OpenXM/src/ox_ntl/crypt/cast5/cast5.c - annotate

Return to cast5.c CVS log
Up to [local] / OpenXM / src / ox_ntl / crypt / cast5
Annotation of OpenXM/src/ox_ntl/crypt/cast5/cast5.c, Revision 1.2

1.2     ! iwane       1: /* $OpenXM: OpenXM/src/ox_ntl/crypt/cast5/cast5.c,v 1.1 2004/07/15 14:51:42 iwane Exp $ */
1.1       iwane       2: /*
                      3:  * rfc 2144
                      4:  *  The CAST-128 Encryption Algorithm
                      5:  */
                      6:
                      7: #include "cast5.h"
                      8: #include "cast5tbl.h"
                      9:
                     10:
                     11: #if HAVE_CONFIG_H
                     12: #include "config.h"
                     13: #endif /* HAVE_CONFIG_H */
                     14:
                     15: #define leftrot32(x, n)      ((((uint32_t)x) << n) | ((uint32_t)x) >> (32 - n))
                     16:
                     17: #ifdef WORDS_BIGENDIAN
                     18: #define ARY(x, i)  (((unsigned char *)(x))[i])
                     19: #else
                     20: #define ARY(x, i)  (((unsigned char *)(x))[(int)("\x03\x02\x01\x00\x07\x06\x05\x04\x0b\x0a\x09\x08\x0f\x0e\x0d\x0c"[i])])
                     21: #endif
                     22:
                     23:
                     24: /*
                     25: #define ARY(x, i)  (((unsigned char *)(x))[((((i) / 4) * 4) + (3 - (i) % 4))])
                     26:  * compute: 7.473
                     27:  *         15.100
                     28:  *         11.805
                     29:  *
                     30: #define ARY(x, i)  (((unsigned char *)(x))[(int)("\x03\x02\x01\x00\x07\x06\x05\x04\x0b\x0a\x09\x08\x0f\x0e\x0d\x0c"[i])])
                     31:  * char array: 7.044
                     32:  *            14.124
                     33:  *            11.366
                     34:  *
                     35: static const int _ar[] = {3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12};
                     36: #define ARY(x, i)  (((unsigned char *)(x))[_ar[i]])
                     37:  * int array: 8.679
                     38:  *           17.233
                     39:  *           12.705
                     40:  */
                     41:
                     42:
                     43:
                     44: /*
                     45:  * length of key is 16 byte = 128 bit.
                     46:  */
                     47: void
                     48: cast128_keyset(const unsigned char *key, int len, cast128_key *ckey)
                     49: {
                     50: #define X(i) (ARY(&x, i))
                     51: #define Z(i) (ARY(&z, i))
                     52:        uint32_t x[4], z[4];
                     53:        int i;
                     54:        uint32_t K[32], *k;
                     55:
                     56:        if (len > 16)
                     57:                len = 16;
                     58:        for (i = 0; i < len; i++) {
                     59:                X(i) = key[i];
                     60:        }
                     61:
                     62:        for (; i < (int)sizeof(x); i++) {
                     63:                X(i) = 0;
                     64:        }
                     65:
                     66:        k = K;
                     67:
                     68:        for (i = 0; i < 2; i++) {
                     69: #define s5 __cast128_tbl_s5
                     70: #define s6 __cast128_tbl_s6
                     71: #define s7 __cast128_tbl_s7
                     72: #define s8 __cast128_tbl_s8
                     73:                z[0] = x[0] ^ s5[X(0xD)] ^ s6[X(0xF)] ^ s7[X(0xC)] ^ s8[X(0xE)] ^ s7[X(0x8)];
                     74:                z[1] = x[2] ^ s5[Z(0x0)] ^ s6[Z(0x2)] ^ s7[Z(0x1)] ^ s8[Z(0x3)] ^ s8[X(0xA)];
                     75:                z[2] = x[3] ^ s5[Z(0x7)] ^ s6[Z(0x6)] ^ s7[Z(0x5)] ^ s8[Z(0x4)] ^ s5[X(0x9)];
                     76:                z[3] = x[1] ^ s5[Z(0xA)] ^ s6[Z(0x9)] ^ s7[Z(0xB)] ^ s8[Z(0x8)] ^ s6[X(0xB)];
                     77:
                     78:                k[ 0] = s5[Z(0x8)] ^ s6[Z(0x9)] ^ s7[Z(0x7)] ^ s8[Z(0x6)] ^ s5[Z(0x2)];
                     79:                k[ 1] = s5[Z(0xA)] ^ s6[Z(0xB)] ^ s7[Z(0x5)] ^ s8[Z(0x4)] ^ s6[Z(0x6)];
