/[mcrypt]/libmcrypt-nm/lib/serpent.c
ViewVC logotype

Contents of /libmcrypt-nm/lib/serpent.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1.1.1 - (show annotations) (vendor branch)
Mon May 22 13:08:54 2000 UTC (23 years, 10 months ago) by nmav
Branch: MAIN, mcrypt
CVS Tags: start, HEAD
Changes since 1.1: +0 -0 lines
File MIME type: text/plain

1 /* This is an independent implementation of the encryption algorithm:
2 *
3 * Serpent by Ross Anderson, Eli Biham and Lars Knudsen
4 *
5 * which is a candidate algorithm in the Advanced Encryption Standard
6 * programme of the US National Institute of Standards and Technology
7 *
8 * Copyright in this implementation is held by Dr B R Gladman but I
9 * hereby give permission for its free direct or derivative use subject
10 * to acknowledgment of its origin and compliance with any conditions
11 * that the originators of the algorithm place on its exploitation.
12 *
13 * Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999
14 */
15
16 /*
17 Algorithm serpent (serpent.c)
18
19 128 bit key:
20 Key Setup: 2366 cycles
21 Encrypt: 954 cycles = 26.8 mbits/sec
22 Decrypt: 907 cycles = 28.2 mbits/sec
23 Mean: 931 cycles = 27.5 mbits/sec
24
25 192 bit key:
26 Key Setup: 2382 cycles
27 Encrypt: 967 cycles = 26.5 mbits/sec
28 Decrypt: 915 cycles = 28.0 mbits/sec
29 Mean: 941 cycles = 27.2 mbits/sec
30
31 256 bit key:
32 Key Setup: 2360 cycles
33 Encrypt: 967 cycles = 26.5 mbits/sec
34 Decrypt: 915 cycles = 28.0 mbits/sec
35 Mean: 941 cycles = 27.2 mbits/sec
36 */
37
38 #include "libdefs.h"
39 #include "swap.h"
40 #include "serpent.h"
41
42 /* Partially optimised Serpent S Box boolean functions derived */
43 /* using a recursive descent analyser but without a full search */
44 /* of all subtrees. This set of S boxes is the result of work */
45 /* by Sam Simpson and Brian Gladman using the spare time on a */
46 /* cluster of high capacity servers to search for S boxes with */
47 /* this customised search engine. */
48 /* */
49 /* Copyright: Dr B. R Gladman (gladman@seven77.demon.co.uk) */
50 /* and Sam Simpson (s.simpson@mia.co.uk) */
51 /* 17th December 1998 */
52 /* */
53 /* We hereby give permission for information in this file to be */
54 /* used freely subject only to acknowledgement of its origin */
55
56 /* 15 terms */
57
58 #define sb0(a,b,c,d,e,f,g,h) \
59 t1 = a ^ d; \
60 t2 = a & d; \
61 t3 = c ^ t1; \
62 t6 = b & t1; \
63 t4 = b ^ t3; \
64 t10 = ~t3; \
65 h = t2 ^ t4; \
66 t7 = a ^ t6; \
67 t14 = ~t7; \
68 t8 = c | t7; \
69 t11 = t3 ^ t7; \
