ 9]]^key[ 1]] ^ - MDS2[Q1[Q0[Q0[i ]^key[18]]^key[10]]^key[ 2]] ^ - MDS3[Q1[Q1[Q0[i ]^key[19]]^key[11]]^key[ 3]]; - u32bit Y = MDS0[Q0[Q0[Q1[i+1]^key[20]]^key[12]]^key[ 4]] ^ - MDS1[Q0[Q1[Q1[i+1]^key[21]]^key[13]]^key[ 5]] ^ - MDS2[Q1[Q0[Q0[i+1]^key[22]]^key[14]]^key[ 6]] ^ - MDS3[Q1[Q1[Q0[i+1]^key[23]]^key[15]]^key[ 7]]; - Y = rotate_left(Y, 8); - X += Y; Y += X; - - RK[i] = X; - RK[i+1] = rotate_left(Y, 9); - } - } - else if(length == 32) - { - for(size_t i = 0; i != 256; ++i) - { - SB[ i] = MDS0[Q0[Q0[Q1[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]]^S[12]]; - SB[256+i] = MDS1[Q0[Q1[Q1[Q0[i]^S[ 1]]^S[ 5]]^S[ 9]]^S[13]]; - SB[512+i] = MDS2[Q1[Q0[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]]^S[14]]; - SB[768+i] = MDS3[Q1[Q1[Q0[Q1[i]^S[ 3]]^S[ 7]]^S[11]]^S[15]]; - } - - for(size_t i = 0; i != 40; i += 2) - { - u32bit X = MDS0[Q0[Q0[Q1[Q1[i ]^key[24]]^key[16]]^key[ 8]]^key[ 0]] ^ - MDS1[Q0[Q1[Q1[Q0[i ]^key[25]]^key[17]]^key[ 9]]^key[ 1]] ^ - MDS2[Q1[Q0[Q0[Q0[i ]^key[26]]^key[18]]^key[10]]^key[ 2]] ^ - MDS3[Q1[Q1[Q0[Q1[i ]^key[27]]^key[19]]^key[11]]^key[ 3]]; - u32bit Y = MDS0[Q0[Q0[Q1[Q1[i+1]^key[28]]^key[20]]^key[12]]^key[ 4]] ^ - MDS1[Q0[Q1[Q1[Q0[i+1]^key[29]]^key[21]]^key[13]]^key[ 5]] ^ - MDS2[Q1[Q0[Q0[Q0[i+1]^key[30]]^key[22]]^key[14]]^key[ 6]] ^ - MDS3[Q1[Q1[Q0[Q1[i+1]^key[31]]^key[23]]^key[15]]^key[ 7]]; - Y = rotate_left(Y, 8); - X += Y; Y += X; - - RK[i] = X; - RK[i+1] = rotate_left(Y, 9); - } - } - } - -/* -* Do one column of the RS matrix multiplcation -*/ -void Twofish::rs_mul(byte S[4], byte key, size_t offset) - { - if(key) - { - byte X = POLY_TO_EXP[key - 1]; - - byte RS1 = RS[(4*offset ) % 32]; - byte RS2 = RS[(4*offset+1) % 32]; - byte RS3 = RS[(4*offset+2) % 32]; - byte RS4 = RS[(4*offset+3) % 32]; - - S[0] ^= EXP_TO_POLY[(X + POLY_TO_EXP[RS1 - 1]) % 255]; - S[1] ^= EXP_TO_POLY[(X + POLY_TO_EXP[RS2 - 1]) % 255]; - S[2] ^= EXP_TO_POLY[(X + POLY_TO_EXP[RS3 - 1]) % 255]; - S[3] ^= EXP_TO_POLY[(X + POLY_TO_EXP[RS4 - 1]) % 255]; - } - } - -/* -* Clear memory of sensitive data -*/ -void Twofish::clear() - { - zap(SB); - zap(RK); - } - -} diff --git a/src/block/twofish/twofish.h b/src/block/twofish/twofish.h deleted file mode 100644 index 3d8e47498..000000000 --- a/src/block/twofish/twofish.h +++ /dev/null @@ -1,47 +0,0 @@ -/* -* Twofish -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_TWOFISH_H__ -#define BOTAN_TWOFISH_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* Twofish, an AES finalist -*/ -class BOTAN_DLL Twofish : public Block_Cipher_Fixed_Params<16, 16, 32, 8> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "Twofish"; } - BlockCipher* clone() const { return new Twofish; } - private: - void key_schedule(const byte[], size_t); - - static void rs_mul(byte[4], byte, size_t); - - static const u32bit MDS0[256]; - static const