aboutsummaryrefslogtreecommitdiffstats
path: root/src/block/cast
diff options
context:
space:
mode:
Diffstat (limited to 'src/block/cast')
-rw-r--r--src/block/cast/cast128.cpp30
-rw-r--r--src/block/cast/cast128.h10
-rw-r--r--src/block/cast/cast256.cpp61
-rw-r--r--src/block/cast/cast256.h8
4 files changed, 57 insertions, 52 deletions
diff --git a/src/block/cast/cast128.cpp b/src/block/cast/cast128.cpp
index 24469e025..d64523c8b 100644
--- a/src/block/cast/cast128.cpp
+++ b/src/block/cast/cast128.cpp
@@ -16,7 +16,7 @@ namespace {
/*
* CAST-128 Round Type 1
*/
-inline void R1(u32bit& L, u32bit R, u32bit MK, u32bit RK)
+inline void R1(u32bit& L, u32bit R, u32bit MK, byte RK)
{
u32bit T = rotate_left(MK + R, RK);
L ^= (CAST_SBOX1[get_byte(0, T)] ^ CAST_SBOX2[get_byte(1, T)]) -
@@ -26,7 +26,7 @@ inline void R1(u32bit& L, u32bit R, u32bit MK, u32bit RK)
/*
* CAST-128 Round Type 2
*/
-inline void R2(u32bit& L, u32bit R, u32bit MK, u32bit RK)
+inline void R2(u32bit& L, u32bit R, u32bit MK, byte RK)
{
u32bit T = rotate_left(MK ^ R, RK);
L ^= (CAST_SBOX1[get_byte(0, T)] - CAST_SBOX2[get_byte(1, T)] +
@@ -36,7 +36,7 @@ inline void R2(u32bit& L, u32bit R, u32bit MK, u32bit RK)
/*
* CAST-128 Round Type 3
*/
-inline void R3(u32bit& L, u32bit R, u32bit MK, u32bit RK)
+inline void R3(u32bit& L, u32bit R, u32bit MK, byte RK)
{
u32bit T = rotate_left(MK - R, RK);
L ^= ((CAST_SBOX1[get_byte(0, T)] + CAST_SBOX2[get_byte(1, T)]) ^
@@ -118,23 +118,27 @@ void CAST_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void CAST_128::key_schedule(const byte key[], size_t length)
{
- clear();
- SecureVector<u32bit> X(4);
- for(size_t j = 0; j != length; ++j)
- X[j/4] = (X[j/4] << 8) + key[j];
+ MK.resize(48);
+ RK.resize(48);
+
+ secure_vector<u32bit> X(4);
+ for(size_t i = 0; i != length; ++i)
+ X[i/4] = (X[i/4] << 8) + key[i];
cast_ks(MK, X);
- cast_ks(RK, X);
- for(size_t j = 0; j != 16; ++j)
- RK[j] %= 32;
+ secure_vector<u32bit> RK32(48);
+ cast_ks(RK32, X);
+
+ for(size_t i = 0; i != 16; ++i)
+ RK[i] = RK32[i] % 32;
}
/*
* S-Box Based Key Expansion
*/
-void CAST_128::cast_ks(MemoryRegion<u32bit>& K,
- MemoryRegion<u32bit>& X)
+void CAST_128::cast_ks(secure_vector<u32bit>& K,
+ secure_vector<u32bit>& X)
{
class ByteReader
{
@@ -145,7 +149,7 @@ void CAST_128::cast_ks(MemoryRegion<u32bit>& K,
const u32bit* X;
};
- SecureVector<u32bit> Z(4);
+ secure_vector<u32bit> Z(4);
ByteReader x(&X[0]), z(&Z[0]);
Z[0] = X[0] ^ S5[x(13)] ^ S6[x(15)] ^ S7[x(12)] ^ S8[x(14)] ^ S7[x( 8)];
diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 10c646c94..f3f23b14a 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -21,23 +21,23 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
void decrypt_n(const byte in[], byte out[], size_t blocks) const;
- void clear() { zeroise(MK); zeroise(RK); }
+ void clear() { MK.clear(); RK.clear(); }
std::string name() const { return "CAST-128"; }
BlockCipher* clone() const { return new CAST_128; }
- CAST_128() : MK(16), RK(16) {}
private:
void key_schedule(const byte[], size_t);
- static void cast_ks(MemoryRegion<u32bit>& ks,
- MemoryRegion<u32bit>& user_key);
+ static void cast_ks(secure_vector<u32bit>& ks,
+ secure_vector<u32bit>& user_key);
static const u32bit S5[256];
static const u32bit S6[256];
static const u32bit S7[256];
static const u32bit S8[256];
- SecureVector<u32bit> MK, RK;
+ secure_vector<u32bit> MK;
+ secure_vector<byte> RK;
};
extern const u32bit CAST_SBOX1[256];
diff --git a/src/block/cast/cast256.cpp b/src/block/cast/cast256.cpp
index 8be0a8dd6..9476d3faf 100644
