diff --git a/Doxyfile b/Doxyfile index f172aa1..7c7e195 100644 --- a/Doxyfile +++ b/Doxyfile @@ -23,7 +23,7 @@ PROJECT_NAME = LibTomCrypt # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = 1.12 +PROJECT_NUMBER = 1.13 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. diff --git a/TODO b/TODO index 253469f..ce7fce1 100644 --- a/TODO +++ b/TODO @@ -1,6 +1,2 @@ -- document new math function count_lsb_bits -- add BOOLEAN type to the ASN world - -- ECC fixed point accelerator -- look into X9.63 support [in addition to the LTC style ecc_encrypt_key() not replacing] +- long term, start moving macros like CTR over to LTC_CTR to make LTC a bit more "drop-in-able". diff --git a/changes b/changes index 0222e1b..2bfe328 100644 --- a/changes +++ b/changes @@ -1,3 +1,14 @@ +June 17th, 2005 +v1.13 -- Fixed to fortuna_start() to clean up state if an error occurs. Not really useful at this stage (sha256 can't fail) but useful + if I ever make fortuna pluggable + -- Mike Marin submitted a whole bunch of patches for fixing up the libs on traditional UNIX platforms. Go AIX! Thanks! + -- One of bugs found in the multi demo highlights that at least with gcc you need to pass integers with a UL prefix to ensure + they're unsigned long + -- Updated the FP ECC code to use affine points. It's teh fast. + -- Made it so many functions which return CRYPT_BUFFER_OVERFLOW now also indicate the required buffer size, note that not all functions + do this (most do though). + -- Added F8 chaining mode. It's super neato. + May 29th, 2006 v1.12 -- Fixed OID encoder/decoder/length to properly handle the first two parts of an OID, matches 2002 X.690 now. -- [Wesley Shields] Allows both GMP/LTM and TFM to be defined now. @@ -1453,6 +1464,6 @@ v0.02 -- Changed RC5 to only allow 12 to 24 rounds v0.01 -- We will call this the first version. /* $Source: /cvs/libtom/libtomcrypt/changes,v $ */ -/* $Revision: 1.206 $ */ -/* $Date: 2006/05/29 11:21:25 $ */ +/* $Revision: 1.213 $ */ +/* $Date: 2006/06/18 01:42:59 $ */ diff --git a/crypt.tex b/crypt.tex index 78537c0..81ddaae 100644 --- a/crypt.tex +++ b/crypt.tex @@ -47,7 +47,7 @@ \def\gap{\vspace{0.5ex}} \makeindex \begin{document} -\title{LibTomCrypt \\ Version 1.12} +\title{LibTomCrypt \\ Version 1.13} \author{Tom St Denis \\ \\ tomstdenis@gmail.com \\ @@ -280,8 +280,7 @@ There are 32 and 64-bit cyclic rotations as well: \section{Functions with Variable Length Output} Certain functions such as (for example) ``rsa\_export()'' give an output that is variable length. To prevent buffer overflows you -must pass it the length of the buffer\footnote{Extensive error checking is not in place but it will be in future releases so it is a good idea to follow through with these guidelines.} where -the output will be stored. For example: +must pass it the length of the buffer where the output will be stored. For example: \begin{small} \begin{verbatim} #include @@ -313,6 +312,9 @@ In the above example if the size of the RSA public key was more than 1024 bytes indicating a buffer overflow would have occurred. If the function succeeds it stores the length of the output back into ``x'' so that the calling application will know how many bytes were used. +As of v1.13, most functions will update your length on failure to indicate the size required by the function. Not all functions +support this so please check the source before you rely on it doing that. + \section{Functions that need a PRNG} \index{Pseudo Random Number Generator} \index{PRNG} Certain functions such as ``rsa\_make\_key()'' require a Pseudo Random Number Generator (PRNG). These functions do not setup @@ -5018,6 +5020,14 @@ typedef struct { */ int (*mulmod)(void *a, void *b, void *c, void *d); + /** Modular squaring + @param a The first source + @param b The modulus + @param c The destination (a*a mod b) + @return CRYPT_OK on success + */ + int (*sqrmod)(void *a, void *b, void *c); + /** Modular inversion @param a The value to invert @param b The modulus @@ -5231,5 +5241,5 @@ Since the function is given the entire RSA key (for private keys only) CRT is po \end{document} % $Source: /cvs/libtom/libtomcrypt/crypt.tex,v $ -% $Revision: 1.71 $ -% $Date: 2006/05/29 11:19:08 $ +% $Revision: 1.74 $ +% $Date: 2006/06/18 01:35:41 $ diff --git a/demos/multi.c b/demos/multi.c index 33d17a2..424a190 100644 --- a/demos/multi.c +++ b/demos/multi.c @@ -13,21 +13,21 @@ int main(void) /* HASH testing */ len = sizeof(buf[0]); - hash_memory(find_hash("sha256"), "hello", 5, buf[0], &len); + hash_memory(find_hash("sha256"), (unsigned char*)"hello", 5, buf[0], &len); len2 = sizeof(buf[0]); - hash_memory_multi(find_hash("sha256"), buf[1], &len2, "hello", 5, NULL); + hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"hello", 5, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - hash_memory_multi(find_hash("sha256"), buf[1], &len2, "he", 2, "llo", 3, NULL); + hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL, 0); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - hash_memory_multi(find_hash("sha256"), buf[1], &len2, "h", 1, "e", 1, "l", 1, "l", 1, "o", 1, NULL); + hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; @@ -35,21 +35,21 @@ int main(void) /* HMAC */ len = sizeof(buf[0]); - hmac_memory(find_hash("sha256"), key, 16, "hello", 5, buf[0], &len); + hmac_memory(find_hash("sha256"), key, 16, (unsigned char*)"hello", 5, buf[0], &len); len2 = sizeof(buf[0]); - hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, "hello", 5, NULL); + hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, "he", 2, "llo", 3, NULL); + hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, "h", 1, "e", 1, "l", 1, "l", 1, "o", 1, NULL); + hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; @@ -57,21 +57,21 @@ int main(void) /* OMAC */ len = sizeof(buf[0]); - omac_memory(find_cipher("aes"), key, 