u32bit MDS1[256]; - static const u32bit MDS2[256]; - static const u32bit MDS3[256]; - static const byte Q0[256]; - static const byte Q1[256]; - static const byte RS[32]; - static const byte EXP_TO_POLY[255]; - static const byte POLY_TO_EXP[255]; - - secure_vector<u32bit> SB, RK; - }; - -} - -#endif diff --git a/src/block/xtea/info.txt b/src/block/xtea/info.txt deleted file mode 100644 index e2cc8ac34..000000000 --- a/src/block/xtea/info.txt +++ /dev/null @@ -1 +0,0 @@ -define XTEA 20131128 diff --git a/src/block/xtea/xtea.cpp b/src/block/xtea/xtea.cpp deleted file mode 100644 index 165a6ea6a..000000000 --- a/src/block/xtea/xtea.cpp +++ /dev/null @@ -1,146 +0,0 @@ -/* -* XTEA -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/xtea.h> -#include <botan/loadstor.h> - -namespace Botan { - -namespace { - -void xtea_encrypt_4(const byte in[32], byte out[32], const u32bit EK[64]) - { - u32bit L0, R0, L1, R1, L2, R2, L3, R3; - load_be(in, L0, R0, L1, R1, L2, R2, L3, R3); - - for(size_t i = 0; i != 32; ++i) - { - L0 += (((R0 << 4) ^ (R0 >> 5)) + R0) ^ EK[2*i]; - L1 += (((R1 << 4) ^ (R1 >> 5)) + R1) ^ EK[2*i]; - L2 += (((R2 << 4) ^ (R2 >> 5)) + R2) ^ EK[2*i]; - L3 += (((R3 << 4) ^ (R3 >> 5)) + R3) ^ EK[2*i]; - - R0 += (((L0 << 4) ^ (L0 >> 5)) + L0) ^ EK[2*i+1]; - R1 += (((L1 << 4) ^ (L1 >> 5)) + L1) ^ EK[2*i+1]; - R2 += (((L2 << 4) ^ (L2 >> 5)) + L2) ^ EK[2*i+1]; - R3 += (((L3 << 4) ^ (L3 >> 5)) + L3) ^ EK[2*i+1]; - } - - store_be(out, L0, R0, L1, R1, L2, R2, L3, R3); - } - -void xtea_decrypt_4(const byte in[32], byte out[32], const u32bit EK[64]) - { - u32bit L0, R0, L1, R1, L2, R2, L3, R3; - load_be(in, L0, R0, L1, R1, L2, R2, L3, R3); - - for(size_t i = 0; i != 32; ++i) - { - R0 -= (((L0 << 4) ^ (L0 >> 5)) + L0) ^ EK[63 - 2*i]; - R1 -= (((L1 << 4) ^ (L1 >> 5)) + L1) ^ EK[63 - 2*i]; - R2 -= (((L2 << 4) ^ (L2 >> 5)) + L2) ^ EK[63 - 2*i]; - R3 -= (((L3 << 4) ^ (L3 >> 5)) + L3) ^ EK[63 - 2*i]; - - L0 -= (((R0 << 4) ^ (R0 >> 5)) + R0) ^ EK[62 - 2*i]; - L1 -= (((R1 << 4) ^ (R1 >> 5)) + R1) ^ EK[62 - 2*i]; - L2 -= (((R2 << 4) ^ (R2 >> 5)) + R2) ^ EK[62 - 2*i]; - L3 -= (((R3 << 4) ^ (R3 >> 5)) + R3) ^ EK[62 - 2*i]; - } - - store_be(out, L0, R0, L1, R1, L2, R2, L3, R3); - } - -} - -/* -* XTEA Encryption -*/ -void XTEA::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - while(blocks >= 4) - { - xtea_encrypt_4(in, out, &(this->EK[0])); - in += 4 * BLOCK_SIZE; - out += 4 * BLOCK_SIZE; - blocks -= 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - for(size_t j = 0; j != 32; ++j) - { - L += (((R << 4) ^ (R >> 5)) + R) ^ EK[2*j]; - R += (((L << 4) ^ (L >> 5)) + L) ^ EK[2*j+1]; - } - - store_be(out, L, R); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* XTEA Decryption -*/ -void XTEA::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - while(blocks >= 