aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/algo_factory/algo_factory.cpp4
-rw-r--r--src/alloc/alloc_mmap/info.txt1
-rw-r--r--src/aont/info.txt17
-rw-r--r--src/aont/package.cpp128
-rw-r--r--src/aont/package.h45
-rw-r--r--src/benchmark/benchmark.cpp5
-rw-r--r--src/block/aes/aes.cpp266
-rw-r--r--src/block/aes/aes.h8
-rw-r--r--src/block/block_cipher.h20
-rw-r--r--src/block/blowfish/blowfish.cpp70
-rw-r--r--src/block/blowfish/blowfish.h8
-rw-r--r--src/block/cast/cast128.cpp100
-rw-r--r--src/block/cast/cast128.h6
-rw-r--r--src/block/cast/cast256.cpp140
-rw-r--r--src/block/cast/cast256.h6
-rw-r--r--src/block/des/des.cpp144
-rw-r--r--src/block/des/des.h12
-rw-r--r--src/block/des/desx.cpp28
-rw-r--r--src/block/des/desx.h6
-rw-r--r--src/block/gost_28147/gost_28147.cpp67
-rw-r--r--src/block/gost_28147/gost_28147.h5
-rw-r--r--src/block/idea/idea.cpp132
-rw-r--r--src/block/idea/idea.h6
-rw-r--r--src/block/kasumi/kasumi.cpp110
-rw-r--r--src/block/kasumi/kasumi.h5
-rw-r--r--src/block/lion/lion.cpp52
-rw-r--r--src/block/lion/lion.h5
-rw-r--r--src/block/lubyrack/lubyrack.cpp104
-rw-r--r--src/block/lubyrack/lubyrack.h6
-rw-r--r--src/block/mars/mars.cpp138
-rw-r--r--src/block/mars/mars.h6
-rw-r--r--src/block/misty1/misty1.cpp130
-rw-r--r--src/block/misty1/misty1.h6
-rw-r--r--src/block/noekeon/noekeon.cpp92
-rw-r--r--src/block/noekeon/noekeon.h6
-rw-r--r--src/block/rc2/rc2.cpp104
-rw-r--r--src/block/rc2/rc2.h6
-rw-r--r--src/block/rc5/rc5.cpp72
-rw-r--r--src/block/rc5/rc5.h6
-rw-r--r--src/block/rc6/rc6.cpp140
-rw-r--r--src/block/rc6/rc6.h6
-rw-r--r--src/block/safer/safer_sk.cpp97
-rw-r--r--src/block/safer/safer_sk.h7
-rw-r--r--src/block/seed/seed.cpp116
-rw-r--r--src/block/seed/seed.h6
-rw-r--r--src/block/serpent/serpent.cpp172
-rw-r--r--src/block/serpent/serpent.h5
-rw-r--r--src/block/serpent_ia32/info.txt1
-rw-r--r--src/block/serpent_ia32/serp_ia32.cpp18
-rw-r--r--src/block/serpent_ia32/serp_ia32.h5
-rw-r--r--src/block/serpent_ia32/serp_ia32_imp.S28
-rw-r--r--src/block/serpent_sse2/info.txt16
-rw-r--r--src/block/serpent_sse2/serp_sse2.cpp240
-rw-r--r--src/block/serpent_sse2/serp_sse2.h29
-rw-r--r--src/block/serpent_sse2/serp_sse2_sbox.h434
-rw-r--r--src/block/skipjack/skipjack.cpp68
-rw-r--r--src/block/skipjack/skipjack.h7
-rw-r--r--src/block/square/square.cpp192
-rw-r--r--src/block/square/square.h6
-rw-r--r--src/block/tea/tea.cpp52
-rw-r--r--src/block/tea/tea.h6
-rw-r--r--src/block/twofish/twofish.cpp156
-rw-r--r--src/block/twofish/twofish.h6
-rw-r--r--src/block/xtea/xtea.cpp45
-rw-r--r--src/block/xtea/xtea.h6
-rw-r--r--src/build-data/arch/arm1
-rw-r--r--src/build-data/arch/m68k5
-rw-r--r--src/build-data/arch/mips3217
-rw-r--r--src/build-data/arch/mips6436
-rw-r--r--src/build-data/arch/ppc1
-rw-r--r--src/build-data/arch/s3903
-rw-r--r--src/build-data/arch/s390x3
-rw-r--r--src/build-data/botan.doxy.in2
-rw-r--r--src/build-data/buildh.in6
-rw-r--r--src/build-data/cc/gcc2
-rw-r--r--src/build-data/cc/open6430
-rw-r--r--src/build-data/os/dragonfly11
-rw-r--r--src/cert/cvc/cvc_cert.cpp2
-rw-r--r--src/cert/cvc/cvc_req.cpp2
-rw-r--r--src/cert/cvc/cvc_self.cpp4
-rw-r--r--src/codec/openpgp/openpgp.cpp1
-rw-r--r--src/cryptobox/cryptobox.cpp146
-rw-r--r--src/cryptobox/cryptobox.h42
-rw-r--r--src/cryptobox/info.txt22
-rw-r--r--src/engine/openssl/ossl_md.cpp10
-rw-r--r--src/engine/sse2_eng/eng_sse2.cpp23
-rw-r--r--src/engine/sse2_eng/eng_sse2.h5
-rw-r--r--src/engine/sse2_eng/info.txt9
-rw-r--r--src/entropy/dev_random/info.txt1
-rw-r--r--src/entropy/egd/es_egd.cpp2
-rw-r--r--src/entropy/egd/info.txt1
-rw-r--r--src/entropy/proc_walk/es_ftw.cpp4
-rw-r--r--src/entropy/proc_walk/info.txt1
-rw-r--r--src/filters/algo_filt.cpp10
-rw-r--r--src/filters/basefilt.cpp21
-rw-r--r--src/filters/basefilt.h33
-rw-r--r--src/filters/fd_unix/info.txt1
-rw-r--r--src/filters/filters.h42
-rw-r--r--src/filters/info.txt1
-rw-r--r--src/filters/key_filt.h45
-rw-r--r--src/hash/md4_ia32/info.txt1
-rw-r--r--src/hash/md4_ia32/md4_ia32_imp.S10
-rw-r--r--src/hash/md5_ia32/info.txt1
-rw-r--r--src/hash/md5_ia32/md5_ia32_imp.S10
-rw-r--r--src/hash/sha1_amd64/sha1_amd64_imp.S10
-rw-r--r--src/hash/sha1_ia32/info.txt1
-rw-r--r--src/hash/sha1_ia32/sha1_ia32_imp.S10
-rw-r--r--src/hash/sha1_sse2/info.txt12
-rw-r--r--src/libstate/info.txt2
-rw-r--r--src/libstate/pk_engine.h1
-rw-r--r--src/libstate/scan_name.cpp4
-rw-r--r--src/libstate/scan_name.h4
-rw-r--r--src/mac/mac.cpp4
-rw-r--r--src/math/bigint/monty_amd64/info.txt1
-rw-r--r--src/math/bigint/monty_amd64/mp_monty.S10
-rw-r--r--src/math/bigint/mp_asm64/mp_asm.h2
-rw-r--r--src/math/bigint/mulop_amd64/info.txt1
-rw-r--r--src/math/bigint/mulop_amd64/mp_mulop_amd64.S10
-rw-r--r--src/math/bigint/mulop_ia32/info.txt1
-rw-r--r--src/math/bigint/mulop_ia32/mp_mulop.S10
-rw-r--r--src/modes/ctr/ctr.cpp111
-rw-r--r--src/modes/ctr/ctr.h21
-rw-r--r--src/modes/eax/eax.h2
-rw-r--r--src/modes/ecb/ecb.cpp191
-rw-r--r--src/modes/ecb/ecb.h68
-rw-r--r--src/modes/modebase.cpp2
-rw-r--r--src/modes/modebase.h9
-rw-r--r--src/modes/xts/xts.cpp8
-rw-r--r--src/modes/xts/xts.h8
-rw-r--r--src/pubkey/dsa/dsa_core.cpp6
-rw-r--r--src/pubkey/ecc_key/ecc_key.cpp2
-rw-r--r--src/pubkey/eckaeg/eckaeg.cpp5
-rw-r--r--src/pubkey/pk_codecs/pkcs8.h7
-rw-r--r--src/rng/auto_rng/auto_rng.cpp2
-rw-r--r--src/selftest/selftest.cpp2
-rw-r--r--src/stream/turing/turing.cpp48
-rw-r--r--src/stream/turing/turing.h2
-rw-r--r--src/timer/gettimeofday/info.txt1
-rw-r--r--src/timer/posix_rt/info.txt1
-rw-r--r--src/utils/bswap.h4
-rw-r--r--src/utils/info.txt2
141 files changed, 3473 insertions, 1615 deletions
diff --git a/src/algo_factory/algo_factory.cpp b/src/algo_factory/algo_factory.cpp
index 71bd26827..e891dc5cd 100644
--- a/src/algo_factory/algo_factory.cpp
+++ b/src/algo_factory/algo_factory.cpp
@@ -1,6 +1,6 @@
/*
-Algorithm Factory
-(C) 2008 Jack Lloyd
+* Algorithm Factory
+* (C) 2008 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
diff --git a/src/alloc/alloc_mmap/info.txt b/src/alloc/alloc_mmap/info.txt
index d8c766d55..65d9b2977 100644
--- a/src/alloc/alloc_mmap/info.txt
+++ b/src/alloc/alloc_mmap/info.txt
@@ -13,6 +13,7 @@ mmap_mem.h
<os>
linux
freebsd
+dragonfly
openbsd
netbsd
solaris
diff --git a/src/aont/info.txt b/src/aont/info.txt
new file mode 100644
index 000000000..a0387f358
--- /dev/null
+++ b/src/aont/info.txt
@@ -0,0 +1,17 @@
+realname "All or Nothing Transforms"
+
+define PACKAGE_TRANSFORM
+
+load_on auto
+
+<add>
+package.cpp
+package.h
+</add>
+
+<requires>
+block
+ctr
+rng
+filters
+</requires>
diff --git a/src/aont/package.cpp b/src/aont/package.cpp
new file mode 100644
index 000000000..6c6b56865
--- /dev/null
+++ b/src/aont/package.cpp
@@ -0,0 +1,128 @@
+/*
+* Rivest's Package Tranform
+*
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/package.h>
+#include <botan/pipe.h>
+#include <botan/ctr.h>
+#include <botan/loadstor.h>
+#include <botan/xor_buf.h>
+
+namespace Botan {
+
+namespace AllOrNothingTransform {
+
+void package(RandomNumberGenerator& rng,
+ BlockCipher* cipher,
+ const byte input[], u32bit input_len,
+ byte output[])
+ {
+ if(!cipher->valid_keylength(cipher->BLOCK_SIZE))
+ throw Invalid_Argument("AONT::package: Invalid cipher");
+
+ // The all-zero string which is used both as the CTR IV and as K0
+ const std::string all_zeros(cipher->BLOCK_SIZE*2, '0');
+
+ SymmetricKey package_key(rng, cipher->BLOCK_SIZE);
+
+ // takes ownership of cipher object
+ Keyed_Filter* ctr_mode = new CTR_BE(cipher,
+ package_key,
+ InitializationVector(all_zeros));
+
+ Pipe pipe(ctr_mode);
+
+ pipe.process_msg(input, input_len);
+ pipe.read(output, pipe.remaining());
+
+ // Set K0 (the all zero key)
+ cipher->set_key(SymmetricKey(all_zeros));
+
+ SecureVector<byte> buf(cipher->BLOCK_SIZE);
+
+ const u32bit blocks =
+ (input_len + cipher->BLOCK_SIZE - 1) / cipher->BLOCK_SIZE;
+
+ byte* final_block = output + input_len;
+ clear_mem(final_block, cipher->BLOCK_SIZE);
+
+ // XOR the hash blocks into the final block
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit left = std::min<u32bit>(cipher->BLOCK_SIZE,
+ input_len - cipher->BLOCK_SIZE * i);
+
+ buf.clear();
+ copy_mem(&buf[0], output + cipher->BLOCK_SIZE * i, left);
+
+ for(u32bit j = 0; j != 4; ++j)
+ buf[cipher->BLOCK_SIZE - 1 - j] ^= get_byte(3-j, i);
+
+ cipher->encrypt(buf);
+
+ xor_buf(final_block, buf, cipher->BLOCK_SIZE);
+ }
+
+ // XOR the random package key into the final block
+ xor_buf(final_block, package_key.begin(), cipher->BLOCK_SIZE);
+ }
+
+void unpackage(BlockCipher* cipher,
+ const byte input[], u32bit input_len,
+ byte output[])
+ {
+ if(!cipher->valid_keylength(cipher->BLOCK_SIZE))
+ throw Invalid_Argument("AONT::unpackage: Invalid cipher");
+
+ if(input_len < cipher->BLOCK_SIZE)
+ throw Invalid_Argument("AONT::unpackage: Input too short");
+
+ // The all-zero string which is used both as the CTR IV and as K0
+ const std::string all_zeros(cipher->BLOCK_SIZE*2, '0');
+
+ cipher->set_key(SymmetricKey(all_zeros));
+
+ SecureVector<byte> package_key(cipher->BLOCK_SIZE);
+ SecureVector<byte> buf(cipher->BLOCK_SIZE);
+
+ // Copy the package key (masked with the block hashes)
+ copy_mem(&package_key[0],
+ input + (input_len - cipher->BLOCK_SIZE),
+ cipher->BLOCK_SIZE);
+
+ const u32bit blocks = ((input_len - 1) / cipher->BLOCK_SIZE);
+
+ // XOR the blocks into the package key bits
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit left = std::min<u32bit>(cipher->BLOCK_SIZE,
+ input_len - cipher->BLOCK_SIZE * (i+1));
+
+ buf.clear();
+ copy_mem(&buf[0], input + cipher->BLOCK_SIZE * i, left);
+
+ for(u32bit j = 0; j != 4; ++j)
+ buf[cipher->BLOCK_SIZE - 1 - j] ^= get_byte(3-j, i);
+
+ cipher->encrypt(buf);
+
+ xor_buf(&package_key[0], buf, cipher->BLOCK_SIZE);
+ }
+
+ // takes ownership of cipher object
+ Pipe pipe(new CTR_BE(cipher,
+ SymmetricKey(package_key),
+ InitializationVector(all_zeros)));
+
+ pipe.process_msg(input, input_len - cipher->BLOCK_SIZE);
+
+ pipe.read(output, pipe.remaining());
+ }
+
+}
+
+}
diff --git a/src/aont/package.h b/src/aont/package.h
new file mode 100644
index 000000000..35d2a23fc
--- /dev/null
+++ b/src/aont/package.h
@@ -0,0 +1,45 @@
+/*
+* Rivest's Package Tranform
+*
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/block_cipher.h>
+#include <botan/rng.h>
+
+namespace Botan {
+
+namespace AllOrNothingTransform {
+
+/**
+* Rivest's Package Tranform
+* @arg rng the random number generator to use
+* @arg cipher the block cipher to use
+* @arg input the input data buffer
+* @arg input_len the length of the input data in bytes
+* @arg output the output data buffer (must be at least
+* input_len + cipher->BLOCK_SIZE bytes long)
+*/
+void package(RandomNumberGenerator& rng,
+ BlockCipher* cipher,
+ const byte input[], u32bit input_len,
+ byte output[]);
+
+/**
+* Rivest's Package Tranform (Inversion)
+* @arg rng the random number generator to use
+* @arg cipher the block cipher to use
+* @arg input the input data buffer
+* @arg input_len the length of the input data in bytes
+* @arg output the output data buffer (must be at least
+* input_len - cipher->BLOCK_SIZE bytes long)
+*/
+void unpackage(BlockCipher* cipher,
+ const byte input[], u32bit input_len,
+ byte output[]);
+
+}
+
+}
diff --git a/src/benchmark/benchmark.cpp b/src/benchmark/benchmark.cpp
index d30e831b9..3bbc1f883 100644
--- a/src/benchmark/benchmark.cpp
+++ b/src/benchmark/benchmark.cpp
@@ -57,8 +57,7 @@ bench_block_cipher(BlockCipher* block_cipher,
while(nanoseconds_used < nanoseconds_max)
{
- for(u32bit i = 0; i != in_blocks; ++i)
- block_cipher->encrypt(buf + block_cipher->BLOCK_SIZE * i);
+ block_cipher->encrypt_n(buf, buf, in_blocks);
++reps;
nanoseconds_used = timer.clock() - start;
@@ -140,7 +139,7 @@ algorithm_benchmark(const std::string& name,
{
const std::string provider = providers[i];
- std::pair<u64bit, u64bit> results = std::make_pair(0, 0);
+ std::pair<u64bit, u64bit> results(0, 0);
if(const BlockCipher* proto =
af.prototype_block_cipher(name, provider))
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index 9072b507b..34698ae7f 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -1,6 +1,6 @@
/**
* AES
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -13,163 +13,175 @@ namespace Botan {
/**
* AES Encryption
*/
-void AES::enc(const byte in[], byte out[]) const
+void AES::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
const u32bit* TE0 = TE;
const u32bit* TE1 = TE + 256;
const u32bit* TE2 = TE + 512;
const u32bit* TE3 = TE + 768;
- u32bit T0 = load_be<u32bit>(in, 0) ^ EK[0];
- u32bit T1 = load_be<u32bit>(in, 1) ^ EK[1];
- u32bit T2 = load_be<u32bit>(in, 2) ^ EK[2];
- u32bit T3 = load_be<u32bit>(in, 3) ^ EK[3];
-
- u32bit B0, B1, B2, B3;
- B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(1, T1)] ^
- TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ EK[4];
- B1 = TE0[get_byte(0, T1)] ^ TE1[get_byte(1, T2)] ^
- TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ EK[5];
- B2 = TE0[get_byte(0, T2)] ^ TE1[get_byte(1, T3)] ^
- TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ EK[6];
- B3 = TE0[get_byte(0, T3)] ^ TE1[get_byte(1, T0)] ^
- TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ EK[7];
-
- for(u32bit j = 2; j != ROUNDS; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u32bit K0 = EK[4*j];
- const u32bit K1 = EK[4*j+1];
- const u32bit K2 = EK[4*j+2];
- const u32bit K3 = EK[4*j+3];
-
- T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(1, B1)] ^
- TE2[get_byte(2, B2)] ^ TE3[get_byte(3, B3)] ^ K0;
- T1 = TE0[get_byte(0, B1)] ^ TE1[get_byte(1, B2)] ^
- TE2[get_byte(2, B3)] ^ TE3[get_byte(3, B0)] ^ K1;
- T2 = TE0[get_byte(0, B2)] ^ TE1[get_byte(1, B3)] ^
- TE2[get_byte(2, B0)] ^ TE3[get_byte(3, B1)] ^ K2;
- T3 = TE0[get_byte(0, B3)] ^ TE1[get_byte(1, B0)] ^
- TE2[get_byte(2, B1)] ^ TE3[get_byte(3, B2)] ^ K3;
-
- const u32bit K4 = EK[4*(j+1)+0];
- const u32bit K5 = EK[4*(j+1)+1];
- const u32bit K6 = EK[4*(j+1)+2];
- const u32bit K7 = EK[4*(j+1)+3];
+ u32bit T0 = load_be<u32bit>(in, 0) ^ EK[0];
+ u32bit T1 = load_be<u32bit>(in, 1) ^ EK[1];
+ u32bit T2 = load_be<u32bit>(in, 2) ^ EK[2];
+ u32bit T3 = load_be<u32bit>(in, 3) ^ EK[3];
+ u32bit B0, B1, B2, B3;
B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(1, T1)] ^
- TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ K4;
+ TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ EK[4];
B1 = TE0[get_byte(0, T1)] ^ TE1[get_byte(1, T2)] ^
- TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ K5;
+ TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ EK[5];
B2 = TE0[get_byte(0, T2)] ^ TE1[get_byte(1, T3)] ^
- TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ K6;
+ TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ EK[6];
B3 = TE0[get_byte(0, T3)] ^ TE1[get_byte(1, T0)] ^
- TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ K7;
- }
+ TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ EK[7];
+
+ for(u32bit j = 2; j != ROUNDS; j += 2)
+ {
+ const u32bit K0 = EK[4*j];
+ const u32bit K1 = EK[4*j+1];
+ const u32bit K2 = EK[4*j+2];
+ const u32bit K3 = EK[4*j+3];
+
+ T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(1, B1)] ^
+ TE2[get_byte(2, B2)] ^ TE3[get_byte(3, B3)] ^ K0;
+ T1 = TE0[get_byte(0, B1)] ^ TE1[get_byte(1, B2)] ^
+ TE2[get_byte(2, B3)] ^ TE3[get_byte(3, B0)] ^ K1;
+ T2 = TE0[get_byte(0, B2)] ^ TE1[get_byte(1, B3)] ^
+ TE2[get_byte(2, B0)] ^ TE3[get_byte(3, B1)] ^ K2;
+ T3 = TE0[get_byte(0, B3)] ^ TE1[get_byte(1, B0)] ^
+ TE2[get_byte(2, B1)] ^ TE3[get_byte(3, B2)] ^ K3;
+
+ const u32bit K4 = EK[4*(j+1)+0];
+ const u32bit K5 = EK[4*(j+1)+1];
+ const u32bit K6 = EK[4*(j+1)+2];
+ const u32bit K7 = EK[4*(j+1)+3];
- /*
- Joseph Bonneau and Ilya Mironov's paper
- <a href = "http://icme2007.org/users/mironov/papers/aes-timing.pdf">
- Cache-Collision Timing Attacks Against AES</a> describes an attack
- that can recover AES keys with as few as 2<sup>13</sup> samples.
-
- """In addition to OpenSSL v. 0.9.8.(a), which was used in our
- experiments, the AES implementations of Crypto++ 5.2.1 and
- LibTomCrypt 1.09 use the original Rijndael C implementation with
- very few changes and are highly vulnerable. The AES implementations
- in libgcrypt v. 1.2.2 and Botan v. 1.4.2 are also vulnerable, but
- use a smaller byte-wide final table which lessens the effectiveness
- of the attacks."""
- */
- out[ 0] = SE[get_byte(0, B0)] ^ ME[0];
- out[ 1] = SE[get_byte(1, B1)] ^ ME[1];
- out[ 2] = SE[get_byte(2, B2)] ^ ME[2];
- out[ 3] = SE[get_byte(3, B3)] ^ ME[3];
- out[ 4] = SE[get_byte(0, B1)] ^ ME[4];
- out[ 5] = SE[get_byte(1, B2)] ^ ME[5];
- out[ 6] = SE[get_byte(2, B3)] ^ ME[6];
- out[ 7] = SE[get_byte(3, B0)] ^ ME[7];
- out[ 8] = SE[get_byte(0, B2)] ^ ME[8];
- out[ 9] = SE[get_byte(1, B3)] ^ ME[9];
- out[10] = SE[get_byte(2, B0)] ^ ME[10];
- out[11] = SE[get_byte(3, B1)] ^ ME[11];
- out[12] = SE[get_byte(0, B3)] ^ ME[12];
- out[13] = SE[get_byte(1, B0)] ^ ME[13];
- out[14] = SE[get_byte(2, B1)] ^ ME[14];
- out[15] = SE[get_byte(3, B2)] ^ ME[15];
+ B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(1, T1)] ^
+ TE2[get_byte(2, T2)] ^ TE3[get_byte(3, T3)] ^ K4;
+ B1 = TE0[get_byte(0, T1)] ^ TE1[get_byte(1, T2)] ^
+ TE2[get_byte(2, T3)] ^ TE3[get_byte(3, T0)] ^ K5;
+ B2 = TE0[get_byte(0, T2)] ^ TE1[get_byte(1, T3)] ^
+ TE2[get_byte(2, T0)] ^ TE3[get_byte(3, T1)] ^ K6;
+ B3 = TE0[get_byte(0, T3)] ^ TE1[get_byte(1, T0)] ^
+ TE2[get_byte(2, T1)] ^ TE3[get_byte(3, T2)] ^ K7;
+ }
+
+ /*
+ Joseph Bonneau and Ilya Mironov's paper
+ <a href = "http://icme2007.org/users/mironov/papers/aes-timing.pdf">
+ Cache-Collision Timing Attacks Against AES</a> describes an attack
+ that can recover AES keys with as few as 2<sup>13</sup> samples.
+
+ """In addition to OpenSSL v. 0.9.8.(a), which was used in our
+ experiments, the AES implementations of Crypto++ 5.2.1 and
+ LibTomCrypt 1.09 use the original Rijndael C implementation with
+ very few changes and are highly vulnerable. The AES implementations
+ in libgcrypt v. 1.2.2 and Botan v. 1.4.2 are also vulnerable, but
+ use a smaller byte-wide final table which lessens the effectiveness
+ of the attacks."""
+ */
+ out[ 0] = SE[get_byte(0, B0)] ^ ME[0];
+ out[ 1] = SE[get_byte(1, B1)] ^ ME[1];
+ out[ 2] = SE[get_byte(2, B2)] ^ ME[2];
+ out[ 3] = SE[get_byte(3, B3)] ^ ME[3];
+ out[ 4] = SE[get_byte(0, B1)] ^ ME[4];
+ out[ 5] = SE[get_byte(1, B2)] ^ ME[5];
+ out[ 6] = SE[get_byte(2, B3)] ^ ME[6];
+ out[ 7] = SE[get_byte(3, B0)] ^ ME[7];
+ out[ 8] = SE[get_byte(0, B2)] ^ ME[8];
+ out[ 9] = SE[get_byte(1, B3)] ^ ME[9];
+ out[10] = SE[get_byte(2, B0)] ^ ME[10];
+ out[11] = SE[get_byte(3, B1)] ^ ME[11];
+ out[12] = SE[get_byte(0, B3)] ^ ME[12];
+ out[13] = SE[get_byte(1, B0)] ^ ME[13];
+ out[14] = SE[get_byte(2, B1)] ^ ME[14];
+ out[15] = SE[get_byte(3, B2)] ^ ME[15];
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/**
* AES Decryption
*/
-void AES::dec(const byte in[], byte out[]) const
+void AES::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
const u32bit* TD0 = TD;
const u32bit* TD1 = TD + 256;
const u32bit* TD2 = TD + 512;
const u32bit* TD3 = TD + 768;
- u32bit T0 = load_be<u32bit>(in, 0) ^ DK[0];
- u32bit T1 = load_be<u32bit>(in, 1) ^ DK[1];
- u32bit T2 = load_be<u32bit>(in, 2) ^ DK[2];
- u32bit T3 = load_be<u32bit>(in, 3) ^ DK[3];
-
- u32bit B0, B1, B2, B3;
- B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(1, T3)] ^
- TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ DK[4];
- B1 = TD0[get_byte(0, T1)] ^ TD1[get_byte(1, T0)] ^
- TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ DK[5];
- B2 = TD0[get_byte(0, T2)] ^ TD1[get_byte(1, T1)] ^
- TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ DK[6];
- B3 = TD0[get_byte(0, T3)] ^ TD1[get_byte(1, T2)] ^
- TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ DK[7];
-
- for(u32bit j = 2; j != ROUNDS; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u32bit K0 = DK[4*j+0];
- const u32bit K1 = DK[4*j+1];
- const u32bit K2 = DK[4*j+2];
- const u32bit K3 = DK[4*j+3];
-
- T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(1, B3)] ^
- TD2[get_byte(2, B2)] ^ TD3[get_byte(3, B1)] ^ K0;
- T1 = TD0[get_byte(0, B1)] ^ TD1[get_byte(1, B0)] ^
- TD2[get_byte(2, B3)] ^ TD3[get_byte(3, B2)] ^ K1;
- T2 = TD0[get_byte(0, B2)] ^ TD1[get_byte(1, B1)] ^
- TD2[get_byte(2, B0)] ^ TD3[get_byte(3, B3)] ^ K2;
- T3 = TD0[get_byte(0, B3)] ^ TD1[get_byte(1, B2)] ^
- TD2[get_byte(2, B1)] ^ TD3[get_byte(3, B0)] ^ K3;
-
- const u32bit K4 = DK[4*(j+1)+0];
- const u32bit K5 = DK[4*(j+1)+1];
- const u32bit K6 = DK[4*(j+1)+2];
- const u32bit K7 = DK[4*(j+1)+3];
+ u32bit T0 = load_be<u32bit>(in, 0) ^ DK[0];
+ u32bit T1 = load_be<u32bit>(in, 1) ^ DK[1];
+ u32bit T2 = load_be<u32bit>(in, 2) ^ DK[2];
+ u32bit T3 = load_be<u32bit>(in, 3) ^ DK[3];
+ u32bit B0, B1, B2, B3;
B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(1, T3)] ^
- TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ K4;
+ TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ DK[4];
B1 = TD0[get_byte(0, T1)] ^ TD1[get_byte(1, T0)] ^
- TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ K5;
+ TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ DK[5];
B2 = TD0[get_byte(0, T2)] ^ TD1[get_byte(1, T1)] ^
- TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ K6;
+ TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ DK[6];
B3 = TD0[get_byte(0, T3)] ^ TD1[get_byte(1, T2)] ^
- TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ K7;
- }
+ TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ DK[7];
+
+ for(u32bit j = 2; j != ROUNDS; j += 2)
+ {
+ const u32bit K0 = DK[4*j+0];
+ const u32bit K1 = DK[4*j+1];
+ const u32bit K2 = DK[4*j+2];
+ const u32bit K3 = DK[4*j+3];
+
+ T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(1, B3)] ^
+ TD2[get_byte(2, B2)] ^ TD3[get_byte(3, B1)] ^ K0;
+ T1 = TD0[get_byte(0, B1)] ^ TD1[get_byte(1, B0)] ^
+ TD2[get_byte(2, B3)] ^ TD3[get_byte(3, B2)] ^ K1;
+ T2 = TD0[get_byte(0, B2)] ^ TD1[get_byte(1, B1)] ^
+ TD2[get_byte(2, B0)] ^ TD3[get_byte(3, B3)] ^ K2;
+ T3 = TD0[get_byte(0, B3)] ^ TD1[get_byte(1, B2)] ^
+ TD2[get_byte(2, B1)] ^ TD3[get_byte(3, B0)] ^ K3;
+
+ const u32bit K4 = DK[4*(j+1)+0];
+ const u32bit K5 = DK[4*(j+1)+1];
+ const u32bit K6 = DK[4*(j+1)+2];
+ const u32bit K7 = DK[4*(j+1)+3];
- out[ 0] = SD[get_byte(0, B0)] ^ MD[0];
- out[ 1] = SD[get_byte(1, B3)] ^ MD[1];
- out[ 2] = SD[get_byte(2, B2)] ^ MD[2];
- out[ 3] = SD[get_byte(3, B1)] ^ MD[3];
- out[ 4] = SD[get_byte(0, B1)] ^ MD[4];
- out[ 5] = SD[get_byte(1, B0)] ^ MD[5];
- out[ 6] = SD[get_byte(2, B3)] ^ MD[6];
- out[ 7] = SD[get_byte(3, B2)] ^ MD[7];
- out[ 8] = SD[get_byte(0, B2)] ^ MD[8];
- out[ 9] = SD[get_byte(1, B1)] ^ MD[9];
- out[10] = SD[get_byte(2, B0)] ^ MD[10];
- out[11] = SD[get_byte(3, B3)] ^ MD[11];
- out[12] = SD[get_byte(0, B3)] ^ MD[12];
- out[13] = SD[get_byte(1, B2)] ^ MD[13];
- out[14] = SD[get_byte(2, B1)] ^ MD[14];
- out[15] = SD[get_byte(3, B0)] ^ MD[15];
+ B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(1, T3)] ^
+ TD2[get_byte(2, T2)] ^ TD3[get_byte(3, T1)] ^ K4;
+ B1 = TD0[get_byte(0, T1)] ^ TD1[get_byte(1, T0)] ^
+ TD2[get_byte(2, T3)] ^ TD3[get_byte(3, T2)] ^ K5;
+ B2 = TD0[get_byte(0, T2)] ^ TD1[get_byte(1, T1)] ^
+ TD2[get_byte(2, T0)] ^ TD3[get_byte(3, T3)] ^ K6;
+ B3 = TD0[get_byte(0, T3)] ^ TD1[get_byte(1, T2)] ^
+ TD2[get_byte(2, T1)] ^ TD3[get_byte(3, T0)] ^ K7;
+ }
+
+ out[ 0] = SD[get_byte(0, B0)] ^ MD[0];
+ out[ 1] = SD[get_byte(1, B3)] ^ MD[1];
+ out[ 2] = SD[get_byte(2, B2)] ^ MD[2];
+ out[ 3] = SD[get_byte(3, B1)] ^ MD[3];
+ out[ 4] = SD[get_byte(0, B1)] ^ MD[4];
+ out[ 5] = SD[get_byte(1, B0)] ^ MD[5];
+ out[ 6] = SD[get_byte(2, B3)] ^ MD[6];
+ out[ 7] = SD[get_byte(3, B2)] ^ MD[7];
+ out[ 8] = SD[get_byte(0, B2)] ^ MD[8];
+ out[ 9] = SD[get_byte(1, B1)] ^ MD[9];
+ out[10] = SD[get_byte(2, B0)] ^ MD[10];
+ out[11] = SD[get_byte(3, B3)] ^ MD[11];
+ out[12] = SD[get_byte(0, B3)] ^ MD[12];
+ out[13] = SD[get_byte(1, B2)] ^ MD[13];
+ out[14] = SD[get_byte(2, B1)] ^ MD[14];
+ out[15] = SD[get_byte(3, B0)] ^ MD[15];
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/**
diff --git a/src/block/aes/aes.h b/src/block/aes/aes.h
index 05e2e3123..768bb09e7 100644
--- a/src/block/aes/aes.h
+++ b/src/block/aes/aes.h
@@ -1,6 +1,6 @@
/**
* AES
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -18,14 +18,16 @@ namespace Botan {
class BOTAN_DLL AES : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "AES"; }
BlockCipher* clone() const { return new AES; }
+
AES() : BlockCipher(16, 16, 32, 8) { ROUNDS = 14; }
AES(u32bit);
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static u32bit S(u32bit);
diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h
index 01c45af04..a27609171 100644
--- a/src/block/block_cipher.h
+++ b/src/block/block_cipher.h
@@ -1,6 +1,6 @@
/**
* Block Cipher Base Class
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -45,7 +45,8 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* @param out The byte array designated to hold the encrypted block.