70 g = t4 ^ t8; \
71 t12 = h & t11; \
72 f = t10 ^ t12; \
73 e = t12 ^ t14
74
75 /* 15 terms */
76
77 #define ib0(a,b,c,d,e,f,g,h) \
78 t1 = ~a; \
79 t2 = a ^ b; \
80 t3 = t1 | t2; \
81 t4 = d ^ t3; \
82 t7 = d & t2; \
83 t5 = c ^ t4; \
84 t8 = t1 ^ t7; \
85 g = t2 ^ t5; \
86 t11 = a & t4; \
87 t9 = g & t8; \
88 t14 = t5 ^ t8; \
89 f = t4 ^ t9; \
90 t12 = t5 | f; \
91 h = t11 ^ t12; \
92 e = h ^ t14
93
94 /* 14 terms! */
95
96 #define sb1(a,b,c,d,e,f,g,h) \
97 t1 = ~a; \
98 t2 = b ^ t1; \
99 t3 = a | t2; \
100 t4 = d | t2; \
101 t5 = c ^ t3; \
102 g = d ^ t5; \
103 t7 = b ^ t4; \
104 t8 = t2 ^ g; \
105 t9 = t5 & t7; \
106 h = t8 ^ t9; \
107 t11 = t5 ^ t7; \
108 f = h ^ t11; \
109 t13 = t8 & t11; \
110 e = t5 ^ t13
111
112 /* 17 terms */
113
114 #define ib1(a,b,c,d,e,f,g,h) \
115 t1 = a ^ d; \
116 t2 = a & b; \
117 t3 = b ^ c; \
118 t4 = a ^ t3; \
119 t5 = b | d; \
120 t7 = c | t1; \
121 h = t4 ^ t5; \
122 t8 = b ^ t7; \
123 t11 = ~t2; \
124 t9 = t4 & t8; \
125 f = t1 ^ t9; \
126 t13 = t9 ^ t11; \
127 t12 = h & f; \
128 g = t12 ^ t13; \
129 t15 = a & d; \
130 t16 = c ^ t13; \
131 e = t15 ^ t16
132
133 /* 16 terms */
134
135 #define sb2(a,b,c,d,e,f,g,h) \
136 t1 = ~a; \
137 t2 = b ^ d; \
138 t3 = c & t1; \
139 t13 = d | t1; \
140 e = t2 ^ t3; \
141 t5 = c ^ t1; \
142 t6 = c ^ e; \
143 t7 = b & t6; \
144 t10 = e | t5; \
145 h = t5 ^ t7; \
146 t9 = d | t7; \
147 t11 = t9 & t10; \
148 t14 = t2 ^ h; \
149 g = a ^ t11; \
150 t15 = g ^ t13; \
151 f = t14 ^ t15
152
153 /* 16 terms */
154
155 #define ib2(a,b,c,d,e,f,g,h) \
156 t1 = b ^ d; \
157 t2 = ~t1; \
158 t3 = a ^ c; \
159 t4 = c ^ t1; \
160 t7 = a | t2; \
161 t5 = b & t4; \
162 t8 = d ^ t7; \
163 t11 = ~t4; \
164 e = t3 ^ t5; \
165 t9 = t3 | t8; \
166 t14 = d & t11; \
167 h = t1 ^ t9; \
168 t12 = e | h; \
169 f = t11 ^ t12; \
170 t15 = t3 ^ t12; \
171 g = t14 ^ t15
172
173 /* 17 terms */
174
175 #define sb3(a,b,c,d,e,f,g,h) \
176 t1 = a ^ c; \
177 t2 = d ^ t1; \
178 t3 = a & t2; \
179 t4 = d ^ t3; \
180 t5 = b & t4; \
181 g = t2 ^ t5; \
182 t7 = a | g; \
183 t8 = b | d; \
184 t11 = a | d; \
185 t9 = t4 & t7; \
186 f = t8 ^ t9; \
187 t12 = b ^ t11; \
188 t13 = g ^ t9; \
189 t15 = t3 ^ t8; \
190 h = t12 ^ t13; \
191 t16 = c & t15; \
192 e = t12 ^ t16
193
194 /* 16 term solution that performs less well than 17 term one
195 in my environment (PPro/PII)
196
197 #define sb3(a,b,c,d,e,f,g,h) \
198 t1 = a ^ b; \
199 t2 = a & c; \
200 t3 = a | d; \
201 t4 = c ^ d; \
202 t5 = t1 & t3; \
203 t6 = t2 | t5; \
204 g = t4 ^ t6; \
205 t8 = b ^ t3; \
