1 |
/* This is an independent implementation of the encryption algorithm: |
2 |
* |
3 |
* Serpent by Ross Anderson, Eli Biham and Lars Knudsen |
4 |
* |
5 |
* which is a candidate algorithm in the Advanced Encryption Standard |
6 |
* programme of the US National Institute of Standards and Technology |
7 |
* |
8 |
* Copyright in this implementation is held by Dr B R Gladman but I |
9 |
* hereby give permission for its free direct or derivative use subject |
10 |
* to acknowledgment of its origin and compliance with any conditions |
11 |
* that the originators of the algorithm place on its exploitation. |
12 |
* |
13 |
* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 |
14 |
*/ |
15 |
|
16 |
/* |
17 |
Algorithm serpent (serpent.c) |
18 |
|
19 |
128 bit key: |
20 |
Key Setup: 2366 cycles |
21 |
Encrypt: 954 cycles = 26.8 mbits/sec |
22 |
Decrypt: 907 cycles = 28.2 mbits/sec |
23 |
Mean: 931 cycles = 27.5 mbits/sec |
24 |
|
25 |
192 bit key: |
26 |
Key Setup: 2382 cycles |
27 |
Encrypt: 967 cycles = 26.5 mbits/sec |
28 |
Decrypt: 915 cycles = 28.0 mbits/sec |
29 |
Mean: 941 cycles = 27.2 mbits/sec |
30 |
|
31 |
256 bit key: |
32 |
Key Setup: 2360 cycles |
33 |
Encrypt: 967 cycles = 26.5 mbits/sec |
34 |
Decrypt: 915 cycles = 28.0 mbits/sec |
35 |
Mean: 941 cycles = 27.2 mbits/sec |
36 |
*/ |
37 |
|
38 |
#include "libdefs.h" |
39 |
#include "swap.h" |
40 |
#include "serpent.h" |
41 |
|
42 |
/* Partially optimised Serpent S Box boolean functions derived */ |
43 |
/* using a recursive descent analyser but without a full search */ |
44 |
/* of all subtrees. This set of S boxes is the result of work */ |
45 |
/* by Sam Simpson and Brian Gladman using the spare time on a */ |
46 |
/* cluster of high capacity servers to search for S boxes with */ |
47 |
/* this customised search engine. */ |
48 |
/* */ |
49 |
/* Copyright: Dr B. R Gladman (gladman@seven77.demon.co.uk) */ |
50 |
/* and Sam Simpson (s.simpson@mia.co.uk) */ |
51 |
/* 17th December 1998 */ |
52 |
/* */ |
53 |
/* We hereby give permission for information in this file to be */ |
54 |
/* used freely subject only to acknowledgement of its origin */ |
55 |
|
56 |
/* 15 terms */ |
57 |
|
58 |
#define sb0(a,b,c,d,e,f,g,h) \ |
59 |
t1 = a ^ d; \ |
60 |
t2 = a & d; \ |
61 |
t3 = c ^ t1; \ |
62 |
t6 = b & t1; \ |
63 |
t4 = b ^ t3; \ |
64 |
t10 = ~t3; \ |
65 |
h = t2 ^ t4; \ |
66 |
t7 = a ^ t6; \ |
67 |
t14 = ~t7; \ |
68 |
t8 = c | t7; \ |
69 |
t11 = t3 ^ t7; \ |
70 |
g = t4 ^ t8; \ |
71 |
t12 = h & t11; \ |
72 |
f = t10 ^ t12; \ |
73 |
e = t12 ^ t14 |
74 |
|
75 |
/* 15 terms */ |
76 |
|
77 |
#define ib0(a,b,c,d,e,f,g,h) \ |
78 |
t1 = ~a; \ |
79 |
t2 = a ^ b; \ |
80 |
t3 = t1 | t2; \ |
81 |
t4 = d ^ t3; \ |
82 |
t7 = d & t2; \ |
83 |
t5 = c ^ t4; \ |
84 |
t8 = t1 ^ t7; \ |
85 |
g = t2 ^ t5; \ |
86 |
t11 = a & t4; \ |
87 |
t9 = g & t8; \ |
88 |
t14 = t5 ^ t8; \ |
89 |
f = t4 ^ t9; \ |
90 |
t12 = t5 | f; \ |
