diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2007-05-03 22:26:34 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2007-05-03 22:26:34 +0200 |
| commit | 3a0e06ba62684c32422638b68972f9124589e458 (patch) | |
| tree | d6ec1181fbede752bccdcff861e3ee0fc98bf852 | |
| parent | d0507f2f5b2731f5d37312083a8eb7e169eace1c (diff) | |
| download | nettle-3a0e06ba62684c32422638b68972f9124589e458.tar.gz | |
Deleted obsolete directory and files
Rev: src/symmetric/Makefile.am.in:1.18(DEAD)
Rev: src/symmetric/bf_test.c:1.3(DEAD)
Rev: src/symmetric/cast.c:1.4(DEAD)
Rev: src/symmetric/cast_sboxes.h:1.2(DEAD)
Rev: src/symmetric/desKerb.c:1.4(DEAD)
Rev: src/symmetric/desQuick.c:1.4(DEAD)
Rev: src/symmetric/desTest.c:1.8(DEAD)
Rev: src/symmetric/desUtil.c:1.4(DEAD)
Rev: src/symmetric/generate_q.c:1.2(DEAD)
Rev: src/symmetric/idea.c:1.4(DEAD)
Rev: src/symmetric/include/.cvsignore:1.4(DEAD)
Rev: src/symmetric/include/Makefile.am.in:1.7(DEAD)
Rev: src/symmetric/include/RCSID.h:1.2(DEAD)
Rev: src/symmetric/include/arcfour.h:1.3(DEAD)
Rev: src/symmetric/include/blowfish.h:1.5(DEAD)
Rev: src/symmetric/include/cast.h:1.4(DEAD)
Rev: src/symmetric/include/crypto_types.h:1.7(DEAD)
Rev: src/symmetric/include/des.h:1.5(DEAD)
Rev: src/symmetric/include/idea.h:1.5(DEAD)
Rev: src/symmetric/include/md5.h:1.4(DEAD)
Rev: src/symmetric/include/rijndael.h:1.2(DEAD)
Rev: src/symmetric/include/serpent.h:1.4(DEAD)
Rev: src/symmetric/include/sha.h:1.5(DEAD)
Rev: src/symmetric/include/twofish.h:1.3(DEAD)
Rev: src/symmetric/include/types.h:1.3(DEAD)
Rev: src/symmetric/rijndael.c:1.3(DEAD)
Rev: src/symmetric/rijndael_test.c:1.2(DEAD)
Rev: src/symmetric/serpentsboxes.h:1.3(DEAD)
Rev: src/symmetric/sha.c:1.6(DEAD)
Rev: src/symmetric/twofish_test.c:1.2(DEAD)
Rev: src/symmetric/util.c:1.2(DEAD)
Rev: src/symmetric/util.h:1.3(DEAD)
| -rw-r--r-- | Makefile.am.in | 73 | ||||
| -rw-r--r-- | bf_test.c | 24 | ||||
| -rw-r--r-- | cast.c | 326 | ||||
| -rw-r--r-- | cast_sboxes.h | 545 | ||||
| -rw-r--r-- | desKerb.c | 31 | ||||
| -rw-r--r-- | desQuick.c | 54 | ||||
| -rw-r--r-- | desTest.c | 197 | ||||
| -rw-r--r-- | desUtil.c | 171 | ||||
| -rw-r--r-- | generate_q.c | 115 | ||||
| -rw-r--r-- | idea.c | 340 | ||||
| -rw-r--r-- | include/.cvsignore | 4 | ||||
| -rw-r--r-- | include/.gitignore | 4 | ||||
| -rw-r--r-- | include/Makefile.am.in | 10 | ||||
| -rw-r--r-- | include/RCSID.h | 20 | ||||
| -rw-r--r-- | include/arcfour.h | 32 | ||||
| -rw-r--r-- | include/blowfish.h | 81 | ||||
| -rw-r--r-- | include/cast.h | 37 | ||||
| -rw-r--r-- | include/crypto_types.h | 26 | ||||
| -rw-r--r-- | include/des.h | 44 | ||||
| -rw-r--r-- | include/idea.h | 31 | ||||
| -rw-r--r-- | include/md5.h | 23 | ||||
| -rw-r--r-- | include/rijndael.h | 76 | ||||
| -rw-r--r-- | include/serpent.h | 71 | ||||
| -rw-r--r-- | include/sha.h | 30 | ||||
| -rw-r--r-- | include/twofish.h | 107 | ||||
| -rw-r--r-- | include/types.h | 14 | ||||
| -rw-r--r-- | rijndael.c | 459 | ||||
| -rw-r--r-- | rijndael_test.c | 37 | ||||
| -rw-r--r-- | serpentsboxes.h | 509 | ||||
| -rw-r--r-- | sha.c | 366 | ||||
| -rw-r--r-- | twofish_test.c | 42 | ||||
| -rw-r--r-- | util.c | 31 | ||||
| -rw-r--r-- | util.h | 24 |
33 files changed, 0 insertions, 3954 deletions
diff --git a/Makefile.am.in b/Makefile.am.in deleted file mode 100644 index 2ddc8327..00000000 --- a/Makefile.am.in +++ /dev/null @@ -1,73 +0,0 @@ -## Process this file with make_am to produce Makefile.am -SUBDIRS: include -CVS_HEADERS: cvs_headers -BODY: - -AUTOMAKE_OPTIONS = foreign - -noinst_LIBRARIES = libsymmetric.a -noinst_PROGRAMS = desTest desdata bf_test twofish_test generate_q rijndael_test - -Makefile.am: Makefile.am.in - (cd $(top_srcdir) && $(MAKE) src/symmetric/Makefile.am) - -# When compiling with lsh, this is set to to -DLSH -I/path/to/lsh/include -# INCLUDES = @crypto_cpp_flags@ - -LDADD = libsymmetric.a -desdata_LDADD = - -des_headers = parity.h rotors.h keymap.h -BUILT_SOURCES = desSmallFips.c desSmallCore.c desQuickFips.c desQuickCore.c - -libsymmetric_a_SOURCES = desCode.h desKerb.c desUtil.c desQuick.c \ - $(BUILT_SOURCES) \ - sha.c md5.c idea.c arcfour.c cast.c blowfish.c twofish.c rijndael.c \ - serpent.c - -# Generate DES headers. -$(des_headers): desdata - ./desdata $@ > $@T - test -s $@T && mv -f $@T $@ - -desUtil.o: desUtil.c $(des_headers) - -# Generate DES sources. Slowest to quickest. -desSmallFips.c: - @echo > $@ '#include "desCode.h"' - @echo >> $@ 'ENCRYPT(DesSmallFipsEncrypt,TEMPSMALL,\ - LOADFIPS,KEYMAPSMALL,SAVEFIPS)' - @echo >> $@ 'DECRYPT(DesSmallFipsDecrypt,TEMPSMALL,\ - LOADFIPS,KEYMAPSMALL,SAVEFIPS)' -desSmallCore.c: - @echo > $@ '#include "desCode.h"' - @echo >> $@ 'ENCRYPT(DesSmallCoreEncrypt,TEMPSMALL,\ - LOADCORE,KEYMAPSMALL,SAVECORE)' - @echo >> $@ 'DECRYPT(DesSmallCoreDecrypt,TEMPSMALL,\ - LOADCORE,KEYMAPSMALL,SAVECORE)' -desQuickFips.c: - @echo > $@ '#include "desCode.h"' - @echo >> $@ 'ENCRYPT(DesQuickFipsEncrypt,TEMPQUICK,\ - LOADFIPS,KEYMAPQUICK,SAVEFIPS)' - @echo >> $@ 'DECRYPT(DesQuickFipsDecrypt,TEMPQUICK,\ - LOADFIPS,KEYMAPQUICK,SAVEFIPS)' -desQuickCore.c: - @echo > $@ '#include "desCode.h"' - @echo >> $@ 'ENCRYPT(DesQuickCoreEncrypt,TEMPQUICK,\ - LOADCORE,KEYMAPQUICK,SAVECORE)' - @echo >> $@ 'DECRYPT(DesQuickCoreDecrypt,TEMPQUICK,\ - LOADCORE,KEYMAPQUICK,SAVECORE)' - -EXTRA_DIST = $(cvs_headers) $(des_headers) Makefile.am.in descore.README - -.PHONY: depend -depend: - rm -f $(DEP_FILES) - make $(DEP_FILES) - -# .deps/%.P : %.c -# $(CC) $(CPPFLAGS) $(DEFS) -M -MG $< > $@ - -MAINTAINERCLEANFILES += $(DEP_FILES) - -include $(top_srcdir)/misc/ctags.mk diff --git a/bf_test.c b/bf_test.c deleted file mode 100644 index 4b1261cc..00000000 --- a/bf_test.c +++ /dev/null @@ -1,24 +0,0 @@ -/* bf_test.c - * - * $Id$ - * Test the blow fish implementation. */ - -#include "blowfish.h" - -#include <stdio.h> -#include <stdlib.h> - -int main (int argc UNUSED, char **argv UNUSED) -{ - if (bf_selftest()) - { - fprintf(stderr, "Blowfish works.\n"); - return EXIT_SUCCESS; - } - else - { - fprintf(stderr, "ERROR: Blowfish failed.\n"); - return EXIT_FAILURE; - } -} - diff --git a/cast.c b/cast.c deleted file mode 100644 index d27ea696..00000000 --- a/cast.c +++ /dev/null @@ -1,326 +0,0 @@ -/* - * $Id$ - * - * CAST-128 in C - * Written by Steve Reid <sreid@sea-to-sky.net> - * 100% Public Domain - no warranty - * Released 1997.10.11 - * - * CAST-128 is documented in - * C. Adams, "The CAST-128 Encryption Algorithm", RFC 2144. - * - */ - -/* Adapted to the pike cryptographic toolkit by Niels Möller */ - -/* Selftest added by J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl>. - * Released into the public domain. */ - -#include <assert.h> - -#include <cast.h> - -#define u8 UINT8 -#define u32 UINT32 - -#include "cast_sboxes.h" - -/* Macros to access 8-bit bytes out of a 32-bit word */ -#define U8a(x) ( (u8) (x>>24) ) -#define U8b(x) ( (u8) ((x>>16)&255) ) -#define U8c(x) ( (u8) ((x>>8)&255) ) -#define U8d(x) ( (u8) ((x)&255) ) - -/* Circular left shift */ -#define ROL(x, n) ( ((x)<<(n)) | ((x)>>(32-(n))) ) - -/* CAST-128 uses three different round functions */ -#define F1(l, r, i) \ - t = ROL(key->xkey[i] + r, key->xkey[i+16]); \ - l ^= ((cast_sbox1[U8a(t)] ^ cast_sbox2[U8b(t)]) \ - - cast_sbox3[U8c(t)]) + cast_sbox4[U8d(t)]; -#define F2(l, r, i) \ - t = ROL(key->xkey[i] ^ r, key->xkey[i+16]); \ - l ^= ((cast_sbox1[U8a(t)] - cast_sbox2[U8b(t)]) \ - + cast_sbox3[U8c(t)]) ^ cast_sbox4[U8d(t)]; -#define F3(l, r, i) \ - t = ROL(key->xkey[i] - r, key->xkey[i+16]); \ - l ^= ((cast_sbox1[U8a(t)] + cast_sbox2[U8b(t)]) \ - ^ cast_sbox3[U8c(t)]) - cast_sbox4[U8d(t)]; - - -/***** Encryption Function *****/ - -void cast_encrypt(struct cast_key *key, const u8 * const inblock, u8 *outblock) -{ - u32 t, l, r; - - /* Get inblock into l,r */ - l = ((u32)inblock[0] << 24) | ((u32)inblock[1] << 16) - | ((u32)inblock[2] << 8) | (u32)inblock[3]; - r = ((u32)inblock[4] << 24) | ((u32)inblock[5] << 16) - | ((u32)inblock[6] << 8) | (u32)inblock[7]; - /* Do the work */ - F1(l, r, 0); - F2(r, l, 1); - F3(l, r, 2); - F1(r, l, 3); - F2(l, r, 4); - F3(r, l, 5); - F1(l, r, 6); - F2(r, l, 7); - F3(l, r, 8); - F1(r, l, 9); - F2(l, r, 10); - F3(r, l, 11); - /* Only do full 16 rounds if key length > 80 bits */ - if (key->rounds > 12) { - F1(l, r, 12); - F2(r, l, 13); - F3(l, r, 14); - F1(r, l, 15); - } - /* Put l,r into outblock */ - outblock[0] = U8a(r); - outblock[1] = U8b(r); - outblock[2] = U8c(r); - outblock[3] = U8d(r); - outblock[4] = U8a(l); - outblock[5] = U8b(l); - outblock[6] = U8c(l); - outblock[7] = U8d(l); - /* Wipe clean */ - t = l = r = 0; -} - - -/***** Decryption Function *****/ - -void cast_decrypt(struct cast_key *key, const u8 * const inblock, u8 *outblock) -{ - u32 t, l, r; - - /* Get inblock into l,r */ - r = ((u32)inblock[0] << 24) | ((u32)inblock[1] << 16) - | ((u32)inblock[2] << 8) | (u32)inblock[3]; - l = ((u32)inblock[4] << 24) | ((u32)inblock[5] << 16) - | ((u32)inblock[6] << 8) | (u32)inblock[7]; - /* Do the work */ - /* Only do full 16 rounds if key length > 80 bits */ - if (key->rounds > 12) { - F1(r, l, 15); - F3(l, r, 14); - F2(r, l, 13); - F1(l, r, 12); - } - F3(r, l, 11); - F2(l, r, 10); - F1(r, l, 9); - F3(l, r, 8); - F2(r, l, 7); - F1(l, r, 6); - F3(r, l, 5); - F2(l, r, 4); - F1(r, l, 3); - F3(l, r, 2); - F2(r, l, 1); - F1(l, r, 0); - /* Put l,r into outblock */ - outblock[0] = U8a(l); - outblock[1] = U8b(l); - outblock[2] = U8c(l); - outblock[3] = U8d(l); - outblock[4] = U8a(r); - outblock[5] = U8b(r); - outblock[6] = U8c(r); - outblock[7] = U8d(r); - /* Wipe clean */ - t = l = r = 0; -} - - -/* Sanity check using the test vectors from - * B.1. Single Plaintext-Key-Ciphertext Sets, RFC 2144 - */ -int cast_selftest(void) -{ - u8 testkey128[16] = { - 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, - 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A - }; - u8 plaintext128[8] = { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF - }; - u8 ciphertext128[8] = { - 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 - }; - - u8 testkey80[10] = { - 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, - 0x23, 0x45 - }; - u8 plaintext80[8] = { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF - }; - u8 ciphertext80[8] = { - 0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B - }; - - u8 testkey40[5] = { - 0x01, 0x23, 0x45, 0x67, 0x12 - }; - u8 plaintext40[8] = { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF - }; - u8 ciphertext40[8] = { - 0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E - }; - - struct cast_key context; - u8 ciphertext[8]; - - cast_setkey(&context, testkey128, 16); - cast_encrypt(&context, plaintext128, ciphertext); - if (memcmp(ciphertext, ciphertext128, 8)) { - return 0; - } - cast_setkey(&context, testkey80, 10); - cast_encrypt(&context, plaintext80, ciphertext); - if (memcmp(ciphertext, ciphertext80, 8)) { - return 0; - } - cast_setkey(&context, testkey40, 5); - cast_encrypt(&context, plaintext40, ciphertext); - if (memcmp(ciphertext, ciphertext40, 8)) { - return 0; - } - return 1; -} - - -/***** Key Schedule *****/ - -void cast_setkey(struct cast_key *key, const u8 * const rawkey, unsigned keybytes) -{ - u32 t[4], z[4], x[4]; - unsigned i; - -#ifndef NDEBUG - static int initialized = 0; - - if (!initialized) - { - initialized = 1; - assert(cast_selftest()); - } -#endif - - /* Set number of rounds to 12 or 16, depending on key length */ - key->rounds = (keybytes <= CAST_SMALL_KEY) - ? CAST_SMALL_ROUNDS : CAST_FULL_ROUNDS; - - /* Copy key to workspace x */ - for (i = 0; i < 4; i++) { - x[i] = 0; - if ((i*4+0) < keybytes) x[i] = (u32)rawkey[i*4+0] << 24; - if ((i*4+1) < keybytes) x[i] |= (u32)rawkey[i*4+1] << 16; - if ((i*4+2) < keybytes) x[i] |= (u32)rawkey[i*4+2] << 8; - if ((i*4+3) < keybytes) x[i] |= (u32)rawkey[i*4+3]; - } - /* Generate 32 subkeys, four at a time */ - for (i = 0; i < 32; i+=4) { - switch (i & 4) { - case 0: - t[0] = z[0] = x[0] ^ cast_sbox5[U8b(x[3])] - ^ cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])] - ^ cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])]; - t[1] = z[1] = x[2] ^ cast_sbox5[U8a(z[0])] - ^ cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])] - ^ cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])]; - t[2] = z[2] = x[3] ^ cast_sbox5[U8d(z[1])] - ^ cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])] - ^ cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])]; - t[3] = z[3] = x[1] ^ cast_sbox5[U8c(z[2])] ^ - cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])] - ^ cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])]; - break; - case 4: - t[0] = x[0] = z[2] ^ cast_sbox5[U8b(z[1])] - ^ cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])] - ^ cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])]; - t[1] = x[1] = z[0] ^ cast_sbox5[U8a(x[0])] - ^ cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])] - ^ cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])]; - t[2] = x[2] = z[1] ^ cast_sbox5[U8d(x[1])] - ^ cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])] - ^ cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])]; - t[3] = x[3] = z[3] ^ cast_sbox5[U8c(x[2])] - ^ cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])] - ^ cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])]; - break; - } - switch (i & 12) { - case 0: - case 12: - key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^ cast_sbox6[U8b(t[2])] - ^ cast_sbox7[U8d(t[1])] ^ cast_sbox8[U8c(t[1])]; - key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^ cast_sbox6[U8d(t[2])] - ^ cast_sbox7[U8b(t[1])] ^ cast_sbox8[U8a(t[1])]; - key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^ cast_sbox6[U8b(t[3])] - ^ cast_sbox7[U8d(t[0])] ^ cast_sbox8[U8c(t[0])]; - key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^ cast_sbox6[U8d(t[3])] - ^ cast_sbox7[U8b(t[0])] ^ cast_sbox8[U8a(t[0])]; - break; - case 4: - case 8: - key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^ cast_sbox6[U8c(t[0])] - ^ cast_sbox7[U8a(t[3])] ^ cast_sbox8[U8b(t[3])]; - key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^ cast_sbox6[U8a(t[0])] - ^ cast_sbox7[U8c(t[3])] ^ cast_sbox8[U8d(t[3])]; - key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^ cast_sbox6[U8c(t[1])] - ^ cast_sbox7[U8a(t[2])] ^ cast_sbox8[U8b(t[2])]; - key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^ cast_sbox6[U8a(t[1])] - ^ cast_sbox7[U8c(t[2])] ^ cast_sbox8[U8d(t[2])]; - break; - } - switch (i & 12) { - case 0: - key->xkey[i+0] ^= cast_sbox5[U8c(z[0])]; - key->xkey[i+1] ^= cast_sbox6[U8c(z[1])]; - key->xkey[i+2] ^= cast_sbox7[U8b(z[2])]; - key->xkey[i+3] ^= cast_sbox8[U8a(z[3])]; - break; - case 4: - key->xkey[i+0] ^= cast_sbox5[U8a(x[2])]; - key->xkey[i+1] ^= cast_sbox6[U8b(x[3])]; - key->xkey[i+2] ^= cast_sbox7[U8d(x[0])]; - key->xkey[i+3] ^= cast_sbox8[U8d(x[1])]; - break; - case 8: - key->xkey[i+0] ^= cast_sbox5[U8b(z[2])]; - key->xkey[i+1] ^= cast_sbox6[U8a(z[3])]; - key->xkey[i+2] ^= cast_sbox7[U8c(z[0])]; - key->xkey[i+3] ^= cast_sbox8[U8c(z[1])]; - break; - case 12: - key->xkey[i+0] ^= cast_sbox5[U8d(x[0])]; - key->xkey[i+1] ^= cast_sbox6[U8d(x[1])]; - key->xkey[i+2] ^= cast_sbox7[U8a(x[2])]; - key->xkey[i+3] ^= cast_sbox8[U8b(x[3])]; - break; - } - if (i >= 16) { - key->xkey[i+0] &= 31; - key->xkey[i+1] &= 31; - key->xkey[i+2] &= 31; - key->xkey[i+3] &= 31; - } - } - /* Wipe clean */ - for (i = 0; i < 4; i++) { - t[i] = x[i] = z[i] = 0; - } -} - -/* Made in Canada */ - diff --git a/cast_sboxes.h b/cast_sboxes.h deleted file mode 100644 index 2e061aa7..00000000 --- a/cast_sboxes.h +++ /dev/null @@ -1,545 +0,0 @@ -/* - * $Id$ - * - * CAST-128 in C - * Written by Steve Reid <sreid@sea-to-sky.net> - * 100% Public Domain - no warranty - * Released 1997.10.11 - */ - -static const u32 cast_sbox1[256] = { - 0x30FB40D4, 0x9FA0FF0B, 0x6BECCD2F, 0x3F258C7A, - 0x1E213F2F, 0x9C004DD3, 0x6003E540, 0xCF9FC949, - 0xBFD4AF27, 0x88BBBDB5, 0xE2034090, 0x98D09675, - 0x6E63A0E0, 0x15C361D2, 0xC2E7661D, 0x22D4FF8E, - 0x28683B6F, 0xC07FD059, 0xFF2379C8, 0x775F50E2, - 