206 t9 = t6 ^ t8; \
207 t10 = t4 & t9; \
208 e = t1 ^ t10; \
209 t12 = g & e; \
210 f = t9 ^ t12; \
211 t14 = b | d; \
212 t15 = t4 ^ t12; \
213 h = t14 ^ t15
214 */
215
216 /* 17 terms */
217
218 #define ib3(a,b,c,d,e,f,g,h) \
219 t1 = b ^ c; \
220 t2 = b | c; \
221 t3 = a ^ c; \
222 t7 = a ^ d; \
223 t4 = t2 ^ t3; \
224 t5 = d | t4; \
225 t9 = t2 ^ t7; \
226 e = t1 ^ t5; \
227 t8 = t1 | t5; \
228 t11 = a & t4; \
229 g = t8 ^ t9; \
230 t12 = e | t9; \
231 f = t11 ^ t12; \
232 t14 = a & g; \
233 t15 = t2 ^ t14; \
234 t16 = e & t15; \
235 h = t4 ^ t16
236
237 /* 15 terms */
238
239 #define sb4(a,b,c,d,e,f,g,h) \
240 t1 = a ^ d; \
241 t2 = d & t1; \
242 t3 = c ^ t2; \
243 t4 = b | t3; \
244 h = t1 ^ t4; \
245 t6 = ~b; \
246 t7 = t1 | t6; \
247 e = t3 ^ t7; \
248 t9 = a & e; \
249 t10 = t1 ^ t6; \
250 t11 = t4 & t10; \
251 g = t9 ^ t11; \
252 t13 = a ^ t3; \
253 t14 = t10 & g; \
254 f = t13 ^ t14
255
256 /* 17 terms */
257
258 #define ib4(a,b,c,d,e,f,g,h) \
259 t1 = c ^ d; \
260 t2 = c | d; \
261 t3 = b ^ t2; \
262 t4 = a & t3; \
263 f = t1 ^ t4; \
264 t6 = a ^ d; \
265 t7 = b | d; \
266 t8 = t6 & t7; \
267 h = t3 ^ t8; \
268 t10 = ~a; \
269 t11 = c ^ h; \
270 t12 = t10 | t11;\
271 e = t3 ^ t12; \
272 t14 = c | t4; \
273 t15 = t7 ^ t14; \
274 t16 = h | t10; \
275 g = t15 ^ t16
276
277 /* 16 terms */
278
279 #define sb5(a,b,c,d,e,f,g,h) \
280 t1 = ~a; \
281 t2 = a ^ b; \
282 t3 = a ^ d; \
283 t4 = c ^ t1; \
284 t5 = t2 | t3; \
285 e = t4 ^ t5; \
286 t7 = d & e; \
287 t8 = t2 ^ e; \
288 t10 = t1 | e; \
289 f = t7 ^ t8; \
290 t11 = t2 | t7; \
291 t12 = t3 ^ t10; \
292 t14 = b ^ t7; \
293 g = t11 ^ t12; \
294 t15 = f & t12; \
295 h = t14 ^ t15
296
297 /* 16 terms */
298
299 #define ib5(a,b,c,d,e,f,g,h) \
300 t1 = ~c; \
301 t2 = b & t1; \
302 t3 = d ^ t2; \
303 t4 = a & t3; \
304 t5 = b ^ t1; \
305 h = t4 ^ t5; \
306 t7 = b | h; \
307 t8 = a & t7; \
308 f = t3 ^ t8; \
309 t10 = a | d; \
310 t11 = t1 ^ t7; \
311 e = t10 ^ t11; \
312 t13 = a ^ c; \
313 t14 = b & t10; \
314 t15 = t4 | t13; \
315 g = t14 ^ t15
316
317 /* 15 terms */
318
319 #define sb6(a,b,c,d,e,f,g,h) \
320 t1 = ~a; \
321 t2 = a ^ d; \
322 t3 = b ^ t2; \
323 t4 = t1 | t2; \
324 t5 = c ^ t4; \
325 f = b ^ t5; \
326 t13 = ~t5; \
327 t7 = t2 | f; \
328 t8 = d ^ t7; \
329 t9 = t5 & t8; \
330 g = t3 ^ t9; \
331 t11 = t5 ^ t8; \
332 e = g ^ t11; \
333 t14 = t3 & t11; \
334 h = t13 ^ t14
335
336 /* 15 terms */
337
338 #define ib6(a,b,c,d,e,f,g,h) \
339 t1 = ~a; \
340 t2 = a ^ b; \
341 t3 = c ^ t2; \
342 t4 = c | t1; \
343 t5 = d ^ t4; \
