+++ /dev/null
-## Process this file with make_am to produce Makefile.am
-SUBDIRS: include
-CVS_HEADERS: cvs_headers
-BODY:
-
-AUTOMAKE_OPTIONS = foreign
-
-noinst_LIBRARIES = libsymmetric.a
-noinst_PROGRAMS = desTest desdata bf_test twofish_test generate_q rijndael_test
-
-Makefile.am: Makefile.am.in
- (cd $(top_srcdir) && $(MAKE) src/symmetric/Makefile.am)
-
-# When compiling with lsh, this is set to to -DLSH -I/path/to/lsh/include
-# INCLUDES = @crypto_cpp_flags@
-
-LDADD = libsymmetric.a
-desdata_LDADD =
-
-des_headers = parity.h rotors.h keymap.h
-BUILT_SOURCES = desSmallFips.c desSmallCore.c desQuickFips.c desQuickCore.c
-
-libsymmetric_a_SOURCES = desCode.h desKerb.c desUtil.c desQuick.c \
- $(BUILT_SOURCES) \
- sha.c md5.c idea.c arcfour.c cast.c blowfish.c twofish.c rijndael.c \
- serpent.c
-
-# Generate DES headers.
-$(des_headers): desdata
- ./desdata $@ > $@T
- test -s $@T && mv -f $@T $@
-
-desUtil.o: desUtil.c $(des_headers)
-
-# Generate DES sources. Slowest to quickest.
-desSmallFips.c:
- @echo > $@ '#include "desCode.h"'
- @echo >> $@ 'ENCRYPT(DesSmallFipsEncrypt,TEMPSMALL,\
- LOADFIPS,KEYMAPSMALL,SAVEFIPS)'
- @echo >> $@ 'DECRYPT(DesSmallFipsDecrypt,TEMPSMALL,\
- LOADFIPS,KEYMAPSMALL,SAVEFIPS)'
-desSmallCore.c:
- @echo > $@ '#include "desCode.h"'
- @echo >> $@ 'ENCRYPT(DesSmallCoreEncrypt,TEMPSMALL,\
- LOADCORE,KEYMAPSMALL,SAVECORE)'
- @echo >> $@ 'DECRYPT(DesSmallCoreDecrypt,TEMPSMALL,\
- LOADCORE,KEYMAPSMALL,SAVECORE)'
-desQuickFips.c:
- @echo > $@ '#include "desCode.h"'
- @echo >> $@ 'ENCRYPT(DesQuickFipsEncrypt,TEMPQUICK,\
- LOADFIPS,KEYMAPQUICK,SAVEFIPS)'
- @echo >> $@ 'DECRYPT(DesQuickFipsDecrypt,TEMPQUICK,\
- LOADFIPS,KEYMAPQUICK,SAVEFIPS)'
-desQuickCore.c:
- @echo > $@ '#include "desCode.h"'
- @echo >> $@ 'ENCRYPT(DesQuickCoreEncrypt,TEMPQUICK,\
- LOADCORE,KEYMAPQUICK,SAVECORE)'
- @echo >> $@ 'DECRYPT(DesQuickCoreDecrypt,TEMPQUICK,\
- LOADCORE,KEYMAPQUICK,SAVECORE)'
-
-EXTRA_DIST = $(cvs_headers) $(des_headers) Makefile.am.in descore.README
-
-.PHONY: depend
-depend:
- rm -f $(DEP_FILES)
- make $(DEP_FILES)
-
-# .deps/%.P : %.c
-# $(CC) $(CPPFLAGS) $(DEFS) -M -MG $< > $@
-
-MAINTAINERCLEANFILES += $(DEP_FILES)
-
-include $(top_srcdir)/misc/ctags.mk
+++ /dev/null
-/* bf_test.c
- *
- * $Id$
- * Test the blow fish implementation. */
-
-#include "blowfish.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-
-int main (int argc UNUSED, char **argv UNUSED)
-{
- if (bf_selftest())
- {
- fprintf(stderr, "Blowfish works.\n");
- return EXIT_SUCCESS;
- }
- else
- {
- fprintf(stderr, "ERROR: Blowfish failed.\n");
- return EXIT_FAILURE;
- }
-}
-
+++ /dev/null
-/*
- * $Id$
- *
- * CAST-128 in C
- * Written by Steve Reid <sreid@sea-to-sky.net>
- * 100% Public Domain - no warranty
- * Released 1997.10.11
- *
- * CAST-128 is documented in
- * C. Adams, "The CAST-128 Encryption Algorithm", RFC 2144.
- *
- */
-
-/* Adapted to the pike cryptographic toolkit by Niels Möller */
-
-/* Selftest added by J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl>.
- * Released into the public domain. */
-
-#include <assert.h>
-
-#include <cast.h>
-
-#define u8 UINT8
-#define u32 UINT32
-
-#include "cast_sboxes.h"
-
-/* Macros to access 8-bit bytes out of a 32-bit word */
-#define U8a(x) ( (u8) (x>>24) )
-#define U8b(x) ( (u8) ((x>>16)&255) )
-#define U8c(x) ( (u8) ((x>>8)&255) )
-#define U8d(x) ( (u8) ((x)&255) )
-
-/* Circular left shift */
-#define ROL(x, n) ( ((x)<<(n)) | ((x)>>(32-(n))) )
-
-/* CAST-128 uses three different round functions */
-#define F1(l, r, i) \
- t = ROL(key->xkey[i] + r, key->xkey[i+16]); \
- l ^= ((cast_sbox1[U8a(t)] ^ cast_sbox2[U8b(t)]) \
- - cast_sbox3[U8c(t)]) + cast_sbox4[U8d(t)];
-#define F2(l, r, i) \
- t = ROL(key->xkey[i] ^ r, key->xkey[i+16]); \
- l ^= ((cast_sbox1[U8a(t)] - cast_sbox2[U8b(t)]) \
- + cast_sbox3[U8c(t)]) ^ cast_sbox4[U8d(t)];
-#define F3(l, r, i) \
- t = ROL(key->xkey[i] - r, key->xkey[i+16]); \
- l ^= ((cast_sbox1[U8a(t)] + cast_sbox2[U8b(t)]) \
- ^ cast_sbox3[U8c(t)]) - cast_sbox4[U8d(t)];
-
-
-/***** Encryption Function *****/
-
-void cast_encrypt(struct cast_key *key, const u8 * const inblock, u8 *outblock)
-{
- u32 t, l, r;
-
- /* Get inblock into l,r */
- l = ((u32)inblock[0] << 24) | ((u32)inblock[1] << 16)
- | ((u32)inblock[2] << 8) | (u32)inblock[3];
- r = ((u32)inblock[4] << 24) | ((u32)inblock[5] << 16)
- | ((u32)inblock[6] << 8) | (u32)inblock[7];
- /* Do the work */
- F1(l, r, 0);
- F2(r, l, 1);
- F3(l, r, 2);
- F1(r, l, 3);
- F2(l, r, 4);
- F3(r, l, 5);
- F1(l, r, 6);
- F2(r, l, 7);
- F3(l, r, 8);
- F1(r, l, 9);
- F2(l, r, 10);
- F3(r, l, 11);
- /* Only do full 16 rounds if key length > 80 bits */
- if (key->rounds > 12) {
- F1(l, r, 12);
- F2(r, l, 13);
- F3(l, r, 14);
- F1(r, l, 15);
- }
- /* Put l,r into outblock */
- outblock[0] = U8a(r);
- outblock[1] = U8b(r);
- outblock[2] = U8c(r);
- outblock[3] = U8d(r);
- outblock[4] = U8a(l);
- outblock[5] = U8b(l);
- outblock[6] = U8c(l);
- outblock[7] = U8d(l);
- /* Wipe clean */
- t = l = r = 0;
-}
-
-
-/***** Decryption Function *****/
-
-void cast_decrypt(struct cast_key *key, const u8 * const inblock, u8 *outblock)
-{
- u32 t, l, r;
-
- /* Get inblock into l,r */
- r = ((u32)inblock[0] << 24) | ((u32)inblock[1] << 16)
- | ((u32)inblock[2] << 8) | (u32)inblock[3];
- l = ((u32)inblock[4] << 24) | ((u32)inblock[5] << 16)
- | ((u32)inblock[6] << 8) | (u32)inblock[7];
- /* Do the work */
- /* Only do full 16 rounds if key length > 80 bits */
- if (key->rounds > 12) {
- F1(r, l, 15);
- F3(l, r, 14);
- F2(r, l, 13);
- F1(l, r, 12);
- }
- F3(r, l, 11);
- F2(l, r, 10);
- F1(r, l, 9);
- F3(l, r, 8);
- F2(r, l, 7);
- F1(l, r, 6);
- F3(r, l, 5);
- F2(l, r, 4);
- F1(r, l, 3);
- F3(l, r, 2);
- F2(r, l, 1);
- F1(l, r, 0);
- /* Put l,r into outblock */
- outblock[0] = U8a(l);
- outblock[1] = U8b(l);
- outblock[2] = U8c(l);
- outblock[3] = U8d(l);
- outblock[4] = U8a(r);
- outblock[5] = U8b(r);
- outblock[6] = U8c(r);
- outblock[7] = U8d(r);
- /* Wipe clean */
- t = l = r = 0;
-}
-
-
-/* Sanity check using the test vectors from
- * B.1. Single Plaintext-Key-Ciphertext Sets, RFC 2144
- */
-int cast_selftest(void)
-{
- u8 testkey128[16] = {
- 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
- 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
- };
- u8 plaintext128[8] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
- };
- u8 ciphertext128[8] = {
- 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2
- };
-
- u8 testkey80[10] = {
- 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
- 0x23, 0x45
- };
- u8 plaintext80[8] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
- };
- u8 ciphertext80[8] = {
- 0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B
- };
-
- u8 testkey40[5] = {
- 0x01, 0x23, 0x45, 0x67, 0x12
- };
- u8 plaintext40[8] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
- };
- u8 ciphertext40[8] = {
- 0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E
- };
-
- struct cast_key context;
- u8 ciphertext[8];
-
- cast_setkey(&context, testkey128, 16);
- cast_encrypt(&context, plaintext128, ciphertext);
- if (memcmp(ciphertext, ciphertext128, 8)) {
- return 0;
- }
- cast_setkey(&context, testkey80, 10);
- cast_encrypt(&context, plaintext80, ciphertext);
- if (memcmp(ciphertext, ciphertext80, 8)) {
- return 0;
- }
- cast_setkey(&context, testkey40, 5);
- cast_encrypt(&context, plaintext40, ciphertext);
- if (memcmp(ciphertext, ciphertext40, 8)) {
- return 0;
- }
- return 1;
-}
-
-
-/***** Key Schedule *****/
-
-void cast_setkey(struct cast_key *key, const u8 * const rawkey, unsigned keybytes)
-{
- u32 t[4], z[4], x[4];
- unsigned i;
-
-#ifndef NDEBUG
- static int initialized = 0;
-
- if (!initialized)
- {
- initialized = 1;
- assert(cast_selftest());
- }
-#endif
-
- /* Set number of rounds to 12 or 16, depending on key length */
- key->rounds = (keybytes <= CAST_SMALL_KEY)
- ? CAST_SMALL_ROUNDS : CAST_FULL_ROUNDS;
-
- /* Copy key to workspace x */
- for (i = 0; i < 4; i++) {
- x[i] = 0;
- if ((i*4+0) < keybytes) x[i] = (u32)rawkey[i*4+0] << 24;
- if ((i*4+1) < keybytes) x[i] |= (u32)rawkey[i*4+1] << 16;
- if ((i*4+2) < keybytes) x[i] |= (u32)rawkey[i*4+2] << 8;
- if ((i*4+3) < keybytes) x[i] |= (u32)rawkey[i*4+3];
- }
- /* Generate 32 subkeys, four at a time */
- for (i = 0; i < 32; i+=4) {
- switch (i & 4) {
- case 0:
- t[0] = z[0] = x[0] ^ cast_sbox5[U8b(x[3])]
- ^ cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])]
- ^ cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])];
- t[1] = z[1] = x[2] ^ cast_sbox5[U8a(z[0])]
- ^ cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])]
- ^ cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])];
- t[2] = z[2] = x[3] ^ cast_sbox5[U8d(z[1])]
- ^ cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])]
- ^ cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])];
- t[3] = z[3] = x[1] ^ cast_sbox5[U8c(z[2])] ^
- cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])]
- ^ cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])];
- break;
- case 4:
- t[0] = x[0] = z[2] ^ cast_sbox5[U8b(z[1])]
- ^ cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])]
- ^ cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])];
- t[1] = x[1] = z[0] ^ cast_sbox5[U8a(x[0])]
- ^ cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])]
- ^ cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])];
- t[2] = x[2] = z[1] ^ cast_sbox5[U8d(x[1])]
- ^ cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])]
- ^ cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])];
- t[3] = x[3] = z[3] ^ cast_sbox5[U8c(x[2])]
- ^ cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])]
- ^ cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])];
- break;
- }
- switch (i & 12) {
- case 0:
- case 12:
- key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^ cast_sbox6[U8b(t[2])]
- ^ cast_sbox7[U8d(t[1])] ^ cast_sbox8[U8c(t[1])];
- key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^ cast_sbox6[U8d(t[2])]
- ^ cast_sbox7[U8b(t[1])] ^ cast_sbox8[U8a(t[1])];
- key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^ cast_sbox6[U8b(t[3])]
- ^ cast_sbox7[U8d(t[0])] ^ cast_sbox8[U8c(t[0])];
- key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^ cast_sbox6[U8d(t[3])]
- ^ cast_sbox7[U8b(t[0])] ^ cast_sbox8[U8a(t[0])];
- break;
- case 4:
- case 8:
- key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^ cast_sbox6[U8c(t[0])]
- ^ cast_sbox7[U8a(t[3])] ^ cast_sbox8[U8b(t[3])];
- key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^ cast_sbox6[U8a(t[0])]
- ^ cast_sbox7[U8c(t[3])] ^ cast_sbox8[U8d(t[3])];
- key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^ cast_sbox6[U8c(t[1])]
- ^ cast_sbox7[U8a(t[2])] ^ cast_sbox8[U8b(t[2])];
- key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^ cast_sbox6[U8a(t[1])]
- ^ cast_sbox7[U8c(t[2])] ^ cast_sbox8[U8d(t[2])];
- break;
- }
- switch (i & 12) {
- case 0:
- key->xkey[i+0] ^= cast_sbox5[U8c(z[0])];
- key->xkey[i+1] ^= cast_sbox6[U8c(z[1])];
- key->xkey[i+2] ^= cast_sbox7[U8b(z[2])];
- key->xkey[i+3] ^= cast_sbox8[U8a(z[3])];
- break;
- case 4:
- key->xkey[i+0] ^= cast_sbox5[U8a(x[2])];
- key->xkey[i+1] ^= cast_sbox6[U8b(x[3])];
- key->xkey[i+2] ^= cast_sbox7[U8d(x[0])];
- key->xkey[i+3] ^= cast_sbox8[U8d(x[1])];
- break;
- case 8:
- key->xkey[i+0] ^= cast_sbox5[U8b(z[2])];
- key->xkey[i+1] ^= cast_sbox6[U8a(z[3])];
- key->xkey[i+2] ^= cast_sbox7[U8c(z[0])];
- key->xkey[i+3] ^= cast_sbox8[U8c(z[1])];
- break;
- case 12:
- key->xkey[i+0] ^= cast_sbox5[U8d(x[0])];
- key->xkey[i+1] ^= cast_sbox6[U8d(x[1])];
- key->xkey[i+2] ^= cast_sbox7[U8a(x[2])];
- key->xkey[i+3] ^= cast_sbox8[U8b(x[3])];
- break;
- }
- if (i >= 16) {
- key->xkey[i+0] &= 31;
- key->xkey[i+1] &= 31;
- key->xkey[i+2] &= 31;
- key->xkey[i+3] &= 31;
- }
- }
- /* Wipe clean */
- for (i = 0; i < 4; i++) {
- t[i] = x[i] = z[i] = 0;
- }
-}
-
-/* Made in Canada */
-
+++ /dev/null
-/*
- * $Id$
- *
- * CAST-128 in C
- * Written by Steve Reid <sreid@sea-to-sky.net>
- * 100% Public Domain - no warranty
- * Released 1997.10.11
- */
-
-static const u32 cast_sbox1[256] = {
- 0x30FB40D4, 0x9FA0FF0B, 0x6BECCD2F, 0x3F258C7A,
- 0x1E213F2F, 0x9C004DD3, 0x6003E540, 0xCF9FC949,
- 0xBFD4AF27, 0x88BBBDB5, 0xE2034090, 0x98D09675,
- 0x6E63A0E0, 0x15C361D2, 0xC2E7661D, 0x22D4FF8E,
- 0x28683B6F, 0xC07FD059, 0xFF2379C8, 0x775F50E2,
- 0x43C340D3, 0xDF2F8656, 0x887CA41A, 0xA2D2BD2D,
- 0xA1C9E0D6, 0x346C4819, 0x61B76D87, 0x22540F2F,
- 0x2ABE32E1, 0xAA54166B, 0x22568E3A, 0xA2D341D0,
- 0x66DB40C8, 0xA784392F, 0x004DFF2F, 0x2DB9D2DE,
- 0x97943FAC, 0x4A97C1D8, 0x527644B7, 0xB5F437A7,
- 0xB82CBAEF, 0xD751D159, 0x6FF7F0ED, 0x5A097A1F,
- 0x827B68D0, 0x90ECF52E, 0x22B0C054, 0xBC8E5935,