91 |
h = t11 ^ t12; \ |
92 |
e = h ^ t14 |
93 |
|
94 |
/* 14 terms! */ |
95 |
|
96 |
#define sb1(a,b,c,d,e,f,g,h) \ |
97 |
t1 = ~a; \ |
98 |
t2 = b ^ t1; \ |
99 |
t3 = a | t2; \ |
100 |
t4 = d | t2; \ |
101 |
t5 = c ^ t3; \ |
102 |
g = d ^ t5; \ |
103 |
t7 = b ^ t4; \ |
104 |
t8 = t2 ^ g; \ |
105 |
t9 = t5 & t7; \ |
106 |
h = t8 ^ t9; \ |
107 |
t11 = t5 ^ t7; \ |
108 |
f = h ^ t11; \ |
109 |
t13 = t8 & t11; \ |
110 |
e = t5 ^ t13 |
111 |
|
112 |
/* 17 terms */ |
113 |
|
114 |
#define ib1(a,b,c,d,e,f,g,h) \ |
115 |
t1 = a ^ d; \ |
116 |
t2 = a & b; \ |
117 |
t3 = b ^ c; \ |
118 |
t4 = a ^ t3; \ |
119 |
t5 = b | d; \ |
120 |
t7 = c | t1; \ |
121 |
h = t4 ^ t5; \ |
122 |
t8 = b ^ t7; \ |
123 |
t11 = ~t2; \ |
124 |
t9 = t4 & t8; \ |
125 |
f = t1 ^ t9; \ |
126 |
t13 = t9 ^ t11; \ |
127 |
t12 = h & f; \ |
128 |
g = t12 ^ t13; \ |
129 |
t15 = a & d; \ |
130 |
t16 = c ^ t13; \ |
131 |
e = t15 ^ t16 |
132 |
|
133 |
/* 16 terms */ |
134 |
|
135 |
#define sb2(a,b,c,d,e,f,g,h) \ |
136 |
t1 = ~a; \ |
137 |
t2 = b ^ d; \ |
138 |
t3 = c & t1; \ |
139 |
t13 = d | t1; \ |
140 |
e = t2 ^ t3; \ |
141 |
t5 = c ^ t1; \ |
142 |
t6 = c ^ e; \ |
143 |
t7 = b & t6; \ |
144 |
t10 = e | t5; \ |
145 |
h = t5 ^ t7; \ |
146 |
t9 = d | t7; \ |
147 |
t11 = t9 & t10; \ |
148 |
t14 = t2 ^ h; \ |
149 |
g = a ^ t11; \ |
150 |
t15 = g ^ t13; \ |
151 |
f = t14 ^ t15 |
152 |
|
153 |
/* 16 terms */ |
154 |
|
155 |
#define ib2(a,b,c,d,e,f,g,h) \ |
156 |
t1 = b ^ d; \ |
157 |
t2 = ~t1; \ |
158 |
t3 = a ^ c; \ |
159 |
t4 = c ^ t1; \ |
160 |
t7 = a | t2; \ |
161 |
t5 = b & t4; \ |
162 |
t8 = d ^ t7; \ |
163 |
t11 = ~t4; \ |
164 |
e = t3 ^ t5; \ |
165 |
t9 = t3 | t8; \ |
166 |
t14 = d & t11; \ |
167 |
h = t1 ^ t9; \ |
168 |
t12 = e | h; \ |
169 |
f = t11 ^ t12; \ |
170 |
t15 = t3 ^ t12; \ |
171 |
g = t14 ^ t15 |
172 |
|
173 |
/* 17 terms */ |
174 |
|
175 |
#define sb3(a,b,c,d,e,f,g,h) \ |
176 |
t1 = a ^ c; \ |
177 |
t2 = d ^ t1; \ |
178 |
t3 = a & t2; \ |
179 |
t4 = d ^ t3; \ |
180 |
t5 = b & t4; \ |
181 |
g = t2 ^ t5; \ |
182 |
t7 = a | g; \ |
183 |
t8 = b | d; \ |
184 |
t11 = a | d; \ |
185 |
t9 = t4 & t7; \ |
186 |
f = t8 ^ t9; \ |
187 |
t12 = b ^ t11; \ |
188 |
t13 = g ^ t9; \ |
189 |
t15 = t3 ^ t8; \ |
190 |
h = t12 ^ t13; \ |
191 |
t16 = c & t15; \ |
192 |
e = t12 ^ t16 |
193 |
|
194 |
/* 16 term solution that performs less well than 17 term one |
195 |
in my environment (PPro/PII) |
196 |
|
197 |
#define sb3(a,b,c,d,e,f,g,h) \ |
198 |
t1 = a ^ b; \ |
199 |
t2 = a & c; \ |
200 |
t3 = a | d; \ |
201 |
t4 = c ^ d; \ |
202 |
t5 = t1 & t3; \ |
203 |
t6 = t2 | t5; \ |
204 |
g = t4 ^ t6; \ |
205 |
t8 = b ^ t3; \ |
206 |
t9 = t6 ^ t8; \ |
207 |
t10 = t4 & t9; \ |
208 |
e = t1 ^ t10; \ |
209 |
t12 = g & e; \ |
210 |
f = t9 ^ t12; \ |
211 |
t14 = b | d; \ |
212 |
t15 = t4 ^ t12; \ |
213 |
h = t14 ^ t15 |
214 |
*/ |
215 |
|
216 |
/* 17 terms */ |
217 |
|
218 |
#define ib3(a,b,c,d,e,f,g,h) \ |