16, "hello", 5, buf[0], &len); + omac_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len); len2 = sizeof(buf[0]); - omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "hello", 5, NULL); + omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "he", 2, "llo", 3, NULL); + omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "h", 1, "e", 1, "l", 1, "l", 1, "o", 1, NULL); + omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; @@ -79,21 +79,21 @@ int main(void) /* PMAC */ len = sizeof(buf[0]); - pmac_memory(find_cipher("aes"), key, 16, "hello", 5, buf[0], &len); + pmac_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len); len2 = sizeof(buf[0]); - pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "hello", 5, NULL); + pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "he", 2, "llo", 3, NULL); + pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; } len2 = sizeof(buf[0]); - pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, "h", 1, "e", 1, "l", 1, "l", 1, "o", 1, NULL); + pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL); if (len != len2 || memcmp(buf[0], buf[1], len)) { printf("Failed: %d %lu %lu\n", __LINE__, len, len2); return EXIT_FAILURE; diff --git a/demos/small.c b/demos/small.c index f320424..8d43821 100644 --- a/demos/small.c +++ b/demos/small.c @@ -1,4 +1,4 @@ -// small demo app that just includes a cipher/hash/prng +/* small demo app that just includes a cipher/hash/prng */ #include int main(void) diff --git a/demos/timing.c b/demos/timing.c index 8313332..fc76842 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -16,6 +16,13 @@ reg_algs(); extern ltc_math_descriptor EXT_MATH_LIB; ltc_mp = EXT_MATH_LIB; #endif +time_cipher(); +time_hash(); +time_encmacs(); +time_rsa(); +time_ecc(); +time_ecc(); +return 0; time_keysched(); time_cipher(); time_cipher2(); diff --git a/demos/tv_gen.c b/demos/tv_gen.c index eae4898..4d4db06 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -685,9 +685,9 @@ void ecc_gen(void) while (mp_cmp(k, order) == LTC_MP_LT) { ltc_mp.ecc_ptmul(k, G, R, modulus, 1); - mp_tohex(k, str); fprintf(out, "%s, ", str); - mp_tohex(R->x, str); fprintf(out, "%s, ", str); - mp_tohex(R->y, str); fprintf(out, "%s\n", str); + mp_tohex(k, (char*)str); fprintf(out, "%s, ", (char*)str); + mp_tohex(R->x, (char*)str); fprintf(out, "%s, ", (char*)str); + mp_tohex(R->y, (char*)str); fprintf(out, "%s\n", (char*)str); mp_mul_d(k, 3, k); } } diff --git a/doc/crypt.pdf b/doc/crypt.pdf index 316030b..feae4a7 100644 Binary files a/doc/crypt.pdf and b/doc/crypt.pdf differ diff --git a/makefile b/makefile index b460814..e55c666 100644 --- a/makefile +++ b/makefile @@ -4,7 +4,7 @@ # Modified by Clay Culver # The version -VERSION=1.12 +VERSION=1.13 # Compiler and Linker Names #CC=gcc @@ -150,18 +150,19 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \ src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \ src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \ src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \ -src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \ -src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \ -src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \ -src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \ -src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \ -src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \ -src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/boolean/der_decode_boolean.o \ -src/pk/asn1/der/boolean/der_encode_boolean.o src/pk/asn1/der/boolean/der_length_boolean.o \ -src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \ -src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \ -src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \ -src/pk/asn1/der/integer/der_length_integer.o \ +src/modes/ecb/ecb_start.o src/modes/f8/f8_decrypt.o src/modes/f8/f8_done.o src/modes/f8/f8_encrypt.o \ +src/modes/f8/f8_getiv.o src/modes/f8/f8_setiv.o src/modes/f8/f8_start.o src/modes/f8/f8_test_mode.o \ +src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o src/modes/lrw/lrw_encrypt.o \ +src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o src/modes/lrw/lrw_setiv.o \ +src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \ +src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \ +src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \ +src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \ +src/pk/asn1/der/boolean/der_decode_boolean.o src/pk/asn1/der/boolean/der_encode_boolean.o \ +src/pk/asn1/der/boolean/der_length_boolean.o src/pk/asn1/der/choice/der_decode_choice.o \ +src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \ +src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \ +src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \ src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_length_object_identifier.o \ @@ -366,5 +367,5 @@ zipup: no_oops docs # $Source: /cvs/libtom/libtomcrypt/makefile,v $ -# $Revision: 1.123 $ -# $Date: 2006/05/25 10:33:01 $ +# $Revision: 1.126 $ +# $Date: 2006/06/16 23:52:08 $ diff --git a/makefile.icc b/makefile.icc index dcc06cc..9fd0928 100644 --- a/makefile.icc +++ b/makefile.icc @@ -142,18 +142,19 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \ src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \ src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \ src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \ -src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \ -src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \ -src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \ -src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \ -src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \ -src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \ -src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/boolean/der_decode_boolean.o \ -src/pk/asn1/der/boolean/der_encode_boolean.o src/pk/asn1/der/boolean/der_length_boolean.o \ -src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \ -src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \ -src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \ -src/pk/asn1/der/integer/der_length_integer.o \ +src/modes/ecb/ecb_start.o src/modes/f8/f8_decrypt.o src/modes/f8/f8_done.o src/modes/f8/f8_encrypt.o \ +src/modes/f8/f8_getiv.o src/modes/f8/f8_setiv.o src/modes/f8/f8_start.o src/modes/f8/f8_test_mode.o \ +src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o src/modes/lrw/lrw_encrypt.o \ +src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o src/modes/lrw/lrw_setiv.o \ +src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \ +src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \ +src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \ +src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \ +src/pk/asn1/der/boolean/der_decode_boolean.o src/pk/asn1/der/boolean/der_encode_boolean.o \ +src/pk/asn1/der/boolean/der_length_boolean.o src/pk/asn1/der/choice/der_decode_choice.o \ +src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \ +src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \ +src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \ src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_length_object_identifier.o \ @@ -276,6 +277,6 @@ install: library install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH) # $Source: /cvs/libtom/libtomcrypt/makefile.icc,v $ -# $Revision: 1.56 $ -# $Date: 2006/05/25 10:33:01 $ +# $Revision: 1.58 $ +# $Date: 2006/06/16 23:52:08 $ diff --git a/makefile.msvc b/makefile.msvc index 3e351c7..fa310e0 100644 --- a/makefile.msvc +++ b/makefile.msvc @@ -52,18 +52,19 @@ src/modes/cfb/cfb_getiv.obj src/modes/cfb/cfb_setiv.obj src/modes/cfb/cfb_start. src/modes/ctr/ctr_decrypt.obj src/modes/ctr/ctr_done.obj src/modes/ctr/ctr_encrypt.obj \ src/modes/ctr/ctr_getiv.obj src/modes/ctr/ctr_setiv.obj src/modes/ctr/ctr_start.obj \ src/modes/ecb/ecb_decrypt.obj src/modes/ecb/ecb_done.obj src/modes/ecb/ecb_encrypt.obj \ -src/modes/ecb/ecb_start.obj src/modes/lrw/lrw_decrypt.obj src/modes/lrw/lrw_done.obj \ -src/modes/lrw/lrw_encrypt.obj src/modes/lrw/lrw_getiv.obj src/modes/lrw/lrw_process.obj \ -src/modes/lrw/lrw_setiv.obj src/modes/lrw/lrw_start.obj src/modes/lrw/lrw_test.obj \ -src/modes/ofb/ofb_decrypt.obj src/modes/ofb/ofb_done.obj src/modes/ofb/ofb_encrypt.obj \ -src/modes/ofb/ofb_getiv.obj src/modes/ofb/ofb_setiv.obj src/modes/ofb/ofb_start.obj \ -src/pk/asn1/der/bit/der_decode_bit_string.obj src/pk/asn1/der/bit/der_encode_bit_string.obj \ -src/pk/asn1/der/bit/der_length_bit_string.obj src/pk/asn1/der/boolean/der_decode_boolean.obj \ -src/pk/asn1/der/boolean/der_encode_boolean.obj src/pk/asn1/der/boolean/der_length_boolean.obj \ -src/pk/asn1/der/choice/der_decode_choice.obj src/pk/asn1/der/ia5/der_decode_ia5_string.obj \ -src/pk/asn1/der/ia5/der_encode_ia5_string.obj src/pk/asn1/der/ia5/der_length_ia5_string.obj \ -src/pk/asn1/der/integer/der_decode_integer.obj src/pk/asn1/der/integer/der_encode_integer.obj \ -src/pk/asn1/der/integer/der_length_integer.obj \ +src/modes/ecb/ecb_start.obj src/modes/f8/f8_decrypt.obj src/modes/f8/f8_done.obj src/modes/f8/f8_encrypt.obj \ +src/modes/f8/f8_getiv.obj src/modes/f8/f8_setiv.obj src/modes/f8/f8_start.obj src/modes/f8/f8_test_mode.obj \ +src/modes/lrw/lrw_decrypt.obj src/modes/lrw/lrw_done.obj src/modes/lrw/lrw_encrypt.obj \ +src/modes/lrw/lrw_getiv.obj src/modes/lrw/lrw_process.obj src/modes/lrw/lrw_setiv.obj \ +src/modes/lrw/lrw_start.obj src/modes/lrw/lrw_test.obj src/modes/ofb/ofb_decrypt.obj src/modes/ofb/ofb_done.obj \ +src/modes/ofb/ofb_encrypt.obj src/modes/ofb/ofb_getiv.obj src/modes/ofb/ofb_setiv.obj \ +src/modes/ofb/ofb_start.obj src/pk/asn1/der/bit/der_decode_bit_string.obj \ +src/pk/asn1/der/bit/der_encode_bit_string.obj src/pk/asn1/der/bit/der_length_bit_string.obj \ +src/pk/asn1/der/boolean/der_decode_boolean.obj src/pk/asn1/der/boolean/der_encode_boolean.obj \ +src/pk/asn1/der/boolean/der_length_boolean.obj src/pk/asn1/der/choice/der_decode_choice.obj \ +src/pk/asn1/der/ia5/der_decode_ia5_string.obj src/pk/asn1/der/ia5/der_encode_ia5_string.obj \ +src/pk/asn1/der/ia5/der_length_ia5_string.obj src/pk/asn1/der/integer/der_decode_integer.obj \ +src/pk/asn1/der/integer/der_encode_integer.obj src/pk/asn1/der/integer/der_length_integer.obj \ src/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \ src/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \ src/pk/asn1/der/object_identifier/der_length_object_identifier.obj \ @@ -134,5 +135,5 @@ timing: demos/timing.c library cl $(CFLAGS) demos/timing.c testprof/tomcrypt_prof.lib tomcrypt.lib advapi32.lib $(EXTRALIBS) # $Source: /cvs/libtom/libtomcrypt/makefile.msvc,v $ -# $Revision: 1.34 $ -# $Date: 2006/05/25 10:33:01 $ +# $Revision: 1.36 $ +# $Date: 2006/06/16 23:52:08 $ diff --git a/makefile.shared b/makefile.shared index 6f01bc8..4bef699 100644 --- a/makefile.shared +++ b/makefile.shared @@ -6,7 +6,7 @@ # Tom St Denis # The version -VERSION=0:112 +VERSION=0:113 # Compiler and Linker Names CC=libtool --mode=compile --tag=CC gcc @@ -147,18 +147,19 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \ src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \ src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \ src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \ -src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \ -src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \ -src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \ -src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \ -src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \ -src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \ -src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/boolean/der_decode_boolean.o \ -src/pk/asn1/der/boolean/der_encode_boolean.o src/pk/asn1/der/boolean/der_length_boolean.o \ -src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \ -src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \ -src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \ -src/pk/asn1/der/integer/der_length_integer.o \ +src/modes/ecb/ecb_start.o src/modes/f8/f8_decrypt.o src/modes/f8/f8_done.o src/modes/f8/f8_encrypt.o \ +src/modes/f8/f8_getiv.o src/modes/f8/f8_setiv.o src/modes/f8/f8_start.o src/modes/f8/f8_test_mode.o \ +src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o src/modes/lrw/lrw_encrypt.o \ +src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o src/modes/lrw/lrw_setiv.o \ +src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \ +src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \ +src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \ +src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \ +src/pk/asn1/der/boolean/der_decode_boolean.o src/pk/asn1/der/boolean/der_encode_boolean.o \ +src/pk/asn1/der/boolean/der_length_boolean.o src/pk/asn1/der/choice/der_decode_choice.o \ +src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \ +src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \ +src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \ src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \ src/pk/asn1/der/object_identifier/der_length_object_identifier.o \ @@ -264,5 +265,5 @@ timing: library testprof/$(LIBTEST) $(TIMINGS) gcc -o $(TIMING) $(TIMINGS) -ltomcrypt_prof -ltomcrypt $(EXTRALIBS) # $Source: /cvs/libtom/libtomcrypt/makefile.shared,v $ -# $Revision: 1.55 $ -# $Date: 2006/05/25 10:33:01 $ +# $Revision: 1.58 $ +# $Date: 2006/06/16 23:52:08 $ diff --git a/src/ciphers/anubis.c b/src/ciphers/anubis.c index c23ad66..3cd8bcf 100644 --- a/src/ciphers/anubis.c +++ b/src/ciphers/anubis.c @@ -1,1558 +1,1558 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com - */ - -/** - @file anubis.c - Anubis implementation derived from public domain source - Authors: Paulo S.L.M. Barreto and Vincent Rijmen. -*/ - -#include "tomcrypt.h" - -#ifdef ANUBIS - -const struct ltc_cipher_descriptor anubis_desc = { - "anubis", - 19, - 16, 40, 16, 12, - &anubis_setup, - &anubis_ecb_encrypt, - &anubis_ecb_decrypt, - &anubis_test, - &anubis_done, - &anubis_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -#define MIN_N 4 -#define MAX_N 10 -#define MIN_ROUNDS (8 + MIN_N) -#define MAX_ROUNDS (8 + MAX_N) -#define MIN_KEYSIZEB (4*MIN_N) -#define MAX_KEYSIZEB (4*MAX_N) -#define BLOCKSIZE 128 -#define BLOCKSIZEB (BLOCKSIZE/8) - - -/* - * Though Anubis is endianness-neutral, the encryption tables are listed - * in BIG-ENDIAN format, which is adopted throughout this implementation - * (but little-endian notation would be equally suitable if consistently - * employed). - */ -#if defined(ANUBIS_TWEAK) - -static const ulong32 T0[256] = { - 0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U, - 0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U, - 0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U, - 0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U, - 0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU, - 0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U, - 0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U, - 0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U, - 0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU, - 0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U, - 0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U, - 0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU, - 0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U, - 0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U, - 0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U, - 0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U, - 0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U, - 0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U, - 0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U, - 0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U, - 0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U, - 0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U, - 0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U, - 0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U, - 0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU, - 0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU, - 0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU, - 0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U, - 0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU, - 0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU, - 0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U, - 0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U, - 0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U, - 0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U, - 0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U, - 0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U, - 0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU, - 0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU, - 0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU, - 0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU, - 0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU, - 0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU, - 0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU, - 0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U, - 0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU, - 0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U, - 0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU, - 0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU, - 