- 0x4B6D2F7F, 0x50BB64A2, 0xD2664910, 0xBEE5812D,
- 0xB7332290, 0xE93B159F, 0xB48EE411, 0x4BFF345D,
- 0xFD45C240, 0xAD31973F, 0xC4F6D02E, 0x55FC8165,
- 0xD5B1CAAD, 0xA1AC2DAE, 0xA2D4B76D, 0xC19B0C50,
- 0x882240F2, 0x0C6E4F38, 0xA4E4BFD7, 0x4F5BA272,
- 0x564C1D2F, 0xC59C5319, 0xB949E354, 0xB04669FE,
- 0xB1B6AB8A, 0xC71358DD, 0x6385C545, 0x110F935D,
- 0x57538AD5, 0x6A390493, 0xE63D37E0, 0x2A54F6B3,
- 0x3A787D5F, 0x6276A0B5, 0x19A6FCDF, 0x7A42206A,
- 0x29F9D4D5, 0xF61B1891, 0xBB72275E, 0xAA508167,
- 0x38901091, 0xC6B505EB, 0x84C7CB8C, 0x2AD75A0F,
- 0x874A1427, 0xA2D1936B, 0x2AD286AF, 0xAA56D291,
- 0xD7894360, 0x425C750D, 0x93B39E26, 0x187184C9,
- 0x6C00B32D, 0x73E2BB14, 0xA0BEBC3C, 0x54623779,
- 0x64459EAB, 0x3F328B82, 0x7718CF82, 0x59A2CEA6,
- 0x04EE002E, 0x89FE78E6, 0x3FAB0950, 0x325FF6C2,
- 0x81383F05, 0x6963C5C8, 0x76CB5AD6, 0xD49974C9,
- 0xCA180DCF, 0x380782D5, 0xC7FA5CF6, 0x8AC31511,
- 0x35E79E13, 0x47DA91D0, 0xF40F9086, 0xA7E2419E,
- 0x31366241, 0x051EF495, 0xAA573B04, 0x4A805D8D,
- 0x548300D0, 0x00322A3C, 0xBF64CDDF, 0xBA57A68E,
- 0x75C6372B, 0x50AFD341, 0xA7C13275, 0x915A0BF5,
- 0x6B54BFAB, 0x2B0B1426, 0xAB4CC9D7, 0x449CCD82,
- 0xF7FBF265, 0xAB85C5F3, 0x1B55DB94, 0xAAD4E324,
- 0xCFA4BD3F, 0x2DEAA3E2, 0x9E204D02, 0xC8BD25AC,
- 0xEADF55B3, 0xD5BD9E98, 0xE31231B2, 0x2AD5AD6C,
- 0x954329DE, 0xADBE4528, 0xD8710F69, 0xAA51C90F,
- 0xAA786BF6, 0x22513F1E, 0xAA51A79B, 0x2AD344CC,
- 0x7B5A41F0, 0xD37CFBAD, 0x1B069505, 0x41ECE491,
- 0xB4C332E6, 0x032268D4, 0xC9600ACC, 0xCE387E6D,
- 0xBF6BB16C, 0x6A70FB78, 0x0D03D9C9, 0xD4DF39DE,
- 0xE01063DA, 0x4736F464, 0x5AD328D8, 0xB347CC96,
- 0x75BB0FC3, 0x98511BFB, 0x4FFBCC35, 0xB58BCF6A,
- 0xE11F0ABC, 0xBFC5FE4A, 0xA70AEC10, 0xAC39570A,
- 0x3F04442F, 0x6188B153, 0xE0397A2E, 0x5727CB79,
- 0x9CEB418F, 0x1CACD68D, 0x2AD37C96, 0x0175CB9D,
- 0xC69DFF09, 0xC75B65F0, 0xD9DB40D8, 0xEC0E7779,
- 0x4744EAD4, 0xB11C3274, 0xDD24CB9E, 0x7E1C54BD,
- 0xF01144F9, 0xD2240EB1, 0x9675B3FD, 0xA3AC3755,
- 0xD47C27AF, 0x51C85F4D, 0x56907596, 0xA5BB15E6,
- 0x580304F0, 0xCA042CF1, 0x011A37EA, 0x8DBFAADB,
- 0x35BA3E4A, 0x3526FFA0, 0xC37B4D09, 0xBC306ED9,
- 0x98A52666, 0x5648F725, 0xFF5E569D, 0x0CED63D0,
- 0x7C63B2CF, 0x700B45E1, 0xD5EA50F1, 0x85A92872,
- 0xAF1FBDA7, 0xD4234870, 0xA7870BF3, 0x2D3B4D79,
- 0x42E04198, 0x0CD0EDE7, 0x26470DB8, 0xF881814C,
- 0x474D6AD7, 0x7C0C5E5C, 0xD1231959, 0x381B7298,
- 0xF5D2F4DB, 0xAB838653, 0x6E2F1E23, 0x83719C9E,
- 0xBD91E046, 0x9A56456E, 0xDC39200C, 0x20C8C571,
- 0x962BDA1C, 0xE1E696FF, 0xB141AB08, 0x7CCA89B9,
- 0x1A69E783, 0x02CC4843, 0xA2F7C579, 0x429EF47D,
- 0x427B169C, 0x5AC9F049, 0xDD8F0F00, 0x5C8165BF
-};
-
-static const u32 cast_sbox2[256] = {
- 0x1F201094, 0xEF0BA75B, 0x69E3CF7E, 0x393F4380,
- 0xFE61CF7A, 0xEEC5207A, 0x55889C94, 0x72FC0651,
- 0xADA7EF79, 0x4E1D7235, 0xD55A63CE, 0xDE0436BA,
- 0x99C430EF, 0x5F0C0794, 0x18DCDB7D, 0xA1D6EFF3,
- 0xA0B52F7B, 0x59E83605, 0xEE15B094, 0xE9FFD909,
- 0xDC440086, 0xEF944459, 0xBA83CCB3, 0xE0C3CDFB,
- 0xD1DA4181, 0x3B092AB1, 0xF997F1C1, 0xA5E6CF7B,
- 0x01420DDB, 0xE4E7EF5B, 0x25A1FF41, 0xE180F806,
- 0x1FC41080, 0x179BEE7A, 0xD37AC6A9, 0xFE5830A4,
- 0x98DE8B7F, 0x77E83F4E, 0x79929269, 0x24FA9F7B,
- 0xE113C85B, 0xACC40083, 0xD7503525, 0xF7EA615F,
- 0x62143154, 0x0D554B63, 0x5D681121, 0xC866C359,
- 0x3D63CF73, 0xCEE234C0, 0xD4D87E87, 0x5C672B21,
- 0x071F6181, 0x39F7627F, 0x361E3084, 0xE4EB573B,
- 0x602F64A4, 0xD63ACD9C, 0x1BBC4635, 0x9E81032D,
- 0x2701F50C, 0x99847AB4, 0xA0E3DF79, 0xBA6CF38C,
- 0x10843094, 0x2537A95E, 0xF46F6FFE, 0xA1FF3B1F,
- 0x208CFB6A, 0x8F458C74, 0xD9E0A227, 0x4EC73A34,
- 0xFC884F69, 0x3E4DE8DF, 0xEF0E0088, 0x3559648D,
- 0x8A45388C, 0x1D804366, 0x721D9BFD, 0xA58684BB,
- 0xE8256333, 0x844E8212, 0x128D8098, 0xFED33FB4,
- 0xCE280AE1, 0x27E19BA5, 0xD5A6C252, 0xE49754BD,
- 0xC5D655DD, 0xEB667064, 0x77840B4D, 0xA1B6A801,
- 0x84DB26A9, 0xE0B56714, 0x21F043B7, 0xE5D05860,
- 0x54F03084, 0x066FF472, 0xA31AA153, 0xDADC4755,
- 0xB5625DBF, 0x68561BE6, 0x83CA6B94, 0x2D6ED23B,
- 0xECCF01DB, 0xA6D3D0BA, 0xB6803D5C, 0xAF77A709,
- 0x33B4A34C, 0x397BC8D6, 0x5EE22B95, 0x5F0E5304,
- 0x81ED6F61, 0x20E74364, 0xB45E1378, 0xDE18639B,
- 0x881CA122, 0xB96726D1, 0x8049A7E8, 0x22B7DA7B,
- 0x5E552D25, 0x5272D237, 0x79D2951C, 0xC60D894C,
- 0x488CB402, 0x1BA4FE5B, 0xA4B09F6B, 0x1CA815CF,
- 0xA20C3005, 0x8871DF63, 0xB9DE2FCB, 0x0CC6C9E9,
- 0x0BEEFF53, 0xE3214517, 0xB4542835, 0x9F63293C,
- 0xEE41E729, 0x6E1D2D7C, 0x50045286, 0x1E6685F3,
- 0xF33401C6, 0x30A22C95, 0x31A70850, 0x60930F13,
- 0x73F98417, 0xA1269859, 0xEC645C44, 0x52C877A9,
- 0xCDFF33A6, 0xA02B1741, 0x7CBAD9A2, 0x2180036F,
- 0x50D99C08, 0xCB3F4861, 0xC26BD765, 0x64A3F6AB,
- 0x80342676, 0x25A75E7B, 0xE4E6D1FC, 0x20C710E6,
- 0xCDF0B680, 0x17844D3B, 0x31EEF84D, 0x7E0824E4,
- 0x2CCB49EB, 0x846A3BAE, 0x8FF77888, 0xEE5D60F6,
- 0x7AF75673, 0x2FDD5CDB, 0xA11631C1, 0x30F66F43,
- 0xB3FAEC54, 0x157FD7FA, 0xEF8579CC, 0xD152DE58,
- 0xDB2FFD5E, 0x8F32CE19, 0x306AF97A, 0x02F03EF8,
- 0x99319AD5, 0xC242FA0F, 0xA7E3EBB0, 0xC68E4906,
- 0xB8DA230C, 0x80823028, 0xDCDEF3C8, 0xD35FB171,
- 0x088A1BC8, 0xBEC0C560, 0x61A3C9E8, 0xBCA8F54D,
- 0xC72FEFFA, 0x22822E99, 0x82C570B4, 0xD8D94E89,
- 0x8B1C34BC, 0x301E16E6, 0x273BE979, 0xB0FFEAA6,
- 0x61D9B8C6, 0x00B24869, 0xB7FFCE3F, 0x08DC283B,
- 0x43DAF65A, 0xF7E19798, 0x7619B72F, 0x8F1C9BA4,
- 0xDC8637A0, 0x16A7D3B1, 0x9FC393B7, 0xA7136EEB,
- 0xC6BCC63E, 0x1A513742, 0xEF6828BC, 0x520365D6,
- 0x2D6A77AB, 0x3527ED4B, 0x821FD216, 0x095C6E2E,
- 0xDB92F2FB, 0x5EEA29CB, 0x145892F5, 0x91584F7F,
- 0x5483697B, 0x2667A8CC, 0x85196048, 0x8C4BACEA,
- 0x833860D4, 0x0D23E0F9, 0x6C387E8A, 0x0AE6D249,
- 0xB284600C, 0xD835731D, 0xDCB1C647, 0xAC4C56EA,
- 0x3EBD81B3, 0x230EABB0, 0x6438BC87, 0xF0B5B1FA,
- 0x8F5EA2B3, 0xFC184642, 0x0A036B7A, 0x4FB089BD,
- 0x649DA589, 0xA345415E, 0x5C038323, 0x3E5D3BB9,
- 0x43D79572, 0x7E6DD07C, 0x06DFDF1E, 0x6C6CC4EF,
- 0x7160A539, 0x73BFBE70, 0x83877605, 0x4523ECF1
-};
-
-static const u32 cast_sbox3[256] = {
- 0x8DEFC240, 0x25FA5D9F, 0xEB903DBF, 0xE810C907,
- 0x47607FFF, 0x369FE44B, 0x8C1FC644, 0xAECECA90,
- 0xBEB1F9BF, 0xEEFBCAEA, 0xE8CF1950, 0x51DF07AE,
- 0x920E8806, 0xF0AD0548, 0xE13C8D83, 0x927010D5,
- 0x11107D9F, 0x07647DB9, 0xB2E3E4D4, 0x3D4F285E,
- 0xB9AFA820, 0xFADE82E0, 0xA067268B, 0x8272792E,
- 0x553FB2C0, 0x489AE22B, 0xD4EF9794, 0x125E3FBC,
- 0x21FFFCEE, 0x825B1BFD, 0x9255C5ED, 0x1257A240,
- 0x4E1A8302, 0xBAE07FFF, 0x528246E7, 0x8E57140E,
- 0x3373F7BF, 0x8C9F8188, 0xA6FC4EE8, 0xC982B5A5,
- 0xA8C01DB7, 0x579FC264, 0x67094F31, 0xF2BD3F5F,
- 0x40FFF7C1, 0x1FB78DFC, 0x8E6BD2C1, 0x437BE59B,
- 0x99B03DBF, 0xB5DBC64B, 0x638DC0E6, 0x55819D99,
- 0xA197C81C, 0x4A012D6E, 0xC5884A28, 0xCCC36F71,
- 0xB843C213, 0x6C0743F1, 0x8309893C, 0x0FEDDD5F,
- 0x2F7FE850, 0xD7C07F7E, 0x02507FBF, 0x5AFB9A04,
- 0xA747D2D0, 0x1651192E, 0xAF70BF3E, 0x58C31380,
- 0x5F98302E, 0x727CC3C4, 0x0A0FB402, 0x0F7FEF82,
- 0x8C96FDAD, 0x5D2C2AAE, 0x8EE99A49, 0x50DA88B8,
- 0x8427F4A0, 0x1EAC5790, 0x796FB449, 0x8252DC15,
- 0xEFBD7D9B, 0xA672597D, 0xADA840D8, 0x45F54504,
- 0xFA5D7403, 0xE83EC305, 0x4F91751A, 0x925669C2,
- 0x23EFE941, 0xA903F12E, 0x60270DF2, 0x0276E4B6,
- 0x94FD6574, 0x927985B2, 0x8276DBCB, 0x02778176,
- 0xF8AF918D, 0x4E48F79E, 0x8F616DDF, 0xE29D840E,
- 0x842F7D83, 0x340CE5C8, 0x96BBB682, 0x93B4B148,
- 0xEF303CAB, 0x984FAF28, 0x779FAF9B, 0x92DC560D,
- 0x224D1E20, 0x8437AA88, 0x7D29DC96, 0x2756D3DC,
- 0x8B907CEE, 0xB51FD240, 0xE7C07CE3, 0xE566B4A1,
- 0xC3E9615E, 0x3CF8209D, 0x6094D1E3, 0xCD9CA341,
- 0x5C76460E, 0x00EA983B, 0xD4D67881, 0xFD47572C,
- 0xF76CEDD9, 0xBDA8229C, 0x127DADAA, 0x438A074E,
- 0x1F97C090, 0x081BDB8A, 0x93A07EBE, 0xB938CA15,
- 0x97B03CFF, 0x3DC2C0F8, 0x8D1AB2EC, 0x64380E51,
- 0x68CC7BFB, 0xD90F2788, 0x12490181, 0x5DE5FFD4,
- 0xDD7EF86A, 0x76A2E214, 0xB9A40368, 0x925D958F,
- 0x4B39FFFA, 0xBA39AEE9, 0xA4FFD30B, 0xFAF7933B,
- 0x6D498623, 0x193CBCFA, 0x27627545, 0x825CF47A,
- 0x61BD8BA0, 0xD11E42D1, 0xCEAD04F4, 0x127EA392,
- 0x10428DB7, 0x8272A972, 0x9270C4A8, 0x127DE50B,
- 0x285BA1C8, 0x3C62F44F, 0x35C0EAA5, 0xE805D231,
- 0x428929FB, 0xB4FCDF82, 0x4FB66A53, 0x0E7DC15B,
- 0x1F081FAB, 0x108618AE, 0xFCFD086D, 0xF9FF2889,
- 0x694BCC11, 0x236A5CAE, 0x12DECA4D, 0x2C3F8CC5,
- 0xD2D02DFE, 0xF8EF5896, 0xE4CF52DA, 0x95155B67,
- 0x494A488C, 0xB9B6A80C, 0x5C8F82BC, 0x89D36B45,
- 0x3A609437, 0xEC00C9A9, 0x44715253, 0x0A874B49,
- 0xD773BC40, 0x7C34671C, 0x02717EF6, 0x4FEB5536,
- 0xA2D02FFF, 0xD2BF60C4, 0xD43F03C0, 0x50B4EF6D,
- 0x07478CD1, 0x006E1888, 0xA2E53F55, 0xB9E6D4BC,
- 0xA2048016, 0x97573833, 0xD7207D67, 0xDE0F8F3D,
- 0x72F87B33, 0xABCC4F33, 0x7688C55D, 0x7B00A6B0,
- 0x947B0001, 0x570075D2, 0xF9BB88F8, 0x8942019E,
- 0x4264A5FF, 0x856302E0, 0x72DBD92B, 0xEE971B69,
- 0x6EA22FDE, 0x5F08AE2B, 0xAF7A616D, 0xE5C98767,
- 0xCF1FEBD2, 0x61EFC8C2, 0xF1AC2571, 0xCC8239C2,
- 0x67214CB8, 0xB1E583D1, 0xB7DC3E62, 0x7F10BDCE,
- 0xF90A5C38, 0x0FF0443D, 0x606E6DC6, 0x60543A49,
- 0x5727C148, 0x2BE98A1D, 0x8AB41738, 0x20E1BE24,
- 0xAF96DA0F, 0x68458425, 0x99833BE5, 0x600D457D,
- 0x282F9350, 0x8334B362, 0xD91D1120, 0x2B6D8DA0,
- 0x642B1E31, 0x9C305A00, 0x52BCE688, 0x1B03588A,
- 0xF7BAEFD5, 0x4142ED9C, 0xA4315C11, 0x83323EC5,
- 0xDFEF4636, 0xA133C501, 0xE9D3531C, 0xEE353783
-};
-
-static const u32 cast_sbox4[256] = {
- 0x9DB30420, 0x1FB6E9DE, 0xA7BE7BEF, 0xD273A298,
- 0x4A4F7BDB, 0x64AD8C57, 0x85510443, 0xFA020ED1,
- 0x7E287AFF, 0xE60FB663, 0x095F35A1, 0x79EBF120,
- 0xFD059D43, 0x6497B7B1, 0xF3641F63, 0x241E4ADF,
- 0x28147F5F, 0x4FA2B8CD, 0xC9430040, 0x0CC32220,
- 0xFDD30B30, 0xC0A5374F, 0x1D2D00D9, 0x24147B15,
- 0xEE4D111A, 0x0FCA5167, 0x71FF904C, 0x2D195FFE,
- 0x1A05645F, 0x0C13FEFE, 0x081B08CA, 0x05170121,
- 0x80530100, 0xE83E5EFE, 0xAC9AF4F8, 0x7FE72701,
- 0xD2B8EE5F, 0x06DF4261, 0xBB9E9B8A, 0x7293EA25,
- 0xCE84FFDF, 0xF5718801, 0x3DD64B04, 0xA26F263B,
- 0x7ED48400, 0x547EEBE6, 0x446D4CA0, 0x6CF3D6F5,
- 0x2649ABDF, 0xAEA0C7F5, 0x36338CC1, 0x503F7E93,
- 0xD3772061, 0x11B638E1, 0x72500E03, 0xF80EB2BB,
- 0xABE0502E, 0xEC8D77DE, 0x57971E81, 0xE14F6746,
- 0xC9335400, 0x6920318F, 0x081DBB99, 0xFFC304A5,
- 0x4D351805, 0x7F3D5CE3, 0xA6C866C6, 0x5D5BCCA9,
- 0xDAEC6FEA, 0x9F926F91, 0x9F46222F, 0x3991467D,
- 0xA5BF6D8E, 0x1143C44F, 0x43958302, 0xD0214EEB,
- 0x022083B8, 0x3FB6180C, 0x18F8931E, 0x281658E6,
- 0x26486E3E, 0x8BD78A70, 0x7477E4C1, 0xB506E07C,
- 0xF32D0A25, 0x79098B02, 0xE4EABB81, 0x28123B23,
- 0x69DEAD38, 0x1574CA16, 0xDF871B62, 0x211C40B7,
- 0xA51A9EF9, 0x0014377B, 0x041E8AC8, 0x09114003,
- 0xBD59E4D2, 0xE3D156D5, 0x4FE876D5, 0x2F91A340,
- 0x557BE8DE, 0x00EAE4A7, 0x0CE5C2EC, 0x4DB4BBA6,
- 0xE756BDFF, 0xDD3369AC, 0xEC17B035, 0x06572327,
- 0x99AFC8B0, 0x56C8C391, 0x6B65811C, 0x5E146119,
- 0x6E85CB75, 0xBE07C002, 0xC2325577, 0x893FF4EC,
- 0x5BBFC92D, 0xD0EC3B25, 0xB7801AB7, 0x8D6D3B24,
- 0x20C763EF, 0xC366A5FC, 0x9C382880, 0x0ACE3205,
- 0xAAC9548A, 0xECA1D7C7, 0x041AFA32, 0x1D16625A,
- 0x6701902C, 0x9B757A54, 0x31D477F7, 0x9126B031,
- 0x36CC6FDB, 0xC70B8B46, 0xD9E66A48, 0x56E55A79,
- 0x026A4CEB, 0x52437EFF, 0x2F8F76B4, 0x0DF980A5,
- 0x8674CDE3, 0xEDDA04EB, 0x17A9BE04, 0x2C18F4DF,
- 0xB7747F9D, 0xAB2AF7B4, 0xEFC34D20, 0x2E096B7C,
- 0x1741A254, 0xE5B6A035, 0x213D42F6, 0x2C1C7C26,
- 0x61C2F50F, 0x6552DAF9, 0xD2C231F8, 0x25130F69,
- 0xD8167FA2, 0x0418F2C8, 0x001A96A6, 0x0D1526AB,
- 0x63315C21, 0x5E0A72EC, 0x49BAFEFD, 0x187908D9,
- 0x8D0DBD86, 0x311170A7, 0x3E9B640C, 0xCC3E10D7,
- 0xD5CAD3B6, 0x0CAEC388, 0xF73001E1, 0x6C728AFF,
- 0x71EAE2A1, 0x1F9AF36E, 0xCFCBD12F, 0xC1DE8417,
- 0xAC07BE6B, 0xCB44A1D8, 0x8B9B0F56, 0x013988C3,
- 0xB1C52FCA, 0xB4BE31CD, 0xD8782806, 0x12A3A4E2,
- 0x6F7DE532, 0x58FD7EB6, 0xD01EE900, 0x24ADFFC2,
- 0xF4990FC5, 0x9711AAC5, 0x001D7B95, 0x82E5E7D2,
- 0x109873F6, 0x00613096, 0xC32D9521, 0xADA121FF,
- 0x29908415, 0x7FBB977F, 0xAF9EB3DB, 0x29C9ED2A,
- 0x5CE2A465, 0xA730F32C, 0xD0AA3FE8, 0x8A5CC091,
- 0xD49E2CE7, 0x0CE454A9, 0xD60ACD86, 0x015F1919,
- 0x77079103, 0xDEA03AF6, 0x78A8565E, 0xDEE356DF,
- 0x21F05CBE, 0x8B75E387, 0xB3C50651, 0xB8A5C3EF,
- 0xD8EEB6D2, 0xE523BE77, 0xC2154529, 0x2F69EFDF,
- 0xAFE67AFB, 0xF470C4B2, 0xF3E0EB5B, 0xD6CC9876,
- 0x39E4460C, 0x1FDA8538, 0x1987832F, 0xCA007367,
- 0xA99144F8, 0x296B299E, 0x492FC295, 0x9266BEAB,
- 0xB5676E69, 0x9BD3DDDA, 0xDF7E052F, 0xDB25701C,
- 0x1B5E51EE, 0xF65324E6, 0x6AFCE36C, 0x0316CC04,
- 0x8644213E, 0xB7DC59D0, 0x7965291F, 0xCCD6FD43,
- 0x41823979, 0x932BCDF6, 0xB657C34D, 0x4EDFD282,
- 0x7AE5290C, 0x3CB9536B, 0x851E20FE, 0x9833557E,
- 0x13ECF0B0, 0xD3FFB372, 0x3F85C5C1, 0x0AEF7ED2
-};
-
-static const u32 cast_sbox5[256] = {
- 0x7EC90C04, 0x2C6E74B9, 0x9B0E66DF, 0xA6337911,
- 0xB86A7FFF, 0x1DD358F5, 0x44DD9D44, 0x1731167F,
- 0x08FBF1FA, 0xE7F511CC, 0xD2051B00, 0x735ABA00,
- 0x2AB722D8, 0x386381CB, 0xACF6243A, 0x69BEFD7A,
- 0xE6A2E77F, 0xF0C720CD, 0xC4494816, 0xCCF5C180,
- 0x38851640, 0x15B0A848, 0xE68B18CB, 0x4CAADEFF,