219 |
t1 = b ^ c; \ |
220 |
t2 = b | c; \ |
221 |
t3 = a ^ c; \ |
222 |
t7 = a ^ d; \ |
223 |
t4 = t2 ^ t3; \ |
224 |
t5 = d | t4; \ |
225 |
t9 = t2 ^ t7; \ |
226 |
e = t1 ^ t5; \ |
227 |
t8 = t1 | t5; \ |
228 |
t11 = a & t4; \ |
229 |
g = t8 ^ t9; \ |
230 |
t12 = e | t9; \ |
231 |
f = t11 ^ t12; \ |
232 |
t14 = a & g; \ |
233 |
t15 = t2 ^ t14; \ |
234 |
t16 = e & t15; \ |
235 |
h = t4 ^ t16 |
236 |
|
237 |
/* 15 terms */ |
238 |
|
239 |
#define sb4(a,b,c,d,e,f,g,h) \ |
240 |
t1 = a ^ d; \ |
241 |
t2 = d & t1; \ |
242 |
t3 = c ^ t2; \ |
243 |
t4 = b | t3; \ |
244 |
h = t1 ^ t4; \ |
245 |
t6 = ~b; \ |
246 |
t7 = t1 | t6; \ |
247 |
e = t3 ^ t7; \ |
248 |
t9 = a & e; \ |
249 |
t10 = t1 ^ t6; \ |
250 |
t11 = t4 & t10; \ |
251 |
g = t9 ^ t11; \ |
252 |
t13 = a ^ t3; \ |
253 |
t14 = t10 & g; \ |
254 |
f = t13 ^ t14 |
255 |
|
256 |
/* 17 terms */ |
257 |
|
258 |
#define ib4(a,b,c,d,e,f,g,h) \ |
259 |
t1 = c ^ d; \ |
260 |
t2 = c | d; \ |
261 |
t3 = b ^ t2; \ |
262 |
t4 = a & t3; \ |
263 |
f = t1 ^ t4; \ |
264 |
t6 = a ^ d; \ |
265 |
t7 = b | d; \ |
266 |
t8 = t6 & t7; \ |
267 |
h = t3 ^ t8; \ |
268 |
t10 = ~a; \ |
269 |
t11 = c ^ h; \ |
270 |
t12 = t10 | t11;\ |
271 |
e = t3 ^ t12; \ |
272 |
t14 = c | t4; \ |
273 |
t15 = t7 ^ t14; \ |
274 |
t16 = h | t10; \ |
275 |
g = t15 ^ t16 |
276 |
|
277 |
/* 16 terms */ |
278 |
|
279 |
#define sb5(a,b,c,d,e,f,g,h) \ |
280 |
t1 = ~a; \ |
281 |
t2 = a ^ b; \ |
282 |
t3 = a ^ d; \ |
283 |
t4 = c ^ t1; \ |
284 |
t5 = t2 | t3; \ |
285 |
e = t4 ^ t5; \ |
286 |
t7 = d & e; \ |
287 |
t8 = t2 ^ e; \ |
288 |
t10 = t1 | e; \ |
289 |
f = t7 ^ t8; \ |
290 |
t11 = t2 | t7; \ |
291 |
t12 = t3 ^ t10; \ |
292 |
t14 = b ^ t7; \ |
293 |
g = t11 ^ t12; \ |
294 |
t15 = f & t12; \ |
295 |
h = t14 ^ t15 |
296 |
|
297 |
/* 16 terms */ |
298 |
|
299 |
#define ib5(a,b,c,d,e,f,g,h) \ |
300 |
t1 = ~c; \ |
301 |
t2 = b & t1; \ |
302 |
t3 = d ^ t2; \ |
303 |
t4 = a & t3; \ |
304 |
t5 = b ^ t1; \ |
305 |
h = t4 ^ t5; \ |
306 |
t7 = b | h; \ |
307 |
t8 = a & t7; \ |
308 |
f = t3 ^ t8; \ |
309 |
t10 = a | d; \ |
310 |
t11 = t1 ^ t7; \ |
311 |
e = t10 ^ t11; \ |
312 |
t13 = a ^ c; \ |
313 |
t14 = b & t10; \ |
314 |
t15 = t4 | t13; \ |
315 |
g = t14 ^ t15 |
316 |
|
317 |
/* 15 terms */ |
318 |
|
319 |
#define sb6(a,b,c,d,e,f,g,h) \ |
320 |
t1 = ~a; \ |
321 |
t2 = a ^ d; \ |
322 |
t3 = b ^ t2; \ |
323 |
t4 = t1 | t2; \ |
324 |
t5 = c ^ t4; \ |
325 |
f = b ^ t5; \ |
326 |
t13 = ~t5; \ |
327 |
t7 = t2 | f; \ |
328 |
t8 = d ^ t7; \ |
329 |
t9 = t5 & t8; \ |
330 |
g = t3 ^ t9; \ |
331 |
t11 = t5 ^ t8; \ |
332 |
e = g ^ t11; \ |
333 |
t14 = t3 & t11; \ |
334 |
h = t13 ^ t14 |
335 |
|
336 |
/* 15 terms */ |
337 |
|
338 |
#define ib6(a,b,c,d,e,f,g,h) \ |
339 |
t1 = ~a; \ |
340 |
t2 = a ^ b; \ |
341 |
t3 = c ^ t2; \ |
342 |
t4 = c | t1; \ |
343 |
t5 = d ^ t4; \ |
344 |
t13 = d & t1; \ |
345 |
f = t3 ^ t5; \ |
346 |
t7 = t3 & t5; \ |
347 |
t8 = t2 ^ t7; \ |