0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U, - 0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U, - 0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U, - 0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU, - 0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU, - 0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U, - 0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U, - 0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U, - 0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U, - 0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU, - 0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU, - 0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U, - 0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU, - 0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU, - 0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU, - 0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U, -}; - -static const ulong32 T1[256] = { - 0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU, - 0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U, - 0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U, - 0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU, - 0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U, - 0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U, - 0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU, - 0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U, - 0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U, - 0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U, - 0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU, - 0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U, - 0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U, - 0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U, - 0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U, - 0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU, - 0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U, - 0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U, - 0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU, - 0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU, - 0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U, - 0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U, - 0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U, - 0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U, - 0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U, - 0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU, - 0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U, - 0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U, - 0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U, - 0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU, - 0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U, - 0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U, - 0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU, - 0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U, - 0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU, - 0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU, - 0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU, - 0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U, - 0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU, - 0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU, - 0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU, - 0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U, - 0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U, - 0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U, - 0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U, - 0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U, - 0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U, - 0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU, - 0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U, - 0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U, - 0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U, - 0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U, - 0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U, - 0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU, - 0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U, - 0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U, - 0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U, - 0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U, - 0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU, - 0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU, - 0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U, - 0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU, - 0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U, - 0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U, -}; - -static const ulong32 T2[256] = { - 0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U, - 0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU, - 0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U, - 0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U, - 0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU, - 0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U, - 0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU, - 0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U, - 0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU, - 0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU, - 0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U, - 0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U, - 0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U, - 0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU, - 0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U, - 0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U, - 0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U, - 