Mercurial > dropbear
comparison libtomcrypt/src/ciphers/kseed.c @ 1471:6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 09 Feb 2018 21:44:05 +0800 |
| parents | f849a5ca2efc |
| children |
comparison
equal
deleted
inserted
replaced
| 1470:8bba51a55704 | 1471:6dba84798cd5 |
|---|---|
| 3 * LibTomCrypt is a library that provides various cryptographic | 3 * LibTomCrypt is a library that provides various cryptographic |
| 4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
| 5 * | 5 * |
| 6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
| 7 * guarantee it works. | 7 * guarantee it works. |
| 8 * | |
| 9 * Tom St Denis, [email protected], http://libtom.org | |
| 10 */ | 8 */ |
| 11 | 9 |
| 12 /** | 10 /** |
| 13 @file kseed.c | 11 @file kseed.c |
| 14 seed implementation of SEED derived from RFC4269 | 12 seed implementation of SEED derived from RFC4269 |
| 27 &kseed_ecb_encrypt, | 25 &kseed_ecb_encrypt, |
| 28 &kseed_ecb_decrypt, | 26 &kseed_ecb_decrypt, |
| 29 &kseed_test, | 27 &kseed_test, |
| 30 &kseed_done, | 28 &kseed_done, |
| 31 &kseed_keysize, | 29 &kseed_keysize, |
| 32 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | 30 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL |
| 33 }; | 31 }; |
| 34 | 32 |
| 35 static const ulong32 SS0[256] = { | 33 static const ulong32 SS0[256] = { |
| 36 0x2989A1A8UL,0x05858184UL,0x16C6D2D4UL,0x13C3D3D0UL,0x14445054UL,0x1D0D111CUL,0x2C8CA0ACUL,0x25052124UL, | 34 0x2989A1A8UL,0x05858184UL,0x16C6D2D4UL,0x13C3D3D0UL,0x14445054UL,0x1D0D111CUL,0x2C8CA0ACUL,0x25052124UL, |
| 37 0x1D4D515CUL,0x03434340UL,0x18081018UL,0x1E0E121CUL,0x11415150UL,0x3CCCF0FCUL,0x0ACAC2C8UL,0x23436360UL, | 35 0x1D4D515CUL,0x03434340UL,0x18081018UL,0x1E0E121CUL,0x11415150UL,0x3CCCF0FCUL,0x0ACAC2C8UL,0x23436360UL, |
| 199 @param skey The key in as scheduled by this function. | 197 @param skey The key in as scheduled by this function. |
| 200 @return CRYPT_OK if successful | 198 @return CRYPT_OK if successful |
| 201 */ | 199 */ |
| 202 int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) | 200 int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) |
| 203 { | 201 { |
| 204 int i; | 202 int i; |
| 205 ulong32 tmp, k1, k2, k3, k4; | 203 ulong32 tmp, k1, k2, k3, k4; |
| 206 | 204 |
| 207 if (keylen != 16) { | 205 if (keylen != 16) { |
| 208 return CRYPT_INVALID_KEYSIZE; | 206 return CRYPT_INVALID_KEYSIZE; |
| 209 } | 207 } |
| 210 | 208 |
| 211 if (num_rounds != 16 && num_rounds != 0) { | 209 if (num_rounds != 16 && num_rounds != 0) { |
| 212 return CRYPT_INVALID_ROUNDS; | 210 return CRYPT_INVALID_ROUNDS; |
| 213 } | 211 } |
| 214 | 212 |
| 215 /* load key */ | 213 /* load key */ |
| 216 LOAD32H(k1, key); | 214 LOAD32H(k1, key); |
| 217 LOAD32H(k2, key+4); | 215 LOAD32H(k2, key+4); |
| 218 LOAD32H(k3, key+8); | 216 LOAD32H(k3, key+8); |
| 219 LOAD32H(k4, key+12); | 217 LOAD32H(k4, key+12); |
| 220 | 218 |
| 221 for (i = 0; i < 16; i++) { | 219 for (i = 0; i < 16; i++) { |
| 222 skey->kseed.K[2*i+0] = G(k1 + k3 - KCi[i]); | 220 skey->kseed.K[2*i+0] = G(k1 + k3 - KCi[i]); |
| 223 skey->kseed.K[2*i+1] = G(k2 - k4 + KCi[i]); | 221 skey->kseed.K[2*i+1] = G(k2 - k4 + KCi[i]); |
| 224 if (i&1) { | 222 if (i&1) { |
| 225 tmp = k3; | 223 tmp = k3; |
| 226 k3 = ((k3 << 8) | (k4 >> 24)) & 0xFFFFFFFF; | 224 k3 = ((k3 << 8) | (k4 >> 24)) & 0xFFFFFFFF; |
| 227 k4 = ((k4 << 8) | (tmp >> 24)) & 0xFFFFFFFF; | 225 k4 = ((k4 << 8) | (tmp >> 24)) & 0xFFFFFFFF; |
| 228 } else { | 226 } else { |