348 |
t9 = b | t8; \ |
349 |
h = t5 ^ t9; \ |
350 |
t11 = b | h; \ |
351 |
e = t8 ^ t11; \ |
352 |
t14 = t3 ^ t11; \ |
353 |
g = t13 ^ t14 |
354 |
|
355 |
/* 17 terms */ |
356 |
|
357 |
#define sb7(a,b,c,d,e,f,g,h) \ |
358 |
t1 = ~c; \ |
359 |
t2 = b ^ c; \ |
360 |
t3 = b | t1; \ |
361 |
t4 = d ^ t3; \ |
362 |
t5 = a & t4; \ |
363 |
t7 = a ^ d; \ |
364 |
h = t2 ^ t5; \ |
365 |
t8 = b ^ t5; \ |
366 |
t9 = t2 | t8; \ |
367 |
t11 = d & t3; \ |
368 |
f = t7 ^ t9; \ |
369 |
t12 = t5 ^ f; \ |
370 |
t15 = t1 | t4; \ |
371 |
t13 = h & t12; \ |
372 |
g = t11 ^ t13; \ |
373 |
t16 = t12 ^ g; \ |
374 |
e = t15 ^ t16 |
375 |
|
376 |
/* 17 terms */ |
377 |
|
378 |
#define ib7(a,b,c,d,e,f,g,h) \ |
379 |
t1 = a & b; \ |
380 |
t2 = a | b; \ |
381 |
t3 = c | t1; \ |
382 |
t4 = d & t2; \ |
383 |
h = t3 ^ t4; \ |
384 |
t6 = ~d; \ |
385 |
t7 = b ^ t4; \ |
386 |
t8 = h ^ t6; \ |
387 |
t11 = c ^ t7; \ |
388 |
t9 = t7 | t8; \ |
389 |
f = a ^ t9; \ |
390 |
t12 = d | f; \ |
391 |
e = t11 ^ t12; \ |
392 |
t14 = a & h; \ |
393 |
t15 = t3 ^ f; \ |
394 |
t16 = e ^ t14; \ |
395 |
g = t15 ^ t16 |
396 |
|
397 |
#define k_xor(r,a,b,c,d) \ |
398 |
a ^= spkey->l_key[4 * r + 8]; \ |
399 |
b ^= spkey->l_key[4 * r + 9]; \ |
400 |
c ^= spkey->l_key[4 * r + 10]; \ |
401 |
d ^= spkey->l_key[4 * r + 11] |
402 |
|
403 |
#define k_set(r,a,b,c,d) \ |
404 |
a = spkey->l_key[4 * r + 8]; \ |
405 |
b = spkey->l_key[4 * r + 9]; \ |
406 |
c = spkey->l_key[4 * r + 10]; \ |
407 |
d = spkey->l_key[4 * r + 11] |
408 |
|
409 |
#define k_get(r,a,b,c,d) \ |
410 |
spkey->l_key[4 * r + 8] = a; \ |
411 |
spkey->l_key[4 * r + 9] = b; \ |
412 |
spkey->l_key[4 * r + 10] = c; \ |
413 |
spkey->l_key[4 * r + 11] = d |
414 |
|
415 |
/* the linear transformation and its inverse */ |
416 |
|
417 |
#define rot(a,b,c,d) \ |
418 |
a = rotl(a, 13); \ |
419 |
c = rotl(c, 3); \ |
420 |
d ^= c ^ (a << 3); \ |
421 |
b ^= a ^ c; \ |
422 |
d = rotl(d, 7); \ |
423 |
b = rotl(b, 1); \ |
424 |
a ^= b ^ d; \ |
425 |
c ^= d ^ (b << 7); \ |
426 |
a = rotl(a, 5); \ |
427 |
c = rotl(c, 22) |
428 |
|
429 |
#define irot(a,b,c,d) \ |
430 |
c = rotr(c, 22); \ |
431 |
a = rotr(a, 5); \ |
432 |
c ^= d ^ (b << 7); \ |
433 |
a ^= b ^ d; \ |
434 |
d = rotr(d, 7); \ |
435 |
b = rotr(b, 1); \ |
436 |
d ^= c ^ (a << 3); \ |
437 |
b ^= a ^ c; \ |
438 |
c = rotr(c, 3); \ |
439 |
a = rotr(a, 13) |
440 |
|
441 |
/* initialise the key schedule from the user supplied key */ |
442 |
|
443 |
void _mcrypt_serpent_set_key(SERPENT_KEY * spkey, const word32* in_key, |
444 |
word32 key_len) |
445 |
{ |
446 |
word32 i, lk, a, b, c, d, e, f, g, h; |
447 |
word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14, |
448 |
t15, t16; |
449 |
|
450 |
key_len *= 8; |
451 |
if (key_len > 256) |
452 |
|
453 |
return; |
454 |
|
455 |
i = 0; |
456 |
lk = (key_len + 31) / 32; |
457 |
|
458 |
while (i < lk) { |
459 |
#ifdef WORDS_BIGENDIAN |
460 |
spkey->l_key[i] = byteswap(in_key[i]); |