0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U, - 0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU, - 0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU, - 0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U, - 0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU, - 0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU, - 0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U, - 0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU, - 0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U, - 0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U, - 0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU, - 0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U, - 0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U, - 0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU, - 0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U, - 0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU, - 0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U, - 0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU, - 0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U, - 0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U, - 0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U, - 0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U, - 0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U, - 0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U, - 0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U, - 0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U, - 0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU, - 0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU, - 0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU, - 0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU, - 0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U, - 0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U, - 0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U, - 0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U, - 0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU, - 0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU, - 0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U, - 0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U, - 0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU, - 0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U, - 0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU, - 0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U, - 0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U, - 0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU, - 0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U, - 0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU, - 0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U, -}; - -static const ulong32 T3[256] = { - 0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U, - 0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU, - 0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU, - 0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU, - 0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U, - 0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U, - 0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U, - 0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU, - 0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU, - 0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU, - 0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U, - 0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U, - 0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U, - 0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU, - 0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU, - 0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU, - 0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU, - 0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU, - 0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U, - 0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU, - 0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U, - 0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U, - 0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U, - 0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U, - 0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U, - 0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU, - 0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU, - 0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U, - 0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U, - 0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U, - 0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U, - 0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU, - 0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U, - 0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU, - 0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U, - 0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U, - 0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU, - 0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U, - 0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U, - 0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU, - 0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U, - 0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U, - 0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU, - 0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU, - 0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U, - 0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU, - 0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U, - 0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU, - 0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U, - 0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U, - 0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U, - 