- 0x5F480A01, 0x0412B2AA, 0x259814FC, 0x41D0EFE2,
- 0x4E40B48D, 0x248EB6FB, 0x8DBA1CFE, 0x41A99B02,
- 0x1A550A04, 0xBA8F65CB, 0x7251F4E7, 0x95A51725,
- 0xC106ECD7, 0x97A5980A, 0xC539B9AA, 0x4D79FE6A,
- 0xF2F3F763, 0x68AF8040, 0xED0C9E56, 0x11B4958B,
- 0xE1EB5A88, 0x8709E6B0, 0xD7E07156, 0x4E29FEA7,
- 0x6366E52D, 0x02D1C000, 0xC4AC8E05, 0x9377F571,
- 0x0C05372A, 0x578535F2, 0x2261BE02, 0xD642A0C9,
- 0xDF13A280, 0x74B55BD2, 0x682199C0, 0xD421E5EC,
- 0x53FB3CE8, 0xC8ADEDB3, 0x28A87FC9, 0x3D959981,
- 0x5C1FF900, 0xFE38D399, 0x0C4EFF0B, 0x062407EA,
- 0xAA2F4FB1, 0x4FB96976, 0x90C79505, 0xB0A8A774,
- 0xEF55A1FF, 0xE59CA2C2, 0xA6B62D27, 0xE66A4263,
- 0xDF65001F, 0x0EC50966, 0xDFDD55BC, 0x29DE0655,
- 0x911E739A, 0x17AF8975, 0x32C7911C, 0x89F89468,
- 0x0D01E980, 0x524755F4, 0x03B63CC9, 0x0CC844B2,
- 0xBCF3F0AA, 0x87AC36E9, 0xE53A7426, 0x01B3D82B,
- 0x1A9E7449, 0x64EE2D7E, 0xCDDBB1DA, 0x01C94910,
- 0xB868BF80, 0x0D26F3FD, 0x9342EDE7, 0x04A5C284,
- 0x636737B6, 0x50F5B616, 0xF24766E3, 0x8ECA36C1,
- 0x136E05DB, 0xFEF18391, 0xFB887A37, 0xD6E7F7D4,
- 0xC7FB7DC9, 0x3063FCDF, 0xB6F589DE, 0xEC2941DA,
- 0x26E46695, 0xB7566419, 0xF654EFC5, 0xD08D58B7,
- 0x48925401, 0xC1BACB7F, 0xE5FF550F, 0xB6083049,
- 0x5BB5D0E8, 0x87D72E5A, 0xAB6A6EE1, 0x223A66CE,
- 0xC62BF3CD, 0x9E0885F9, 0x68CB3E47, 0x086C010F,
- 0xA21DE820, 0xD18B69DE, 0xF3F65777, 0xFA02C3F6,
- 0x407EDAC3, 0xCBB3D550, 0x1793084D, 0xB0D70EBA,
- 0x0AB378D5, 0xD951FB0C, 0xDED7DA56, 0x4124BBE4,
- 0x94CA0B56, 0x0F5755D1, 0xE0E1E56E, 0x6184B5BE,
- 0x580A249F, 0x94F74BC0, 0xE327888E, 0x9F7B5561,
- 0xC3DC0280, 0x05687715, 0x646C6BD7, 0x44904DB3,
- 0x66B4F0A3, 0xC0F1648A, 0x697ED5AF, 0x49E92FF6,
- 0x309E374F, 0x2CB6356A, 0x85808573, 0x4991F840,
- 0x76F0AE02, 0x083BE84D, 0x28421C9A, 0x44489406,
- 0x736E4CB8, 0xC1092910, 0x8BC95FC6, 0x7D869CF4,
- 0x134F616F, 0x2E77118D, 0xB31B2BE1, 0xAA90B472,
- 0x3CA5D717, 0x7D161BBA, 0x9CAD9010, 0xAF462BA2,
- 0x9FE459D2, 0x45D34559, 0xD9F2DA13, 0xDBC65487,
- 0xF3E4F94E, 0x176D486F, 0x097C13EA, 0x631DA5C7,
- 0x445F7382, 0x175683F4, 0xCDC66A97, 0x70BE0288,
- 0xB3CDCF72, 0x6E5DD2F3, 0x20936079, 0x459B80A5,
- 0xBE60E2DB, 0xA9C23101, 0xEBA5315C, 0x224E42F2,
- 0x1C5C1572, 0xF6721B2C, 0x1AD2FFF3, 0x8C25404E,
- 0x324ED72F, 0x4067B7FD, 0x0523138E, 0x5CA3BC78,
- 0xDC0FD66E, 0x75922283, 0x784D6B17, 0x58EBB16E,
- 0x44094F85, 0x3F481D87, 0xFCFEAE7B, 0x77B5FF76,
- 0x8C2302BF, 0xAAF47556, 0x5F46B02A, 0x2B092801,
- 0x3D38F5F7, 0x0CA81F36, 0x52AF4A8A, 0x66D5E7C0,
- 0xDF3B0874, 0x95055110, 0x1B5AD7A8, 0xF61ED5AD,
- 0x6CF6E479, 0x20758184, 0xD0CEFA65, 0x88F7BE58,
- 0x4A046826, 0x0FF6F8F3, 0xA09C7F70, 0x5346ABA0,
- 0x5CE96C28, 0xE176EDA3, 0x6BAC307F, 0x376829D2,
- 0x85360FA9, 0x17E3FE2A, 0x24B79767, 0xF5A96B20,
- 0xD6CD2595, 0x68FF1EBF, 0x7555442C, 0xF19F06BE,
- 0xF9E0659A, 0xEEB9491D, 0x34010718, 0xBB30CAB8,
- 0xE822FE15, 0x88570983, 0x750E6249, 0xDA627E55,
- 0x5E76FFA8, 0xB1534546, 0x6D47DE08, 0xEFE9E7D4
-};
-
-static const u32 cast_sbox6[256] = {
- 0xF6FA8F9D, 0x2CAC6CE1, 0x4CA34867, 0xE2337F7C,
- 0x95DB08E7, 0x016843B4, 0xECED5CBC, 0x325553AC,
- 0xBF9F0960, 0xDFA1E2ED, 0x83F0579D, 0x63ED86B9,
- 0x1AB6A6B8, 0xDE5EBE39, 0xF38FF732, 0x8989B138,
- 0x33F14961, 0xC01937BD, 0xF506C6DA, 0xE4625E7E,
- 0xA308EA99, 0x4E23E33C, 0x79CBD7CC, 0x48A14367,
- 0xA3149619, 0xFEC94BD5, 0xA114174A, 0xEAA01866,
- 0xA084DB2D, 0x09A8486F, 0xA888614A, 0x2900AF98,
- 0x01665991, 0xE1992863, 0xC8F30C60, 0x2E78EF3C,
- 0xD0D51932, 0xCF0FEC14, 0xF7CA07D2, 0xD0A82072,
- 0xFD41197E, 0x9305A6B0, 0xE86BE3DA, 0x74BED3CD,
- 0x372DA53C, 0x4C7F4448, 0xDAB5D440, 0x6DBA0EC3,
- 0x083919A7, 0x9FBAEED9, 0x49DBCFB0, 0x4E670C53,
- 0x5C3D9C01, 0x64BDB941, 0x2C0E636A, 0xBA7DD9CD,
- 0xEA6F7388, 0xE70BC762, 0x35F29ADB, 0x5C4CDD8D,
- 0xF0D48D8C, 0xB88153E2, 0x08A19866, 0x1AE2EAC8,
- 0x284CAF89, 0xAA928223, 0x9334BE53, 0x3B3A21BF,
- 0x16434BE3, 0x9AEA3906, 0xEFE8C36E, 0xF890CDD9,
- 0x80226DAE, 0xC340A4A3, 0xDF7E9C09, 0xA694A807,
- 0x5B7C5ECC, 0x221DB3A6, 0x9A69A02F, 0x68818A54,
- 0xCEB2296F, 0x53C0843A, 0xFE893655, 0x25BFE68A,
- 0xB4628ABC, 0xCF222EBF, 0x25AC6F48, 0xA9A99387,
- 0x53BDDB65, 0xE76FFBE7, 0xE967FD78, 0x0BA93563,
- 0x8E342BC1, 0xE8A11BE9, 0x4980740D, 0xC8087DFC,
- 0x8DE4BF99, 0xA11101A0, 0x7FD37975, 0xDA5A26C0,
- 0xE81F994F, 0x9528CD89, 0xFD339FED, 0xB87834BF,
- 0x5F04456D, 0x22258698, 0xC9C4C83B, 0x2DC156BE,
- 0x4F628DAA, 0x57F55EC5, 0xE2220ABE, 0xD2916EBF,
- 0x4EC75B95, 0x24F2C3C0, 0x42D15D99, 0xCD0D7FA0,
- 0x7B6E27FF, 0xA8DC8AF0, 0x7345C106, 0xF41E232F,
- 0x35162386, 0xE6EA8926, 0x3333B094, 0x157EC6F2,
- 0x372B74AF, 0x692573E4, 0xE9A9D848, 0xF3160289,
- 0x3A62EF1D, 0xA787E238, 0xF3A5F676, 0x74364853,
- 0x20951063, 0x4576698D, 0xB6FAD407, 0x592AF950,
- 0x36F73523, 0x4CFB6E87, 0x7DA4CEC0, 0x6C152DAA,
- 0xCB0396A8, 0xC50DFE5D, 0xFCD707AB, 0x0921C42F,
- 0x89DFF0BB, 0x5FE2BE78, 0x448F4F33, 0x754613C9,
- 0x2B05D08D, 0x48B9D585, 0xDC049441, 0xC8098F9B,
- 0x7DEDE786, 0xC39A3373, 0x42410005, 0x6A091751,
- 0x0EF3C8A6, 0x890072D6, 0x28207682, 0xA9A9F7BE,
- 0xBF32679D, 0xD45B5B75, 0xB353FD00, 0xCBB0E358,
- 0x830F220A, 0x1F8FB214, 0xD372CF08, 0xCC3C4A13,
- 0x8CF63166, 0x061C87BE, 0x88C98F88, 0x6062E397,
- 0x47CF8E7A, 0xB6C85283, 0x3CC2ACFB, 0x3FC06976,
- 0x4E8F0252, 0x64D8314D, 0xDA3870E3, 0x1E665459,
- 0xC10908F0, 0x513021A5, 0x6C5B68B7, 0x822F8AA0,
- 0x3007CD3E, 0x74719EEF, 0xDC872681, 0x073340D4,
- 0x7E432FD9, 0x0C5EC241, 0x8809286C, 0xF592D891,
- 0x08A930F6, 0x957EF305, 0xB7FBFFBD, 0xC266E96F,
- 0x6FE4AC98, 0xB173ECC0, 0xBC60B42A, 0x953498DA,
- 0xFBA1AE12, 0x2D4BD736, 0x0F25FAAB, 0xA4F3FCEB,
- 0xE2969123, 0x257F0C3D, 0x9348AF49, 0x361400BC,
- 0xE8816F4A, 0x3814F200, 0xA3F94043, 0x9C7A54C2,
- 0xBC704F57, 0xDA41E7F9, 0xC25AD33A, 0x54F4A084,
- 0xB17F5505, 0x59357CBE, 0xEDBD15C8, 0x7F97C5AB,
- 0xBA5AC7B5, 0xB6F6DEAF, 0x3A479C3A, 0x5302DA25,
- 0x653D7E6A, 0x54268D49, 0x51A477EA, 0x5017D55B,
- 0xD7D25D88, 0x44136C76, 0x0404A8C8, 0xB8E5A121,
- 0xB81A928A, 0x60ED5869, 0x97C55B96, 0xEAEC991B,
- 0x29935913, 0x01FDB7F1, 0x088E8DFA, 0x9AB6F6F5,
- 0x3B4CBF9F, 0x4A5DE3AB, 0xE6051D35, 0xA0E1D855,
- 0xD36B4CF1, 0xF544EDEB, 0xB0E93524, 0xBEBB8FBD,
- 0xA2D762CF, 0x49C92F54, 0x38B5F331, 0x7128A454,
- 0x48392905, 0xA65B1DB8, 0x851C97BD, 0xD675CF2F
-};
-
-static const u32 cast_sbox7[256] = {
- 0x85E04019, 0x332BF567, 0x662DBFFF, 0xCFC65693,
- 0x2A8D7F6F, 0xAB9BC912, 0xDE6008A1, 0x2028DA1F,
- 0x0227BCE7, 0x4D642916, 0x18FAC300, 0x50F18B82,
- 0x2CB2CB11, 0xB232E75C, 0x4B3695F2, 0xB28707DE,
- 0xA05FBCF6, 0xCD4181E9, 0xE150210C, 0xE24EF1BD,
- 0xB168C381, 0xFDE4E789, 0x5C79B0D8, 0x1E8BFD43,
- 0x4D495001, 0x38BE4341, 0x913CEE1D, 0x92A79C3F,
- 0x089766BE, 0xBAEEADF4, 0x1286BECF, 0xB6EACB19,
- 0x2660C200, 0x7565BDE4, 0x64241F7A, 0x8248DCA9,
- 0xC3B3AD66, 0x28136086, 0x0BD8DFA8, 0x356D1CF2,
- 0x107789BE, 0xB3B2E9CE, 0x0502AA8F, 0x0BC0351E,
- 0x166BF52A, 0xEB12FF82, 0xE3486911, 0xD34D7516,
- 0x4E7B3AFF, 0x5F43671B, 0x9CF6E037, 0x4981AC83,
- 0x334266CE, 0x8C9341B7, 0xD0D854C0, 0xCB3A6C88,
- 0x47BC2829, 0x4725BA37, 0xA66AD22B, 0x7AD61F1E,
- 0x0C5CBAFA, 0x4437F107, 0xB6E79962, 0x42D2D816,
- 0x0A961288, 0xE1A5C06E, 0x13749E67, 0x72FC081A,
- 0xB1D139F7, 0xF9583745, 0xCF19DF58, 0xBEC3F756,
- 0xC06EBA30, 0x07211B24, 0x45C28829, 0xC95E317F,
- 0xBC8EC511, 0x38BC46E9, 0xC6E6FA14, 0xBAE8584A,
- 0xAD4EBC46, 0x468F508B, 0x7829435F, 0xF124183B,
- 0x821DBA9F, 0xAFF60FF4, 0xEA2C4E6D, 0x16E39264,
- 0x92544A8B, 0x009B4FC3, 0xABA68CED, 0x9AC96F78,
- 0x06A5B79A, 0xB2856E6E, 0x1AEC3CA9, 0xBE838688,
- 0x0E0804E9, 0x55F1BE56, 0xE7E5363B, 0xB3A1F25D,
- 0xF7DEBB85, 0x61FE033C, 0x16746233, 0x3C034C28,
- 0xDA6D0C74, 0x79AAC56C, 0x3CE4E1AD, 0x51F0C802,
- 0x98F8F35A, 0x1626A49F, 0xEED82B29, 0x1D382FE3,
- 0x0C4FB99A, 0xBB325778, 0x3EC6D97B, 0x6E77A6A9,
- 0xCB658B5C, 0xD45230C7, 0x2BD1408B, 0x60C03EB7,
- 0xB9068D78, 0xA33754F4, 0xF430C87D, 0xC8A71302,
- 0xB96D8C32, 0xEBD4E7BE, 0xBE8B9D2D, 0x7979FB06,
- 0xE7225308, 0x8B75CF77, 0x11EF8DA4, 0xE083C858,
- 0x8D6B786F, 0x5A6317A6, 0xFA5CF7A0, 0x5DDA0033,
- 0xF28EBFB0, 0xF5B9C310, 0xA0EAC280, 0x08B9767A,
- 0xA3D9D2B0, 0x79D34217, 0x021A718D, 0x9AC6336A,
- 0x2711FD60, 0x438050E3, 0x069908A8, 0x3D7FEDC4,
- 0x826D2BEF, 0x4EEB8476, 0x488DCF25, 0x36C9D566,
- 0x28E74E41, 0xC2610ACA, 0x3D49A9CF, 0xBAE3B9DF,
- 0xB65F8DE6, 0x92AEAF64, 0x3AC7D5E6, 0x9EA80509,
- 0xF22B017D, 0xA4173F70, 0xDD1E16C3, 0x15E0D7F9,
- 0x50B1B887, 0x2B9F4FD5, 0x625ABA82, 0x6A017962,
- 0x2EC01B9C, 0x15488AA9, 0xD716E740, 0x40055A2C,
- 0x93D29A22, 0xE32DBF9A, 0x058745B9, 0x3453DC1E,
- 0xD699296E, 0x496CFF6F, 0x1C9F4986, 0xDFE2ED07,
- 0xB87242D1, 0x19DE7EAE, 0x053E561A, 0x15AD6F8C,
- 0x66626C1C, 0x7154C24C, 0xEA082B2A, 0x93EB2939,
- 0x17DCB0F0, 0x58D4F2AE, 0x9EA294FB, 0x52CF564C,
- 0x9883FE66, 0x2EC40581, 0x763953C3, 0x01D6692E,
- 0xD3A0C108, 0xA1E7160E, 0xE4F2DFA6, 0x693ED285,
- 0x74904698, 0x4C2B0EDD, 0x4F757656, 0x5D393378,
- 0xA132234F, 0x3D321C5D, 0xC3F5E194, 0x4B269301,
- 0xC79F022F, 0x3C997E7E, 0x5E4F9504, 0x3FFAFBBD,
- 0x76F7AD0E, 0x296693F4, 0x3D1FCE6F, 0xC61E45BE,
- 0xD3B5AB34, 0xF72BF9B7, 0x1B0434C0, 0x4E72B567,
- 0x5592A33D, 0xB5229301, 0xCFD2A87F, 0x60AEB767,
- 0x1814386B, 0x30BCC33D, 0x38A0C07D, 0xFD1606F2,
- 0xC363519B, 0x589DD390, 0x5479F8E6, 0x1CB8D647,
- 0x97FD61A9, 0xEA7759F4, 0x2D57539D, 0x569A58CF,
- 0xE84E63AD, 0x462E1B78, 0x6580F87E, 0xF3817914,
- 0x91DA55F4, 0x40A230F3, 0xD1988F35, 0xB6E318D2,
- 0x3FFA50BC, 0x3D40F021, 0xC3C0BDAE, 0x4958C24C,
- 0x518F36B2, 0x84B1D370, 0x0FEDCE83, 0x878DDADA,
- 0xF2A279C7, 0x94E01BE8, 0x90716F4B, 0x954B8AA3
-};
-
-static const u32 cast_sbox8[256] = {
- 0xE216300D, 0xBBDDFFFC, 0xA7EBDABD, 0x35648095,
- 0x7789F8B7, 0xE6C1121B, 0x0E241600, 0x052CE8B5,
- 0x11A9CFB0, 0xE5952F11, 0xECE7990A, 0x9386D174,
- 0x2A42931C, 0x76E38111, 0xB12DEF3A, 0x37DDDDFC,
- 0xDE9ADEB1, 0x0A0CC32C, 0xBE197029, 0x84A00940,
- 0xBB243A0F, 0xB4D137CF, 0xB44E79F0, 0x049EEDFD,
- 0x0B15A15D, 0x480D3168, 0x8BBBDE5A, 0x669DED42,
- 0xC7ECE831, 0x3F8F95E7, 0x72DF191B, 0x7580330D,
- 0x94074251, 0x5C7DCDFA, 0xABBE6D63, 0xAA402164,
- 0xB301D40A, 0x02E7D1CA, 0x53571DAE, 0x7A3182A2,
- 0x12A8DDEC, 0xFDAA335D, 0x176F43E8, 0x71FB46D4,
- 0x38129022, 0xCE949AD4, 0xB84769AD, 0x965BD862,
- 0x82F3D055, 0x66FB9767, 0x15B80B4E, 0x1D5B47A0,
- 0x4CFDE06F, 0xC28EC4B8, 0x57E8726E, 0x647A78FC,
- 0x99865D44, 0x608BD593, 0x6C200E03, 0x39DC5FF6,
- 0x5D0B00A3, 0xAE63AFF2, 0x7E8BD632, 0x70108C0C,
- 0xBBD35049, 0x2998DF04, 0x980CF42A, 0x9B6DF491,
- 0x9E7EDD53, 0x06918548, 0x58CB7E07, 0x3B74EF2E,
- 0x522FFFB1, 0xD24708CC, 0x1C7E27CD, 0xA4EB215B,
- 0x3CF1D2E2, 0x19B47A38, 0x424F7618, 0x35856039,
- 0x9D17DEE7, 0x27EB35E6, 0xC9AFF67B, 0x36BAF5B8,
- 0x09C467CD, 0xC18910B1, 0xE11DBF7B, 0x06CD1AF8,
- 0x7170C608, 0x2D5E3354, 0xD4DE495A, 0x64C6D006,
- 0xBCC0C62C, 0x3DD00DB3, 0x708F8F34, 0x77D51B42,
- 0x264F620F, 0x24B8D2BF, 0x15C1B79E, 0x46A52564,
- 0xF8D7E54E, 0x3E378160, 0x7895CDA5, 0x859C15A5,
- 0xE6459788, 0xC37BC75F, 0xDB07BA0C, 0x0676A3AB,
- 0x7F229B1E, 0x31842E7B, 0x24259FD7, 0xF8BEF472,
- 0x835FFCB8, 0x6DF4C1F2, 0x96F5B195, 0xFD0AF0FC,
- 0xB0FE134C, 0xE2506D3D, 0x4F9B12EA, 0xF215F225,
- 0xA223736F, 0x9FB4C428, 0x25D04979, 0x34C713F8,
- 0xC4618187, 0xEA7A6E98, 0x7CD16EFC, 0x1436876C,
- 0xF1544107, 0xBEDEEE14, 0x56E9AF27, 0xA04AA441,
- 0x3CF7C899, 0x92ECBAE6, 0xDD67016D, 0x151682EB,
- 0xA842EEDF, 0xFDBA60B4, 0xF1907B75, 0x20E3030F,
- 0x24D8C29E, 0xE139673B, 0xEFA63FB8, 0x71873054,
- 0xB6F2CF3B, 0x9F326442, 0xCB15A4CC, 0xB01A4504,
- 0xF1E47D8D, 0x844A1BE5, 0xBAE7DFDC, 0x42CBDA70,
- 0xCD7DAE0A, 0x57E85B7A, 0xD53F5AF6, 0x20CF4D8C,
- 0xCEA4D428, 0x79D130A4, 0x3486EBFB, 0x33D3CDDC,
- 0x77853B53, 0x37EFFCB5, 0xC5068778, 0xE580B3E6,
- 0x4E68B8F4, 0xC5C8B37E, 0x0D809EA2, 0x398FEB7C,
- 0x132A4F94, 0x43B7950E, 0x2FEE7D1C, 0x223613BD,
- 0xDD06CAA2, 0x37DF932B, 0xC4248289, 0xACF3EBC3,
- 0x5715F6B7, 0xEF3478DD, 0xF267616F, 0xC148CBE4,
- 0x9052815E, 0x5E410FAB, 0xB48A2465, 0x2EDA7FA4,
- 0xE87B40E4, 0xE98EA084, 0x5889E9E1, 0xEFD390FC,
- 0xDD07D35B, 0xDB485694, 0x38D7E5B2, 0x57720101,
- 0x730EDEBC, 0x5B643113, 0x94917E4F, 0x503C2FBA,
- 0x646F1282, 0x7523D24A, 0xE0779695, 0xF9C17A8F,
- 0x7A5B2121, 0xD187B896, 0x29263A4D, 0xBA510CDF,
- 0x81F47C9F, 0xAD1163ED, 0xEA7B5965, 0x1A00726E,
- 0x11403092, 0x00DA6D77, 0x4A0CDD61, 0xAD1F4603,
- 0x605BDFB0, 0x9EEDC364, 0x22EBE6A8, 0xCEE7D28A,
- 0xA0E736A0, 0x5564A6B9, 0x10853209, 0xC7EB8F37,
- 0x2DE705CA, 0x8951570F, 0xDF09822B, 0xBD691A6C,
- 0xAA12E4F2, 0x87451C0F, 0xE0F6A27A, 0x3ADA4819,
- 0x4CF1764F, 0x0D771C2B, 0x67CDB156, 0x350D8384,
- 0x5938FA0F, 0x42399EF3, 0x36997B07, 0x0E84093D,
- 0x4AA93E61, 0x8360D87B, 0x1FA98B0C, 0x1149382C,
- 0xE97625A5, 0x0614D1B7, 0x0E25244B, 0x0C768347,
- 0x589E8D82, 0x0D2059D1, 0xA466BB1E, 0xF8DA0A82,
- 0x04F19130, 0xBA6E4EC0, 0x99265164, 0x1EE7230D,
- 0x50B2AD80, 0xEAEE6801, 0x8DB2A283, 0xEA8BF59E
-};
-
+++ /dev/null
-/*
- * des - fast & portable DES encryption & decryption.