* Must be of length BLOCK_SIZE.
*/
- void encrypt(const byte in[], byte out[]) const { enc(in, out); }
+ void encrypt(const byte in[], byte out[]) const
+ { encrypt_n(in, out, 1); }
/**
* Decrypt a block.
@@ -54,7 +55,8 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* @param out The byte array designated to hold the decrypted block.
* Must be of length BLOCK_SIZE.
*/
- void decrypt(const byte in[], byte out[]) const { dec(in, out); }
+ void decrypt(const byte in[], byte out[]) const
+ { decrypt_n(in, out, 1); }
/**
* Encrypt a block.
@@ -62,7 +64,7 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* Must be of length BLOCK_SIZE. Will hold the result when the function
* has finished.
*/
- void encrypt(byte block[]) const { enc(block, block); }
+ void encrypt(byte block[]) const { encrypt_n(block, block, 1); }
/**
* Decrypt a block.
@@ -70,7 +72,12 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* Must be of length BLOCK_SIZE. Will hold the result when the function
* has finished.
*/
- void decrypt(byte block[]) const { dec(block, block); }
+ void decrypt(byte block[]) const { decrypt_n(block, block, 1); }
+
+ virtual void encrypt_n(const byte in[], byte out[],
+ u32bit blocks) const = 0;
+ virtual void decrypt_n(const byte in[], byte out[],
+ u32bit blocks) const = 0;
/**
* Get a new object representing the same algorithm as *this
@@ -90,9 +97,6 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
BLOCK_SIZE(block_size) {}
virtual ~BlockCipher() {}
- private:
- virtual void enc(const byte[], byte[]) const = 0;
- virtual void dec(const byte[], byte[]) const = 0;
};
}
diff --git a/src/block/blowfish/blowfish.cpp b/src/block/blowfish/blowfish.cpp
index b0599d6c5..312603c3a 100644
--- a/src/block/blowfish/blowfish.cpp
+++ b/src/block/blowfish/blowfish.cpp
@@ -1,6 +1,6 @@
/*
* Blowfish
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -13,59 +13,71 @@ namespace Botan {
/*
* Blowfish Encryption
*/
-void Blowfish::enc(const byte in[], byte out[]) const
+void Blowfish::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
const u32bit* S1 = S + 0;
const u32bit* S2 = S + 256;
const u32bit* S3 = S + 512;
const u32bit* S4 = S + 768;
- u32bit L = load_be<u32bit>(in, 0);
- u32bit R = load_be<u32bit>(in, 1);
-
- for(u32bit j = 0; j != 16; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- L ^= P[j];
- R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
- S3[get_byte(2, L)]) + S4[get_byte(3, L)];
+ u32bit L = load_be<u32bit>(in, 0);
+ u32bit R = load_be<u32bit>(in, 1);
- R ^= P[j+1];
- L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
- S3[get_byte(2, R)]) + S4[get_byte(3, R)];
- }
+ for(u32bit j = 0; j != 16; j += 2)
+ {
+ L ^= P[j];
+ R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
+ S3[get_byte(2, L)]) + S4[get_byte(3, L)];
- L ^= P[16]; R ^= P[17];
+ R ^= P[j+1];
+ L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
+ S3[get_byte(2, R)]) + S4[get_byte(3, R)];
+ }
+
+ L ^= P[16]; R ^= P[17];
- store_be(out, R, L);
+ store_be(out, R, L);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Blowfish Decryption
*/
-void Blowfish::dec(const byte in[], byte out[]) const
+void Blowfish::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
const u32bit* S1 = S + 0;
const u32bit* S2 = S + 256;
const u32bit* S3 = S + 512;
const u32bit* S4 = S + 768;
- u32bit L = load_be<u32bit>(in, 0);
- u32bit R = load_be<u32bit>(in, 1);
-
- for(u32bit j = 17; j != 1; j -= 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- L ^= P[j];
- R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
- S3[get_byte(2, L)]) + S4[get_byte(3, L)];
+ u32bit L = load_be<u32bit>(in, 0);
+ u32bit R = load_be<u32bit>(in, 1);
- R ^= P[j-1];
- L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
- S3[get_byte(2, R)]) + S4[get_byte(3, R)];
- }
+ for(u32bit j = 17; j != 1; j -= 2)
+ {
+ L ^= P[j];
+ R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
+ S3[get_byte(2, L)]) + S4[get_byte(3, L)];
- L ^= P[1]; R ^= P[0];
+ R ^= P[j-1];
+ L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
+ S3[get_byte(2, R)]) + S4[get_byte(3, R)];
+ }
+
+ L ^= P[1]; R ^= P[0];
- store_be(out, R, L);
+ store_be(out, R, L);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/blowfish/blowfish.h b/src/block/blowfish/blowfish.h
index f0f26418d..345c1ce49 100644
--- a/src/block/blowfish/blowfish.h
+++ b/src/block/blowfish/blowfish.h
@@ -1,6 +1,6 @@
/*
* Blowfish
-* (C) 1999-2008 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL Blowfish : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "Blowfish"; }
BlockCipher* clone() const { return new Blowfish; }
+
Blowfish() : BlockCipher(8, 1, 56) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
void generate_sbox(u32bit[], u32bit, u32bit&, u32bit&) const;
diff --git a/src/block/cast/cast128.cpp b/src/block/cast/cast128.cpp
index 046638ab9..887dcf994 100644
--- a/src/block/cast/cast128.cpp
+++ b/src/block/cast/cast128.cpp
@@ -48,57 +48,69 @@ inline void R3(u32bit& L, u32bit R, u32bit MK, u32bit RK)
/*
* CAST-128 Encryption
*/
-void CAST_128::enc(const byte in[], byte out[]) const
+void CAST_128::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0);
- u32bit R = load_be<u32bit>(in, 1);
-
- R1(L, R, MK[ 0], RK[ 0]);
- R2(R, L, MK[ 1], RK[ 1]);
- R3(L, R, MK[ 2], RK[ 2]);
- R1(R, L, MK[ 3], RK[ 3]);
- R2(L, R, MK[ 4], RK[ 4]);
- R3(R, L, MK[ 5], RK[ 5]);
- R1(L, R, MK[ 6], RK[ 6]);
- R2(R, L, MK[ 7], RK[ 7]);
- R3(L, R, MK[ 8], RK[ 8]);
- R1(R, L, MK[ 9], RK[ 9]);
- R2(L, R, MK[10], RK[10]);
- R3(R, L, MK[11], RK[11]);
- R1(L, R, MK[12], RK[12]);
- R2(R, L, MK[13], RK[13]);
- R3(L, R, MK[14], RK[14]);
- R1(R, L, MK[15], RK[15]);
-
- store_be(out, R, L);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit L = load_be<u32bit>(in, 0);
+ u32bit R = load_be<u32bit>(in, 1);
+
+ R1(L, R, MK[ 0], RK[ 0]);
+ R2(R, L, MK[ 1], RK[ 1]);
+ R3(L, R, MK[ 2], RK[ 2]);
+ R1(R, L, MK[ 3], RK[ 3]);
+ R2(L, R, MK[ 4], RK[ 4]);
+ R3(R, L, MK[ 5], RK[ 5]);
+ R1(L, R, MK[ 6], RK[ 6]);
+ R2(R, L, MK[ 7], RK[ 7]);
+ R3(L, R, MK[ 8], RK[ 8]);
+ R1(R, L, MK[ 9], RK[ 9]);
+ R2(L, R, MK[10], RK[10]);
+ R3(R, L, MK[11], RK[11]);
+ R1(L, R, MK[12], RK[12]);
+ R2(R, L, MK[13], RK[13]);
+ R3(L, R, MK[14], RK[14]);
+ R1(R, L, MK[15], RK[15]);
+
+ store_be(out, R, L);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* CAST-128 Decryption
*/
-void CAST_128::dec(const byte in[], byte out[]) const
+void CAST_128::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0);
- u32bit R = load_be<u32bit>(in, 1);
-
- R1(L, R, MK[15], RK[15]);
- R3(R, L, MK[14], RK[14]);
- R2(L, R, MK[13], RK[13]);
- R1(R, L, MK[12], RK[12]);
- R3(L, R, MK[11], RK[11]);
- R2(R, L, MK[10], RK[10]);
- R1(L, R, MK[ 9], RK[ 9]);
- R3(R, L, MK[ 8], RK[ 8]);
- R2(L, R, MK[ 7], RK[ 7]);
- R1(R, L, MK[ 6], RK[ 6]);
- R3(L, R, MK[ 5], RK[ 5]);
- R2(R, L, MK[ 4], RK[ 4]);
- R1(L, R, MK[ 3], RK[ 3]);
- R3(R, L, MK[ 2], RK[ 2]);
- R2(L, R, MK[ 1], RK[ 1]);
- R1(R, L, MK[ 0], RK[ 0]);
-
- store_be(out, R, L);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit L = load_be<u32bit>(in, 0);
+ u32bit R = load_be<u32bit>(in, 1);
+
+ R1(L, R, MK[15], RK[15]);
+ R3(R, L, MK[14], RK[14]);
+ R2(L, R, MK[13], RK[13]);
+ R1(R, L, MK[12], RK[12]);
+ R3(L, R, MK[11], RK[11]);
+ R2(R, L, MK[10], RK[10]);
+ R1(L, R, MK[ 9], RK[ 9]);
+ R3(R, L, MK[ 8], RK[ 8]);
+ R2(L, R, MK[ 7], RK[ 7]);
+ R1(R, L, MK[ 6], RK[ 6]);
+ R3(L, R, MK[ 5], RK[ 5]);
+ R2(R, L, MK[ 4], RK[ 4]);
+ R1(L, R, MK[ 3], RK[ 3]);
+ R3(R, L, MK[ 2], RK[ 2]);
+ R2(L, R, MK[ 1], RK[ 1]);
+ R1(R, L, MK[ 0], RK[ 0]);
+
+ store_be(out, R, L);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 680481482..864a4e47e 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL CAST_128 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { MK.clear(); RK.clear(); }
std::string name() const { return "CAST-128"; }
BlockCipher* clone() const { return new CAST_128; }
+
CAST_128() : BlockCipher(8, 11, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static void key_schedule(u32bit[16], u32bit[4]);
diff --git a/src/block/cast/cast256.cpp b/src/block/cast/cast256.cpp
index 22ff876fa..7a4a4e805 100644
--- a/src/block/cast/cast256.cpp
+++ b/src/block/cast/cast256.cpp
@@ -48,77 +48,89 @@ void round3(u32bit& out, u32bit in, u32bit mask, u32bit rot)
/*
* CAST-256 Encryption
*/
-void CAST_256::enc(const byte in[], byte out[]) const
+void CAST_256::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_be<u32bit>(in, 0);
- u32bit B = load_be<u32bit>(in, 1);
- u32bit C = load_be<u32bit>(in, 2);
- u32bit D = load_be<u32bit>(in, 3);
-
- round1(C, D, MK[ 0], RK[ 0]); round2(B, C, MK[ 1], RK[ 1]);
- round3(A, B, MK[ 2], RK[ 2]); round1(D, A, MK[ 3], RK[ 3]);
- round1(C, D, MK[ 4], RK[ 4]); round2(B, C, MK[ 5], RK[ 5]);
- round3(A, B, MK[ 6], RK[ 6]); round1(D, A, MK[ 7], RK[ 7]);
- round1(C, D, MK[ 8], RK[ 8]); round2(B, C, MK[ 9], RK[ 9]);
- round3(A, B, MK[10], RK[10]); round1(D, A, MK[11], RK[11]);
- round1(C, D, MK[12], RK[12]); round2(B, C, MK[13], RK[13]);
- round3(A, B, MK[14], RK[14]); round1(D, A, MK[15], RK[15]);
- round1(C, D, MK[16], RK[16]); round2(B, C, MK[17], RK[17]);
- round3(A, B, MK[18], RK[18]); round1(D, A, MK[19], RK[19]);
- round1(C, D, MK[20], RK[20]); round2(B, C, MK[21], RK[21]);
- round3(A, B, MK[22], RK[22]); round1(D, A, MK[23], RK[23]);
- round1(D, A, MK[27], RK[27]); round3(A, B, MK[26], RK[26]);
- round2(B, C, MK[25], RK[25]); round1(C, D, MK[24], RK[24]);
- round1(D, A, MK[31], RK[31]); round3(A, B, MK[30], RK[30]);
- round2(B, C, MK[29], RK[29]); round1(C, D, MK[28], RK[28]);
- round1(D, A, MK[35], RK[35]); round3(A, B, MK[34], RK[34]);
- round2(B, C, MK[33], RK[33]); round1(C, D, MK[32], RK[32]);
- round1(D, A, MK[39], RK[39]); round3(A, B, MK[38], RK[38]);
- round2(B, C, MK[37], RK[37]); round1(C, D, MK[36], RK[36]);
- round1(D, A, MK[43], RK[43]); round3(A, B, MK[42], RK[42]);
- round2(B, C, MK[41], RK[41]); round1(C, D, MK[40], RK[40]);
- round1(D, A, MK[47], RK[47]); round3(A, B, MK[46], RK[46]);
- round2(B, C, MK[45], RK[45]); round1(C, D, MK[44], RK[44]);
-
- store_be(out, A, B, C, D);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_be<u32bit>(in, 0);
+ u32bit B = load_be<u32bit>(in, 1);
+ u32bit C = load_be<u32bit>(in, 2);
+ u32bit D = load_be<u32bit>(in, 3);
+
+ round1(C, D, MK[ 0], RK[ 0]); round2(B, C, MK[ 1], RK[ 1]);
+ round3(A, B, MK[ 2], RK[ 2]); round1(D, A, MK[ 3], RK[ 3]);
+ round1(C, D, MK[ 4], RK[ 4]); round2(B, C, MK[ 5], RK[ 5]);
+ round3(A, B, MK[ 6], RK[ 6]); round1(D, A, MK[ 7], RK[ 7]);
+ round1(C, D, MK[ 8], RK[ 8]); round2(B, C, MK[ 9], RK[ 9]);
+ round3(A, B, MK[10], RK[10]); round1(D, A, MK[11], RK[11]);
+ round1(C, D, MK[12], RK[12]); round2(B, C, MK[13], RK[13]);
+ round3(A, B, MK[14], RK[14]); round1(D, A, MK[15], RK[15]);
+ round1(C, D, MK[16], RK[16]); round2(B, C, MK[17], RK[17]);
+ round3(A, B, MK[18], RK[18]); round1(D, A, MK[19], RK[19]);
+ round1(C, D, MK[20], RK[20]); round2(B, C, MK[21], RK[21]);
+ round3(A, B, MK[22], RK[22]); round1(D, A, MK[23], RK[23]);
+ round1(D, A, MK[27], RK[27]); round3(A, B, MK[26], RK[26]);
+ round2(B, C, MK[25], RK[25]); round1(C, D, MK[24], RK[24]);
+ round1(D, A, MK[31], RK[31]); round3(A, B, MK[30], RK[30]);
+ round2(B, C, MK[29], RK[29]); round1(C, D, MK[28], RK[28]);
+ round1(D, A, MK[35], RK[35]); round3(A, B, MK[34], RK[34]);
+ round2(B, C, MK[33], RK[33]); round1(C, D, MK[32], RK[32]);
+ round1(D, A, MK[39], RK[39]); round3(A, B, MK[38], RK[38]);
+ round2(B, C, MK[37], RK[37]); round1(C, D, MK[36], RK[36]);
+ round1(D, A, MK[43], RK[43]); round3(A, B, MK[42], RK[42]);
+ round2(B, C, MK[41], RK[41]); round1(C, D, MK[40], RK[40]);
+ round1(D, A, MK[47], RK[47]); round3(A, B, MK[46], RK[46]);
+ round2(B, C, MK[45], RK[45]); round1(C, D, MK[44], RK[44]);
+
+ store_be(out, A, B, C, D);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* CAST-256 Decryption
*/
-void CAST_256::dec(const byte in[], byte out[]) const
+void CAST_256::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_be<u32bit>(in, 0);
- u32bit B = load_be<u32bit>(in, 1);
- u32bit C = load_be<u32bit>(in, 2);
- u32bit D = load_be<u32bit>(in, 3);
-
- round1(C, D, MK[44], RK[44]); round2(B, C, MK[45], RK[45]);
- round3(A, B, MK[46], RK[46]); round1(D, A, MK[47], RK[47]);
- round1(C, D, MK[40], RK[40]); round2(B, C, MK[41], RK[41]);
- round3(A, B, MK[42], RK[42]); round1(D, A, MK[43], RK[43]);
- round1(C, D, MK[36], RK[36]); round2(B, C, MK[37], RK[37]);
- round3(A, B, MK[38], RK[38]); round1(D, A, MK[39], RK[39]);
- round1(C, D, MK[32], RK[32]); round2(B, C, MK[33], RK[33]);
- round3(A, B, MK[34], RK[34]); round1(D, A, MK[35], RK[35]);
- round1(C, D, MK[28], RK[28]); round2(B, C, MK[29], RK[29]);
- round3(A, B, MK[30], RK[30]); round1(D, A, MK[31], RK[31]);
- round1(C, D, MK[24], RK[24]); round2(B, C, MK[25], RK[25]);
- round3(A, B, MK[26], RK[26]); round1(D, A, MK[27], RK[27]);
- round1(D, A, MK[23], RK[23]); round3(A, B, MK[22], RK[22]);
- round2(B, C, MK[21], RK[21]); round1(C, D, MK[20], RK[20]);
- round1(D, A, MK[19], RK[19]); round3(A, B, MK[18], RK[18]);
- round2(B, C, MK[17], RK[17]); round1(C, D, MK[16], RK[16]);
- round1(D, A, MK[15], RK[15]); round3(A, B, MK[14], RK[14]);
- round2(B, C, MK[13], RK[13]); round1(C, D, MK[12], RK[12]);
- round1(D, A, MK[11], RK[11]); round3(A, B, MK[10], RK[10]);
- round2(B, C, MK[ 9], RK[ 9]); round1(C, D, MK[ 8], RK[ 8]);
- round1(D, A, MK[ 7], RK[ 7]); round3(A, B, MK[ 6], RK[ 6]);
- round2(B, C, MK[ 5], RK[ 5]); round1(C, D, MK[ 4], RK[ 4]);
- round1(D, A, MK[ 3], RK[ 3]); round3(A, B, MK[ 2], RK[ 2]);
- round2(B, C, MK[ 1], RK[ 1]); round1(C, D, MK[ 0], RK[ 0]);
-
- store_be(out, A, B, C, D);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_be<u32bit>(in, 0);
+ u32bit B = load_be<u32bit>(in, 1);
+ u32bit C = load_be<u32bit>(in, 2);
+ u32bit D = load_be<u32bit>(in, 3);
+
+ round1(C, D, MK[44], RK[44]); round2(B, C, MK[45], RK[45]);
+ round3(A, B, MK[46], RK[46]); round1(D, A, MK[47], RK[47]);
+ round1(C, D, MK[40], RK[40]); round2(B, C, MK[41], RK[41]);
+ round3(A, B, MK[42], RK[42]); round1(D, A, MK[43], RK[43]);
+ round1(C, D, MK[36], RK[36]); round2(B, C, MK[37], RK[37]);
+ round3(A, B, MK[38], RK[38]); round1(D, A, MK[39], RK[39]);
+ round1(C, D, MK[32], RK[32]); round2(B, C, MK[33], RK[33]);
+ round3(A, B, MK[34], RK[34]); round1(D, A, MK[35], RK[35]);
+ round1(C, D, MK[28], RK[28]); round2(B, C, MK[29], RK[29]);
+ round3(A, B, MK[30], RK[30]); round1(D, A, MK[31], RK[31]);
+ round1(C, D, MK[24], RK[24]); round2(B, C, MK[25], RK[25]);
+ round3(A, B, MK[26], RK[26]); round1(D, A, MK[27], RK[27]);
+ round1(D, A, MK[23], RK[23]); round3(A, B, MK[22], RK[22]);
+ round2(B, C, MK[21], RK[21]); round1(C, D, MK[20], RK[20]);
+ round1(D, A, MK[19], RK[19]); round3(A, B, MK[18], RK[18]);
+ round2(B, C, MK[17], RK[17]); round1(C, D, MK[16], RK[16]);
+ round1(D, A, MK[15], RK[15]); round3(A, B, MK[14], RK[14]);
+ round2(B, C, MK[13], RK[13]); round1(C, D, MK[12], RK[12]);
+ round1(D, A, MK[11], RK[11]); round3(A, B, MK[10], RK[10]);
+ round2(B, C, MK[ 9], RK[ 9]); round1(C, D, MK[ 8], RK[ 8]);
+ round1(D, A, MK[ 7], RK[ 7]); round3(A, B, MK[ 6], RK[ 6]);
+ round2(B, C, MK[ 5], RK[ 5]); round1(C, D, MK[ 4], RK[ 4]);
+ round1(D, A, MK[ 3], RK[ 3]); round3(A, B, MK[ 2], RK[ 2]);
+ round2(B, C, MK[ 1], RK[ 1]); round1(C, D, MK[ 0], RK[ 0]);
+
+ store_be(out, A, B, C, D);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h
index cd48edd5e..1be7fa9cf 100644
--- a/src/block/cast/cast256.h
+++ b/src/block/cast/cast256.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL CAST_256 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { MK.clear(); RK.clear(); }
std::string name() const { return "CAST-256"; }
BlockCipher* clone() const { return new CAST_256; }
+
CAST_256() : BlockCipher(16, 4, 32, 4) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static const u32bit KEY_MASK[192];
diff --git a/src/block/des/des.cpp b/src/block/des/des.cpp
index 37520e0fc..1c9d37e6b 100644
--- a/src/block/des/des.cpp
+++ b/src/block/des/des.cpp
@@ -139,51 +139,63 @@ void des_decrypt(u32bit& L, u32bit& R,
/*
* DES Encryption
*/
-void DES::enc(const byte in[], byte out[]) const
+void DES::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
- (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
- (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
- (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
+ (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
+ (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
+ (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+
+ u32bit L = static_cast<u32bit>(T >> 32);
+ u32bit R = static_cast<u32bit>(T);
- u32bit L = static_cast<u32bit>(T >> 32);
- u32bit R = static_cast<u32bit>(T);
+ des_encrypt(L, R, round_key);
- des_encrypt(L, R, round_key);
+ T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
+ (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
+ (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
+ (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
- T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
- (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
- (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
- (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
+ T = rotate_left(T, 32);
- T = rotate_left(T, 32);
+ store_be(T, out);
- store_be(T, out);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* DES Decryption
*/
-void DES::dec(const byte in[], byte out[]) const
+void DES::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
- (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
- (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
- (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
+ (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
+ (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
+ (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+
+ u32bit L = static_cast<u32bit>(T >> 32);
+ u32bit R = static_cast<u32bit>(T);
- u32bit L = static_cast<u32bit>(T >> 32);
- u32bit R = static_cast<u32bit>(T);
+ des_decrypt(L, R, round_key);
- des_decrypt(L, R, round_key);
+ T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
+ (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
+ (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
+ (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
- T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
- (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
- (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
- (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
+ T = rotate_left(T, 32);
- T = rotate_left(T, 32);
+ store_be(T, out);
- store_be(T, out);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
@@ -197,55 +209,67 @@ void DES::key_schedule(const byte key[], u32bit)
/*
* TripleDES Encryption
*/
-void TripleDES::enc(const byte in[], byte out[]) const
+void TripleDES::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
- (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
- (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
- (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
+ (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
+ (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
+ (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+
+ u32bit L = static_cast<u32bit>(T >> 32);
+ u32bit R = static_cast<u32bit>(T);
- u32bit L = static_cast<u32bit>(T >> 32);
- u32bit R = static_cast<u32bit>(T);
+ des_encrypt(L, R, round_key);
+ des_decrypt(R, L, round_key + 32);
+ des_encrypt(L, R, round_key + 64);
- des_encrypt(L, R, round_key);
- des_decrypt(R, L, round_key + 32);
- des_encrypt(L, R, round_key + 64);
+ T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
+ (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
+ (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
+ (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
- T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
- (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
- (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
- (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
+ T = rotate_left(T, 32);
- T = rotate_left(T, 32);
+ store_be(T, out);
- store_be(T, out);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* TripleDES Decryption
*/
-void TripleDES::dec(const byte in[], byte out[]) const
+void TripleDES::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
- (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
- (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
- (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u64bit T = (DES_IPTAB1[in[0]] ) | (DES_IPTAB1[in[1]] << 1) |
+ (DES_IPTAB1[in[2]] << 2) | (DES_IPTAB1[in[3]] << 3) |
+ (DES_IPTAB1[in[4]] << 4) | (DES_IPTAB1[in[5]] << 5) |
+ (DES_IPTAB1[in[6]] << 6) | (DES_IPTAB2[in[7]] );
+
+ u32bit L = static_cast<u32bit>(T >> 32);
+ u32bit R = static_cast<u32bit>(T);
- u32bit L = static_cast<u32bit>(T >> 32);
- u32bit R = static_cast<u32bit>(T);
+ des_decrypt(L, R, round_key + 64);
+ des_encrypt(R, L, round_key + 32);
+ des_decrypt(L, R, round_key);
- des_decrypt(L, R, round_key + 64);
- des_encrypt(R, L, round_key + 32);
- des_decrypt(L, R, round_key);
+ T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
+ (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
+ (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
+ (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
- T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
- (DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
- (DES_FPTAB1[get_byte(0, R)] << 4) | (DES_FPTAB1[get_byte(1, R)] << 2) |
- (DES_FPTAB1[get_byte(2, R)] ) | (DES_FPTAB2[get_byte(3, R)] );
+ T = rotate_left(T, 32);
- T = rotate_left(T, 32);
+ store_be(T, out);
- store_be(T, out);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/des/des.h b/src/block/des/des.h
index 6fa59de5e..856aaf60c 100644
--- a/src/block/des/des.h
+++ b/src/block/des/des.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL DES : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { round_key.clear(); }
std::string name() const { return "DES"; }
BlockCipher* clone() const { return new DES; }
+
DES() : BlockCipher(8, 8) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 32> round_key;
@@ -36,13 +38,15 @@ class BOTAN_DLL DES : public BlockCipher
class BOTAN_DLL TripleDES : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { round_key.clear(); }
std::string name() const { return "TripleDES"; }
BlockCipher* clone() const { return new TripleDES; }
+
TripleDES() : BlockCipher(8, 16, 24, 8) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 96> round_key;
diff --git a/src/block/des/desx.cpp b/src/block/des/desx.cpp
index e557901d3..1fc1c47f2 100644
--- a/src/block/des/desx.cpp
+++ b/src/block/des/desx.cpp
@@ -13,21 +13,33 @@ namespace Botan {
/*
* DESX Encryption
*/
-void DESX::enc(const byte in[], byte out[]) const
+void DESX::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- xor_buf(out, in, K1.begin(), BLOCK_SIZE);
- des.encrypt(out);
- xor_buf(out, K2.begin(), BLOCK_SIZE);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ xor_buf(out, in, K1.begin(), BLOCK_SIZE);
+ des.encrypt(out);
+ xor_buf(out, K2.begin(), BLOCK_SIZE);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* DESX Decryption
*/
-void DESX::dec(const byte in[], byte out[]) const
+void DESX::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- xor_buf(out, in, K2.begin(), BLOCK_SIZE);
- des.decrypt(out);
- xor_buf(out, K1.begin(), BLOCK_SIZE);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ xor_buf(out, in, K2.begin(), BLOCK_SIZE);
+ des.decrypt(out);
+ xor_buf(out, K1.begin(), BLOCK_SIZE);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/des/desx.h b/src/block/des/desx.h
index 49ecc2421..d22895296 100644
--- a/src/block/des/desx.h
+++ b/src/block/des/desx.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL DESX : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { des.clear(); K1.clear(); K2.clear(); }
std::string name() const { return "DESX"; }
BlockCipher* clone() const { return new DESX; }
+
DESX() : BlockCipher(8, 24) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<byte, 8> K1, K2;
DES des;
diff --git a/src/block/gost_28147/gost_28147.cpp b/src/block/gost_28147/gost_28147.cpp
index bfd092c56..272f1bcab 100644
--- a/src/block/gost_28147/gost_28147.cpp
+++ b/src/block/gost_28147/gost_28147.cpp
@@ -84,47 +84,58 @@ GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) :
/*
* GOST Encryption
*/
-void GOST_28147_89::enc(const byte in[], byte out[]) const
+void GOST_28147_89::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit N1 = load_le<u32bit>(in, 0), N2 = load_le<u32bit>(in, 1);
-
- for(size_t i = 0; i != 3; ++i)
+ for(u32bit i = 0; i != blocks; ++i)
{
- GOST_2ROUND(N1, N2, 0, 1);
- GOST_2ROUND(N1, N2, 2, 3);
- GOST_2ROUND(N1, N2, 4, 5);
- GOST_2ROUND(N1, N2, 6, 7);
- }
+ u32bit N1 = load_le<u32bit>(in, 0), N2 = load_le<u32bit>(in, 1);
- GOST_2ROUND(N1, N2, 7, 6);
- GOST_2ROUND(N1, N2, 5, 4);
- GOST_2ROUND(N1, N2, 3, 2);
- GOST_2ROUND(N1, N2, 1, 0);
+ for(size_t j = 0; j != 3; ++j)
+ {
+ GOST_2ROUND(N1, N2, 0, 1);
+ GOST_2ROUND(N1, N2, 2, 3);
+ GOST_2ROUND(N1, N2, 4, 5);
+ GOST_2ROUND(N1, N2, 6, 7);
+ }
- store_le(out, N2, N1);
+ GOST_2ROUND(N1, N2, 7, 6);
+ GOST_2ROUND(N1, N2, 5, 4);
+ GOST_2ROUND(N1, N2, 3, 2);
+ GOST_2ROUND(N1, N2, 1, 0);
+
+ store_le(out, N2, N1);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* GOST Decryption
*/
-void GOST_28147_89::dec(const byte in[], byte out[]) const
+void GOST_28147_89::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit N1 = load_le<u32bit>(in, 0), N2 = load_le<u32bit>(in, 1);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit N1 = load_le<u32bit>(in, 0), N2 = load_le<u32bit>(in, 1);
- GOST_2ROUND(N1, N2, 0, 1);
- GOST_2ROUND(N1, N2, 2, 3);
- GOST_2ROUND(N1, N2, 4, 5);
- GOST_2ROUND(N1, N2, 6, 7);
+ GOST_2ROUND(N1, N2, 0, 1);
+ GOST_2ROUND(N1, N2, 2, 3);
+ GOST_2ROUND(N1, N2, 4, 5);
+ GOST_2ROUND(N1, N2, 6, 7);
- for(size_t i = 0; i != 3; ++i)
- {
- GOST_2ROUND(N1, N2, 7, 6);
- GOST_2ROUND(N1, N2, 5, 4);
- GOST_2ROUND(N1, N2, 3, 2);
- GOST_2ROUND(N1, N2, 1, 0);
- }
+ for(size_t i = 0; i != 3; ++i)
+ {
+ GOST_2ROUND(N1, N2, 7, 6);
+ GOST_2ROUND(N1, N2, 5, 4);
+ GOST_2ROUND(N1, N2, 3, 2);
+ GOST_2ROUND(N1, N2, 1, 0);
+ }
- store_le(out, N2, N1);
+ store_le(out, N2, N1);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h
index 96d24c669..18c1d0a29 100644
--- a/src/block/gost_28147/gost_28147.h
+++ b/src/block/gost_28147/gost_28147.h
@@ -44,6 +44,9 @@ class GOST_28147_89_Params
class BOTAN_DLL GOST_28147_89 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); }
std::string name() const { return "GOST-28147-89"; }