344 t13 = d & t1; \
345 f = t3 ^ t5; \
346 t7 = t3 & t5; \
347 t8 = t2 ^ t7; \
348 t9 = b | t8; \
349 h = t5 ^ t9; \
350 t11 = b | h; \
351 e = t8 ^ t11; \
352 t14 = t3 ^ t11; \
353 g = t13 ^ t14
354
355 /* 17 terms */
356
357 #define sb7(a,b,c,d,e,f,g,h) \
358 t1 = ~c; \
359 t2 = b ^ c; \
360 t3 = b | t1; \
361 t4 = d ^ t3; \
362 t5 = a & t4; \
363 t7 = a ^ d; \
364 h = t2 ^ t5; \
365 t8 = b ^ t5; \
366 t9 = t2 | t8; \
367 t11 = d & t3; \
368 f = t7 ^ t9; \
369 t12 = t5 ^ f; \
370 t15 = t1 | t4; \
371 t13 = h & t12; \
372 g = t11 ^ t13; \
373 t16 = t12 ^ g; \
374 e = t15 ^ t16
375
376 /* 17 terms */
377
378 #define ib7(a,b,c,d,e,f,g,h) \
379 t1 = a & b; \
380 t2 = a | b; \
381 t3 = c | t1; \
382 t4 = d & t2; \
383 h = t3 ^ t4; \
384 t6 = ~d; \
385 t7 = b ^ t4; \
386 t8 = h ^ t6; \
387 t11 = c ^ t7; \
388 t9 = t7 | t8; \
389 f = a ^ t9; \
390 t12 = d | f; \
391 e = t11 ^ t12; \
392 t14 = a & h; \
393 t15 = t3 ^ f; \
394 t16 = e ^ t14; \
395 g = t15 ^ t16
396
397 #define k_xor(r,a,b,c,d) \
398 a ^= spkey->l_key[4 * r + 8]; \
399 b ^= spkey->l_key[4 * r + 9]; \
400 c ^= spkey->l_key[4 * r + 10]; \
401 d ^= spkey->l_key[4 * r + 11]
402
403 #define k_set(r,a,b,c,d) \
404 a = spkey->l_key[4 * r + 8]; \
405 b = spkey->l_key[4 * r + 9]; \
406 c = spkey->l_key[4 * r + 10]; \
407 d = spkey->l_key[4 * r + 11]
408
409 #define k_get(r,a,b,c,d) \
410 spkey->l_key[4 * r + 8] = a; \
411 spkey->l_key[4 * r + 9] = b; \
412 spkey->l_key[4 * r + 10] = c; \
413 spkey->l_key[4 * r + 11] = d
414
415 /* the linear transformation and its inverse */
416
417 #define rot(a,b,c,d) \
418 a = rotl(a, 13); \
419 c = rotl(c, 3); \
420 d ^= c ^ (a << 3); \
421 b ^= a ^ c; \
422 d = rotl(d, 7); \
423 b = rotl(b, 1); \
424 a ^= b ^ d; \
425 c ^= d ^ (b << 7); \
426 a = rotl(a, 5); \
427 c = rotl(c, 22)
428
429 #define irot(a,b,c,d) \
430 c = rotr(c, 22); \
431 a = rotr(a, 5); \
432 c ^= d ^ (b << 7); \
433 a ^= b ^ d; \
434 d = rotr(d, 7); \
435 b = rotr(b, 1); \
436 d ^= c ^ (a << 3); \
437 b ^= a ^ c; \
438 c = rotr(c, 3); \
439 a = rotr(a, 13)
440
441 /* initialise the key schedule from the user supplied key */
442
443 void _mcrypt_serpent_set_key(SERPENT_KEY * spkey, const word32* in_key,
444 word32 key_len)
445 {
446 word32 i, lk, a, b, c, d, e, f, g, h;
447 word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14,
448 t15, t16;
449
450 key_len *= 8;
451 if (key_len > 256)
452
453 return;
454
455 i = 0;
456 lk = (key_len + 31) / 32;
457
458 while (i < lk) {
459 #ifdef WORDS_BIGENDIAN