0x43C340D3, 0xDF2F8656, 0x887CA41A, 0xA2D2BD2D, - 0xA1C9E0D6, 0x346C4819, 0x61B76D87, 0x22540F2F, - 0x2ABE32E1, 0xAA54166B, 0x22568E3A, 0xA2D341D0, - 0x66DB40C8, 0xA784392F, 0x004DFF2F, 0x2DB9D2DE, - 0x97943FAC, 0x4A97C1D8, 0x527644B7, 0xB5F437A7, - 0xB82CBAEF, 0xD751D159, 0x6FF7F0ED, 0x5A097A1F, - 0x827B68D0, 0x90ECF52E, 0x22B0C054, 0xBC8E5935, - 0x4B6D2F7F, 0x50BB64A2, 0xD2664910, 0xBEE5812D, - 0xB7332290, 0xE93B159F, 0xB48EE411, 0x4BFF345D, - 0xFD45C240, 0xAD31973F, 0xC4F6D02E, 0x55FC8165, - 0xD5B1CAAD, 0xA1AC2DAE, 0xA2D4B76D, 0xC19B0C50, - 0x882240F2, 0x0C6E4F38, 0xA4E4BFD7, 0x4F5BA272, - 0x564C1D2F, 0xC59C5319, 0xB949E354, 0xB04669FE, - 0xB1B6AB8A, 0xC71358DD, 0x6385C545, 0x110F935D, - 0x57538AD5, 0x6A390493, 0xE63D37E0, 0x2A54F6B3, - 0x3A787D5F, 0x6276A0B5, 0x19A6FCDF, 0x7A42206A, - 0x29F9D4D5, 0xF61B1891, 0xBB72275E, 0xAA508167, - 0x38901091, 0xC6B505EB, 0x84C7CB8C, 0x2AD75A0F, - 0x874A1427, 0xA2D1936B, 0x2AD286AF, 0xAA56D291, - 0xD7894360, 0x425C750D, 0x93B39E26, 0x187184C9, - 0x6C00B32D, 0x73E2BB14, 0xA0BEBC3C, 0x54623779, - 0x64459EAB, 0x3F328B82, 0x7718CF82, 0x59A2CEA6, - 0x04EE002E, 0x89FE78E6, 0x3FAB0950, 0x325FF6C2, - 0x81383F05, 0x6963C5C8, 0x76CB5AD6, 0xD49974C9, - 0xCA180DCF, 0x380782D5, 0xC7FA5CF6, 0x8AC31511, - 0x35E79E13, 0x47DA91D0, 0xF40F9086, 0xA7E2419E, - 0x31366241, 0x051EF495, 0xAA573B04, 0x4A805D8D, - 0x548300D0, 0x00322A3C, 0xBF64CDDF, 0xBA57A68E, - 0x75C6372B, 0x50AFD341, 0xA7C13275, 0x915A0BF5, - 0x6B54BFAB, 0x2B0B1426, 0xAB4CC9D7, 0x449CCD82, - 0xF7FBF265, 0xAB85C5F3, 0x1B55DB94, 0xAAD4E324, - 0xCFA4BD3F, 0x2DEAA3E2, 0x9E204D02, 0xC8BD25AC, - 0xEADF55B3, 0xD5BD9E98, 0xE31231B2, 0x2AD5AD6C, - 0x954329DE, 0xADBE4528, 0xD8710F69, 0xAA51C90F, - 0xAA786BF6, 0x22513F1E, 0xAA51A79B, 0x2AD344CC, - 0x7B5A41F0, 0xD37CFBAD, 0x1B069505, 0x41ECE491, - 0xB4C332E6, 0x032268D4, 0xC9600ACC, 0xCE387E6D, - 0xBF6BB16C, 0x6A70FB78, 0x0D03D9C9, 0xD4DF39DE, - 0xE01063DA, 0x4736F464, 0x5AD328D8, 0xB347CC96, - 0x75BB0FC3, 0x98511BFB, 0x4FFBCC35, 0xB58BCF6A, - 0xE11F0ABC, 0xBFC5FE4A, 0xA70AEC10, 0xAC39570A, - 0x3F04442F, 0x6188B153, 0xE0397A2E, 0x5727CB79, - 0x9CEB418F, 0x1CACD68D, 0x2AD37C96, 0x0175CB9D, - 0xC69DFF09, 0xC75B65F0, 0xD9DB40D8, 0xEC0E7779, - 0x4744EAD4, 0xB11C3274, 0xDD24CB9E, 0x7E1C54BD, - 0xF01144F9, 0xD2240EB1, 0x9675B3FD, 0xA3AC3755, - 0xD47C27AF, 0x51C85F4D, 0x56907596, 0xA5BB15E6, - 0x580304F0, 0xCA042CF1, 0x011A37EA, 0x8DBFAADB, - 0x35BA3E4A, 0x3526FFA0, 0xC37B4D09, 0xBC306ED9, - 0x98A52666, 0x5648F725, 0xFF5E569D, 0x0CED63D0, - 0x7C63B2CF, 0x700B45E1, 0xD5EA50F1, 0x85A92872, - 0xAF1FBDA7, 0xD4234870, 0xA7870BF3, 0x2D3B4D79, - 0x42E04198, 0x0CD0EDE7, 0x26470DB8, 0xF881814C, - 0x474D6AD7, 0x7C0C5E5C, 0xD1231959, 0x381B7298, - 0xF5D2F4DB, 0xAB838653, 0x6E2F1E23, 0x83719C9E, - 0xBD91E046, 0x9A56456E, 0xDC39200C, 0x20C8C571, - 0x962BDA1C, 0xE1E696FF, 0xB141AB08, 0x7CCA89B9, - 0x1A69E783, 0x02CC4843, 0xA2F7C579, 0x429EF47D, - 0x427B169C, 0x5AC9F049, 0xDD8F0F00, 0x5C8165BF -}; - -static const u32 cast_sbox2[256] = { - 0x1F201094, 0xEF0BA75B, 0x69E3CF7E, 0x393F4380, - 0xFE61CF7A, 0xEEC5207A, 0x55889C94, 0x72FC0651, - 0xADA7EF79, 0x4E1D7235, 0xD55A63CE, 0xDE0436BA, - 0x99C430EF, 0x5F0C0794, 0x18DCDB7D, 0xA1D6EFF3, - 0xA0B52F7B, 0x59E83605, 0xEE15B094, 0xE9FFD909, - 0xDC440086, 0xEF944459, 0xBA83CCB3, 0xE0C3CDFB, - 0xD1DA4181, 0x3B092AB1, 0xF997F1C1, 0xA5E6CF7B, - 0x01420DDB, 0xE4E7EF5B, 0x25A1FF41, 0xE180F806, - 0x1FC41080, 0x179BEE7A, 0xD37AC6A9, 0xFE5830A4, - 0x98DE8B7F, 0x77E83F4E, 0x79929269, 0x24FA9F7B, - 0xE113C85B, 0xACC40083, 0xD7503525, 0xF7EA615F, - 0x62143154, 0x0D554B63, 0x5D681121, 0xC866C359, - 0x3D63CF73, 0xCEE234C0, 0xD4D87E87, 0x5C672B21, - 0x071F6181, 0x39F7627F, 0x361E3084, 0xE4EB573B, - 0x602F64A4, 0xD63ACD9C, 0x1BBC4635, 0x9E81032D, - 0x2701F50C, 0x99847AB4, 0xA0E3DF79, 0xBA6CF38C, - 0x10843094, 0x2537A95E, 0xF46F6FFE, 0xA1FF3B1F, - 0x208CFB6A, 0x8F458C74, 0xD9E0A227, 0x4EC73A34, - 0xFC884F69, 0x3E4DE8DF, 0xEF0E0088, 0x3559648D, - 0x8A45388C, 0x1D804366, 0x721D9BFD, 0xA58684BB, - 0xE8256333, 0x844E8212, 0x128D8098, 0xFED33FB4, - 0xCE280AE1, 0x27E19BA5, 0xD5A6C252, 0xE49754BD, - 0xC5D655DD, 0xEB667064, 0x77840B4D, 0xA1B6A801, - 0x84DB26A9, 0xE0B56714, 0x21F043B7, 0xE5D05860, - 0x54F03084, 0x066FF472, 0xA31AA153, 0xDADC4755, - 0xB5625DBF, 0x68561BE6, 0x83CA6B94, 0x2D6ED23B, - 0xECCF01DB, 0xA6D3D0BA, 0xB6803D5C, 0xAF77A709, - 0x33B4A34C, 0x397BC8D6, 0x5EE22B95, 0x5F0E5304, - 0x81ED6F61, 0x20E74364, 0xB45E1378, 0xDE18639B, - 0x881CA122, 0xB96726D1, 0x8049A7E8, 0x22B7DA7B, - 0x5E552D25, 0x5272D237, 0x79D2951C, 0xC60D894C, - 0x488CB402, 0x1BA4FE5B, 0xA4B09F6B, 0x1CA815CF, - 0xA20C3005, 0x8871DF63, 0xB9DE2FCB, 0x0CC6C9E9, - 0x0BEEFF53, 0xE3214517, 0xB4542835, 0x9F63293C, - 0xEE41E729, 0x6E1D2D7C, 0x50045286, 0x1E6685F3, - 0xF33401C6, 0x30A22C95, 0x31A70850, 0x60930F13, - 0x73F98417, 0xA1269859, 0xEC645C44, 0x52C877A9, - 0xCDFF33A6, 0xA02B1741, 0x7CBAD9A2, 0x2180036F, - 0x50D99C08, 0xCB3F4861, 0xC26BD765, 0x64A3F6AB, - 0x80342676, 0x25A75E7B, 0xE4E6D1FC, 0x20C710E6, - 0xCDF0B680, 0x17844D3B, 0x31EEF84D, 0x7E0824E4, - 0x2CCB49EB, 0x846A3BAE, 0x8FF77888, 0xEE5D60F6, - 0x7AF75673, 0x2FDD5CDB, 0xA11631C1, 0x30F66F43, - 0xB3FAEC54, 0x157FD7FA, 0xEF8579CC, 0xD152DE58, - 0xDB2FFD5E, 0x8F32CE19, 0x306AF97A, 0x02F03EF8, - 0x99319AD5, 0xC242FA0F, 0xA7E3EBB0, 0xC68E4906, - 0xB8DA230C, 0x80823028, 0xDCDEF3C8, 0xD35FB171, - 0x088A1BC8, 0xBEC0C560, 0x61A3C9E8, 0xBCA8F54D, - 0xC72FEFFA, 0x22822E99, 0x82C570B4, 0xD8D94E89, - 0x8B1C34BC, 0x301E16E6, 0x273BE979, 0xB0FFEAA6, - 0x61D9B8C6, 0x00B24869, 0xB7FFCE3F, 0x08DC283B, - 0x43DAF65A, 0xF7E19798, 0x7619B72F, 0x8F1C9BA4, - 0xDC8637A0, 0x16A7D3B1, 0x9FC393B7, 0xA7136EEB, - 0xC6BCC63E, 0x1A513742, 0xEF6828BC, 0x520365D6, - 0x2D6A77AB, 0x3527ED4B, 0x821FD216, 0x095C6E2E, - 0xDB92F2FB, 0x5EEA29CB, 0x145892F5, 0x91584F7F, - 0x5483697B, 0x2667A8CC, 0x85196048, 0x8C4BACEA, - 0x833860D4, 0x0D23E0F9, 0x6C387E8A, 0x0AE6D249, - 0xB284600C, 0xD835731D, 0xDCB1C647, 0xAC4C56EA, - 0x3EBD81B3, 0x230EABB0, 0x6438BC87, 0xF0B5B1FA, - 0x8F5EA2B3, 0xFC184642, 0x0A036B7A, 0x4FB089BD, - 0x649DA589, 0xA345415E, 0x5C038323, 0x3E5D3BB9, - 0x43D79572, 0x7E6DD07C, 0x06DFDF1E, 0x6C6CC4EF, - 0x7160A539, 0x73BFBE70, 0x83877605, 0x4523ECF1 -}; - -static const u32 cast_sbox3[256] = { - 0x8DEFC240, 0x25FA5D9F, 0xEB903DBF, 0xE810C907, - 0x47607FFF, 0x369FE44B, 0x8C1FC644, 0xAECECA90, - 0xBEB1F9BF, 0xEEFBCAEA, 0xE8CF1950, 0x51DF07AE, - 0x920E8806, 0xF0AD0548, 0xE13C8D83, 0x927010D5, - 0x11107D9F, 0x07647DB9, 0xB2E3E4D4, 0x3D4F285E, - 0xB9AFA820, 0xFADE82E0, 0xA067268B, 0x8272792E, - 0x553FB2C0, 0x489AE22B, 0xD4EF9794, 0x125E3FBC, - 0x21FFFCEE, 0x825B1BFD, 0x9255C5ED, 0x1257A240, - 0x4E1A8302, 0xBAE07FFF, 0x528246E7, 0x8E57140E, - 0x3373F7BF, 0x8C9F8188, 0xA6FC4EE8, 0xC982B5A5, - 0xA8C01DB7, 0x579FC264, 0x67094F31, 0xF2BD3F5F, - 0x40FFF7C1, 0x1FB78DFC, 0x8E6BD2C1, 0x437BE59B, - 0x99B03DBF, 0xB5DBC64B, 0x638DC0E6, 0x55819D99, - 0xA197C81C, 0x4A012D6E, 0xC5884A28, 0xCCC36F71, - 0xB843C213, 0x6C0743F1, 0x8309893C, 0x0FEDDD5F, - 0x2F7FE850, 0xD7C07F7E, 0x02507FBF, 0x5AFB9A04, - 0xA747D2D0, 0x1651192E, 0xAF70BF3E, 0x58C31380, - 0x5F98302E, 0x727CC3C4, 0x0A0FB402, 0x0F7FEF82, - 0x8C96FDAD, 0x5D2C2AAE, 0x8EE99A49, 0x50DA88B8, - 0x8427F4A0, 0x1EAC5790, 0x796FB449, 0x8252DC15, - 0xEFBD7D9B, 0xA672597D, 0xADA840D8, 0x45F54504, - 0xFA5D7403, 0xE83EC305, 0x4F91751A, 0x925669C2, - 0x23EFE941, 0xA903F12E, 0x60270DF2, 0x0276E4B6, - 0x94FD6574, 0x927985B2, 0x8276DBCB, 0x02778176, - 0xF8AF918D, 0x4E48F79E, 0x8F616DDF, 0xE29D840E, - 0x842F7D83, 0x340CE5C8, 0x96BBB682, 0x93B4B148, - 0xEF303CAB, 0x984FAF28, 0x779FAF9B, 0x92DC560D, - 0x224D1E20, 0x8437AA88, 0x7D29DC96, 0x2756D3DC, - 0x8B907CEE, 0xB51FD240, 0xE7C07CE3, 0xE566B4A1, - 0xC3E9615E, 0x3CF8209D, 0x6094D1E3, 0xCD9CA341, - 0x5C76460E, 0x00EA983B, 0xD4D67881, 0xFD47572C, - 0xF76CEDD9, 0xBDA8229C, 0x127DADAA, 0x438A074E, - 0x1F97C090, 0x081BDB8A, 0x93A07EBE, 0xB938CA15, - 0x97B03CFF, 0x3DC2C0F8, 0x8D1AB2EC, 0x64380E51, - 0x68CC7BFB, 0xD90F2788, 0x12490181, 0x5DE5FFD4, - 0xDD7EF86A, 0x76A2E214, 0xB9A40368, 0x925D958F, - 0x4B39FFFA, 0xBA39AEE9, 0xA4FFD30B, 0xFAF7933B, - 0x6D498623, 0x193CBCFA, 0x27627545, 0x825CF47A, - 0x61BD8BA0, 0xD11E42D1, 0xCEAD04F4, 0x127EA392, - 0x10428DB7, 0x8272A972, 0x9270C4A8, 0x127DE50B, - 0x285BA1C8, 0x3C62F44F, 0x35C0EAA5, 0xE805D231, - 0x428929FB, 0xB4FCDF82, 0x4FB66A53, 0x0E7DC15B, - 0x1F081FAB, 0x108618AE, 0xFCFD086D, 0xF9FF2889, - 0x694BCC11, 0x236A5CAE, 0x12DECA4D, 0x2C3F8CC5, - 0xD2D02DFE, 0xF8EF5896, 0xE4CF52DA, 0x95155B67, - 0x494A488C, 0xB9B6A80C, 0x5C8F82BC, 0x89D36B45, - 0x3A609437, 0xEC00C9A9, 0x44715253, 0x0A874B49, - 0xD773BC40, 0x7C34671C, 0x02717EF6, 0x4FEB5536, - 0xA2D02FFF, 0xD2BF60C4, 0xD43F03C0, 0x50B4EF6D, - 0x07478CD1, 0x006E1888, 0xA2E53F55, 0xB9E6D4BC, - 0xA2048016, 0x97573833, 0xD7207D67, 0xDE0F8F3D, - 0x72F87B33, 0xABCC4F33, 0x7688C55D, 0x7B00A6B0, - 0x947B0001, 0x570075D2, 0xF9BB88F8, 0x8942019E, - 0x4264A5FF, 0x856302E0, 0x72DBD92B, 0xEE971B69, - 0x6EA22FDE, 0x5F08AE2B, 0xAF7A616D, 0xE5C98767, - 0xCF1FEBD2, 0x61EFC8C2, 0xF1AC2571, 0xCC8239C2, - 0x67214CB8, 0xB1E583D1, 0xB7DC3E62, 0x7F10BDCE, - 0xF90A5C38, 0x0FF0443D, 0x606E6DC6, 0x60543A49, - 0x5727C148, 0x2BE98A1D, 0x8AB41738, 0x20E1BE24, - 0xAF96DA0F, 0x68458425, 0x99833BE5, 0x600D457D, - 0x282F9350, 0x8334B362, 0xD91D1120, 0x2B6D8DA0, - 0x642B1E31, 0x9C305A00, 0x52BCE688, 0x1B03588A, - 0xF7BAEFD5, 0x4142ED9C, 0xA4315C11, 0x83323EC5, - 0xDFEF4636, 0xA133C501, 0xE9D3531C, 0xEE353783 -}; - -static const u32 cast_sbox4[256] = { - 0x9DB30420, 0x1FB6E9DE, 0xA7BE7BEF, 0xD273A298, - 0x4A4F7BDB, 0x64AD8C57, 0x85510443, 0xFA020ED1, - 0x7E287AFF, 0xE60FB663, 0x095F35A1, 0x79EBF120, - 0xFD059D43, 0x6497B7B1, 0xF3641F63, 0x241E4ADF, - 0x28147F5F, 0x4FA2B8CD, 0xC9430040, 0x0CC32220, - 0xFDD30B30, 0xC0A5374F, 0x1D2D00D9, 0x24147B15, - 0xEE4D111A, 0x0FCA5167, 0x71FF904C, 0x2D195FFE, - 0x1A05645F, 0x0C13FEFE, 0x081B08CA, 0x05170121, - 0x80530100, 0xE83E5EFE, 0xAC9AF4F8, 0x7FE72701, - 0xD2B8EE5F, 0x06DF4261, 0xBB9E9B8A, 0x7293EA25, - 0xCE84FFDF, 0xF5718801, 0x3DD64B04, 0xA26F263B, - 0x7ED48400, 0x547EEBE6, 0x446D4CA0, 0x6CF3D6F5, - 0x2649ABDF, 0xAEA0C7F5, 0x36338CC1, 0x503F7E93, - 0xD3772061, 0x11B638E1, 0x72500E03, 0xF80EB2BB, - 0xABE0502E, 0xEC8D77DE, 0x57971E81, 0xE14F6746, - 0xC9335400, 0x6920318F, 0x081DBB99, 0xFFC304A5, - 0x4D351805, 0x7F3D5CE3, 0xA6C866C6, 0x5D5BCCA9, - 0xDAEC6FEA, 0x9F926F91, 0x9F46222F, 0x3991467D, - 0xA5BF6D8E, 0x1143C44F, 0x43958302, 0xD0214EEB, - 0x022083B8, 0x3FB6180C, 0x18F8931E, 0x281658E6, - 0x26486E3E, 0x8BD78A70, 0x7477E4C1, 0xB506E07C, - 0xF32D0A25, 0x79098B02, 0xE4EABB81, 0x28123B23, - 0x69DEAD38, 0x1574CA16, 0xDF871B62, 0x211C40B7, - 0xA51A9EF9, 0x0014377B, 0x041E8AC8, 0x09114003, - 0xBD59E4D2, 0xE3D156D5, 0x4FE876D5, 0x2F91A340, - 0x557BE8DE, 0x00EAE4A7, 0x0CE5C2EC, 0x4DB4BBA6, - 0xE756BDFF, 0xDD3369AC, 0xEC17B035, 0x06572327, - 0x99AFC8B0, 0x56C8C391, 0x6B65811C, 0x5E146119, - 0x6E85CB75, 0xBE07C002, 0xC2325577, 0x893FF4EC, - 0x5BBFC92D, 0xD0EC3B25, 0xB7801AB7, 0x8D6D3B24, - 0x20C763EF, 0xC366A5FC, 0x9C382880, 0x0ACE3205, - 0xAAC9548A, 0xECA1D7C7, 0x041AFA32, 0x1D16625A, - 0x6701902C, 0x9B757A54, 0x31D477F7, 0x9126B031, - 0x36CC6FDB, 0xC70B8B46, 0xD9E66A48, 0x56E55A79, - 0x026A4CEB, 0x52437EFF, 0x2F8F76B4, 0x0DF980A5, - 0x8674CDE3, 0xEDDA04EB, 0x17A9BE04, 0x2C18F4DF, - 0xB7747F9D, 0xAB2AF7B4, 0xEFC34D20, 0x2E096B7C, - 0x1741A254, 0xE5B6A035, 0x213D42F6, 0x2C1C7C26, - 0x61C2F50F, 0x6552DAF9, 0xD2C231F8, 0x25130F69, - 0xD8167FA2, 0x0418F2C8, 0x001A96A6, 0x0D1526AB, - 0x63315C21, 0x5E0A72EC, 0x49BAFEFD, 0x187908D9, - 0x8D0DBD86, 0x311170A7, 0x3E9B640C, 0xCC3E10D7, - 0xD5CAD3B6, 0x0CAEC388, 0xF73001E1, 0x6C728AFF, - 0x71EAE2A1, 0x1F9AF36E, 0xCFCBD12F, 0xC1DE8417, - 0xAC07BE6B, 0xCB44A1D8, 0x8B9B0F56, 0x013988C3, - 0xB1C52FCA, 0xB4BE31CD, 0xD8782806, 0x12A3A4E2, - 0x6F7DE532, 0x58FD7EB6, 0xD01EE900, 0x24ADFFC2, - 0xF4990FC5, 0x9711AAC5, 0x001D7B95, 0x82E5E7D2, - 0x109873F6, 0x00613096, 0xC32D9521, 0xADA121FF, - 0x29908415, 0x7FBB977F, 0xAF9EB3DB, 0x29C9ED2A, - 0x5CE2A465, 0xA730F32C, 0xD0AA3FE8, 0x8A5CC091, - 0xD49E2CE7, 0x0CE454A9, 0xD60ACD86, 0x015F1919, - 0x77079103, 0xDEA03AF6, 0x78A8565E, 0xDEE356DF, - 0x21F05CBE, 0x8B75E387, 0xB3C50651, 0xB8A5C3EF, - 0xD8EEB6D2, 0xE523BE77, 0xC2154529, 0x2F69EFDF, - 0xAFE67AFB, 0xF470C4B2, 0xF3E0EB5B, 0xD6CC9876, - 0x39E4460C, 0x1FDA8538, 0x1987832F, 0xCA007367, - 0xA99144F8, 0x296B299E, 0x492FC295, 0x9266BEAB, - 0xB5676E69, 0x9BD3DDDA, 0xDF7E052F, 0xDB25701C, - 0x1B5E51EE, 0xF65324E6, 0x6AFCE36C, 0x0316CC04, - 0x8644213E, 0xB7DC59D0, 0x7965291F, 0xCCD6FD43, - 0x41823979, 0x932BCDF6, 0xB657C34D, 0x4EDFD282, - 0x7AE5290C, 0x3CB9536B, 0x851E20FE, 0x9833557E, - 0x13ECF0B0, 0xD3FFB372, 0x3F85C5C1, 0x0AEF7ED2 -}; - -static const u32 cast_sbox5[256] = { - 0x7EC90C04, 0x2C6E74B9, 0x9B0E66DF, 0xA6337911, - 0xB86A7FFF, 0x1DD358F5, 0x44DD9D44, 0x1731167F, - 0x08FBF1FA, 0xE7F511CC, 0xD2051B00, 0x735ABA00, - 0x2AB722D8, 0x386381CB, 0xACF6243A, 0x69BEFD7A, - 0xE6A2E77F, 0xF0C720CD, 0xC4494816, 0xCCF5C180, - 0x38851640, 0x15B0A848, 0xE68B18CB, 0x4CAADEFF, - 0x5F480A01, 0x0412B2AA, 0x259814FC, 0x41D0EFE2, - 0x4E40B48D, 0x248EB6FB, 0x8DBA1CFE, 0x41A99B02, - 0x1A550A04, 0xBA8F65CB, 0x7251F4E7, 0x95A51725, - 0xC106ECD7, 0x97A5980A, 0xC539B9AA, 0x4D79FE6A, - 0xF2F3F763, 0x68AF8040, 0xED0C9E56, 0x11B4958B, - 0xE1EB5A88, 0x8709E6B0, 0xD7E07156, 0x4E29FEA7, - 0x6366E52D, 0x02D1C000, 0xC4AC8E05, 0x9377F571, - 0x0C05372A, 0x578535F2, 0x2261BE02, 0xD642A0C9, - 0xDF13A280, 0x74B55BD2, 0x682199C0, 0xD421E5EC, - 0x53FB3CE8, 0xC8ADEDB3, 0x28A87FC9, 0x3D959981, - 0x5C1FF900, 0xFE38D399, 0x0C4EFF0B, 0x062407EA, - 0xAA2F4FB1, 0x4FB96976, 0x90C79505, 0xB0A8A774, - 0xEF55A1FF, 0xE59CA2C2, 0xA6B62D27, 0xE66A4263, - 0xDF65001F, 0x0EC50966, 0xDFDD55BC, 0x29DE0655, - 0x911E739A, 0x17AF8975, 0x32C7911C, 0x89F89468, - 0x0D01E980, 0x524755F4, 0x03B63CC9, 0x0CC844B2, - 0xBCF3F0AA, 0x87AC36E9, 0xE53A7426, 0x01B3D82B, - 0x1A9E7449, 0x64EE2D7E, 0xCDDBB1DA, 0x01C94910, - 0xB868BF80, 0x0D26F3FD, 0x9342EDE7, 0x04A5C284, - 0x636737B6, 0x50F5B616, 0xF24766E3, 0x8ECA36C1, - 0x136E05DB, 0xFEF18391, 0xFB887A37, 0xD6E7F7D4, - 0xC7FB7DC9, 0x3063FCDF, 0xB6F589DE, 0xEC2941DA, - 0x26E46695, 0xB7566419, 0xF654EFC5, 0xD08D58B7, - 0x48925401, 0xC1BACB7F, 0xE5FF550F, 0xB6083049, - 0x5BB5D0E8, 0x87D72E5A, 0xAB6A6EE1, 0x223A66CE, - 0xC62BF3CD, 0x9E0885F9, 0x68CB3E47, 0x086C010F, - 0xA21DE820, 0xD18B69DE, 0xF3F65777, 0xFA02C3F6, - 0x407EDAC3, 0xCBB3D550, 0x1793084D, 0xB0D70EBA, - 0x0AB378D5, 0xD951FB0C, 0xDED7DA56, 0x4124BBE4, - 0x94CA0B56, 0x0F5755D1, 0xE0E1E56E, 0x6184B5BE, - 0x580A249F, 0x94F74BC0, 0xE327888E, 0x9F7B5561, - 0xC3DC0280, 0x05687715, 0x646C6BD7, 0x44904DB3, - 0x66B4F0A3, 0xC0F1648A, 0x697ED5AF, 0x49E92FF6, - 0x309E374F, 0x2CB6356A, 0x85808573, 0x4991F840, - 0x76F0AE02, 0x083BE84D, 0x28421C9A, 0x44489406, - 0x736E4CB8, 0xC1092910, 0x8BC95FC6, 0x7D869CF4, - 0x134F616F, 0x2E77118D, 0xB31B2BE1, 0xAA90B472, - 0x3CA5D717, 0x7D161BBA, 0x9CAD9010, 0xAF462BA2, - 0x9FE459D2, 0x45D34559, 0xD9F2DA13, 0xDBC65487, - 0xF3E4F94E, 0x176D486F, 0x097C13EA, 0x631DA5C7, - 0x445F7382, 0x175683F4, 0xCDC66A97, 0x70BE0288, - 0xB3CDCF72, 0x6E5DD2F3, 0x20936079, 0x459B80A5, - 0xBE60E2DB, 0xA9C23101, 0xEBA5315C, 0x224E42F2, - 0x1C5C1572, 0xF6721B2C, 0x1AD2FFF3, 0x8C25404E, - 0x324ED72F, 0x4067B7FD, 0x0523138E, 0x5CA3BC78, - 0xDC0FD66E, 0x75922283, 0x784D6B17, 0x58EBB16E, - 0x44094F85, 0x3F481D87, 0xFCFEAE7B, 0x77B5FF76, - 0x8C2302BF, 0xAAF47556, 0x5F46B02A, 0x2B092801, - 0x3D38F5F7, 0x0CA81F36, 0x52AF4A8A, 0x66D5E7C0, - 0xDF3B0874, 0x95055110, 0x1B5AD7A8, 0xF61ED5AD, - 0x6CF6E479, 0x20758184, 0xD0CEFA65, 0x88F7BE58, - 0x4A046826, 0x0FF6F8F3, 0xA09C7F70, 0x5346ABA0, - 0x5CE96C28, 0xE176EDA3, 0x6BAC307F, 0x376829D2, - 0x85360FA9, 0x17E3FE2A, 0x24B79767, 0xF5A96B20, - 0xD6CD2595, 0x68FF1EBF, 0x7555442C, 0xF19F06BE, - 0xF9E0659A, 0xEEB9491D, 0x34010718, 0xBB30CAB8, - 0xE822FE15, 0x88570983, 0x750E6249, 0xDA627E55, - 0x5E76FFA8, 0xB1534546, 0x6D47DE08, 0xEFE9E7D4 -}; - -static const u32 cast_sbox6[256] = { - 0xF6FA8F9D, 0x2CAC6CE1, 0x4CA34867, 0xE2337F7C, - 0x95DB08E7, 0x016843B4, 0xECED5CBC, 