- * Copyright (C) 1992 Dana L. How
- * Please see the file `descore.README' for the complete copyright notice.
- */
-
-#include "des.h"
-
-#include "RCSID.h"
-RCSID2(desKerb_cRcs, "$Id$");
-
-/* permit the default style of des functions to be changed */
-
-DesFunc *DesCryptFuncs[2] = { DesSmallFipsDecrypt, DesSmallFipsEncrypt };
-
-/* kerberos-compatible key schedule function */
-
-int
-des_key_sched(const UINT8 *k, UINT32 *s)
-{
- return DesMethod(s, k);
-}
-
-/* kerberos-compatible des coding function */
-
-int
-des_ecb_encrypt(const UINT8 *s, UINT8 *d, const UINT32 *r, int e)
-{
- (*DesCryptFuncs[e])(d, r, s);
- return 0;
-}
+++ /dev/null
-/*
- * des - fast & portable DES encryption & decryption.
- * Copyright (C) 1992 Dana L. How
- * Please see the file `descore.README' for the complete copyright notice.
- *
- * Slightly edited by Niels Möller, 1997
- */
-
-#include "des.h"
-
-#include "RCSID.h"
-RCSID2(desQuick_cRcs, "$Id$");
-
-extern UINT32 des_keymap[];
-
-
-/* static information */
-
-static int depth = 0; /* keep track of the request depth */
-UINT32 des_bigmap[0x4000]; /* big lookup table */
-
-/* fill in the 64k table used by the `quick' option */
-
-void
-DesQuickInit(void)
-{
- int s1, s3, x;
- UINT32 * t0, * t1, * t2, * t3;
-
- if ( depth++ )
- return;
-
- t0 = des_bigmap;
- t1 = t0 + 64;
- t2 = t1 + 64;
- t3 = t2 + 64;
-
- for ( s3 = 63; s3 >= 0; s3-- ) {
- for ( s1 = 63; s1 >= 0; s1-- ) {
- x = (s3 << 8) | s1;
- t0[x] = des_keymap[s3+128] ^ des_keymap[s1+192];
- t1[x] = des_keymap[s3 ] ^ des_keymap[s1+ 64];
- t2[x] = des_keymap[s3+384] ^ des_keymap[s1+448];
- t3[x] = des_keymap[s3+256] ^ des_keymap[s1+320];
- }
- }
-}
-
-/* free the 64k table, if necessary */
-
-void
-DesQuickDone(void)
-{
-}
+++ /dev/null
-/* desTest.c
- *
- * Exercise the DES routines and collect performance statistics.
- *
- * $ID:$ */
-
-/* des - fast & portable DES encryption & decryption.
- * Copyright (C) 1992 Dana L. How
- * Please see the file `descore.README' for the complete copyright notice.
- */
-
-#ifndef lint
-char desTest_cRcs[] = "$Id$";
-#endif
-
-#include "des.h"
-#include <stdio.h>
-
-#if 0
-/* define now(w) to be the elapsed time in hundredths of a second */
-
-#ifndef __NT__
-# include <sys/time.h>
-# include <sys/resource.h>
-# include <unistd.h>
-
-/* extern getrusage(); */
-static struct rusage usage;
-# define now(w) ( \
- getrusage(RUSAGE_SELF, &usage), \
- usage.ru_utime.tv_sec * 100 + \
- usage.ru_utime.tv_usec / 10000 \
- )
-#else
-# include <windows.h>
-# define now(w) 0
-#endif
-#endif /* 0 */
-
-/* test data
- * the tests (key0-3, text0-3) are cribbed from code which is (c) 1988 MIT
- */
-
-UINT8 keyt[8] = {0x5d, 0x85, 0x91, 0x73, 0xcb, 0x49, 0xdf, 0x2f};
-UINT8 key0[8] = {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80};
-UINT8 key1[8] = {0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01};
-UINT8 key2[8] = {0x08, 0x19, 0x2a, 0x3b, 0x4c, 0x5d, 0x6e, 0x7f};
-UINT8 key3[8] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
-UINT8 textt[8] = {0x67, 0x1f, 0xc8, 0x93, 0x46, 0x5e, 0xab, 0x1e};
-UINT8 text0[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-UINT8 text1[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40};
-UINT8 text2[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-UINT8 text3[8] = {'N', 'o', 'w', ' ', 'i', 's', ' ', 't' };
-
-/* work areas */
-
-DesKeys keys;
-UINT8 cipher[8], output[8];
-
-/* noisy interfaces to the routines under test */
-
-static void method(const UINT8 *key)
-{
- int j;
-
- printf("\nkey:\t");
- for ( j = 0; j < 8; j++ )
- printf("%02X ", key[j]);
- if ( des_key_sched(key, keys) )
- printf("W");
- printf("\t");
-}
-
-static void
-encode(const UINT8 *src, UINT8 *dst)
-{
- int j;
-
- printf("clear:\t");
- for (j = 0; j < 8; j++)
- printf("%02X ", src[j]);
-
- des_ecb_encrypt(src, dst, keys, 1);
-
- printf("\tcipher:\t");
- for (j = 0; j < 8; j++)
- printf("%02X ", dst[j]);
- printf("\n");
-}
-
-static void
-decode(const UINT8 *src, UINT8 *dst, const UINT8 *check)
-{
- int j;
-
- printf("cipher:\t");
- for (j = 0; j < 8; j++)
- printf("%02X ", src[j]);
-
- des_ecb_encrypt(src, dst, keys, 0);
-
- printf("\tclear:\t");
- for (j = 0; j < 8; j++)
- printf("%02X ", dst[j]);
-
- if(!memcmp(dst,check,8))
- printf("Ok\n");
- else
- printf("FAIL\n");
-}
-
-/* run the tests */
-
-int
-main(int argc UNUSED, char **argv UNUSED)
-{
- int j, n;
-#if 0
- int m, e;
-#endif
- DesFunc *f;
- static char * expect[] = {
- "57 99 F7 2A D2 3F AE 4C", "9C C6 2D F4 3B 6E ED 74",
- "90 E6 96 A2 AD 56 50 0D", "A3 80 E0 2A 6B E5 46 96",
- "43 5C FF C5 68 B3 70 1D", "25 DD AC 3E 96 17 64 67",
- "80 B5 07 E1 E6 A7 47 3D", "3F A4 0E 8A 98 4D 48 15",
- };
-
- static DesFunc *funcs[] = {
- DesQuickCoreEncrypt, DesQuickFipsEncrypt,
- DesSmallCoreEncrypt, DesSmallFipsEncrypt,
- DesQuickCoreDecrypt, DesQuickFipsDecrypt,
- DesSmallCoreDecrypt, DesSmallFipsDecrypt };
-#if 0
- static char * names[] = {
- "QuickCore", "QuickFips",
- "SmallCore", "SmallFips" };
-#endif
- n = 0;
- DesQuickInit();
-
- /* do timing info first */
-
- j = 10000;
-#if 0
- m = now(0);
-#endif
- do
- DesMethod(keys, keyt);
- while ( --j );
-#if 0
- m = now(1) - m;
-#endif
- do {
- DesCryptFuncs[0] = funcs[n+4];
- f = DesCryptFuncs[1] = funcs[n ];
- j = 100000;
-#if 0
- e = now(0);
-#endif
- do
- (*f)(cipher, keys, textt);
- while ( --j );
-#if 0
- e = now(1) - e;
- printf( "%s: setkey,%5duS; encode,%3d.%1duS.\n",
- names[n], m , e/10, e%10);
-#endif
- /* now check functionality */
-
- method(key0);
- printf("cipher?\t%s\n", expect[(n % 2) + 0]);
- encode(text0, cipher);
- decode(cipher, output, text0);
-
- method(key1);
- printf("cipher?\t%s\n", expect[(n % 2) + 2]);
- encode(text1, cipher);
- decode(cipher, output, text1);
-
- method(key2);
- printf("cipher?\t%s\n", expect[(n % 2) + 4]);
- encode(text2, cipher);
- decode(cipher, output, text2);
-
- method(key3);
- printf("cipher?\t%s\n", expect[(n % 2) + 6]);
- encode(text3, cipher);
- decode(cipher, output, text3);
-
- printf("%c", "\n\f\n\0"[n]);
-
- } while ( ++n < 4 );
-
- DesQuickDone();
- return 0;
-}
+++ /dev/null
-/* desUtil.c
- *
- * $id:$ */
-
-/* des - fast & portable DES encryption & decryption.
- * Copyright (C) 1992 Dana L. How
- * Please see the file `descore.README' for the complete copyright notice.
- */
-
-#include "desCode.h"
-
-#include "RCSID.h"
-RCSID2(desUtil_cRcs, "$Id$");
-
-/* various tables */
-
-UINT32 des_keymap[] = {
-#include "keymap.h"
-};
-
-static UINT8 rotors[] = {
-#include "rotors.h"
-};
-static char parity[] = {
-#include "parity.h"
-};
-
-RCSID2(ego, "\n\nFast DES Library Copyright (c) 1991 Dana L. How\n\n");
-
-
-/* set up the method list from the key */
-
-int
-DesMethod(UINT32 *method, const UINT8 *k)
-{
- register UINT32 n, w;
- register char * b0, * b1;
- char bits0[56], bits1[56];
-
- /* check for bad parity and weak keys */
- b0 = parity;
- n = b0[k[0]]; n <<= 4;
- n |= b0[k[1]]; n <<= 4;
- n |= b0[k[2]]; n <<= 4;
- n |= b0[k[3]]; n <<= 4;
- n |= b0[k[4]]; n <<= 4;
- n |= b0[k[5]]; n <<= 4;
- n |= b0[k[6]]; n <<= 4;
- n |= b0[k[7]];
- w = 0X88888888L;
- /* report bad parity in key */
- if ( n & w )
- return -1;
- /* report a weak or semi-weak key */
- if ( !((n - (w >> 3)) & w) ) { /* 1 in 10^10 keys passes this test */
- if ( n < 0X41415151 ) {
- if ( n < 0X31312121 ) {
- if ( n < 0X14141515 ) {
- /* 01 01 01 01 01 01 01 01 */
- if ( n == 0X11111111 ) return -2;
- /* 01 1F 01 1F 01 0E 01 0E */
- if ( n == 0X13131212 ) return -2;
- } else {
- /* 01 E0 01 E0 01 F1 01 F1 */
- if ( n == 0X14141515 ) return -2;
- /* 01 FE 01 FE 01 FE 01 FE */
- if ( n == 0X16161616 ) return -2;
- }
- } else {
- if ( n < 0X34342525 ) {
- /* 1F 01 1F 01 0E 01 0E 01 */
- if ( n == 0X31312121 ) return -2;
- /* 1F 1F 1F 1F 0E 0E 0E 0E */ /* ? */
- if ( n == 0X33332222 ) return -2;
- } else {
- /* 1F E0 1F E0 0E F1 0E F1 */
- if ( n == 0X34342525 ) return -2;
- /* 1F FE 1F FE 0E FE 0E FE */
- if ( n == 0X36362626 ) return -2;
- }
- }
- } else {
- if ( n < 0X61616161 ) {
- if ( n < 0X44445555 ) {
- /* E0 01 E0 01 F1 01 F1 01 */
- if ( n == 0X41415151 ) return -2;
- /* E0 1F E0 1F F1 0E F1 0E */
- if ( n == 0X43435252 ) return -2;
- } else {
- /* E0 E0 E0 E0 F1 F1 F1 F1 */ /* ? */
- if ( n == 0X44445555 ) return -2;
- /* E0 FE E0 FE F1 FE F1 FE */
- if ( n == 0X46465656 ) return -2;
- }
- } else {
- if ( n < 0X64646565 ) {
- /* FE 01 FE 01 FE 01 FE 01 */
- if ( n == 0X61616161 ) return -2;
- /* FE 1F FE 1F FE 0E FE 0E */
- if ( n == 0X63636262 ) return -2;
- } else {
- /* FE E0 FE E0 FE F1 FE F1 */
- if ( n == 0X64646565 ) return -2;
- /* FE FE FE FE FE FE FE FE */
- if ( n == 0X66666666 ) return -2;
- }
- }
- }
- }
-
- /* explode the bits */
- n = 56;
- b0 = bits0;
- b1 = bits1;
- do {
- w = (256 | *k++) << 2;
- do {
- --n;
- b1[n] = 8 & w;
- w >>= 1;
- b0[n] = 4 & w;
- } while ( w >= 16 );
- } while ( n );
-
- /* put the bits in the correct places */
- n = 16;
- k = rotors;
- do {
- w = (b1[k[ 0 ]] | b0[k[ 1 ]]) << 4;
- w |= (b1[k[ 2 ]] | b0[k[ 3 ]]) << 2;
- w |= b1[k[ 4 ]] | b0[k[ 5 ]];
- w <<= 8;
- w |= (b1[k[ 6 ]] | b0[k[ 7 ]]) << 4;
- w |= (b1[k[ 8 ]] | b0[k[ 9 ]]) << 2;
- w |= b1[k[10 ]] | b0[k[11 ]];
- w <<= 8;
- w |= (b1[k[12 ]] | b0[k[13 ]]) << 4;
- w |= (b1[k[14 ]] | b0[k[15 ]]) << 2;
- w |= b1[k[16 ]] | b0[k[17 ]];
- w <<= 8;
- w |= (b1[k[18 ]] | b0[k[19 ]]) << 4;
- w |= (b1[k[20 ]] | b0[k[21 ]]) << 2;
- w |= b1[k[22 ]] | b0[k[23 ]];
-
- method[0] = w;
-
- w = (b1[k[ 0+24]] | b0[k[ 1+24]]) << 4;
- w |= (b1[k[ 2+24]] | b0[k[ 3+24]]) << 2;
- w |= b1[k[ 4+24]] | b0[k[ 5+24]];
- w <<= 8;
- w |= (b1[k[ 6+24]] | b0[k[ 7+24]]) << 4;
- w |= (b1[k[ 8+24]] | b0[k[ 9+24]]) << 2;
- w |= b1[k[10+24]] | b0[k[11+24]];
- w <<= 8;
- w |= (b1[k[12+24]] | b0[k[13+24]]) << 4;
- w |= (b1[k[14+24]] | b0[k[15+24]]) << 2;
- w |= b1[k[16+24]] | b0[k[17+24]];
- w <<= 8;
- w |= (b1[k[18+24]] | b0[k[19+24]]) << 4;
- w |= (b1[k[20+24]] | b0[k[21+24]]) << 2;
- w |= b1[k[22+24]] | b0[k[23+24]];
-
- ROR(w, 4, 28); /* could be eliminated */
- method[1] = w;
-
- k += 48;
- method += 2;
- } while ( --n );
-
- return 0;
-}
+++ /dev/null
-/*
- * generate_q - Generates the permutations q0 and q1 for twofish.