@@ -54,8 +57,6 @@ class BOTAN_DLL GOST_28147_89 : public BlockCipher
GOST_28147_89(const SecureBuffer<u32bit, 1024>& other_SBOX) :
BlockCipher(8, 32), SBOX(other_SBOX) {}
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 1024> SBOX;
diff --git a/src/block/idea/idea.cpp b/src/block/idea/idea.cpp
index 5bbe47087..fb5fe83f1 100644
--- a/src/block/idea/idea.cpp
+++ b/src/block/idea/idea.cpp
@@ -60,77 +60,89 @@ u16bit mul_inv(u16bit x)
/*
* IDEA Encryption
*/
-void IDEA::enc(const byte in[], byte out[]) const
+void IDEA::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit X1 = load_be<u16bit>(in, 0);
- u16bit X2 = load_be<u16bit>(in, 1);
- u16bit X3 = load_be<u16bit>(in, 2);
- u16bit X4 = load_be<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 8; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- X1 = mul(X1, EK[6*j+0]);
- X2 += EK[6*j+1];
- X3 += EK[6*j+2];
- X4 = mul(X4, EK[6*j+3]);
-
- u16bit T0 = X3;
- X3 = mul(X3 ^ X1, EK[6*j+4]);
-
- u16bit T1 = X2;
- X2 = mul((X2 ^ X4) + X3, EK[6*j+5]);
- X3 += X2;
-
- X1 ^= X2;
- X4 ^= X3;
- X2 ^= T0;
- X3 ^= T1;
+ u16bit X1 = load_be<u16bit>(in, 0);
+ u16bit X2 = load_be<u16bit>(in, 1);
+ u16bit X3 = load_be<u16bit>(in, 2);
+ u16bit X4 = load_be<u16bit>(in, 3);
+
+ for(u32bit j = 0; j != 8; ++j)
+ {
+ X1 = mul(X1, EK[6*j+0]);
+ X2 += EK[6*j+1];
+ X3 += EK[6*j+2];
+ X4 = mul(X4, EK[6*j+3]);
+
+ u16bit T0 = X3;
+ X3 = mul(X3 ^ X1, EK[6*j+4]);
+
+ u16bit T1 = X2;
+ X2 = mul((X2 ^ X4) + X3, EK[6*j+5]);
+ X3 += X2;
+
+ X1 ^= X2;
+ X4 ^= X3;
+ X2 ^= T0;
+ X3 ^= T1;
+ }
+
+ X1 = mul(X1, EK[48]);
+ X2 += EK[50];
+ X3 += EK[49];
+ X4 = mul(X4, EK[51]);
+
+ store_be(out, X1, X3, X2, X4);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
-
- X1 = mul(X1, EK[48]);
- X2 += EK[50];
- X3 += EK[49];
- X4 = mul(X4, EK[51]);
-
- store_be(out, X1, X3, X2, X4);
}
/*
* IDEA Decryption
*/
-void IDEA::dec(const byte in[], byte out[]) const
+void IDEA::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit X1 = load_be<u16bit>(in, 0);
- u16bit X2 = load_be<u16bit>(in, 1);
- u16bit X3 = load_be<u16bit>(in, 2);
- u16bit X4 = load_be<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 8; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- X1 = mul(X1, DK[6*j+0]);
- X2 += DK[6*j+1];
- X3 += DK[6*j+2];
- X4 = mul(X4, DK[6*j+3]);
-
- u16bit T0 = X3;
- X3 = mul(X3 ^ X1, DK[6*j+4]);
-
- u16bit T1 = X2;
- X2 = mul((X2 ^ X4) + X3, DK[6*j+5]);
- X3 += X2;
-
- X1 ^= X2;
- X4 ^= X3;
- X2 ^= T0;
- X3 ^= T1;
+ u16bit X1 = load_be<u16bit>(in, 0);
+ u16bit X2 = load_be<u16bit>(in, 1);
+ u16bit X3 = load_be<u16bit>(in, 2);
+ u16bit X4 = load_be<u16bit>(in, 3);
+
+ for(u32bit j = 0; j != 8; ++j)
+ {
+ X1 = mul(X1, DK[6*j+0]);
+ X2 += DK[6*j+1];
+ X3 += DK[6*j+2];
+ X4 = mul(X4, DK[6*j+3]);
+
+ u16bit T0 = X3;
+ X3 = mul(X3 ^ X1, DK[6*j+4]);
+
+ u16bit T1 = X2;
+ X2 = mul((X2 ^ X4) + X3, DK[6*j+5]);
+ X3 += X2;
+
+ X1 ^= X2;
+ X4 ^= X3;
+ X2 ^= T0;
+ X3 ^= T1;
+ }
+
+ X1 = mul(X1, DK[48]);
+ X2 += DK[50];
+ X3 += DK[49];
+ X4 = mul(X4, DK[51]);
+
+ store_be(out, X1, X3, X2, X4);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
-
- X1 = mul(X1, DK[48]);
- X2 += DK[50];
- X3 += DK[49];
- X4 = mul(X4, DK[51]);
-
- store_be(out, X1, X3, X2, X4);
}
/*
diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h
index 2c53cd0e4..59484531b 100644
--- a/src/block/idea/idea.h
+++ b/src/block/idea/idea.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL IDEA : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); DK.clear(); }
std::string name() const { return "IDEA"; }
BlockCipher* clone() const { return new IDEA; }
+
IDEA() : BlockCipher(8, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u16bit, 52> EK, DK;
};
diff --git a/src/block/kasumi/kasumi.cpp b/src/block/kasumi/kasumi.cpp
index e051ddefb..dff6db13c 100644
--- a/src/block/kasumi/kasumi.cpp
+++ b/src/block/kasumi/kasumi.cpp
@@ -109,79 +109,91 @@ u16bit FI(u16bit I, u16bit K)
/*
* KASUMI Encryption
*/
-void KASUMI::enc(const byte in[], byte out[]) const
+void KASUMI::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit B0 = load_be<u16bit>(in, 0);
- u16bit B1 = load_be<u16bit>(in, 1);
- u16bit B2 = load_be<u16bit>(in, 2);
- u16bit B3 = load_be<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 8; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u16bit* K = EK + 8*j;
+ u16bit B0 = load_be<u16bit>(in, 0);
+ u16bit B1 = load_be<u16bit>(in, 1);
+ u16bit B2 = load_be<u16bit>(in, 2);
+ u16bit B3 = load_be<u16bit>(in, 3);
- u16bit R = B1 ^ (rotate_left(B0, 1) & K[0]);
- u16bit L = B0 ^ (rotate_left(R, 1) | K[1]);
+ for(u32bit j = 0; j != 8; j += 2)
+ {
+ const u16bit* K = EK + 8*j;
- L = FI(L ^ K[ 2], K[ 3]) ^ R;
- R = FI(R ^ K[ 4], K[ 5]) ^ L;
- L = FI(L ^ K[ 6], K[ 7]) ^ R;
+ u16bit R = B1 ^ (rotate_left(B0, 1) & K[0]);
+ u16bit L = B0 ^ (rotate_left(R, 1) | K[1]);
- R = B2 ^= R;
- L = B3 ^= L;
+ L = FI(L ^ K[ 2], K[ 3]) ^ R;
+ R = FI(R ^ K[ 4], K[ 5]) ^ L;
+ L = FI(L ^ K[ 6], K[ 7]) ^ R;
- R = FI(R ^ K[10], K[11]) ^ L;
- L = FI(L ^ K[12], K[13]) ^ R;
- R = FI(R ^ K[14], K[15]) ^ L;
+ R = B2 ^= R;
+ L = B3 ^= L;
- R ^= (rotate_left(L, 1) & K[8]);
- L ^= (rotate_left(R, 1) | K[9]);
+ R = FI(R ^ K[10], K[11]) ^ L;
+ L = FI(L ^ K[12], K[13]) ^ R;
+ R = FI(R ^ K[14], K[15]) ^ L;
- B0 ^= L;
- B1 ^= R;
- }
+ R ^= (rotate_left(L, 1) & K[8]);
+ L ^= (rotate_left(R, 1) | K[9]);
+
+ B0 ^= L;
+ B1 ^= R;
+ }
- store_be(out, B0, B1, B2, B3);
+ store_be(out, B0, B1, B2, B3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* KASUMI Decryption
*/
-void KASUMI::dec(const byte in[], byte out[]) const
+void KASUMI::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit B0 = load_be<u16bit>(in, 0);
- u16bit B1 = load_be<u16bit>(in, 1);
- u16bit B2 = load_be<u16bit>(in, 2);
- u16bit B3 = load_be<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 8; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u16bit* K = EK + 8*(6-j);
+ u16bit B0 = load_be<u16bit>(in, 0);
+ u16bit B1 = load_be<u16bit>(in, 1);
+ u16bit B2 = load_be<u16bit>(in, 2);
+ u16bit B3 = load_be<u16bit>(in, 3);
- u16bit L = B2, R = B3;
+ for(u32bit j = 0; j != 8; j += 2)
+ {
+ const u16bit* K = EK + 8*(6-j);
- L = FI(L ^ K[10], K[11]) ^ R;
- R = FI(R ^ K[12], K[13]) ^ L;
- L = FI(L ^ K[14], K[15]) ^ R;
+ u16bit L = B2, R = B3;
- L ^= (rotate_left(R, 1) & K[8]);
- R ^= (rotate_left(L, 1) | K[9]);
+ L = FI(L ^ K[10], K[11]) ^ R;
+ R = FI(R ^ K[12], K[13]) ^ L;
+ L = FI(L ^ K[14], K[15]) ^ R;
- R = B0 ^= R;
- L = B1 ^= L;
+ L ^= (rotate_left(R, 1) & K[8]);
+ R ^= (rotate_left(L, 1) | K[9]);
- L ^= (rotate_left(R, 1) & K[0]);
- R ^= (rotate_left(L, 1) | K[1]);
+ R = B0 ^= R;
+ L = B1 ^= L;
- R = FI(R ^ K[2], K[3]) ^ L;
- L = FI(L ^ K[4], K[5]) ^ R;
- R = FI(R ^ K[6], K[7]) ^ L;
+ L ^= (rotate_left(R, 1) & K[0]);
+ R ^= (rotate_left(L, 1) | K[1]);
- B2 ^= L;
- B3 ^= R;
- }
+ R = FI(R ^ K[2], K[3]) ^ L;
+ L = FI(L ^ K[4], K[5]) ^ R;
+ R = FI(R ^ K[6], K[7]) ^ L;
+
+ B2 ^= L;
+ B3 ^= R;
+ }
- store_be(out, B0, B1, B2, B3);
+ store_be(out, B0, B1, B2, B3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h
index df49fa9eb..0f5a5d182 100644
--- a/src/block/kasumi/kasumi.h
+++ b/src/block/kasumi/kasumi.h
@@ -18,14 +18,15 @@ namespace Botan {
class BOTAN_DLL KASUMI : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); }
std::string name() const { return "KASUMI"; }
BlockCipher* clone() const { return new KASUMI; }
KASUMI() : BlockCipher(8, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u16bit, 64> EK;
diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp
index c7cdf6d13..83c1e3aa3 100644
--- a/src/block/lion/lion.cpp
+++ b/src/block/lion/lion.cpp
@@ -14,41 +14,53 @@ namespace Botan {
/*
* Lion Encryption
*/
-void Lion::enc(const byte in[], byte out[]) const
+void Lion::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
SecureVector<byte> buffer(LEFT_SIZE);
- xor_buf(buffer, in, key1, LEFT_SIZE);
- cipher->set_key(buffer, LEFT_SIZE);
- cipher->encrypt(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ xor_buf(buffer, in, key1, LEFT_SIZE);
+ cipher->set_key(buffer, LEFT_SIZE);
+ cipher->encrypt(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE);
- hash->update(out + LEFT_SIZE, RIGHT_SIZE);
- hash->final(buffer);
- xor_buf(out, in, buffer, LEFT_SIZE);
+ hash->update(out + LEFT_SIZE, RIGHT_SIZE);
+ hash->final(buffer);
+ xor_buf(out, in, buffer, LEFT_SIZE);
- xor_buf(buffer, out, key2, LEFT_SIZE);
- cipher->set_key(buffer, LEFT_SIZE);
- cipher->encrypt(out + LEFT_SIZE, RIGHT_SIZE);
+ xor_buf(buffer, out, key2, LEFT_SIZE);
+ cipher->set_key(buffer, LEFT_SIZE);
+ cipher->encrypt(out + LEFT_SIZE, RIGHT_SIZE);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Lion Decryption
*/
-void Lion::dec(const byte in[], byte out[]) const
+void Lion::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
SecureVector<byte> buffer(LEFT_SIZE);
- xor_buf(buffer, in, key2, LEFT_SIZE);
- cipher->set_key(buffer, LEFT_SIZE);
- cipher->encrypt(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ xor_buf(buffer, in, key2, LEFT_SIZE);
+ cipher->set_key(buffer, LEFT_SIZE);
+ cipher->encrypt(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE);
+
+ hash->update(out + LEFT_SIZE, RIGHT_SIZE);
+ hash->final(buffer);
+ xor_buf(out, in, buffer, LEFT_SIZE);
- hash->update(out + LEFT_SIZE, RIGHT_SIZE);
- hash->final(buffer);
- xor_buf(out, in, buffer, LEFT_SIZE);
+ xor_buf(buffer, out, key1, LEFT_SIZE);
+ cipher->set_key(buffer, LEFT_SIZE);
+ cipher->encrypt(out + LEFT_SIZE, RIGHT_SIZE);
- xor_buf(buffer, out, key1, LEFT_SIZE);
- cipher->set_key(buffer, LEFT_SIZE);
- cipher->encrypt(out + LEFT_SIZE, RIGHT_SIZE);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/lion/lion.h b/src/block/lion/lion.h
index 5bc4e72c0..d421771d6 100644
--- a/src/block/lion/lion.h
+++ b/src/block/lion/lion.h
@@ -20,6 +20,9 @@ namespace Botan {
class BOTAN_DLL Lion : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const;
BlockCipher* clone() const;
@@ -27,8 +30,6 @@ class BOTAN_DLL Lion : public BlockCipher
Lion(HashFunction*, StreamCipher*, u32bit);
~Lion() { delete hash; delete cipher; }
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
const u32bit LEFT_SIZE, RIGHT_SIZE;
diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp
index a9d2b1db2..6ad64f2b0 100644
--- a/src/block/lubyrack/lubyrack.cpp
+++ b/src/block/lubyrack/lubyrack.cpp
@@ -13,59 +13,71 @@ namespace Botan {
/*
* Luby-Rackoff Encryption
*/
-void LubyRackoff::enc(const byte in[], byte out[]) const
+void LubyRackoff::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- const u32bit len = hash->OUTPUT_LENGTH;
-
- SecureVector<byte> buffer(len);
- hash->update(K1);
- hash->update(in, len);
- hash->final(buffer);
- xor_buf(out + len, in + len, buffer, len);
-
- hash->update(K2);
- hash->update(out + len, len);
- hash->final(buffer);
- xor_buf(out, in, buffer, len);
-
- hash->update(K1);
- hash->update(out, len);
- hash->final(buffer);
- xor_buf(out + len, buffer, len);
-
- hash->update(K2);
- hash->update(out + len, len);
- hash->final(buffer);
- xor_buf(out, buffer, len);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ const u32bit len = hash->OUTPUT_LENGTH;
+
+ SecureVector<byte> buffer(len);
+ hash->update(K1);
+ hash->update(in, len);
+ hash->final(buffer);
+ xor_buf(out + len, in + len, buffer, len);
+
+ hash->update(K2);
+ hash->update(out + len, len);
+ hash->final(buffer);
+ xor_buf(out, in, buffer, len);
+
+ hash->update(K1);
+ hash->update(out, len);
+ hash->final(buffer);
+ xor_buf(out + len, buffer, len);
+
+ hash->update(K2);
+ hash->update(out + len, len);
+ hash->final(buffer);
+ xor_buf(out, buffer, len);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Luby-Rackoff Decryption
*/
-void LubyRackoff::dec(const byte in[], byte out[]) const
+void LubyRackoff::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- const u32bit len = hash->OUTPUT_LENGTH;
-
- SecureVector<byte> buffer(len);
- hash->update(K2);
- hash->update(in + len, len);
- hash->final(buffer);
- xor_buf(out, in, buffer, len);
-
- hash->update(K1);
- hash->update(out, len);
- hash->final(buffer);
- xor_buf(out + len, in + len, buffer, len);
-
- hash->update(K2);
- hash->update(out + len, len);
- hash->final(buffer);
- xor_buf(out, buffer, len);
-
- hash->update(K1);
- hash->update(out, len);
- hash->final(buffer);
- xor_buf(out + len, buffer, len);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ const u32bit len = hash->OUTPUT_LENGTH;
+
+ SecureVector<byte> buffer(len);
+ hash->update(K2);
+ hash->update(in + len, len);
+ hash->final(buffer);
+ xor_buf(out, in, buffer, len);
+
+ hash->update(K1);
+ hash->update(out, len);
+ hash->final(buffer);
+ xor_buf(out + len, in + len, buffer, len);
+
+ hash->update(K2);
+ hash->update(out + len, len);
+ hash->final(buffer);
+ xor_buf(out, buffer, len);
+
+ hash->update(K1);
+ hash->update(out, len);
+ hash->final(buffer);
+ xor_buf(out + len, buffer, len);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/lubyrack/lubyrack.h b/src/block/lubyrack/lubyrack.h
index ebde31304..940b34603 100644
--- a/src/block/lubyrack/lubyrack.h
+++ b/src/block/lubyrack/lubyrack.h
@@ -19,6 +19,9 @@ namespace Botan {
class BOTAN_DLL LubyRackoff : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const;
BlockCipher* clone() const;
@@ -26,9 +29,8 @@ class BOTAN_DLL LubyRackoff : public BlockCipher
LubyRackoff(HashFunction* hash);
~LubyRackoff() { delete hash; }
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
+
HashFunction* hash;
SecureVector<byte> K1, K2;
};
diff --git a/src/block/mars/mars.cpp b/src/block/mars/mars.cpp
index 08c8409c5..69556acb3 100644
--- a/src/block/mars/mars.cpp
+++ b/src/block/mars/mars.cpp
@@ -1,6 +1,6 @@
/*
* MARS
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -50,75 +50,87 @@ u32bit gen_mask(u32bit input)
/*
* MARS Encryption
*/
-void MARS::enc(const byte in[], byte out[]) const
+void MARS::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0) + EK[0];
- u32bit B = load_le<u32bit>(in, 1) + EK[1];
- u32bit C = load_le<u32bit>(in, 2) + EK[2];
- u32bit D = load_le<u32bit>(in, 3) + EK[3];
-
- forward_mix(A, B, C, D);
-
- encrypt_round(A, B, C, D, 0);
- encrypt_round(B, C, D, A, 1);
- encrypt_round(C, D, A, B, 2);
- encrypt_round(D, A, B, C, 3);
- encrypt_round(A, B, C, D, 4);
- encrypt_round(B, C, D, A, 5);
- encrypt_round(C, D, A, B, 6);
- encrypt_round(D, A, B, C, 7);
-
- encrypt_round(A, D, C, B, 8);
- encrypt_round(B, A, D, C, 9);
- encrypt_round(C, B, A, D, 10);
- encrypt_round(D, C, B, A, 11);
- encrypt_round(A, D, C, B, 12);
- encrypt_round(B, A, D, C, 13);
- encrypt_round(C, B, A, D, 14);
- encrypt_round(D, C, B, A, 15);
-
- reverse_mix(A, B, C, D);
-
- A -= EK[36]; B -= EK[37]; C -= EK[38]; D -= EK[39];
-
- store_le(out, A, B, C, D);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_le<u32bit>(in, 0) + EK[0];
+ u32bit B = load_le<u32bit>(in, 1) + EK[1];
+ u32bit C = load_le<u32bit>(in, 2) + EK[2];
+ u32bit D = load_le<u32bit>(in, 3) + EK[3];
+
+ forward_mix(A, B, C, D);
+
+ encrypt_round(A, B, C, D, 0);
+ encrypt_round(B, C, D, A, 1);
+ encrypt_round(C, D, A, B, 2);
+ encrypt_round(D, A, B, C, 3);
+ encrypt_round(A, B, C, D, 4);
+ encrypt_round(B, C, D, A, 5);
+ encrypt_round(C, D, A, B, 6);
+ encrypt_round(D, A, B, C, 7);
+
+ encrypt_round(A, D, C, B, 8);
+ encrypt_round(B, A, D, C, 9);
+ encrypt_round(C, B, A, D, 10);
+ encrypt_round(D, C, B, A, 11);
+ encrypt_round(A, D, C, B, 12);
+ encrypt_round(B, A, D, C, 13);
+ encrypt_round(C, B, A, D, 14);
+ encrypt_round(D, C, B, A, 15);
+
+ reverse_mix(A, B, C, D);
+
+ A -= EK[36]; B -= EK[37]; C -= EK[38]; D -= EK[39];
+
+ store_le(out, A, B, C, D);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* MARS Decryption
*/
-void MARS::dec(const byte in[], byte out[]) const
+void MARS::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 3) + EK[39];
- u32bit B = load_le<u32bit>(in, 2) + EK[38];
- u32bit C = load_le<u32bit>(in, 1) + EK[37];
- u32bit D = load_le<u32bit>(in, 0) + EK[36];
-
- forward_mix(A, B, C, D);
-
- decrypt_round(A, B, C, D, 15);
- decrypt_round(B, C, D, A, 14);
- decrypt_round(C, D, A, B, 13);
- decrypt_round(D, A, B, C, 12);
- decrypt_round(A, B, C, D, 11);
- decrypt_round(B, C, D, A, 10);
- decrypt_round(C, D, A, B, 9);
- decrypt_round(D, A, B, C, 8);
-
- decrypt_round(A, D, C, B, 7);
- decrypt_round(B, A, D, C, 6);
- decrypt_round(C, B, A, D, 5);
- decrypt_round(D, C, B, A, 4);
- decrypt_round(A, D, C, B, 3);
- decrypt_round(B, A, D, C, 2);
- decrypt_round(C, B, A, D, 1);
- decrypt_round(D, C, B, A, 0);
-
- reverse_mix(A, B, C, D);
-
- A -= EK[3]; B -= EK[2]; C -= EK[1]; D -= EK[0];
-
- store_le(out, D, C, B, A);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_le<u32bit>(in, 3) + EK[39];
+ u32bit B = load_le<u32bit>(in, 2) + EK[38];
+ u32bit C = load_le<u32bit>(in, 1) + EK[37];
+ u32bit D = load_le<u32bit>(in, 0) + EK[36];
+
+ forward_mix(A, B, C, D);
+
+ decrypt_round(A, B, C, D, 15);
+ decrypt_round(B, C, D, A, 14);
+ decrypt_round(C, D, A, B, 13);
+ decrypt_round(D, A, B, C, 12);
+ decrypt_round(A, B, C, D, 11);
+ decrypt_round(B, C, D, A, 10);
+ decrypt_round(C, D, A, B, 9);
+ decrypt_round(D, A, B, C, 8);
+
+ decrypt_round(A, D, C, B, 7);
+ decrypt_round(B, A, D, C, 6);
+ decrypt_round(C, B, A, D, 5);
+ decrypt_round(D, C, B, A, 4);
+ decrypt_round(A, D, C, B, 3);
+ decrypt_round(B, A, D, C, 2);
+ decrypt_round(C, B, A, D, 1);
+ decrypt_round(D, C, B, A, 0);
+
+ reverse_mix(A, B, C, D);
+
+ A -= EK[3]; B -= EK[2]; C -= EK[1]; D -= EK[0];
+
+ store_le(out, D, C, B, A);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h
index ca49695af..7d0bfe4fa 100644
--- a/src/block/mars/mars.h
+++ b/src/block/mars/mars.h
@@ -15,13 +15,15 @@ namespace Botan {
class BOTAN_DLL MARS : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); }
std::string name() const { return "MARS"; }
BlockCipher* clone() const { return new MARS; }
+
MARS() : BlockCipher(16, 16, 32, 4) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
void encrypt_round(u32bit&, u32bit&, u32bit&, u32bit&, u32bit) const;
diff --git a/src/block/misty1/misty1.cpp b/src/block/misty1/misty1.cpp
index a35ff584d..8a92824cc 100644
--- a/src/block/misty1/misty1.cpp
+++ b/src/block/misty1/misty1.cpp
@@ -1,6 +1,6 @@
/*
* MISTY1
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -102,89 +102,101 @@ u16bit FI(u16bit input, u16bit key7, u16bit key9)
/*
* MISTY1 Encryption
*/
-void MISTY1::enc(const byte in[], byte out[]) const
+void MISTY1::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit B0 = load_be<u16bit>(in, 0);
- u16bit B1 = load_be<u16bit>(in, 1);
- u16bit B2 = load_be<u16bit>(in, 2);
- u16bit B3 = load_be<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 12; j += 3)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u16bit* RK = EK + 8 * j;
+ u16bit B0 = load_be<u16bit>(in, 0);
+ u16bit B1 = load_be<u16bit>(in, 1);
+ u16bit B2 = load_be<u16bit>(in, 2);
+ u16bit B3 = load_be<u16bit>(in, 3);
- B1 ^= B0 & RK[0];
- B0 ^= B1 | RK[1];
- B3 ^= B2 & RK[2];
- B2 ^= B3 | RK[3];
+ for(u32bit j = 0; j != 12; j += 3)
+ {
+ const u16bit* RK = EK + 8 * j;
- u32bit T0, T1;
+ B1 ^= B0 & RK[0];
+ B0 ^= B1 | RK[1];
+ B3 ^= B2 & RK[2];
+ B2 ^= B3 | RK[3];
- T0 = FI(B0 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B1;
- T1 = FI(B1 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
- T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1;
+ u32bit T0, T1;
- B2 ^= T1 ^ RK[13];
- B3 ^= T0;
+ T0 = FI(B0 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B1;
+ T1 = FI(B1 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
+ T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1;
- T0 = FI(B2 ^ RK[14], RK[15], RK[16]) ^ B3;
- T1 = FI(B3 ^ RK[17], RK[18], RK[19]) ^ T0;
- T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1;
+ B2 ^= T1 ^ RK[13];
+ B3 ^= T0;
- B0 ^= T1 ^ RK[23];
- B1 ^= T0;
- }
+ T0 = FI(B2 ^ RK[14], RK[15], RK[16]) ^ B3;
+ T1 = FI(B3 ^ RK[17], RK[18], RK[19]) ^ T0;
+ T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1;
+
+ B0 ^= T1 ^ RK[23];
+ B1 ^= T0;
+ }
- B1 ^= B0 & EK[96];
- B0 ^= B1 | EK[97];
- B3 ^= B2 & EK[98];
- B2 ^= B3 | EK[99];
+ B1 ^= B0 & EK[96];
+ B0 ^= B1 | EK[97];
+ B3 ^= B2 & EK[98];
+ B2 ^= B3 | EK[99];
- store_be(out, B2, B3, B0, B1);
+ store_be(out, B2, B3, B0, B1);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* MISTY1 Decryption
*/
-void MISTY1::dec(const byte in[], byte out[]) const
+void MISTY1::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit B0 = load_be<u16bit>(in, 2);
- u16bit B1 = load_be<u16bit>(in, 3);
- u16bit B2 = load_be<u16bit>(in, 0);
- u16bit B3 = load_be<u16bit>(in, 1);
-
- for(u32bit j = 0; j != 12; j += 3)
+ for(u32bit i = 0; i != blocks; ++i)
{
- const u16bit* RK = DK + 8 * j;
+ u16bit B0 = load_be<u16bit>(in, 2);
+ u16bit B1 = load_be<u16bit>(in, 3);
+ u16bit B2 = load_be<u16bit>(in, 0);
+ u16bit B3 = load_be<u16bit>(in, 1);
- B2 ^= B3 | RK[0];
- B3 ^= B2 & RK[1];
- B0 ^= B1 | RK[2];
- B1 ^= B0 & RK[3];
+ for(u32bit j = 0; j != 12; j += 3)
+ {
+ const u16bit* RK = DK + 8 * j;
- u32bit T0, T1;
+ B2 ^= B3 | RK[0];
+ B3 ^= B2 & RK[1];
+ B0 ^= B1 | RK[2];
+ B1 ^= B0 & RK[3];
- T0 = FI(B2 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B3;
- T1 = FI(B3 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
- T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1;
+ u32bit T0, T1;
- B0 ^= T1 ^ RK[13];
- B1 ^= T0;
+ T0 = FI(B2 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B3;
+ T1 = FI(B3 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
+ T0 = FI(T0 ^ RK[10], RK[11], RK[12]) ^ T1;
- T0 = FI(B0 ^ RK[14], RK[15], RK[16]) ^ B1;
- T1 = FI(B1 ^ RK[17], RK[18], RK[19]) ^ T0;
- T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1;
+ B0 ^= T1 ^ RK[13];
+ B1 ^= T0;
- B2 ^= T1 ^ RK[23];
- B3 ^= T0;
- }
+ T0 = FI(B0 ^ RK[14], RK[15], RK[16]) ^ B1;
+ T1 = FI(B1 ^ RK[17], RK[18], RK[19]) ^ T0;
+ T0 = FI(T0 ^ RK[20], RK[21], RK[22]) ^ T1;
+
+ B2 ^= T1 ^ RK[23];
+ B3 ^= T0;
+ }
- B2 ^= B3 | DK[96];
- B3 ^= B2 & DK[97];
- B0 ^= B1 | DK[98];
- B1 ^= B0 & DK[99];
+ B2 ^= B3 | DK[96];
+ B3 ^= B2 & DK[97];
+ B0 ^= B1 | DK[98];
+ B1 ^= B0 & DK[99];
- store_be(out, B0, B1, B2, B3);
+ store_be(out, B0, B1, B2, B3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h
index 62d4f856f..8db6881de 100644
--- a/src/block/misty1/misty1.h
+++ b/src/block/misty1/misty1.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL MISTY1 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); DK.clear(); }
std::string name() const { return "MISTY1"; }
BlockCipher* clone() const { return new MISTY1; }
+
MISTY1(u32bit = 8);
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u16bit, 100> EK, DK;
diff --git a/src/block/noekeon/noekeon.cpp b/src/block/noekeon/noekeon.cpp
index 90eb9ad2b..1b327aa47 100644
--- a/src/block/noekeon/noekeon.cpp
+++ b/src/block/noekeon/noekeon.cpp
@@ -84,65 +84,77 @@ const byte Noekeon::RC[] = {
/*
* Noekeon Encryption
*/
-void Noekeon::enc(const byte in[], byte out[]) const
+void Noekeon::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A0 = load_be<u32bit>(in, 0);
- u32bit A1 = load_be<u32bit>(in, 1);
- u32bit A2 = load_be<u32bit>(in, 2);
- u32bit A3 = load_be<u32bit>(in, 3);
-
- for(u32bit j = 0; j != 16; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- A0 ^= RC[j];
- theta(A0, A1, A2, A3, EK);
+ u32bit A0 = load_be<u32bit>(in, 0);
+ u32bit A1 = load_be<u32bit>(in, 1);
+ u32bit A2 = load_be<u32bit>(in, 2);
+ u32bit A3 = load_be<u32bit>(in, 3);
- A1 = rotate_left(A1, 1);
- A2 = rotate_left(A2, 5);
- A3 = rotate_left(A3, 2);
+ for(u32bit j = 0; j != 16; ++j)
+ {
+ A0 ^= RC[j];
+ theta(A0, A1, A2, A3, EK);
- gamma(A0, A1, A2, A3);
+ A1 = rotate_left(A1, 1);
+ A2 = rotate_left(A2, 5);
+ A3 = rotate_left(A3, 2);
- A1 = rotate_right(A1, 1);
- A2 = rotate_right(A2, 5);
- A3 = rotate_right(A3, 2);
- }
+ gamma(A0, A1, A2, A3);
- A0 ^= RC[16];
- theta(A0, A1, A2, A3, EK);
+ A1 = rotate_right(A1, 1);
+ A2 = rotate_right(A2, 5);
+ A3 = rotate_right(A3, 2);
+ }
+
+ A0 ^= RC[16];
+ theta(A0, A1, A2, A3, EK);
+
+ store_be(out, A0, A1, A2, A3);
- store_be(out, A0, A1, A2, A3);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Noekeon Encryption
*/
-void Noekeon::dec(const byte in[], byte out[]) const
+void Noekeon::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A0 = load_be<u32bit>(in, 0);
- u32bit A1 = load_be<u32bit>(in, 1);
- u32bit A2 = load_be<u32bit>(in, 2);
- u32bit A3 = load_be<u32bit>(in, 3);
-
- for(u32bit j = 16; j != 0; --j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- theta(A0, A1, A2, A3, DK);
- A0 ^= RC[j];
+ u32bit A0 = load_be<u32bit>(in, 0);
+ u32bit A1 = load_be<u32bit>(in, 1);
+ u32bit A2 = load_be<u32bit>(in, 2);
+ u32bit A3 = load_be<u32bit>(in, 3);
- A1 = rotate_left(A1, 1);
- A2 = rotate_left(A2, 5);
- A3 = rotate_left(A3, 2);
+ for(u32bit j = 16; j != 0; --j)
+ {
+ theta(A0, A1, A2, A3, DK);
+ A0 ^= RC[j];
- gamma(A0, A1, A2, A3);
+ A1 = rotate_left(A1, 1);
+ A2 = rotate_left(A2, 5);
+ A3 = rotate_left(A3, 2);
- A1 = rotate_right(A1, 1);
- A2 = rotate_right(A2, 5);
- A3 = rotate_right(A3, 2);
- }
+ gamma(A0, A1, A2, A3);
- theta(A0, A1, A2, A3, DK);
- A0 ^= RC[0];
+ A1 = rotate_right(A1, 1);
+ A2 = rotate_right(A2, 5);
+ A3 = rotate_right(A3, 2);
+ }
- store_be(out, A0, A1, A2, A3);
+ theta(A0, A1, A2, A3, DK);
+ A0 ^= RC[0];
+
+ store_be(out, A0, A1, A2, A3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/noekeon/noekeon.h b/src/block/noekeon/noekeon.h
index 893892446..37b24fb7d 100644
--- a/src/block/noekeon/noekeon.h
+++ b/src/block/noekeon/noekeon.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL Noekeon : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "Noekeon"; }
BlockCipher* clone() const { return new Noekeon; }
+
Noekeon() : BlockCipher(16, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static const byte RC[17];
diff --git a/src/block/rc2/rc2.cpp b/src/block/rc2/rc2.cpp
index 5827bdb68..b5e4a7d50 100644
--- a/src/block/rc2/rc2.cpp
+++ b/src/block/rc2/rc2.cpp
@@ -14,73 +14,85 @@ namespace Botan {
/*
* RC2 Encryption
*/
-void RC2::enc(const byte in[], byte out[]) const
+void RC2::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit R0 = load_le<u16bit>(in, 0);
- u16bit R1 = load_le<u16bit>(in, 1);
- u16bit R2 = load_le<u16bit>(in, 2);
- u16bit R3 = load_le<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 16; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- R0 += (R1 & ~R3) + (R2 & R3) + K[4*j];
- R0 = rotate_left(R0, 1);
+ u16bit R0 = load_le<u16bit>(in, 0);
+ u16bit R1 = load_le<u16bit>(in, 1);
+ u16bit R2 = load_le<u16bit>(in, 2);
+ u16bit R3 = load_le<u16bit>(in, 3);
+
+ for(u32bit j = 0; j != 16; ++j)
+ {
+ R0 += (R1 & ~R3) + (R2 & R3) + K[4*j];
+ R0 = rotate_left(R0, 1);
- R1 += (R2 & ~R0) + (R3 & R0) + K[4*j + 1];
- R1 = rotate_left(R1, 2);