461 |
#else |
462 |
spkey->l_key[i] = (in_key[i]); |
463 |
#endif |
464 |
i++; |
465 |
} |
466 |
|
467 |
if (key_len < 256) { |
468 |
while (i < 8) |
469 |
|
470 |
spkey->l_key[i++] = 0; |
471 |
|
472 |
i = key_len / 32; |
473 |
lk = 1 << key_len % 32; |
474 |
spkey->l_key[i] = (spkey->l_key[i] & (lk - 1)) | lk; |
475 |
} |
476 |
|
477 |
for (i = 0; i < 132; ++i) { |
478 |
lk = |
479 |
spkey->l_key[i] ^ spkey->l_key[i + |
480 |
3] ^ spkey->l_key[i + |
481 |
5] ^ |
482 |
spkey->l_key[i + 7] ^ 0x9e3779b9 ^ i; |
483 |
|
484 |
spkey->l_key[i + 8] = (lk << 11) | (lk >> 21); |
485 |
} |
486 |
|
487 |
k_set(0, a, b, c, d); |
488 |
sb3(a, b, c, d, e, f, g, h); |
489 |
k_get(0, e, f, g, h); |
490 |
k_set(1, a, b, c, d); |
491 |
sb2(a, b, c, d, e, f, g, h); |
492 |
k_get(1, e, f, g, h); |
493 |
k_set(2, a, b, c, d); |
494 |
sb1(a, b, c, d, e, f, g, h); |
495 |
k_get(2, e, f, g, h); |
496 |
k_set(3, a, b, c, d); |
497 |
sb0(a, b, c, d, e, f, g, h); |
498 |
k_get(3, e, f, g, h); |
499 |
k_set(4, a, b, c, d); |
500 |
sb7(a, b, c, d, e, f, g, h); |
501 |
k_get(4, e, f, g, h); |
502 |
k_set(5, a, b, c, d); |
503 |
sb6(a, b, c, d, e, f, g, h); |
504 |
k_get(5, e, f, g, h); |
505 |
k_set(6, a, b, c, d); |
506 |
sb5(a, b, c, d, e, f, g, h); |
507 |
k_get(6, e, f, g, h); |
508 |
k_set(7, a, b, c, d); |
509 |
sb4(a, b, c, d, e, f, g, h); |
510 |
k_get(7, e, f, g, h); |
511 |
k_set(8, a, b, c, d); |
512 |
sb3(a, b, c, d, e, f, g, h); |
513 |
k_get(8, e, f, g, h); |
514 |
k_set(9, a, b, c, d); |
515 |
sb2(a, b, c, d, e, f, g, h); |
516 |
k_get(9, e, f, g, h); |
517 |
k_set(10, a, b, c, d); |
518 |
sb1(a, b, c, d, e, f, g, h); |
519 |
k_get(10, e, f, g, h); |
520 |
k_set(11, a, b, c, d); |
521 |
sb0(a, b, c, d, e, f, g, h); |
522 |
k_get(11, e, f, g, h); |
523 |
k_set(12, a, b, c, d); |
524 |
sb7(a, b, c, d, e, f, g, h); |
525 |
k_get(12, e, f, g, h); |
526 |
k_set(13, a, b, c, d); |
527 |
sb6(a, b, c, d, e, f, g, h); |
528 |
k_get(13, e, f, g, h); |
529 |
k_set(14, a, b, c, d); |
530 |
sb5(a, b, c, d, e, f, g, h); |
531 |
k_get(14, e, f, g, h); |
532 |
k_set(15, a, b, c, d); |
533 |
sb4(a, b, c, d, e, f, g, h); |
534 |
k_get(15, e, f, g, h); |
535 |
k_set(16, a, b, c, d); |
536 |
sb3(a, b, c, d, e, f, g, h); |
537 |
k_get(16, e, f, g, h); |
538 |
k_set(17, a, b, c, d); |
539 |
sb2(a, b, c, d, e, f, g, h); |
540 |
k_get(17, e, f, g, h); |
541 |
k_set(18, a, b, c, d); |
542 |
sb1(a, b, c, d, e, f, g, h); |
543 |
k_get(18, e, f, g, h); |
544 |
k_set(19, a, b, c, d); |
545 |
sb0(a, b, c, d, e, f, g, h); |
546 |
k_get(19, e, f, g, h); |
547 |
k_set(20, a, b, c, d); |
548 |
sb7(a, b, c, d, e, f, g, h); |
549 |
k_get(20, e, f, g, h); |
550 |
k_set(21, a, b, c, d); |
551 |
sb6(a, b, c, d, e, f, g, h); |
552 |
k_get(21, e, f, g, h); |
553 |
k_set(22, a, b, c, d); |
554 |
sb5(a, b, c, d, e, f, g, h); |
555 |
k_get(22, e, f, g, h); |
556 |
k_set(23, a, b, c, d); |