460 spkey->l_key[i] = byteswap(in_key[i]);
461 #else
462 spkey->l_key[i] = (in_key[i]);
463 #endif
464 i++;
465 }
466
467 if (key_len < 256) {
468 while (i < 8)
469
470 spkey->l_key[i++] = 0;
471
472 i = key_len / 32;
473 lk = 1 << key_len % 32;
474 spkey->l_key[i] = (spkey->l_key[i] & (lk - 1)) | lk;
475 }
476
477 for (i = 0; i < 132; ++i) {
478 lk =
479 spkey->l_key[i] ^ spkey->l_key[i +
480 3] ^ spkey->l_key[i +
481 5] ^
482 spkey->l_key[i + 7] ^ 0x9e3779b9 ^ i;
483
484 spkey->l_key[i + 8] = (lk << 11) | (lk >> 21);
485 }
486
487 k_set(0, a, b, c, d);
488 sb3(a, b, c, d, e, f, g, h);
489 k_get(0, e, f, g, h);
490 k_set(1, a, b, c, d);
491 sb2(a, b, c, d, e, f, g, h);
492 k_get(1, e, f, g, h);
493 k_set(2, a, b, c, d);
494 sb1(a, b, c, d, e, f, g, h);
495 k_get(2, e, f, g, h);
496 k_set(3, a, b, c, d);
497 sb0(a, b, c, d, e, f, g, h);
498 k_get(3, e, f, g, h);
499 k_set(4, a, b, c, d);
500 sb7(a, b, c, d, e, f, g, h);
501 k_get(4, e, f, g, h);
502 k_set(5, a, b, c, d);
503 sb6(a, b, c, d, e, f, g, h);
504 k_get(5, e, f, g, h);
505 k_set(6, a, b, c, d);
506 sb5(a, b, c, d, e, f, g, h);
507 k_get(6, e, f, g, h);
508 k_set(7, a, b, c, d);
509 sb4(a, b, c, d, e, f, g, h);
510 k_get(7, e, f, g, h);
511 k_set(8, a, b, c, d);
512 sb3(a, b, c, d, e, f, g, h);
513 k_get(8, e, f, g, h);
514 k_set(9, a, b, c, d);
515 sb2(a, b, c, d, e, f, g, h);
516 k_get(9, e, f, g, h);
517 k_set(10, a, b, c, d);
518 sb1(a, b, c, d, e, f, g, h);
519 k_get(10, e, f, g, h);
520 k_set(11, a, b, c, d);
521 sb0(a, b, c, d, e, f, g, h);
522 k_get(11, e, f, g, h);
523 k_set(12, a, b, c, d);
524 sb7(a, b, c, d, e, f, g, h);
525 k_get(12, e, f, g, h);
526 k_set(13, a, b, c, d);
527 sb6(a, b, c, d, e, f, g, h);
528 k_get(13, e, f, g, h);
529 k_set(14, a, b, c, d);
530 sb5(a, b, c, d, e, f, g, h);
531 k_get(14, e, f, g, h);
532 k_set(15, a, b, c, d);
533 sb4(a, b, c, d, e, f, g, h);
534 k_get(15, e, f, g, h);
535 k_set(16, a, b, c, d);
536 sb3(a, b, c, d, e, f, g, h);
537 k_get(16, e, f, g, h);
538 k_set(17, a, b, c, d);
539 sb2(a, b, c, d, e, f, g, h);
540 k_get(17, e, f, g, h);
541 k_set(18, a, b, c, d);
542 sb1(a, b, c, d, e, f, g, h);
543 k_get(18, e, f, g, h);
544 k_set(19, a, b, c, d);
545 sb0(a, b, c, d, e, f, g, h);
546 k_get(19, e, f, g, h);
547 k_set(20, a, b, c, d);
548 sb7(a, b, c, d, e, f, g, h);
549 k_get(20, e, f, g, h);
550 k_set(21, a, b, c, d);
551 sb6(a, b, c, d, e, f, g, h);
552 k_get(21, e, f, g, h);
553 k_set(22, a, b, c, d);
554 sb5(a, b, c, d, e, f, g, h);
555 k_get(22, e, f, g, h);
556 k_set(23, a, b, c, d);