+ R1 += (R2 & ~R0) + (R3 & R0) + K[4*j + 1];
+ R1 = rotate_left(R1, 2);
- R2 += (R3 & ~R1) + (R0 & R1) + K[4*j + 2];
- R2 = rotate_left(R2, 3);
+ R2 += (R3 & ~R1) + (R0 & R1) + K[4*j + 2];
+ R2 = rotate_left(R2, 3);
- R3 += (R0 & ~R2) + (R1 & R2) + K[4*j + 3];
- R3 = rotate_left(R3, 5);
+ R3 += (R0 & ~R2) + (R1 & R2) + K[4*j + 3];
+ R3 = rotate_left(R3, 5);
- if(j == 4 || j == 10)
- {
- R0 += K[R3 % 64];
- R1 += K[R0 % 64];
- R2 += K[R1 % 64];
- R3 += K[R2 % 64];
+ if(j == 4 || j == 10)
+ {
+ R0 += K[R3 % 64];
+ R1 += K[R0 % 64];
+ R2 += K[R1 % 64];
+ R3 += K[R2 % 64];
+ }
}
- }
- store_le(out, R0, R1, R2, R3);
+ store_le(out, R0, R1, R2, R3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* RC2 Decryption
*/
-void RC2::dec(const byte in[], byte out[]) const
+void RC2::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit R0 = load_le<u16bit>(in, 0);
- u16bit R1 = load_le<u16bit>(in, 1);
- u16bit R2 = load_le<u16bit>(in, 2);
- u16bit R3 = load_le<u16bit>(in, 3);
-
- for(u32bit j = 0; j != 16; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- R3 = rotate_right(R3, 5);
- R3 -= (R0 & ~R2) + (R1 & R2) + K[63 - (4*j + 0)];
+ u16bit R0 = load_le<u16bit>(in, 0);
+ u16bit R1 = load_le<u16bit>(in, 1);
+ u16bit R2 = load_le<u16bit>(in, 2);
+ u16bit R3 = load_le<u16bit>(in, 3);
+
+ for(u32bit j = 0; j != 16; ++j)
+ {
+ R3 = rotate_right(R3, 5);
+ R3 -= (R0 & ~R2) + (R1 & R2) + K[63 - (4*j + 0)];
- R2 = rotate_right(R2, 3);
- R2 -= (R3 & ~R1) + (R0 & R1) + K[63 - (4*j + 1)];
+ R2 = rotate_right(R2, 3);
+ R2 -= (R3 & ~R1) + (R0 & R1) + K[63 - (4*j + 1)];
- R1 = rotate_right(R1, 2);
- R1 -= (R2 & ~R0) + (R3 & R0) + K[63 - (4*j + 2)];
+ R1 = rotate_right(R1, 2);
+ R1 -= (R2 & ~R0) + (R3 & R0) + K[63 - (4*j + 2)];
- R0 = rotate_right(R0, 1);
- R0 -= (R1 & ~R3) + (R2 & R3) + K[63 - (4*j + 3)];
+ R0 = rotate_right(R0, 1);
+ R0 -= (R1 & ~R3) + (R2 & R3) + K[63 - (4*j + 3)];
- if(j == 4 || j == 10)
- {
- R3 -= K[R2 % 64];
- R2 -= K[R1 % 64];
- R1 -= K[R0 % 64];
- R0 -= K[R3 % 64];
+ if(j == 4 || j == 10)
+ {
+ R3 -= K[R2 % 64];
+ R2 -= K[R1 % 64];
+ R1 -= K[R0 % 64];
+ R0 -= K[R3 % 64];
+ }
}
- }
- store_le(out, R0, R1, R2, R3);
+ store_le(out, R0, R1, R2, R3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h
index cb6f58f04..db623b385 100644
--- a/src/block/rc2/rc2.h
+++ b/src/block/rc2/rc2.h
@@ -18,15 +18,17 @@ namespace Botan {
class BOTAN_DLL RC2 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
static byte EKB_code(u32bit);
void clear() throw() { K.clear(); }
std::string name() const { return "RC2"; }
BlockCipher* clone() const { return new RC2; }
+
RC2() : BlockCipher(8, 1, 32) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u16bit, 64> K;
diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp
index 5d83d5a4e..4bfa27ea0 100644
--- a/src/block/rc5/rc5.cpp
+++ b/src/block/rc5/rc5.cpp
@@ -16,47 +16,59 @@ namespace Botan {
/*
* RC5 Encryption
*/
-void RC5::enc(const byte in[], byte out[]) const
+void RC5::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0), B = load_le<u32bit>(in, 1);
-
- A += S[0]; B += S[1];
- for(u32bit j = 0; j != ROUNDS; j += 4)
+ for(u32bit i = 0; i != blocks; ++i)
{
- A = rotate_left(A ^ B, B % 32) + S[2*j+2];
- B = rotate_left(B ^ A, A % 32) + S[2*j+3];
- A = rotate_left(A ^ B, B % 32) + S[2*j+4];
- B = rotate_left(B ^ A, A % 32) + S[2*j+5];
- A = rotate_left(A ^ B, B % 32) + S[2*j+6];
- B = rotate_left(B ^ A, A % 32) + S[2*j+7];
- A = rotate_left(A ^ B, B % 32) + S[2*j+8];
- B = rotate_left(B ^ A, A % 32) + S[2*j+9];
- }
+ u32bit A = load_le<u32bit>(in, 0), B = load_le<u32bit>(in, 1);
+
+ A += S[0]; B += S[1];
+ for(u32bit j = 0; j != ROUNDS; j += 4)
+ {
+ A = rotate_left(A ^ B, B % 32) + S[2*j+2];
+ B = rotate_left(B ^ A, A % 32) + S[2*j+3];
+ A = rotate_left(A ^ B, B % 32) + S[2*j+4];
+ B = rotate_left(B ^ A, A % 32) + S[2*j+5];
+ A = rotate_left(A ^ B, B % 32) + S[2*j+6];
+ B = rotate_left(B ^ A, A % 32) + S[2*j+7];
+ A = rotate_left(A ^ B, B % 32) + S[2*j+8];
+ B = rotate_left(B ^ A, A % 32) + S[2*j+9];
+ }
- store_le(out, A, B);
+ store_le(out, A, B);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* RC5 Decryption
*/
-void RC5::dec(const byte in[], byte out[]) const
+void RC5::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0), B = load_le<u32bit>(in, 1);
-
- for(u32bit j = ROUNDS; j != 0; j -= 4)
+ for(u32bit i = 0; i != blocks; ++i)
{
- B = rotate_right(B - S[2*j+1], A % 32) ^ A;
- A = rotate_right(A - S[2*j ], B % 32) ^ B;
- B = rotate_right(B - S[2*j-1], A % 32) ^ A;
- A = rotate_right(A - S[2*j-2], B % 32) ^ B;
- B = rotate_right(B - S[2*j-3], A % 32) ^ A;
- A = rotate_right(A - S[2*j-4], B % 32) ^ B;
- B = rotate_right(B - S[2*j-5], A % 32) ^ A;
- A = rotate_right(A - S[2*j-6], B % 32) ^ B;
- }
- B -= S[1]; A -= S[0];
+ u32bit A = load_le<u32bit>(in, 0), B = load_le<u32bit>(in, 1);
+
+ for(u32bit j = ROUNDS; j != 0; j -= 4)
+ {
+ B = rotate_right(B - S[2*j+1], A % 32) ^ A;
+ A = rotate_right(A - S[2*j ], B % 32) ^ B;
+ B = rotate_right(B - S[2*j-1], A % 32) ^ A;
+ A = rotate_right(A - S[2*j-2], B % 32) ^ B;
+ B = rotate_right(B - S[2*j-3], A % 32) ^ A;
+ A = rotate_right(A - S[2*j-4], B % 32) ^ B;
+ B = rotate_right(B - S[2*j-5], A % 32) ^ A;
+ A = rotate_right(A - S[2*j-6], B % 32) ^ B;
+ }
+ B -= S[1]; A -= S[0];
- store_le(out, A, B);
+ store_le(out, A, B);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h
index 083224720..ff9204710 100644
--- a/src/block/rc5/rc5.h
+++ b/src/block/rc5/rc5.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL RC5 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { S.clear(); }
std::string name() const;
BlockCipher* clone() const { return new RC5(ROUNDS); }
+
RC5(u32bit);
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureVector<u32bit> S;
const u32bit ROUNDS;
diff --git a/src/block/rc6/rc6.cpp b/src/block/rc6/rc6.cpp
index 3b30ea93a..8bda62259 100644
--- a/src/block/rc6/rc6.cpp
+++ b/src/block/rc6/rc6.cpp
@@ -15,85 +15,97 @@ namespace Botan {
/*
* RC6 Encryption
*/
-void RC6::enc(const byte in[], byte out[]) const
+void RC6::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0);
- u32bit B = load_le<u32bit>(in, 1);
- u32bit C = load_le<u32bit>(in, 2);
- u32bit D = load_le<u32bit>(in, 3);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_le<u32bit>(in, 0);
+ u32bit B = load_le<u32bit>(in, 1);
+ u32bit C = load_le<u32bit>(in, 2);
+ u32bit D = load_le<u32bit>(in, 3);
- B += S[0]; D += S[1];
+ B += S[0]; D += S[1];
- for(u32bit j = 0; j != 20; j += 4)
- {
- u32bit T1, T2;
-
- T1 = rotate_left(B*(2*B+1), 5);
- T2 = rotate_left(D*(2*D+1), 5);
- A = rotate_left(A ^ T1, T2 % 32) + S[2*j+2];
- C = rotate_left(C ^ T2, T1 % 32) + S[2*j+3];
-
- T1 = rotate_left(C*(2*C+1), 5);
- T2 = rotate_left(A*(2*A+1), 5);
- B = rotate_left(B ^ T1, T2 % 32) + S[2*j+4];
- D = rotate_left(D ^ T2, T1 % 32) + S[2*j+5];
-
- T1 = rotate_left(D*(2*D+1), 5);
- T2 = rotate_left(B*(2*B+1), 5);
- C = rotate_left(C ^ T1, T2 % 32) + S[2*j+6];
- A = rotate_left(A ^ T2, T1 % 32) + S[2*j+7];
-
- T1 = rotate_left(A*(2*A+1), 5);
- T2 = rotate_left(C*(2*C+1), 5);
- D = rotate_left(D ^ T1, T2 % 32) + S[2*j+8];
- B = rotate_left(B ^ T2, T1 % 32) + S[2*j+9];
- }
+ for(u32bit j = 0; j != 20; j += 4)
+ {
+ u32bit T1, T2;
+
+ T1 = rotate_left(B*(2*B+1), 5);
+ T2 = rotate_left(D*(2*D+1), 5);
+ A = rotate_left(A ^ T1, T2 % 32) + S[2*j+2];
+ C = rotate_left(C ^ T2, T1 % 32) + S[2*j+3];
+
+ T1 = rotate_left(C*(2*C+1), 5);
+ T2 = rotate_left(A*(2*A+1), 5);
+ B = rotate_left(B ^ T1, T2 % 32) + S[2*j+4];
+ D = rotate_left(D ^ T2, T1 % 32) + S[2*j+5];
- A += S[42]; C += S[43];
+ T1 = rotate_left(D*(2*D+1), 5);
+ T2 = rotate_left(B*(2*B+1), 5);
+ C = rotate_left(C ^ T1, T2 % 32) + S[2*j+6];
+ A = rotate_left(A ^ T2, T1 % 32) + S[2*j+7];
- store_le(out, A, B, C, D);
+ T1 = rotate_left(A*(2*A+1), 5);
+ T2 = rotate_left(C*(2*C+1), 5);
+ D = rotate_left(D ^ T1, T2 % 32) + S[2*j+8];
+ B = rotate_left(B ^ T2, T1 % 32) + S[2*j+9];
+ }
+
+ A += S[42]; C += S[43];
+
+ store_le(out, A, B, C, D);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* RC6 Decryption
*/
-void RC6::dec(const byte in[], byte out[]) const
+void RC6::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0);
- u32bit B = load_le<u32bit>(in, 1);
- u32bit C = load_le<u32bit>(in, 2);
- u32bit D = load_le<u32bit>(in, 3);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit A = load_le<u32bit>(in, 0);
+ u32bit B = load_le<u32bit>(in, 1);
+ u32bit C = load_le<u32bit>(in, 2);
+ u32bit D = load_le<u32bit>(in, 3);
- C -= S[43]; A -= S[42];
+ C -= S[43]; A -= S[42];
- for(u32bit j = 0; j != 20; j += 4)
- {
- u32bit T1, T2;
-
- T1 = rotate_left(A*(2*A+1), 5);
- T2 = rotate_left(C*(2*C+1), 5);
- B = rotate_right(B - S[41 - 2*j], T1 % 32) ^ T2;
- D = rotate_right(D - S[40 - 2*j], T2 % 32) ^ T1;
-
- T1 = rotate_left(D*(2*D+1), 5);
- T2 = rotate_left(B*(2*B+1), 5);
- A = rotate_right(A - S[39 - 2*j], T1 % 32) ^ T2;
- C = rotate_right(C - S[38 - 2*j], T2 % 32) ^ T1;
-
- T1 = rotate_left(C*(2*C+1), 5);
- T2 = rotate_left(A*(2*A+1), 5);
- D = rotate_right(D - S[37 - 2*j], T1 % 32) ^ T2;
- B = rotate_right(B - S[36 - 2*j], T2 % 32) ^ T1;
-
- T1 = rotate_left(B*(2*B+1), 5);
- T2 = rotate_left(D*(2*D+1), 5);
- C = rotate_right(C - S[35 - 2*j], T1 % 32) ^ T2;
- A = rotate_right(A - S[34 - 2*j], T2 % 32) ^ T1;
- }
+ for(u32bit j = 0; j != 20; j += 4)
+ {
+ u32bit T1, T2;
+
+ T1 = rotate_left(A*(2*A+1), 5);
+ T2 = rotate_left(C*(2*C+1), 5);
+ B = rotate_right(B - S[41 - 2*j], T1 % 32) ^ T2;
+ D = rotate_right(D - S[40 - 2*j], T2 % 32) ^ T1;
+
+ T1 = rotate_left(D*(2*D+1), 5);
+ T2 = rotate_left(B*(2*B+1), 5);
+ A = rotate_right(A - S[39 - 2*j], T1 % 32) ^ T2;
+ C = rotate_right(C - S[38 - 2*j], T2 % 32) ^ T1;
- D -= S[1]; B -= S[0];
+ T1 = rotate_left(C*(2*C+1), 5);
+ T2 = rotate_left(A*(2*A+1), 5);
+ D = rotate_right(D - S[37 - 2*j], T1 % 32) ^ T2;
+ B = rotate_right(B - S[36 - 2*j], T2 % 32) ^ T1;
- store_le(out, A, B, C, D);
+ T1 = rotate_left(B*(2*B+1), 5);
+ T2 = rotate_left(D*(2*D+1), 5);
+ C = rotate_right(C - S[35 - 2*j], T1 % 32) ^ T2;
+ A = rotate_right(A - S[34 - 2*j], T2 % 32) ^ T1;
+ }
+
+ D -= S[1]; B -= S[0];
+
+ store_le(out, A, B, C, D);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h
index cb2800be7..5171006f5 100644
--- a/src/block/rc6/rc6.h
+++ b/src/block/rc6/rc6.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL RC6 : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { S.clear(); }
std::string name() const { return "RC6"; }
BlockCipher* clone() const { return new RC6; }
+
RC6() : BlockCipher(16, 1, 32) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 44> S;
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp
index f72c4773b..eb5c22fc9 100644
--- a/src/block/safer/safer_sk.cpp
+++ b/src/block/safer/safer_sk.cpp
@@ -1,6 +1,6 @@
/*
* SAFER-SK
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -15,54 +15,75 @@ namespace Botan {
/*
* SAFER-SK Encryption
*/
-void SAFER_SK::enc(const byte in[], byte out[]) const
+void SAFER_SK::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- byte A = in[0], B = in[1], C = in[2], D = in[3],
- E = in[4], F = in[5], G = in[6], H = in[7], X, Y;
- for(u32bit j = 0; j != 16*ROUNDS; j += 16)
+ for(u32bit i = 0; i != blocks; ++i)
{
- A = EXP[A ^ EK[j ]]; B = LOG[B + EK[j+1]];
- C = LOG[C + EK[j+2]]; D = EXP[D ^ EK[j+3]];
- E = EXP[E ^ EK[j+4]]; F = LOG[F + EK[j+5]];
- G = LOG[G + EK[j+6]]; H = EXP[H ^ EK[j+7]];
- A += EK[j+ 8]; B ^= EK[j+ 9]; C ^= EK[j+10]; D += EK[j+11];
- E += EK[j+12]; F ^= EK[j+13]; G ^= EK[j+14]; H += EK[j+15];
- B += A; D += C; F += E; H += G; A += B; C += D; E += F; G += H;
- C += A; G += E; D += B; H += F; A += C; E += G; B += D; F += H;
- H += D; Y = D + H; D = B + F; X = B + D; B = A + E;
- A += B; F = C + G; E = C + F; C = X; G = Y;
+ byte A = in[0], B = in[1], C = in[2], D = in[3],
+ E = in[4], F = in[5], G = in[6], H = in[7], X, Y;
+
+ for(u32bit j = 0; j != 16*ROUNDS; j += 16)
+ {
+ A = EXP[A ^ EK[j ]]; B = LOG[B + EK[j+1]];
+ C = LOG[C + EK[j+2]]; D = EXP[D ^ EK[j+3]];
+ E = EXP[E ^ EK[j+4]]; F = LOG[F + EK[j+5]];
+ G = LOG[G + EK[j+6]]; H = EXP[H ^ EK[j+7]];
+
+ A += EK[j+ 8]; B ^= EK[j+ 9]; C ^= EK[j+10]; D += EK[j+11];
+ E += EK[j+12]; F ^= EK[j+13]; G ^= EK[j+14]; H += EK[j+15];
+
+ B += A; D += C; F += E; H += G; A += B; C += D; E += F; G += H;
+ C += A; G += E; D += B; H += F; A += C; E += G; B += D; F += H;
+ H += D; Y = D + H; D = B + F; X = B + D; B = A + E;
+ A += B; F = C + G; E = C + F; C = X; G = Y;
+ }
+
+ out[0] = A ^ EK[16*ROUNDS+0]; out[1] = B + EK[16*ROUNDS+1];
+ out[2] = C + EK[16*ROUNDS+2]; out[3] = D ^ EK[16*ROUNDS+3];
+ out[4] = E ^ EK[16*ROUNDS+4]; out[5] = F + EK[16*ROUNDS+5];
+ out[6] = G + EK[16*ROUNDS+6]; out[7] = H ^ EK[16*ROUNDS+7];
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
- out[0] = A ^ EK[16*ROUNDS+0]; out[1] = B + EK[16*ROUNDS+1];
- out[2] = C + EK[16*ROUNDS+2]; out[3] = D ^ EK[16*ROUNDS+3];
- out[4] = E ^ EK[16*ROUNDS+4]; out[5] = F + EK[16*ROUNDS+5];
- out[6] = G + EK[16*ROUNDS+6]; out[7] = H ^ EK[16*ROUNDS+7];
}
/*
* SAFER-SK Decryption
*/
-void SAFER_SK::dec(const byte in[], byte out[]) const
+void SAFER_SK::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- byte A = in[0], B = in[1], C = in[2], D = in[3],
- E = in[4], F = in[5], G = in[6], H = in[7];
- A ^= EK[16*ROUNDS+0]; B -= EK[16*ROUNDS+1]; C -= EK[16*ROUNDS+2];
- D ^= EK[16*ROUNDS+3]; E ^= EK[16*ROUNDS+4]; F -= EK[16*ROUNDS+5];
- G -= EK[16*ROUNDS+6]; H ^= EK[16*ROUNDS+7];
- for(s32bit j = 16*(ROUNDS-1); j >= 0; j -= 16)
+ for(u32bit i = 0; i != blocks; ++i)
{
- byte T = E; E = B; B = C; C = T; T = F; F = D; D = G; G = T;
- A -= E; B -= F; C -= G; D -= H; E -= A; F -= B; G -= C; H -= D;
- A -= C; E -= G; B -= D; F -= H; C -= A; G -= E; D -= B; H -= F;
- A -= B; C -= D; E -= F; G -= H; B -= A; D -= C; F -= E; H -= G;
- A = LOG[A - EK[j+8 ] + 256]; B = EXP[B ^ EK[j+9 ]];
- C = EXP[C ^ EK[j+10]]; D = LOG[D - EK[j+11] + 256];
- E = LOG[E - EK[j+12] + 256]; F = EXP[F ^ EK[j+13]];
- G = EXP[G ^ EK[j+14]]; H = LOG[H - EK[j+15] + 256];
- A ^= EK[j+0]; B -= EK[j+1]; C -= EK[j+2]; D ^= EK[j+3];
- E ^= EK[j+4]; F -= EK[j+5]; G -= EK[j+6]; H ^= EK[j+7];
+ byte A = in[0], B = in[1], C = in[2], D = in[3],
+ E = in[4], F = in[5], G = in[6], H = in[7];
+
+ A ^= EK[16*ROUNDS+0]; B -= EK[16*ROUNDS+1]; C -= EK[16*ROUNDS+2];
+ D ^= EK[16*ROUNDS+3]; E ^= EK[16*ROUNDS+4]; F -= EK[16*ROUNDS+5];
+ G -= EK[16*ROUNDS+6]; H ^= EK[16*ROUNDS+7];
+
+ for(s32bit j = 16*(ROUNDS-1); j >= 0; j -= 16)
+ {
+ byte T = E; E = B; B = C; C = T; T = F; F = D; D = G; G = T;
+ A -= E; B -= F; C -= G; D -= H; E -= A; F -= B; G -= C; H -= D;
+ A -= C; E -= G; B -= D; F -= H; C -= A; G -= E; D -= B; H -= F;
+ A -= B; C -= D; E -= F; G -= H; B -= A; D -= C; F -= E; H -= G;
+
+ A = LOG[A - EK[j+8 ] + 256]; B = EXP[B ^ EK[j+9 ]];
+ C = EXP[C ^ EK[j+10]]; D = LOG[D - EK[j+11] + 256];
+ E = LOG[E - EK[j+12] + 256]; F = EXP[F ^ EK[j+13]];
+ G = EXP[G ^ EK[j+14]]; H = LOG[H - EK[j+15] + 256];
+
+ A ^= EK[j+0]; B -= EK[j+1]; C -= EK[j+2]; D ^= EK[j+3];
+ E ^= EK[j+4]; F -= EK[j+5]; G -= EK[j+6]; H ^= EK[j+7];
+ }
+
+ out[0] = A; out[1] = B; out[2] = C; out[3] = D;
+ out[4] = E; out[5] = F; out[6] = G; out[7] = H;
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
- out[0] = A; out[1] = B; out[2] = C; out[3] = D;
- out[4] = E; out[5] = F; out[6] = G; out[7] = H;
}
/*
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index e52c5837c..4d17bba51 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -18,19 +18,22 @@ namespace Botan {
class BOTAN_DLL SAFER_SK : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); }
std::string name() const;
BlockCipher* clone() const;
+
SAFER_SK(u32bit);
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static const byte EXP[256];
static const byte LOG[512];
static const byte BIAS[208];
static const byte KEY_INDEX[208];
+
SecureVector<byte> EK;
const u32bit ROUNDS;
};
diff --git a/src/block/seed/seed.cpp b/src/block/seed/seed.cpp
index b06a7cd77..378be16e4 100644
--- a/src/block/seed/seed.cpp
+++ b/src/block/seed/seed.cpp
@@ -22,69 +22,81 @@ u32bit SEED::G_FUNC::operator()(u32bit X) const
/*
* SEED Encryption
*/
-void SEED::enc(const byte in[], byte out[]) const
+void SEED::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit B0 = load_be<u32bit>(in, 0);
- u32bit B1 = load_be<u32bit>(in, 1);
- u32bit B2 = load_be<u32bit>(in, 2);
- u32bit B3 = load_be<u32bit>(in, 3);
-
- G_FUNC G;
-
- for(u32bit j = 0; j != 16; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- u32bit T0, T1;
-
- T0 = B2 ^ K[2*j];
- T1 = G(B2 ^ B3 ^ K[2*j+1]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
- B1 ^= T1;
- B0 ^= T0 + T1;
-
- T0 = B0 ^ K[2*j+2];
- T1 = G(B0 ^ B1 ^ K[2*j+3]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
- B3 ^= T1;
- B2 ^= T0 + T1;
+ u32bit B0 = load_be<u32bit>(in, 0);
+ u32bit B1 = load_be<u32bit>(in, 1);
+ u32bit B2 = load_be<u32bit>(in, 2);
+ u32bit B3 = load_be<u32bit>(in, 3);
+
+ G_FUNC G;
+
+ for(u32bit j = 0; j != 16; j += 2)
+ {
+ u32bit T0, T1;
+
+ T0 = B2 ^ K[2*j];
+ T1 = G(B2 ^ B3 ^ K[2*j+1]);
+ T0 = G(T1 + T0);
+ T1 = G(T1 + T0);
+ B1 ^= T1;
+ B0 ^= T0 + T1;
+
+ T0 = B0 ^ K[2*j+2];
+ T1 = G(B0 ^ B1 ^ K[2*j+3]);
+ T0 = G(T1 + T0);
+ T1 = G(T1 + T0);
+ B3 ^= T1;
+ B2 ^= T0 + T1;
+ }
+
+ store_be(out, B2, B3, B0, B1);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
-
- store_be(out, B2, B3, B0, B1);
}
/*
* SEED Decryption
*/
-void SEED::dec(const byte in[], byte out[]) const
+void SEED::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit B0 = load_be<u32bit>(in, 0);
- u32bit B1 = load_be<u32bit>(in, 1);
- u32bit B2 = load_be<u32bit>(in, 2);
- u32bit B3 = load_be<u32bit>(in, 3);
-
- G_FUNC G;
-
- for(u32bit j = 0; j != 16; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- u32bit T0, T1;
-
- T0 = B2 ^ K[30-2*j];
- T1 = G(B2 ^ B3 ^ K[31-2*j]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
- B1 ^= T1;
- B0 ^= T0 + T1;
-
- T0 = B0 ^ K[28-2*j];
- T1 = G(B0 ^ B1 ^ K[29-2*j]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
- B3 ^= T1;
- B2 ^= T0 + T1;
+ u32bit B0 = load_be<u32bit>(in, 0);
+ u32bit B1 = load_be<u32bit>(in, 1);
+ u32bit B2 = load_be<u32bit>(in, 2);
+ u32bit B3 = load_be<u32bit>(in, 3);
+
+ G_FUNC G;
+
+ for(u32bit j = 0; j != 16; j += 2)
+ {
+ u32bit T0, T1;
+
+ T0 = B2 ^ K[30-2*j];
+ T1 = G(B2 ^ B3 ^ K[31-2*j]);
+ T0 = G(T1 + T0);
+ T1 = G(T1 + T0);
+ B1 ^= T1;
+ B0 ^= T0 + T1;
+
+ T0 = B0 ^ K[28-2*j];
+ T1 = G(B0 ^ B1 ^ K[29-2*j]);
+ T0 = G(T1 + T0);
+ T1 = G(T1 + T0);
+ B3 ^= T1;
+ B2 ^= T0 + T1;
+ }
+
+ store_be(out, B2, B3, B0, B1);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
-
- store_be(out, B2, B3, B0, B1);
}
/*
diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h
index 54c25d580..5a5a512e7 100644
--- a/src/block/seed/seed.h
+++ b/src/block/seed/seed.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL SEED : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { K.clear(); }
std::string name() const { return "SEED"; }
BlockCipher* clone() const { return new SEED; }
+
SEED() : BlockCipher(16, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
class G_FUNC
diff --git a/src/block/serpent/serpent.cpp b/src/block/serpent/serpent.cpp
index df7592fea..2fa27308f 100644
--- a/src/block/serpent/serpent.cpp
+++ b/src/block/serpent/serpent.cpp
@@ -243,93 +243,105 @@ inline void i_transform(u32bit& B0, u32bit& B1, u32bit& B2, u32bit& B3)
/*
* Serpent Encryption
*/
-void Serpent::enc(const byte in[], byte out[]) const
+void Serpent::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit B0 = load_le<u32bit>(in, 0);
- u32bit B1 = load_le<u32bit>(in, 1);
- u32bit B2 = load_le<u32bit>(in, 2);
- u32bit B3 = load_le<u32bit>(in, 3);
-
- key_xor( 0,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 1,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 2,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 3,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 4,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 5,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 6,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 7,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 8,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor( 9,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(10,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(11,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(12,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(13,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(14,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(15,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(16,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(17,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(18,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(19,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(20,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(21,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(22,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(23,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(24,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(25,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(26,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(27,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(28,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(29,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(30,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
- key_xor(31,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); key_xor(32,B0,B1,B2,B3);
-
- store_le(out, B0, B1, B2, B3);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit B0 = load_le<u32bit>(in, 0);
+ u32bit B1 = load_le<u32bit>(in, 1);
+ u32bit B2 = load_le<u32bit>(in, 2);
+ u32bit B3 = load_le<u32bit>(in, 3);
+
+ key_xor( 0,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 1,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 2,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 3,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 4,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 5,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 6,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 7,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 8,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 9,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(10,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(11,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(12,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(13,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(14,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(15,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(16,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(17,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(18,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(19,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(20,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(21,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(22,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(23,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(24,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(25,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(26,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(27,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(28,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(29,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(30,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(31,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); key_xor(32,B0,B1,B2,B3);
+
+ store_le(out, B0, B1, B2, B3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Serpent Decryption
*/
-void Serpent::dec(const byte in[], byte out[]) const
+void Serpent::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit B0 = load_le<u32bit>(in, 0);
- u32bit B1 = load_le<u32bit>(in, 1);
- u32bit B2 = load_le<u32bit>(in, 2);
- u32bit B3 = load_le<u32bit>(in, 3);
-
- key_xor(32,B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(31,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(30,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(29,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(28,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(27,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(26,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(25,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(24,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(23,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(22,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(21,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(20,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(19,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(18,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(17,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(16,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(15,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(14,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(13,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(12,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(11,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(10,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 9,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 8,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor( 7,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor( 6,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor( 5,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor( 4,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor( 3,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor( 2,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 1,B0,B1,B2,B3);
- i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 0,B0,B1,B2,B3);
-
- store_le(out, B0, B1, B2, B3);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u32bit B0 = load_le<u32bit>(in, 0);
+ u32bit B1 = load_le<u32bit>(in, 1);
+ u32bit B2 = load_le<u32bit>(in, 2);
+ u32bit B3 = load_le<u32bit>(in, 3);
+