- * Copyright (C) 1999 Ruud de Rooij <ruud@debian.org>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#include <stdio.h>
-
-typedef unsigned char byte;
-
-#define ror4(x) (((x) >> 1) | (((x) & 1) << 3))
-
-static byte q0(byte x)
-{
-
- static byte t0[16] = { 0x8, 0x1, 0x7, 0xD, 0x6, 0xF, 0x3, 0x2,
- 0x0, 0xB, 0x5, 0x9, 0xE, 0xC, 0xA, 0x4 };
- static byte t1[16] = { 0xE, 0xC, 0xB, 0x8, 0x1, 0x2, 0x3, 0x5,
- 0xF, 0x4, 0xA, 0x6, 0x7, 0x0, 0x9, 0xD };
- static byte t2[16] = { 0xB, 0xA, 0x5, 0xE, 0x6, 0xD, 0x9, 0x0,
- 0xC, 0x8, 0xF, 0x3, 0x2, 0x4, 0x7, 0x1 };
- static byte t3[16] = { 0xD, 0x7, 0xF, 0x4, 0x1, 0x2, 0x6, 0xE,
- 0x9, 0xB, 0x3, 0x0, 0x8, 0x5, 0xC, 0xA };
-
- byte a0 = x / 16;
- byte b0 = x % 16;
-
- byte a1 = a0 ^ b0;
- byte b1 = a0 ^ ror4(b0) ^ ((8*a0) % 16);
-
- byte a2 = t0[a1];
- byte b2 = t1[b1];
-
- byte a3 = a2 ^ b2;
- byte b3 = a2 ^ ror4(b2) ^ ((8*a2) % 16);
-
- byte a4 = t2[a3];
- byte b4 = t3[b3];
-
- byte y = 16*b4 + a4;
-
- return y;
-}
-
-static byte q1(byte x)
-{
- static byte t0[16] = { 0x2, 0x8, 0xB, 0xD, 0xF, 0x7, 0x6, 0xE,
- 0x3, 0x1, 0x9, 0x4, 0x0, 0xA, 0xC, 0x5 };
- static byte t1[16] = { 0x1, 0xE, 0x2, 0xB, 0x4, 0xC, 0x3, 0x7,
- 0x6, 0xD, 0xA, 0x5, 0xF, 0x9, 0x0, 0x8 };
- static byte t2[16] = { 0x4, 0xC, 0x7, 0x5, 0x1, 0x6, 0x9, 0xA,
- 0x0, 0xE, 0xD, 0x8, 0x2, 0xB, 0x3, 0xF };
- static byte t3[16] = { 0xB, 0x9, 0x5, 0x1, 0xC, 0x3, 0xD, 0xE,
- 0x6, 0x4, 0x7, 0xF, 0x2, 0x0, 0x8, 0xA };
-
- byte a0 = x / 16;
- byte b0 = x % 16;
-
- byte a1 = a0 ^ b0;
- byte b1 = a0 ^ ror4(b0) ^ ((8*a0) % 16);
-
- byte a2 = t0[a1];
- byte b2 = t1[b1];
-
- byte a3 = a2 ^ b2;
- byte b3 = a2 ^ ror4(b2) ^ ((8*a2) % 16);
-
- byte a4 = t2[a3];
- byte b4 = t3[b3];
-
- byte y = 16*b4 + a4;
-
- return y;
-}
-
-int
-main(void)
-{
- int i, j;
-
- printf("static byte q0[] = { ");
- for (i = 0; i < 32; i++) {
- for (j = 0; j < 8; j++)
- printf("0x%02X, ", q0(i*8+j));
- if (i == 31)
- printf("};\n\n");
- else
- printf("\n ");
- }
-
- printf("static byte q1[] = { ");
- for (i = 0; i < 32; i++) {
- for (j = 0; j < 8; j++)
- printf("0x%02X, ", q1(i*8+j));
- if (i == 31)
- printf("};\n");
- else
- printf("\n ");
- }
-
- return 0;
-}
+++ /dev/null
-/* $Id$
- *
- * The basic IDEA transformation
- *
- * Please be aware that IDEA IS PATENT ENCUMBERED; see the note below.
- * -------------------------
- *
- * This implementation is taken from pgp, see note below.
- *
- * Only primitive operations are done here, chaining modes etc
- * are implemented in a higher level program.
- *
- **********************************************************************
- *
- * idea.c - C source code for IDEA block cipher.
- * IDEA (International Data Encryption Algorithm), formerly known as
- * IPES (Improved Proposed Encryption Standard).
- * Algorithm developed by Xuejia Lai and James L. Massey, of ETH Zurich.
- * This implementation modified and derived from original C code
- * developed by Xuejia Lai.
- * Zero-based indexing added, names changed from IPES to IDEA.
- * CFB functions added. Random number routines added.
- *
- * Extensively optimized and restructured by Colin Plumb.
- *
- ***********************************************************************
- *
- * Some changes including endianness cleanup done by Niels Möller.
- *
- */
-
-/*
- IDEA is patent encumbered; the following information was copied from the
- idea.c extension for the GNU Privacy Guard.
-
- The IDEA algorithm is patented by Ascom Systec Ltd. of CH-5506 Maegenwil,
- Switzerland, who allow it to be used on a royalty-free basis for certain
- non-profit applications. Commercial users must obtain a license from the
- company in order to use IDEA. IDEA may be used on a royalty-free basis under
- the following conditions:
-
- Free use for private purposes:
-
- The free use of software containing the algorithm is strictly limited to non
- revenue generating data transfer between private individuals, ie not serving
- commercial purposes. Requests by freeware developers to obtain a
- royalty-free license to spread an application program containing the
- algorithm for non-commercial purposes must be directed to Ascom.
-
- Special offer for shareware developers:
-
- There is a special waiver for shareware developers. Such waiver eliminates
- the upfront fees as well as royalties for the first US$10,000 gross sales of
- a product containing the algorithm if and only if:
-
- 1. The product is being sold for a minimum of US$10 and a maximum of US$50.
- 2. The source code for the shareware is available to the public.
-
- Special conditions for research projects:
-
- The use of the algorithm in research projects is free provided that it serves
- the purpose of such project and within the project duration. Any use of the
- algorithm after the termination of a project including activities resulting
- from a project and for purposes not directly related to the project requires
- a license.
-
- Ascom Tech requires the following notice to be included for freeware
- products:
-
- This software product contains the IDEA algorithm as described and claimed in
- US patent 5,214,703, EPO patent 0482154 (covering Austria, France, Germany,
- Italy, the Netherlands, Spain, Sweden, Switzerland, and the UK), and Japanese
- patent application 508119/1991, "Device for the conversion of a digital block
- and use of same" (hereinafter referred to as "the algorithm"). Any use of
- the algorithm for commercial purposes is thus subject to a license from Ascom
- Systec Ltd. of CH-5506 Maegenwil (Switzerland), being the patentee and sole
- owner of all rights, including the trademark IDEA.
-
- Commercial purposes shall mean any revenue generating purpose including but
- not limited to:
-
- i) Using the algorithm for company internal purposes (subject to a site
- license).
-
- ii) Incorporating the algorithm into any software and distributing such
- software and/or providing services relating thereto to others (subject to
- a product license).
-
- iii) Using a product containing the algorithm not covered by an IDEA license
- (subject to an end user license).
-
- All such end user license agreements are available exclusively from Ascom
- Systec Ltd and may be requested via the WWW at http://www.ascom.ch/systec or
- by email to idea@ascom.ch.
-
- Use other than for commercial purposes is strictly limited to non-revenue
- generating data transfer between private individuals. The use by government
- agencies, non-profit organizations, etc is considered as use for commercial
- purposes but may be subject to special conditions. Any misuse will be
- prosecuted.
-*/
-
-#include "crypto_types.h"
-#include <idea.h>
-
-#include <string.h>
-
-/*-------------------------------------------------------------*/
-
-#define low16(x) ((x) & 0xffff)
-
-/*
- * Multiplication, modulo (2**16)+1
- * Note that this code is structured on the assumption that
- * untaken branches are cheaper than taken branches, and the
- * compiler doesn't schedule branches.
- */
-#ifdef SMALL_CACHE
-const static UINT16
-mul(UINT16 a, UINT16 b)
-{
- register UINT32 p;
-
- p = (UINT32)a * b;
- if (p)
- {
- b = low16(p);
- a = p>>16;
- return (b - a) + (b < a);
- }
- else if (a)
- {
- return 1-b;
- }
- else
- {
- return 1-a;
- }
-} /* mul */
-#endif /* SMALL_CACHE */
-
-/*
- * Compute the multiplicative inverse of x, modulo 65537, using Euclid's
- * algorithm. It is unrolled twice to avoid swapping the registers each
- * iteration, and some subtracts of t have been changed to adds.
- */
-static const UINT16
-inv(UINT16 x)
-{
- UINT16 t0, t1;
- UINT16 q, y;
-
- if (x <= 1)
- return x; /* 0 and 1 are self-inverse */
- t1 = 0x10001L / x; /* Since x >= 2, this fits into 16 bits */
- y = 0x10001L % x;
- if (y == 1)
- return low16(1-t1);
- t0 = 1;
- do
- {
- q = x / y;
- x = x % y;
- t0 += q * t1;
- if (x == 1)
- return t0;
- q = y / x;
- y = y % x;
- t1 += q * t0;
- }
- while (y != 1);
- return low16(1-t1);
-} /* inv */
-
-/*
- * Expand a 128-bit user key to a working encryption key ctx
- */
-void
-idea_expand(UINT16 *ctx,
- const UINT8 *userkey)
-{
- int i,j;
-
- for (j=0; j<8; j++) {
- ctx[j] = (userkey[0]<<8) + userkey[1];
- userkey += 2;
- }
- for (i=0; j < IDEA_KEYLEN; j++) {
- i++;
- ctx[i+7] = ctx[i & 7] << 9 | ctx[(i+1) & 7] >> 7;
- ctx += i & 8;
- i &= 7;
- }
-} /* idea_expand */
-
-/*
- * Compute IDEA decryption key DK from an expanded IDEA encryption key EK
- * Note that the input and output may be the same. Thus, the key is
- * inverted into an internal buffer, and then copied to the output.
- */
-void
-idea_invert(UINT16 *d,
- const UINT16 *e)
-{
- int i;
- UINT16 t1, t2, t3;
- UINT16 temp[IDEA_KEYLEN];
- UINT16 *p = temp + IDEA_KEYLEN;
-
- t1 = inv(*e++);
- t2 = -*e++;
- t3 = -*e++;
- *--p = inv(*e++);
- *--p = t3;
- *--p = t2;
- *--p = t1;
-
- for (i = 0; i < IDEA_ROUNDS-1; i++) {
- t1 = *e++;
- *--p = *e++;
- *--p = t1;
-
- t1 = inv(*e++);
- t2 = -*e++;
- t3 = -*e++;
- *--p = inv(*e++);
- *--p = t2;
- *--p = t3;
- *--p = t1;
- }
- t1 = *e++;
- *--p = *e++;
- *--p = t1;
-
- t1 = inv(*e++);
- t2 = -*e++;
- t3 = -*e++;
- *--p = inv(*e++);
- *--p = t3;
- *--p = t2;
- *--p = t1;
- /* Copy and destroy temp copy */
- memcpy(d, temp, sizeof(temp));
- memset(temp, 0, sizeof(temp));
-} /* idea_invert */
-
-/*
- * MUL(x,y) computes x = x*y, modulo 0x10001. Requires two temps,
- * t16 and t32. x is modified, and must me a side-effect-free lvalue.
- * y may be anything, but unlike x, must be strictly 16 bits even if
- * low16() is #defined.
- * All of these are equivalent - see which is faster on your machine
- */
-#ifdef SMALL_CACHE
-#define MUL(x,y) (x = mul(low16(x),y))
-#else /* !SMALL_CACHE */
-#ifdef AVOID_JUMPS
-#define MUL(x,y) (x = low16(x-1), t16 = low16((y)-1), \
- t32 = (UINT32)x*t16 + x + t16 + 1, x = low16(t32), \
- t16 = t32>>16, x = (x-t16) + (x<t16) )
-#else /* !AVOID_JUMPS (default) */
-#define MUL(x,y) \
- ((t16 = (y)) ? \
- (x=low16(x)) ? \
- t32 = (UINT32)x*t16, \
- x = low16(t32), \
- t16 = t32>>16, \
- x = (x-t16)+(x<t16) \
- : \
- (x = 1-t16) \
- : \
- (x = 1-x))
-#endif
-#endif
-
-/* Endian independent conversions */
-#define char2word(dest, p) \
- do { \
- (dest) = *(p)++ << 8; (dest) |= *(p)++; \
- } while(0)
-
-#define word2char(src, p) \
- do { \
- *(p)++ = (src) >> 8; *(p)++ = (src) & 0xff; \
- } while(0)
-
-/* IDEA encryption/decryption algorithm */
-/* Note that in and out can be the same buffer */
-void
-idea_crypt(const UINT16 *key,
- UINT8 *dest,
- const UINT8 *src)
-{
- register UINT16 x1, x2, x3, x4, s2, s3;
-
- /* Setup */
-
- char2word(x1, src); char2word(x2, src);
- char2word(x3, src); char2word(x4, src);
-
- /* Encrypt */
- {
-#ifndef SMALL_CACHE
- register UINT16 t16; /* Temporaries needed by MUL macro */
- register UINT32 t32;
-#endif
- int r = IDEA_ROUNDS;
- do
- {
- MUL(x1,*key++);
- x2 += *key++;
- x3 += *key++;
- MUL(x4, *key++);
-
- s3 = x3;
- x3 ^= x1;
- MUL(x3, *key++);
- s2 = x2;
- x2 ^= x4;
- x2 += x3;
- MUL(x2, *key++);
- x3 += x2;
-
- x1 ^= x2; x4 ^= x3;
-
- x2 ^= s3; x3 ^= s2;
- }
- while (--r);
- MUL(x1, *key++);
- x3 += *key++;
- x2 += *key++;
- MUL(x4, *key);
- }
- word2char(x1, dest); word2char(x3, dest);
- word2char(x2, dest); word2char(x4, dest);
-} /* idea_crypt */
-
-/*-------------------------------------------------------------*/
-
-
+++ /dev/null
-.dist_headers
-Makefile
-Makefile.am
-Makefile.in
+++ /dev/null
-/.dist_headers
-/Makefile
-/Makefile.am
-/Makefile.in
+++ /dev/null
-## Process this file with make_am to produce Makefile.am
-CVS_HEADERS: cvs_headers
-BODY:
-
-EXTRA_DIST = $(cvs_headers) Makefile.am.in
-
-Makefile.am: Makefile.am.in
- (cd $(top_srcdir); ./make_am)
-
-include $(top_srcdir)/misc/ctags.mk
+++ /dev/null
-/* $Id$ */
-#ifndef RCSID_H_INCLUDED
-#define RCSID_H_INCLUDED
-
-/* Taken from pike/src/global.h */
-
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7)
-#define RCSID2(name, X) \
- static char *name __attribute__ ((unused)) =X
-#elif __GNUC__ == 2
- /* No need for PIKE_CONCAT() here since gcc supports ## */
-#define RCSID2(name, X) \
- static char *name = X; \
- static void *use_##name=(&use_##name, (void *)&name)
-#else
-#define RCSID2(name, X) \
- static char *name = X
-#endif
-
-#endif /* RCSID_H_INCLUDED */
+++ /dev/null
-/*
- * $Id$
- */
-
-#ifndef ARCFOUR_H_INCLUDED
-#define ARCFOUR_H_INCLUDED
-
-#include "crypto_types.h"
-
-struct arcfour_ctx {
- UINT8 S[256];
- UINT8 i, j;
-};
-
-#if 0
-void arcfour_init(struct arcfour_ctx *ctx);
-#endif
-
-/* Encryption functions */
-void arcfour_set_key(struct arcfour_ctx *ctx, UINT32 length, const UINT8 *key);
-void arcfour_crypt(struct arcfour_ctx *ctx, UINT8 *dest,
- UINT32 length, const UINT8 *src);
-
-/* Using arcfour as a randomness generator. */
-void arcfour_init(struct arcfour_ctx *ctx);
-void arcfour_update_key(struct arcfour_ctx *ctx,
- UINT32 length, const UINT8 *key);
-void arcfour_stream(struct arcfour_ctx *ctx,
- UINT32 length, UINT8 *dest);
-
-
-#endif /* ARCFOUR_H_INCLUDED */
+++ /dev/null
-/* blowfish.h
- * Copyright (C) 1998 Free Software Foundation, Inc.
- *
- * This file is part of GNUPG.
- *
- * GNUPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GNUPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-/*
- * Modifications for lsh by Ray Dassen
- */
-
-#ifndef G10_BLOWFISH_H
-#define G10_BLOWFISH_H
-
-#include "crypto_types.h"
-
-/* Use lsh types */
-typedef UINT8 byte;
-typedef UINT16 u16;
-typedef UINT32 u32;
-
-/* FIXME: A search&replace on the type names would be better, but I
- * keep GPG names for now to make it easier to get smaller diffs. */
-
-#if 0
-#define CIPHER_ALGO_BLOWFISH 4 /* blowfish 128 bit key */
-#endif
-
-#define BLOWFISH_BLOCKSIZE 8
-#define BLOWFISH_ROUNDS 16
-
-/* Other key lengths are possible, but 128 bits is the default. */
-#define BLOWFISH_KEYSIZE 16
-
-/* Allow keys of size 64 <= bits <= 448 */
-#define BLOWFISH_MIN_KEYSIZE 8
-#define BLOWFISH_MAX_KEYSIZE 56
-
-#define G10ERR_WEAK_KEY 43
-
-typedef struct {
- u32 s0[256];
- u32 s1[256];
- u32 s2[256];
- u32 s3[256];
- u32 p[BLOWFISH_ROUNDS+2];
-} BLOWFISH_context;
-
-
-/* Returns 0 if the key is ok */
-
-int bf_set_key( BLOWFISH_context *c, const byte *key, unsigned keylen );
-void bf_encrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf );
-void bf_decrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf );
-
-int bf_selftest(void);
-
-#if 0
-const char *
-blowfish_get_info( int algo, size_t *keylen,
- size_t *blocksize, size_t *contextsize,
- int (**setkey)( void *c, const byte *key, unsigned keylen ),
- void (**encrypt)( void *c, byte *outbuf, const byte *inbuf ),
- void (**decrypt)( void *c, byte *outbuf, const byte *inbuf )
- );
-#endif
-
-#endif /*G10_BLOWFISH_H*/
+++ /dev/null
-/*
- * $Id$
- *
- * CAST-128 in C
- * Written by Steve Reid <sreid@sea-to-sky.net>
- * 100% Public Domain - no warranty
- * Released 1997.10.11
- */
-
-#ifndef _CAST_H_INCLUDED
-#define _CAST_H_INCLUDED
-
-#define CAST_MIN_KEYSIZE 5
-#define CAST_MAX_KEYSIZE 16
-#define CAST_BLOCKSIZE 8
-
-#define CAST_SMALL_KEY 10
-#define CAST_SMALL_ROUNDS 12
-#define CAST_FULL_ROUNDS 16
-
-#include "crypto_types.h"
-
-struct cast_key {
- UINT32 xkey[32]; /* Key, after expansion */
- unsigned rounds; /* Number of rounds to use, 12 or 16 */
-};
-
-void cast_setkey(struct cast_key *key, const UINT8 * const rawkey,
- unsigned keybytes);
-void cast_encrypt(struct cast_key *key, const UINT8 * const inblock,
- UINT8 *outblock);
-void cast_decrypt(struct cast_key *key, const UINT8 * const inblock,
- UINT8* outblock);
-int cast_selftest(void);
-
-#endif /* ifndef _CAST_H_INCLUDED */
-
+++ /dev/null
-/* $Id$
- *
- * Defines the types UINT32, UINT16 and UINT8 */
-
-#ifndef CRYPTO_TYPES_H_INCLUDED
-#define CRYPTO_TYPES_H_INCLUDED
-
-#ifdef PIKE
-# include "pike_types.h"
-# include "global.h"
-# define UINT32 unsigned INT32
-# define UINT16 unsigned INT16
-# define UINT8 unsigned INT8
-#else /* !PIKE */
-
-# ifdef LSH
-# include "lsh_types.h"
-
-# else /* !LSH */
-# define UINT32 unsigned long
-# define UINT16 unsigned short
-# define UINT8 unsigned char
-# endif /* !PIKE */
-#endif
-
-#endif /* CRYPTO_TYPES_H_INCLUDED */
+++ /dev/null
-/*
- * des - fast & portable DES encryption & decryption.
- * Copyright (C) 1992 Dana L. How
- * Please see the file `../lib/descore.README' for the complete copyright
- * notice.