0x325553AC, - 0xBF9F0960, 0xDFA1E2ED, 0x83F0579D, 0x63ED86B9, - 0x1AB6A6B8, 0xDE5EBE39, 0xF38FF732, 0x8989B138, - 0x33F14961, 0xC01937BD, 0xF506C6DA, 0xE4625E7E, - 0xA308EA99, 0x4E23E33C, 0x79CBD7CC, 0x48A14367, - 0xA3149619, 0xFEC94BD5, 0xA114174A, 0xEAA01866, - 0xA084DB2D, 0x09A8486F, 0xA888614A, 0x2900AF98, - 0x01665991, 0xE1992863, 0xC8F30C60, 0x2E78EF3C, - 0xD0D51932, 0xCF0FEC14, 0xF7CA07D2, 0xD0A82072, - 0xFD41197E, 0x9305A6B0, 0xE86BE3DA, 0x74BED3CD, - 0x372DA53C, 0x4C7F4448, 0xDAB5D440, 0x6DBA0EC3, - 0x083919A7, 0x9FBAEED9, 0x49DBCFB0, 0x4E670C53, - 0x5C3D9C01, 0x64BDB941, 0x2C0E636A, 0xBA7DD9CD, - 0xEA6F7388, 0xE70BC762, 0x35F29ADB, 0x5C4CDD8D, - 0xF0D48D8C, 0xB88153E2, 0x08A19866, 0x1AE2EAC8, - 0x284CAF89, 0xAA928223, 0x9334BE53, 0x3B3A21BF, - 0x16434BE3, 0x9AEA3906, 0xEFE8C36E, 0xF890CDD9, - 0x80226DAE, 0xC340A4A3, 0xDF7E9C09, 0xA694A807, - 0x5B7C5ECC, 0x221DB3A6, 0x9A69A02F, 0x68818A54, - 0xCEB2296F, 0x53C0843A, 0xFE893655, 0x25BFE68A, - 0xB4628ABC, 0xCF222EBF, 0x25AC6F48, 0xA9A99387, - 0x53BDDB65, 0xE76FFBE7, 0xE967FD78, 0x0BA93563, - 0x8E342BC1, 0xE8A11BE9, 0x4980740D, 0xC8087DFC, - 0x8DE4BF99, 0xA11101A0, 0x7FD37975, 0xDA5A26C0, - 0xE81F994F, 0x9528CD89, 0xFD339FED, 0xB87834BF, - 0x5F04456D, 0x22258698, 0xC9C4C83B, 0x2DC156BE, - 0x4F628DAA, 0x57F55EC5, 0xE2220ABE, 0xD2916EBF, - 0x4EC75B95, 0x24F2C3C0, 0x42D15D99, 0xCD0D7FA0, - 0x7B6E27FF, 0xA8DC8AF0, 0x7345C106, 0xF41E232F, - 0x35162386, 0xE6EA8926, 0x3333B094, 0x157EC6F2, - 0x372B74AF, 0x692573E4, 0xE9A9D848, 0xF3160289, - 0x3A62EF1D, 0xA787E238, 0xF3A5F676, 0x74364853, - 0x20951063, 0x4576698D, 0xB6FAD407, 0x592AF950, - 0x36F73523, 0x4CFB6E87, 0x7DA4CEC0, 0x6C152DAA, - 0xCB0396A8, 0xC50DFE5D, 0xFCD707AB, 0x0921C42F, - 0x89DFF0BB, 0x5FE2BE78, 0x448F4F33, 0x754613C9, - 0x2B05D08D, 0x48B9D585, 0xDC049441, 0xC8098F9B, - 0x7DEDE786, 0xC39A3373, 0x42410005, 0x6A091751, - 0x0EF3C8A6, 0x890072D6, 0x28207682, 0xA9A9F7BE, - 0xBF32679D, 0xD45B5B75, 0xB353FD00, 0xCBB0E358, - 0x830F220A, 0x1F8FB214, 0xD372CF08, 0xCC3C4A13, - 0x8CF63166, 0x061C87BE, 0x88C98F88, 0x6062E397, - 0x47CF8E7A, 0xB6C85283, 0x3CC2ACFB, 0x3FC06976, - 0x4E8F0252, 0x64D8314D, 0xDA3870E3, 0x1E665459, - 0xC10908F0, 0x513021A5, 0x6C5B68B7, 0x822F8AA0, - 0x3007CD3E, 0x74719EEF, 0xDC872681, 0x073340D4, - 0x7E432FD9, 0x0C5EC241, 0x8809286C, 0xF592D891, - 0x08A930F6, 0x957EF305, 0xB7FBFFBD, 0xC266E96F, - 0x6FE4AC98, 0xB173ECC0, 0xBC60B42A, 0x953498DA, - 0xFBA1AE12, 0x2D4BD736, 0x0F25FAAB, 0xA4F3FCEB, - 0xE2969123, 0x257F0C3D, 0x9348AF49, 0x361400BC, - 0xE8816F4A, 0x3814F200, 0xA3F94043, 0x9C7A54C2, - 0xBC704F57, 0xDA41E7F9, 0xC25AD33A, 0x54F4A084, - 0xB17F5505, 0x59357CBE, 0xEDBD15C8, 0x7F97C5AB, - 0xBA5AC7B5, 0xB6F6DEAF, 0x3A479C3A, 0x5302DA25, - 0x653D7E6A, 0x54268D49, 0x51A477EA, 0x5017D55B, - 0xD7D25D88, 0x44136C76, 0x0404A8C8, 0xB8E5A121, - 0xB81A928A, 0x60ED5869, 0x97C55B96, 0xEAEC991B, - 0x29935913, 0x01FDB7F1, 0x088E8DFA, 0x9AB6F6F5, - 0x3B4CBF9F, 0x4A5DE3AB, 0xE6051D35, 0xA0E1D855, - 0xD36B4CF1, 0xF544EDEB, 0xB0E93524, 0xBEBB8FBD, - 0xA2D762CF, 0x49C92F54, 0x38B5F331, 0x7128A454, - 0x48392905, 0xA65B1DB8, 0x851C97BD, 0xD675CF2F -}; - -static const u32 cast_sbox7[256] = { - 0x85E04019, 0x332BF567, 0x662DBFFF, 0xCFC65693, - 0x2A8D7F6F, 0xAB9BC912, 0xDE6008A1, 0x2028DA1F, - 0x0227BCE7, 0x4D642916, 0x18FAC300, 0x50F18B82, - 0x2CB2CB11, 0xB232E75C, 0x4B3695F2, 0xB28707DE, - 0xA05FBCF6, 0xCD4181E9, 0xE150210C, 0xE24EF1BD, - 0xB168C381, 0xFDE4E789, 0x5C79B0D8, 0x1E8BFD43, - 0x4D495001, 0x38BE4341, 0x913CEE1D, 0x92A79C3F, - 0x089766BE, 0xBAEEADF4, 0x1286BECF, 0xB6EACB19, - 0x2660C200, 0x7565BDE4, 0x64241F7A, 0x8248DCA9, - 0xC3B3AD66, 0x28136086, 0x0BD8DFA8, 0x356D1CF2, - 0x107789BE, 0xB3B2E9CE, 0x0502AA8F, 0x0BC0351E, - 0x166BF52A, 0xEB12FF82, 0xE3486911, 0xD34D7516, - 0x4E7B3AFF, 0x5F43671B, 0x9CF6E037, 0x4981AC83, - 0x334266CE, 0x8C9341B7, 0xD0D854C0, 0xCB3A6C88, - 0x47BC2829, 0x4725BA37, 0xA66AD22B, 0x7AD61F1E, - 0x0C5CBAFA, 0x4437F107, 0xB6E79962, 0x42D2D816, - 0x0A961288, 0xE1A5C06E, 0x13749E67, 0x72FC081A, - 0xB1D139F7, 0xF9583745, 0xCF19DF58, 0xBEC3F756, - 0xC06EBA30, 0x07211B24, 0x45C28829, 0xC95E317F, - 0xBC8EC511, 0x38BC46E9, 0xC6E6FA14, 0xBAE8584A, - 0xAD4EBC46, 0x468F508B, 0x7829435F, 0xF124183B, - 0x821DBA9F, 0xAFF60FF4, 0xEA2C4E6D, 0x16E39264, - 0x92544A8B, 0x009B4FC3, 0xABA68CED, 0x9AC96F78, - 0x06A5B79A, 0xB2856E6E, 0x1AEC3CA9, 0xBE838688, - 0x0E0804E9, 0x55F1BE56, 0xE7E5363B, 0xB3A1F25D, - 0xF7DEBB85, 0x61FE033C, 0x16746233, 0x3C034C28, - 0xDA6D0C74, 0x79AAC56C, 0x3CE4E1AD, 0x51F0C802, - 0x98F8F35A, 0x1626A49F, 0xEED82B29, 0x1D382FE3, - 0x0C4FB99A, 0xBB325778, 0x3EC6D97B, 0x6E77A6A9, - 0xCB658B5C, 0xD45230C7, 0x2BD1408B, 0x60C03EB7, - 0xB9068D78, 0xA33754F4, 0xF430C87D, 0xC8A71302, - 0xB96D8C32, 0xEBD4E7BE, 0xBE8B9D2D, 0x7979FB06, - 0xE7225308, 0x8B75CF77, 0x11EF8DA4, 0xE083C858, - 0x8D6B786F, 0x5A6317A6, 0xFA5CF7A0, 0x5DDA0033, - 0xF28EBFB0, 0xF5B9C310, 0xA0EAC280, 0x08B9767A, - 0xA3D9D2B0, 0x79D34217, 0x021A718D, 0x9AC6336A, - 0x2711FD60, 0x438050E3, 0x069908A8, 0x3D7FEDC4, - 0x826D2BEF, 0x4EEB8476, 0x488DCF25, 0x36C9D566, - 0x28E74E41, 0xC2610ACA, 0x3D49A9CF, 0xBAE3B9DF, - 0xB65F8DE6, 0x92AEAF64, 0x3AC7D5E6, 0x9EA80509, - 0xF22B017D, 0xA4173F70, 0xDD1E16C3, 0x15E0D7F9, - 0x50B1B887, 0x2B9F4FD5, 0x625ABA82, 0x6A017962, - 0x2EC01B9C, 0x15488AA9, 0xD716E740, 0x40055A2C, - 0x93D29A22, 0xE32DBF9A, 0x058745B9, 0x3453DC1E, - 0xD699296E, 0x496CFF6F, 0x1C9F4986, 0xDFE2ED07, - 0xB87242D1, 0x19DE7EAE, 0x053E561A, 0x15AD6F8C, - 0x66626C1C, 0x7154C24C, 0xEA082B2A, 0x93EB2939, - 0x17DCB0F0, 0x58D4F2AE, 0x9EA294FB, 0x52CF564C, - 0x9883FE66, 0x2EC40581, 0x763953C3, 0x01D6692E, - 0xD3A0C108, 0xA1E7160E, 0xE4F2DFA6, 0x693ED285, - 0x74904698, 0x4C2B0EDD, 0x4F757656, 0x5D393378, - 0xA132234F, 0x3D321C5D, 0xC3F5E194, 0x4B269301, - 0xC79F022F, 0x3C997E7E, 0x5E4F9504, 0x3FFAFBBD, - 0x76F7AD0E, 0x296693F4, 0x3D1FCE6F, 0xC61E45BE, - 0xD3B5AB34, 0xF72BF9B7, 0x1B0434C0, 0x4E72B567, - 0x5592A33D, 0xB5229301, 0xCFD2A87F, 0x60AEB767, - 0x1814386B, 0x30BCC33D, 0x38A0C07D, 0xFD1606F2, - 0xC363519B, 0x589DD390, 0x5479F8E6, 0x1CB8D647, - 0x97FD61A9, 0xEA7759F4, 0x2D57539D, 0x569A58CF, - 0xE84E63AD, 0x462E1B78, 0x6580F87E, 0xF3817914, - 0x91DA55F4, 0x40A230F3, 0xD1988F35, 0xB6E318D2, - 0x3FFA50BC, 0x3D40F021, 0xC3C0BDAE, 0x4958C24C, - 0x518F36B2, 0x84B1D370, 0x0FEDCE83, 0x878DDADA, - 0xF2A279C7, 0x94E01BE8, 0x90716F4B, 0x954B8AA3 -}; - -static const u32 cast_sbox8[256] = { - 0xE216300D, 0xBBDDFFFC, 0xA7EBDABD, 0x35648095, - 0x7789F8B7, 0xE6C1121B, 0x0E241600, 0x052CE8B5, - 0x11A9CFB0, 0xE5952F11, 0xECE7990A, 0x9386D174, - 0x2A42931C, 0x76E38111, 0xB12DEF3A, 0x37DDDDFC, - 0xDE9ADEB1, 0x0A0CC32C, 0xBE197029, 0x84A00940, - 0xBB243A0F, 0xB4D137CF, 0xB44E79F0, 0x049EEDFD, - 0x0B15A15D, 0x480D3168, 0x8BBBDE5A, 0x669DED42, - 0xC7ECE831, 0x3F8F95E7, 0x72DF191B, 0x7580330D, - 0x94074251, 0x5C7DCDFA, 0xABBE6D63, 0xAA402164, - 0xB301D40A, 0x02E7D1CA, 0x53571DAE, 0x7A3182A2, - 0x12A8DDEC, 0xFDAA335D, 0x176F43E8, 0x71FB46D4, - 0x38129022, 0xCE949AD4, 0xB84769AD, 0x965BD862, - 0x82F3D055, 0x66FB9767, 0x15B80B4E, 0x1D5B47A0, - 0x4CFDE06F, 0xC28EC4B8, 0x57E8726E, 0x647A78FC, - 0x99865D44, 0x608BD593, 0x6C200E03, 0x39DC5FF6, - 0x5D0B00A3, 0xAE63AFF2, 0x7E8BD632, 0x70108C0C, - 0xBBD35049, 0x2998DF04, 0x980CF42A, 0x9B6DF491, - 0x9E7EDD53, 0x06918548, 0x58CB7E07, 0x3B74EF2E, - 0x522FFFB1, 0xD24708CC, 0x1C7E27CD, 0xA4EB215B, - 0x3CF1D2E2, 0x19B47A38, 0x424F7618, 0x35856039, - 0x9D17DEE7, 0x27EB35E6, 0xC9AFF67B, 0x36BAF5B8, - 0x09C467CD, 0xC18910B1, 0xE11DBF7B, 0x06CD1AF8, - 0x7170C608, 0x2D5E3354, 0xD4DE495A, 0x64C6D006, - 0xBCC0C62C, 0x3DD00DB3, 0x708F8F34, 0x77D51B42, - 0x264F620F, 0x24B8D2BF, 0x15C1B79E, 0x46A52564, - 0xF8D7E54E, 0x3E378160, 0x7895CDA5, 0x859C15A5, - 0xE6459788, 0xC37BC75F, 0xDB07BA0C, 0x0676A3AB, - 0x7F229B1E, 0x31842E7B, 0x24259FD7, 0xF8BEF472, - 0x835FFCB8, 0x6DF4C1F2, 0x96F5B195, 0xFD0AF0FC, - 0xB0FE134C, 0xE2506D3D, 0x4F9B12EA, 0xF215F225, - 0xA223736F, 0x9FB4C428, 0x25D04979, 0x34C713F8, - 0xC4618187, 0xEA7A6E98, 0x7CD16EFC, 0x1436876C, - 0xF1544107, 0xBEDEEE14, 0x56E9AF27, 0xA04AA441, - 0x3CF7C899, 0x92ECBAE6, 0xDD67016D, 0x151682EB, - 0xA842EEDF, 0xFDBA60B4, 0xF1907B75, 0x20E3030F, - 0x24D8C29E, 0xE139673B, 0xEFA63FB8, 0x71873054, - 0xB6F2CF3B, 0x9F326442, 0xCB15A4CC, 0xB01A4504, - 0xF1E47D8D, 0x844A1BE5, 0xBAE7DFDC, 0x42CBDA70, - 0xCD7DAE0A, 0x57E85B7A, 0xD53F5AF6, 0x20CF4D8C, - 0xCEA4D428, 0x79D130A4, 0x3486EBFB, 0x33D3CDDC, - 0x77853B53, 0x37EFFCB5, 0xC5068778, 0xE580B3E6, - 0x4E68B8F4, 0xC5C8B37E, 0x0D809EA2, 0x398FEB7C, - 0x132A4F94, 0x43B7950E, 0x2FEE7D1C, 0x223613BD, - 0xDD06CAA2, 0x37DF932B, 0xC4248289, 0xACF3EBC3, - 0x5715F6B7, 0xEF3478DD, 0xF267616F, 0xC148CBE4, - 0x9052815E, 0x5E410FAB, 0xB48A2465, 0x2EDA7FA4, - 0xE87B40E4, 0xE98EA084, 0x5889E9E1, 0xEFD390FC, - 0xDD07D35B, 0xDB485694, 0x38D7E5B2, 0x57720101, - 0x730EDEBC, 0x5B643113, 0x94917E4F, 0x503C2FBA, - 0x646F1282, 0x7523D24A, 0xE0779695, 0xF9C17A8F, - 0x7A5B2121, 0xD187B896, 0x29263A4D, 0xBA510CDF, - 0x81F47C9F, 0xAD1163ED, 0xEA7B5965, 0x1A00726E, - 0x11403092, 0x00DA6D77, 0x4A0CDD61, 0xAD1F4603, - 0x605BDFB0, 0x9EEDC364, 0x22EBE6A8, 0xCEE7D28A, - 0xA0E736A0, 0x5564A6B9, 0x10853209, 0xC7EB8F37, - 0x2DE705CA, 0x8951570F, 0xDF09822B, 0xBD691A6C, - 0xAA12E4F2, 0x87451C0F, 0xE0F6A27A, 0x3ADA4819, - 0x4CF1764F, 0x0D771C2B, 0x67CDB156, 0x350D8384, - 0x5938FA0F, 0x42399EF3, 0x36997B07, 0x0E84093D, - 0x4AA93E61, 0x8360D87B, 0x1FA98B0C, 0x1149382C, - 0xE97625A5, 0x0614D1B7, 0x0E25244B, 0x0C768347, - 0x589E8D82, 0x0D2059D1, 0xA466BB1E, 0xF8DA0A82, - 0x04F19130, 0xBA6E4EC0, 0x99265164, 0x1EE7230D, - 0x50B2AD80, 0xEAEE6801, 0x8DB2A283, 0xEA8BF59E -}; - diff --git a/desKerb.c b/desKerb.c deleted file mode 100644 index f66c6dcd..00000000 --- a/desKerb.c +++ /dev/null @@ -1,31 +0,0 @@ -/* - * des - fast & portable DES encryption & decryption. - * Copyright (C) 1992 Dana L. How - * Please see the file `descore.README' for the complete copyright notice. - */ - -#include "des.h" - -#include "RCSID.h" -RCSID2(desKerb_cRcs, "$Id$"); - -/* permit the default style of des functions to be changed */ - -DesFunc *DesCryptFuncs[2] = { DesSmallFipsDecrypt, DesSmallFipsEncrypt }; - -/* kerberos-compatible key schedule function */ - -int -des_key_sched(const UINT8 *k, UINT32 *s) -{ - return DesMethod(s, k); -} - -/* kerberos-compatible des coding function */ - -int -des_ecb_encrypt(const UINT8 *s, UINT8 *d, const UINT32 *r, int e) -{ - (*DesCryptFuncs[e])(d, r, s); - return 0; -} diff --git a/desQuick.c b/desQuick.c deleted file mode 100644 index f3a44051..00000000 --- a/desQuick.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * des - fast & portable DES encryption & decryption. - * Copyright (C) 1992 Dana L. How - * Please see the file `descore.README' for the complete copyright notice. - * - * Slightly edited by Niels Möller, 1997 - */ - -#include "des.h" - -#include "RCSID.h" -RCSID2(desQuick_cRcs, "$Id$"); - -extern UINT32 des_keymap[]; - - -/* static information */ - -static int depth = 0; /* keep track of the request depth */ -UINT32 des_bigmap[0x4000]; /* big lookup table */ - -/* fill in the 64k table used by the `quick' option */ - -void -DesQuickInit(void) -{ - int s1, s3, x; - UINT32 * t0, * t1, * t2, * t3; - - if ( depth++ ) - return; - - t0 = des_bigmap; - t1 = t0 + 64; - t2 = t1 + 64; - t3 = t2 + 64; - - for ( s3 = 63; s3 >= 0; s3-- ) { - for ( s1 = 63; s1 >= 0; s1-- ) { - x = (s3 << 8) | s1; - t0[x] = des_keymap[s3+128] ^ des_keymap[s1+192]; - t1[x] = des_keymap[s3 ] ^ des_keymap[s1+ 64]; - t2[x] = des_keymap[s3+384] ^ des_keymap[s1+448]; - t3[x] = des_keymap[s3+256] ^ des_keymap[s1+320]; - } - } -} - -/* free the 64k table, if necessary */ - -void -DesQuickDone(void) -{ -} diff --git a/desTest.c b/desTest.c deleted file mode 100644 index 8bfd75d3..00000000 --- a/desTest.c +++ /dev/null @@ -1,197 +0,0 @@ -/* desTest.c - * - * Exercise the DES routines and collect performance statistics. - * - * $ID:$ */ - -/* des - fast & portable DES encryption & decryption. - * Copyright (C) 1992 Dana L. How - * Please see the file `descore.README' for the complete copyright notice. - */ - -#ifndef lint -char desTest_cRcs[] = "$Id$"; -#endif - -#include "des.h" -#include <stdio.h> - -#if 0 -/* define now(w) to be the elapsed time in hundredths of a second */ - -#ifndef __NT__ -# include <sys/time.h> -# include <sys/resource.h> -# include <unistd.h> - -/* extern getrusage(); */ -static struct rusage usage; -# define now(w) ( \ - getrusage(RUSAGE_SELF, &usage), \ - usage.ru_utime.tv_sec * 100 + \ - usage.ru_utime.tv_usec / 10000 \ - ) -#else -# include <windows.h> -# define now(w) 0 -#endif -#endif /* 0 */ - -/* test data - * the tests (key0-3, text0-3) are cribbed from code which is (c) 1988 MIT - */ - -UINT8 keyt[8] = {0x5d, 0x85, 0x91, 0x73, 0xcb, 0x49, 0xdf, 0x2f}; -UINT8 key0[8] = {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80}; -UINT8 key1[8] = {0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}; -UINT8 key2[8] = {0x08, 0x19, 0x2a, 0x3b, 0x4c, 0x5d, 0x6e, 0x7f}; -UINT8 key3[8] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}; -UINT8 textt[8] = {0x67, 0x1f, 0xc8, 0x93, 0x46, 0x5e, 0xab, 0x1e}; -UINT8 text0[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; -UINT8 text1[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40}; -UINT8 text2[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; -UINT8 text3[8] = {'N', 'o', 'w', ' ', 'i', 's', ' ', 't' }; - -/* work areas */ - -DesKeys keys; -UINT8 cipher[8], output[8]; - -/* noisy interfaces to the routines under test */ - -static void method(const UINT8 *key) -{ - int j; - - printf("\nkey:\t"); - for ( j = 0; j < 8; j++ ) - printf("%02X ", key[j]); - if ( des_key_sched(key, keys) ) - printf("W"); - printf("\t"); -} - -static void -encode(const UINT8 *src, UINT8 *dst) -{ - int j; - - printf("clear:\t"); - for (j = 0; j < 8; j++) - printf("%02X ", src[j]); - - des_ecb_encrypt(src, dst, keys, 1); - - printf("\tcipher:\t"); - for (j = 0; j < 8; j++) - printf("%02X ", dst[j]); - printf("\n"); -} - -static void -decode(const UINT8 *src, UINT8 *dst, const UINT8 *check) -{ - int j; - - printf("cipher:\t"); - for (j = 0; j < 8; j++) - printf("%02X ", src[j]); - - des_ecb_encrypt(src, dst, keys, 0); - - printf("\tclear:\t"); - for (j = 0; j < 8; j++) - printf("%02X ", dst[j]); - - if(!memcmp(dst,check,8)) - printf("Ok\n"); - else - printf("FAIL\n"); -} - -/* run the tests */ - -int -main(int argc UNUSED, char **argv UNUSED) -{ - int j, n; -#if 0 - int m, e; -#endif - DesFunc *f; - static char * expect[] = { - "57 99 F7 2A D2 3F AE 4C", "9C C6 2D F4 3B 6E ED 74", - "90 E6 96 A2 AD 56 50 0D", "A3 80 E0 2A 6B E5 46 96", - "43 5C FF C5 68 B3 70 1D", "25 DD AC 3E 96 17 64 67", - "80 B5 07 E1 E6 A7 47 3D", "3F A4 0E 8A 98 4D 48 15", - }; - - static DesFunc *funcs[] = { - DesQuickCoreEncrypt, DesQuickFipsEncrypt, - DesSmallCoreEncrypt, DesSmallFipsEncrypt, - DesQuickCoreDecrypt, DesQuickFipsDecrypt, - DesSmallCoreDecrypt, DesSmallFipsDecrypt }; -#if 0 - static char * names[] = { - "QuickCore", "QuickFips", - "SmallCore", "SmallFips" }; -#endif - n = 0; - DesQuickInit(); - - /* do timing info first */ - - j = 10000; -#if 0 - m = now(0); -#endif - do - DesMethod(keys, keyt); - while ( --j ); -#if 0 - m = now(1) - m; -#endif - do { - DesCryptFuncs[0] = funcs[n+4]; - f = DesCryptFuncs[1] = funcs[n ]; - j = 100000; -#if 0 - e = now(0); -#endif - do - (*f)(cipher, keys, textt); - while ( --j ); -#if 0 - e = now(1) - e; - printf( "%s: setkey,%5duS; encode,%3d.%1duS.\n", - names[n], m , e/10, e%10); -#endif - /* now check functionality */ - - method(key0); - printf("cipher?\t%s\n", expect[(n % 2) + 0]); - encode(text0, cipher); - decode(cipher, output, text0); - - method(key1); - printf("cipher?\t%s\n", expect[(n % 2) + 2]); - encode(text1, cipher); - decode(cipher, output, text1); - - method(key2); - printf("cipher?\t%s\n", expect[(n % 2) + 4]); - encode(text2, cipher); - decode(cipher, output, text2); - - method(key3); - printf("cipher?