557 sb4(a, b, c, d, e, f, g, h);
558 k_get(23, e, f, g, h);
559 k_set(24, a, b, c, d);
560 sb3(a, b, c, d, e, f, g, h);
561 k_get(24, e, f, g, h);
562 k_set(25, a, b, c, d);
563 sb2(a, b, c, d, e, f, g, h);
564 k_get(25, e, f, g, h);
565 k_set(26, a, b, c, d);
566 sb1(a, b, c, d, e, f, g, h);
567 k_get(26, e, f, g, h);
568 k_set(27, a, b, c, d);
569 sb0(a, b, c, d, e, f, g, h);
570 k_get(27, e, f, g, h);
571 k_set(28, a, b, c, d);
572 sb7(a, b, c, d, e, f, g, h);
573 k_get(28, e, f, g, h);
574 k_set(29, a, b, c, d);
575 sb6(a, b, c, d, e, f, g, h);
576 k_get(29, e, f, g, h);
577 k_set(30, a, b, c, d);
578 sb5(a, b, c, d, e, f, g, h);
579 k_get(30, e, f, g, h);
580 k_set(31, a, b, c, d);
581 sb4(a, b, c, d, e, f, g, h);
582 k_get(31, e, f, g, h);
583 k_set(32, a, b, c, d);
584 sb3(a, b, c, d, e, f, g, h);
585 k_get(32, e, f, g, h);
586
587 return;
588 }
589
590 /* encrypt a block of text */
591
592 void _mcrypt_serpent_encrypt(SERPENT_KEY * spkey, word32* in_blk)
593 {
594 word32 a, b, c, d, e, f, g, h;
595 word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14,
596 t15, t16;
597
598 #ifdef WORDS_BIGENDIAN
599 a = byteswap(in_blk[0]);
600 b = byteswap(in_blk[1]);
601 c = byteswap(in_blk[2]);
602 d = byteswap(in_blk[3]);
603 #else
604 a = in_blk[0];
605 b = in_blk[1];
606 c = in_blk[2];
607 d = in_blk[3];
608 #endif
609
610 k_xor(0, a, b, c, d);
611 sb0(a, b, c, d, e, f, g, h);
612 rot(e, f, g, h);
613 k_xor(1, e, f, g, h);
614 sb1(e, f, g, h, a, b, c, d);
615 rot(a, b, c, d);
616 k_xor(2, a, b, c, d);
617 sb2(a, b, c, d, e, f, g, h);
618 rot(e, f, g, h);
619 k_xor(3, e, f, g, h);
620 sb3(e, f, g, h, a, b, c, d);
621 rot(a, b, c, d);
622 k_xor(4, a, b, c, d);
623 sb4(a, b, c, d, e, f, g, h);
624 rot(e, f, g, h);
625 k_xor(5, e, f, g, h);
626 sb5(e, f, g, h, a, b, c, d);
627 rot(a, b, c, d);
628 k_xor(6, a, b, c, d);
629 sb6(a, b, c, d, e, f, g, h);
630 rot(e, f, g, h);
631 k_xor(7, e, f, g, h);
632 sb7(e, f, g, h, a, b, c, d);
633 rot(a, b, c, d);
634 k_xor(8, a, b, c, d);
635 sb0(a, b, c, d, e, f, g, h);
636 rot(e, f, g, h);
637 k_xor(9, e, f, g, h);
638 sb1(e, f, g, h, a, b, c, d);
639 rot(a, b, c, d);
640 k_xor(10, a, b, c, d);
641 sb2(a, b, c, d, e, f, g, h);
642 rot(e, f, g, h);
643 k_xor(11, e, f, g, h);
644 sb3(e, f, g, h, a, b, c, d);
645 rot(a, b, c, d);
646 k_xor(12, a, b, c, d);
647 sb4(a, b, c, d, e, f, g, h);
648 rot(e, f, g, h);
649 k_xor(13, e, f, g, h);
650 sb5(e, f, g, h, a, b, c, d);
651 rot(a, b, c, d);
652 k_xor(14, a, b, c, d);
653 sb6(a, b, c, d, e, f, g, h);