+ key_xor(32,B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(31,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(30,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(29,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(28,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(27,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(26,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(25,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(24,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(23,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(22,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(21,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(20,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(19,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(18,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(17,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(16,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(15,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(14,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(13,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(12,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(11,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(10,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 9,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 8,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor( 7,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor( 6,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor( 5,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor( 4,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor( 3,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor( 2,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 1,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 0,B0,B1,B2,B3);
+
+ store_le(out, B0, B1, B2, B3);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h
index 5b9be257f..d919c3008 100644
--- a/src/block/serpent/serpent.h
+++ b/src/block/serpent/serpent.h
@@ -18,13 +18,14 @@ namespace Botan {
class BOTAN_DLL Serpent : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { round_key.clear(); }
std::string name() const { return "Serpent"; }
BlockCipher* clone() const { return new Serpent; }
Serpent() : BlockCipher(16, 16, 32, 8) {}
protected:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 132> round_key;
diff --git a/src/block/serpent_ia32/info.txt b/src/block/serpent_ia32/info.txt
index 13b171fe9..ea0506299 100644
--- a/src/block/serpent_ia32/info.txt
+++ b/src/block/serpent_ia32/info.txt
@@ -23,6 +23,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/block/serpent_ia32/serp_ia32.cpp b/src/block/serpent_ia32/serp_ia32.cpp
index 37dd4e637..997bec2fc 100644
--- a/src/block/serpent_ia32/serp_ia32.cpp
+++ b/src/block/serpent_ia32/serp_ia32.cpp
@@ -21,17 +21,27 @@ void botan_serpent_ia32_key_schedule(u32bit[140]);
/*
* Serpent Encryption
*/
-void Serpent_IA32::enc(const byte in[], byte out[]) const
+void Serpent_IA32::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- botan_serpent_ia32_encrypt(in, out, round_key);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ botan_serpent_ia32_encrypt(in, out, round_key);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Serpent Decryption
*/
-void Serpent_IA32::dec(const byte in[], byte out[]) const
+void Serpent_IA32::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- botan_serpent_ia32_decrypt(in, out, round_key);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ botan_serpent_ia32_decrypt(in, out, round_key);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/serpent_ia32/serp_ia32.h b/src/block/serpent_ia32/serp_ia32.h
index 565e9889d..dc6beaf13 100644
--- a/src/block/serpent_ia32/serp_ia32.h
+++ b/src/block/serpent_ia32/serp_ia32.h
@@ -18,10 +18,11 @@ namespace Botan {
class BOTAN_DLL Serpent_IA32 : public Serpent
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
BlockCipher* clone() const { return new Serpent_IA32; }
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
};
diff --git a/src/block/serpent_ia32/serp_ia32_imp.S b/src/block/serpent_ia32/serp_ia32_imp.S
index ddfcc7806..9e50f8cdc 100644
--- a/src/block/serpent_ia32/serp_ia32_imp.S
+++ b/src/block/serpent_ia32/serp_ia32_imp.S
@@ -1,7 +1,9 @@
-/*************************************************
-* Serpent Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* Serpent Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
@@ -436,9 +438,9 @@ START_LISTING(serp_ia32.S)
XOR(C, ARRAY4(EDI, (4*N+2))) ; \
XOR(D, ARRAY4(EDI, (4*N+3))) ;
-/*************************************************
-* Serpent Encryption *
-*************************************************/
+/*
+* Serpent Encryption
+*/
START_FUNCTION(botan_serpent_ia32_encrypt)
SPILL_REGS()
#define PUSHED 4
@@ -507,9 +509,9 @@ START_FUNCTION(botan_serpent_ia32_encrypt)
#undef PUSHED
END_FUNCTION(botan_serpent_ia32_encrypt)
-/*************************************************
-* Serpent Decryption *
-*************************************************/
+/*
+* Serpent Decryption
+*/
START_FUNCTION(botan_serpent_ia32_decrypt)
SPILL_REGS()
#define PUSHED 4
@@ -578,9 +580,9 @@ START_FUNCTION(botan_serpent_ia32_decrypt)
#undef PUSHED
END_FUNCTION(botan_serpent_ia32_decrypt)
-/*************************************************
-* Serpent Key Schedule *
-*************************************************/
+/*
+* Serpent Key Schedule
+*/
START_FUNCTION(botan_serpent_ia32_key_schedule)
SPILL_REGS()
#define PUSHED 4
diff --git a/src/block/serpent_sse2/info.txt b/src/block/serpent_sse2/info.txt
new file mode 100644
index 000000000..b00ab6e88
--- /dev/null
+++ b/src/block/serpent_sse2/info.txt
@@ -0,0 +1,16 @@
+realname "Serpent (SSE2)"
+
+define SERPENT_SSE2
+
+load_on auto
+
+<add>
+serp_sse2.cpp
+serp_sse2.h
+serp_sse2_sbox.h
+</add>
+
+<requires>
+serpent
+sse2_eng
+</requires>
diff --git a/src/block/serpent_sse2/serp_sse2.cpp b/src/block/serpent_sse2/serp_sse2.cpp
new file mode 100644
index 000000000..c51bb69ab
--- /dev/null
+++ b/src/block/serpent_sse2/serp_sse2.cpp
@@ -0,0 +1,240 @@
+/*
+* Serpent (SSE2)
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/serp_sse2.h>
+#include <botan/serp_sse2_sbox.h>
+#include <botan/loadstor.h>
+#include <emmintrin.h>
+
+namespace Botan {
+
+namespace {
+
+#define key_xor(round, B0, B1, B2, B3) \
+ do { \
+ __m128i key = _mm_loadu_si128(keys + round); \
+ B0 = _mm_xor_si128(B0, _mm_shuffle_epi32(key, _MM_SHUFFLE(0,0,0,0))); \
+ B1 = _mm_xor_si128(B1, _mm_shuffle_epi32(key, _MM_SHUFFLE(1,1,1,1))); \
+ B2 = _mm_xor_si128(B2, _mm_shuffle_epi32(key, _MM_SHUFFLE(2,2,2,2))); \
+ B3 = _mm_xor_si128(B3, _mm_shuffle_epi32(key, _MM_SHUFFLE(3,3,3,3))); \
+ } while(0);
+
+/*
+* Serpent's linear transformations
+*/
+#define rotate_left_m128(vec, rot) \
+ _mm_or_si128(_mm_slli_epi32(vec, rot), _mm_srli_epi32(vec, 32-rot))
+
+#define rotate_right_m128(vec, rot) \
+ _mm_or_si128(_mm_srli_epi32(vec, rot), _mm_slli_epi32(vec, 32-rot))
+
+#define transform(B0, B1, B2, B3) \
+ do { \
+ B0 = rotate_left_m128(B0, 13); \
+ B2 = rotate_left_m128(B2, 3); \
+ B1 = _mm_xor_si128(B1, _mm_xor_si128(B0, B2)); \
+ B3 = _mm_xor_si128(B3, _mm_xor_si128(B2, _mm_slli_epi32(B0, 3))); \
+ B1 = rotate_left_m128(B1, 1); \
+ B3 = rotate_left_m128(B3, 7); \
+ B0 = _mm_xor_si128(B0, _mm_xor_si128(B1, B3)); \
+ B2 = _mm_xor_si128(B2, _mm_xor_si128(B3, _mm_slli_epi32(B1, 7))); \
+ B0 = rotate_left_m128(B0, 5); \
+ B2 = rotate_left_m128(B2, 22); \
+ } while(0);
+
+#define i_transform(B0, B1, B2, B3) \
+ do { \
+ B2 = rotate_right_m128(B2, 22); \
+ B0 = rotate_right_m128(B0, 5); \
+ B2 = _mm_xor_si128(B2, _mm_xor_si128(B3, _mm_slli_epi32(B1, 7))); \
+ B0 = _mm_xor_si128(B0, _mm_xor_si128(B1, B3)); \
+ B3 = rotate_right_m128(B3, 7); \
+ B1 = rotate_right_m128(B1, 1); \
+ B3 = _mm_xor_si128(B3, _mm_xor_si128(B2, _mm_slli_epi32(B0, 3))); \
+ B1 = _mm_xor_si128(B1, _mm_xor_si128(B0, B2)); \
+ B2 = rotate_right_m128(B2, 3); \
+ B0 = rotate_right_m128(B0, 13); \
+ } while(0);
+
+/*
+* 4x4 SSE2 integer matrix transpose
+*/
+#define transpose(B0, B1, B2, B3) \
+ do { \
+ __m128i T0 = _mm_unpacklo_epi32(B0, B1); \
+ __m128i T1 = _mm_unpacklo_epi32(B2, B3); \
+ __m128i T2 = _mm_unpackhi_epi32(B0, B1); \
+ __m128i T3 = _mm_unpackhi_epi32(B2, B3); \
+ B0 = _mm_unpacklo_epi64(T0, T1); \
+ B1 = _mm_unpackhi_epi64(T0, T1); \
+ B2 = _mm_unpacklo_epi64(T2, T3); \
+ B3 = _mm_unpackhi_epi64(T2, T3); \
+ } while(0);
+
+/*
+* SSE2 Serpent Encryption of 4 blocks in parallel
+*/
+void serpent_encrypt_4(const byte in[64],
+ byte out[64],
+ const u32bit keys_32[132])
+ {
+ const __m128i all_ones = _mm_set1_epi8(0xFF);
+
+ const __m128i* keys = (const __m128i*)(keys_32);
+ __m128i* out_mm = (__m128i*)(out);
+ __m128i* in_mm = (__m128i*)(in);
+
+ __m128i B0 = _mm_loadu_si128(in_mm);
+ __m128i B1 = _mm_loadu_si128(in_mm + 1);
+ __m128i B2 = _mm_loadu_si128(in_mm + 2);
+ __m128i B3 = _mm_loadu_si128(in_mm + 3);
+
+ transpose(B0, B1, B2, B3);
+
+ key_xor( 0,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 1,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 2,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 3,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 4,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 5,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 6,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 7,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+
+ key_xor( 8,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor( 9,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(10,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(11,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(12,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(13,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(14,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(15,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+
+ key_xor(16,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(17,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(18,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(19,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(20,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(21,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(22,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(23,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+
+ key_xor(24,B0,B1,B2,B3); SBoxE1(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(25,B0,B1,B2,B3); SBoxE2(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(26,B0,B1,B2,B3); SBoxE3(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(27,B0,B1,B2,B3); SBoxE4(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(28,B0,B1,B2,B3); SBoxE5(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(29,B0,B1,B2,B3); SBoxE6(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(30,B0,B1,B2,B3); SBoxE7(B0,B1,B2,B3); transform(B0,B1,B2,B3);
+ key_xor(31,B0,B1,B2,B3); SBoxE8(B0,B1,B2,B3); key_xor(32,B0,B1,B2,B3);
+
+ transpose(B0, B1, B2, B3);
+
+ _mm_storeu_si128(out_mm , B0);
+ _mm_storeu_si128(out_mm + 1, B1);
+ _mm_storeu_si128(out_mm + 2, B2);
+ _mm_storeu_si128(out_mm + 3, B3);
+ }
+
+/*
+* SSE2 Serpent Decryption of 4 blocks in parallel
+*/
+void serpent_decrypt_4(const byte in[64],
+ byte out[64],
+ const u32bit keys_32[132])
+ {
+ const __m128i all_ones = _mm_set1_epi8(0xFF);
+
+ const __m128i* keys = (const __m128i*)(keys_32);
+ __m128i* out_mm = (__m128i*)(out);
+ __m128i* in_mm = (__m128i*)(in);
+
+ __m128i B0 = _mm_loadu_si128(in_mm);
+ __m128i B1 = _mm_loadu_si128(in_mm + 1);
+ __m128i B2 = _mm_loadu_si128(in_mm + 2);
+ __m128i B3 = _mm_loadu_si128(in_mm + 3);
+
+ transpose(B0, B1, B2, B3);
+
+ key_xor(32,B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(31,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(30,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(29,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(28,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(27,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(26,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(25,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(24,B0,B1,B2,B3);
+
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(23,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(22,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(21,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(20,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(19,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(18,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor(17,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor(16,B0,B1,B2,B3);
+
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor(15,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor(14,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor(13,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor(12,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor(11,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor(10,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 9,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 8,B0,B1,B2,B3);
+
+ i_transform(B0,B1,B2,B3); SBoxD8(B0,B1,B2,B3); key_xor( 7,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD7(B0,B1,B2,B3); key_xor( 6,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD6(B0,B1,B2,B3); key_xor( 5,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD5(B0,B1,B2,B3); key_xor( 4,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD4(B0,B1,B2,B3); key_xor( 3,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD3(B0,B1,B2,B3); key_xor( 2,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD2(B0,B1,B2,B3); key_xor( 1,B0,B1,B2,B3);
+ i_transform(B0,B1,B2,B3); SBoxD1(B0,B1,B2,B3); key_xor( 0,B0,B1,B2,B3);
+
+ transpose(B0, B1, B2, B3);
+
+ _mm_storeu_si128(out_mm , B0);
+ _mm_storeu_si128(out_mm + 1, B1);
+ _mm_storeu_si128(out_mm + 2, B2);
+ _mm_storeu_si128(out_mm + 3, B3);
+ }
+
+}
+
+/*
+* Serpent Encryption
+*/
+void Serpent_SSE2::encrypt_n(const byte in[], byte out[], u32bit blocks) const
+ {
+ while(blocks >= 4)
+ {
+ serpent_encrypt_4(in, out, this->round_key);
+ in += 4 * BLOCK_SIZE;
+ out += 4 * BLOCK_SIZE;
+ blocks -= 4;
+ }
+
+ Serpent::encrypt_n(in, out, blocks);
+ }
+
+/*
+* Serpent Decryption
+*/
+void Serpent_SSE2::decrypt_n(const byte in[], byte out[], u32bit blocks) const
+ {
+ while(blocks >= 4)
+ {
+ serpent_decrypt_4(in, out, this->round_key);
+ in += 4 * BLOCK_SIZE;
+ out += 4 * BLOCK_SIZE;
+ blocks -= 4;
+ }
+
+ Serpent::decrypt_n(in, out, blocks);
+ }
+
+}
diff --git a/src/block/serpent_sse2/serp_sse2.h b/src/block/serpent_sse2/serp_sse2.h
new file mode 100644
index 000000000..f1e5c2028
--- /dev/null
+++ b/src/block/serpent_sse2/serp_sse2.h
@@ -0,0 +1,29 @@
+/*
+* Serpent (SSE2)
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_SERPENT_SSE2_H__
+#define BOTAN_SERPENT_SSE2_H__
+
+#include <botan/serpent.h>
+
+namespace Botan {
+
+/*
+* Serpent
+*/
+class BOTAN_DLL Serpent_SSE2 : public Serpent
+ {
+ public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
+ BlockCipher* clone() const { return new Serpent_SSE2; }
+ };
+
+}
+
+#endif
diff --git a/src/block/serpent_sse2/serp_sse2_sbox.h b/src/block/serpent_sse2/serp_sse2_sbox.h
new file mode 100644
index 000000000..40c552e87
--- /dev/null
+++ b/src/block/serpent_sse2/serp_sse2_sbox.h
@@ -0,0 +1,434 @@
+/*
+* Serpent Sboxes in SSE2 form
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef SERPENT_SSE2_SBOXES_H__
+#define SERPENT_SSE2_SBOXES_H__
+
+#define SBoxE1(B0, B1, B2, B3) \
+ do { \
+ B3 = _mm_xor_si128(B3, B0); \
+ __m128i B4 = B1; \
+ B1 = _mm_and_si128(B1, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B0 = _mm_or_si128(B0, B3); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B2 = _mm_or_si128(B2, B1); \
+ B2 = _mm_xor_si128(B2, B4); \
+ B4 = _mm_xor_si128(B4, all_ones); \
+ B4 = _mm_or_si128(B4, B1); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B3 = _mm_or_si128(B3, B0); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B3 = B0; \
+ B0 = B1; \
+ B1 = B4; \
+ } while(0);
+
+#define SBoxE2(B0, B1, B2, B3) \
+ do { \
+ B0 = _mm_xor_si128(B0, all_ones); \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ __m128i B4 = B0; \
+ B0 = _mm_and_si128(B0, B1); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_or_si128(B0, B3); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B4 = _mm_or_si128(B4, B1); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B2 = _mm_or_si128(B2, B0); \
+ B2 = _mm_and_si128(B2, B4); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B1 = _mm_and_si128(B1, B2); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B0 = _mm_and_si128(B0, B2); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = B2; \
+ B2 = B3; \
+ B3 = B1; \
+ B1 = B4; \
+ } while(0);
+
+#define SBoxE3(B0, B1, B2, B3) \
+ do { \
+ __m128i B4 = B0; \
+ B0 = _mm_and_si128(B0, B2); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B3 = _mm_or_si128(B3, B4); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B1 = B3; \
+ B3 = _mm_or_si128(B3, B4); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B0 = _mm_and_si128(B0, B1); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B4 = _mm_xor_si128(B4, all_ones); \
+ B0 = B2; \
+ B2 = B1; \
+ B1 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxE4(B0, B1, B2, B3) \
+ do { \
+ __m128i B4 = B0; \
+ B0 = _mm_or_si128(B0, B3); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = _mm_and_si128(B1, B4); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B3 = _mm_and_si128(B3, B0); \
+ B4 = _mm_or_si128(B4, B1); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B4 = _mm_and_si128(B4, B0); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B1 = _mm_or_si128(B1, B0); \
+ B1 = _mm_xor_si128(B1, B2); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B2 = B1; \
+ B1 = _mm_or_si128(B1, B3); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B1 = B2; \
+ B2 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxE5(B0, B1, B2, B3) \
+ do { \
+ B1 = _mm_xor_si128(B1, B3); \
+ B3 = _mm_xor_si128(B3, all_ones); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B3 = _mm_xor_si128(B3, B0); \
+ __m128i B4 = B1; \
+ B1 = _mm_and_si128(B1, B3); \
+ B1 = _mm_xor_si128(B1, B2); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B2 = _mm_and_si128(B2, B4); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_and_si128(B0, B1); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B4 = _mm_or_si128(B4, B1); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = _mm_or_si128(B0, B3); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B2 = _mm_and_si128(B2, B3); \
+ B0 = _mm_xor_si128(B0, all_ones); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = B0; \
+ B0 = B1; \
+ B1 = B4; \
+ } while(0);
+
+#define SBoxE6(B0, B1, B2, B3) \
+ do { \
+ B0 = _mm_xor_si128(B0, B1); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B3 = _mm_xor_si128(B3, all_ones); \
+ __m128i B4 = B1; \
+ B1 = _mm_and_si128(B1, B0); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B1 = _mm_xor_si128(B1, B2); \
+ B2 = _mm_or_si128(B2, B4); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B3 = _mm_and_si128(B3, B1); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_and_si128(B0, B3); \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B4 = _mm_or_si128(B4, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = B0; \
+ B0 = B1; \
+ B1 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxE7(B0, B1, B2, B3) \
+ do { \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ __m128i B4 = B3; \
+ B3 = _mm_and_si128(B3, B0); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B2 = _mm_or_si128(B2, B4); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_or_si128(B0, B1); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = _mm_or_si128(B0, B3); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B3 = _mm_xor_si128(B3, all_ones); \
+ B2 = _mm_and_si128(B2, B4); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B2 = B4; \
+ } while(0);
+
+#define SBoxE8(B0, B1, B2, B3) \
+ do { \
+ __m128i B4 = B1; \
+ B1 = _mm_or_si128(B1, B2); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B3 = _mm_or_si128(B3, B4); \
+ B3 = _mm_and_si128(B3, B0); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = _mm_or_si128(B1, B4); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B0 = _mm_or_si128(B0, B4); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B1 = _mm_and_si128(B1, B0); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ B2 = _mm_or_si128(B2, B0); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = B1; \
+ B1 = B3; \
+ B3 = B0; \
+ B0 = B4; \
+ } while(0);
+
+#define SBoxD1(B0, B1, B2, B3) \
+ do \
+ { \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ __m128i B4 = B1; \
+ B1 = _mm_or_si128(B1, B0); \
+ B4 = _mm_xor_si128(B4, all_ones); \
+ B1 = _mm_xor_si128(B1, B2); \
+ B2 = _mm_or_si128(B2, B4); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_and_si128(B0, B3); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = _mm_or_si128(B0, B1); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B2 = _mm_and_si128(B2, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = B1; \
+ B1 = B4; \
+ } while(0);
+
+#define SBoxD2(B0, B1, B2, B3) \
+ do \
+ { \
+ __m128i B4 = B1; \
+ B1 = _mm_xor_si128(B1, B3); \
+ B3 = _mm_and_si128(B3, B1); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B0 = _mm_or_si128(B0, B1); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B0 = _mm_xor_si128(B0, B4); \
+ B0 = _mm_or_si128(B0, B2); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B1 = _mm_or_si128(B1, B3); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B4 = _mm_xor_si128(B4, all_ones); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B1 = _mm_or_si128(B1, B0); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B1 = _mm_or_si128(B1, B4); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = B0; \
+ B0 = B4; \
+ B4 = B2; \
+ B2 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxD3(B0, B1, B2, B3) \
+ do \
+ { \
+ B2 = _mm_xor_si128(B2, B3); \
+ B3 = _mm_xor_si128(B3, B0); \
+ __m128i B4 = B3; \
+ B3 = _mm_and_si128(B3, B2); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = _mm_or_si128(B1, B2); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B4 = _mm_and_si128(B4, B3); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B4 = _mm_and_si128(B4, B0); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = _mm_and_si128(B2, B1); \
+ B2 = _mm_or_si128(B2, B0); \
+ B3 = _mm_xor_si128(B3, all_ones); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B0 = _mm_and_si128(B0, B1); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B0 = B1; \
+ B1 = B4; \
+ } while(0);
+
+#define SBoxD4(B0, B1, B2, B3) \
+ do \
+ { \
+ __m128i B4 = B2; \
+ B2 = _mm_xor_si128(B2, B1); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B4 = _mm_and_si128(B4, B2); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = _mm_and_si128(B0, B1); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B3 = _mm_or_si128(B3, B4); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B3 = _mm_and_si128(B3, B2); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B1 = _mm_or_si128(B1, B2); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B1 = _mm_xor_si128(B1, B4); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B4 = B0; \
+ B0 = B2; \
+ B2 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxD5(B0, B1, B2, B3) \
+ do \
+ { \
+ __m128i B4 = B2; \
+ B2 = _mm_and_si128(B2, B3); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B1 = _mm_or_si128(B1, B3); \
+ B1 = _mm_and_si128(B1, B0); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B1 = _mm_and_si128(B1, B2); \
+ B0 = _mm_xor_si128(B0, all_ones); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B3 = _mm_and_si128(B3, B0); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B0 = _mm_xor_si128(B0, B1); \
+ B2 = _mm_and_si128(B2, B0); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B2 = _mm_xor_si128(B2, B4); \
+ B2 = _mm_or_si128(B2, B3); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B2 = _mm_xor_si128(B2, B1); \
+ B1 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#define SBoxD6(B0, B1, B2, B3) \
+ do \
+ { \
+ B1 = _mm_xor_si128(B1, all_ones); \
+ __m128i B4 = B3; \
+ B2 = _mm_xor_si128(B2, B1); \
+ B3 = _mm_or_si128(B3, B0); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B2 = _mm_or_si128(B2, B1); \
+ B2 = _mm_and_si128(B2, B0); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B2 = _mm_xor_si128(B2, B4); \
+ B4 = _mm_or_si128(B4, B0); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B1 = _mm_and_si128(B1, B2); \
+ B1 = _mm_xor_si128(B1, B3); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B3 = _mm_and_si128(B3, B4); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B4 = _mm_xor_si128(B4, all_ones); \
+ B3 = _mm_xor_si128(B3, B0); \
+ B0 = B1; \
+ B1 = B4; \
+ B4 = B3; \
+ B3 = B2; \
+ B2 = B4; \
+ } while(0);
+
+#define SBoxD7(B0, B1, B2, B3) \
+ do \
+ { \
+ B0 = _mm_xor_si128(B0, B2); \
+ __m128i B4 = B2; \
+ B2 = _mm_and_si128(B2, B0); \
+ B4 = _mm_xor_si128(B4, B3); \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B2 = _mm_xor_si128(B2, B3); \
+ B4 = _mm_or_si128(B4, B0); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B1 = _mm_and_si128(B1, B3); \
+ B1 = _mm_xor_si128(B1, B0); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B0 = _mm_or_si128(B0, B2); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B4 = _mm_xor_si128(B4, B0); \
+ B0 = B1; \
+ B1 = B2; \
+ B2 = B4; \
+ } while(0);
+
+#define SBoxD8(B0, B1, B2, B3) \
+ do \
+ { \
+ __m128i B4 = B2; \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_and_si128(B0, B3); \
+ B4 = _mm_or_si128(B4, B3); \
+ B2 = _mm_xor_si128(B2, all_ones); \
+ B3 = _mm_xor_si128(B3, B1); \
+ B1 = _mm_or_si128(B1, B0); \
+ B0 = _mm_xor_si128(B0, B2); \
+ B2 = _mm_and_si128(B2, B4); \
+ B3 = _mm_and_si128(B3, B4); \
+ B1 = _mm_xor_si128(B1, B2); \
+ B2 = _mm_xor_si128(B2, B0); \
+ B0 = _mm_or_si128(B0, B2); \
+ B4 = _mm_xor_si128(B4, B1); \
+ B0 = _mm_xor_si128(B0, B3); \
+ B3 = _mm_xor_si128(B3, B4); \
+ B4 = _mm_or_si128(B4, B0); \
+ B3 = _mm_xor_si128(B3, B2); \
+ B4 = _mm_xor_si128(B4, B2); \
+ B2 = B1; \
+ B1 = B0; \
+ B0 = B3; \
+ B3 = B4; \
+ } while(0);
+
+#endif
diff --git a/src/block/skipjack/skipjack.cpp b/src/block/skipjack/skipjack.cpp
index f5ffc861e..6c308c0f8 100644
--- a/src/block/skipjack/skipjack.cpp
+++ b/src/block/skipjack/skipjack.cpp
@@ -13,51 +13,63 @@ namespace Botan {
/*
* Skipjack Encryption
*/
-void Skipjack::enc(const byte in[], byte out[]) const
+void Skipjack::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit W1 = load_le<u16bit>(in, 3);
- u16bit W2 = load_le<u16bit>(in, 2);
- u16bit W3 = load_le<u16bit>(in, 1);
- u16bit W4 = load_le<u16bit>(in, 0);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u16bit W1 = load_le<u16bit>(in, 3);
+ u16bit W2 = load_le<u16bit>(in, 2);
+ u16bit W3 = load_le<u16bit>(in, 1);
+ u16bit W4 = load_le<u16bit>(in, 0);
- step_A(W1,W4, 1); step_A(W4,W3, 2); step_A(W3,W2, 3); step_A(W2,W1, 4);
- step_A(W1,W4, 5); step_A(W4,W3, 6); step_A(W3,W2, 7); step_A(W2,W1, 8);
+ step_A(W1,W4, 1); step_A(W4,W3, 2); step_A(W3,W2, 3); step_A(W2,W1, 4);
+ step_A(W1,W4, 5); step_A(W4,W3, 6); step_A(W3,W2, 7); step_A(W2,W1, 8);