--- a/src/block/cast/cast256.cpp
+++ b/src/block/cast/cast256.cpp
@@ -138,40 +138,43 @@ void CAST_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void CAST_256::key_schedule(const byte key[], size_t length)
{
- SecureVector<u32bit> K(8);
- for(size_t j = 0; j != length; ++j)
- K[j/4] = (K[j/4] << 8) + key[j];
+ MK.resize(48);
+ RK.resize(48);
+
+ secure_vector<u32bit> K(8);
+ for(size_t i = 0; i != length; ++i)
+ K[i/4] = (K[i/4] << 8) + key[i];
u32bit A = K[0], B = K[1], C = K[2], D = K[3],
E = K[4], F = K[5], G = K[6], H = K[7];
- for(size_t j = 0; j != 48; j += 4)
+ for(size_t i = 0; i != 48; i += 4)
{
- round1(G, H, KEY_MASK[4*j+ 0], KEY_ROT[(4*j+ 0) % 32]);
- round2(F, G, KEY_MASK[4*j+ 1], KEY_ROT[(4*j+ 1) % 32]);
- round3(E, F, KEY_MASK[4*j+ 2], KEY_ROT[(4*j+ 2) % 32]);
- round1(D, E, KEY_MASK[4*j+ 3], KEY_ROT[(4*j+ 3) % 32]);
- round2(C, D, KEY_MASK[4*j+ 4], KEY_ROT[(4*j+ 4) % 32]);
- round3(B, C, KEY_MASK[4*j+ 5], KEY_ROT[(4*j+ 5) % 32]);
- round1(A, B, KEY_MASK[4*j+ 6], KEY_ROT[(4*j+ 6) % 32]);
- round2(H, A, KEY_MASK[4*j+ 7], KEY_ROT[(4*j+ 7) % 32]);
- round1(G, H, KEY_MASK[4*j+ 8], KEY_ROT[(4*j+ 8) % 32]);
- round2(F, G, KEY_MASK[4*j+ 9], KEY_ROT[(4*j+ 9) % 32]);
- round3(E, F, KEY_MASK[4*j+10], KEY_ROT[(4*j+10) % 32]);
- round1(D, E, KEY_MASK[4*j+11], KEY_ROT[(4*j+11) % 32]);
- round2(C, D, KEY_MASK[4*j+12], KEY_ROT[(4*j+12) % 32]);
- round3(B, C, KEY_MASK[4*j+13], KEY_ROT[(4*j+13) % 32]);
- round1(A, B, KEY_MASK[4*j+14], KEY_ROT[(4*j+14) % 32]);
- round2(H, A, KEY_MASK[4*j+15], KEY_ROT[(4*j+15) % 32]);
-
- RK[j ] = (A % 32);
- RK[j+1] = (C % 32);
- RK[j+2] = (E % 32);
- RK[j+3] = (G % 32);
- MK[j ] = H;
- MK[j+1] = F;
- MK[j+2] = D;
- MK[j+3] = B;
+ round1(G, H, KEY_MASK[4*i+ 0], KEY_ROT[(4*i+ 0) % 32]);
+ round2(F, G, KEY_MASK[4*i+ 1], KEY_ROT[(4*i+ 1) % 32]);
+ round3(E, F, KEY_MASK[4*i+ 2], KEY_ROT[(4*i+ 2) % 32]);
+ round1(D, E, KEY_MASK[4*i+ 3], KEY_ROT[(4*i+ 3) % 32]);
+ round2(C, D, KEY_MASK[4*i+ 4], KEY_ROT[(4*i+ 4) % 32]);
+ round3(B, C, KEY_MASK[4*i+ 5], KEY_ROT[(4*i+ 5) % 32]);
+ round1(A, B, KEY_MASK[4*i+ 6], KEY_ROT[(4*i+ 6) % 32]);
+ round2(H, A, KEY_MASK[4*i+ 7], KEY_ROT[(4*i+ 7) % 32]);
+ round1(G, H, KEY_MASK[4*i+ 8], KEY_ROT[(4*i+ 8) % 32]);
+ round2(F, G, KEY_MASK[4*i+ 9], KEY_ROT[(4*i+ 9) % 32]);
+ round3(E, F, KEY_MASK[4*i+10], KEY_ROT[(4*i+10) % 32]);
+ round1(D, E, KEY_MASK[4*i+11], KEY_ROT[(4*i+11) % 32]);
+ round2(C, D, KEY_MASK[4*i+12], KEY_ROT[(4*i+12) % 32]);
+ round3(B, C, KEY_MASK[4*i+13], KEY_ROT[(4*i+13) % 32]);
+ round1(A, B, KEY_MASK[4*i+14], KEY_ROT[(4*i+14) % 32]);
+ round2(H, A, KEY_MASK[4*i+15], KEY_ROT[(4*i+15) % 32]);
+
+ RK[i ] = (A % 32);
+ RK[i+1] = (C % 32);
+ RK[i+2] = (E % 32);
+ RK[i+3] = (G % 32);
+ MK[i ] = H;
+ MK[i+1] = F;
+ MK[i+2] = D;
+ MK[i+3] = B;
}
}
diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h
index 2f2beef47..4f31f187d 100644
--- a/src/block/cast/cast256.h
+++ b/src/block/cast/cast256.h
@@ -21,19 +21,17 @@ class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
void decrypt_n(const byte in[], byte out[], size_t blocks) const;
- void clear() { zeroise(MK); zeroise(RK); }
+ void clear() { MK.clear(); RK.clear(); }
std::string name() const { return "CAST-256"; }
BlockCipher* clone() const { return new CAST_256; }
-
- CAST_256() : MK(48), RK(48) {}
private:
void key_schedule(const byte[], size_t);
static const u32bit KEY_MASK[192];
static const byte KEY_ROT[32];
- SecureVector<u32bit> MK;
- SecureVector<byte> RK;
+ secure_vector<u32bit> MK;
+ secure_vector<byte> RK;
};
extern const u32bit CAST_SBOX1[256];