557 |
sb4(a, b, c, d, e, f, g, h); |
558 |
k_get(23, e, f, g, h); |
559 |
k_set(24, a, b, c, d); |
560 |
sb3(a, b, c, d, e, f, g, h); |
561 |
k_get(24, e, f, g, h); |
562 |
k_set(25, a, b, c, d); |
563 |
sb2(a, b, c, d, e, f, g, h); |
564 |
k_get(25, e, f, g, h); |
565 |
k_set(26, a, b, c, d); |
566 |
sb1(a, b, c, d, e, f, g, h); |
567 |
k_get(26, e, f, g, h); |
568 |
k_set(27, a, b, c, d); |
569 |
sb0(a, b, c, d, e, f, g, h); |
570 |
k_get(27, e, f, g, h); |
571 |
k_set(28, a, b, c, d); |
572 |
sb7(a, b, c, d, e, f, g, h); |
573 |
k_get(28, e, f, g, h); |
574 |
k_set(29, a, b, c, d); |
575 |
sb6(a, b, c, d, e, f, g, h); |
576 |
k_get(29, e, f, g, h); |
577 |
k_set(30, a, b, c, d); |
578 |
sb5(a, b, c, d, e, f, g, h); |
579 |
k_get(30, e, f, g, h); |
580 |
k_set(31, a, b, c, d); |
581 |
sb4(a, b, c, d, e, f, g, h); |
582 |
k_get(31, e, f, g, h); |
583 |
k_set(32, a, b, c, d); |
584 |
sb3(a, b, c, d, e, f, g, h); |
585 |
k_get(32, e, f, g, h); |
586 |
|
587 |
return; |
588 |
} |
589 |
|
590 |
/* encrypt a block of text */ |
591 |
|
592 |
void _mcrypt_serpent_encrypt(SERPENT_KEY * spkey, word32* in_blk) |
593 |
{ |
594 |
word32 a, b, c, d, e, f, g, h; |
595 |
word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14, |
596 |
t15, t16; |
597 |
|
598 |
#ifdef WORDS_BIGENDIAN |
599 |
a = byteswap(in_blk[0]); |
600 |
b = byteswap(in_blk[1]); |
601 |
c = byteswap(in_blk[2]); |
602 |
d = byteswap(in_blk[3]); |
603 |
#else |
604 |
a = in_blk[0]; |
605 |
b = in_blk[1]; |
606 |
c = in_blk[2]; |
607 |
d = in_blk[3]; |
608 |
#endif |
609 |
|
610 |
k_xor(0, a, b, c, d); |
611 |
sb0(a, b, c, d, e, f, g, h); |
612 |
rot(e, f, g, h); |
613 |
k_xor(1, e, f, g, h); |
614 |
sb1(e, f, g, h, a, b, c, d); |
615 |
rot(a, b, c, d); |
616 |
k_xor(2, a, b, c, d); |
617 |
sb2(a, b, c, d, e, f, g, h); |
618 |
rot(e, f, g, h); |
619 |
k_xor(3, e, f, g, h); |
620 |
sb3(e, f, g, h, a, b, c, d); |
621 |
rot(a, b, c, d); |
622 |
k_xor(4, a, b, c, d); |
623 |
sb4(a, b, c, d, e, f, g, h); |
624 |
rot(e, f, g, h); |
625 |
k_xor(5, e, f, g, h); |
626 |
sb5(e, f, g, h, a, b, c, d); |
627 |
rot(a, b, c, d); |
628 |
k_xor(6, a, b, c, d); |
629 |
sb6(a, b, c, d, e, f, g, h); |
630 |
rot(e, f, g, h); |
631 |
k_xor(7, e, f, g, h); |
632 |
sb7(e, f, g, h, a, b, c, d); |
633 |
rot(a, b, c, d); |
634 |
k_xor(8, a, b, c, d); |
635 |
sb0(a, b, c, d, e, f, g, h); |
636 |
rot(e, f, g, h); |
637 |
k_xor(9, e, f, g, h); |
638 |
sb1(e, f, g, h, a, b, c, d); |
639 |
rot(a, b, c, d); |
640 |
k_xor(10, a, b, c, d); |
641 |
sb2(a, b, c, d, e, f, g, h); |
642 |
rot(e, f, g, h); |
643 |
k_xor(11, e, f, g, h); |
644 |
sb3(e, f, g, h, a, b, c, d); |
645 |
rot(a, b, c, d); |
646 |
k_xor(12, a, b, c, d); |
647 |
sb4(a, b, c, d, e, f, g, h); |
648 |
rot(e, f, g, h); |
649 |
k_xor(13, e, f, g, h); |
650 |
sb5(e, f, g, h, a, b, c, d); |
651 |
rot(a, b, c, d); |
652 |
k_xor(14, a, b, c, d); |
653 |
sb6(a, b, c, d, e, f, g, h); |