- step_B(W1,W2, 9); step_B(W4,W1,10); step_B(W3,W4,11); step_B(W2,W3,12);
- step_B(W1,W2,13); step_B(W4,W1,14); step_B(W3,W4,15); step_B(W2,W3,16);
+ step_B(W1,W2, 9); step_B(W4,W1,10); step_B(W3,W4,11); step_B(W2,W3,12);
+ step_B(W1,W2,13); step_B(W4,W1,14); step_B(W3,W4,15); step_B(W2,W3,16);
- step_A(W1,W4,17); step_A(W4,W3,18); step_A(W3,W2,19); step_A(W2,W1,20);
- step_A(W1,W4,21); step_A(W4,W3,22); step_A(W3,W2,23); step_A(W2,W1,24);
+ step_A(W1,W4,17); step_A(W4,W3,18); step_A(W3,W2,19); step_A(W2,W1,20);
+ step_A(W1,W4,21); step_A(W4,W3,22); step_A(W3,W2,23); step_A(W2,W1,24);
- step_B(W1,W2,25); step_B(W4,W1,26); step_B(W3,W4,27); step_B(W2,W3,28);
- step_B(W1,W2,29); step_B(W4,W1,30); step_B(W3,W4,31); step_B(W2,W3,32);
+ step_B(W1,W2,25); step_B(W4,W1,26); step_B(W3,W4,27); step_B(W2,W3,28);
+ step_B(W1,W2,29); step_B(W4,W1,30); step_B(W3,W4,31); step_B(W2,W3,32);
- store_le(out, W4, W3, W2, W1);
+ store_le(out, W4, W3, W2, W1);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Skipjack Decryption
*/
-void Skipjack::dec(const byte in[], byte out[]) const
+void Skipjack::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u16bit W1 = load_le<u16bit>(in, 3);
- u16bit W2 = load_le<u16bit>(in, 2);
- u16bit W3 = load_le<u16bit>(in, 1);
- u16bit W4 = load_le<u16bit>(in, 0);
+ for(u32bit i = 0; i != blocks; ++i)
+ {
+ u16bit W1 = load_le<u16bit>(in, 3);
+ u16bit W2 = load_le<u16bit>(in, 2);
+ u16bit W3 = load_le<u16bit>(in, 1);
+ u16bit W4 = load_le<u16bit>(in, 0);
+
+ step_Bi(W2,W3,32); step_Bi(W3,W4,31); step_Bi(W4,W1,30); step_Bi(W1,W2,29);
+ step_Bi(W2,W3,28); step_Bi(W3,W4,27); step_Bi(W4,W1,26); step_Bi(W1,W2,25);
- step_Bi(W2,W3,32); step_Bi(W3,W4,31); step_Bi(W4,W1,30); step_Bi(W1,W2,29);
- step_Bi(W2,W3,28); step_Bi(W3,W4,27); step_Bi(W4,W1,26); step_Bi(W1,W2,25);
+ step_Ai(W1,W2,24); step_Ai(W2,W3,23); step_Ai(W3,W4,22); step_Ai(W4,W1,21);
+ step_Ai(W1,W2,20); step_Ai(W2,W3,19); step_Ai(W3,W4,18); step_Ai(W4,W1,17);
- step_Ai(W1,W2,24); step_Ai(W2,W3,23); step_Ai(W3,W4,22); step_Ai(W4,W1,21);
- step_Ai(W1,W2,20); step_Ai(W2,W3,19); step_Ai(W3,W4,18); step_Ai(W4,W1,17);
+ step_Bi(W2,W3,16); step_Bi(W3,W4,15); step_Bi(W4,W1,14); step_Bi(W1,W2,13);
+ step_Bi(W2,W3,12); step_Bi(W3,W4,11); step_Bi(W4,W1,10); step_Bi(W1,W2, 9);
- step_Bi(W2,W3,16); step_Bi(W3,W4,15); step_Bi(W4,W1,14); step_Bi(W1,W2,13);
- step_Bi(W2,W3,12); step_Bi(W3,W4,11); step_Bi(W4,W1,10); step_Bi(W1,W2, 9);
+ step_Ai(W1,W2, 8); step_Ai(W2,W3, 7); step_Ai(W3,W4, 6); step_Ai(W4,W1, 5);
+ step_Ai(W1,W2, 4); step_Ai(W2,W3, 3); step_Ai(W3,W4, 2); step_Ai(W4,W1, 1);
- step_Ai(W1,W2, 8); step_Ai(W2,W3, 7); step_Ai(W3,W4, 6); step_Ai(W4,W1, 5);
- step_Ai(W1,W2, 4); step_Ai(W2,W3, 3); step_Ai(W3,W4, 2); step_Ai(W4,W1, 1);
+ store_le(out, W4, W3, W2, W1);
- store_le(out, W4, W3, W2, W1);
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/skipjack/skipjack.h b/src/block/skipjack/skipjack.h
index 231cd9c87..f12032f36 100644
--- a/src/block/skipjack/skipjack.h
+++ b/src/block/skipjack/skipjack.h
@@ -18,18 +18,21 @@ namespace Botan {
class BOTAN_DLL Skipjack : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "Skipjack"; }
BlockCipher* clone() const { return new Skipjack; }
+
Skipjack() : BlockCipher(8, 10) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
void step_A(u16bit&, u16bit&, u32bit) const;
void step_B(u16bit&, u16bit&, u32bit) const;
void step_Ai(u16bit&, u16bit&, u32bit) const;
void step_Bi(u16bit&, u16bit&, u32bit) const;
+
SecureBuffer<byte, 256> FTABLE[10];
};
diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp
index cb226542d..fdd47d3b2 100644
--- a/src/block/square/square.cpp
+++ b/src/block/square/square.cpp
@@ -14,103 +14,123 @@ namespace Botan {
/*
* Square Encryption
*/
-void Square::enc(const byte in[], byte out[]) const
+void Square::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit T0, T1, T2, T3, B0, B1, B2, B3;
- B0 = TE0[in[ 0] ^ ME[ 0]] ^ TE1[in[ 4] ^ ME[ 4]] ^
- TE2[in[ 8] ^ ME[ 8]] ^ TE3[in[12] ^ ME[12]] ^ EK[0];
- B1 = TE0[in[ 1] ^ ME[ 1]] ^ TE1[in[ 5] ^ ME[ 5]] ^
- TE2[in[ 9] ^ ME[ 9]] ^ TE3[in[13] ^ ME[13]] ^ EK[1];
- B2 = TE0[in[ 2] ^ ME[ 2]] ^ TE1[in[ 6] ^ ME[ 6]] ^
- TE2[in[10] ^ ME[10]] ^ TE3[in[14] ^ ME[14]] ^ EK[2];
- B3 = TE0[in[ 3] ^ ME[ 3]] ^ TE1[in[ 7] ^ ME[ 7]] ^
- TE2[in[11] ^ ME[11]] ^ TE3[in[15] ^ ME[15]] ^ EK[3];
- for(u32bit j = 1; j != 7; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(0, B1)] ^
- TE2[get_byte(0, B2)] ^ TE3[get_byte(0, B3)] ^ EK[4*j+0];
- T1 = TE0[get_byte(1, B0)] ^ TE1[get_byte(1, B1)] ^
- TE2[get_byte(1, B2)] ^ TE3[get_byte(1, B3)] ^ EK[4*j+1];
- T2 = TE0[get_byte(2, B0)] ^ TE1[get_byte(2, B1)] ^
- TE2[get_byte(2, B2)] ^ TE3[get_byte(2, B3)] ^ EK[4*j+2];
- T3 = TE0[get_byte(3, B0)] ^ TE1[get_byte(3, B1)] ^
- TE2[get_byte(3, B2)] ^ TE3[get_byte(3, B3)] ^ EK[4*j+3];
- B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(0, T1)] ^
- TE2[get_byte(0, T2)] ^ TE3[get_byte(0, T3)] ^ EK[4*j+4];
- B1 = TE0[get_byte(1, T0)] ^ TE1[get_byte(1, T1)] ^
- TE2[get_byte(1, T2)] ^ TE3[get_byte(1, T3)] ^ EK[4*j+5];
- B2 = TE0[get_byte(2, T0)] ^ TE1[get_byte(2, T1)] ^
- TE2[get_byte(2, T2)] ^ TE3[get_byte(2, T3)] ^ EK[4*j+6];
- B3 = TE0[get_byte(3, T0)] ^ TE1[get_byte(3, T1)] ^
- TE2[get_byte(3, T2)] ^ TE3[get_byte(3, T3)] ^ EK[4*j+7];
+ u32bit T0, T1, T2, T3, B0, B1, B2, B3;
+
+ B0 = TE0[in[ 0] ^ ME[ 0]] ^ TE1[in[ 4] ^ ME[ 4]] ^
+ TE2[in[ 8] ^ ME[ 8]] ^ TE3[in[12] ^ ME[12]] ^ EK[0];
+ B1 = TE0[in[ 1] ^ ME[ 1]] ^ TE1[in[ 5] ^ ME[ 5]] ^
+ TE2[in[ 9] ^ ME[ 9]] ^ TE3[in[13] ^ ME[13]] ^ EK[1];
+ B2 = TE0[in[ 2] ^ ME[ 2]] ^ TE1[in[ 6] ^ ME[ 6]] ^
+ TE2[in[10] ^ ME[10]] ^ TE3[in[14] ^ ME[14]] ^ EK[2];
+ B3 = TE0[in[ 3] ^ ME[ 3]] ^ TE1[in[ 7] ^ ME[ 7]] ^
+ TE2[in[11] ^ ME[11]] ^ TE3[in[15] ^ ME[15]] ^ EK[3];
+
+ for(u32bit j = 1; j != 7; j += 2)
+ {
+ T0 = TE0[get_byte(0, B0)] ^ TE1[get_byte(0, B1)] ^
+ TE2[get_byte(0, B2)] ^ TE3[get_byte(0, B3)] ^ EK[4*j+0];
+ T1 = TE0[get_byte(1, B0)] ^ TE1[get_byte(1, B1)] ^
+ TE2[get_byte(1, B2)] ^ TE3[get_byte(1, B3)] ^ EK[4*j+1];
+ T2 = TE0[get_byte(2, B0)] ^ TE1[get_byte(2, B1)] ^
+ TE2[get_byte(2, B2)] ^ TE3[get_byte(2, B3)] ^ EK[4*j+2];
+ T3 = TE0[get_byte(3, B0)] ^ TE1[get_byte(3, B1)] ^
+ TE2[get_byte(3, B2)] ^ TE3[get_byte(3, B3)] ^ EK[4*j+3];
+
+ B0 = TE0[get_byte(0, T0)] ^ TE1[get_byte(0, T1)] ^
+ TE2[get_byte(0, T2)] ^ TE3[get_byte(0, T3)] ^ EK[4*j+4];
+ B1 = TE0[get_byte(1, T0)] ^ TE1[get_byte(1, T1)] ^
+ TE2[get_byte(1, T2)] ^ TE3[get_byte(1, T3)] ^ EK[4*j+5];
+ B2 = TE0[get_byte(2, T0)] ^ TE1[get_byte(2, T1)] ^
+ TE2[get_byte(2, T2)] ^ TE3[get_byte(2, T3)] ^ EK[4*j+6];
+ B3 = TE0[get_byte(3, T0)] ^ TE1[get_byte(3, T1)] ^
+ TE2[get_byte(3, T2)] ^ TE3[get_byte(3, T3)] ^ EK[4*j+7];
+ }
+
+ out[ 0] = SE[get_byte(0, B0)] ^ ME[16];
+ out[ 1] = SE[get_byte(0, B1)] ^ ME[17];
+ out[ 2] = SE[get_byte(0, B2)] ^ ME[18];
+ out[ 3] = SE[get_byte(0, B3)] ^ ME[19];
+ out[ 4] = SE[get_byte(1, B0)] ^ ME[20];
+ out[ 5] = SE[get_byte(1, B1)] ^ ME[21];
+ out[ 6] = SE[get_byte(1, B2)] ^ ME[22];
+ out[ 7] = SE[get_byte(1, B3)] ^ ME[23];
+ out[ 8] = SE[get_byte(2, B0)] ^ ME[24];
+ out[ 9] = SE[get_byte(2, B1)] ^ ME[25];
+ out[10] = SE[get_byte(2, B2)] ^ ME[26];
+ out[11] = SE[get_byte(2, B3)] ^ ME[27];
+ out[12] = SE[get_byte(3, B0)] ^ ME[28];
+ out[13] = SE[get_byte(3, B1)] ^ ME[29];
+ out[14] = SE[get_byte(3, B2)] ^ ME[30];
+ out[15] = SE[get_byte(3, B3)] ^ ME[31];
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
- out[ 0] = SE[get_byte(0, B0)] ^ ME[16];
- out[ 1] = SE[get_byte(0, B1)] ^ ME[17];
- out[ 2] = SE[get_byte(0, B2)] ^ ME[18];
- out[ 3] = SE[get_byte(0, B3)] ^ ME[19];
- out[ 4] = SE[get_byte(1, B0)] ^ ME[20];
- out[ 5] = SE[get_byte(1, B1)] ^ ME[21];
- out[ 6] = SE[get_byte(1, B2)] ^ ME[22];
- out[ 7] = SE[get_byte(1, B3)] ^ ME[23];
- out[ 8] = SE[get_byte(2, B0)] ^ ME[24];
- out[ 9] = SE[get_byte(2, B1)] ^ ME[25];
- out[10] = SE[get_byte(2, B2)] ^ ME[26];
- out[11] = SE[get_byte(2, B3)] ^ ME[27];
- out[12] = SE[get_byte(3, B0)] ^ ME[28];
- out[13] = SE[get_byte(3, B1)] ^ ME[29];
- out[14] = SE[get_byte(3, B2)] ^ ME[30];
- out[15] = SE[get_byte(3, B3)] ^ ME[31];
}
/*
* Square Decryption
*/
-void Square::dec(const byte in[], byte out[]) const
+void Square::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit T0, T1, T2, T3, B0, B1, B2, B3;
- B0 = TD0[in[ 0] ^ MD[ 0]] ^ TD1[in[ 4] ^ MD[ 4]] ^
- TD2[in[ 8] ^ MD[ 8]] ^ TD3[in[12] ^ MD[12]] ^ DK[0];
- B1 = TD0[in[ 1] ^ MD[ 1]] ^ TD1[in[ 5] ^ MD[ 5]] ^
- TD2[in[ 9] ^ MD[ 9]] ^ TD3[in[13] ^ MD[13]] ^ DK[1];
- B2 = TD0[in[ 2] ^ MD[ 2]] ^ TD1[in[ 6] ^ MD[ 6]] ^
- TD2[in[10] ^ MD[10]] ^ TD3[in[14] ^ MD[14]] ^ DK[2];
- B3 = TD0[in[ 3] ^ MD[ 3]] ^ TD1[in[ 7] ^ MD[ 7]] ^
- TD2[in[11] ^ MD[11]] ^ TD3[in[15] ^ MD[15]] ^ DK[3];
- for(u32bit j = 1; j != 7; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(0, B1)] ^
- TD2[get_byte(0, B2)] ^ TD3[get_byte(0, B3)] ^ DK[4*j+0];
- T1 = TD0[get_byte(1, B0)] ^ TD1[get_byte(1, B1)] ^
- TD2[get_byte(1, B2)] ^ TD3[get_byte(1, B3)] ^ DK[4*j+1];
- T2 = TD0[get_byte(2, B0)] ^ TD1[get_byte(2, B1)] ^
- TD2[get_byte(2, B2)] ^ TD3[get_byte(2, B3)] ^ DK[4*j+2];
- T3 = TD0[get_byte(3, B0)] ^ TD1[get_byte(3, B1)] ^
- TD2[get_byte(3, B2)] ^ TD3[get_byte(3, B3)] ^ DK[4*j+3];
- B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(0, T1)] ^
- TD2[get_byte(0, T2)] ^ TD3[get_byte(0, T3)] ^ DK[4*j+4];
- B1 = TD0[get_byte(1, T0)] ^ TD1[get_byte(1, T1)] ^
- TD2[get_byte(1, T2)] ^ TD3[get_byte(1, T3)] ^ DK[4*j+5];
- B2 = TD0[get_byte(2, T0)] ^ TD1[get_byte(2, T1)] ^
- TD2[get_byte(2, T2)] ^ TD3[get_byte(2, T3)] ^ DK[4*j+6];
- B3 = TD0[get_byte(3, T0)] ^ TD1[get_byte(3, T1)] ^
- TD2[get_byte(3, T2)] ^ TD3[get_byte(3, T3)] ^ DK[4*j+7];
+ u32bit T0, T1, T2, T3, B0, B1, B2, B3;
+
+ B0 = TD0[in[ 0] ^ MD[ 0]] ^ TD1[in[ 4] ^ MD[ 4]] ^
+ TD2[in[ 8] ^ MD[ 8]] ^ TD3[in[12] ^ MD[12]] ^ DK[0];
+ B1 = TD0[in[ 1] ^ MD[ 1]] ^ TD1[in[ 5] ^ MD[ 5]] ^
+ TD2[in[ 9] ^ MD[ 9]] ^ TD3[in[13] ^ MD[13]] ^ DK[1];
+ B2 = TD0[in[ 2] ^ MD[ 2]] ^ TD1[in[ 6] ^ MD[ 6]] ^
+ TD2[in[10] ^ MD[10]] ^ TD3[in[14] ^ MD[14]] ^ DK[2];
+ B3 = TD0[in[ 3] ^ MD[ 3]] ^ TD1[in[ 7] ^ MD[ 7]] ^
+ TD2[in[11] ^ MD[11]] ^ TD3[in[15] ^ MD[15]] ^ DK[3];
+
+ for(u32bit j = 1; j != 7; j += 2)
+ {
+ T0 = TD0[get_byte(0, B0)] ^ TD1[get_byte(0, B1)] ^
+ TD2[get_byte(0, B2)] ^ TD3[get_byte(0, B3)] ^ DK[4*j+0];
+ T1 = TD0[get_byte(1, B0)] ^ TD1[get_byte(1, B1)] ^
+ TD2[get_byte(1, B2)] ^ TD3[get_byte(1, B3)] ^ DK[4*j+1];
+ T2 = TD0[get_byte(2, B0)] ^ TD1[get_byte(2, B1)] ^
+ TD2[get_byte(2, B2)] ^ TD3[get_byte(2, B3)] ^ DK[4*j+2];
+ T3 = TD0[get_byte(3, B0)] ^ TD1[get_byte(3, B1)] ^
+ TD2[get_byte(3, B2)] ^ TD3[get_byte(3, B3)] ^ DK[4*j+3];
+
+ B0 = TD0[get_byte(0, T0)] ^ TD1[get_byte(0, T1)] ^
+ TD2[get_byte(0, T2)] ^ TD3[get_byte(0, T3)] ^ DK[4*j+4];
+ B1 = TD0[get_byte(1, T0)] ^ TD1[get_byte(1, T1)] ^
+ TD2[get_byte(1, T2)] ^ TD3[get_byte(1, T3)] ^ DK[4*j+5];
+ B2 = TD0[get_byte(2, T0)] ^ TD1[get_byte(2, T1)] ^
+ TD2[get_byte(2, T2)] ^ TD3[get_byte(2, T3)] ^ DK[4*j+6];
+ B3 = TD0[get_byte(3, T0)] ^ TD1[get_byte(3, T1)] ^
+ TD2[get_byte(3, T2)] ^ TD3[get_byte(3, T3)] ^ DK[4*j+7];
+ }
+
+ out[ 0] = SD[get_byte(0, B0)] ^ MD[16];
+ out[ 1] = SD[get_byte(0, B1)] ^ MD[17];
+ out[ 2] = SD[get_byte(0, B2)] ^ MD[18];
+ out[ 3] = SD[get_byte(0, B3)] ^ MD[19];
+ out[ 4] = SD[get_byte(1, B0)] ^ MD[20];
+ out[ 5] = SD[get_byte(1, B1)] ^ MD[21];
+ out[ 6] = SD[get_byte(1, B2)] ^ MD[22];
+ out[ 7] = SD[get_byte(1, B3)] ^ MD[23];
+ out[ 8] = SD[get_byte(2, B0)] ^ MD[24];
+ out[ 9] = SD[get_byte(2, B1)] ^ MD[25];
+ out[10] = SD[get_byte(2, B2)] ^ MD[26];
+ out[11] = SD[get_byte(2, B3)] ^ MD[27];
+ out[12] = SD[get_byte(3, B0)] ^ MD[28];
+ out[13] = SD[get_byte(3, B1)] ^ MD[29];
+ out[14] = SD[get_byte(3, B2)] ^ MD[30];
+ out[15] = SD[get_byte(3, B3)] ^ MD[31];
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
}
- out[ 0] = SD[get_byte(0, B0)] ^ MD[16];
- out[ 1] = SD[get_byte(0, B1)] ^ MD[17];
- out[ 2] = SD[get_byte(0, B2)] ^ MD[18];
- out[ 3] = SD[get_byte(0, B3)] ^ MD[19];
- out[ 4] = SD[get_byte(1, B0)] ^ MD[20];
- out[ 5] = SD[get_byte(1, B1)] ^ MD[21];
- out[ 6] = SD[get_byte(1, B2)] ^ MD[22];
- out[ 7] = SD[get_byte(1, B3)] ^ MD[23];
- out[ 8] = SD[get_byte(2, B0)] ^ MD[24];
- out[ 9] = SD[get_byte(2, B1)] ^ MD[25];
- out[10] = SD[get_byte(2, B2)] ^ MD[26];
- out[11] = SD[get_byte(2, B3)] ^ MD[27];
- out[12] = SD[get_byte(3, B0)] ^ MD[28];
- out[13] = SD[get_byte(3, B1)] ^ MD[29];
- out[14] = SD[get_byte(3, B2)] ^ MD[30];
- out[15] = SD[get_byte(3, B3)] ^ MD[31];
}
/*
diff --git a/src/block/square/square.h b/src/block/square/square.h
index 94a1fc370..5d9cfc78c 100644
--- a/src/block/square/square.h
+++ b/src/block/square/square.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL Square : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "Square"; }
BlockCipher* clone() const { return new Square; }
+
Square() : BlockCipher(16, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static void transform(u32bit[4]);
diff --git a/src/block/tea/tea.cpp b/src/block/tea/tea.cpp
index 2b4212d9c..de30858da 100644
--- a/src/block/tea/tea.cpp
+++ b/src/block/tea/tea.cpp
@@ -13,37 +13,49 @@ namespace Botan {
/*
* TEA Encryption
*/
-void TEA::enc(const byte in[], byte out[]) const
+void TEA::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
-
- u32bit S = 0;
- for(u32bit j = 0; j != 32; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- S += 0x9E3779B9;
- L += ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
- R += ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
- }
+ u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
+
+ u32bit S = 0;
+ for(u32bit j = 0; j != 32; ++j)
+ {
+ S += 0x9E3779B9;
+ L += ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
+ R += ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
+ }
- store_be(out, L, R);
+ store_be(out, L, R);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* TEA Decryption
*/
-void TEA::dec(const byte in[], byte out[]) const
+void TEA::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
-
- u32bit S = 0xC6EF3720;
- for(u32bit j = 0; j != 32; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- R -= ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
- L -= ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
- S -= 0x9E3779B9;
- }
+ u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
+
+ u32bit S = 0xC6EF3720;
+ for(u32bit j = 0; j != 32; ++j)
+ {
+ R -= ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
+ L -= ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
+ S -= 0x9E3779B9;
+ }
- store_be(out, L, R);
+ store_be(out, L, R);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h
index 8ddf3e330..825a051aa 100644
--- a/src/block/tea/tea.h
+++ b/src/block/tea/tea.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL TEA : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { K.clear(); }
std::string name() const { return "TEA"; }
BlockCipher* clone() const { return new TEA; }
+
TEA() : BlockCipher(8, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 4> K;
};
diff --git a/src/block/twofish/twofish.cpp b/src/block/twofish/twofish.cpp
index 9784b00a2..6a482a8f3 100644
--- a/src/block/twofish/twofish.cpp
+++ b/src/block/twofish/twofish.cpp
@@ -14,91 +14,103 @@ namespace Botan {
/*
* Twofish Encryption
*/
-void Twofish::enc(const byte in[], byte out[]) const
+void Twofish::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0) ^ round_key[0];
- u32bit B = load_le<u32bit>(in, 1) ^ round_key[1];
- u32bit C = load_le<u32bit>(in, 2) ^ round_key[2];
- u32bit D = load_le<u32bit>(in, 3) ^ round_key[3];
-
- for(u32bit j = 0; j != 16; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- u32bit X, Y;
-
- X = SBox0[get_byte(3, A)] ^ SBox1[get_byte(2, A)] ^
- SBox2[get_byte(1, A)] ^ SBox3[get_byte(0, A)];
- Y = SBox0[get_byte(0, B)] ^ SBox1[get_byte(3, B)] ^
- SBox2[get_byte(2, B)] ^ SBox3[get_byte(1, B)];
- X += Y;
- Y += X + round_key[2*j + 9];
- X += round_key[2*j + 8];
-
- C = rotate_right(C ^ X, 1);
- D = rotate_left(D, 1) ^ Y;
-
- X = SBox0[get_byte(3, C)] ^ SBox1[get_byte(2, C)] ^
- SBox2[get_byte(1, C)] ^ SBox3[get_byte(0, C)];
- Y = SBox0[get_byte(0, D)] ^ SBox1[get_byte(3, D)] ^
- SBox2[get_byte(2, D)] ^ SBox3[get_byte(1, D)];
- X += Y;
- Y += X + round_key[2*j + 11];
- X += round_key[2*j + 10];
-
- A = rotate_right(A ^ X, 1);
- B = rotate_left(B, 1) ^ Y;
- }
+ u32bit A = load_le<u32bit>(in, 0) ^ round_key[0];
+ u32bit B = load_le<u32bit>(in, 1) ^ round_key[1];
+ u32bit C = load_le<u32bit>(in, 2) ^ round_key[2];
+ u32bit D = load_le<u32bit>(in, 3) ^ round_key[3];
- C ^= round_key[4];
- D ^= round_key[5];
- A ^= round_key[6];
- B ^= round_key[7];
+ for(u32bit j = 0; j != 16; j += 2)
+ {
+ u32bit X, Y;
+
+ X = SBox0[get_byte(3, A)] ^ SBox1[get_byte(2, A)] ^
+ SBox2[get_byte(1, A)] ^ SBox3[get_byte(0, A)];
+ Y = SBox0[get_byte(0, B)] ^ SBox1[get_byte(3, B)] ^
+ SBox2[get_byte(2, B)] ^ SBox3[get_byte(1, B)];
+ X += Y;
+ Y += X + round_key[2*j + 9];
+ X += round_key[2*j + 8];
+
+ C = rotate_right(C ^ X, 1);
+ D = rotate_left(D, 1) ^ Y;
+
+ X = SBox0[get_byte(3, C)] ^ SBox1[get_byte(2, C)] ^
+ SBox2[get_byte(1, C)] ^ SBox3[get_byte(0, C)];
+ Y = SBox0[get_byte(0, D)] ^ SBox1[get_byte(3, D)] ^
+ SBox2[get_byte(2, D)] ^ SBox3[get_byte(1, D)];
+ X += Y;
+ Y += X + round_key[2*j + 11];
+ X += round_key[2*j + 10];
+
+ A = rotate_right(A ^ X, 1);
+ B = rotate_left(B, 1) ^ Y;
+ }
- store_le(out, C, D, A, B);
+ C ^= round_key[4];
+ D ^= round_key[5];
+ A ^= round_key[6];
+ B ^= round_key[7];
+
+ store_le(out, C, D, A, B);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* Twofish Decryption
*/
-void Twofish::dec(const byte in[], byte out[]) const
+void Twofish::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit A = load_le<u32bit>(in, 0) ^ round_key[4];
- u32bit B = load_le<u32bit>(in, 1) ^ round_key[5];
- u32bit C = load_le<u32bit>(in, 2) ^ round_key[6];
- u32bit D = load_le<u32bit>(in, 3) ^ round_key[7];
-
- for(u32bit j = 0; j != 16; j += 2)
+ for(u32bit i = 0; i != blocks; ++i)
{
- u32bit X, Y;
-
- X = SBox0[get_byte(3, A)] ^ SBox1[get_byte(2, A)] ^
- SBox2[get_byte(1, A)] ^ SBox3[get_byte(0, A)];
- Y = SBox0[get_byte(0, B)] ^ SBox1[get_byte(3, B)] ^
- SBox2[get_byte(2, B)] ^ SBox3[get_byte(1, B)];
- X += Y;
- Y += X + round_key[39 - 2*j];
- X += round_key[38 - 2*j];
-
- C = rotate_left(C, 1) ^ X;
- D = rotate_right(D ^ Y, 1);
-
- X = SBox0[get_byte(3, C)] ^ SBox1[get_byte(2, C)] ^
- SBox2[get_byte(1, C)] ^ SBox3[get_byte(0, C)];
- Y = SBox0[get_byte(0, D)] ^ SBox1[get_byte(3, D)] ^
- SBox2[get_byte(2, D)] ^ SBox3[get_byte(1, D)];
- X += Y;
- Y += X + round_key[37 - 2*j];
- X += round_key[36 - 2*j];
-
- A = rotate_left(A, 1) ^ X;
- B = rotate_right(B ^ Y, 1);
- }
+ u32bit A = load_le<u32bit>(in, 0) ^ round_key[4];
+ u32bit B = load_le<u32bit>(in, 1) ^ round_key[5];
+ u32bit C = load_le<u32bit>(in, 2) ^ round_key[6];
+ u32bit D = load_le<u32bit>(in, 3) ^ round_key[7];
- C ^= round_key[0];
- D ^= round_key[1];
- A ^= round_key[2];
- B ^= round_key[3];
+ for(u32bit j = 0; j != 16; j += 2)
+ {
+ u32bit X, Y;
+
+ X = SBox0[get_byte(3, A)] ^ SBox1[get_byte(2, A)] ^
+ SBox2[get_byte(1, A)] ^ SBox3[get_byte(0, A)];
+ Y = SBox0[get_byte(0, B)] ^ SBox1[get_byte(3, B)] ^
+ SBox2[get_byte(2, B)] ^ SBox3[get_byte(1, B)];
+ X += Y;
+ Y += X + round_key[39 - 2*j];
+ X += round_key[38 - 2*j];
+
+ C = rotate_left(C, 1) ^ X;
+ D = rotate_right(D ^ Y, 1);
+
+ X = SBox0[get_byte(3, C)] ^ SBox1[get_byte(2, C)] ^
+ SBox2[get_byte(1, C)] ^ SBox3[get_byte(0, C)];
+ Y = SBox0[get_byte(0, D)] ^ SBox1[get_byte(3, D)] ^
+ SBox2[get_byte(2, D)] ^ SBox3[get_byte(1, D)];
+ X += Y;
+ Y += X + round_key[37 - 2*j];
+ X += round_key[36 - 2*j];
+
+ A = rotate_left(A, 1) ^ X;
+ B = rotate_right(B ^ Y, 1);
+ }
- store_le(out, C, D, A, B);
+ C ^= round_key[0];
+ D ^= round_key[1];
+ A ^= round_key[2];
+ B ^= round_key[3];
+
+ store_le(out, C, D, A, B);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/twofish/twofish.h b/src/block/twofish/twofish.h
index 0640e32f8..87b9aa626 100644
--- a/src/block/twofish/twofish.h
+++ b/src/block/twofish/twofish.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL Twofish : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw();
std::string name() const { return "Twofish"; }
BlockCipher* clone() const { return new Twofish; }
+
Twofish() : BlockCipher(16, 16, 32, 8) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
static void rs_mul(byte[4], byte, u32bit);
diff --git a/src/block/xtea/xtea.cpp b/src/block/xtea/xtea.cpp
index 5047f6594..77543e1e8 100644
--- a/src/block/xtea/xtea.cpp
+++ b/src/block/xtea/xtea.cpp
@@ -7,40 +7,51 @@
#include <botan/xtea.h>
#include <botan/loadstor.h>
-#include <botan/parsing.h>
namespace Botan {
/*
* XTEA Encryption
*/
-void XTEA::enc(const byte in[], byte out[]) const
+void XTEA::encrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
-
- for(u32bit j = 0; j != 32; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- L += (((R << 4) ^ (R >> 5)) + R) ^ EK[2*j];
- R += (((L << 4) ^ (L >> 5)) + L) ^ EK[2*j+1];
- }
+ u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
+
+ for(u32bit j = 0; j != 32; ++j)
+ {
+ L += (((R << 4) ^ (R >> 5)) + R) ^ EK[2*j];
+ R += (((L << 4) ^ (L >> 5)) + L) ^ EK[2*j+1];
+ }
- store_be(out, L, R);
+ store_be(out, L, R);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
* XTEA Decryption
*/
-void XTEA::dec(const byte in[], byte out[]) const
+void XTEA::decrypt_n(const byte in[], byte out[], u32bit blocks) const
{
- u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
-
- for(u32bit j = 0; j != 32; ++j)
+ for(u32bit i = 0; i != blocks; ++i)
{
- R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[63 - 2*j];
- L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[62 - 2*j];
- }
+ u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1);
+
+ for(u32bit j = 0; j != 32; ++j)
+ {
+ R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[63 - 2*j];
+ L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[62 - 2*j];
+ }
- store_be(out, L, R);
+ store_be(out, L, R);
+
+ in += BLOCK_SIZE;
+ out += BLOCK_SIZE;
+ }
}
/*
diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h
index d9c6066cb..de265818d 100644
--- a/src/block/xtea/xtea.h
+++ b/src/block/xtea/xtea.h
@@ -18,13 +18,15 @@ namespace Botan {
class BOTAN_DLL XTEA : public BlockCipher
{
public:
+ void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+ void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
+
void clear() throw() { EK.clear(); }
std::string name() const { return "XTEA"; }
BlockCipher* clone() const { return new XTEA; }
+
XTEA() : BlockCipher(8, 16) {}
private:
- void enc(const byte[], byte[]) const;
- void dec(const byte[], byte[]) const;
void key_schedule(const byte[], u32bit);
SecureBuffer<u32bit, 64> EK;
};
diff --git a/src/build-data/arch/arm b/src/build-data/arch/arm
index 73cd02f05..c6be4ad46 100644
--- a/src/build-data/arch/arm
+++ b/src/build-data/arch/arm
@@ -19,4 +19,5 @@ xscale
sa110 -> strongarm110
sa1100 -> strongarm1100
strongarm1110 -> strongarm1100
+armv5tel -> xscale
</submodel_aliases>
diff --git a/src/build-data/arch/m68k b/src/build-data/arch/m68k
index 27f246abc..759a3dac1 100644
--- a/src/build-data/arch/m68k
+++ b/src/build-data/arch/m68k
@@ -2,6 +2,11 @@ realname "Motorola 680x0"
default_submodel 68020
+endian big
+
+# Except for Coldfire
+#unaligned ok
+
<aliases>
680x0
68k
diff --git a/src/build-data/arch/mips32 b/src/build-data/arch/mips32
index a07a0a145..9846c8fb2 100644
--- a/src/build-data/arch/mips32
+++ b/src/build-data/arch/mips32
@@ -4,20 +4,19 @@ default_submodel r3000
<aliases>
mips
+mipsel # For Debian
</aliases>
<submodels>
-mip32-r3000
-mip32-r6000
+r3000
+r6000
</submodels>
<submodel_aliases>
-r3k -> mips32-r3000
-r6k -> mips32-r6000
+r3k -> r3000
+r6k -> r6000
-r3000 -> mips32-r3000
-r6000 -> mips32-r6000
-
-mipsbe -> mips3000 # For RPM
-mipsle -> mips3000 # For RPM
+# These are for RPM
+mipsbe -> r3000
+mipsle -> r3000
</submodel_aliases>
diff --git a/src/build-data/arch/mips64 b/src/build-data/arch/mips64
index 228083848..dbb49d028 100644
--- a/src/build-data/arch/mips64
+++ b/src/build-data/arch/mips64
@@ -3,30 +3,20 @@ realname "MIPS64"
default_submodel r4400
<submodels>
-mips64-r4000
-mips64-r4100
-mips64-r4300
-mips64-r4400
-mips64-r4600
-mips64-r4560
-mips64-r5000
-mips64-r8000
-mips64-r10000
+r4000
+r4100
+r4300
+r4400
+r4600
+r4560
+r5000
+r8000
+r10000
</submodels>
<submodel_aliases>
-r4k -> mips64-r4000
-r5k -> mips64-r5000
-r8k -> mips64-r8000
-r10k -> mips64-r10000
-
-r4000 -> mips64-r4000
-r4100 -> mips64-r4100
-r4300 -> mips64-r4300
-r4400 -> mips64-r4400
-r4600 -> mips64-r4600
-r4560 -> mips64-r4560
-r5000 -> mips64-r5000
-r8000 -> mips64-r8000
-r10000 -> mips64-r10000
+r4k -> r4000
+r5k -> r5000
+r8k -> r8000
+r10k -> r10000
</submodel_aliases>
diff --git a/src/build-data/arch/ppc b/src/build-data/arch/ppc
index 16112f389..e2dfa6ea2 100644
--- a/src/build-data/arch/ppc
+++ b/src/build-data/arch/ppc
@@ -1,6 +1,7 @@
realname "PowerPC"
endian big
+unaligned ok
default_submodel ppc604
diff --git a/src/build-data/arch/s390 b/src/build-data/arch/s390
index 392f51397..312b262c4 100644
--- a/src/build-data/arch/s390
+++ b/src/build-data/arch/s390
@@ -2,6 +2,9 @@ realname "S/390 31-bit"
default_submodel s390
+endian big
+unaligned ok
+
<submodels>
s390
</submodels>
diff --git a/src/build-data/arch/s390x b/src/build-data/arch/s390x
index 49fb0bda7..9fe6bd615 100644
--- a/src/build-data/arch/s390x
+++ b/src/build-data/arch/s390x
@@ -2,6 +2,9 @@ realname "S/390 64-bit"
default_submodel s390x
+endian big
+unaligned ok
+
<submodels>
s390x
</submodels>
diff --git a/src/build-data/botan.doxy.in b/src/build-data/botan.doxy.in
index 2da5e1244..87d6e58eb 100644
--- a/src/build-data/botan.doxy.in
+++ b/src/build-data/botan.doxy.in
@@ -97,7 +97,7 @@ FILTER_SOURCE_FILES = NO
#---------------------------------------------------------------------------
SOURCE_BROWSER = YES
INLINE_SOURCES = YES
-STRIP_CODE_COMMENTS = YES
+STRIP_CODE_COMMENTS = NO
REFERENCED_BY_RELATION = YES
REFERENCES_RELATION = YES
REFERENCES_LINK_SOURCE = YES
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index e4ab0f44b..bd900d412 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -22,6 +22,12 @@
#define BOTAN_KARAT_SQR_THRESHOLD 32
#define BOTAN_PRIVATE_KEY_OP_BLINDING_BITS 64
+/* Toggles for parallel block cipher mode processing */
+#define BOTAN_PARALLEL_BLOCKS_ECB 8
+#define BOTAN_PARALLEL_BLOCKS_CTR 8
+#define BOTAN_PARALLEL_BLOCKS_EAX 8
+#define BOTAN_PARALLEL_BLOCKS_XTS 8
+
/* PK key consistency checking toggles */
#define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 1
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 1
diff --git a/src/build-data/cc/gcc b/src/build-data/cc/gcc
index bde1e5822..7ab80b6ca 100644