654 rot(e, f, g, h);
655 k_xor(15, e, f, g, h);
656 sb7(e, f, g, h, a, b, c, d);
657 rot(a, b, c, d);
658 k_xor(16, a, b, c, d);
659 sb0(a, b, c, d, e, f, g, h);
660 rot(e, f, g, h);
661 k_xor(17, e, f, g, h);
662 sb1(e, f, g, h, a, b, c, d);
663 rot(a, b, c, d);
664 k_xor(18, a, b, c, d);
665 sb2(a, b, c, d, e, f, g, h);
666 rot(e, f, g, h);
667 k_xor(19, e, f, g, h);
668 sb3(e, f, g, h, a, b, c, d);
669 rot(a, b, c, d);
670 k_xor(20, a, b, c, d);
671 sb4(a, b, c, d, e, f, g, h);
672 rot(e, f, g, h);
673 k_xor(21, e, f, g, h);
674 sb5(e, f, g, h, a, b, c, d);
675 rot(a, b, c, d);
676 k_xor(22, a, b, c, d);
677 sb6(a, b, c, d, e, f, g, h);
678 rot(e, f, g, h);
679 k_xor(23, e, f, g, h);
680 sb7(e, f, g, h, a, b, c, d);
681 rot(a, b, c, d);
682 k_xor(24, a, b, c, d);
683 sb0(a, b, c, d, e, f, g, h);
684 rot(e, f, g, h);
685 k_xor(25, e, f, g, h);
686 sb1(e, f, g, h, a, b, c, d);
687 rot(a, b, c, d);
688 k_xor(26, a, b, c, d);
689 sb2(a, b, c, d, e, f, g, h);
690 rot(e, f, g, h);
691 k_xor(27, e, f, g, h);
692 sb3(e, f, g, h, a, b, c, d);
693 rot(a, b, c, d);
694 k_xor(28, a, b, c, d);
695 sb4(a, b, c, d, e, f, g, h);
696 rot(e, f, g, h);
697 k_xor(29, e, f, g, h);
698 sb5(e, f, g, h, a, b, c, d);
699 rot(a, b, c, d);
700 k_xor(30, a, b, c, d);
701 sb6(a, b, c, d, e, f, g, h);
702 rot(e, f, g, h);
703 k_xor(31, e, f, g, h);
704 sb7(e, f, g, h, a, b, c, d);
705 k_xor(32, a, b, c, d);
706
707 #ifdef WORDS_BIGENDIAN
708 in_blk[0] = byteswap(a);
709 in_blk[1] = byteswap(b);
710 in_blk[2] = byteswap(c);
711 in_blk[3] = byteswap(d);
712 #else
713 in_blk[0] = a;
714 in_blk[1] = b;
715 in_blk[2] = c;
716 in_blk[3] = d;
717 #endif
718 }
719
720 /* decrypt a block of text */
721
722 void _mcrypt_serpent_decrypt(SERPENT_KEY * spkey, word32 *in_blk)
723 {
724 word32 a, b, c, d, e, f, g, h;
725 word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14,
726 t15, t16;
727
728 #ifdef WORDS_BIGENDIAN
729 a = byteswap(in_blk[0]);
730 b = byteswap(in_blk[1]);
731 c = byteswap(in_blk[2]);
732 d = byteswap(in_blk[3]);
733 #else
734 a = in_blk[0];
735 b = in_blk[1];
736 c = in_blk[2];
737 d = in_blk[3];
738 #endif
739
740 k_xor(32, a, b, c, d);
741 ib7(a, b, c, d, e, f, g, h);
742 k_xor(31, e, f, g, h);
743 irot(e, f, g, h);
744 ib6(e, f, g, h, a, b, c, d);
745 k_xor(30, a, b, c, d);
746 irot(a, b, c, d);
747 ib5(a, b, c, d, e, f, g, h);
748 k_xor(29, e, f, g, h);
749 irot(e, f, g, h);
750 ib4(e, f, g, h, a, b, c, d);
751 k_xor(28, a, b, c, d);
752 irot(a, b, c, d);
753 ib3(a, b, c, d, e, f, g, h);