654 |
rot(e, f, g, h); |
655 |
k_xor(15, e, f, g, h); |
656 |
sb7(e, f, g, h, a, b, c, d); |
657 |
rot(a, b, c, d); |
658 |
k_xor(16, a, b, c, d); |
659 |
sb0(a, b, c, d, e, f, g, h); |
660 |
rot(e, f, g, h); |
661 |
k_xor(17, e, f, g, h); |
662 |
sb1(e, f, g, h, a, b, c, d); |
663 |
rot(a, b, c, d); |
664 |
k_xor(18, a, b, c, d); |
665 |
sb2(a, b, c, d, e, f, g, h); |
666 |
rot(e, f, g, h); |
667 |
k_xor(19, e, f, g, h); |
668 |
sb3(e, f, g, h, a, b, c, d); |
669 |
rot(a, b, c, d); |
670 |
k_xor(20, a, b, c, d); |
671 |
sb4(a, b, c, d, e, f, g, h); |
672 |
rot(e, f, g, h); |
673 |
k_xor(21, e, f, g, h); |
674 |
sb5(e, f, g, h, a, b, c, d); |
675 |
rot(a, b, c, d); |
676 |
k_xor(22, a, b, c, d); |
677 |
sb6(a, b, c, d, e, f, g, h); |
678 |
rot(e, f, g, h); |
679 |
k_xor(23, e, f, g, h); |
680 |
sb7(e, f, g, h, a, b, c, d); |
681 |
rot(a, b, c, d); |
682 |
k_xor(24, a, b, c, d); |
683 |
sb0(a, b, c, d, e, f, g, h); |
684 |
rot(e, f, g, h); |
685 |
k_xor(25, e, f, g, h); |
686 |
sb1(e, f, g, h, a, b, c, d); |
687 |
rot(a, b, c, d); |
688 |
k_xor(26, a, b, c, d); |
689 |
sb2(a, b, c, d, e, f, g, h); |
690 |
rot(e, f, g, h); |
691 |
k_xor(27, e, f, g, h); |
692 |
sb3(e, f, g, h, a, b, c, d); |
693 |
rot(a, b, c, d); |
694 |
k_xor(28, a, b, c, d); |
695 |
sb4(a, b, c, d, e, f, g, h); |
696 |
rot(e, f, g, h); |
697 |
k_xor(29, e, f, g, h); |
698 |
sb5(e, f, g, h, a, b, c, d); |
699 |
rot(a, b, c, d); |
700 |
k_xor(30, a, b, c, d); |
701 |
sb6(a, b, c, d, e, f, g, h); |
702 |
rot(e, f, g, h); |
703 |
k_xor(31, e, f, g, h); |
704 |
sb7(e, f, g, h, a, b, c, d); |
705 |
k_xor(32, a, b, c, d); |
706 |
|
707 |
#ifdef WORDS_BIGENDIAN |
708 |
in_blk[0] = byteswap(a); |
709 |
in_blk[1] = byteswap(b); |
710 |
in_blk[2] = byteswap(c); |
711 |
in_blk[3] = byteswap(d); |
712 |
#else |
713 |
in_blk[0] = a; |
714 |
in_blk[1] = b; |
715 |
in_blk[2] = c; |
716 |
in_blk[3] = d; |
717 |
#endif |
718 |
} |
719 |
|
720 |
/* decrypt a block of text */ |
721 |
|
722 |
void _mcrypt_serpent_decrypt(SERPENT_KEY * spkey, word32 *in_blk) |
723 |
{ |
724 |
word32 a, b, c, d, e, f, g, h; |
725 |
word32 t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14, |
726 |
t15, t16; |
727 |
|
728 |
#ifdef WORDS_BIGENDIAN |
729 |
a = byteswap(in_blk[0]); |
730 |
b = byteswap(in_blk[1]); |
731 |
c = byteswap(in_blk[2]); |
732 |
d = byteswap(in_blk[3]); |
733 |
#else |
734 |
a = in_blk[0]; |
735 |
b = in_blk[1]; |
736 |
c = in_blk[2]; |
737 |
d = in_blk[3]; |
738 |
#endif |
739 |
|
740 |
k_xor(32, a, b, c, d); |
741 |
ib7(a, b, c, d, e, f, g, h); |
742 |
k_xor(31, e, f, g, h); |
743 |
irot(e, f, g, h); |
744 |
ib6(e, f, g, h, a, b, c, d); |
745 |
k_xor(30, a, b, c, d); |
746 |
irot(a, b, c, d); |
747 |
ib5(a, b, c, d, e, f, g, h); |
748 |
k_xor(29, e, f, g, h); |
749 |
irot(e, f, g, h); |
750 |
ib4(e, f, g, h, a, b, c, d); |
751 |
k_xor(28, a, b, c, d); |
752 |
irot(a, b, c, d); |