\t%s\n", expect[(n % 2) + 6]); - encode(text3, cipher); - decode(cipher, output, text3); - - printf("%c", "\n\f\n\0"[n]); - - } while ( ++n < 4 ); - - DesQuickDone(); - return 0; -} diff --git a/desUtil.c b/desUtil.c deleted file mode 100644 index abc16418..00000000 --- a/desUtil.c +++ /dev/null @@ -1,171 +0,0 @@ -/* desUtil.c - * - * $id:$ */ - -/* des - fast & portable DES encryption & decryption. - * Copyright (C) 1992 Dana L. How - * Please see the file `descore.README' for the complete copyright notice. - */ - -#include "desCode.h" - -#include "RCSID.h" -RCSID2(desUtil_cRcs, "$Id$"); - -/* various tables */ - -UINT32 des_keymap[] = { -#include "keymap.h" -}; - -static UINT8 rotors[] = { -#include "rotors.h" -}; -static char parity[] = { -#include "parity.h" -}; - -RCSID2(ego, "\n\nFast DES Library Copyright (c) 1991 Dana L. How\n\n"); - - -/* set up the method list from the key */ - -int -DesMethod(UINT32 *method, const UINT8 *k) -{ - register UINT32 n, w; - register char * b0, * b1; - char bits0[56], bits1[56]; - - /* check for bad parity and weak keys */ - b0 = parity; - n = b0[k[0]]; n <<= 4; - n |= b0[k[1]]; n <<= 4; - n |= b0[k[2]]; n <<= 4; - n |= b0[k[3]]; n <<= 4; - n |= b0[k[4]]; n <<= 4; - n |= b0[k[5]]; n <<= 4; - n |= b0[k[6]]; n <<= 4; - n |= b0[k[7]]; - w = 0X88888888L; - /* report bad parity in key */ - if ( n & w ) - return -1; - /* report a weak or semi-weak key */ - if ( !((n - (w >> 3)) & w) ) { /* 1 in 10^10 keys passes this test */ - if ( n < 0X41415151 ) { - if ( n < 0X31312121 ) { - if ( n < 0X14141515 ) { - /* 01 01 01 01 01 01 01 01 */ - if ( n == 0X11111111 ) return -2; - /* 01 1F 01 1F 01 0E 01 0E */ - if ( n == 0X13131212 ) return -2; - } else { - /* 01 E0 01 E0 01 F1 01 F1 */ - if ( n == 0X14141515 ) return -2; - /* 01 FE 01 FE 01 FE 01 FE */ - if ( n == 0X16161616 ) return -2; - } - } else { - if ( n < 0X34342525 ) { - /* 1F 01 1F 01 0E 01 0E 01 */ - if ( n == 0X31312121 ) return -2; - /* 1F 1F 1F 1F 0E 0E 0E 0E */ /* ? */ - if ( n == 0X33332222 ) return -2; - } else { - /* 1F E0 1F E0 0E F1 0E F1 */ - if ( n == 0X34342525 ) return -2; - /* 1F FE 1F FE 0E FE 0E FE */ - if ( n == 0X36362626 ) return -2; - } - } - } else { - if ( n < 0X61616161 ) { - if ( n < 0X44445555 ) { - /* E0 01 E0 01 F1 01 F1 01 */ - if ( n == 0X41415151 ) return -2; - /* E0 1F E0 1F F1 0E F1 0E */ - if ( n == 0X43435252 ) return -2; - } else { - /* E0 E0 E0 E0 F1 F1 F1 F1 */ /* ? */ - if ( n == 0X44445555 ) return -2; - /* E0 FE E0 FE F1 FE F1 FE */ - if ( n == 0X46465656 ) return -2; - } - } else { - if ( n < 0X64646565 ) { - /* FE 01 FE 01 FE 01 FE 01 */ - if ( n == 0X61616161 ) return -2; - /* FE 1F FE 1F FE 0E FE 0E */ - if ( n == 0X63636262 ) return -2; - } else { - /* FE E0 FE E0 FE F1 FE F1 */ - if ( n == 0X64646565 ) return -2; - /* FE FE FE FE FE FE FE FE */ - if ( n == 0X66666666 ) return -2; - } - } - } - } - - /* explode the bits */ - n = 56; - b0 = bits0; - b1 = bits1; - do { - w = (256 | *k++) << 2; - do { - --n; - b1[n] = 8 & w; - w >>= 1; - b0[n] = 4 & w; - } while ( w >= 16 ); - } while ( n ); - - /* put the bits in the correct places */ - n = 16; - k = rotors; - do { - w = (b1[k[ 0 ]] | b0[k[ 1 ]]) << 4; - w |= (b1[k[ 2 ]] | b0[k[ 3 ]]) << 2; - w |= b1[k[ 4 ]] | b0[k[ 5 ]]; - w <<= 8; - w |= (b1[k[ 6 ]] | b0[k[ 7 ]]) << 4; - w |= (b1[k[ 8 ]] | b0[k[ 9 ]]) << 2; - w |= b1[k[10 ]] | b0[k[11 ]]; - w <<= 8; - w |= (b1[k[12 ]] | b0[k[13 ]]) << 4; - w |= (b1[k[14 ]] | b0[k[15 ]]) << 2; - w |= b1[k[16 ]] | b0[k[17 ]]; - w <<= 8; - w |= (b1[k[18 ]] | b0[k[19 ]]) << 4; - w |= (b1[k[20 ]] | b0[k[21 ]]) << 2; - w |= b1[k[22 ]] | b0[k[23 ]]; - - method[0] = w; - - w = (b1[k[ 0+24]] | b0[k[ 1+24]]) << 4; - w |= (b1[k[ 2+24]] | b0[k[ 3+24]]) << 2; - w |= b1[k[ 4+24]] | b0[k[ 5+24]]; - w <<= 8; - w |= (b1[k[ 6+24]] | b0[k[ 7+24]]) << 4; - w |= (b1[k[ 8+24]] | b0[k[ 9+24]]) << 2; - w |= b1[k[10+24]] | b0[k[11+24]]; - w <<= 8; - w |= (b1[k[12+24]] | b0[k[13+24]]) << 4; - w |= (b1[k[14+24]] | b0[k[15+24]]) << 2; - w |= b1[k[16+24]] | b0[k[17+24]]; - w <<= 8; - w |= (b1[k[18+24]] | b0[k[19+24]]) << 4; - w |= (b1[k[20+24]] | b0[k[21+24]]) << 2; - w |= b1[k[22+24]] | b0[k[23+24]]; - - ROR(w, 4, 28); /* could be eliminated */ - method[1] = w; - - k += 48; - method += 2; - } while ( --n ); - - return 0; -} diff --git a/generate_q.c b/generate_q.c deleted file mode 100644 index 49e06d2a..00000000 --- a/generate_q.c +++ /dev/null @@ -1,115 +0,0 @@ -/* - * generate_q - Generates the permutations q0 and q1 for twofish. - * Copyright (C) 1999 Ruud de Rooij <ruud@debian.org> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include <stdio.h> - -typedef unsigned char byte; - -#define ror4(x) (((x) >> 1) | (((x) & 1) << 3)) - -static byte q0(byte x) -{ - - static byte t0[16] = { 0x8, 0x1, 0x7, 0xD, 0x6, 0xF, 0x3, 0x2, - 0x0, 0xB, 0x5, 0x9, 0xE, 0xC, 0xA, 0x4 }; - static byte t1[16] = { 0xE, 0xC, 0xB, 0x8, 0x1, 0x2, 0x3, 0x5, - 0xF, 0x4, 0xA, 0x6, 0x7, 0x0, 0x9, 0xD }; - static byte t2[16] = { 0xB, 0xA, 0x5, 0xE, 0x6, 0xD, 0x9, 0x0, - 0xC, 0x8, 0xF, 0x3, 0x2, 0x4, 0x7, 0x1 }; - static byte t3[16] = { 0xD, 0x7, 0xF, 0x4, 0x1, 0x2, 0x6, 0xE, - 0x9, 0xB, 0x3, 0x0, 0x8, 0x5, 0xC, 0xA }; - - byte a0 = x / 16; - byte b0 = x % 16; - - byte a1 = a0 ^ b0; - byte b1 = a0 ^ ror4(b0) ^ ((8*a0) % 16); - - byte a2 = t0[a1]; - byte b2 = t1[b1]; - - byte a3 = a2 ^ b2; - byte b3 = a2 ^ ror4(b2) ^ ((8*a2) % 16); - - byte a4 = t2[a3]; - byte b4 = t3[b3]; - - byte y = 16*b4 + a4; - - return y; -} - -static byte q1(byte x) -{ - static byte t0[16] = { 0x2, 0x8, 0xB, 0xD, 0xF, 0x7, 0x6, 0xE, - 0x3, 0x1, 0x9, 0x4, 0x0, 0xA, 0xC, 0x5 }; - static byte t1[16] = { 0x1, 0xE, 0x2, 0xB, 0x4, 0xC, 0x3, 0x7, - 0x6, 0xD, 0xA, 0x5, 0xF, 0x9, 0x0, 0x8 }; - static byte t2[16] = { 0x4, 0xC, 0x7, 0x5, 0x1, 0x6, 0x9, 0xA, - 0x0, 0xE, 0xD, 0x8, 0x2, 0xB, 0x3, 0xF }; - static byte t3[16] = { 0xB, 0x9, 0x5, 0x1, 0xC, 0x3, 0xD, 0xE, - 0x6, 0x4, 0x7, 0xF, 0x2, 0x0, 0x8, 0xA }; - - byte a0 = x / 16; - byte b0 = x % 16; - - byte a1 = a0 ^ b0; - byte b1 = a0 ^ ror4(b0) ^ ((8*a0) % 16); - - byte a2 = t0[a1]; - byte b2 = t1[b1]; - - byte a3 = a2 ^ b2; - byte b3 = a2 ^ ror4(b2) ^ ((8*a2) % 16); - - byte a4 = t2[a3]; - byte b4 = t3[b3]; - - byte y = 16*b4 + a4; - - return y; -} - -int -main(void) -{ - int i, j; - - printf("static byte q0[] = { "); - for (i = 0; i < 32; i++) { - for (j = 0; j < 8; j++) - printf("0x%02X, ", q0(i*8+j)); - if (i == 31) - printf("};\n\n"); - else - printf("\n "); - } - - printf("static byte q1[] = { "); - for (i = 0; i < 32; i++) { - for (j = 0; j < 8; j++) - printf("0x%02X, ", q1(i*8+j)); - if (i == 31) - printf("};\n"); - else - printf("\n "); - } - - return 0; -} diff --git a/idea.c b/idea.c deleted file mode 100644 index a028f828..00000000 --- a/idea.c +++ /dev/null @@ -1,340 +0,0 @@ -/* $Id$ - * - * The basic IDEA transformation - * - * Please be aware that IDEA IS PATENT ENCUMBERED; see the note below. - * ------------------------- - * - * This implementation is taken from pgp, see note below. - * - * Only primitive operations are done here, chaining modes etc - * are implemented in a higher level program. - * - ********************************************************************** - * - * idea.c - C source code for IDEA block cipher. - * IDEA (International Data Encryption Algorithm), formerly known as - * IPES (Improved Proposed Encryption Standard). - * Algorithm developed by Xuejia Lai and James L. Massey, of ETH Zurich. - * This implementation modified and derived from original C code - * developed by Xuejia Lai. - * Zero-based indexing added, names changed from IPES to IDEA. - * CFB functions added. Random number routines added. - * - * Extensively optimized and restructured by Colin Plumb. - * - *********************************************************************** - * - * Some changes including endianness cleanup done by Niels Möller. - * - */ - -/* - IDEA is patent encumbered; the following information was copied from the - idea.c extension for the GNU Privacy Guard. - - The IDEA algorithm is patented by Ascom Systec Ltd. of CH-5506 Maegenwil, - Switzerland, who allow it to be used on a royalty-free basis for certain - non-profit applications. Commercial users must obtain a license from the - company in order to use IDEA. IDEA may be used on a royalty-free basis under - the following conditions: - - Free use for private purposes: - - The free use of software containing the algorithm is strictly limited to non - revenue generating data transfer between private individuals, ie not serving - commercial purposes. Requests by freeware developers to obtain a - royalty-free license to spread an application program containing the - algorithm for non-commercial purposes must be directed to Ascom. - - Special offer for shareware developers: - - There is a special waiver for shareware developers. Such waiver eliminates - the upfront fees as well as royalties for the first US$10,000 gross sales of - a product containing the algorithm if and only if: - - 1. The product is being sold for a minimum of US$10 and a maximum of US$50. - 2. The source code for the shareware is available to the public. - - Special conditions for research projects: - - The use of the algorithm in research projects is free provided that it serves - the purpose of such project and within the project duration. Any use of the - algorithm after the termination of a project including activities resulting - from a project and for purposes not directly related to the project requires - a license. - - Ascom Tech requires the following notice to be included for freeware - products: - - This software product contains the IDEA algorithm as described and claimed in - US patent 5,214,703, EPO patent 0482154 (covering Austria, France, Germany, - Italy, the Netherlands, Spain, Sweden, Switzerland, and the UK), and Japanese - patent application 508119/1991, "Device for the conversion of a digital block - and use of same" (hereinafter referred to as "the algorithm"). Any use of - the algorithm for commercial purposes is thus subject to a license from Ascom - Systec Ltd. of CH-5506 Maegenwil (Switzerland), being the patentee and sole - owner of all rights, including the trademark IDEA. - - Commercial purposes shall mean any revenue generating purpose including but - not limited to: - - i) Using the algorithm for company internal purposes (subject to a site - license). - - ii) Incorporating the algorithm into any software and distributing such - software and/or providing services relating thereto to others (subject to - a product license). - - iii) Using a product containing the algorithm not covered by an IDEA license - (subject to an end user license). - - All such end user license agreements are available exclusively from Ascom - Systec Ltd and may be requested via the WWW at http://www.ascom.ch/systec or - by email to idea@ascom.ch. - - Use other than for commercial purposes is strictly limited to non-revenue - generating data transfer between private individuals. The use by government - agencies, non-profit organizations, etc is considered as use for commercial - purposes but may be subject to special conditions. Any misuse will be - prosecuted. -*/ - -#include "crypto_types.h" -#include <idea.h> - -#include <string.h> - -/*-------------------------------------------------------------*/ - -#define low16(x) ((x) & 0xffff) - -/* - * Multiplication, modulo (2**16)+1 - * Note that this code is structured on the assumption that - * untaken branches are cheaper than taken branches, and the - * compiler doesn't schedule branches. - */ -#ifdef SMALL_CACHE -const static UINT16 -mul(UINT16 a, UINT16 b) -{ - register UINT32 p; - - p = (UINT32)a * b; - if (p) - { - b = low16(p); - a = p>>16; - return (b - a) + (b < a); - } - else if (a) - { - return 1-b; - } - else - { - return 1-a; - } -} /* mul */ -#endif /* SMALL_CACHE */ - -/* - * Compute the multiplicative inverse of x, modulo 65537, using Euclid's - * algorithm. It is unrolled twice to avoid swapping the registers each - * iteration, and some subtracts of t have been changed to adds. - */ -static const UINT16 -inv(UINT16 x) -{ - UINT16 t0, t1; - UINT16 q, y; - - if (x <= 1) - return x; /* 0 and 1 are self-inverse */ - t1 = 0x10001L / x; /* Since x >= 2, this fits into 16 bits */ - y = 0x10001L % x; - if (y == 1) - return low16(1-t1); - t0 = 1; - do - { - q = x / y; - x = x % y; - t0 += q * t1; - if (x == 1) - return t0; - q = y / x; - y = y % x; - t1 += q * t0; - } - while (y != 1); - return low16(1-t1); -} /* inv */ - -/* - * Expand a 128-bit user key to a working encryption key ctx - */ -void -idea_expand(UINT16 *ctx, - const UINT8 *userkey) -{ - int i,j; - - for (j=0; j<8; j++) { - ctx[j] = (userkey[0]<<8) + userkey[1]; - userkey += 2; - } - for (i=0; j < IDEA_KEYLEN; j++) { - i++; - ctx[i+7] = ctx[i & 7] << 9 | ctx[(i+1) & 7] >> 7; - ctx += i & 8; - i &= 7; - } -} /* idea_expand */ - -/* - * Compute IDEA decryption key DK from an expanded IDEA encryption key EK - * Note that the input and output may be the same. Thus, the key is - * inverted into an internal buffer, and then copied to the output. - */ -void -idea_invert(UINT16 *d, - const UINT16 *e) -{ - int i; - UINT16 t1, t2, t3; - UINT16 temp[IDEA_KEYLEN]; - UINT16 *p = temp + IDEA_KEYLEN; - - t1 = inv(*e++); - t2 = -*e++; - t3 = -*e++; - *--p = inv(*e++); - *--p = t3; - *--p = t2; - *--p = t1; - - for (i = 0; i < IDEA_ROUNDS-1; i++) { - t1 = *e++; - *--p = *e++; - *--p = t1; - - t1 = inv(*e++); - t2 = -*e++; - t3 = -*e++; - *--p = inv(*e++); - *--p = t2; - *--p = t3; - *--p = t1; - } - t1 = *e++; - *--p = *e++; - *--p = t1; - - t1 = inv(*e++); - t2 = -*e++; - t3 = -*e++; - *--p = inv(*e++); - *--p = t3; - *--p = t2; - *--p = t1; - /* Copy and destroy temp copy */ - memcpy(d, temp, sizeof(temp)); - memset(temp, 0, sizeof(temp)); -} /* idea_invert */ - -/* - * MUL(x,y) computes x = x*y, modulo 0x10001. Requires two temps, - * t16 and t32. x is modified, and must me a side-effect-free lvalue. - * y may be anything, but unlike x, must be strictly 16 bits even if - * low16() is #defined. - * All of these are equivalent - see which is faster on your machine - */ -#ifdef SMALL_CACHE -#define MUL(x,y) (x = mul(low16(x),y)) -#else /* !SMALL_CACHE */ -#ifdef AVOID_JUMPS -#define MUL(x,y) (x = low16(x-1), t16 = low16((y)-1), \ - t32 = (UINT32)x*t16 + x + t16 + 1, x = low16(t32), \ - t16 = t32>>16, x = (x-t16) + (x<t16) ) -#else /* !AVOID_JUMPS (default) */ -#define MUL(x,y) \ - ((t16 = (y)) ? \ - (x=low16(x)) ? \ - t32 = (UINT32)x*t16, \ - x = low16(t32), \ - t16 = t32>>16, \ - x = (x-t16)+(x<t16) \ - : \ - (x = 1-t16) \ - : \ - (x = 1-x)) -#endif -#endif - -/* Endian independent conversions */ -#define char2word(dest, p) \ - do { \ - (dest) = *(p)++ << 8; (dest) |= *(p)++; \ - } while(0) - -#define word2char(src, p) \ - do { \ - *(p)++ = (src) >> 8; *(p)++ = (src) & 0xff; \ - } while(0) - -/* IDEA encryption/decryption algorithm */ -/* Note that in and out can be the same buffer */ -void -idea_crypt(const UINT16 *key, - UINT8 *dest, - const UINT8 *src) -{ - register UINT16 x1, x2, x3, x4, s2, s3; - - /* Setup */ - - char2word(x1, src); char2word(x2, src); - char2word(x3, src); char2word(x4, src); - - /* Encrypt */ - { -#ifndef SMALL_CACHE - register UINT16 t16; /* Temporaries needed by MUL macro */ - register UINT32 t32; -#endif - int r = IDEA_ROUNDS; - do - { - MUL(x1,*key++); - x2 += *key++; - x3 += *key++; - MUL(x4, *key++); - - s3 = x3; - x3 ^= x1; - MUL(x3, *key++); - s2 = x2; - x2 ^= x4; - x2 += x3; - MUL(x2, *key++); - x3 += x2; - - x1 ^= x2; x4 ^= x3; - - x2 ^= s3; x3 ^= s2; - } - while (--r); - MUL(x1, *key++); - x3 += *key++; - x2 += *key++; - MUL(x4, *key); - } - word2char(x1, dest); word2char(x3, dest); - word2char(x2, dest); word2char(x4, dest); -} /* idea_crypt */ - -/*-------------------------------------------------------------*/ - - diff --git a/include/.cvsignore b/include/.cvsignore deleted file mode 100644 index 50ea3ca7..00000000 --- a/include/.cvsignore +++ /dev/null @@ -1,4 +0,0 @@ -.dist_headers -Makefile -Makefile.am -Makefile.in diff --git a/include/.gitignore b/include/.gitignore deleted file mode 100644 index de50ca33..00000000 --- a/include/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -/.dist_headers -/Makefile -/Makefile.am -/Makefile.in diff --git a/include/Makefile.am.in b/include/Makefile.am.in deleted file mode 100644 index facd52b5..00000000 --- a/include/Makefile.am.in +++ /dev/null @@ -1,10 +0,0 @@ -## Process this file with make_am to produce Makefile.am -CVS_HEADERS: cvs_headers -BODY: - -EXTRA_DIST = $(cvs_headers) Makefile.am.in - -Makefile.am: Makefile.am.in - (cd $(top_srcdir); ./make_am) - -include $(top_srcdir)/misc/ctags.mk diff --git a/include/RCSID.h b/include/RCSID.h deleted file mode 100644 index 15ca429a..00000000 --- a/include/RCSID.h +++ /dev/null @@ -1,20 +0,0 @@ -/* $Id$ */ -#ifndef RCSID_H_INCLUDED -#define RCSID_H_INCLUDED - -/* Taken from pike/src/global.h */ - -#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7) -#define RCSID2(name, X) \ - static char *name __attribute__ ((unused)) =X -#elif __GNUC__ == 2 - /* No need for PIKE_CONCAT() here since gcc supports ## */ -#define RCSID2(name, X) \ - static char *name = X; \ - static void *use_##name=(&use_##name, (void *)&name) -#else -#define RCSID2(name, X) \ - static char *name = X -#endif - -#endif /* RCSID_H_INCLUDED */ diff --git a/include/arcfour.h b/include/arcfour.h deleted file mode 100644 index 300987b3..00000000 --- a/include/arcfour.