                     80:                k[ 2] = s5[Z(0xC)] ^ s6[Z(0xD)] ^ s7[Z(0x3)] ^ s8[Z(0x2)] ^ s7[Z(0x9)];
                     81:                k[ 3] = s5[Z(0xE)] ^ s6[Z(0xF)] ^ s7[Z(0x1)] ^ s8[Z(0x0)] ^ s8[Z(0xC)];
                     82:
                     83:                x[0] = z[2] ^ s5[Z(0x5)] ^ s6[Z(0x7)] ^ s7[Z(0x4)] ^ s8[Z(0x6)] ^ s7[Z(0x0)];
                     84:                x[1] = z[0] ^ s5[X(0x0)] ^ s6[X(0x2)] ^ s7[X(0x1)] ^ s8[X(0x3)] ^ s8[Z(0x2)];
                     85:                x[2] = z[1] ^ s5[X(0x7)] ^ s6[X(0x6)] ^ s7[X(0x5)] ^ s8[X(0x4)] ^ s5[Z(0x1)];
                     86:                x[3] = z[3] ^ s5[X(0xA)] ^ s6[X(0x9)] ^ s7[X(0xB)] ^ s8[X(0x8)] ^ s6[Z(0x3)];
                     87:
                     88:                k[ 4] = s5[X(0x3)] ^ s6[X(0x2)] ^ s7[X(0xC)] ^ s8[X(0xD)] ^ s5[X(0x8)];
                     89:                k[ 5] = s5[X(0x1)] ^ s6[X(0x0)] ^ s7[X(0xE)] ^ s8[X(0xF)] ^ s6[X(0xD)];
                     90:                k[ 6] = s5[X(0x7)] ^ s6[X(0x6)] ^ s7[X(0x8)] ^ s8[X(0x9)] ^ s7[X(0x3)];
                     91:                k[ 7] = s5[X(0x5)] ^ s6[X(0x4)] ^ s7[X(0xA)] ^ s8[X(0xB)] ^ s8[X(0x7)];
                     92:
                     93:                z[0] = x[0] ^ s5[X(0xD)] ^ s6[X(0xF)] ^ s7[X(0xC)] ^ s8[X(0xE)] ^ s7[X(0x8)];
                     94:                z[1] = x[2] ^ s5[Z(0x0)] ^ s6[Z(0x2)] ^ s7[Z(0x1)] ^ s8[Z(0x3)] ^ s8[X(0xA)];
                     95:                z[2] = x[3] ^ s5[Z(0x7)] ^ s6[Z(0x6)] ^ s7[Z(0x5)] ^ s8[Z(0x4)] ^ s5[X(0x9)];
                     96:                z[3] = x[1] ^ s5[Z(0xA)] ^ s6[Z(0x9)] ^ s7[Z(0xB)] ^ s8[Z(0x8)] ^ s6[X(0xB)];
                     97:
                     98:                k[ 8] = s5[Z(0x3)] ^ s6[Z(0x2)] ^ s7[Z(0xC)] ^ s8[Z(0xD)] ^ s5[Z(0x9)];
                     99:                k[ 9] = s5[Z(0x1)] ^ s6[Z(0x0)] ^ s7[Z(0xE)] ^ s8[Z(0xF)] ^ s6[Z(0xC)];
                    100:                k[10] = s5[Z(0x7)] ^ s6[Z(0x6)] ^ s7[Z(0x8)] ^ s8[Z(0x9)] ^ s7[Z(0x2)];
                    101:                k[11] = s5[Z(0x5)] ^ s6[Z(0x4)] ^ s7[Z(0xA)] ^ s8[Z(0xB)] ^ s8[Z(0x6)];
                    102:
                    103:                x[0] = z[2] ^ s5[Z(0x5)] ^ s6[Z(0x7)] ^ s7[Z(0x4)] ^ s8[Z(0x6)] ^ s7[Z(0x0)];
                    104:                x[1] = z[0] ^ s5[X(0x0)] ^ s6[X(0x2)] ^ s7[X(0x1)] ^ s8[X(0x3)] ^ s8[Z(0x2)];
                    105:                x[2] = z[1] ^ s5[X(0x7)] ^ s6[X(0x6)] ^ s7[X(0x5)] ^ s8[X(0x4)] ^ s5[Z(0x1)];
                    106:                x[3] = z[3] ^ s5[X(0xA)] ^ s6[X(0x9)] ^ s7[X(0xB)] ^ s8[X(0x8)] ^ s6[Z(0x3)];
                    107:
                    108:                k[12] = s5[X(0x8)] ^ s6[X(0x9)] ^ s7[X(0x7)] ^ s8[X(0x6)] ^ s5[X(0x3)];
                    109:                k[13] = s5[X(0xA)] ^ s6[X(0xB)] ^ s7[X(0x5)] ^ s8[X(0x4)] ^ s6[X(0x7)];
                    110:                k[14] = s5[X(0xC)] ^ s6[X(0xD)] ^ s7[X(0x3)] ^ s8[X(0x2)] ^ s7[X(0x8)];
                    111:                k[15] = s5[X(0xE)] ^ s6[X(0xF)] ^ s7[X(0x1)] ^ s8[X(0x0)] ^ s8[X(0xD)];
                    112:
                    113: #undef s5
                    114: #undef s6
                    115: #undef s7
                    116: #undef s8
                    117:                k += 16;
                    118:        }
                    119:
                    120:        for (i = 0; i < 16; i++) {
                    121:                ckey->km[i] = K[i];
                    122:                ckey->kr[i] = K[i + 16] & 0x1f;
                    123:        }
                    124:        ckey->len = len;
                    125:        if (len <= 10) /* < 80 bit */
                    126:                ckey->loop = 12;
                    127:        else
                    128:                ckey->loop = 16;
                    129:
                    130: #undef X
                    131: #undef Z
                    132:
                    133: }
                    134:
                    135:
                    136: #define I(i) (ARY(&j, i))
                    137:
                    138: #define _CAST_TYPE(FUNC, OP1, OP2, OP3) \
                    139: static inline uint32_t                                                       \
                    140: FUNC(uint32_t d, uint32_t km, uint32_t kr)                                   \
