diff options
author | Jack Lloyd <[email protected]> | 2017-11-16 03:25:00 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-11-16 03:25:00 -0500 |
commit | f1b54cb3895f1b0007d29bcba90ad693bb7c898d (patch) | |
tree | 0c644e6a06f4fb7786c85b9bdcab443bf400a0b9 /src/lib | |
parent | 59a8be2a65e74574aa2113636f9c8849afeb219e (diff) |
Correct CAST-128 decryption with more than 1 block
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/block/cast/cast128.cpp | 64 |
1 files changed, 32 insertions, 32 deletions
diff --git a/src/lib/block/cast/cast128.cpp b/src/lib/block/cast/cast128.cpp index 584cd988a..442c6fc58 100644 --- a/src/lib/block/cast/cast128.cpp +++ b/src/lib/block/cast/cast128.cpp @@ -135,38 +135,38 @@ void CAST_128::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const uint32_t L0, R0, L1, R1; load_be(in, L0, R0, L1, R1); - R0 ^= F1(L0, m_MK[15], m_RK[15]); - R1 ^= F1(L1, m_MK[15], m_RK[15]); - L0 ^= F3(R0, m_MK[14], m_RK[14]); - L1 ^= F3(R1, m_MK[14], m_RK[14]); - R0 ^= F2(L0, m_MK[13], m_RK[13]); - R1 ^= F2(L1, m_MK[13], m_RK[13]); - L0 ^= F1(R0, m_MK[12], m_RK[12]); - L1 ^= F1(R1, m_MK[12], m_RK[12]); - R0 ^= F3(L0, m_MK[11], m_RK[11]); - R1 ^= F3(L1, m_MK[11], m_RK[11]); - L0 ^= F2(R0, m_MK[10], m_RK[10]); - L1 ^= F2(R1, m_MK[10], m_RK[10]); - R0 ^= F1(L0, m_MK[ 9], m_RK[ 9]); - R1 ^= F1(L1, m_MK[ 9], m_RK[ 9]); - L0 ^= F3(R0, m_MK[ 8], m_RK[ 8]); - L1 ^= F3(R1, m_MK[ 8], m_RK[ 8]); - R0 ^= F2(L0, m_MK[ 7], m_RK[ 7]); - R1 ^= F2(L1, m_MK[ 7], m_RK[ 7]); - L0 ^= F1(R0, m_MK[ 6], m_RK[ 6]); - L1 ^= F1(R1, m_MK[ 6], m_RK[ 6]); - R0 ^= F3(L0, m_MK[ 5], m_RK[ 5]); - R1 ^= F3(L1, m_MK[ 5], m_RK[ 5]); - L0 ^= F2(R0, m_MK[ 4], m_RK[ 4]); - L1 ^= F2(R1, m_MK[ 4], m_RK[ 4]); - R0 ^= F1(L0, m_MK[ 3], m_RK[ 3]); - R1 ^= F1(L1, m_MK[ 3], m_RK[ 3]); - L0 ^= F3(R0, m_MK[ 2], m_RK[ 2]); - L1 ^= F3(R1, m_MK[ 2], m_RK[ 2]); - R0 ^= F2(L0, m_MK[ 1], m_RK[ 1]); - R1 ^= F2(L1, m_MK[ 1], m_RK[ 1]); - L0 ^= F1(R0, m_MK[ 0], m_RK[ 0]); - L1 ^= F1(R1, m_MK[ 0], m_RK[ 0]); + L0 ^= F1(R0, m_MK[15], m_RK[15]); + L1 ^= F1(R1, m_MK[15], m_RK[15]); + R0 ^= F3(L0, m_MK[14], m_RK[14]); + R1 ^= F3(L1, m_MK[14], m_RK[14]); + L0 ^= F2(R0, m_MK[13], m_RK[13]); + L1 ^= F2(R1, m_MK[13], m_RK[13]); + R0 ^= F1(L0, m_MK[12], m_RK[12]); + R1 ^= F1(L1, m_MK[12], m_RK[12]); + L0 ^= F3(R0, m_MK[11], m_RK[11]); + L1 ^= F3(R1, m_MK[11], m_RK[11]); + R0 ^= F2(L0, m_MK[10], m_RK[10]); + R1 ^= F2(L1, m_MK[10], m_RK[10]); + L0 ^= F1(R0, m_MK[ 9], m_RK[ 9]); + L1 ^= F1(R1, m_MK[ 9], m_RK[ 9]); + R0 ^= F3(L0, m_MK[ 8], m_RK[ 8]); + R1 ^= F3(L1, m_MK[ 8], m_RK[ 8]); + L0 ^= F2(R0, m_MK[ 7], m_RK[ 7]); + L1 ^= F2(R1, m_MK[ 7], m_RK[ 7]); + R0 ^= F1(L0, m_MK[ 6], m_RK[ 6]); + R1 ^= F1(L1, m_MK[ 6], m_RK[ 6]); + L0 ^= F3(R0, m_MK[ 5], m_RK[ 5]); + L1 ^= F3(R1, m_MK[ 5], m_RK[ 5]); + R0 ^= F2(L0, m_MK[ 4], m_RK[ 4]); + R1 ^= F2(L1, m_MK[ 4], m_RK[ 4]); + L0 ^= F1(R0, m_MK[ 3], m_RK[ 3]); + L1 ^= F1(R1, m_MK[ 3], m_RK[ 3]); + R0 ^= F3(L0, m_MK[ 2], m_RK[ 2]); + R1 ^= F3(L1, m_MK[ 2], m_RK[ 2]); + L0 ^= F2(R0, m_MK[ 1], m_RK[ 1]); + L1 ^= F2(R1, m_MK[ 1], m_RK[ 1]); + R0 ^= F1(L0, m_MK[ 0], m_RK[ 0]); + R1 ^= F1(L1, m_MK[ 0], m_RK[ 0]); store_be(out, R0, L0, R1, L1); |