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - * $Id$ - */ - -#ifndef ARCFOUR_H_INCLUDED -#define ARCFOUR_H_INCLUDED - -#include "crypto_types.h" - -struct arcfour_ctx { - UINT8 S[256]; - UINT8 i, j; -}; - -#if 0 -void arcfour_init(struct arcfour_ctx *ctx); -#endif - -/* Encryption functions */ -void arcfour_set_key(struct arcfour_ctx *ctx, UINT32 length, const UINT8 *key); -void arcfour_crypt(struct arcfour_ctx *ctx, UINT8 *dest, - UINT32 length, const UINT8 *src); - -/* Using arcfour as a randomness generator. */ -void arcfour_init(struct arcfour_ctx *ctx); -void arcfour_update_key(struct arcfour_ctx *ctx, - UINT32 length, const UINT8 *key); -void arcfour_stream(struct arcfour_ctx *ctx, - UINT32 length, UINT8 *dest); - - -#endif /* ARCFOUR_H_INCLUDED */ diff --git a/include/blowfish.h b/include/blowfish.h deleted file mode 100644 index 5b53a9ba..00000000 --- a/include/blowfish.h +++ /dev/null @@ -1,81 +0,0 @@ -/* blowfish.h - * Copyright (C) 1998 Free Software Foundation, Inc. - * - * This file is part of GNUPG. - * - * GNUPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GNUPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -/* - * Modifications for lsh by Ray Dassen - */ - -#ifndef G10_BLOWFISH_H -#define G10_BLOWFISH_H - -#include "crypto_types.h" - -/* Use lsh types */ -typedef UINT8 byte; -typedef UINT16 u16; -typedef UINT32 u32; - -/* FIXME: A search&replace on the type names would be better, but I - * keep GPG names for now to make it easier to get smaller diffs. */ - -#if 0 -#define CIPHER_ALGO_BLOWFISH 4 /* blowfish 128 bit key */ -#endif - -#define BLOWFISH_BLOCKSIZE 8 -#define BLOWFISH_ROUNDS 16 - -/* Other key lengths are possible, but 128 bits is the default. */ -#define BLOWFISH_KEYSIZE 16 - -/* Allow keys of size 64 <= bits <= 448 */ -#define BLOWFISH_MIN_KEYSIZE 8 -#define BLOWFISH_MAX_KEYSIZE 56 - -#define G10ERR_WEAK_KEY 43 - -typedef struct { - u32 s0[256]; - u32 s1[256]; - u32 s2[256]; - u32 s3[256]; - u32 p[BLOWFISH_ROUNDS+2]; -} BLOWFISH_context; - - -/* Returns 0 if the key is ok */ - -int bf_set_key( BLOWFISH_context *c, const byte *key, unsigned keylen ); -void bf_encrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf ); -void bf_decrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf ); - -int bf_selftest(void); - -#if 0 -const char * -blowfish_get_info( int algo, size_t *keylen, - size_t *blocksize, size_t *contextsize, - int (**setkey)( void *c, const byte *key, unsigned keylen ), - void (**encrypt)( void *c, byte *outbuf, const byte *inbuf ), - void (**decrypt)( void *c, byte *outbuf, const byte *inbuf ) - ); -#endif - -#endif /*G10_BLOWFISH_H*/ diff --git a/include/cast.h b/include/cast.h deleted file mode 100644 index 5196ffb6..00000000 --- a/include/cast.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * $Id$ - * - * CAST-128 in C - * Written by Steve Reid <sreid@sea-to-sky.net> - * 100% Public Domain - no warranty - * Released 1997.10.11 - */ - -#ifndef _CAST_H_INCLUDED -#define _CAST_H_INCLUDED - -#define CAST_MIN_KEYSIZE 5 -#define CAST_MAX_KEYSIZE 16 -#define CAST_BLOCKSIZE 8 - -#define CAST_SMALL_KEY 10 -#define CAST_SMALL_ROUNDS 12 -#define CAST_FULL_ROUNDS 16 - -#include "crypto_types.h" - -struct cast_key { - UINT32 xkey[32]; /* Key, after expansion */ - unsigned rounds; /* Number of rounds to use, 12 or 16 */ -}; - -void cast_setkey(struct cast_key *key, const UINT8 * const rawkey, - unsigned keybytes); -void cast_encrypt(struct cast_key *key, const UINT8 * const inblock, - UINT8 *outblock); -void cast_decrypt(struct cast_key *key, const UINT8 * const inblock, - UINT8* outblock); -int cast_selftest(void); - -#endif /* ifndef _CAST_H_INCLUDED */ - diff --git a/include/crypto_types.h b/include/crypto_types.h deleted file mode 100644 index 192cdef5..00000000 --- a/include/crypto_types.h +++ /dev/null @@ -1,26 +0,0 @@ -/* $Id$ - * - * Defines the types UINT32, UINT16 and UINT8 */ - -#ifndef CRYPTO_TYPES_H_INCLUDED -#define CRYPTO_TYPES_H_INCLUDED - -#ifdef PIKE -# include "pike_types.h" -# include "global.h" -# define UINT32 unsigned INT32 -# define UINT16 unsigned INT16 -# define UINT8 unsigned INT8 -#else /* !PIKE */ - -# ifdef LSH -# include "lsh_types.h" - -# else /* !LSH */ -# define UINT32 unsigned long -# define UINT16 unsigned short -# define UINT8 unsigned char -# endif /* !PIKE */ -#endif - -#endif /* CRYPTO_TYPES_H_INCLUDED */ diff --git a/include/des.h b/include/des.h deleted file mode 100644 index 32483db7..00000000 --- a/include/des.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * des - fast & portable DES encryption & decryption. - * Copyright (C) 1992 Dana L. How - * Please see the file `../lib/descore.README' for the complete copyright - * notice. - * - * Slightly edited by Niels Möller, 1997 - */ - -#ifndef DES_H_INCLUDED -#define DES_H_INCLUDED - -#include "crypto_types.h" - -#include "RCSID.h" -RCSID2(desCore_hRcs, "$Id$"); - -#define DES_KEYSIZE 8 -#define DES_BLOCKSIZE 8 -#define DES_EXPANDED_KEYLEN 32 - -/* FIXME: typedef on arrays is ugly. */ -typedef UINT8 DesData[DES_BLOCKSIZE]; -typedef UINT32 DesKeys[DES_EXPANDED_KEYLEN]; - -typedef void DesFunc(UINT8 *d, const UINT32 *r, const UINT8 *s); - -extern int DesMethod(UINT32 *method, const UINT8 *k); -extern void DesQuickInit(void); -extern void DesQuickDone(void); -extern DesFunc DesQuickCoreEncrypt; -extern DesFunc DesQuickFipsEncrypt; -extern DesFunc DesQuickCoreDecrypt; -extern DesFunc DesQuickFipsDecrypt; -extern DesFunc DesSmallCoreEncrypt; -extern DesFunc DesSmallFipsEncrypt; -extern DesFunc DesSmallCoreDecrypt; -extern DesFunc DesSmallFipsDecrypt; - -extern DesFunc *DesCryptFuncs[2]; -extern int des_key_sched(const UINT8 *k, UINT32 *s); -extern int des_ecb_encrypt(const UINT8 *s, UINT8 *d, const UINT32 *r, int e); - -#endif /* DES_H_INCLUDED */ diff --git a/include/idea.h b/include/idea.h deleted file mode 100644 index 15c007a8..00000000 --- a/include/idea.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * $Id$ - */ - -/* - * Please be aware that IDEA IS PATENT ENCUMBERED; see the note in idea.c. - * ------------------------- - */ - -#ifndef IDEA_H_INCLUDED -#define IDEA_H_INCLUDED - -#define IDEA_KEYSIZE 16 -#define IDEA_BLOCKSIZE 8 - -#define IDEA_ROUNDS 8 -#define IDEA_KEYLEN (6*IDEA_ROUNDS+4) - -#include "crypto_types.h" - -void idea_expand(UINT16 *ctx, - const UINT8 *key); - -void idea_invert(UINT16 *d, - const UINT16 *e); - -void idea_crypt(const UINT16 *ctx, - UINT8 *dest, - const UINT8 *src); - -#endif /* IDEA_H_INCLUDED */ diff --git a/include/md5.h b/include/md5.h deleted file mode 100644 index 818b7d21..00000000 --- a/include/md5.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - * $Id$ - */ - -#include "crypto_types.h" - -#define MD5_DATASIZE 64 -#define MD5_DATALEN 16 -#define MD5_DIGESTSIZE 16 -#define MD5_DIGESTLEN 4 - -struct md5_ctx { - UINT32 digest[MD5_DIGESTLEN]; /* Digest */ - UINT32 count_l, count_h; /* Block count */ - UINT8 block[MD5_DATASIZE]; /* One block buffer */ - int index; /* index into buffer */ -}; - -void md5_init(struct md5_ctx *ctx); -void md5_update(struct md5_ctx *ctx, const UINT8 *buffer, UINT32 len); -void md5_final(struct md5_ctx *ctx); -void md5_digest(struct md5_ctx *ctx, UINT8 *s); -void md5_copy(struct md5_ctx *dest, struct md5_ctx *src); diff --git a/include/rijndael.h b/include/rijndael.h deleted file mode 100644 index b4c7a13a..00000000 --- a/include/rijndael.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * - * Rijndael is a 128/192/256-bit block cipher that accepts key sizes of - * 128, 192, or 256 bits, designed by Joan Daemen and Vincent Rijmen. See - * http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ for details. - */ - -#if !defined(RIJNDAEL_H) -#define RIJNDAEL_H - -#include <stdlib.h> - -#include "crypto_types.h" - -/* Other block sizes and key lengths are possible, but in the context of - * the ssh protocols, 256 bits is the default. */ -#define RIJNDAEL_BLOCKSIZE 16 -#define RIJNDAEL_KEYSIZE 32 - -/* Allow keys of size 128 <= bits <= 256 */ - -#define RIJNDAEL_MIN_KEYSIZE 16 -#define RIJNDAEL_MAX_KEYSIZE 32 - -typedef struct { - UINT32 keys[60]; /* maximum size of key schedule */ - UINT32 ikeys[60]; /* inverse key schedule */ - int nrounds; /* number of rounds to use for our key size */ -} RIJNDAEL_context; - -/* This basically performs Rijndael's key scheduling algorithm, as it's the - * only initialization required anyhow. The key size is specified in bytes, - * but the only valid values are 16 (128 bits), 24 (192 bits), and 32 (256 - * bits). If a value other than these three is specified, the key will be - * truncated to the closest value less than the key size specified, e.g. - * specifying 7 will use only the first 6 bytes of the key given. DO NOT - * PASS A VALUE LESS THAN 16 TO KEYSIZE! */ -void -rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key); - -/* - * rijndael_encrypt() - * - * Encrypt 16 bytes of data with the Rijndael algorithm. Before this - * function can be used, rijndael_setup must be used in order to initialize - * Rijndael's key schedule. - * - * This function always encrypts 16 bytes of plaintext to 16 bytes of - * ciphertext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ - -void -rijndael_encrypt(RIJNDAEL_context *context, - const UINT8 *plaintext, - UINT8 *ciphertext); - -/* - * rijndael_decrypt() - * - * Decrypt 16 bytes of data with the Rijndael algorithm. - * - * Before this function can be used, rijndael_setup() must be used in order - * to set up the key schedule required for the decryption algorithm. - * - * This function always decrypts 16 bytes of ciphertext to 16 bytes of - * plaintext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ - -void -rijndael_decrypt(RIJNDAEL_context *context, - const UINT8 *ciphertext, - UINT8 *plaintext); - -#endif /* RIJNDAEL_H */ diff --git a/include/serpent.h b/include/serpent.h deleted file mode 100644 index 94d98ed5..00000000 --- a/include/serpent.h +++ /dev/null @@ -1,71 +0,0 @@ - -/* - * - * Serpent is a 128-bit block cipher that accepts a key size of 256 bits, - * designed by Ross Anderson, Eli Biham, and Lars Knudsen. See - * http://www.cl.cam.ac.uk/~rja14/serpent.html for details. - */ - -#if !defined(SERPENT_H) -#define SERPENT_H - -#include <stdlib.h> -#include "crypto_types.h" - -#define SERPENT_BLOCKSIZE 16 - -/* Other key lengths are possible, but we only use 256 bits. Besides, the - design of Serpent makes other key lengths useless; they cheated with the - AES requirements, using a 256-bit key length exclusively and just padding - it out if the desired key length was less, so there really is no advantage - to using key lengths less than 256 bits. */ -#define SERPENT_KEYSIZE 32 - -/* Allow keys of size 128 <= bits <= 256 */ - -#define SERPENT_MIN_KEYSIZE 16 -#define SERPENT_MAX_KEYSIZE 32 - -typedef struct { - UINT32 keys[33][4]; /* key schedule */ -} SERPENT_context; - -/* This performs Serpent's key scheduling algorithm. */ -void -serpent_setup(SERPENT_context *ctx, UINT32 key_size, const UINT8 *key); - -/* - * serpent_encrypt() - * - * Encrypt 16 bytes of data with the Serpent algorithm. Before this - * function can be used, serpent_setup must be used in order to initialize - * Serpent's key schedule. - * - * This function always encrypts 16 bytes of plaintext to 16 bytes of - * ciphertext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ -void -serpent_encrypt(SERPENT_context *context, - const UINT8 *plaintext, - UINT8 *ciphertext); - -/* - * serpent_decrypt() - * - * Decrypt 16 bytes of data with the Serpent algorithm. - * - * Before this function can be used, serpent_setup() must be used in order - * to set up the key schedule required for the decryption algorithm. - * - * This function always decrypts 16 bytes of ciphertext to 16 bytes of - * plaintext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ - -void -serpent_decrypt(SERPENT_context *context, - const UINT8 *ciphertext, - UINT8 *plaintext); - -#endif /* SERPENT_H */ diff --git a/include/sha.h b/include/sha.h deleted file mode 100644 index 9f15ea06..00000000 --- a/include/sha.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * $Id$ - */ - -#include "crypto_types.h" - -/* The SHA block size and message digest sizes, in bytes */ - -#define SHA_DATASIZE 64 -#define SHA_DATALEN 16 -#define SHA_DIGESTSIZE 20 -#define SHA_DIGESTLEN 5 -/* The structure for storing SHA info */ - -struct sha_ctx { - UINT32 digest[SHA_DIGESTLEN]; /* Message digest */ - UINT32 count_l, count_h; /* 64-bit block count */ - UINT8 block[SHA_DATASIZE]; /* SHA data buffer */ - int index; /* index into buffer */ -}; - -void sha_init(struct sha_ctx *ctx); -void sha_update(struct sha_ctx *ctx, const UINT8 *buffer, UINT32 len); -void sha_final(struct sha_ctx *ctx); -void sha_digest(struct sha_ctx *ctx, UINT8 *s); -void sha_copy(struct sha_ctx *dest, struct sha_ctx *src); - -/* The core compression function, mapping 5 + 16 32-bit words to 5 - * words. Destroys the data in the process. */ -void sha_transform(UINT32 *state, UINT32 *data); diff --git a/include/twofish.h b/include/twofish.h deleted file mode 100644 index a955ea92..00000000 --- a/include/twofish.h +++ /dev/null @@ -1,107 +0,0 @@ -/* twofish.h - * - * $Id$ - */ - -/* - * twofish - An implementation of the twofish cipher. - * Copyright (C) 1999 Ruud de Rooij <ruud@debian.org> - * - * Modifications for lsh - * Copyright (C) 1999 J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Library General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with this library; if not, write to the Free - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* - * Twofish is a 128-bit block cipher that accepts a variable-length - * key up to 256 bits, designed by Bruce Schneier and others. See - * http://www.counterpane.com/twofish.html for details. - */ - -#if !defined(TWOFISH_H) -#define TWOFISH_H - -#include <stdlib.h> /* For size_t */ - -#include "crypto_types.h" - -#define TWOFISH_BLOCKSIZE 16 /* bytes */ - - -/* Other key lengths are possible, but in the context of the ssh protocols, - * 256 bits is the default. */ -#define TWOFISH_KEYSIZE 32 /* bytes */ - -/* Allow keys of size 128 <= bits <= 256 */ - -#define TWOFISH_MIN_KEYSIZE 16 /* bytes */ -#define TWOFISH_MAX_KEYSIZE 32 /* bytes */ - -typedef struct { - UINT32 keys[40]; - UINT32 s_box[4][256]; -} TWOFISH_context; - -/* Set up internal tables required for twofish encryption and decryption. - * - * The key size is specified in bytes. Key sizes up to 32 bytes are - * supported. Larger key sizes are silently truncated. */ - -void -twofish_setup(TWOFISH_context *ctx, size_t keysize, const UINT8 *key); - -/* void twofish_encrypt(TWOFISH_context *context, - * const UINT8 *plaintext, - * UINT8 *ciphertext); - * - * Encrypt 16 bytes of data with the twofish algorithm. - * - * Before this function can be used, twofish_setup() must be used in order to - * set up various tables required for the encryption algorithm. - * - * This function always encrypts 16 bytes of plaintext to 16 bytes of - * ciphertext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ - -void -twofish_encrypt(TWOFISH_context *context, - const UINT8 *plaintext, - UINT8 *ciphertext); - -/* void twofish_decrypt(TWOFISH_context *context, - * const UINT8 *ciphertext, - * UINT8 *plaintext); - * - * Decrypt 16 bytes of data with the twofish algorithm. - * - * Before this function can be used, twofish_setup() must be used in order to - * set up various tables required for the decryption algorithm. - * - * This function always decrypts 16 bytes of ciphertext to 16 bytes of - * plaintext. The memory areas of the plaintext and the ciphertext can - * overlap. - */ - -void -twofish_decrypt(TWOFISH_context *context, - const UINT8 *ciphertext, - UINT8 *plaintext); - -int -twofish_selftest(void); - -#endif /* TWOFISH_H */ diff --git a/include/types.h b/include/types.h deleted file mode 100644 index 154fdb70..00000000 --- a/include/types.h +++ /dev/null @@ -1,14 +0,0 @@ -#ifndef _TYPES_H -#define _TYPES_H - -/* Define types for GPG code */ - -#warning Don't use include/types.h - -#include "lsh_types.h" - -typedef UINT8 byte; - -typedef UINT32 u32; - -#endif /* _TYPES_H */ diff --git a/rijndael.c b/rijndael.c deleted file mode 100644 index 2b24c43d..00000000 --- a/rijndael.c +++ /dev/null @@ -1,459 +0,0 @@ -/* rijndael - An implementation of the Rijndael cipher. - * - * Copyright (C) 2000 Rafael R. Sevilla <dido@pacific.net.ph> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Library General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with this library; if not, write to the Free - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include "rijndael.h" - -#include <assert.