0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U, - 0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U, - 0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU, - 0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU, - 0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U, - 0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U, - 0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U, - 0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U, - 0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U, - 0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU, - 0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U, - 0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU, - 0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U, -}; - -static const ulong32 T4[256] = { - 0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U, - 0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU, - 0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU, - 0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU, - 0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U, - 0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U, - 0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U, - 0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU, - 0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU, - 0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU, - 0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U, - 0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U, - 0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U, - 0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU, - 0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU, - 0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU, - 0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU, - 0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU, - 0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U, - 0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU, - 0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U, - 0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U, - 0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U, - 0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U, - 0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U, - 0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU, - 0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU, - 0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U, - 0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U, - 0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U, - 0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U, - 0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU, - 0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U, - 0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU, - 0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U, - 0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U, - 0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU, - 0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U, - 0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U, - 0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU, - 0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U, - 0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U, - 0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU, - 0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU, - 0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U, - 0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU, - 0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U, - 0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU, - 0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U, - 0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U, - 0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U, - 0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U, - 0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U, - 0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU, - 0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU, - 0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U, - 0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U, - 0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U, - 0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U, - 0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U, - 0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU, - 0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U, - 0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU, - 0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U, -}; - -static const ulong32 T5[256] = { - 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, - 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, - 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, - 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, - 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, - 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, - 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, - 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, - 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, - 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, - 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, - 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, - 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, - 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, - 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, - 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, - 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, - 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, - 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, - 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, - 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, - 