--- a/src/build-data/cc/gcc
+++ b/src/build-data/cc/gcc
@@ -73,7 +73,6 @@ ppc64 -> "-mcpu=SUBMODEL" ppc
# Note that the 'linking' bit means "use this for both compiling *and* linking"
<mach_abi_linking>
amd64 -> "-m64"
-mips32 -> "-mabi=n32"
mips64 -> "-mabi=64"
s390 -> "-m31"
s390x -> "-m64"
@@ -84,6 +83,7 @@ ppc64 -> "-m64"
# This should probably be used on most/all targets, but the docs are incomplete
openbsd -> "-pthread"
freebsd -> "-pthread"
+dragonfly -> "-pthread"
netbsd -> "-pthread -D_NETBSD_SOURCE"
qnx -> "-fexceptions -D_QNX_SOURCE"
</mach_abi_linking>
diff --git a/src/build-data/cc/open64 b/src/build-data/cc/open64
new file mode 100644
index 000000000..b7c1e9e99
--- /dev/null
+++ b/src/build-data/cc/open64
@@ -0,0 +1,30 @@
+realname "Open64"
+
+binary_name "openCC"
+
+compile_option "-c "
+output_to_option "-o "
+add_include_dir_option "-I"
+add_lib_dir_option "-L"
+add_lib_option "-l"
+
+lib_opt_flags "-O3 -OPT:alias=TYPED"
+check_opt_flags "-O3 -OPT:alias=TYPED"
+debug_flags "-g3"
+no_debug_flags "-fomit-frame-pointer"
+shared_flags "-fPIC"
+lang_flags "-ansi -LANG:ansi-for-init-scope=ON"
+warning_flags "-Wall -W"
+
+dll_import_flags ""
+dll_export_flags ""
+
+makefile_style unix
+
+<so_link_flags>
+default -> "$(CXX) -shared -Wl,-soname,$(SONAME)"
+</so_link_flags>
+
+<mach_abi_linking>
+amd64 -> "-m64"
+</mach_abi_linking>
diff --git a/src/build-data/os/dragonfly b/src/build-data/os/dragonfly
new file mode 100644
index 000000000..7e3663435
--- /dev/null
+++ b/src/build-data/os/dragonfly
@@ -0,0 +1,11 @@
+realname "DragonFly"
+
+os_type unix
+
+<target_features>
+posix_mlock
+</target_features>
+
+<supports_shared>
+all
+</supports_shared>
diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp
index 352178fd2..5c2e28c39 100644
--- a/src/cert/cvc/cvc_cert.cpp
+++ b/src/cert/cvc/cvc_cert.cpp
@@ -58,7 +58,7 @@ void EAC1_1_CVC::force_decode()
if(cpi != 0)
throw Decoding_Error("EAC1_1 certificate´s cpi was not 0");
- // XXX: PK algos have no notion of EAC encoder/decoder currently
+ // FIXME: PK algos have no notion of EAC encoder/decoder currently
#if 0
ECDSA_PublicKey tmp_pk;
std::unique_ptr<EAC1_1_CVC_Decoder> dec = tmp_pk.cvc_eac1_1_decoder();
diff --git a/src/cert/cvc/cvc_req.cpp b/src/cert/cvc/cvc_req.cpp
index 5b2a2c4d4..aa29d8ee6 100644
--- a/src/cert/cvc/cvc_req.cpp
+++ b/src/cert/cvc/cvc_req.cpp
@@ -41,7 +41,7 @@ void EAC1_1_Req::force_decode()
throw Decoding_Error("EAC1_1 request´s cpi was not 0");
}
- // XXX: No EAC support in ECDSA
+ // FIXME: No EAC support in ECDSA
#if 0
ECDSA_PublicKey tmp_pk;
std::unique_ptr<EAC1_1_CVC_Decoder> dec = tmp_pk.cvc_eac1_1_decoder();
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index 47c46ca1c..6a81c40ec 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -86,7 +86,7 @@ EAC1_1_CVC create_self_signed_cert(Private_Key const& key,
std::unique_ptr<Botan::PK_Signer> signer(get_pk_signer(*priv_key, padding_and_hash));
-#if 0
+#if 0 // FIXME
std::unique_ptr<EAC1_1_CVC_Encoder> enc(priv_key->cvc_eac1_1_encoder());
MemoryVector<byte> enc_public_key = enc->public_key(sig_algo);
#else
@@ -224,7 +224,7 @@ EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer,
ECDSA_PublicKey* subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
subj_pk->set_parameter_encoding(ENC_EXPLICIT);
-#if 0
+#if 0 // FIXME
std::unique_ptr<EAC1_1_CVC_Encoder> enc(subj_pk->cvc_eac1_1_encoder());
MemoryVector<byte> enc_public_key = enc->public_key(sig_algo);
#else
diff --git a/src/codec/openpgp/openpgp.cpp b/src/codec/openpgp/openpgp.cpp
index 7f9cf5f9c..bfba828af 100644
--- a/src/codec/openpgp/openpgp.cpp
+++ b/src/codec/openpgp/openpgp.cpp
@@ -7,6 +7,7 @@
#include <botan/openpgp.h>
#include <botan/filters.h>
+#include <botan/basefilt.h>
#include <botan/charset.h>
#include <botan/crc24.h>
diff --git a/src/cryptobox/cryptobox.cpp b/src/cryptobox/cryptobox.cpp
new file mode 100644
index 000000000..c27bbaffa
--- /dev/null
+++ b/src/cryptobox/cryptobox.cpp
@@ -0,0 +1,146 @@
+/*
+* Cryptobox Message Routines
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/cryptobox.h>
+#include <botan/filters.h>
+#include <botan/pipe.h>
+#include <botan/serpent.h>
+#include <botan/sha2_64.h>
+#include <botan/ctr.h>
+#include <botan/hmac.h>
+#include <botan/pbkdf2.h>
+#include <botan/pem.h>
+#include <botan/loadstor.h>
+#include <botan/mem_ops.h>
+
+namespace Botan {
+
+namespace CryptoBox {
+
+namespace {
+
+/*
+First 24 bits of SHA-256("Botan Cryptobox"), followed by 8 0 bits
+for later use as flags, etc if needed
+*/
+const u32bit CRYPTOBOX_VERSION_CODE = 0xEFC22400;
+
+const u32bit VERSION_CODE_LEN = 4;
+const u32bit CIPHER_KEY_LEN = 32;
+const u32bit CIPHER_IV_LEN = 16;
+const u32bit MAC_KEY_LEN = 32;
+const u32bit MAC_OUTPUT_LEN = 20;
+const u32bit PBKDF_SALT_LEN = 10;
+const u32bit PBKDF_ITERATIONS = 8 * 1024;
+
+const u32bit PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN;
+
+}
+
+std::string encrypt(const byte input[], u32bit input_len,
+ const std::string& passphrase,
+ RandomNumberGenerator& rng)
+ {
+ SecureVector<byte> pbkdf_salt(PBKDF_SALT_LEN);
+ rng.randomize(pbkdf_salt.begin(), pbkdf_salt.size());
+
+ PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
+ pbkdf.change_salt(pbkdf_salt.begin(), pbkdf_salt.size());
+ pbkdf.set_iterations(PBKDF_ITERATIONS);
+
+ OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase);
+
+ SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN);
+ SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN);
+ InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN,
+ CIPHER_IV_LEN);
+
+ Pipe pipe(new CTR_BE(new Serpent, cipher_key, iv),
+ new Fork(
+ 0,
+ new MAC_Filter(new HMAC(new SHA_512),
+ mac_key, MAC_OUTPUT_LEN)));
+
+ pipe.process_msg(input, input_len);
+
+ /*
+ Output format is:
+ version # (4 bytes)
+ salt (10 bytes)
+ mac (20 bytes)
+ ciphertext
+ */
+ u32bit ciphertext_len = pipe.remaining(0);
+
+ SecureVector<byte> out_buf;
+
+ for(u32bit i = 0; i != VERSION_CODE_LEN; ++i)
+ out_buf.append(get_byte(i, CRYPTOBOX_VERSION_CODE));
+
+ out_buf.append(pbkdf_salt.begin(), pbkdf_salt.size());
+
+ out_buf.grow_to(out_buf.size() + MAC_OUTPUT_LEN + ciphertext_len);
+ pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN, MAC_OUTPUT_LEN, 1);
+ pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN,
+ ciphertext_len, 0);
+
+ return PEM_Code::encode(out_buf.begin(), out_buf.size(),
+ "BOTAN CRYPTOBOX MESSAGE");
+ }
+
+std::string decrypt(const byte input[], u32bit input_len,
+ const std::string& passphrase)
+ {
+ DataSource_Memory input_src(input, input_len);
+ SecureVector<byte> ciphertext =
+ PEM_Code::decode_check_label(input_src,
+ "BOTAN CRYPTOBOX MESSAGE");
+
+ if(ciphertext.size() < (VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN))
+ throw Decoding_Error("Invalid CryptoBox input");
+
+ for(u32bit i = 0; i != VERSION_CODE_LEN; ++i)
+ if(ciphertext[i] != get_byte(i, CRYPTOBOX_VERSION_CODE))
+ throw Decoding_Error("Bad CryptoBox version");
+
+ SecureVector<byte> pbkdf_salt(ciphertext + VERSION_CODE_LEN, PBKDF_SALT_LEN);
+
+ PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
+ pbkdf.change_salt(pbkdf_salt.begin(), pbkdf_salt.size());
+ pbkdf.set_iterations(PBKDF_ITERATIONS);
+
+ OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase);
+
+ SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN);
+ SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN);
+ InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN,
+ CIPHER_IV_LEN);
+
+ Pipe pipe(new Fork(
+ new CTR_BE(new Serpent, cipher_key, iv),
+ new MAC_Filter(new HMAC(new SHA_512),
+ mac_key, MAC_OUTPUT_LEN)));
+
+ const u32bit ciphertext_offset =
+ VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN;
+
+ pipe.process_msg(ciphertext + ciphertext_offset,
+ ciphertext.size() - ciphertext_offset);
+
+ byte computed_mac[MAC_OUTPUT_LEN];
+ pipe.read(computed_mac, MAC_OUTPUT_LEN, 1);
+
+ if(!same_mem(computed_mac, ciphertext + VERSION_CODE_LEN + PBKDF_SALT_LEN,
+ MAC_OUTPUT_LEN))
+ throw Integrity_Failure("CryptoBox integrity failure");
+
+ return pipe.read_all_as_string(0);
+ }
+
+}
+
+}
diff --git a/src/cryptobox/cryptobox.h b/src/cryptobox/cryptobox.h
new file mode 100644
index 000000000..a30cb244a
--- /dev/null
+++ b/src/cryptobox/cryptobox.h
@@ -0,0 +1,42 @@
+/*
+* Cryptobox Message Routines
+* (C) 2009 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_CRYPTOBOX_H__
+#define BOTAN_CRYPTOBOX_H__
+
+#include <string>
+#include <botan/rng.h>
+
+namespace Botan {
+
+namespace CryptoBox {
+
+/**
+* Encrypt a message
+* @param input the input data
+* @param input_len the length of input in bytes
+* @param passphrase the passphrase used to encrypt the message
+* @param rng a ref to a random number generator, such as AutoSeeded_RNG
+*/
+BOTAN_DLL std::string encrypt(const byte input[], u32bit input_len,
+ const std::string& passphrase,
+ RandomNumberGenerator& rng);
+
+/**
+* Decrypt a message encrypted with CryptoBox::encrypt
+* @param input the input data
+* @param input_len the length of input in bytes
+* @param passphrase the passphrase used to encrypt the message
+*/
+BOTAN_DLL std::string decrypt(const byte input[], u32bit input_len,
+ const std::string& passphrase);
+
+}
+
+}
+
+#endif
diff --git a/src/cryptobox/info.txt b/src/cryptobox/info.txt
new file mode 100644
index 000000000..b9b98060f
--- /dev/null
+++ b/src/cryptobox/info.txt
@@ -0,0 +1,22 @@
+realname "Crypto Box"
+
+load_on auto
+
+define CRYPTO_BOX
+
+<add>
+cryptobox.h
+cryptobox.cpp
+</add>
+
+<requires>
+filters
+ctr
+hmac
+rng
+serpent
+sha2
+base64
+pbkdf2
+pem
+</requires>
diff --git a/src/engine/openssl/ossl_md.cpp b/src/engine/openssl/ossl_md.cpp
index 08672cfc8..7c8fb678c 100644
--- a/src/engine/openssl/ossl_md.cpp
+++ b/src/engine/openssl/ossl_md.cpp
@@ -95,20 +95,30 @@ EVP_HashFunction::~EVP_HashFunction()
HashFunction* OpenSSL_Engine::find_hash(const SCAN_Name& request,
Algorithm_Factory&) const
{
+#ifndef OPENSSL_NO_SHA
if(request.algo_name() == "SHA-160")
return new EVP_HashFunction(EVP_sha1(), "SHA-160");
+#endif
+#ifndef OPENSSL_NO_MD2
if(request.algo_name() == "MD2")
return new EVP_HashFunction(EVP_md2(), "MD2");
+#endif
+#ifndef OPENSSL_NO_MD4
if(request.algo_name() == "MD4")
return new EVP_HashFunction(EVP_md4(), "MD4");
+#endif
+#ifndef OPENSSL_NO_MD5
if(request.algo_name() == "MD5")
return new EVP_HashFunction(EVP_md5(), "MD5");
+#endif
+#ifndef OPENSSL_NO_RIPEMD
if(request.algo_name() == "RIPEMD-160")
return new EVP_HashFunction(EVP_ripemd160(), "RIPEMD-160");
+#endif
return 0;
}
diff --git a/src/engine/sse2_eng/eng_sse2.cpp b/src/engine/sse2_eng/eng_sse2.cpp
index c738b3d96..9f68a070e 100644
--- a/src/engine/sse2_eng/eng_sse2.cpp
+++ b/src/engine/sse2_eng/eng_sse2.cpp
@@ -1,6 +1,6 @@
/**
* SSE2 Assembly Engine
-* (C) 1999-2008 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -11,10 +11,27 @@
#include <botan/sha1_sse2.h>
#endif
+#if defined(BOTAN_HAS_SERPENT_SSE2)
+ #include <botan/serp_sse2.h>
+#endif
+
namespace Botan {
-HashFunction* SSE2_Assembler_Engine::find_hash(const SCAN_Name& request,
- Algorithm_Factory&) const
+BlockCipher*
+SSE2_Assembler_Engine::find_block_cipher(const SCAN_Name& request,
+ Algorithm_Factory&) const
+ {
+#if defined(BOTAN_HAS_SERPENT_SSE2)
+ if(request.algo_name() == "Serpent")
+ return new Serpent_SSE2;
+#endif
+
+ return 0;
+ }
+
+HashFunction*
+SSE2_Assembler_Engine::find_hash(const SCAN_Name& request,
+ Algorithm_Factory&) const
{
#if defined(BOTAN_HAS_SHA1_SSE2)
if(request.algo_name() == "SHA-160")
diff --git a/src/engine/sse2_eng/eng_sse2.h b/src/engine/sse2_eng/eng_sse2.h
index 129697e8f..c6b0ce889 100644
--- a/src/engine/sse2_eng/eng_sse2.h
+++ b/src/engine/sse2_eng/eng_sse2.h
@@ -1,6 +1,6 @@
/**
* SSE2 Assembly Engine
-* (C) 1999-2008 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -17,6 +17,9 @@ class BOTAN_DLL SSE2_Assembler_Engine : public Engine
public:
std::string provider_name() const { return "sse2"; }
private:
+ BlockCipher* find_block_cipher(const SCAN_Name&,
+ Algorithm_Factory&) const;
+
HashFunction* find_hash(const SCAN_Name& reqeust,
Algorithm_Factory&) const;
};
diff --git a/src/engine/sse2_eng/info.txt b/src/engine/sse2_eng/info.txt
index 6242c7fee..7595b8eb5 100644
--- a/src/engine/sse2_eng/info.txt
+++ b/src/engine/sse2_eng/info.txt
@@ -10,6 +10,13 @@ eng_sse2.h
</add>
<arch>
-ia32
+pentium-m
+pentium4
+prescott
amd64
</arch>
+
+<cc>
+gcc
+icc
+</cc>
diff --git a/src/entropy/dev_random/info.txt b/src/entropy/dev_random/info.txt
index 6622886af..fddb7ac06 100644
--- a/src/entropy/dev_random/info.txt
+++ b/src/entropy/dev_random/info.txt
@@ -16,6 +16,7 @@ beos
cygwin
darwin
freebsd
+dragonfly
hpux
irix
linux
diff --git a/src/entropy/egd/es_egd.cpp b/src/entropy/egd/es_egd.cpp
index a2e3d3791..9e37f8f17 100644
--- a/src/entropy/egd/es_egd.cpp
+++ b/src/entropy/egd/es_egd.cpp
@@ -98,7 +98,7 @@ u32bit EGD_EntropySource::EGD_Socket::read(byte outbuf[], u32bit length)
return static_cast<u32bit>(count);
}
- catch(std::exception& e)
+ catch(std::exception)
{
this->close();
// Will attempt to reopen next poll
diff --git a/src/entropy/egd/info.txt b/src/entropy/egd/info.txt
index 6b34f395c..85ba86c00 100644
--- a/src/entropy/egd/info.txt
+++ b/src/entropy/egd/info.txt
@@ -20,6 +20,7 @@ aix
cygwin
darwin
freebsd
+dragonfly
hpux
irix
linux
diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp
index fe9dfec38..2016f099a 100644
--- a/src/entropy/proc_walk/es_ftw.cpp
+++ b/src/entropy/proc_walk/es_ftw.cpp
@@ -81,7 +81,7 @@ int Directory_Walker::next_fd()
if(S_ISDIR(stat_buf.st_mode))
add_directory(full_path);
- else if(S_ISREG(stat_buf.st_mode))
+ else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH))
{
int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY);
@@ -118,7 +118,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum)
if(!dir)
dir = new Directory_Walker(path);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(2048);
+ MemoryRegion<byte>& io_buffer = accum.get_io_buffer(128);
for(u32bit i = 0; i != MAX_FILES_READ_PER_POLL; ++i)
{
diff --git a/src/entropy/proc_walk/info.txt b/src/entropy/proc_walk/info.txt
index 9f4836458..db96ccdb8 100644
--- a/src/entropy/proc_walk/info.txt
+++ b/src/entropy/proc_walk/info.txt
@@ -15,6 +15,7 @@ aix
cygwin
darwin
freebsd
+dragonfly
hpux
irix
linux
diff --git a/src/filters/algo_filt.cpp b/src/filters/algo_filt.cpp
index 23f7a20cf..3268276a6 100644
--- a/src/filters/algo_filt.cpp
+++ b/src/filters/algo_filt.cpp
@@ -18,7 +18,7 @@ StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name) :
buffer(DEFAULT_BUFFERSIZE)
{
Algorithm_Factory& af = global_state().algorithm_factory();
- base_ptr = cipher = af.make_stream_cipher(sc_name);
+ cipher = af.make_stream_cipher(sc_name);
}
/*
@@ -27,7 +27,7 @@ StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name) :
StreamCipher_Filter::StreamCipher_Filter(StreamCipher* stream_cipher) :
buffer(DEFAULT_BUFFERSIZE)
{
- base_ptr = cipher = stream_cipher;
+ cipher = stream_cipher;
}
/*
@@ -38,7 +38,7 @@ StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name,
buffer(DEFAULT_BUFFERSIZE)
{
Algorithm_Factory& af = global_state().algorithm_factory();
- base_ptr = cipher = af.make_stream_cipher(sc_name);
+ cipher = af.make_stream_cipher(sc_name);
cipher->set_key(key);
}
@@ -95,7 +95,7 @@ MAC_Filter::MAC_Filter(const std::string& mac_name, u32bit len) :
OUTPUT_LENGTH(len)
{
Algorithm_Factory& af = global_state().algorithm_factory();
- base_ptr = mac = af.make_mac(mac_name);
+ mac = af.make_mac(mac_name);
}
/*
@@ -105,7 +105,7 @@ MAC_Filter::MAC_Filter(const std::string& mac_name, const SymmetricKey& key,
u32bit len) : OUTPUT_LENGTH(len)
{
Algorithm_Factory& af = global_state().algorithm_factory();
- base_ptr = mac = af.make_mac(mac_name);
+ mac = af.make_mac(mac_name);
mac->set_key(key);
}
diff --git a/src/filters/basefilt.cpp b/src/filters/basefilt.cpp
index 02dbd8a73..c91a5aa62 100644
--- a/src/filters/basefilt.cpp
+++ b/src/filters/basefilt.cpp
@@ -50,25 +50,4 @@ Fork::Fork(Filter* filters[], u32bit count)
set_next(filters, count);
}
-/*
-* Set the algorithm key
-*/
-void Keyed_Filter::set_key(const SymmetricKey& key)
- {
- if(base_ptr)
- base_ptr->set_key(key);
- else
- throw Invalid_State("Keyed_Filter::set_key: No base algorithm set");
- }
-
-/*
-* Check if a keylength is valid
-*/
-bool Keyed_Filter::valid_keylength(u32bit n) const
- {
- if(base_ptr)
- return base_ptr->valid_keylength(n);
- throw Invalid_State("Keyed_Filter::valid_keylength: No base algorithm set");
- }
-
}
diff --git a/src/filters/basefilt.h b/src/filters/basefilt.h
index 75625abb0..348ad6fd3 100644
--- a/src/filters/basefilt.h
+++ b/src/filters/basefilt.h
@@ -9,7 +9,6 @@
#define BOTAN_BASEFILT_H__
#include <botan/filter.h>
-#include <botan/sym_algo.h>
namespace Botan {
@@ -62,38 +61,6 @@ class BOTAN_DLL Fork : public Fanout_Filter
Fork(Filter* filter_arr[], u32bit length);
};
-/**
-* This class represents keyed filters, i.e. filters that have to be
-* fed with a key in order to function.
-*/
-class BOTAN_DLL Keyed_Filter : public Filter
- {
- public:
-
- /**
- * Set the key of this filter.
- * @param key the key to set
- */
- virtual void set_key(const SymmetricKey& key);
-
- /**
- * Set the initialization vector of this filter.
- * @param iv the initialization vector to set
- */
- virtual void set_iv(const InitializationVector&) {}
-
- /**
- * Check whether a key length is valid for this filter.
- * @param length the key length to be checked for validity
- * @return true if the key length is valid, false otherwise
- */
- virtual bool valid_keylength(u32bit length) const;
-
- Keyed_Filter() { base_ptr = 0; }
- protected:
- SymmetricAlgorithm* base_ptr;
- };
-
}
#endif
diff --git a/src/filters/fd_unix/info.txt b/src/filters/fd_unix/info.txt
index e1f30ea28..d87978cb0 100644
--- a/src/filters/fd_unix/info.txt
+++ b/src/filters/fd_unix/info.txt
@@ -16,6 +16,7 @@ beos
cygwin
darwin
freebsd
+dragonfly
hpux
irix
linux
diff --git a/src/filters/filters.h b/src/filters/filters.h
index 725651f7d..964be0bd8 100644
--- a/src/filters/filters.h
+++ b/src/filters/filters.h
@@ -15,7 +15,9 @@
#include <botan/pipe.h>
#include <botan/basefilt.h>
+#include <botan/key_filt.h>
#include <botan/data_snk.h>
+
#include <botan/scan_name.h>
#if defined(BOTAN_HAS_BASE64_CODEC)
@@ -36,6 +38,13 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter
public:
/**
+ * Write input data
+ * @param input data
+ * @param input_len length of input in bytes
+ */
+ void write(const byte input[], u32bit input_len);
+
+ /**
* Seek in the stream.
* @param position the position to seek ahead
*/
@@ -53,7 +62,20 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter
* @param iv the initialization vector to set
*/
void set_iv(const InitializationVector& iv);
- void write(const byte[], u32bit);
+
+ /**
+ * Set the key of this filter.
+ * @param key the key to set
+ */
+ void set_key(const SymmetricKey& key) { cipher->set_key(key); }
+
+ /**
+ * Check whether a key length is valid for this filter.
+ * @param length the key length to be checked for validity
+ * @return true if the key length is valid, false otherwise
+ */
+ bool valid_keylength(u32bit length) const
+ { return cipher->valid_keylength(length); }
/**
* Construct a stream cipher filter.
@@ -126,6 +148,20 @@ class BOTAN_DLL MAC_Filter : public Keyed_Filter
void end_msg();
/**
+ * Set the key of this filter.
+ * @param key the key to set
+ */
+ void set_key(const SymmetricKey& key) { mac->set_key(key); }
+
+ /**
+ * Check whether a key length is valid for this filter.
+ * @param length the key length to be checked for validity
+ * @return true if the key length is valid, false otherwise
+ */
+ bool valid_keylength(u32bit length) const
+ { return mac->valid_keylength(length); }
+
+ /**
* Construct a MAC filter. The MAC key will be left empty.
* @param mac the MAC to use
* @param len the output length of this filter. Leave the default
@@ -136,7 +172,7 @@ class BOTAN_DLL MAC_Filter : public Keyed_Filter
MAC_Filter(MessageAuthenticationCode* mac_obj,
u32bit out_len = 0) : OUTPUT_LENGTH(out_len)
{
- base_ptr = mac = mac_obj;
+ mac = mac_obj;
}
/**
@@ -152,7 +188,7 @@ class BOTAN_DLL MAC_Filter : public Keyed_Filter
const SymmetricKey& key,
u32bit out_len = 0) : OUTPUT_LENGTH(out_len)
{
- base_ptr = mac = mac_obj;
+ mac = mac_obj;
mac->set_key(key);
}
diff --git a/src/filters/info.txt b/src/filters/info.txt
index 79a92a9c5..fb8108659 100644
--- a/src/filters/info.txt
+++ b/src/filters/info.txt
@@ -17,6 +17,7 @@ data_src.h
filter.cpp
filter.h
filters.h
+key_filt.h
out_buf.cpp
out_buf.h
pbe.h
diff --git a/src/filters/key_filt.h b/src/filters/key_filt.h
new file mode 100644
index 000000000..36af91f88
--- /dev/null
+++ b/src/filters/key_filt.h
@@ -0,0 +1,45 @@
+/*
+* Keyed_Filter
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_KEYED_FILTER_H__
+#define BOTAN_KEYED_FILTER_H__
+
+#include <botan/filter.h>
+#include <botan/sym_algo.h>
+
+namespace Botan {
+
+/**
+* This class represents keyed filters, i.e. filters that have to be
+* fed with a key in order to function.
+*/
+class BOTAN_DLL Keyed_Filter : public Filter
+ {
+ public:
+ /**
+ * Set the key of this filter.
+ * @param key the key to set
+ */
+ virtual void set_key(const SymmetricKey& key) = 0;
+
+ /**
+ * Set the initialization vector of this filter.
+ * @param iv the initialization vector to set
+ */
+ virtual void set_iv(const InitializationVector&) {}
+
+ /**
+ * Check whether a key length is valid for this filter.
+ * @param length the key length to be checked for validity
+ * @return true if the key length is valid, false otherwise
+ */
+ virtual bool valid_keylength(u32bit length) const = 0;
+ };
+
+}
+
+#endif
diff --git a/src/hash/md4_ia32/info.txt b/src/hash/md4_ia32/info.txt
index e5287dc5d..fee7dd1a8 100644
--- a/src/hash/md4_ia32/info.txt
+++ b/src/hash/md4_ia32/info.txt
@@ -23,6 +23,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/hash/md4_ia32/md4_ia32_imp.S b/src/hash/md4_ia32/md4_ia32_imp.S
index 9b728c73d..ca04cbe4e 100644
--- a/src/hash/md4_ia32/md4_ia32_imp.S
+++ b/src/hash/md4_ia32/md4_ia32_imp.S
@@ -1,7 +1,9 @@
-/*************************************************
-* MD4 Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* MD4 Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/hash/md5_ia32/info.txt b/src/hash/md5_ia32/info.txt
index f69ab82e6..ad9923b26 100644
--- a/src/hash/md5_ia32/info.txt
+++ b/src/hash/md5_ia32/info.txt
@@ -23,6 +23,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/hash/md5_ia32/md5_ia32_imp.S b/src/hash/md5_ia32/md5_ia32_imp.S
index 7f9268a1e..8087bbdbc 100644
--- a/src/hash/md5_ia32/md5_ia32_imp.S
+++ b/src/hash/md5_ia32/md5_ia32_imp.S
@@ -1,7 +1,9 @@
-/*************************************************
-* MD5 Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* MD5 Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/hash/sha1_amd64/sha1_amd64_imp.S b/src/hash/sha1_amd64/sha1_amd64_imp.S
index f20494999..34a8318ed 100644
--- a/src/hash/sha1_amd64/sha1_amd64_imp.S
+++ b/src/hash/sha1_amd64/sha1_amd64_imp.S
@@ -1,7 +1,9 @@
-/*************************************************
-* SHA-160 Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* SHA-160 Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/hash/sha1_ia32/info.txt b/src/hash/sha1_ia32/info.txt
index ca14028b8..bfb321145 100644
--- a/src/hash/sha1_ia32/info.txt
+++ b/src/hash/sha1_ia32/info.txt
@@ -23,6 +23,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/hash/sha1_ia32/sha1_ia32_imp.S b/src/hash/sha1_ia32/sha1_ia32_imp.S
index b7f881383..e76b9fb76 100644
--- a/src/hash/sha1_ia32/sha1_ia32_imp.S
+++ b/src/hash/sha1_ia32/sha1_ia32_imp.S
@@ -1,7 +1,9 @@
-/*************************************************
-* SHA-160 Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* SHA-160 Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/hash/sha1_sse2/info.txt b/src/hash/sha1_sse2/info.txt
index b8d693b70..995c2513e 100644
--- a/src/hash/sha1_sse2/info.txt
+++ b/src/hash/sha1_sse2/info.txt
@@ -10,18 +10,6 @@ sha1_sse2.cpp
sha1_sse2.h
</add>
-<arch>
-pentium-m
-pentium4
-prescott
-amd64
-</arch>
-
-<cc>
-gcc
-icc
-</cc>
-
<requires>
sha1
sse2_eng
diff --git a/src/libstate/info.txt b/src/libstate/info.txt
index 7ca35c5a4..6eaa2f70b 100644
--- a/src/libstate/info.txt
+++ b/src/libstate/info.txt
@@ -1,6 +1,6 @@
realname "Botan Libstate Module"
-load_on auto
+load_on always
define LIBSTATE_MODULE
diff --git a/src/libstate/pk_engine.h b/src/libstate/pk_engine.h
index 3f8650a4e..256a47c20 100644
--- a/src/libstate/pk_engine.h
+++ b/src/libstate/pk_engine.h
@@ -9,6 +9,7 @@
#define BOTAN_ENGINE_PK_LOOKUP_H__
#include <botan/bigint.h>
+#include <botan/pow_mod.h>
#if defined(BOTAN_HAS_IF_PUBLIC_KEY_FAMILY)
#include <botan/if_op.h>
diff --git a/src/libstate/scan_name.cpp b/src/libstate/scan_name.cpp
index 4ca6e6d59..889ef7367 100644
--- a/src/libstate/scan_name.cpp
+++ b/src/libstate/scan_name.cpp
@@ -1,6 +1,6 @@
/**
-SCAN Name Abstraction
-(C) 2008 Jack Lloyd
+* SCAN Name Abstraction
+* (C) 2008 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
diff --git a/src/libstate/scan_name.h b/src/libstate/scan_name.h
index 9e7af40d6..b3f2004e2 100644
--- a/src/libstate/scan_name.h
+++ b/src/libstate/scan_name.h
@@ -1,6 +1,6 @@
/**
-SCAN Name Abstraction
-(C) 2008 Jack Lloyd
+* SCAN Name Abstraction
+* (C) 2008 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
diff --git a/src/mac/mac.cpp b/src/mac/mac.cpp
index 96df25503..04b259647 100644
--- a/src/mac/mac.cpp
+++ b/src/mac/mac.cpp
@@ -1,6 +1,6 @@
/**
-Message Authentication Code base class
-(C) 1999-2008 Jack Lloyd
+* Message Authentication Code base class
+* (C) 1999-2008 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
diff --git a/src/math/bigint/monty_amd64/info.txt b/src/math/bigint/monty_amd64/info.txt
index 7fb70da46..a897045b2 100644
--- a/src/math/bigint/monty_amd64/info.txt
+++ b/src/math/bigint/monty_amd64/info.txt
@@ -21,6 +21,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/math/bigint/monty_amd64/mp_monty.S b/src/math/bigint/monty_amd64/mp_monty.S
index 3dd4040bc..22045c369 100644
--- a/src/math/bigint/monty_amd64/mp_monty.S
+++ b/src/math/bigint/monty_amd64/mp_monty.S
@@ -1,7 +1,9 @@
-/*************************************************
-* Montgomery Reduction Source File *
-* (C) 2008 Jack Lloyd *
-*************************************************/
+/*
+* Montgomery Reduction Source File
+* (C) 2008 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/math/bigint/mp_asm64/mp_asm.h b/src/math/bigint/mp_asm64/mp_asm.h
index d1583e236..c9159eaa7 100644
--- a/src/math/bigint/mp_asm64/mp_asm.h
+++ b/src/math/bigint/mp_asm64/mp_asm.h
@@ -57,7 +57,7 @@ namespace Botan {
// with 64-bit registers/ALU, but no 64x64->128 multiply.