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -/* These tables combine both the S-boxes and the mixcolumn transformation, so - that we can perform a round's encryption or by means of four table lookups - and four XOR's per column of state. They were generated by the - makertbls.pl script. */ -static const UINT32 dtbl[] = { - 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, - 0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, - 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56, - 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, - 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, - 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, - 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, - 0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b, - 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c, - 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, - 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, - 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a, - 0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, - 0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f, - 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, - 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, - 0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34, - 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b, - 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, - 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, - 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, - 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, - 0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972, - 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85, - 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, - 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, - 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe, - 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, - 0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05, - 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, - 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, - 0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, - 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3, - 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, - 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, - 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, - 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, - 0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b, - 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428, - 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, - 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, - 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8, - 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, - 0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2, - 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, - 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, - 0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, - 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810, - 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, - 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, - 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, - 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, - 0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc, - 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c, - 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, - 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, - 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122, - 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, - 0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9, - 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, - 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, - 0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0, - 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e, - 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c, -}; - -static const UINT32 itbl[] = { - 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, - 0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b, - 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5, - 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, - 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d, - 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, - 0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, - 0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e, - 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927, - 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, - 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, - 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9, - 0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, - 0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566, - 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, - 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, - 0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e, - 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4, - 0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, - 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd, - 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, - 0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, - 0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967, - 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879, - 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, - 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, - 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36, - 0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, - 0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b, - 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, - 0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, - 0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, - 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3, - 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, - 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8, - 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, - 0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, - 0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177, - 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947, - 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, - 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, - 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f, - 0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, - 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382, - 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, - 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, - 0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83, - 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef, - 0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, - 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235, - 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, - 0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, - 0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4, - 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546, - 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, - 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, - 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb, - 0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, - 0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773, - 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, - 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, - 0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff, - 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664, - 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0, -}; - - -/* Needed only for the key schedule and for final rounds */ -static const UINT8 sbox[256] = { - 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, - 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, - 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, - 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, - 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, - 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, - 190, 57, 74, 76, 88, 207, 208, 239, 170, 251, 67, 77, 51, 133, 69, - 249, 2, 127, 80, 60, 159, 168, 81, 163, 64, 143, 146, 157, 56, 245, - 188, 182, 218, 33, 16, 255, 243, 210, 205, 12, 19, 236, 95, 151, 68, - 23, 196, 167, 126, 61, 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, - 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, - 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, - 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, - 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, - 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, - 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, - 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, - 22, -}; - -static const UINT8 isbox[256] = { - 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, - 251, 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, - 233, 203, 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, - 250, 195, 78, 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, - 109, 139, 209, 37, 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, - 204, 93, 101, 182, 146, 108, 112, 72, 80, 253, 237, 185, 218, 94, 21, - 70, 87, 167, 141, 157, 132, 144, 216, 171, 0, 140, 188, 211, 10, 247, - 228, 88, 5, 184, 179, 69, 6, 208, 44, 30, 143, 202, 63, 15, 2, - 193, 175, 189, 3, 1, 19, 138, 107, 58, 145, 17, 65, 79, 103, 220, - 234, 151, 242, 207, 206, 240, 180, 230, 115, 150, 172, 116, 34, 231, 173, - 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, 71, 241, 26, 113, 29, - 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, 252, 86, 62, 75, - 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, 31, 221, 168, - 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, 96, 81, - 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, 160, - 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, - 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, - 125, -}; - -/* Used only by the key schedule */ -static const UINT8 Logtable[256] = { - 0, 0, 25, 1, 50, 2, 26, 198, 75, 199, 27, 104, 51, 238, 223, 3, - 100, 4, 224, 14, 52, 141, 129, 239, 76, 113, 8, 200, 248, 105, 28, - 193, 125, 194, 29, 181, 249, 185, 39, 106, 77, 228, 166, 114, 154, 201, - 9, 120, 101, 47, 138, 5, 33, 15, 225, 36, 18, 240, 130, 69, 53, - 147, 218, 142, 150, 143, 219, 189, 54, 208, 206, 148, 19, 92, 210, 241, - 64, 70, 131, 56, 102, 221, 253, 48, 191, 6, 139, 98, 179, 37, 226, - 152, 34, 136, 145, 16, 126, 110, 72, 195, 163, 182, 30, 66, 58, 107, - 40, 84, 250, 133, 61, 186, 43, 121, 10, 21, 155, 159, 94, 202, 78, - 212, 172, 229, 243, 115, 167, 87, 175, 88, 168, 80, 244, 234, 214, 116, - 79, 174, 233, 213, 231, 230, 173, 232, 44, 215, 117, 122, 235, 22, 11, - 245, 89, 203, 95, 176, 156, 169, 81, 160, 127, 12, 246, 111, 23, 196, - 73, 236, 216, 67, 31, 45, 164, 118, 123, 183, 204, 187, 62, 90, 251, - 96, 177, 134, 59, 82, 161, 108, 170, 85, 41, 157, 151, 178, 135, 144, - 97, 190, 220, 252, 188, 149, 207, 205, 55, 63, 91, 209, 83, 57, 132, - 60, 65, 162, 109, 71, 20, 42, 158, 93, 86, 242, 211, 171, 68, 17, - 146, 217, 35, 32, 46, 137, 180, 124, 184, 38, 119, 153, 227, 165, 103, - 74, 237, 222, 197, 49, 254, 24, 13, 99, 140, 128, 192, 247, 112, 7, -}; - -static const UINT8 Alogtable[256] = { - 1, 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, - 53, 95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, - 102, 170, 229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, - 171, 230, 49, 83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, - 211, 110, 178, 205, 76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, - 8, 24, 40, 120, 136, 131, 158, 185, 208, 107, 189, 220, 127, 129, 152, - 179, 206, 73, 219, 118, 154, 181, 196, 87, 249, 16, 48, 80, 240, 11, - 29, 39, 105, 187, 214, 97, 163, 254, 25, 43, 125, 135, 146, 173, 236, - 47, 113, 147, 174, 233, 32, 96, 160, 251, 22, 58, 78, 210, 109, 183, - 194, 93, 231, 50, 86, 250, 21, 63, 65, 195, 94, 226, 61, 71, 201, - 64, 192, 91, 237, 44, 116, 156, 191, 218, 117, 159, 186, 213, 100, 172, - 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128, 155, 182, 193, 88, - 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84, 252, 31, 33, - 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202, 69, 207, - 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14, 18, - 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23, - 57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1, -}; - -#define ROTBYTE(x) (((x) >> 8) | (((x) & 0xff) << 24)) -#define ROTRBYTE(x) (((x) << 8) | (((x) >> 24) & 0xff)) -#define SUBBYTE(x, box) (((box)[((x) & 0xff)]) | \ - ((box)[(((x) >> 8) & 0xff)] << 8) | \ - ((box)[(((x) >> 16) & 0xff)] << 16) | \ - ((box)[(((x) >> 24) & 0xff)] << 24)) - -static UINT8 -xtime(UINT8 a) -{ - UINT8 b; - - b = (a & 0x80) ? 