- *
- * Slightly edited by Niels Möller, 1997
- */
-
-#ifndef DES_H_INCLUDED
-#define DES_H_INCLUDED
-
-#include "crypto_types.h"
-
-#include "RCSID.h"
-RCSID2(desCore_hRcs, "$Id$");
-
-#define DES_KEYSIZE 8
-#define DES_BLOCKSIZE 8
-#define DES_EXPANDED_KEYLEN 32
-
-/* FIXME: typedef on arrays is ugly. */
-typedef UINT8 DesData[DES_BLOCKSIZE];
-typedef UINT32 DesKeys[DES_EXPANDED_KEYLEN];
-
-typedef void DesFunc(UINT8 *d, const UINT32 *r, const UINT8 *s);
-
-extern int DesMethod(UINT32 *method, const UINT8 *k);
-extern void DesQuickInit(void);
-extern void DesQuickDone(void);
-extern DesFunc DesQuickCoreEncrypt;
-extern DesFunc DesQuickFipsEncrypt;
-extern DesFunc DesQuickCoreDecrypt;
-extern DesFunc DesQuickFipsDecrypt;
-extern DesFunc DesSmallCoreEncrypt;
-extern DesFunc DesSmallFipsEncrypt;
-extern DesFunc DesSmallCoreDecrypt;
-extern DesFunc DesSmallFipsDecrypt;
-
-extern DesFunc *DesCryptFuncs[2];
-extern int des_key_sched(const UINT8 *k, UINT32 *s);
-extern int des_ecb_encrypt(const UINT8 *s, UINT8 *d, const UINT32 *r, int e);
-
-#endif /* DES_H_INCLUDED */
+++ /dev/null
-/*
- * $Id$
- */
-
-/*
- * Please be aware that IDEA IS PATENT ENCUMBERED; see the note in idea.c.
- * -------------------------
- */
-
-#ifndef IDEA_H_INCLUDED
-#define IDEA_H_INCLUDED
-
-#define IDEA_KEYSIZE 16
-#define IDEA_BLOCKSIZE 8
-
-#define IDEA_ROUNDS 8
-#define IDEA_KEYLEN (6*IDEA_ROUNDS+4)
-
-#include "crypto_types.h"
-
-void idea_expand(UINT16 *ctx,
- const UINT8 *key);
-
-void idea_invert(UINT16 *d,
- const UINT16 *e);
-
-void idea_crypt(const UINT16 *ctx,
- UINT8 *dest,
- const UINT8 *src);
-
-#endif /* IDEA_H_INCLUDED */
+++ /dev/null
-/*
- * $Id$
- */
-
-#include "crypto_types.h"
-
-#define MD5_DATASIZE 64
-#define MD5_DATALEN 16
-#define MD5_DIGESTSIZE 16
-#define MD5_DIGESTLEN 4
-
-struct md5_ctx {
- UINT32 digest[MD5_DIGESTLEN]; /* Digest */
- UINT32 count_l, count_h; /* Block count */
- UINT8 block[MD5_DATASIZE]; /* One block buffer */
- int index; /* index into buffer */
-};
-
-void md5_init(struct md5_ctx *ctx);
-void md5_update(struct md5_ctx *ctx, const UINT8 *buffer, UINT32 len);
-void md5_final(struct md5_ctx *ctx);
-void md5_digest(struct md5_ctx *ctx, UINT8 *s);
-void md5_copy(struct md5_ctx *dest, struct md5_ctx *src);
+++ /dev/null
-/*
- *
- * Rijndael is a 128/192/256-bit block cipher that accepts key sizes of
- * 128, 192, or 256 bits, designed by Joan Daemen and Vincent Rijmen. See
- * http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ for details.
- */
-
-#if !defined(RIJNDAEL_H)
-#define RIJNDAEL_H
-
-#include <stdlib.h>
-
-#include "crypto_types.h"
-
-/* Other block sizes and key lengths are possible, but in the context of
- * the ssh protocols, 256 bits is the default. */
-#define RIJNDAEL_BLOCKSIZE 16
-#define RIJNDAEL_KEYSIZE 32
-
-/* Allow keys of size 128 <= bits <= 256 */
-
-#define RIJNDAEL_MIN_KEYSIZE 16
-#define RIJNDAEL_MAX_KEYSIZE 32
-
-typedef struct {
- UINT32 keys[60]; /* maximum size of key schedule */
- UINT32 ikeys[60]; /* inverse key schedule */
- int nrounds; /* number of rounds to use for our key size */
-} RIJNDAEL_context;
-
-/* This basically performs Rijndael's key scheduling algorithm, as it's the
- * only initialization required anyhow. The key size is specified in bytes,
- * but the only valid values are 16 (128 bits), 24 (192 bits), and 32 (256
- * bits). If a value other than these three is specified, the key will be
- * truncated to the closest value less than the key size specified, e.g.
- * specifying 7 will use only the first 6 bytes of the key given. DO NOT
- * PASS A VALUE LESS THAN 16 TO KEYSIZE! */
-void
-rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key);
-
-/*
- * rijndael_encrypt()
- *
- * Encrypt 16 bytes of data with the Rijndael algorithm. Before this
- * function can be used, rijndael_setup must be used in order to initialize
- * Rijndael's key schedule.
- *
- * This function always encrypts 16 bytes of plaintext to 16 bytes of
- * ciphertext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-
-void
-rijndael_encrypt(RIJNDAEL_context *context,
- const UINT8 *plaintext,
- UINT8 *ciphertext);
-
-/*
- * rijndael_decrypt()
- *
- * Decrypt 16 bytes of data with the Rijndael algorithm.
- *
- * Before this function can be used, rijndael_setup() must be used in order
- * to set up the key schedule required for the decryption algorithm.
- *
- * This function always decrypts 16 bytes of ciphertext to 16 bytes of
- * plaintext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-
-void
-rijndael_decrypt(RIJNDAEL_context *context,
- const UINT8 *ciphertext,
- UINT8 *plaintext);
-
-#endif /* RIJNDAEL_H */
+++ /dev/null
-
-/*
- *
- * Serpent is a 128-bit block cipher that accepts a key size of 256 bits,
- * designed by Ross Anderson, Eli Biham, and Lars Knudsen. See
- * http://www.cl.cam.ac.uk/~rja14/serpent.html for details.
- */
-
-#if !defined(SERPENT_H)
-#define SERPENT_H
-
-#include <stdlib.h>
-#include "crypto_types.h"
-
-#define SERPENT_BLOCKSIZE 16
-
-/* Other key lengths are possible, but we only use 256 bits. Besides, the
- design of Serpent makes other key lengths useless; they cheated with the
- AES requirements, using a 256-bit key length exclusively and just padding
- it out if the desired key length was less, so there really is no advantage
- to using key lengths less than 256 bits. */
-#define SERPENT_KEYSIZE 32
-
-/* Allow keys of size 128 <= bits <= 256 */
-
-#define SERPENT_MIN_KEYSIZE 16
-#define SERPENT_MAX_KEYSIZE 32
-
-typedef struct {
- UINT32 keys[33][4]; /* key schedule */
-} SERPENT_context;
-
-/* This performs Serpent's key scheduling algorithm. */
-void
-serpent_setup(SERPENT_context *ctx, UINT32 key_size, const UINT8 *key);
-
-/*
- * serpent_encrypt()
- *
- * Encrypt 16 bytes of data with the Serpent algorithm. Before this
- * function can be used, serpent_setup must be used in order to initialize
- * Serpent's key schedule.
- *
- * This function always encrypts 16 bytes of plaintext to 16 bytes of
- * ciphertext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-void
-serpent_encrypt(SERPENT_context *context,
- const UINT8 *plaintext,
- UINT8 *ciphertext);
-
-/*
- * serpent_decrypt()
- *
- * Decrypt 16 bytes of data with the Serpent algorithm.
- *
- * Before this function can be used, serpent_setup() must be used in order
- * to set up the key schedule required for the decryption algorithm.
- *
- * This function always decrypts 16 bytes of ciphertext to 16 bytes of
- * plaintext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-
-void
-serpent_decrypt(SERPENT_context *context,
- const UINT8 *ciphertext,
- UINT8 *plaintext);
-
-#endif /* SERPENT_H */
+++ /dev/null
-/*
- * $Id$
- */
-
-#include "crypto_types.h"
-
-/* The SHA block size and message digest sizes, in bytes */
-
-#define SHA_DATASIZE 64
-#define SHA_DATALEN 16
-#define SHA_DIGESTSIZE 20
-#define SHA_DIGESTLEN 5
-/* The structure for storing SHA info */
-
-struct sha_ctx {
- UINT32 digest[SHA_DIGESTLEN]; /* Message digest */
- UINT32 count_l, count_h; /* 64-bit block count */
- UINT8 block[SHA_DATASIZE]; /* SHA data buffer */
- int index; /* index into buffer */
-};
-
-void sha_init(struct sha_ctx *ctx);
-void sha_update(struct sha_ctx *ctx, const UINT8 *buffer, UINT32 len);
-void sha_final(struct sha_ctx *ctx);
-void sha_digest(struct sha_ctx *ctx, UINT8 *s);
-void sha_copy(struct sha_ctx *dest, struct sha_ctx *src);
-
-/* The core compression function, mapping 5 + 16 32-bit words to 5
- * words. Destroys the data in the process. */
-void sha_transform(UINT32 *state, UINT32 *data);
+++ /dev/null
-/* twofish.h
- *
- * $Id$
- */
-
-/*
- * twofish - An implementation of the twofish cipher.
- * Copyright (C) 1999 Ruud de Rooij <ruud@debian.org>
- *
- * Modifications for lsh
- * Copyright (C) 1999 J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl>
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Library General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Library General Public License for more details.
- *
- * You should have received a copy of the GNU Library General Public
- * License along with this library; if not, write to the Free
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-/*
- * Twofish is a 128-bit block cipher that accepts a variable-length
- * key up to 256 bits, designed by Bruce Schneier and others. See
- * http://www.counterpane.com/twofish.html for details.
- */
-
-#if !defined(TWOFISH_H)
-#define TWOFISH_H
-
-#include <stdlib.h> /* For size_t */
-
-#include "crypto_types.h"
-
-#define TWOFISH_BLOCKSIZE 16 /* bytes */
-
-
-/* Other key lengths are possible, but in the context of the ssh protocols,
- * 256 bits is the default. */
-#define TWOFISH_KEYSIZE 32 /* bytes */
-
-/* Allow keys of size 128 <= bits <= 256 */
-
-#define TWOFISH_MIN_KEYSIZE 16 /* bytes */
-#define TWOFISH_MAX_KEYSIZE 32 /* bytes */
-
-typedef struct {
- UINT32 keys[40];
- UINT32 s_box[4][256];
-} TWOFISH_context;
-
-/* Set up internal tables required for twofish encryption and decryption.
- *
- * The key size is specified in bytes. Key sizes up to 32 bytes are
- * supported. Larger key sizes are silently truncated. */
-
-void
-twofish_setup(TWOFISH_context *ctx, size_t keysize, const UINT8 *key);
-
-/* void twofish_encrypt(TWOFISH_context *context,
- * const UINT8 *plaintext,
- * UINT8 *ciphertext);
- *
- * Encrypt 16 bytes of data with the twofish algorithm.
- *
- * Before this function can be used, twofish_setup() must be used in order to
- * set up various tables required for the encryption algorithm.
- *
- * This function always encrypts 16 bytes of plaintext to 16 bytes of
- * ciphertext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-
-void
-twofish_encrypt(TWOFISH_context *context,
- const UINT8 *plaintext,
- UINT8 *ciphertext);
-
-/* void twofish_decrypt(TWOFISH_context *context,
- * const UINT8 *ciphertext,
- * UINT8 *plaintext);
- *
- * Decrypt 16 bytes of data with the twofish algorithm.
- *
- * Before this function can be used, twofish_setup() must be used in order to
- * set up various tables required for the decryption algorithm.
- *
- * This function always decrypts 16 bytes of ciphertext to 16 bytes of
- * plaintext. The memory areas of the plaintext and the ciphertext can
- * overlap.
- */
-
-void
-twofish_decrypt(TWOFISH_context *context,
- const UINT8 *ciphertext,
- UINT8 *plaintext);
-
-int
-twofish_selftest(void);
-
-#endif /* TWOFISH_H */
+++ /dev/null
-#ifndef _TYPES_H
-#define _TYPES_H
-
-/* Define types for GPG code */
-
-#warning Don't use include/types.h
-
-#include "lsh_types.h"
-
-typedef UINT8 byte;
-
-typedef UINT32 u32;
-
-#endif /* _TYPES_H */
+++ /dev/null
-/* rijndael - An implementation of the Rijndael cipher.
- *
- * Copyright (C) 2000 Rafael R. Sevilla <dido@pacific.net.ph>
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Library General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Library General Public License for more details.
- *
- * You should have received a copy of the GNU Library General Public
- * License along with this library; if not, write to the Free
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#include "rijndael.h"
-
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-/* These tables combine both the S-boxes and the mixcolumn transformation, so
- that we can perform a round's encryption or by means of four table lookups
- and four XOR's per column of state. They were generated by the
- makertbls.pl script. */
-static const UINT32 dtbl[] = {
- 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6,
- 0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591,
- 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56,
- 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec,
- 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
- 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb,
- 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45,
- 0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b,
- 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
- 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83,
- 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9,
- 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
- 0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d,
- 0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f,
- 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
- 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea,
- 0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34,
- 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
- 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d,
- 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
- 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1,
- 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6,
- 0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972,
- 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
- 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
- 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511,
- 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe,
- 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b,
- 0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05,
- 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
- 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142,
- 0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf,
- 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
- 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e,
- 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
- 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
- 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3,
- 0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b,
- 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
- 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
- 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14,
- 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8,
- 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4,
- 0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2,
- 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
- 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949,
- 0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf,
- 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
- 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c,
- 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
- 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
- 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f,
- 0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc,
- 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c,
- 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
- 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27,
- 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
- 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433,
- 0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9,
- 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
- 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a,
- 0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0,
- 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
- 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c,
-};
-
-static const UINT32 itbl[] = {
- 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a,
- 0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b,
- 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
- 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5,
- 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d,
- 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
- 0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295,
- 0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e,
- 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
- 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d,
- 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362,
- 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
- 0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52,
- 0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566,
- 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
- 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed,
- 0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e,
- 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
- 0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4,
- 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd,
- 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
- 0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060,
- 0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967,
- 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
- 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000,
- 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c,
- 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
- 0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624,
- 0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b,
- 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
- 0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12,
- 0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14,
- 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
- 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b,
- 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8,
- 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
- 0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7,
- 0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177,
- 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
- 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322,
- 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498,
- 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
- 0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54,
- 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382,
- 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
- 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb,
- 0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83,
- 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef,
- 0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029,
- 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235,
- 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
- 0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117,
- 0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4,
- 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
- 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb,
- 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d,
- 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
- 0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a,
- 0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773,
- 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
- 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2,
- 0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff,
- 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
- 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0,
-};
-
-
-/* Needed only for the key schedule and for final rounds */
-static const UINT8 sbox[256] = {
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171,
- 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164,
- 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113,
- 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226,
- 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214,
- 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, 252, 177, 91, 106, 203,
- 190, 57, 74, 76, 88, 207, 208, 239, 170, 251, 67, 77, 51, 133, 69,
- 249, 2, 127, 80, 60, 159, 168, 81, 163, 64, 143, 146, 157, 56, 245,
- 188, 182, 218, 33, 16, 255, 243, 210, 205, 12, 19, 236, 95, 151, 68,
- 23, 196, 167, 126, 61, 100, 93, 25, 115, 96, 129, 79, 220, 34, 42,
- 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73,
- 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109,
- 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37,
- 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62,
- 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225,
- 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
- 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187,
- 22,
-};
-
-static const UINT8 isbox[256] = {
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215,
- 251, 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222,
- 233, 203, 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66,
- 250, 195, 78, 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73,
- 109, 139, 209, 37, 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92,
- 204, 93, 101, 182, 146, 108, 112, 72, 80, 253, 237, 185, 218, 94, 21,
- 70, 87, 167, 141, 157, 132, 144, 216, 171, 0, 140, 188, 211, 10, 247,
- 228, 88, 5, 184, 179, 69, 6, 208, 44, 30, 143, 202, 63, 15, 2,
- 193, 175, 189, 3, 1, 19, 138, 107, 58, 145, 17, 65, 79, 103, 220,
- 234, 151, 242, 207, 206, 240, 180, 230, 115, 150, 172, 116, 34, 231, 173,
- 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, 71, 241, 26, 113, 29,
- 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, 252, 86, 62, 75,
- 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, 31, 221, 168,
- 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, 96, 81,
- 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, 160,
- 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12,
- 125,
-};
-
-/* Used only by the key schedule */
-static const UINT8 Logtable[256] = {
- 0, 0, 25, 1, 50, 2, 26, 198, 75, 199, 27, 104, 51, 238, 223, 3,
- 100, 4, 224, 14, 52, 141, 129, 239, 76, 113, 8, 200, 248, 105, 28,
- 193, 125, 194, 29, 181, 249, 185, 39, 106, 77, 228, 166, 114, 154, 201,
- 9, 120, 101, 47, 138, 5, 33, 15, 225, 36, 18, 240, 130, 69, 53,
- 147, 218, 142, 150, 143, 219, 189, 54, 208, 206, 148, 19, 92, 210, 241,
- 64, 70, 131, 56, 102, 221, 253, 48, 191, 6, 139, 98, 179, 37, 226,
- 152, 34, 136, 145, 16, 126, 110, 72, 195, 163, 182, 30, 66, 58, 107,