                    141: {                                                                            \
                    142:        uint32_t j = leftrot32(km OP3 d, kr);                                   \
                    143:        return (((__cast128_tbl_s1[I(0)] OP1 __cast128_tbl_s2[I(1)]) OP2 __cast128_tbl_s3[I(2)]) OP3 __cast128_tbl_s4[I(3)]);        \
                    144: }
                    145:
                    146: _CAST_TYPE(_type1, ^, -, +)
                    147: _CAST_TYPE(_type2, -, +, ^)
                    148: _CAST_TYPE(_type3, +, ^, -)
                    149:
                    150: #undef I
                    151:
                    152:
                    153: void
                    154: cast128_enc_i(cast128_key *key,
                    155:     uint32_t ml, uint32_t mr,
                    156:     uint32_t *el, uint32_t *er)
                    157: {
                    158:        int i;
                    159:
                    160:        uint32_t l;
                    161:        uint32_t (*f[3])(uint32_t, uint32_t, uint32_t) = {_type1, _type2, _type3};
                    162:
                    163:        for (i = 0; i < key->loop; i++) {
                    164:                l = mr;
                    165:                mr = ml ^ f[i % 3](mr, key->km[i], key->kr[i]);
                    166:                ml = l;
                    167:        }
                    168:
                    169:        *er = ml;
                    170:        *el = mr;
                    171: }
                    172:
                    173:
                    174:
                    175: void
                    176: cast128_enc_c(cast128_key *key,
                    177:     const unsigned char *msg, unsigned char *enc)
                    178: {
                    179:        uint32_t m[2], e[2];
                    180:        int i;
                    181:
                    182:        for (i = 0; i < 8; i++) {
                    183:                ARY(m, i) = msg[i];
                    184:        }
                    185:
                    186:        cast128_enc_i(key, m[0], m[1], &e[0], &e[1]);
                    187:
                    188:        for (i = 0; i < 8; i++) {
                    189:                enc[i] = ARY(e, i);
                    190:        }
                    191: }
                    192:
                    193:
                    194:
                    195: void
                    196: cast128_dec_i(cast128_key *key,
                    197:     uint32_t ml, uint32_t mr,
                    198:     uint32_t *el, uint32_t *er)
                    199: {
                    200:        int i;
                    201:
                    202:        uint32_t l;
                    203:        uint32_t (*f[3])(uint32_t, uint32_t, uint32_t) = {_type1, _type2, _type3};
                    204:
                    205:        for (i = key->loop - 1; i >= 0; i--) {
                    206:                l = mr;
                    207:                mr = ml ^ f[i % 3](mr, key->km[i], key->kr[i]);
                    208:                ml = l;
                    209:        }
                    210:
                    211:        *er = ml;
                    212:        *el = mr;
                    213: }
                    214:
                    215:
                    216: void
                    217: cast128_dec_c(cast128_key *key,
                    218:     const unsigned char *msg, unsigned char *enc)
                    219: {
                    220:        uint32_t m[2], e[2];
                    221:        int i;
                    222:
                    223:        for (i = 0; i < 8; i++) {
                    224:                ARY(m, i) = msg[i];
                    225:        }
                    226:
                    227:        cast128_dec_i(key, m[0], m[1], &e[0], &e[1]);
                    228:
                    229:        for (i = 0; i < 8; i++) {
                    230:                enc[i] = ARY(e, i);
                    231:        }
                    232: }
                    233:
                    234:
                    235:
                    236:
                    237:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>