0x1b : 0; - a<<=1; - a^=b; - return(a); -} - -static UINT8 -mul(UINT8 a, UINT8 b) -{ - if (a && b) return Alogtable[(Logtable[a] + Logtable[b])%255]; - else return 0; -} - -static void -inv_mix_column(UINT32 *a, UINT32 *b) -{ - UINT8 c[4][4]; - int i, j; - - for(j = 0; j < 4; j++) { - for(i = 0; i < 4; i++) { - c[j][i] = mul(0xe, (a[j] >> i*8) & 0xff) - ^ mul(0xb, (a[j] >> ((i+1)%4)*8) & 0xff) - ^ mul(0xd, (a[j] >> ((i+2)%4)*8) & 0xff) - ^ mul(0x9, (a[j] >> ((i+3)%4)*8) & 0xff); - } - } - for(i = 0; i < 4; i++) { - b[i] = 0; - for(j = 0; j < 4; j++) - b[i] |= c[i][j] << (j*8); - } -} - -void -rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key) -{ - int nk, nr, i, lastkey; - UINT32 temp, rcon; - - /* Truncate keysizes to the valid key sizes provided by Rijndael */ - if (keysize >= 32) { - nk = 8; - nr = 14; - } else if (keysize >= 24) { - nk = 6; - nr = 12; - } else { /* must be 16 or more */ - assert(keysize >= 16); - nk = 4; - nr = 10; - } - - lastkey = (RIJNDAEL_BLOCKSIZE/4) * (nr + 1); - ctx->nrounds = nr; - rcon = 1; - for (i=0; i<nk; i++) { - ctx->keys[i] = key[i*4] + (key[i*4+1]<<8) + (key[i*4+2]<<16) + - (key[i*4+3]<<24); - } - - for (i=nk; i<lastkey; i++) { - temp = ctx->keys[i-1]; - if (i % nk == 0) { - temp = SUBBYTE(ROTBYTE(temp), sbox) ^ rcon; - rcon = (UINT32)xtime((UINT8)rcon&0xff); - } else if (nk > 6 && (i%nk) == 4) { - temp = SUBBYTE(temp, sbox); - } - ctx->keys[i] = ctx->keys[i-nk] ^ temp; - } - /* Generate the inverse keys */ - for (i=0; i<4; i++) { - ctx->ikeys[i] = ctx->keys[i]; - ctx->ikeys[lastkey-4 + i] = ctx->keys[lastkey-4 + i]; - } - for (i=4; i<lastkey-4; i+=4) - inv_mix_column(&(ctx->keys[i]), &(ctx->ikeys[i])); -} - -/* Key addition that also packs every byte in the key to a word rep. */ -static void -key_addition_8to32(const UINT8 *txt, UINT32 *keys, UINT32 *out) -{ - const UINT8 *ptr; - int i, j; - UINT32 val; - - ptr = txt; - for (i=0; i<4; i++) { - val = 0; - for (j=0; j<4; j++) - val |= (*ptr++ << 8*j); - out[i] = keys[i]^val; - } -} - -static void -key_addition32(const UINT32 *txt, UINT32 *keys, UINT32 *out) -{ - int i; - - for (i=0; i<4; i++) - out[i] = keys[i] ^ txt[i]; -} - -static void -key_addition32to8(const UINT32 *txt, UINT32 *keys, UINT8 *out) -{ - UINT8 *ptr; - int i, j; - UINT32 val; - - ptr = out; - for (i=0; i<4; i++) { - val = txt[i] ^ keys[i]; - for (j=0; j<4; j++) - *ptr++ = (val >> 8*j) & 0xff; - } -} - -static const int idx[4][4] = { - { 0, 1, 2, 3 }, - { 1, 2, 3, 0 }, - { 2, 3, 0, 1 }, - { 3, 0, 1, 2 } }; - -void -rijndael_encrypt(RIJNDAEL_context *ctx, - const UINT8 *plaintext, - UINT8 *ciphertext) -{ - int r, j; - UINT32 wtxt[4], t[4]; /* working ciphertext */ - UINT32 e; - - key_addition_8to32(plaintext, &(ctx->keys[0]), wtxt); - for (r=1; r<ctx->nrounds; r++) { - for (j=0; j<4; j++) { - t[j] = dtbl[wtxt[j] & 0xff] ^ - ROTRBYTE(dtbl[(wtxt[idx[1][j]] >> 8) & 0xff]^ - ROTRBYTE(dtbl[(wtxt[idx[2][j]] >> 16) & 0xff] ^ - ROTRBYTE(dtbl[(wtxt[idx[3][j]] >> 24) & 0xff]))); - } - key_addition32(t, &(ctx->keys[r*4]), wtxt); - } - /* last round is special: there is no mixcolumn, so we can't use the big - tables. */ - for (j=0; j<4; j++) { - e = wtxt[j] & 0xff; - e |= (wtxt[idx[1][j]]) & (0xff << 8); - e |= (wtxt[idx[2][j]]) & (0xff << 16); - e |= (wtxt[idx[3][j]]) & (0xff << 24); - t[j] = e; - } - for (j=0; j<4; j++) - t[j] = SUBBYTE(t[j], sbox); - key_addition32to8(t, &(ctx->keys[4*ctx->nrounds]), ciphertext); -} - -static const int iidx[4][4] = { - { 0, 1, 2, 3 }, - { 3, 0, 1, 2 }, - { 2, 3, 0, 1 }, - { 1, 2, 3, 0 } }; - -void -rijndael_decrypt(RIJNDAEL_context *ctx, - const UINT8 *ciphertext, - UINT8 *plaintext) -{ - int r, j; - UINT32 wtxt[4], t[4]; /* working ciphertext */ - UINT32 e; - - key_addition_8to32(ciphertext, &(ctx->ikeys[4*ctx->nrounds]), wtxt); - for (r=ctx->nrounds-1; r> 0; r--) { - for (j=0; j<4; j++) { - t[j] = itbl[wtxt[j] & 0xff] ^ - ROTRBYTE(itbl[(wtxt[iidx[1][j]] >> 8) & 0xff]^ - ROTRBYTE(itbl[(wtxt[iidx[2][j]] >> 16) & 0xff] ^ - ROTRBYTE(itbl[(wtxt[iidx[3][j]] >> 24) & 0xff]))); - } - key_addition32(t, &(ctx->ikeys[r*4]), wtxt); - } - /* last round is special: there is no mixcolumn, so we can't use the big - tables. */ - for (j=0; j<4; j++) { - e = wtxt[j] & 0xff; - e |= (wtxt[iidx[1][j]]) & (0xff << 8); - e |= (wtxt[iidx[2][j]]) & (0xff << 16); - e |= (wtxt[iidx[3][j]]) & (0xff << 24); - t[j] = e; - } - for (j=0; j<4; j++) - t[j] = SUBBYTE(t[j], isbox); - key_addition32to8(t, &(ctx->ikeys[0]), plaintext); -} diff --git a/rijndael_test.c b/rijndael_test.c deleted file mode 100644 index 8bb4fe67..00000000 --- a/rijndael_test.c +++ /dev/null @@ -1,37 +0,0 @@ - -#include <stdio.h> -#include <stdlib.h> -#include "rijndael.h" - -int main(void) -{ - RIJNDAEL_context ctx; - UINT8 key[32]; - UINT8 text[16]; - int i, j; - - for (i=0; i<16; i++) - text[i] = i; - for (i=0; i<32; i++) - key[i] = 0; - key[0] = 1; - - for (j=16; j<=32; j+=8) { - rijndael_setup(&ctx, j, key); - printf("\nBlock Size = 128 bits, Key Size = %d bits\n", j*8); - printf("\nPlain= "); - for (i=0; i<16; i++) - printf("%2x", text[i]); - printf("\n"); - rijndael_encrypt(&ctx, text, text); - printf("Encrypt= "); - for (i=0; i<16; i++) - printf("%02x", text[i]); - printf("\nDecrypt= "); - rijndael_decrypt(&ctx, text, text); - for (i=0; i<16; i++) - printf("%2x", text[i]); - printf("\n"); - } - return(0); -} diff --git a/serpentsboxes.h b/serpentsboxes.h deleted file mode 100644 index 6a082b7e..00000000 --- a/serpentsboxes.h +++ /dev/null @@ -1,509 +0,0 @@ -/* serpentsboxes.h - * - * $Id$ - * - * For more details on this algorithm, see the Serpent website at - * http://www.cl.cam.ac.uk/~rja14/serpent.html - */ - -/* Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* I've modified this code a bit so that it interoperates with lsh - * properly. 2000-9-5, Rafael R. Sevilla <dido@pacific.net.ph> - */ - -/* NOTE: The copyright notice for the original version of this code - * said "All rights reserved. This code is freely distributed for AES - * selection process. No other use is allowed." However, the authors - * later decided to GPL the code. /nisse */ - -#if !defined(SERPENTSBOXES_H) -#define SERPENTSBOXES_H - -/* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */ - -/* depth = 5,7,4,2, Total gates=18 */ -#define RND00(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t05, t06, t07, t08, t09, t11, t12, t13, t14, t15, t17, t01;\ - t01 = b ^ c ; \ - t02 = a | d ; \ - t03 = a ^ b ; \ - z = t02 ^ t01; \ - t05 = c | z ; \ - t06 = a ^ d ; \ - t07 = b | c ; \ - t08 = d & t05; \ - t09 = t03 & t07; \ - y = t09 ^ t08; \ - t11 = t09 & y ; \ - t12 = c ^ d ; \ - t13 = t07 ^ t11; \ - t14 = b & t06; \ - t15 = t06 ^ t13; \ - w = ~ t15; \ - t17 = w ^ t14; \ - x = t12 ^ t17; } - -/* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */ - -/* depth = 8,4,3,6, Total gates=19 */ -#define InvRND00(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t12, t13, t14, t15, t17, t18, t01;\ - t01 = c ^ d ; \ - t02 = a | b ; \ - t03 = b | c ; \ - t04 = c & t01; \ - t05 = t02 ^ t01; \ - t06 = a | t04; \ - y = ~ t05; \ - t08 = b ^ d ; \ - t09 = t03 & t08; \ - t10 = d | y ; \ - x = t09 ^ t06; \ - t12 = a | t05; \ - t13 = x ^ t12; \ - t14 = t03 ^ t10; \ - t15 = a ^ c ; \ - z = t14 ^ t13; \ - t17 = t05 & t13; \ - t18 = t14 | t17; \ - w = t15 ^ t18; } - -/* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */ - -/* depth = 10,7,3,5, Total gates=18 */ -#define RND01(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t08, t10, t11, t12, t13, t16, t17, t01;\ - t01 = a | d ; \ - t02 = c ^ d ; \ - t03 = ~ b ; \ - t04 = a ^ c ; \ - t05 = a | t03; \ - t06 = d & t04; \ - t07 = t01 & t02; \ - t08 = b | t06; \ - y = t02 ^ t05; \ - t10 = t07 ^ t08; \ - t11 = t01 ^ t10; \ - t12 = y ^ t11; \ - t13 = b & d ; \ - z = ~ t10; \ - x = t13 ^ t12; \ - t16 = t10 | x ; \ - t17 = t05 & t16; \ - w = c ^ t17; } - -/* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */ - -/* depth = 7,4,5,3, Total gates=18 */ -#define InvRND01(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t14, t15, t17, t01;\ - t01 = a ^ b ; \ - t02 = b | d ; \ - t03 = a & c ; \ - t04 = c ^ t02; \ - t05 = a | t04; \ - t06 = t01 & t05; \ - t07 = d | t03; \ - t08 = b ^ t06; \ - t09 = t07 ^ t06; \ - t10 = t04 | t03; \ - t11 = d & t08; \ - y = ~ t09; \ - x = t10 ^ t11; \ - t14 = a | y ; \ - t15 = t06 ^ x ; \ - z = t01 ^ t04; \ - t17 = c ^ t15; \ - w = t14 ^ t17; } - -/* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */ - -/* depth = 3,8,11,7, Total gates=16 */ -#define RND02(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t05, t06, t07, t08, t09, t10, t12, t13, t14, t01;\ - t01 = a | c ; \ - t02 = a ^ b ; \ - t03 = d ^ t01; \ - w = t02 ^ t03; \ - t05 = c ^ w ; \ - t06 = b ^ t05; \ - t07 = b | t05; \ - t08 = t01 & t06; \ - t09 = t03 ^ t07; \ - t10 = t02 | t09; \ - x = t10 ^ t08; \ - t12 = a | d ; \ - t13 = t09 ^ x ; \ - t14 = b ^ t13; \ - z = ~ t09; \ - y = t12 ^ t14; } - -/* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */ - -/* depth = 3,6,8,3, Total gates=18 */ -#define InvRND02(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t06, t07, t08, t09, t10, t11, t12, t15, t16, t17, t01;\ - t01 = a ^ d ; \ - t02 = c ^ d ; \ - t03 = a & c ; \ - t04 = b | t02; \ - w = t01 ^ t04; \ - t06 = a | c ; \ - t07 = d | w ; \ - t08 = ~ d ; \ - t09 = b & t06; \ - t10 = t08 | t03; \ - t11 = b & t07; \ - t12 = t06 & t02; \ - z = t09 ^ t10; \ - x = t12 ^ t11; \ - t15 = c & z ; \ - t16 = w ^ x ; \ - t17 = t10 ^ t15; \ - y = t16 ^ t17; } - -/* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */ - -/* depth = 8,3,5,5, Total gates=18 */ -#define RND03(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t13, t14, t15, t01;\ - t01 = a ^ c ; \ - t02 = a | d ; \ - t03 = a & d ; \ - t04 = t01 & t02; \ - t05 = b | t03; \ - t06 = a & b ; \ - t07 = d ^ t04; \ - t08 = c | t06; \ - t09 = b ^ t07; \ - t10 = d & t05; \ - t11 = t02 ^ t10; \ - z = t08 ^ t09; \ - t13 = d | z ; \ - t14 = a | t07; \ - t15 = b & t13; \ - y = t08 ^ t11; \ - w = t14 ^ t15; \ - x = t05 ^ t04; } - -/* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */ - -/* depth = 3,6,4,4, Total gates=17 */ -#define InvRND03(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t09, t11, t12, t13, t14, t16, t01;\ - t01 = c | d ; \ - t02 = a | d ; \ - t03 = c ^ t02; \ - t04 = b ^ t02; \ - t05 = a ^ d ; \ - t06 = t04 & t03; \ - t07 = b & t01; \ - y = t05 ^ t06; \ - t09 = a ^ t03; \ - w = t07 ^ t03; \ - t11 = w | t05; \ - t12 = t09 & t11; \ - t13 = a & y ; \ - t14 = t01 ^ t05; \ - x = b ^ t12; \ - t16 = b | t13; \ - z = t14 ^ t16; } - -/* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */ - -/* depth = 6,7,5,3, Total gates=19 */ -#define RND04(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t11, t12, t13, t14, t15, t16, t01;\ - t01 = a | b ; \ - t02 = b | c ; \ - t03 = a ^ t02; \ - t04 = b ^ d ; \ - t05 = d | t03; \ - t06 = d & t01; \ - z = t03 ^ t06; \ - t08 = z & t04; \ - t09 = t04 & t05; \ - t10 = c ^ t06; \ - t11 = b & c ; \ - t12 = t04 ^ t08; \ - t13 = t11 | t03; \ - t14 = t10 ^ t09; \ - t15 = a & t05; \ - t16 = t11 | t12; \ - y = t13 ^ t08; \ - x = t15 ^ t16; \ - w = ~ t14; } - -/* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */ - -/* depth = 6,4,7,3, Total gates=17 */ -#define InvRND04(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t09, t10, t11, t12, t13, t15, t01;\ - t01 = b | d ; \ - t02 = c | d ; \ - t03 = a & t01; \ - t04 = b ^ t02; \ - t05 = c ^ d ; \ - t06 = ~ t03; \ - t07 = a & t04; \ - x = t05 ^ t07; \ - t09 = x | t06; \ - t10 = a ^ t07; \ - t11 = t01 ^ t09; \ - t12 = d ^ t04; \ - t13 = c | t10; \ - z = t03 ^ t12; \ - t15 = a ^ t04; \ - y = t11 ^ t13; \ - w = t15 ^ t09; } - -/* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */ - -/* depth = 4,6,8,6, Total gates=17 */ -#define RND05(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t14, t01;\ - t01 = b ^ d ; \ - t02 = b | d ; \ - t03 = a & t01; \ - t04 = c ^ t02; \ - t05 = t03 ^ t04; \ - w = ~ t05; \ - t07 = a ^ t01; \ - t08 = d | w ; \ - t09 = b | t05; \ - t10 = d ^ t08; \ - t11 = b | t07; \ - t12 = t03 | w ; \ - t13 = t07 | t10; \ - t14 = t01 ^ t11; \ - y = t09 ^ t13; \ - x = t07 ^ t08; \ - z = t12 ^ t14; } - -/* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */ - -/* depth = 4,6,9,7, Total gates=17 */ -#define InvRND05(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t12, t13, t15, t16, t01;\ - t01 = a & d ; \ - t02 = c ^ t01; \ - t03 = a ^ d ; \ - t04 = b & t02; \ - t05 = a & c ; \ - w = t03 ^ t04; \ - t07 = a & w ; \ - t08 = t01 ^ w ; \ - t09 = b | t05; \ - t10 = ~ b ; \ - x = t08 ^ t09; \ - t12 = t10 | t07; \ - t13 = w | x ; \ - z = t02 ^ t12; \ - t15 = t02 ^ t13; \ - t16 = b ^ d ; \ - y = t16 ^ t15; } - -/* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */ - -/* depth = 8,3,6,3, Total gates=19 */ -#define RND06(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t15, t17, t18, t01;\ - t01 = a & d ; \ - t02 = b ^ c ; \ - t03 = a ^ d ; \ - t04 = t01 ^ t02; \ - t05 = b | c ; \ - x = ~ t04; \ - t07 = t03 & t05; \ - t08 = b & x ; \ - t09 = a | c ; \ - t10 = t07 ^ t08; \ - t11 = b | d ; \ - t12 = c ^ t11; \ - t13 = t09 ^ t10; \ - y = ~ t13; \ - t15 = x & t03; \ - z = t12 ^ t07; \ - t17 = a ^ b ; \ - t18 = y ^ t15; \ - w = t17 ^ t18; } - -/* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */ - -/* depth = 5,3,8,6, Total gates=19 */ -#define InvRND06(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t07, t08, t09, t12, t13, t14, t15, t16, t17, t01;\ - t01 = a ^ c ; \ - t02 = ~ c ; \ - t03 = b & t01; \ - t04 = b | t02; \ - t05 = d | t03; \ - t06 = b ^ d ; \ - t07 = a & t04; \ - t08 = a | t02; \ - t09 = t07 ^ t05; \ - x = t06 ^ t08; \ - w = ~ t09; \ - t12 = b & w ; \ - t13 = t01 & t05; \ - t14 = t01 ^ t12; \ - t15 = t07 ^ t13; \ - t16 = d | t02; \ - t17 = a ^ x ; \ - z = t17 ^ t15; \ - y = t16 ^ t14; } - -/* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */ - -/* depth = 10,7,10,4, Total gates=19 */ -#define RND07(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t05, t06, t08, t09, t10, t11, t13, t14, t15, t16, t17, t01;\ - t01 = a & c ; \ - t02 = ~ d ; \ - t03 = a & t02; \ - t04 = b | t01; \ - t05 = a & b ; \ - t06 = c ^ t04; \ - z = t03 ^ t06; \ - t08 = c | z ; \ - t09 = d | t05; \ - t10 = a ^ t08; \ - t11 = t04 & z ; \ - x = t09 ^ t10; \ - t13 = b ^ x ; \ - t14 = t01 ^ x ; \ - t15 = c ^ t05; \ - t16 = t11 | t13; \ - t17 = t02 | t14; \ - w = t15 ^ t17; \ - y = a ^ t16; } - -/* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */ - -/* depth = 9,7,3,3, Total gates=18 */ -#define InvRND07(a,b,c,d,w,x,y,z) \ - { register UINT32 t02, t03, t04, t06, t07, t08, t09, t10, t11, t13, t14, t15, t16, t01;\ - t01 = a & b ; \ - t02 = a | b ; \ - t03 = c | t01; \ - t04 = d & t02; \ - z = t03 ^ t04; \ - t06 = b ^ t04; \ - t07 = d ^ z ; \ - t08 = ~ t07; \ - t09 = t06 | t08; \ - t10 = b ^ d ; \ - t11 = a | d ; \ - x = a ^ t09; \ - t13 = c ^ t06; \ - t14 = c & t11; \ - t15 = d | x ; \ - t16 = t01 | t10; \ - w = t13 ^ t15; \ - y = t14 ^ t16; } - -#define RND08(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND09(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND10(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND11(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND12(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND13(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND14(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND15(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) -#define RND16(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND17(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND18(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND19(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND20(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND21(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND22(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND23(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) -#define RND24(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND25(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND26(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND27(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND28(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND29(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND30(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND31(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) - -#define InvRND08(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND09(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND10(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND11(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND12(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND13(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND14(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND15(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) -#define