- 40, 84, 250, 133, 61, 186, 43, 121, 10, 21, 155, 159, 94, 202, 78,
- 212, 172, 229, 243, 115, 167, 87, 175, 88, 168, 80, 244, 234, 214, 116,
- 79, 174, 233, 213, 231, 230, 173, 232, 44, 215, 117, 122, 235, 22, 11,
- 245, 89, 203, 95, 176, 156, 169, 81, 160, 127, 12, 246, 111, 23, 196,
- 73, 236, 216, 67, 31, 45, 164, 118, 123, 183, 204, 187, 62, 90, 251,
- 96, 177, 134, 59, 82, 161, 108, 170, 85, 41, 157, 151, 178, 135, 144,
- 97, 190, 220, 252, 188, 149, 207, 205, 55, 63, 91, 209, 83, 57, 132,
- 60, 65, 162, 109, 71, 20, 42, 158, 93, 86, 242, 211, 171, 68, 17,
- 146, 217, 35, 32, 46, 137, 180, 124, 184, 38, 119, 153, 227, 165, 103,
- 74, 237, 222, 197, 49, 254, 24, 13, 99, 140, 128, 192, 247, 112, 7,
-};
-
-static const UINT8 Alogtable[256] = {
- 1, 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19,
- 53, 95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34,
- 102, 170, 229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144,
- 171, 230, 49, 83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184,
- 211, 110, 178, 205, 76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241,
- 8, 24, 40, 120, 136, 131, 158, 185, 208, 107, 189, 220, 127, 129, 152,
- 179, 206, 73, 219, 118, 154, 181, 196, 87, 249, 16, 48, 80, 240, 11,
- 29, 39, 105, 187, 214, 97, 163, 254, 25, 43, 125, 135, 146, 173, 236,
- 47, 113, 147, 174, 233, 32, 96, 160, 251, 22, 58, 78, 210, 109, 183,
- 194, 93, 231, 50, 86, 250, 21, 63, 65, 195, 94, 226, 61, 71, 201,
- 64, 192, 91, 237, 44, 116, 156, 191, 218, 117, 159, 186, 213, 100, 172,
- 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128, 155, 182, 193, 88,
- 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84, 252, 31, 33,
- 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202, 69, 207,
- 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14, 18,
- 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23,
- 57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1,
-};
-
-#define ROTBYTE(x) (((x) >> 8) | (((x) & 0xff) << 24))
-#define ROTRBYTE(x) (((x) << 8) | (((x) >> 24) & 0xff))
-#define SUBBYTE(x, box) (((box)[((x) & 0xff)]) | \
- ((box)[(((x) >> 8) & 0xff)] << 8) | \
- ((box)[(((x) >> 16) & 0xff)] << 16) | \
- ((box)[(((x) >> 24) & 0xff)] << 24))
-
-static UINT8
-xtime(UINT8 a)
-{
- UINT8 b;
-
- b = (a & 0x80) ? 0x1b : 0;
- a<<=1;
- a^=b;
- return(a);
-}
-
-static UINT8
-mul(UINT8 a, UINT8 b)
-{
- if (a && b) return Alogtable[(Logtable[a] + Logtable[b])%255];
- else return 0;
-}
-
-static void
-inv_mix_column(UINT32 *a, UINT32 *b)
-{
- UINT8 c[4][4];
- int i, j;
-
- for(j = 0; j < 4; j++) {
- for(i = 0; i < 4; i++) {
- c[j][i] = mul(0xe, (a[j] >> i*8) & 0xff)
- ^ mul(0xb, (a[j] >> ((i+1)%4)*8) & 0xff)
- ^ mul(0xd, (a[j] >> ((i+2)%4)*8) & 0xff)
- ^ mul(0x9, (a[j] >> ((i+3)%4)*8) & 0xff);
- }
- }
- for(i = 0; i < 4; i++) {
- b[i] = 0;
- for(j = 0; j < 4; j++)
- b[i] |= c[i][j] << (j*8);
- }
-}
-
-void
-rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key)
-{
- int nk, nr, i, lastkey;
- UINT32 temp, rcon;
-
- /* Truncate keysizes to the valid key sizes provided by Rijndael */
- if (keysize >= 32) {
- nk = 8;
- nr = 14;
- } else if (keysize >= 24) {
- nk = 6;
- nr = 12;
- } else { /* must be 16 or more */
- assert(keysize >= 16);
- nk = 4;
- nr = 10;
- }
-
- lastkey = (RIJNDAEL_BLOCKSIZE/4) * (nr + 1);
- ctx->nrounds = nr;
- rcon = 1;
- for (i=0; i<nk; i++) {
- ctx->keys[i] = key[i*4] + (key[i*4+1]<<8) + (key[i*4+2]<<16) +
- (key[i*4+3]<<24);
- }
-
- for (i=nk; i<lastkey; i++) {
- temp = ctx->keys[i-1];
- if (i % nk == 0) {
- temp = SUBBYTE(ROTBYTE(temp), sbox) ^ rcon;
- rcon = (UINT32)xtime((UINT8)rcon&0xff);
- } else if (nk > 6 && (i%nk) == 4) {
- temp = SUBBYTE(temp, sbox);
- }
- ctx->keys[i] = ctx->keys[i-nk] ^ temp;
- }
- /* Generate the inverse keys */
- for (i=0; i<4; i++) {
- ctx->ikeys[i] = ctx->keys[i];
- ctx->ikeys[lastkey-4 + i] = ctx->keys[lastkey-4 + i];
- }
- for (i=4; i<lastkey-4; i+=4)
- inv_mix_column(&(ctx->keys[i]), &(ctx->ikeys[i]));
-}
-
-/* Key addition that also packs every byte in the key to a word rep. */
-static void
-key_addition_8to32(const UINT8 *txt, UINT32 *keys, UINT32 *out)
-{
- const UINT8 *ptr;
- int i, j;
- UINT32 val;
-
- ptr = txt;
- for (i=0; i<4; i++) {
- val = 0;
- for (j=0; j<4; j++)
- val |= (*ptr++ << 8*j);
- out[i] = keys[i]^val;
- }
-}
-
-static void
-key_addition32(const UINT32 *txt, UINT32 *keys, UINT32 *out)
-{
- int i;
-
- for (i=0; i<4; i++)
- out[i] = keys[i] ^ txt[i];
-}
-
-static void
-key_addition32to8(const UINT32 *txt, UINT32 *keys, UINT8 *out)
-{
- UINT8 *ptr;
- int i, j;
- UINT32 val;
-
- ptr = out;
- for (i=0; i<4; i++) {
- val = txt[i] ^ keys[i];
- for (j=0; j<4; j++)
- *ptr++ = (val >> 8*j) & 0xff;
- }
-}
-
-static const int idx[4][4] = {
- { 0, 1, 2, 3 },
- { 1, 2, 3, 0 },
- { 2, 3, 0, 1 },
- { 3, 0, 1, 2 } };
-
-void
-rijndael_encrypt(RIJNDAEL_context *ctx,
- const UINT8 *plaintext,
- UINT8 *ciphertext)
-{
- int r, j;
- UINT32 wtxt[4], t[4]; /* working ciphertext */
- UINT32 e;
-
- key_addition_8to32(plaintext, &(ctx->keys[0]), wtxt);
- for (r=1; r<ctx->nrounds; r++) {
- for (j=0; j<4; j++) {
- t[j] = dtbl[wtxt[j] & 0xff] ^
- ROTRBYTE(dtbl[(wtxt[idx[1][j]] >> 8) & 0xff]^
- ROTRBYTE(dtbl[(wtxt[idx[2][j]] >> 16) & 0xff] ^
- ROTRBYTE(dtbl[(wtxt[idx[3][j]] >> 24) & 0xff])));
- }
- key_addition32(t, &(ctx->keys[r*4]), wtxt);
- }
- /* last round is special: there is no mixcolumn, so we can't use the big
- tables. */
- for (j=0; j<4; j++) {
- e = wtxt[j] & 0xff;
- e |= (wtxt[idx[1][j]]) & (0xff << 8);
- e |= (wtxt[idx[2][j]]) & (0xff << 16);
- e |= (wtxt[idx[3][j]]) & (0xff << 24);
- t[j] = e;
- }
- for (j=0; j<4; j++)
- t[j] = SUBBYTE(t[j], sbox);
- key_addition32to8(t, &(ctx->keys[4*ctx->nrounds]), ciphertext);
-}
-
-static const int iidx[4][4] = {
- { 0, 1, 2, 3 },
- { 3, 0, 1, 2 },
- { 2, 3, 0, 1 },
- { 1, 2, 3, 0 } };
-
-void
-rijndael_decrypt(RIJNDAEL_context *ctx,
- const UINT8 *ciphertext,
- UINT8 *plaintext)
-{
- int r, j;
- UINT32 wtxt[4], t[4]; /* working ciphertext */
- UINT32 e;
-
- key_addition_8to32(ciphertext, &(ctx->ikeys[4*ctx->nrounds]), wtxt);
- for (r=ctx->nrounds-1; r> 0; r--) {
- for (j=0; j<4; j++) {
- t[j] = itbl[wtxt[j] & 0xff] ^
- ROTRBYTE(itbl[(wtxt[iidx[1][j]] >> 8) & 0xff]^
- ROTRBYTE(itbl[(wtxt[iidx[2][j]] >> 16) & 0xff] ^
- ROTRBYTE(itbl[(wtxt[iidx[3][j]] >> 24) & 0xff])));
- }
- key_addition32(t, &(ctx->ikeys[r*4]), wtxt);
- }
- /* last round is special: there is no mixcolumn, so we can't use the big
- tables. */
- for (j=0; j<4; j++) {
- e = wtxt[j] & 0xff;
- e |= (wtxt[iidx[1][j]]) & (0xff << 8);
- e |= (wtxt[iidx[2][j]]) & (0xff << 16);
- e |= (wtxt[iidx[3][j]]) & (0xff << 24);
- t[j] = e;
- }
- for (j=0; j<4; j++)
- t[j] = SUBBYTE(t[j], isbox);
- key_addition32to8(t, &(ctx->ikeys[0]), plaintext);
-}
+++ /dev/null
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "rijndael.h"
-
-int main(void)
-{
- RIJNDAEL_context ctx;
- UINT8 key[32];
- UINT8 text[16];
- int i, j;
-
- for (i=0; i<16; i++)
- text[i] = i;
- for (i=0; i<32; i++)
- key[i] = 0;
- key[0] = 1;
-
- for (j=16; j<=32; j+=8) {
- rijndael_setup(&ctx, j, key);
- printf("\nBlock Size = 128 bits, Key Size = %d bits\n", j*8);
- printf("\nPlain= ");
- for (i=0; i<16; i++)
- printf("%2x", text[i]);
- printf("\n");
- rijndael_encrypt(&ctx, text, text);
- printf("Encrypt= ");
- for (i=0; i<16; i++)
- printf("%02x", text[i]);
- printf("\nDecrypt= ");
- rijndael_decrypt(&ctx, text, text);
- for (i=0; i<16; i++)
- printf("%2x", text[i]);
- printf("\n");
- }
- return(0);
-}
+++ /dev/null
-/* serpentsboxes.h
- *
- * $Id$
- *
- * For more details on this algorithm, see the Serpent website at
- * http://www.cl.cam.ac.uk/~rja14/serpent.html
- */
-
-/* Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License as
- * published by the Free Software Foundation; either version 2 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-/* I've modified this code a bit so that it interoperates with lsh
- * properly. 2000-9-5, Rafael R. Sevilla <dido@pacific.net.ph>
- */
-
-/* NOTE: The copyright notice for the original version of this code
- * said "All rights reserved. This code is freely distributed for AES
- * selection process. No other use is allowed." However, the authors
- * later decided to GPL the code. /nisse */
-
-#if !defined(SERPENTSBOXES_H)
-#define SERPENTSBOXES_H
-
-/* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */
-
-/* depth = 5,7,4,2, Total gates=18 */
-#define RND00(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t05, t06, t07, t08, t09, t11, t12, t13, t14, t15, t17, t01;\
- t01 = b ^ c ; \
- t02 = a | d ; \
- t03 = a ^ b ; \
- z = t02 ^ t01; \
- t05 = c | z ; \
- t06 = a ^ d ; \
- t07 = b | c ; \
- t08 = d & t05; \
- t09 = t03 & t07; \
- y = t09 ^ t08; \
- t11 = t09 & y ; \
- t12 = c ^ d ; \
- t13 = t07 ^ t11; \
- t14 = b & t06; \
- t15 = t06 ^ t13; \
- w = ~ t15; \
- t17 = w ^ t14; \
- x = t12 ^ t17; }
-
-/* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */
-
-/* depth = 8,4,3,6, Total gates=19 */
-#define InvRND00(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t12, t13, t14, t15, t17, t18, t01;\
- t01 = c ^ d ; \
- t02 = a | b ; \
- t03 = b | c ; \
- t04 = c & t01; \
- t05 = t02 ^ t01; \
- t06 = a | t04; \
- y = ~ t05; \
- t08 = b ^ d ; \
- t09 = t03 & t08; \
- t10 = d | y ; \
- x = t09 ^ t06; \
- t12 = a | t05; \
- t13 = x ^ t12; \
- t14 = t03 ^ t10; \
- t15 = a ^ c ; \
- z = t14 ^ t13; \
- t17 = t05 & t13; \
- t18 = t14 | t17; \
- w = t15 ^ t18; }
-
-/* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */
-
-/* depth = 10,7,3,5, Total gates=18 */
-#define RND01(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t08, t10, t11, t12, t13, t16, t17, t01;\
- t01 = a | d ; \
- t02 = c ^ d ; \
- t03 = ~ b ; \
- t04 = a ^ c ; \
- t05 = a | t03; \
- t06 = d & t04; \
- t07 = t01 & t02; \
- t08 = b | t06; \
- y = t02 ^ t05; \
- t10 = t07 ^ t08; \
- t11 = t01 ^ t10; \
- t12 = y ^ t11; \
- t13 = b & d ; \
- z = ~ t10; \
- x = t13 ^ t12; \
- t16 = t10 | x ; \
- t17 = t05 & t16; \
- w = c ^ t17; }
-
-/* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */
-
-/* depth = 7,4,5,3, Total gates=18 */
-#define InvRND01(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t14, t15, t17, t01;\
- t01 = a ^ b ; \
- t02 = b | d ; \
- t03 = a & c ; \
- t04 = c ^ t02; \
- t05 = a | t04; \
- t06 = t01 & t05; \
- t07 = d | t03; \
- t08 = b ^ t06; \
- t09 = t07 ^ t06; \
- t10 = t04 | t03; \
- t11 = d & t08; \
- y = ~ t09; \
- x = t10 ^ t11; \
- t14 = a | y ; \
- t15 = t06 ^ x ; \
- z = t01 ^ t04; \
- t17 = c ^ t15; \
- w = t14 ^ t17; }
-
-/* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */
-
-/* depth = 3,8,11,7, Total gates=16 */
-#define RND02(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t05, t06, t07, t08, t09, t10, t12, t13, t14, t01;\
- t01 = a | c ; \
- t02 = a ^ b ; \
- t03 = d ^ t01; \
- w = t02 ^ t03; \
- t05 = c ^ w ; \
- t06 = b ^ t05; \
- t07 = b | t05; \
- t08 = t01 & t06; \
- t09 = t03 ^ t07; \
- t10 = t02 | t09; \
- x = t10 ^ t08; \
- t12 = a | d ; \
- t13 = t09 ^ x ; \
- t14 = b ^ t13; \
- z = ~ t09; \
- y = t12 ^ t14; }
-
-/* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */
-
-/* depth = 3,6,8,3, Total gates=18 */
-#define InvRND02(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t06, t07, t08, t09, t10, t11, t12, t15, t16, t17, t01;\
- t01 = a ^ d ; \
- t02 = c ^ d ; \
- t03 = a & c ; \
- t04 = b | t02; \
- w = t01 ^ t04; \
- t06 = a | c ; \
- t07 = d | w ; \
- t08 = ~ d ; \
- t09 = b & t06; \
- t10 = t08 | t03; \
- t11 = b & t07; \
- t12 = t06 & t02; \
- z = t09 ^ t10; \
- x = t12 ^ t11; \
- t15 = c & z ; \
- t16 = w ^ x ; \
- t17 = t10 ^ t15; \
- y = t16 ^ t17; }
-
-/* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */
-
-/* depth = 8,3,5,5, Total gates=18 */
-#define RND03(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t13, t14, t15, t01;\
- t01 = a ^ c ; \
- t02 = a | d ; \
- t03 = a & d ; \
- t04 = t01 & t02; \
- t05 = b | t03; \
- t06 = a & b ; \
- t07 = d ^ t04; \
- t08 = c | t06; \
- t09 = b ^ t07; \
- t10 = d & t05; \
- t11 = t02 ^ t10; \
- z = t08 ^ t09; \
- t13 = d | z ; \
- t14 = a | t07; \
- t15 = b & t13; \
- y = t08 ^ t11; \
- w = t14 ^ t15; \
- x = t05 ^ t04; }
-
-/* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */
-
-/* depth = 3,6,4,4, Total gates=17 */
-#define InvRND03(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t09, t11, t12, t13, t14, t16, t01;\
- t01 = c | d ; \
- t02 = a | d ; \
- t03 = c ^ t02; \
- t04 = b ^ t02; \
- t05 = a ^ d ; \
- t06 = t04 & t03; \
- t07 = b & t01; \
- y = t05 ^ t06; \
- t09 = a ^ t03; \
- w = t07 ^ t03; \
- t11 = w | t05; \
- t12 = t09 & t11; \
- t13 = a & y ; \
- t14 = t01 ^ t05; \
- x = b ^ t12; \
- t16 = b | t13; \
- z = t14 ^ t16; }
-
-/* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */
-
-/* depth = 6,7,5,3, Total gates=19 */
-#define RND04(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t11, t12, t13, t14, t15, t16, t01;\
- t01 = a | b ; \
- t02 = b | c ; \
- t03 = a ^ t02; \
- t04 = b ^ d ; \
- t05 = d | t03; \
- t06 = d & t01; \
- z = t03 ^ t06; \
- t08 = z & t04; \
- t09 = t04 & t05; \
- t10 = c ^ t06; \
- t11 = b & c ; \
- t12 = t04 ^ t08; \
- t13 = t11 | t03; \
- t14 = t10 ^ t09; \
- t15 = a & t05; \
- t16 = t11 | t12; \
- y = t13 ^ t08; \
- x = t15 ^ t16; \
- w = ~ t14; }
-
-/* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */
-
-/* depth = 6,4,7,3, Total gates=17 */
-#define InvRND04(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t09, t10, t11, t12, t13, t15, t01;\
- t01 = b | d ; \
- t02 = c | d ; \
- t03 = a & t01; \
- t04 = b ^ t02; \
- t05 = c ^ d ; \
- t06 = ~ t03; \
- t07 = a & t04; \
- x = t05 ^ t07; \
- t09 = x | t06; \
- t10 = a ^ t07; \
- t11 = t01 ^ t09; \
- t12 = d ^ t04; \
- t13 = c | t10; \
- z = t03 ^ t12; \
- t15 = a ^ t04; \
- y = t11 ^ t13; \
- w = t15 ^ t09; }
-
-/* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */
-
-/* depth = 4,6,8,6, Total gates=17 */
-#define RND05(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t14, t01;\
- t01 = b ^ d ; \
- t02 = b | d ; \
- t03 = a & t01; \
- t04 = c ^ t02; \
- t05 = t03 ^ t04; \
- w = ~ t05; \
- t07 = a ^ t01; \
- t08 = d | w ; \
- t09 = b | t05; \
- t10 = d ^ t08; \
- t11 = b | t07; \
- t12 = t03 | w ; \
- t13 = t07 | t10; \
- t14 = t01 ^ t11; \
- y = t09 ^ t13; \
- x = t07 ^ t08; \
- z = t12 ^ t14; }
-
-/* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */
-
-/* depth = 4,6,9,7, Total gates=17 */
-#define InvRND05(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t12, t13, t15, t16, t01;\
- t01 = a & d ; \
- t02 = c ^ t01; \
- t03 = a ^ d ; \
- t04 = b & t02; \
- t05 = a & c ; \
- w = t03 ^ t04; \
- t07 = a & w ; \
- t08 = t01 ^ w ; \
- t09 = b | t05; \
- t10 = ~ b ; \
- x = t08 ^ t09; \
- t12 = t10 | t07; \
- t13 = w | x ; \
- z = t02 ^ t12; \
- t15 = t02 ^ t13; \
- t16 = b ^ d ; \
- y = t16 ^ t15; }
-
-/* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */
-
-/* depth = 8,3,6,3, Total gates=19 */
-#define RND06(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t15, t17, t18, t01;\
- t01 = a & d ; \
- t02 = b ^ c ; \
- t03 = a ^ d ; \
- t04 = t01 ^ t02; \
- t05 = b | c ; \
- x = ~ t04; \
- t07 = t03 & t05; \
- t08 = b & x ; \
- t09 = a | c ; \
- t10 = t07 ^ t08; \
- t11 = b | d ; \
- t12 = c ^ t11; \
- t13 = t09 ^ t10; \
- y = ~ t13; \
- t15 = x & t03; \
- z = t12 ^ t07; \
- t17 = a ^ b ; \
- t18 = y ^ t15; \
- w = t17 ^ t18; }
-
-/* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */
-
-/* depth = 5,3,8,6, Total gates=19 */
-#define InvRND06(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t12, t13, t14, t15, t16, t17, t01;\
- t01 = a ^ c ; \
- t02 = ~ c ; \
- t03 = b & t01; \
- t04 = b | t02; \
- t05 = d | t03; \
- t06 = b ^ d ; \
- t07 = a & t04; \
- t08 = a | t02; \
- t09 = t07 ^ t05; \
- x = t06 ^ t08; \
- w = ~ t09; \
- t12 = b & w ; \
- t13 = t01 & t05; \
- t14 = t01 ^ t12; \
- t15 = t07 ^ t13; \
- t16 = d | t02; \
- t17 = a ^ x ; \
- z = t17 ^ t15; \
- y = t16 ^ t14; }
-
-/* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */
-
-/* depth = 10,7,10,4, Total gates=19 */
-#define RND07(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t11, t13, t14, t15, t16, t17, t01;\
- t01 = a & c ; \
- t02 = ~ d ; \
- t03 = a & t02; \
- t04 = b | t01; \
- t05 = a & b ; \
- t06 = c ^ t04; \
- z = t03 ^ t06; \
- t08 = c | z ; \
- t09 = d | t05; \
- t10 = a ^ t08; \
- t11 = t04 & z ; \
- x = t09 ^ t10; \
- t13 = b ^ x ; \
- t14 = t01 ^ x ; \
- t15 = c ^ t05; \
- t16 = t11 | t13; \
- t17 = t02 | t14; \
- w = t15 ^ t17; \
- y = a ^ t16; }
-
-/* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */
-
-/* depth = 9,7,3,3, Total gates=18 */
-#define InvRND07(a,b,c,d,w,x,y,z) \
- { register UINT32 t02, t03, t04, t06, t07, t08, t09, t10, t11, t13, t14, t15, t16, t01;\
- t01 = a & b ; \
- t02 = a | b ; \
- t03 = c | t01; \
- t04 = d & t02; \
- z = t03 ^ t04; \
- t06 = b ^ t04; \
- t07 = d ^ z ; \
- t08 = ~ t07; \
- t09 = t06 | t08; \
- t10 = b ^ d ; \
- t11 = a | d ; \
- x = a ^ t09; \
- t13 = c ^ t06; \
- t14 = c & t11; \
- t15 = d | x ; \
- t16 = t01 | t10; \
- w = t13 ^ t15; \
- y = t14 ^ t16; }
-
-#define RND08(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h)
-#define RND09(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h)
-#define RND10(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h)
-#define RND11(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h)
-#define RND12(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h)
-#define RND13(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h)
-#define RND14(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h)
-#define RND15(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h)
-#define RND16(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h)
-#define RND17(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h)
-#define RND18(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h)
-#define RND19(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h)
-#define RND20(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h)
-#define RND21(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h)
-#define RND22(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h)
-#define RND23(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h)
-#define RND24(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h)
-#define RND25(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h)
-#define RND26(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h)
-#define RND27(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h)
-#define RND28(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h)
-#define RND29(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h)
-#define RND30(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h)
-#define RND31(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h)
-
-#define InvRND08(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h)
-#define InvRND09(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h)
-#define InvRND10(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h)
-#define InvRND11(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h)
-#define InvRND12(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h)
-#define InvRND13(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h)
-#define InvRND14(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h)
-#define InvRND15(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h)
-#define InvRND16(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h)
-#define InvRND17(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h)
-#define InvRND18(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h)
-#define InvRND19(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h)
-#define InvRND20(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h)
-#define InvRND21(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h)
-#define InvRND22(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h)
-#define InvRND23(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h)
-#define InvRND24(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h)
-#define InvRND25(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h)
-#define InvRND26(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h)
-#define InvRND27(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h)
-#define InvRND28(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h)
-#define InvRND29(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h)
-#define InvRND30(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h)
-#define InvRND31(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h)
-
-/* Linear transformations and key mixing: */
-
-#define ROL(x,n) ((((UINT32)(x))<<(n))| \
- (((UINT32)(x))>>(32-(n))))
-#define ROR(x,n) ((((UINT32)(x))<<(32-(n)))| \
- (((UINT32)(x))>>(n)))
-
-#define transform(x0, x1, x2, x3, y0, y1, y2, y3) \
- y0 = ROL(x0, 13); \
- y2 = ROL(x2, 3); \
- y1 = x1 ^ y0 ^ y2; \
- y3 = x3 ^ y2 ^ ((UINT32)y0)<<3; \
- y1 = ROL(y1, 1); \
- y3 = ROL(y3, 7); \
- y0 = y0 ^ y1 ^ y3; \
- y2 = y2 ^ y3 ^ ((UINT32)y1<<7); \
- y0 = ROL(y0, 5); \
- y2 = ROL(y2, 22)
-
-#define inv_transform(x0, x1, x2, x3, y0, y1, y2, y3) \
- y2 = ROR(x2, 22);\
- y0 = ROR(x0, 5); \
- y2 = y2 ^ x3 ^ ((UINT32)x1<<7); \
- y0 = y0 ^ x1 ^ x3; \
- y3 = ROR(x3, 7); \
- y1 = ROR(x1, 1); \
- y3 = y3 ^ y2 ^ ((UINT32)y0)<<3; \
- y1 = y1 ^ y0 ^ y2; \
- y2 = ROR(y2, 3); \
- y0 = ROR(y0, 13)
-
-#define keying(x0, x1, x2, x3, subkey) \
- x0^=subkey[0];x1^=subkey[1]; \
- x2^=subkey[2];x3^=subkey[3]
-
-/* PHI: Constant used in the key schedule */
-#define PHI 0x9e3779b9L
-
-#endif /* SERPENTSBOXES_H */
+++ /dev/null
-/* sha.c - Implementation of the Secure Hash Algorithm
- *
- * Copyright (C) 1995, A.M. Kuchling
- *
- * Distribute and use freely; there are no restrictions on further
- * dissemination and usage except those imposed by the laws of your
- * country of residence.