inline void bigint_2word_mul(word a, word b, word* z1, word* z0)
{
- const u32bit MP_HWORD_BITS = MP_WORD_BITS / 2;
+ const u32bit MP_HWORD_BITS = BOTAN_MP_WORD_BITS / 2;
const word MP_HWORD_MASK = ((word)1 << MP_HWORD_BITS) - 1;
const word a_hi = (a >> MP_HWORD_BITS);
diff --git a/src/math/bigint/mulop_amd64/info.txt b/src/math/bigint/mulop_amd64/info.txt
index c4b14db93..77990df80 100644
--- a/src/math/bigint/mulop_amd64/info.txt
+++ b/src/math/bigint/mulop_amd64/info.txt
@@ -21,6 +21,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/math/bigint/mulop_amd64/mp_mulop_amd64.S b/src/math/bigint/mulop_amd64/mp_mulop_amd64.S
index e5bba23fb..63ac55e95 100644
--- a/src/math/bigint/mulop_amd64/mp_mulop_amd64.S
+++ b/src/math/bigint/mulop_amd64/mp_mulop_amd64.S
@@ -1,7 +1,9 @@
-/*************************************************
-* Simple O(N^2) Multiplication and Squaring *
-* (C) 1999-2008 Jack Lloyd *
-*************************************************/
+/*
+* Simple O(N^2) Multiplication and Squaring
+* (C) 1999-2008 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/math/bigint/mulop_ia32/info.txt b/src/math/bigint/mulop_ia32/info.txt
index a7b525bfb..b995dd8d7 100644
--- a/src/math/bigint/mulop_ia32/info.txt
+++ b/src/math/bigint/mulop_ia32/info.txt
@@ -23,6 +23,7 @@ icc
<os>
linux
freebsd
+dragonfly
netbsd
openbsd
solaris
diff --git a/src/math/bigint/mulop_ia32/mp_mulop.S b/src/math/bigint/mulop_ia32/mp_mulop.S
index a5f0d3b27..716166fd9 100644
--- a/src/math/bigint/mulop_ia32/mp_mulop.S
+++ b/src/math/bigint/mulop_ia32/mp_mulop.S
@@ -1,7 +1,9 @@
-/*************************************************
-* Multiply/Add Algorithm Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
+/*
+* Multiply/Add Algorithm Source File
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
#include <botan/asm_macr.h>
diff --git a/src/modes/ctr/ctr.cpp b/src/modes/ctr/ctr.cpp
index 9eb42ec5a..d458d7848 100644
--- a/src/modes/ctr/ctr.cpp
+++ b/src/modes/ctr/ctr.cpp
@@ -1,6 +1,6 @@
/*
* CTR Mode
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -11,12 +11,21 @@
namespace Botan {
+namespace {
+
+const u32bit PARALLEL_BLOCKS = BOTAN_PARALLEL_BLOCKS_CTR;
+
+}
+
/*
* CTR-BE Constructor
*/
-CTR_BE::CTR_BE(BlockCipher* ciph) :
- BlockCipherMode(ciph, "CTR-BE", ciph->BLOCK_SIZE, 1)
+CTR_BE::CTR_BE(BlockCipher* ciph) : cipher(ciph)
{
+ position = 0;
+
+ counter.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS);
+ enc_buffer.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS);
}
/*
@@ -24,39 +33,88 @@ CTR_BE::CTR_BE(BlockCipher* ciph) :
*/
CTR_BE::CTR_BE(BlockCipher* ciph, const SymmetricKey& key,
const InitializationVector& iv) :
- BlockCipherMode(ciph, "CTR-BE", ciph->BLOCK_SIZE, 1)
+ cipher(ciph)
{
- set_key(key);
+ position = 0;
+
+ counter.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS);
+ enc_buffer.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS);
+
+ cipher->set_key(key);
set_iv(iv);
}
/*
+* CTR_BE Destructor
+*/
+CTR_BE::~CTR_BE()
+ {
+ delete cipher;
+ }
+
+/*
+* Return the name of this type
+*/
+std::string CTR_BE::name() const
+ {
+ return ("CTR-BE/" + cipher->name());
+ }
+
+/*
+* Set CTR-BE IV
+*/
+void CTR_BE::set_iv(const InitializationVector& iv)
+ {
+ const u32bit BLOCK_SIZE = cipher->BLOCK_SIZE;
+
+ if(iv.length() != BLOCK_SIZE)
+ throw Invalid_IV_Length(name(), iv.length());
+
+ enc_buffer.clear();
+ position = 0;
+
+ counter.copy(0, iv.begin(), iv.length());
+
+ for(u32bit i = 1; i != PARALLEL_BLOCKS; ++i)
+ {
+ counter.copy(i*BLOCK_SIZE,
+ counter.begin() + (i-1)*BLOCK_SIZE, BLOCK_SIZE);
+
+ for(s32bit j = BLOCK_SIZE - 1; j >= 0; --j)
+ if(++counter[i*BLOCK_SIZE+j])
+ break;
+ }
+
+ cipher->encrypt_n(counter, enc_buffer, PARALLEL_BLOCKS);
+ }
+
+/*
* CTR-BE Encryption/Decryption
*/
void CTR_BE::write(const byte input[], u32bit length)
{
- u32bit copied = std::min(BLOCK_SIZE - position, length);
- xor_buf(buffer + position, input, copied);
- send(buffer + position, copied);
+ u32bit copied = std::min(enc_buffer.size() - position, length);
+ xor_buf(enc_buffer + position, input, copied);
+ send(enc_buffer + position, copied);
input += copied;
length -= copied;
position += copied;
- if(position == BLOCK_SIZE)
+ if(position == enc_buffer.size())
increment_counter();
- while(length >= BLOCK_SIZE)
+ while(length >= enc_buffer.size())
{
- xor_buf(buffer, input, BLOCK_SIZE);
- send(buffer, BLOCK_SIZE);
+ xor_buf(enc_buffer, input, enc_buffer.size());
+ send(enc_buffer, enc_buffer.size());
- input += BLOCK_SIZE;
- length -= BLOCK_SIZE;
+ input += enc_buffer.size();
+ length -= enc_buffer.size();
increment_counter();
}
- xor_buf(buffer + position, input, length);
- send(buffer + position, length);
+ xor_buf(enc_buffer + position, input, length);
+ send(enc_buffer + position, length);
position += length;
}
@@ -65,10 +123,23 @@ void CTR_BE::write(const byte input[], u32bit length)
*/
void CTR_BE::increment_counter()
{
- for(s32bit j = BLOCK_SIZE - 1; j >= 0; --j)
- if(++state[j])
- break;
- cipher->encrypt(state, buffer);
+ for(u32bit i = 0; i != PARALLEL_BLOCKS; ++i)
+ {
+ byte* this_ctr = counter + i*cipher->BLOCK_SIZE;
+
+ byte last_byte = this_ctr[cipher->BLOCK_SIZE-1];
+ last_byte += PARALLEL_BLOCKS;
+
+ if(this_ctr[cipher->BLOCK_SIZE-1] > last_byte)
+ for(s32bit j = cipher->BLOCK_SIZE - 2; j >= 0; --j)
+ if(++this_ctr[j])
+ break;
+
+ this_ctr[cipher->BLOCK_SIZE-1] = last_byte;
+ }
+
+ cipher->encrypt_n(counter, enc_buffer, PARALLEL_BLOCKS);
+
position = 0;
}
diff --git a/src/modes/ctr/ctr.h b/src/modes/ctr/ctr.h
index aa0db5761..1948ffe48 100644
--- a/src/modes/ctr/ctr.h
+++ b/src/modes/ctr/ctr.h
@@ -8,22 +8,37 @@
#ifndef BOTAN_COUNTER_MODE_H__
#define BOTAN_COUNTER_MODE_H__
-#include <botan/modebase.h>
-#include <botan/modebase.h>
+#include <botan/key_filt.h>
+#include <botan/block_cipher.h>
namespace Botan {
/*
* CTR-BE Mode
*/
-class BOTAN_DLL CTR_BE : public BlockCipherMode
+class BOTAN_DLL CTR_BE : public Keyed_Filter
{
public:
+ std::string name() const;
+
+ void set_iv(const InitializationVector&);
+
+ void set_key(const SymmetricKey& key) { cipher->set_key(key); }
+
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
CTR_BE(BlockCipher*);
CTR_BE(BlockCipher*, const SymmetricKey&, const InitializationVector&);
+
+ ~CTR_BE();
private:
void write(const byte[], u32bit);
void increment_counter();
+
+ BlockCipher* cipher;
+ SecureVector<byte> counter, enc_buffer;
+ u32bit position;
};
}
diff --git a/src/modes/eax/eax.h b/src/modes/eax/eax.h
index 1bb2e510d..f569f2ede 100644
--- a/src/modes/eax/eax.h
+++ b/src/modes/eax/eax.h
@@ -8,7 +8,7 @@
#ifndef BOTAN_EAX_H__
#define BOTAN_EAX_H__
-#include <botan/basefilt.h>
+#include <botan/key_filt.h>
#include <botan/block_cipher.h>
#include <botan/mac.h>
diff --git a/src/modes/ecb/ecb.cpp b/src/modes/ecb/ecb.cpp
index 8da0a4802..988a8b3f2 100644
--- a/src/modes/ecb/ecb.cpp
+++ b/src/modes/ecb/ecb.cpp
@@ -9,22 +9,60 @@
namespace Botan {
+namespace {
+
+const u32bit PARALLEL_BLOCKS = BOTAN_PARALLEL_BLOCKS_ECB;
+
+}
+
/*
-* Verify the IV is not set
+* ECB_Encryption Constructor
*/
-bool ECB::valid_iv_size(u32bit iv_size) const
+ECB_Encryption::ECB_Encryption(BlockCipher* ciph,
+ BlockCipherModePaddingMethod* pad)
{
- if(iv_size == 0)
- return true;
- return false;
+ cipher = ciph;
+ padder = pad;
+
+ plaintext.create(cipher->BLOCK_SIZE);
+ ciphertext.create(cipher->BLOCK_SIZE * PARALLEL_BLOCKS);
+
+ position = 0;
+ }
+
+/*
+* ECB_Encryption Constructor
+*/
+ECB_Encryption::ECB_Encryption(BlockCipher* ciph,
+ BlockCipherModePaddingMethod* pad,
+ const SymmetricKey& key)
+ {
+ cipher = ciph;
+ padder = pad;
+
+ plaintext.create(cipher->BLOCK_SIZE);
+ ciphertext.create(cipher->BLOCK_SIZE * PARALLEL_BLOCKS);
+
+ position = 0;
+
+ cipher->set_key(key);
+ }
+
+/*
+* ECB_Encryption Destructor
+*/
+ECB_Encryption::~ECB_Encryption()
+ {
+ delete cipher;
+ delete padder;
}
/*
* Return an ECB mode name
*/
-std::string ECB::name() const
+std::string ECB_Encryption::name() const
{
- return (cipher->name() + "/" + mode_name + "/" + padder->name());
+ return (cipher->name() + "/ECB/" + padder->name());
}
/*
@@ -32,23 +70,34 @@ std::string ECB::name() const
*/
void ECB_Encryption::write(const byte input[], u32bit length)
{
- buffer.copy(position, input, length);
- if(position + length >= BLOCK_SIZE)
+ const u32bit BLOCK_SIZE = cipher->BLOCK_SIZE;
+
+ if(position)
{
- cipher->encrypt(buffer);
- send(buffer, BLOCK_SIZE);
- input += (BLOCK_SIZE - position);
- length -= (BLOCK_SIZE - position);
- while(length >= BLOCK_SIZE)
+ plaintext.copy(position, input, length);
+
+ if(position + length >= BLOCK_SIZE)
{
- cipher->encrypt(input, buffer);
- send(buffer, BLOCK_SIZE);
- input += BLOCK_SIZE;
- length -= BLOCK_SIZE;
+ cipher->encrypt(plaintext, ciphertext);
+ send(ciphertext, BLOCK_SIZE);
+ input += (BLOCK_SIZE - position);
+ length -= (BLOCK_SIZE - position);
+ position = 0;
}
- buffer.copy(input, length);
- position = 0;
}
+
+ while(length >= BLOCK_SIZE)
+ {
+ const u32bit to_proc =
+ std::min<u32bit>(length, ciphertext.size()) / BLOCK_SIZE;
+
+ cipher->encrypt_n(input, ciphertext, to_proc);
+ send(ciphertext, to_proc * BLOCK_SIZE);
+ input += to_proc * BLOCK_SIZE;
+ length -= to_proc * BLOCK_SIZE;
+ }
+
+ plaintext.copy(position, input, length);
position += length;
}
@@ -57,6 +106,8 @@ void ECB_Encryption::write(const byte input[], u32bit length)
*/
void ECB_Encryption::end_msg()
{
+ const u32bit BLOCK_SIZE = cipher->BLOCK_SIZE;
+
SecureVector<byte> padding(BLOCK_SIZE);
padder->pad(padding, padding.size(), position);
write(padding, padder->pad_bytes(BLOCK_SIZE, position));
@@ -65,27 +116,93 @@ void ECB_Encryption::end_msg()
}
/*
+* ECB_Decryption Constructor
+*/
+ECB_Decryption::ECB_Decryption(BlockCipher* ciph,
+ BlockCipherModePaddingMethod* pad)
+ {
+ cipher = ciph;
+ padder = pad;
+
+ ciphertext.create(cipher->BLOCK_SIZE);
+ plaintext.create(cipher->BLOCK_SIZE * PARALLEL_BLOCKS);
+
+ position = 0;
+ }
+
+/*
+* ECB_Decryption Constructor
+*/
+ECB_Decryption::ECB_Decryption(BlockCipher* ciph,
+ BlockCipherModePaddingMethod* pad,
+ const SymmetricKey& key)
+ {
+ cipher = ciph;
+ padder = pad;
+
+ ciphertext.create(cipher->BLOCK_SIZE);
+ plaintext.create(cipher->BLOCK_SIZE * PARALLEL_BLOCKS);
+
+ position = 0;
+
+ cipher->set_key(key);
+ }
+
+/*
+* ECB_Decryption Destructor
+*/
+ECB_Decryption::~ECB_Decryption()
+ {
+ delete cipher;
+ delete padder;
+ }
+
+/*
+* Return an ECB mode name
+*/
+std::string ECB_Decryption::name() const
+ {
+ return (cipher->name() + "/ECB/" + padder->name());
+ }
+
+/*
* Decrypt in ECB mode
*/
void ECB_Decryption::write(const byte input[], u32bit length)
{
- buffer.copy(position, input, length);
- if(position + length > BLOCK_SIZE)
+ const u32bit BLOCK_SIZE = cipher->BLOCK_SIZE;
+
+ if(position)
{
- cipher->decrypt(buffer);
- send(buffer, BLOCK_SIZE);
- input += (BLOCK_SIZE - position);
- length -= (BLOCK_SIZE - position);
- while(length > BLOCK_SIZE)
+ ciphertext.copy(position, input, length);
+
+ if(position + length > BLOCK_SIZE)
{
- cipher->decrypt(input, buffer);
- send(buffer, BLOCK_SIZE);
- input += BLOCK_SIZE;
- length -= BLOCK_SIZE;
+ cipher->decrypt(ciphertext, plaintext);
+ send(plaintext, BLOCK_SIZE);
+ input += (BLOCK_SIZE - position);
+ length -= (BLOCK_SIZE - position);
+ position = 0;
}
- buffer.copy(input, length);
- position = 0;
}
+
+ while(length > BLOCK_SIZE)
+ {
+ /* Always leave at least 1 byte left over, to ensure that (as long
+ as the input message actually is a multiple of the block size)
+ we will have the full final block left over in end_msg so as
+ to remove the padding
+ */
+ const u32bit to_proc =
+ std::min<u32bit>(length - 1, plaintext.size()) / BLOCK_SIZE;
+
+ cipher->decrypt_n(input, plaintext, to_proc);
+ send(plaintext, to_proc * BLOCK_SIZE);
+ input += to_proc * BLOCK_SIZE;
+ length -= to_proc * BLOCK_SIZE;
+ }
+
+ ciphertext.copy(position, input, length);
position += length;
}
@@ -94,11 +211,11 @@ void ECB_Decryption::write(const byte input[], u32bit length)
*/
void ECB_Decryption::end_msg()
{
- if(position != BLOCK_SIZE)
+ if(position != cipher->BLOCK_SIZE)
throw Decoding_Error(name());
- cipher->decrypt(buffer);
- send(buffer, padder->unpad(buffer, BLOCK_SIZE));
- state = buffer;
+
+ cipher->decrypt(ciphertext);
+ send(ciphertext, padder->unpad(ciphertext, cipher->BLOCK_SIZE));
position = 0;
}
diff --git a/src/modes/ecb/ecb.h b/src/modes/ecb/ecb.h
index 5230f9b14..ff9ea9635 100644
--- a/src/modes/ecb/ecb.h
+++ b/src/modes/ecb/ecb.h
@@ -1,6 +1,6 @@
/*
* ECB Mode
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -8,64 +8,74 @@
#ifndef BOTAN_ECB_H__
#define BOTAN_ECB_H__
-#include <botan/modebase.h>
-#include <botan/mode_pad.h>
+#include <botan/basefilt.h>
#include <botan/block_cipher.h>
+#include <botan/mode_pad.h>
-namespace Botan {
-
-/*
-* ECB
-*/
-class BOTAN_DLL ECB : public BlockCipherMode
- {
- protected:
- ECB(BlockCipher* ciph, BlockCipherModePaddingMethod* pad) :
- BlockCipherMode(ciph, "ECB", 0), padder(pad) {}
- ~ECB() { delete padder; }
+#include <botan/modebase.h>
- std::string name() const;
- BlockCipherModePaddingMethod* padder;
- private:
- bool valid_iv_size(u32bit) const;
- };
+namespace Botan {
/*
* ECB Encryption
*/
-class BOTAN_DLL ECB_Encryption : public ECB
+class BOTAN_DLL ECB_Encryption : public Keyed_Filter
{
public:
+ std::string name() const;
+
+ void set_key(const SymmetricKey& key) { cipher->set_key(key); }
+
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
ECB_Encryption(BlockCipher* ciph,
- BlockCipherModePaddingMethod* pad) :
- ECB(ciph, pad) {}
+ BlockCipherModePaddingMethod* pad);
ECB_Encryption(BlockCipher* ciph,
BlockCipherModePaddingMethod* pad,
- const SymmetricKey& key) :
- ECB(ciph, pad) { set_key(key); }
+ const SymmetricKey& key);
+
+ ~ECB_Encryption();
private:
void write(const byte[], u32bit);
void end_msg();
+
+ BlockCipher* cipher;
+ BlockCipherModePaddingMethod* padder;
+ SecureVector<byte> plaintext, ciphertext;
+ u32bit position;
};
/*
* ECB Decryption
*/
-class BOTAN_DLL ECB_Decryption : public ECB
+class BOTAN_DLL ECB_Decryption : public Keyed_Filter
{
public:
+ std::string name() const;
+
+ void set_key(const SymmetricKey& key) { cipher->set_key(key); }
+
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
ECB_Decryption(BlockCipher* ciph,
- BlockCipherModePaddingMethod* pad) :
- ECB(ciph, pad) {}
+ BlockCipherModePaddingMethod* pad);
ECB_Decryption(BlockCipher* ciph,
BlockCipherModePaddingMethod* pad,
- const SymmetricKey& key) :
- ECB(ciph, pad) { set_key(key); }
+ const SymmetricKey& key);
+
+ ~ECB_Decryption();
private:
void write(const byte[], u32bit);
void end_msg();
+
+ BlockCipher* cipher;
+ BlockCipherModePaddingMethod* padder;
+ SecureVector<byte> plaintext, ciphertext;
+ u32bit position;
};
}
diff --git a/src/modes/modebase.cpp b/src/modes/modebase.cpp
index 8293acc54..b048862a4 100644
--- a/src/modes/modebase.cpp
+++ b/src/modes/modebase.cpp
@@ -19,7 +19,7 @@ BlockCipherMode::BlockCipherMode(BlockCipher* cipher_ptr,
BLOCK_SIZE(cipher_ptr->BLOCK_SIZE), BUFFER_SIZE(buf_mult * BLOCK_SIZE),
IV_METHOD(iv_meth), mode_name(cipher_mode_name)
{
- base_ptr = cipher = cipher_ptr;
+ cipher = cipher_ptr;
buffer.create(BUFFER_SIZE);
state.create(iv_size);
position = 0;
diff --git a/src/modes/modebase.h b/src/modes/modebase.h
index 173fde58c..4a15524b6 100644
--- a/src/modes/modebase.h
+++ b/src/modes/modebase.h
@@ -8,7 +8,7 @@
#ifndef BOTAN_MODEBASE_H__
#define BOTAN_MODEBASE_H__
-#include <botan/basefilt.h>
+#include <botan/key_filt.h>
#include <botan/block_cipher.h>
namespace Botan {
@@ -21,12 +21,17 @@ class BOTAN_DLL BlockCipherMode : public Keyed_Filter
public:
std::string name() const;
+ void set_iv(const InitializationVector&);
+ void set_key(const SymmetricKey& key) { cipher->set_key(key); }
+
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
BlockCipherMode(BlockCipher*, const std::string&,
u32bit, u32bit = 0, u32bit = 1);
virtual ~BlockCipherMode() { delete cipher; }
protected:
- void set_iv(const InitializationVector&);
const u32bit BLOCK_SIZE, BUFFER_SIZE, IV_METHOD;
const std::string mode_name;
BlockCipher* cipher;
diff --git a/src/modes/xts/xts.cpp b/src/modes/xts/xts.cpp
index 8819c85dc..8780ae166 100644
--- a/src/modes/xts/xts.cpp
+++ b/src/modes/xts/xts.cpp
@@ -41,7 +41,6 @@ XTS_Encryption::XTS_Encryption(BlockCipher* ciph) : cipher(ciph)
throw std::invalid_argument("Bad cipher for XTS: " + cipher->name());
cipher2 = cipher->clone();
- buffer.create(cipher->BLOCK_SIZE);
tweak.create(cipher->BLOCK_SIZE);
buffer.create(2 * cipher->BLOCK_SIZE);
position = 0;
@@ -58,7 +57,6 @@ XTS_Encryption::XTS_Encryption(BlockCipher* ciph,
throw std::invalid_argument("Bad cipher for XTS: " + cipher->name());
cipher2 = cipher->clone();
- buffer.create(cipher->BLOCK_SIZE);
tweak.create(cipher->BLOCK_SIZE);
buffer.create(2 * cipher->BLOCK_SIZE);
position = 0;
@@ -188,6 +186,8 @@ void XTS_Encryption::end_msg()
send(buffer, position);
}
+
+ position = 0;
}
/*
@@ -197,7 +197,6 @@ XTS_Decryption::XTS_Decryption(BlockCipher* ciph)
{
cipher = ciph;
cipher2 = ciph->clone();
- buffer.create(cipher->BLOCK_SIZE);
tweak.create(cipher->BLOCK_SIZE);
buffer.create(2 * cipher->BLOCK_SIZE);
position = 0;
@@ -212,7 +211,6 @@ XTS_Decryption::XTS_Decryption(BlockCipher* ciph,
{
cipher = ciph;
cipher2 = ciph->clone();
- buffer.create(cipher->BLOCK_SIZE);
tweak.create(cipher->BLOCK_SIZE);
buffer.create(2 * cipher->BLOCK_SIZE);
position = 0;
@@ -339,6 +337,8 @@ void XTS_Decryption::end_msg()
send(buffer, position);
}
+
+ position = 0;
}
}
diff --git a/src/modes/xts/xts.h b/src/modes/xts/xts.h
index 01558175b..9badd3666 100644
--- a/src/modes/xts/xts.h
+++ b/src/modes/xts/xts.h
@@ -8,7 +8,7 @@
#ifndef BOTAN_XTS_H__
#define BOTAN_XTS_H__
-#include <botan/basefilt.h>
+#include <botan/key_filt.h>
#include <botan/block_cipher.h>
namespace Botan {
@@ -22,6 +22,9 @@ class BOTAN_DLL XTS_Encryption : public Keyed_Filter
void set_key(const SymmetricKey& key);
void set_iv(const InitializationVector& iv);
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
std::string name() const;
XTS_Encryption(BlockCipher* ciph);
@@ -52,6 +55,9 @@ class BOTAN_DLL XTS_Decryption : public Keyed_Filter
void set_key(const SymmetricKey& key);
void set_iv(const InitializationVector& iv);
+ bool valid_keylength(u32bit key_len) const
+ { return cipher->valid_keylength(key_len); }
+
std::string name() const;
XTS_Decryption(BlockCipher* ciph);
diff --git a/src/pubkey/dsa/dsa_core.cpp b/src/pubkey/dsa/dsa_core.cpp
index e144d2467..e5a23a5c3 100644
--- a/src/pubkey/dsa/dsa_core.cpp
+++ b/src/pubkey/dsa/dsa_core.cpp
@@ -13,12 +13,6 @@
namespace Botan {
-namespace {
-
-const u32bit BLINDING_BITS = BOTAN_PRIVATE_KEY_OP_BLINDING_BITS;
-
-}
-
/*
* DSA_Core Constructor
*/
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index bebfc3705..6c7d02c74 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -57,7 +57,7 @@ void EC_PublicKey::X509_load_hook()
affirm_init();
mp_public_point->check_invariants();
}
- catch(Illegal_Point exc)
+ catch(Illegal_Point)
{
throw Decoding_Error("decoded public point was found not to lie on curve");
}
diff --git a/src/pubkey/eckaeg/eckaeg.cpp b/src/pubkey/eckaeg/eckaeg.cpp
index 1b315d101..5787f062d 100644
--- a/src/pubkey/eckaeg/eckaeg.cpp
+++ b/src/pubkey/eckaeg/eckaeg.cpp
@@ -129,9 +129,10 @@ MemoryVector<byte> ECKAEG_PrivateKey::public_value() const
/**
* Derive a key
*/
-SecureVector<byte> ECKAEG_PrivateKey::derive_key(const byte key[], u32bit key_len) const
+SecureVector<byte> ECKAEG_PrivateKey::derive_key(const byte key[],
+ u32bit key_len) const
{
- MemoryVector<byte> key_x(key, key_len); // XXX fix this, nasty/slow
+ MemoryVector<byte> key_x(key, key_len); // FIXME: nasty/slow
PointGFp point = OS2ECP(key_x, public_point().get_curve());
return m_eckaeg_core.agree(point);
diff --git a/src/pubkey/pk_codecs/pkcs8.h b/src/pubkey/pk_codecs/pkcs8.h
index 87f8ba326..28008bdba 100644
--- a/src/pubkey/pk_codecs/pkcs8.h
+++ b/src/pubkey/pk_codecs/pkcs8.h
@@ -30,7 +30,7 @@ class BOTAN_DLL PKCS8_Encoder
* Get the DER encoded key.
* @return the DER encoded key
*/
- // XXX: Why not SecureVector?
+ // FIXME: Why not SecureVector?
virtual MemoryVector<byte> key_bits() const = 0;
virtual ~PKCS8_Encoder() {}
};
@@ -117,11 +117,6 @@ BOTAN_DLL std::string PEM_encode(const Private_Key& key,
const std::string& pass,
const std::string& pbe_algo = "");
-BOTAN_DLL std::string PEM_encode(const Private_Key&,
- const std::string&,
- const std::string& = "");
-
-
/**
* Load a key from a data source.
* @param source the data source providing the encoded key
diff --git a/src/rng/auto_rng/auto_rng.cpp b/src/rng/auto_rng/auto_rng.cpp
index 171c83cca..07b2ddec2 100644
--- a/src/rng/auto_rng/auto_rng.cpp
+++ b/src/rng/auto_rng/auto_rng.cpp
@@ -140,7 +140,7 @@ AutoSeeded_RNG::AutoSeeded_RNG(u32bit poll_bits)
#endif
if(!rng)
- throw Algorithm_Not_Found("No usable RNG found enabled in build");
+ throw Internal_Error("No usable RNG found enabled in build");
/* If X9.31 is available, use it to wrap the other RNG as a failsafe */
#if defined(BOTAN_HAS_X931_RNG)
diff --git a/src/selftest/selftest.cpp b/src/selftest/selftest.cpp
index ea032b04e..d644e866e 100644
--- a/src/selftest/selftest.cpp
+++ b/src/selftest/selftest.cpp
@@ -173,7 +173,7 @@ bool passes_self_tests(Algorithm_Factory& af)
"0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B")));
}
}
- catch(std::exception& e)
+ catch(std::exception)
{
return false;
}
diff --git a/src/stream/turing/turing.cpp b/src/stream/turing/turing.cpp
index b988568c3..1e2203480 100644
--- a/src/stream/turing/turing.cpp
+++ b/src/stream/turing/turing.cpp
@@ -218,25 +218,6 @@ u32bit Turing::fixedS(u32bit W)
}
/*
-* Generate the expanded Turing Sbox tables
-*/
-void Turing::gen_sbox(MemoryRegion<u32bit>& S, u32bit which,
- const MemoryRegion<u32bit>& K)
- {
- for(u32bit j = 0; j != 256; ++j)
- {
- u32bit W = 0, C = j;
-
- for(u32bit k = 0; k < K.size(); ++k)
- {
- C = SBOX[get_byte(which, K[k]) ^ C];
- W ^= rotate_left(Q_BOX[C], k + 8*which);
- }
- S[j] = (W & rotate_right(0x00FFFFFF, 8*which)) | (C << (24 - 8*which));
- }
- }
-
-/*
* Turing Key Schedule
*/
void Turing::key_schedule(const byte key[], u32bit length)
@@ -250,10 +231,31 @@ void Turing::key_schedule(const byte key[], u32bit length)
PHT(K);
- gen_sbox(S0, 0, K);
- gen_sbox(S1, 1, K);
- gen_sbox(S2, 2, K);
- gen_sbox(S3, 3, K);
+ for(u32bit i = 0; i != 256; ++i)
+ {
+ u32bit W0 = 0, C0 = i;
+ u32bit W1 = 0, C1 = i;
+ u32bit W2 = 0, C2 = i;
+ u32bit W3 = 0, C3 = i;
+
+ for(u32bit j = 0; j < K.size(); ++j)
+ {
+ C0 = SBOX[get_byte(0, K[j]) ^ C0];
+ C1 = SBOX[get_byte(1, K[j]) ^ C1];
+ C2 = SBOX[get_byte(2, K[j]) ^ C2];
+ C3 = SBOX[get_byte(3, K[j]) ^ C3];
+
+ W0 ^= rotate_left(Q_BOX[C0], j);
+ W1 ^= rotate_left(Q_BOX[C1], j + 8);
+ W2 ^= rotate_left(Q_BOX[C2], j + 16);
+ W3 ^= rotate_left(Q_BOX[C3], j + 24);
+ }
+
+ S0[i] = (W0 & 0x00FFFFFF) | (C0 << 24);
+ S1[i] = (W1 & 0xFF00FFFF) | (C1 << 16);
+ S2[i] = (W2 & 0xFFFF00FF) | (C2 << 8);
+ S3[i] = (W3 & 0xFFFFFF00) | C3;
+ }
resync(0, 0);
}
diff --git a/src/stream/turing/turing.h b/src/stream/turing/turing.h
index d48c1d8a8..455d3c612 100644
--- a/src/stream/turing/turing.h
+++ b/src/stream/turing/turing.h
@@ -29,8 +29,6 @@ class BOTAN_DLL Turing : public StreamCipher
void generate();
static u32bit fixedS(u32bit);
- static void gen_sbox(MemoryRegion<u32bit>&, u32bit,
- const MemoryRegion<u32bit>&);
static const u32bit Q_BOX[256];
static const byte SBOX[256];
diff --git a/src/timer/gettimeofday/info.txt b/src/timer/gettimeofday/info.txt
index d3812eedf..a58e8088d 100644
--- a/src/timer/gettimeofday/info.txt
+++ b/src/timer/gettimeofday/info.txt
@@ -16,6 +16,7 @@ beos
cygwin
darwin
freebsd
+dragonfly
hpux
irix
linux
diff --git a/src/timer/posix_rt/info.txt b/src/timer/posix_rt/info.txt
index 7501373bb..fa530ea1a 100644
--- a/src/timer/posix_rt/info.txt
+++ b/src/timer/posix_rt/info.txt
@@ -18,6 +18,7 @@ linux -> rt
cygwin
linux
#freebsd
+dragonfly
#netbsd
#openbsd
</os>
diff --git a/src/utils/bswap.h b/src/utils/bswap.h
index af51e4e47..08095b319 100644
--- a/src/utils/bswap.h
+++ b/src/utils/bswap.h
@@ -31,9 +31,9 @@ inline u32bit reverse_bytes(u32bit input)
asm("bswapl %0" : "=r" (input) : "0" (input));
return input;
-#elif defined(_MSC_VER) && defined(BOTAN_TARGER_ARCH_IS_IA32)
+#elif defined(_MSC_VER) && defined(BOTAN_TARGET_ARCH_IS_IA32)
/* Visual C++ inline asm for 32-bit x86, by Yves Jerschow */
- __asm mov eax, x;
+ __asm mov eax, input;
__asm bswap eax;
#else
diff --git a/src/utils/info.txt b/src/utils/info.txt
index 95ea5fc2e..ab50b88ad 100644
--- a/src/utils/info.txt
+++ b/src/utils/info.txt
@@ -2,7 +2,7 @@ realname "Utility Functions"
define UTIL_FUNCTIONS
-load_on auto
+load_on always
<libs>
tru64 -> rt