InvRND16(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND17(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND18(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND19(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND20(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND21(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND22(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND23(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) -#define InvRND24(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND25(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND26(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND27(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND28(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND29(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND30(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND31(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) - -/* Linear transformations and key mixing: */ - -#define ROL(x,n) ((((UINT32)(x))<<(n))| \ - (((UINT32)(x))>>(32-(n)))) -#define ROR(x,n) ((((UINT32)(x))<<(32-(n)))| \ - (((UINT32)(x))>>(n))) - -#define transform(x0, x1, x2, x3, y0, y1, y2, y3) \ - y0 = ROL(x0, 13); \ - y2 = ROL(x2, 3); \ - y1 = x1 ^ y0 ^ y2; \ - y3 = x3 ^ y2 ^ ((UINT32)y0)<<3; \ - y1 = ROL(y1, 1); \ - y3 = ROL(y3, 7); \ - y0 = y0 ^ y1 ^ y3; \ - y2 = y2 ^ y3 ^ ((UINT32)y1<<7); \ - y0 = ROL(y0, 5); \ - y2 = ROL(y2, 22) - -#define inv_transform(x0, x1, x2, x3, y0, y1, y2, y3) \ - y2 = ROR(x2, 22);\ - y0 = ROR(x0, 5); \ - y2 = y2 ^ x3 ^ ((UINT32)x1<<7); \ - y0 = y0 ^ x1 ^ x3; \ - y3 = ROR(x3, 7); \ - y1 = ROR(x1, 1); \ - y3 = y3 ^ y2 ^ ((UINT32)y0)<<3; \ - y1 = y1 ^ y0 ^ y2; \ - y2 = ROR(y2, 3); \ - y0 = ROR(y0, 13) - -#define keying(x0, x1, x2, x3, subkey) \ - x0^=subkey[0];x1^=subkey[1]; \ - x2^=subkey[2];x3^=subkey[3] - -/* PHI: Constant used in the key schedule */ -#define PHI 0x9e3779b9L - -#endif /* SERPENTSBOXES_H */ @@ -1,366 +0,0 @@ -/* sha.c - Implementation of the Secure Hash Algorithm - * - * Copyright (C) 1995, A.M. Kuchling - * - * Distribute and use freely; there are no restrictions on further - * dissemination and usage except those imposed by the laws of your - * country of residence. - * - * Adapted to pike and some cleanup by Niels Möller. - */ - -/* $Id$ */ - -/* SHA: NIST's Secure Hash Algorithm */ - -/* Based on SHA code originally posted to sci.crypt by Peter Gutmann - in message <30ajo5$oe8@ccu2.auckland.ac.nz>. - Modified to test for endianness on creation of SHA objects by AMK. - Also, the original specification of SHA was found to have a weakness - by NSA/NIST. This code implements the fixed version of SHA. -*/ - -/* Here's the first paragraph of Peter Gutmann's posting: - -The following is my SHA (FIPS 180) code updated to allow use of the "fixed" -SHA, thanks to Jim Gillogly and an anonymous contributor for the information on -what's changed in the new version. The fix is a simple change which involves -adding a single rotate in the initial expansion function. It is unknown -whether this is an optimal solution to the problem which was discovered in the -SHA or whether it's simply a bandaid which fixes the problem with a minimum of -effort (for example the reengineering of a great many Capstone chips). -*/ - -#include "crypto_types.h" -/* #include "port.h" */ -#include "sha.h" - -#include <string.h> - -/* Also defined in lsh_types.h */ -#ifndef READ_UINT32 -/* Reads a 32-bit integer, in network byte order */ -#define READ_UINT32(p) \ -((((UINT32) (p)[0]) << 24) \ - | (((UINT32) (p)[1]) << 16) \ - | (((UINT32) (p)[2]) << 8) \ - | ((UINT32) (p)[3])) -#endif - -#ifndef WRITE_UINT32 -#define WRITE_UINT32(p, i) \ -do { \ - (p)[0] = ((i) >> 24) & 0xff; \ - (p)[1] = ((i) >> 16) & 0xff; \ - (p)[2] = ((i) >> 8) & 0xff; \ - (p)[3] = (i) & 0xff; \ -} while(0) -#endif - -void sha_copy(struct sha_ctx *dest, struct sha_ctx *src) -{ - int i; - - dest->count_l=src->count_l; - dest->count_h=src->count_h; - for(i=0; i<SHA_DIGESTLEN; i++) - dest->digest[i]=src->digest[i]; - for(i=0; i < src->index; i++) - dest->block[i] = src->block[i]; - dest->index = src->index; -} - - -/* The SHA f()-functions. The f1 and f3 functions can be optimized to - save one boolean operation each - thanks to Rich Schroeppel, - rcs@cs.arizona.edu for discovering this */ - -/*#define f1(x,y,z) ( ( x & y ) | ( ~x & z ) ) // Rounds 0-19 */ -#define f1(x,y,z) ( z ^ ( x & ( y ^ z ) ) ) /* Rounds 0-19 */ -#define f2(x,y,z) ( x ^ y ^ z ) /* Rounds 20-39 */ -/*#define f3(x,y,z) ( ( x & y ) | ( x & z ) | ( y & z ) ) // Rounds 40-59 */ -#define f3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) ) /* Rounds 40-59 */ -#define f4(x,y,z) ( x ^ y ^ z ) /* Rounds 60-79 */ - -/* The SHA Mysterious Constants */ - -#define K1 0x5A827999L /* Rounds 0-19 */ -#define K2 0x6ED9EBA1L /* Rounds 20-39 */ -#define K3 0x8F1BBCDCL /* Rounds 40-59 */ -#define K4 0xCA62C1D6L /* Rounds 60-79 */ - -/* SHA initial values */ - -#define h0init 0x67452301L -#define h1init 0xEFCDAB89L -#define h2init 0x98BADCFEL -#define h3init 0x10325476L -#define h4init 0xC3D2E1F0L - -/* 32-bit rotate left - kludged with shifts */ - -#define ROTL(n,X) ( ( (X) << (n) ) | ( (X) >> ( 32 - (n) ) ) ) - -/* The initial expanding function. The hash function is defined over an - 80-word expanded input array W, where the first 16 are copies of the input - data, and the remaining 64 are defined by - - W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] - - This implementation generates these values on the fly in a circular - buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this - optimization. - - The updated SHA changes the expanding function by adding a rotate of 1 - bit. Thanks to Jim Gillogly, jim@rand.org, and an anonymous contributor - for this information */ - -#define expand(W,i) ( W[ i & 15 ] = \ - ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \ - W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) ) ) - - -/* The prototype SHA sub-round. The fundamental sub-round is: - - a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; - b' = a; - c' = ROTL( 30, b ); - d' = c; - e' = d; - - but this is implemented by unrolling the loop 5 times and renaming the - variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration. - This code is then replicated 20 times for each of the 4 functions, using - the next 20 values from the W[] array each time */ - -#define subRound(a, b, c, d, e, f, k, data) \ - ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, b = ROTL( 30, b ) ) - -/* Initialize the SHA values */ - -void sha_init(struct sha_ctx *ctx) -{ - /* Set the h-vars to their initial values */ - ctx->digest[ 0 ] = h0init; - ctx->digest[ 1 ] = h1init; - ctx->digest[ 2 ] = h2init; - ctx->digest[ 3 ] = h3init; - ctx->digest[ 4 ] = h4init; - - /* Initialize bit count */ - ctx->count_l = ctx->count_h = 0; - - /* Initialize buffer */ - ctx->index = 0; -} - -/* Perform the SHA transformation. Note that this code, like MD5, seems to - break some optimizing compilers due to the complexity of the expressions - and the size of the basic block. It may be necessary to split it into - sections, e.g. based on the four subrounds - - Note that this function destroys the data area */ - -void sha_transform(UINT32 *state, UINT32 *data) -{ - UINT32 A, B, C, D, E; /* Local vars */ - - /* Set up first buffer and local data buffer */ - A = state[0]; - B = state[1]; - C = state[2]; - D = state[3]; - E = state[4]; - - /* Heavy mangling, in 4 sub-rounds of 20 interations each. */ - subRound( A, B, C, D, E, f1, K1, data[ 0] ); - subRound( E, A, B, C, D, f1, K1, data[ 1] ); - subRound( D, E, A, B, C, f1, K1, data[ 2] ); - subRound( C, D, E, A, B, f1, K1, data[ 3] ); - subRound( B, C, D, E, A, f1, K1, data[ 4] ); - subRound( A, B, C, D, E, f1, K1, data[ 5] ); - subRound( E, A, B, C, D, f1, K1, data[ 6] ); - subRound( D, E, A, B, C, f1, K1, data[ 7] ); - subRound( C, D, E, A, B, f1, K1, data[ 8] ); - subRound( B, C, D, E, A, f1, K1, data[ 9] ); - subRound( A, B, C, D, E, f1, K1, data[10] ); - subRound( E, A, B, C, D, f1, K1, data[11] ); - subRound( D, E, A, B, C, f1, K1, data[12] ); - subRound( C, D, E, A, B, f1, K1, data[13] ); - subRound( B, C, D, E, A, f1, K1, data[14] ); - subRound( A, B, C, D, E, f1, K1, data[15] ); - subRound( E, A, B, C, D, f1, K1, expand( data, 16 ) ); - subRound( D, E, A, B, C, f1, K1, expand( data, 17 ) ); - subRound( C, D, E, A, B, f1, K1, expand( data, 18 ) ); - subRound( B, C, D, E, A, f1, K1, expand( data, 19 ) ); - - subRound( A, B, C, D, E, f2, K2, expand( data, 20 ) ); - subRound( E, A, B, C, D, f2, K2, expand( data, 21 ) ); - subRound( D, E, A, B, C, f2, K2, expand( data, 22 ) ); - subRound( C, D, E, A, B, f2, K2, expand( data, 23 ) ); - subRound( B, C, D, E, A, f2, K2, expand( data, 24 ) ); - subRound( A, B, C, D, E, f2, K2, expand( data, 25 ) ); - subRound( E, A, B, C, D, f2, K2, expand( data, 26 ) ); - subRound( D, E, A, B, C, f2, K2, expand( data, 27 ) ); - subRound( C, D, E, A, B, f2, K2, expand( data, 28 ) ); - subRound( B, C, D, E, A, f2, K2, expand( data, 29 ) ); - subRound( A, B, C, D, E, f2, K2, expand( data, 30 ) ); - subRound( E, A, B, C, D, f2, K2, expand( data, 31 ) ); - subRound( D, E, A, B, C, f2, K2, expand( data, 32 ) ); - subRound( C, D, E, A, B, f2, K2, expand( data, 33 ) ); - subRound( B, C, D, E, A, f2, K2, expand( data, 34 ) ); - subRound( A, B, C, D, E, f2, K2, expand( data, 35 ) ); - subRound( E, A, B, C, D, f2, K2, expand( data, 36 ) ); - subRound( D, E, A, B, C, f2, K2, expand( data, 37 ) ); - subRound( C, D, E, A, B, f2, K2, expand( data, 38 ) ); - subRound( B, C, D, E, A, f2, K2, expand( data, 39 ) ); - - subRound( A, B, C, D, E, f3, K3, expand( data, 40 ) ); - subRound( E, A, B, C, D, f3, K3, expand( data, 41 ) ); - subRound( D, E, A, B, C, f3, K3, expand( data, 42 ) ); - subRound( C, D, E, A, B, f3, K3, expand( data, 43 ) ); - subRound( B, C, D, E, A, f3, K3, expand( data, 44 ) ); - subRound( A, B, C, D, E, f3, K3, expand( data, 45 ) ); - subRound( E, A, B, C, D, f3, K3, expand( data, 46 ) ); - subRound( D, E, A, B, C, f3, K3, expand( data, 47 ) ); - subRound( C, D, E, A, B, f3, K3, expand( data, 48 ) ); - subRound( B, C, D, E, A, f3, K3, expand( data, 49 ) ); - subRound( A, B, C, D, E, f3, K3, expand( data, 50 ) ); - subRound( E, A, B, C, D, f3, K3, expand( data, 51 ) ); - subRound( D, E, A, B, C, f3, K3, expand( data, 52 ) ); - subRound( C, D, E, A, B, f3, K3, expand( data, 53 ) ); - subRound( B, C, D, E, A, f3, K3, expand( data, 54 ) ); - subRound( A, B, C, D, E, f3, K3, expand( data, 55 ) ); - subRound( E, A, B, C, D, f3, K3, expand( data, 56 ) ); - subRound( D, E, A, B, C, f3, K3, expand( data, 57 ) ); - subRound( C, D, E, A, B, f3, K3, expand( data, 58 ) ); - subRound( B, C, D, E, A, f3, K3, expand( data, 59 ) ); - - subRound( A, B, C, D, E, f4, K4, expand( data, 60 ) ); - subRound( E, A, B, C, D, f4, K4, expand( data, 61 ) ); - subRound( D, E, A, B, C, f4, K4, expand( data, 62 ) ); - subRound( C, D, E, A, B, f4, K4, expand( data, 63 ) ); - subRound( B, C, D, E, A, f4, K4, expand( data, 64 ) ); - subRound( A, B, C, D, E, f4, K4, expand( data, 65 ) ); - subRound( E, A, B, C, D, f4, K4, expand( data, 66 ) ); - subRound( D, E, A, B, C, f4, K4, expand( data, 67 ) ); - subRound( C, D, E, A, B, f4, K4, expand( data, 68 ) ); - subRound( B, C, D, E, A, f4, K4, expand( data, 69 ) ); - subRound( A, B, C, D, E, f4, K4, expand( data, 70 ) ); - subRound( E, A, B, C, D, f4, K4, expand( data, 71 ) ); - subRound( D, E, A, B, C, f4, K4, expand( data, 72 ) ); - subRound( C, D, E, A, B, f4, K4, expand( data, 73 ) ); - subRound( B, C, D, E, A, f4, K4, expand( data, 74 ) ); - subRound( A, B, C, D, E, f4, K4, expand( data, 75 ) ); - subRound( E, A, B, C, D, f4, K4, expand( data, 76 ) ); - subRound( D, E, A, B, C, f4, K4, expand( data, 77 ) ); - subRound( C, D, E, A, B, f4, K4, expand( data, 78 ) ); - subRound( B, C, D, E, A, f4, K4, expand( data, 79 ) ); - - /* Build message digest */ - state[0] += A; - state[1] += B; - state[2] += C; - state[3] += D; - state[4] += E; -} - -static void -sha_block(struct sha_ctx *ctx, const UINT8 *block) -{ - UINT32 data[SHA_DATALEN]; - int i; - - /* Update block count */ - if (!++ctx->count_l) - ++ctx->count_h; - - /* Endian independent conversion */ - for (i = 0; i<SHA_DATALEN; i++, block += 4) - data[i] = READ_UINT32(block); - - sha_transform(ctx->digest, data); -} - -void -sha_update(struct sha_ctx *ctx, - const UINT8 *buffer, UINT32 len) -{ - if (ctx->index) - { /* Try to fill partial block */ - unsigned left = SHA_DATASIZE - ctx->index; - if (len < left) - { - memcpy(ctx->block + ctx->index, buffer, len); - ctx->index += len; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, buffer, left); - sha_block(ctx, ctx->block); - buffer += left; - len -= left; - } - } - while (len >= SHA_DATASIZE) - { - sha_block(ctx, buffer); - buffer += SHA_DATASIZE; - len -= SHA_DATASIZE; - } - if ((ctx->index = len)) /* This assignment is intended */ - /* Buffer leftovers */ - memcpy(ctx->block, buffer, len); -} - -/* Final wrapup - pad to SHA_DATASIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - -void -sha_final(struct sha_ctx *ctx) -{ - UINT32 data[SHA_DATALEN]; - int i; - int words; - - i = ctx->index; - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - ctx->block[i++] = 0x80; - - /* Fill rest of word */ - for( ; i & 3; i++) - ctx->block[i] = 0; - - /* i is now a multiple of the word size 4 */ - words = i >> 2; - for (i = 0; i < words; i++) - data[i] = READ_UINT32(ctx->block + 4*i); - - if (words > (SHA_DATALEN-2)) - { /* No room for length in this block. Process it and - * pad with another one */ - for (i = words ; i < SHA_DATALEN; i++) - data[i] = 0; - sha_transform(ctx->digest, data); - for (i = 0; i < (SHA_DATALEN-2); i++) - data[i] = 0; - } - else - for (i = words ; i < SHA_DATALEN - 2; i++) - data[i] = 0; - /* Theres 512 = 2^9 bits in one block */ - data[SHA_DATALEN-2] = (ctx->count_h << 9) | (ctx->count_l >> 23); - data[SHA_DATALEN-1] = (ctx->count_l << 9) | (ctx->index << 3); - sha_transform(ctx->digest, data); -} - -void -sha_digest(struct sha_ctx *ctx, UINT8 *s) -{ - int i; - - for (i = 0; i < SHA_DIGESTLEN; i++, s+= 4) - WRITE_UINT32(s, ctx->digest[i]); -} diff --git a/twofish_test.c b/twofish_test.c deleted file mode 100644 index 1e89fc67..00000000 --- a/twofish_test.c +++ /dev/null @@ -1,42 +0,0 @@ -/* twofish_test.c - * - * $Id$ - */ - -/* lsh, an implementation of the ssh protocol - * - * Copyright (C) 1998 Niels Möller - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include "twofish.h" - -#include <stdio.h> -#include <stdlib.h> - -int main (int argc UNUSED, char **argv UNUSED) -{ - if (twofish_selftest()) - { - fprintf(stderr, "Twofish works.\n"); - return EXIT_SUCCESS; - } - else - { - fprintf(stderr, "ERROR: Twofish failed.\n"); - return EXIT_FAILURE; - } -} diff --git a/util.c b/util.c deleted file mode 100644 index 7bd0b022..00000000 --- a/util.c +++ /dev/null @@ -1,31 +0,0 @@ -#include "util.h" - -#include <stdarg.h> /* For the va_* stuff */ -#include <stdlib.h> /* For EXIT_FAILURE */ -#include "../werror.h" - -void log_bug(const char *format, ... ) { - va_list args; - - va_start(args, format); - werror(format, args); - va_end(args); -} - -void log_error(const char *format, ... ) { - va_list args; - - va_start(args, format); - werror(format, args); - va_end(args); -} - -void log_fatal(const char *format, ... ) { - va_list args; - - va_start(args, format); - log_error(format, args); - va_end(args); - - exit(EXIT_FAILURE); -} diff --git a/util.h b/util.h deleted file mode 100644 index f4510557..00000000 --- a/util.h +++ /dev/null @@ -1,24 +0,0 @@ -#ifndef _UTIL_H -#define _UTIL_H - -#warning Don't use lib/util.h - -/* Bridge from GPG style to lsh style */ -#include "lsh_types.h" - -/* Report a bug (TODO: do what afterwards? ) */ -void log_bug(const char *fmt, ... ) PRINTF_STYLE(1,2); - -/* Report an error */ -void log_error(const char *fmt, ... ) PRINTF_STYLE(1,2); - -/* Report a fatal error and die */ -void log_fatal(const char *fmt, ... ) PRINTF_STYLE(1,2) NORETURN; - -#ifndef G10ERR_WEAK_KEY - #define G10ERR_WEAK_KEY 43 -#elif G10ERR_WEAK_KEY != 43 - #error G10ERR_WEAK_KEY is defined to a wrong value. -#endif - -#endif /* _UTIL_H */ |