- *
- * Adapted to pike and some cleanup by Niels Möller.
- */
-
-/* $Id$ */
-
-/* SHA: NIST's Secure Hash Algorithm */
-
-/* Based on SHA code originally posted to sci.crypt by Peter Gutmann
- in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
- Modified to test for endianness on creation of SHA objects by AMK.
- Also, the original specification of SHA was found to have a weakness
- by NSA/NIST. This code implements the fixed version of SHA.
-*/
-
-/* Here's the first paragraph of Peter Gutmann's posting:
-
-The following is my SHA (FIPS 180) code updated to allow use of the "fixed"
-SHA, thanks to Jim Gillogly and an anonymous contributor for the information on
-what's changed in the new version. The fix is a simple change which involves
-adding a single rotate in the initial expansion function. It is unknown
-whether this is an optimal solution to the problem which was discovered in the
-SHA or whether it's simply a bandaid which fixes the problem with a minimum of
-effort (for example the reengineering of a great many Capstone chips).
-*/
-
-#include "crypto_types.h"
-/* #include "port.h" */
-#include "sha.h"
-
-#include <string.h>
-
-/* Also defined in lsh_types.h */
-#ifndef READ_UINT32
-/* Reads a 32-bit integer, in network byte order */
-#define READ_UINT32(p) \
-((((UINT32) (p)[0]) << 24) \
- | (((UINT32) (p)[1]) << 16) \
- | (((UINT32) (p)[2]) << 8) \
- | ((UINT32) (p)[3]))
-#endif
-
-#ifndef WRITE_UINT32
-#define WRITE_UINT32(p, i) \
-do { \
- (p)[0] = ((i) >> 24) & 0xff; \
- (p)[1] = ((i) >> 16) & 0xff; \
- (p)[2] = ((i) >> 8) & 0xff; \
- (p)[3] = (i) & 0xff; \
-} while(0)
-#endif
-
-void sha_copy(struct sha_ctx *dest, struct sha_ctx *src)
-{
- int i;
-
- dest->count_l=src->count_l;
- dest->count_h=src->count_h;
- for(i=0; i<SHA_DIGESTLEN; i++)
- dest->digest[i]=src->digest[i];
- for(i=0; i < src->index; i++)
- dest->block[i] = src->block[i];
- dest->index = src->index;
-}
-
-
-/* The SHA f()-functions. The f1 and f3 functions can be optimized to
- save one boolean operation each - thanks to Rich Schroeppel,
- rcs@cs.arizona.edu for discovering this */
-
-/*#define f1(x,y,z) ( ( x & y ) | ( ~x & z ) ) // Rounds 0-19 */
-#define f1(x,y,z) ( z ^ ( x & ( y ^ z ) ) ) /* Rounds 0-19 */
-#define f2(x,y,z) ( x ^ y ^ z ) /* Rounds 20-39 */
-/*#define f3(x,y,z) ( ( x & y ) | ( x & z ) | ( y & z ) ) // Rounds 40-59 */
-#define f3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) ) /* Rounds 40-59 */
-#define f4(x,y,z) ( x ^ y ^ z ) /* Rounds 60-79 */
-
-/* The SHA Mysterious Constants */
-
-#define K1 0x5A827999L /* Rounds 0-19 */
-#define K2 0x6ED9EBA1L /* Rounds 20-39 */
-#define K3 0x8F1BBCDCL /* Rounds 40-59 */
-#define K4 0xCA62C1D6L /* Rounds 60-79 */
-
-/* SHA initial values */
-
-#define h0init 0x67452301L
-#define h1init 0xEFCDAB89L
-#define h2init 0x98BADCFEL
-#define h3init 0x10325476L
-#define h4init 0xC3D2E1F0L
-
-/* 32-bit rotate left - kludged with shifts */
-
-#define ROTL(n,X) ( ( (X) << (n) ) | ( (X) >> ( 32 - (n) ) ) )
-
-/* The initial expanding function. The hash function is defined over an
- 80-word expanded input array W, where the first 16 are copies of the input
- data, and the remaining 64 are defined by
-
- W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ]
-
- This implementation generates these values on the fly in a circular
- buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this
- optimization.
-
- The updated SHA changes the expanding function by adding a rotate of 1
- bit. Thanks to Jim Gillogly, jim@rand.org, and an anonymous contributor
- for this information */
-
-#define expand(W,i) ( W[ i & 15 ] = \
- ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \
- W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) ) )
-
-
-/* The prototype SHA sub-round. The fundamental sub-round is:
-
- a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data;
- b' = a;
- c' = ROTL( 30, b );
- d' = c;
- e' = d;
-
- but this is implemented by unrolling the loop 5 times and renaming the
- variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration.
- This code is then replicated 20 times for each of the 4 functions, using
- the next 20 values from the W[] array each time */
-
-#define subRound(a, b, c, d, e, f, k, data) \
- ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, b = ROTL( 30, b ) )
-
-/* Initialize the SHA values */
-
-void sha_init(struct sha_ctx *ctx)
-{
- /* Set the h-vars to their initial values */
- ctx->digest[ 0 ] = h0init;
- ctx->digest[ 1 ] = h1init;
- ctx->digest[ 2 ] = h2init;
- ctx->digest[ 3 ] = h3init;
- ctx->digest[ 4 ] = h4init;
-
- /* Initialize bit count */
- ctx->count_l = ctx->count_h = 0;
-
- /* Initialize buffer */
- ctx->index = 0;
-}
-
-/* Perform the SHA transformation. Note that this code, like MD5, seems to
- break some optimizing compilers due to the complexity of the expressions
- and the size of the basic block. It may be necessary to split it into
- sections, e.g. based on the four subrounds
-
- Note that this function destroys the data area */
-
-void sha_transform(UINT32 *state, UINT32 *data)
-{
- UINT32 A, B, C, D, E; /* Local vars */
-
- /* Set up first buffer and local data buffer */
- A = state[0];
- B = state[1];
- C = state[2];
- D = state[3];
- E = state[4];
-
- /* Heavy mangling, in 4 sub-rounds of 20 interations each. */
- subRound( A, B, C, D, E, f1, K1, data[ 0] );
- subRound( E, A, B, C, D, f1, K1, data[ 1] );
- subRound( D, E, A, B, C, f1, K1, data[ 2] );
- subRound( C, D, E, A, B, f1, K1, data[ 3] );
- subRound( B, C, D, E, A, f1, K1, data[ 4] );
- subRound( A, B, C, D, E, f1, K1, data[ 5] );
- subRound( E, A, B, C, D, f1, K1, data[ 6] );
- subRound( D, E, A, B, C, f1, K1, data[ 7] );
- subRound( C, D, E, A, B, f1, K1, data[ 8] );
- subRound( B, C, D, E, A, f1, K1, data[ 9] );
- subRound( A, B, C, D, E, f1, K1, data[10] );
- subRound( E, A, B, C, D, f1, K1, data[11] );
- subRound( D, E, A, B, C, f1, K1, data[12] );
- subRound( C, D, E, A, B, f1, K1, data[13] );
- subRound( B, C, D, E, A, f1, K1, data[14] );
- subRound( A, B, C, D, E, f1, K1, data[15] );
- subRound( E, A, B, C, D, f1, K1, expand( data, 16 ) );
- subRound( D, E, A, B, C, f1, K1, expand( data, 17 ) );
- subRound( C, D, E, A, B, f1, K1, expand( data, 18 ) );
- subRound( B, C, D, E, A, f1, K1, expand( data, 19 ) );
-
- subRound( A, B, C, D, E, f2, K2, expand( data, 20 ) );
- subRound( E, A, B, C, D, f2, K2, expand( data, 21 ) );
- subRound( D, E, A, B, C, f2, K2, expand( data, 22 ) );
- subRound( C, D, E, A, B, f2, K2, expand( data, 23 ) );
- subRound( B, C, D, E, A, f2, K2, expand( data, 24 ) );
- subRound( A, B, C, D, E, f2, K2, expand( data, 25 ) );
- subRound( E, A, B, C, D, f2, K2, expand( data, 26 ) );
- subRound( D, E, A, B, C, f2, K2, expand( data, 27 ) );
- subRound( C, D, E, A, B, f2, K2, expand( data, 28 ) );
- subRound( B, C, D, E, A, f2, K2, expand( data, 29 ) );
- subRound( A, B, C, D, E, f2, K2, expand( data, 30 ) );
- subRound( E, A, B, C, D, f2, K2, expand( data, 31 ) );
- subRound( D, E, A, B, C, f2, K2, expand( data, 32 ) );
- subRound( C, D, E, A, B, f2, K2, expand( data, 33 ) );
- subRound( B, C, D, E, A, f2, K2, expand( data, 34 ) );
- subRound( A, B, C, D, E, f2, K2, expand( data, 35 ) );
- subRound( E, A, B, C, D, f2, K2, expand( data, 36 ) );
- subRound( D, E, A, B, C, f2, K2, expand( data, 37 ) );
- subRound( C, D, E, A, B, f2, K2, expand( data, 38 ) );
- subRound( B, C, D, E, A, f2, K2, expand( data, 39 ) );
-
- subRound( A, B, C, D, E, f3, K3, expand( data, 40 ) );
- subRound( E, A, B, C, D, f3, K3, expand( data, 41 ) );
- subRound( D, E, A, B, C, f3, K3, expand( data, 42 ) );
- subRound( C, D, E, A, B, f3, K3, expand( data, 43 ) );
- subRound( B, C, D, E, A, f3, K3, expand( data, 44 ) );
- subRound( A, B, C, D, E, f3, K3, expand( data, 45 ) );
- subRound( E, A, B, C, D, f3, K3, expand( data, 46 ) );
- subRound( D, E, A, B, C, f3, K3, expand( data, 47 ) );
- subRound( C, D, E, A, B, f3, K3, expand( data, 48 ) );
- subRound( B, C, D, E, A, f3, K3, expand( data, 49 ) );
- subRound( A, B, C, D, E, f3, K3, expand( data, 50 ) );
- subRound( E, A, B, C, D, f3, K3, expand( data, 51 ) );
- subRound( D, E, A, B, C, f3, K3, expand( data, 52 ) );
- subRound( C, D, E, A, B, f3, K3, expand( data, 53 ) );
- subRound( B, C, D, E, A, f3, K3, expand( data, 54 ) );
- subRound( A, B, C, D, E, f3, K3, expand( data, 55 ) );
- subRound( E, A, B, C, D, f3, K3, expand( data, 56 ) );
- subRound( D, E, A, B, C, f3, K3, expand( data, 57 ) );
- subRound( C, D, E, A, B, f3, K3, expand( data, 58 ) );
- subRound( B, C, D, E, A, f3, K3, expand( data, 59 ) );
-
- subRound( A, B, C, D, E, f4, K4, expand( data, 60 ) );
- subRound( E, A, B, C, D, f4, K4, expand( data, 61 ) );
- subRound( D, E, A, B, C, f4, K4, expand( data, 62 ) );
- subRound( C, D, E, A, B, f4, K4, expand( data, 63 ) );
- subRound( B, C, D, E, A, f4, K4, expand( data, 64 ) );
- subRound( A, B, C, D, E, f4, K4, expand( data, 65 ) );
- subRound( E, A, B, C, D, f4, K4, expand( data, 66 ) );
- subRound( D, E, A, B, C, f4, K4, expand( data, 67 ) );
- subRound( C, D, E, A, B, f4, K4, expand( data, 68 ) );
- subRound( B, C, D, E, A, f4, K4, expand( data, 69 ) );
- subRound( A, B, C, D, E, f4, K4, expand( data, 70 ) );
- subRound( E, A, B, C, D, f4, K4, expand( data, 71 ) );
- subRound( D, E, A, B, C, f4, K4, expand( data, 72 ) );
- subRound( C, D, E, A, B, f4, K4, expand( data, 73 ) );
- subRound( B, C, D, E, A, f4, K4, expand( data, 74 ) );
- subRound( A, B, C, D, E, f4, K4, expand( data, 75 ) );
- subRound( E, A, B, C, D, f4, K4, expand( data, 76 ) );
- subRound( D, E, A, B, C, f4, K4, expand( data, 77 ) );
- subRound( C, D, E, A, B, f4, K4, expand( data, 78 ) );
- subRound( B, C, D, E, A, f4, K4, expand( data, 79 ) );
-
- /* Build message digest */
- state[0] += A;
- state[1] += B;
- state[2] += C;
- state[3] += D;
- state[4] += E;
-}
-
-static void
-sha_block(struct sha_ctx *ctx, const UINT8 *block)
-{
- UINT32 data[SHA_DATALEN];
- int i;
-
- /* Update block count */
- if (!++ctx->count_l)
- ++ctx->count_h;
-
- /* Endian independent conversion */
- for (i = 0; i<SHA_DATALEN; i++, block += 4)
- data[i] = READ_UINT32(block);
-
- sha_transform(ctx->digest, data);
-}
-
-void
-sha_update(struct sha_ctx *ctx,
- const UINT8 *buffer, UINT32 len)
-{
- if (ctx->index)
- { /* Try to fill partial block */
- unsigned left = SHA_DATASIZE - ctx->index;
- if (len < left)
- {
- memcpy(ctx->block + ctx->index, buffer, len);
- ctx->index += len;
- return; /* Finished */
- }
- else
- {
- memcpy(ctx->block + ctx->index, buffer, left);
- sha_block(ctx, ctx->block);
- buffer += left;
- len -= left;
- }
- }
- while (len >= SHA_DATASIZE)
- {
- sha_block(ctx, buffer);
- buffer += SHA_DATASIZE;
- len -= SHA_DATASIZE;
- }
- if ((ctx->index = len)) /* This assignment is intended */
- /* Buffer leftovers */
- memcpy(ctx->block, buffer, len);
-}
-
-/* Final wrapup - pad to SHA_DATASIZE-byte boundary with the bit pattern
- 1 0* (64-bit count of bits processed, MSB-first) */
-
-void
-sha_final(struct sha_ctx *ctx)
-{
- UINT32 data[SHA_DATALEN];
- int i;
- int words;
-
- i = ctx->index;
- /* Set the first char of padding to 0x80. This is safe since there is
- always at least one byte free */
- ctx->block[i++] = 0x80;
-
- /* Fill rest of word */
- for( ; i & 3; i++)
- ctx->block[i] = 0;
-
- /* i is now a multiple of the word size 4 */
- words = i >> 2;
- for (i = 0; i < words; i++)
- data[i] = READ_UINT32(ctx->block + 4*i);
-
- if (words > (SHA_DATALEN-2))
- { /* No room for length in this block. Process it and
- * pad with another one */
- for (i = words ; i < SHA_DATALEN; i++)
- data[i] = 0;
- sha_transform(ctx->digest, data);
- for (i = 0; i < (SHA_DATALEN-2); i++)
- data[i] = 0;
- }
- else
- for (i = words ; i < SHA_DATALEN - 2; i++)
- data[i] = 0;
- /* Theres 512 = 2^9 bits in one block */
- data[SHA_DATALEN-2] = (ctx->count_h << 9) | (ctx->count_l >> 23);
- data[SHA_DATALEN-1] = (ctx->count_l << 9) | (ctx->index << 3);
- sha_transform(ctx->digest, data);
-}
-
-void
-sha_digest(struct sha_ctx *ctx, UINT8 *s)
-{
- int i;
-
- for (i = 0; i < SHA_DIGESTLEN; i++, s+= 4)
- WRITE_UINT32(s, ctx->digest[i]);
-}
+++ /dev/null
-/* twofish_test.c
- *
- * $Id$
- */
-
-/* lsh, an implementation of the ssh protocol
- *
- * Copyright (C) 1998 Niels Möller
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License as
- * published by the Free Software Foundation; either version 2 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#include "twofish.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-
-int main (int argc UNUSED, char **argv UNUSED)
-{
- if (twofish_selftest())
- {
- fprintf(stderr, "Twofish works.\n");
- return EXIT_SUCCESS;
- }
- else
- {
- fprintf(stderr, "ERROR: Twofish failed.\n");
- return EXIT_FAILURE;
- }
-}
+++ /dev/null
-#include "util.h"
-
-#include <stdarg.h> /* For the va_* stuff */
-#include <stdlib.h> /* For EXIT_FAILURE */
-#include "../werror.h"
-
-void log_bug(const char *format, ... ) {
- va_list args;
-
- va_start(args, format);
- werror(format, args);
- va_end(args);
-}
-
-void log_error(const char *format, ... ) {
- va_list args;
-
- va_start(args, format);
- werror(format, args);
- va_end(args);
-}
-
-void log_fatal(const char *format, ... ) {
- va_list args;
-
- va_start(args, format);
- log_error(format, args);
- va_end(args);
-
- exit(EXIT_FAILURE);
-}
+++ /dev/null
-#ifndef _UTIL_H
-#define _UTIL_H
-
-#warning Don't use lib/util.h
-
-/* Bridge from GPG style to lsh style */
-#include "lsh_types.h"
-
-/* Report a bug (TODO: do what afterwards? ) */
-void log_bug(const char *fmt, ... ) PRINTF_STYLE(1,2);
-
-/* Report an error */
-void log_error(const char *fmt, ... ) PRINTF_STYLE(1,2);
-
-/* Report a fatal error and die */
-void log_fatal(const char *fmt, ... ) PRINTF_STYLE(1,2) NORETURN;
-
-#ifndef G10ERR_WEAK_KEY
- #define G10ERR_WEAK_KEY 43
-#elif G10ERR_WEAK_KEY != 43
- #error G10ERR_WEAK_KEY is defined to a wrong value.
-#endif
-
-#endif /* _UTIL_H */
projects / thirdparty / nettle.git / commitdiff