753 |
ib3(a, b, c, d, e, f, g, h); |
754 |
k_xor(27, e, f, g, h); |
755 |
irot(e, f, g, h); |
756 |
ib2(e, f, g, h, a, b, c, d); |
757 |
k_xor(26, a, b, c, d); |
758 |
irot(a, b, c, d); |
759 |
ib1(a, b, c, d, e, f, g, h); |
760 |
k_xor(25, e, f, g, h); |
761 |
irot(e, f, g, h); |
762 |
ib0(e, f, g, h, a, b, c, d); |
763 |
k_xor(24, a, b, c, d); |
764 |
irot(a, b, c, d); |
765 |
ib7(a, b, c, d, e, f, g, h); |
766 |
k_xor(23, e, f, g, h); |
767 |
irot(e, f, g, h); |
768 |
ib6(e, f, g, h, a, b, c, d); |
769 |
k_xor(22, a, b, c, d); |
770 |
irot(a, b, c, d); |
771 |
ib5(a, b, c, d, e, f, g, h); |
772 |
k_xor(21, e, f, g, h); |
773 |
irot(e, f, g, h); |
774 |
ib4(e, f, g, h, a, b, c, d); |
775 |
k_xor(20, a, b, c, d); |
776 |
irot(a, b, c, d); |
777 |
ib3(a, b, c, d, e, f, g, h); |
778 |
k_xor(19, e, f, g, h); |
779 |
irot(e, f, g, h); |
780 |
ib2(e, f, g, h, a, b, c, d); |
781 |
k_xor(18, a, b, c, d); |
782 |
irot(a, b, c, d); |
783 |
ib1(a, b, c, d, e, f, g, h); |
784 |
k_xor(17, e, f, g, h); |
785 |
irot(e, f, g, h); |
786 |
ib0(e, f, g, h, a, b, c, d); |
787 |
k_xor(16, a, b, c, d); |
788 |
irot(a, b, c, d); |
789 |
ib7(a, b, c, d, e, f, g, h); |
790 |
k_xor(15, e, f, g, h); |
791 |
irot(e, f, g, h); |
792 |
ib6(e, f, g, h, a, b, c, d); |
793 |
k_xor(14, a, b, c, d); |
794 |
irot(a, b, c, d); |
795 |
ib5(a, b, c, d, e, f, g, h); |
796 |
k_xor(13, e, f, g, h); |
797 |
irot(e, f, g, h); |
798 |
ib4(e, f, g, h, a, b, c, d); |
799 |
k_xor(12, a, b, c, d); |
800 |
irot(a, b, c, d); |
801 |
ib3(a, b, c, d, e, f, g, h); |
802 |
k_xor(11, e, f, g, h); |
803 |
irot(e, f, g, h); |
804 |
ib2(e, f, g, h, a, b, c, d); |
805 |
k_xor(10, a, b, c, d); |
806 |
irot(a, b, c, d); |
807 |
ib1(a, b, c, d, e, f, g, h); |
808 |
k_xor(9, e, f, g, h); |
809 |
irot(e, f, g, h); |
810 |
ib0(e, f, g, h, a, b, c, d); |
811 |
k_xor(8, a, b, c, d); |
812 |
irot(a, b, c, d); |
813 |
ib7(a, b, c, d, e, f, g, h); |
814 |
k_xor(7, e, f, g, h); |
815 |
irot(e, f, g, h); |
816 |
ib6(e, f, g, h, a, b, c, d); |
817 |
k_xor(6, a, b, c, d); |
818 |
irot(a, b, c, d); |
819 |
ib5(a, b, c, d, e, f, g, h); |
820 |
k_xor(5, e, f, g, h); |
821 |
irot(e, f, g, h); |
822 |
ib4(e, f, g, h, a, b, c, d); |
823 |
k_xor(4, a, b, c, d); |
824 |
irot(a, b, c, d); |
825 |
ib3(a, b, c, d, e, f, g, h); |
826 |
k_xor(3, e, f, g, h); |
827 |
irot(e, f, g, h); |
828 |
ib2(e, f, g, h, a, b, c, d); |
829 |
k_xor(2, a, b, c, d); |
830 |
irot(a, b, c, d); |
831 |
ib1(a, b, c, d, e, f, g, h); |
832 |
k_xor(1, e, f, g, h); |
833 |
irot(e, f, g, h); |
834 |
ib0(e, f, g, h, a, b, c, d); |
835 |
k_xor(0, a, b, c, d); |
836 |
|
837 |
#ifdef WORDS_BIGENDIAN |
838 |
in_blk[0] = byteswap(a); |
839 |
in_blk[1] = byteswap(b); |
840 |
in_blk[2] = byteswap(c); |
841 |
in_blk[3] = byteswap(d); |
842 |
#else |
843 |
in_blk[0] = a; |
844 |
in_blk[1] = b; |
845 |
in_blk[2] = c; |
846 |
in_blk[3] = d; |
847 |
#endif |
848 |
} |