754 k_xor(27, e, f, g, h);
755 irot(e, f, g, h);
756 ib2(e, f, g, h, a, b, c, d);
757 k_xor(26, a, b, c, d);
758 irot(a, b, c, d);
759 ib1(a, b, c, d, e, f, g, h);
760 k_xor(25, e, f, g, h);
761 irot(e, f, g, h);
762 ib0(e, f, g, h, a, b, c, d);
763 k_xor(24, a, b, c, d);
764 irot(a, b, c, d);
765 ib7(a, b, c, d, e, f, g, h);
766 k_xor(23, e, f, g, h);
767 irot(e, f, g, h);
768 ib6(e, f, g, h, a, b, c, d);
769 k_xor(22, a, b, c, d);
770 irot(a, b, c, d);
771 ib5(a, b, c, d, e, f, g, h);
772 k_xor(21, e, f, g, h);
773 irot(e, f, g, h);
774 ib4(e, f, g, h, a, b, c, d);
775 k_xor(20, a, b, c, d);
776 irot(a, b, c, d);
777 ib3(a, b, c, d, e, f, g, h);
778 k_xor(19, e, f, g, h);
779 irot(e, f, g, h);
780 ib2(e, f, g, h, a, b, c, d);
781 k_xor(18, a, b, c, d);
782 irot(a, b, c, d);
783 ib1(a, b, c, d, e, f, g, h);
784 k_xor(17, e, f, g, h);
785 irot(e, f, g, h);
786 ib0(e, f, g, h, a, b, c, d);
787 k_xor(16, a, b, c, d);
788 irot(a, b, c, d);
789 ib7(a, b, c, d, e, f, g, h);
790 k_xor(15, e, f, g, h);
791 irot(e, f, g, h);
792 ib6(e, f, g, h, a, b, c, d);
793 k_xor(14, a, b, c, d);
794 irot(a, b, c, d);
795 ib5(a, b, c, d, e, f, g, h);
796 k_xor(13, e, f, g, h);
797 irot(e, f, g, h);
798 ib4(e, f, g, h, a, b, c, d);
799 k_xor(12, a, b, c, d);
800 irot(a, b, c, d);
801 ib3(a, b, c, d, e, f, g, h);
802 k_xor(11, e, f, g, h);
803 irot(e, f, g, h);
804 ib2(e, f, g, h, a, b, c, d);
805 k_xor(10, a, b, c, d);
806 irot(a, b, c, d);
807 ib1(a, b, c, d, e, f, g, h);
808 k_xor(9, e, f, g, h);
809 irot(e, f, g, h);
810 ib0(e, f, g, h, a, b, c, d);
811 k_xor(8, a, b, c, d);
812 irot(a, b, c, d);
813 ib7(a, b, c, d, e, f, g, h);
814 k_xor(7, e, f, g, h);
815 irot(e, f, g, h);
816 ib6(e, f, g, h, a, b, c, d);
817 k_xor(6, a, b, c, d);
818 irot(a, b, c, d);
819 ib5(a, b, c, d, e, f, g, h);
820 k_xor(5, e, f, g, h);
821 irot(e, f, g, h);
822 ib4(e, f, g, h, a, b, c, d);
823 k_xor(4, a, b, c, d);
824 irot(a, b, c, d);
825 ib3(a, b, c, d, e, f, g, h);
826 k_xor(3, e, f, g, h);
827 irot(e, f, g, h);
828 ib2(e, f, g, h, a, b, c, d);
829 k_xor(2, a, b, c, d);
830 irot(a, b, c, d);
831 ib1(a, b, c, d, e, f, g, h);
832 k_xor(1, e, f, g, h);
833 irot(e, f, g, h);
834 ib0(e, f, g, h, a, b, c, d);
835 k_xor(0, a, b, c, d);
836
837 #ifdef WORDS_BIGENDIAN
838 in_blk[0] = byteswap(a);
839 in_blk[1] = byteswap(b);
840 in_blk[2] = byteswap(c);
841 in_blk[3] = byteswap(d);
842 #else
843 in_blk[0] = a;
844 in_blk[1] = b;
845 in_blk[2] = c;
846 in_blk[3] = d;
847 #endif
848 }

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26