| 229 tmp = k1; | 227 tmp = k1; |
| 230 k1 = ((k1 >> 8) | (k2 << 24)) & 0xFFFFFFFF; | 228 k1 = ((k1 >> 8) | (k2 << 24)) & 0xFFFFFFFF; |
| 231 k2 = ((k2 >> 8) | (tmp << 24)) & 0xFFFFFFFF; | 229 k2 = ((k2 >> 8) | (tmp << 24)) & 0xFFFFFFFF; |
| 232 } | 230 } |
| 233 /* reverse keys for decrypt */ | 231 /* reverse keys for decrypt */ |
| 234 skey->kseed.dK[2*(15-i)+0] = skey->kseed.K[2*i+0]; | 232 skey->kseed.dK[2*(15-i)+0] = skey->kseed.K[2*i+0]; |
| 235 skey->kseed.dK[2*(15-i)+1] = skey->kseed.K[2*i+1]; | 233 skey->kseed.dK[2*(15-i)+1] = skey->kseed.K[2*i+1]; |
| 236 } | 234 } |
| 237 | 235 |
| 238 return CRYPT_OK; | 236 return CRYPT_OK; |
| 239 } | 237 } |
| 240 | 238 |
| 241 static void rounds(ulong32 *P, ulong32 *K) | 239 static void rounds(ulong32 *P, ulong32 *K) |
| 242 { | 240 { |
| 243 ulong32 T, T2; | 241 ulong32 T, T2; |
| 273 | 271 |
| 274 /** | 272 /** |
| 275 Decrypts a block of text with SEED | 273 Decrypts a block of text with SEED |
| 276 @param ct The input ciphertext (16 bytes) | 274 @param ct The input ciphertext (16 bytes) |
| 277 @param pt The output plaintext (16 bytes) | 275 @param pt The output plaintext (16 bytes) |
| 278 @param skey The key as scheduled | 276 @param skey The key as scheduled |
| 279 @return CRYPT_OK if successful | 277 @return CRYPT_OK if successful |
| 280 */ | 278 */ |
| 281 int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | 279 int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) |
| 282 { | 280 { |
| 283 ulong32 P[4]; | 281 ulong32 P[4]; |
| 291 STORE32H(P[0], pt+8); | 289 STORE32H(P[0], pt+8); |
| 292 STORE32H(P[1], pt+12); | 290 STORE32H(P[1], pt+12); |
| 293 return CRYPT_OK; | 291 return CRYPT_OK; |
| 294 } | 292 } |
| 295 | 293 |
| 296 /** Terminate the context | 294 /** Terminate the context |
| 297 @param skey The scheduled key | 295 @param skey The scheduled key |
| 298 */ | 296 */ |
| 299 void kseed_done(symmetric_key *skey) | 297 void kseed_done(symmetric_key *skey) |
| 300 { | 298 { |
| 299 LTC_UNUSED_PARAM(skey); | |
| 301 } | 300 } |
| 302 | 301 |
| 303 /** | 302 /** |
| 304 Performs a self-test of the SEED block cipher | 303 Performs a self-test of the SEED block cipher |
| 305 @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled | 304 @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled |
| 343 | 342 |
| 344 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { | 343 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { |
| 345 kseed_setup(tests[x].key, 16, 0, &skey); | 344 kseed_setup(tests[x].key, 16, 0, &skey); |
| 346 kseed_ecb_encrypt(tests[x].pt, buf[0], &skey); | 345 kseed_ecb_encrypt(tests[x].pt, buf[0], &skey); |
| 347 kseed_ecb_decrypt(buf[0], buf[1], &skey); | 346 kseed_ecb_decrypt(buf[0], buf[1], &skey); |
| 348 if (XMEMCMP(buf[0], tests[x].ct, 16) || XMEMCMP(buf[1], tests[x].pt, 16)) { | 347 if (compare_testvector(buf[0], 16, tests[x].ct, 16, "KSEED Encrypt", x) || |
| 348 compare_testvector(buf[1], 16, tests[x].pt, 16, "KSEED Decrypt", x)) { | |
| 349 return CRYPT_FAIL_TESTVECTOR; | 349 return CRYPT_FAIL_TESTVECTOR; |
| 350 } | 350 } |
| 351 } | 351 } |
| 352 return CRYPT_OK; | 352 return CRYPT_OK; |
| 353 #endif | 353 #endif |
| 369 return CRYPT_OK; | 369 return CRYPT_OK; |
| 370 } | 370 } |
| 371 | 371 |
| 372 #endif | 372 #endif |
| 373 | 373 |
| 374 /* $Source$ */ | 374 /* ref: $Format:%D$ */ |
| 375 /* $Revision$ */ | 375 /* git commit: $Format:%H$ */ |
| 376 /* $Date$ */ | 376 /* commit time: $Format:%ai$ */ |