4) - { - xtea_decrypt_4(in, out, &(this->EK[0])); - in += 4 * BLOCK_SIZE; - out += 4 * BLOCK_SIZE; - blocks -= 4; - } - - for(size_t i = 0; i != blocks; ++i) - { - u32bit L = load_be<u32bit>(in, 0); - u32bit R = load_be<u32bit>(in, 1); - - for(size_t j = 0; j != 32; ++j) - { - R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[63 - 2*j]; - L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[62 - 2*j]; - } - - store_be(out, L, R); - - in += BLOCK_SIZE; - out += BLOCK_SIZE; - } - } - -/* -* XTEA Key Schedule -*/ -void XTEA::key_schedule(const byte key[], size_t) - { - EK.resize(64); - - secure_vector<u32bit> UK(4); - for(size_t i = 0; i != 4; ++i) - UK[i] = load_be<u32bit>(key, i); - - u32bit D = 0; - for(size_t i = 0; i != 64; i += 2) - { - EK[i ] = D + UK[D % 4]; - D += 0x9E3779B9; - EK[i+1] = D + UK[(D >> 11) % 4]; - } - } - -void XTEA::clear() - { - zap(EK); - } - -} diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h deleted file mode 100644 index 42acc35a5..000000000 --- a/src/block/xtea/xtea.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -* XTEA -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_XTEA_H__ -#define BOTAN_XTEA_H__ - -#include <botan/block_cipher.h> - -namespace Botan { - -/** -* XTEA -*/ -class BOTAN_DLL XTEA : public Block_Cipher_Fixed_Params<8, 16> - { - public: - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - - void clear(); - std::string name() const { return "XTEA"; } - BlockCipher* clone() const { return new XTEA; } - protected: - /** - * @return const reference to the key schedule - */ - const secure_vector<u32bit>& get_EK() const { return EK; } - - private: - void key_schedule(const byte[], size_t); - secure_vector<u32bit> EK; - }; - -} - -#endif diff --git a/src/block/xtea_simd/info.txt b/src/block/xtea_simd/info.txt deleted file mode 100644 index 7e7d001ac..000000000 --- a/src/block/xtea_simd/info.txt +++ /dev/null @@ -1,7 +0,0 @@ -define XTEA_SIMD 20131128 - -<requires> -xtea -simd -simd_engine -</requires> diff --git a/src/block/xtea_simd/xtea_simd.cpp b/src/block/xtea_simd/xtea_simd.cpp deleted file mode 100644 index d684eca5a..000000000 --- a/src/block/xtea_simd/xtea_simd.cpp +++ /dev/null @@ -1,130 +0,0 @@ -/* -* XTEA in SIMD -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/xtea_simd.h> -#include <botan/loadstor.h> -#include <botan/internal/simd_32.h> - -namespace Botan { - -namespace { - -void xtea_encrypt_8(const byte in[64], byte out[64], const u32bit EK[64]) - { - SIMD_32 L0 = SIMD_32::load_be(in ); - SIMD_32 R0 = SIMD_32::load_be(in + 16); - SIMD_32 L1 = SIMD_32::load_be(in + 32); - SIMD_32 R1 = SIMD_32::load_be(in + 48); - - SIMD_32::transpose(L0, R0, L1, R1); - - for(size_t i = 0; i != 32; i += 2) - { - SIMD_32 K0(EK[2*i ]); - SIMD_32 K1(EK[2*i+1]); - SIMD_32 K2(EK[2*i+2]); - SIMD_32 K3(EK[2*i+3]); - - L0 += (((R0 << 4) ^ (R0 >> 5)) + R0) ^ K0; - L1 += (((R1 << 4) ^ (R1 >> 5)) + R1) ^ K0; - - R0 += (((L0 << 4) ^ (L0 >> 5)) + L0) ^ K1; - R1 += (((L1 << 4) ^ (L1 >> 5)) + L1) ^ K1; - - L0 += (((R0 << 4) ^ (R0 >> 5)) + R0) ^ K2; - L1 += (((R1 << 4) ^ (R1 >> 5)) + R1) ^ K2; - - R0 += (((L0 << 4) ^ (L0 >> 5)) + L0) ^ K3; - R1 += (((L1 << 4) ^ (L1 >> 5)) + L1) ^ K3; - } - - SIMD_32::transpose(L0, R0, L1, R1); - - L0.store_be(out); - R0.store_be(out + 16); - L1.store_be(out + 32); - R1.store_be(out + 48); - } - -void xtea_decrypt_8(const byte in[64], byte out[64], const u32bit EK[64]) - { - SIMD_32 L0 = SIMD_32::load_be(in ); - SIMD_32 R0 = SIMD_32::load_be(in + 16); - SIMD_32 L1 = SIMD_32::load_be(in + 32); - SIMD_32 R1 = SIMD_32::load_be(in + 48); - - SIMD_32::transpose(L0, R0, L1, R1); - - for(size_t i = 0; i != 32; i += 2) - { - SIMD_32 K0(EK[63 - 2*i]); - SIMD_32 K1(EK[62 - 2*i]); - SIMD_32 K2(EK[61 - 2*i]); - SIMD_32 K3(EK[60 - 2*i]); - - R0 -= (((L0 << 4) ^ (L0 >> 5)) + L0) ^ K0; - R1 -= (((L1 << 4) ^ (L1 >> 5)) + L1) ^ K0; - - L0 -= (((R0 << 4) ^ (R0 >> 5)) + R0) ^ K1; - L1 -= (((R1 << 4) ^ (R1 >> 5)) + R1) ^ K1; - - R0 -= (((L0 << 4) ^ (L0 >> 5)) + L0) ^ K2; - R1 -= (((L1 << 4) ^ (L1 >> 5)) + L1) ^ K2; - - L0 -= (((R0 << 4) ^ (R0 >> 5)) + R0) ^ K3; - L1 -= (((R1 << 4) ^ (R1 >> 5)) + R1) ^ K3; - } - - SIMD_32::transpose(L0, R0, L1, R1); - - L0.store_be(out); - R0.store_be(out + 16); - L1.store_be(out + 32); - R1.store_be(out + 48); - } - -} - -/* -* XTEA Encryption -*/ -void XTEA_SIMD::encrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* KS = &(this->get_EK()[0]); - - while(blocks >= 8) - { - xtea_encrypt_8(in, out, KS); - in += 8 * BLOCK_SIZE; - out += 8 * BLOCK_SIZE; - blocks -= 8; - } - - if(blocks) - XTEA::encrypt_n(in, out, blocks); - } - -/* -* XTEA Decryption -*/ -void XTEA_SIMD::decrypt_n(const byte in[], byte out[], size_t blocks) const - { - const u32bit* KS = &(this->get_EK()[0]); - - while(blocks >= 8) - { - xtea_decrypt_8(in, out, KS); - in += 8 * BLOCK_SIZE; - out += 8 * BLOCK_SIZE; - blocks -= 8; - } - - if(blocks) - XTEA::decrypt_n(in, out, blocks); - } - -} diff --git a/src/block/xtea_simd/xtea_simd.h b/src/block/xtea_simd/xtea_simd.h deleted file mode 100644 index ecfdf90a5..000000000 --- a/src/block/xtea_simd/xtea_simd.h +++ /dev/null @@ -1,30 +0,0 @@ -/* -* XTEA in SIMD -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_XTEA_SIMD_H__ -#define BOTAN_XTEA_SIMD_H__ - -#include <botan/xtea.h> - -namespace Botan { - -/** -* XTEA implemented using SIMD operations -*/ -class BOTAN_DLL XTEA_SIMD : public XTEA - { - public: - size_t parallelism() const { return 8; } - - void encrypt_n(const byte in[], byte out[], size_t blocks) const; - void decrypt_n(const byte in[], byte out[], size_t blocks) const; - BlockCipher* clone() const { return new XTEA_SIMD; } - }; - -} - -#endif |