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, - 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, - 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, - 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, - 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, - 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, - 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, - 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, - 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, - 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, - 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, - 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, - 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, - 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, - 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, - 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, - 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, - 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, - 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, - 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, - 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, - 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, - 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, - 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, - 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, - 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, - 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, - 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, - 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, - 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, - 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, - 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, - 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, - 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, - 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, - 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, - 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, - 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, - 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, - 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, - 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, - 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, - 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, -}; - -/** - * The round constants. - */ -static const ulong32 rc[] = { - 0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU, - 0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU, - 0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U, - 0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU, - 0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U, -}; - - - -#else - - -static const ulong32 T0[256] = { - 0xa753a6f5U, 0xd3bb6bd0U, 0xe6d1bf6eU, 0x71e2d93bU, - 0xd0bd67daU, 0xac458acfU, 0x4d9a29b3U, 0x79f2f90bU, - 0x3a74e89cU, 0xc98f038cU, 0x913f7e41U, 0xfce5d732U, - 0x1e3c7844U, 0x478e018fU, 0x54a84de5U, 0xbd67cea9U, - 0x8c050a0fU, 0xa557aef9U, 0x7af4f501U, 0xfbebcb20U, - 0x63c69157U, 0xb86ddab7U, 0xdda753f4U, 0xd4b577c2U, - 0xe5d7b364U, 0xb37bf68dU, 0xc59733a4U, 0xbe61c2a3U, - 0xa94f9ed1U, 0x880d1a17U, 0x0c183028U, 0xa259b2ebU, - 0x3972e496U, 0xdfa35bf8U, 0x2952a4f6U, 0xdaa94fe6U, - 0x2b56acfaU, 0xa84d9ad7U, 0xcb8b0b80U, 0x4c982db5U, - 0x4b9631a7U, 0x224488ccU, 0xaa4992dbU, 0x244890d8U, - 0x4182199bU, 0x70e0dd3dU, 0xa651a2f3U, 0xf9efc32cU, - 0x5ab475c1U, 0xe2d9af76U, 0xb07dfa87U, 0x366cd8b4U, - 0x7dfae913U, 0xe4d5b762U, 0x3366ccaaU, 0xffe3db38U, - 0x60c09d5dU, 0x204080c0U, 0x08102030U, 0x8b0b161dU, - 0x5ebc65d9U, 0xab4b96ddU, 0x7ffee11fU, 0x78f0fd0dU, - 0x7cf8ed15U, 0x2c58b0e8U, 0x57ae41efU, 0xd2b96fd6U, - 0xdca557f2U, 0x6ddaa973U, 0x7efce519U, 0x0d1a342eU, - 0x53a651f7U, 0x94356a5fU, 0xc39b2bb0U, 0x2850a0f0U, - 0x274e9cd2U, 0x060c1814U, 0x5fbe61dfU, 0xad478ec9U, - 0x67ce814fU, 0x5cb86dd5U, 0x55aa49e3U, 0x48903dadU, - 0x0e1c3824U, 0x52a455f1U, 0xeac98f46U, 0x42841591U, - 0x5bb671c7U, 0x5dba69d3U, 0x3060c0a0U, 0x58b07dcdU, - 0x51a259fbU, 0x59b279cbU, 0x3c78f088U, 0x4e9c25b9U, - 0x3870e090U, 0x8a09121bU, 0x72e4d531U, 0x14285078U, - 0xe7d3bb68U, 0xc6913faeU, 0xdea15ffeU, 0x50a05dfdU, - 0x8e010203U, 0x9239724bU, 0xd1bf63dcU, 0x77eec12fU, - 0x933b764dU, 0x458a0983U, 0x9a29527bU, 0xce811f9eU, - 0x2d5ab4eeU, 0x03060c0aU, 0x62c49551U, 0xb671e293U, - 0xb96fdeb1U, 0xbf63c6a5U, 0x96316253U, 0x6bd6b167U, - 0x3f7efc82U, 0x070e1c12U, 0x1224486cU, 0xae4182c3U, - 0x40801d9dU, 0x3468d0b8U, 0x468c0589U, 0x3e7cf884U, - 0xdbab4be0U, 0xcf831b98U, 0xecc59752U, 0xcc851792U, - 0xc19f23bcU, 0xa15fbee1U, 0xc09d27baU, 0xd6b17fceU, - 0x1d3a744eU, 0xf4f5f702U, 0x61c2995bU, 0x3b76ec9aU, - 0x10204060U, 0xd8ad47eaU, 0x68d0bd6dU, 0xa05dbae7U, - 0xb17ffe81U, 0x0a14283cU, 0x69d2b96bU, 0x6cd8ad75U, - 0x499239abU, 0xfae9cf26U, 0x76ecc529U, 0xc49537a2U, - 0x9e214263U, 0x9b2b567dU, 0x6edca579U, 0x992f5e71U, - 0xc2992fb6U, 0xb773e695U, 0x982d5a77U, 0xbc65caafU, - 0x8f030605U, 0x85172e39U, 0x1f3e7c42U, 0xb475ea9fU, - 0xf8edc72aU, 0x11224466U, 0x2e5cb8e4U, 0x00000000U, - 0x254a94deU, 0x1c387048U, 0x2a54a8fcU, 0x3d7af48eU, - 0x050a141eU, 0x4f9e21bfU, 0x7bf6f107U, 0xb279f28bU, - 0x3264c8acU, 0x903d7a47U, 0xaf4386c5U, 0x19326456U, - 0xa35bb6edU, 0xf7f3fb08U, 0x73e6d137U, 0x9d274e69U, - 0x152a547eU, 0x74e8cd25U, 0xeec19f5eU, 0xca890f86U, - 0x9f234665U, 0x0f1e3c22U, 0x1b366c5aU, 0x75eac923U, - 0x86112233U, 0x84152a3fU, 0x9c254a6fU, 0x4a9435a1U, - 0x97336655U, 0x1a34685cU, 0x65ca8943U, 0xf6f1ff0eU, - 0xedc79354U, 0x09122436U, 0xbb6bd6bdU, 0x264c98d4U, - 0x831b362dU, 0xebcb8b40U, 0x6fdea17fU, 0x811f3e21U, - 0x04081018U, 0x6ad4b561U, 0x43861197U, 0x01020406U, - 0x172e5c72U, 0xe1dfa37cU, 0x87132635U, 0xf5f7f304U, - 0x8d070e09U, 0xe3dbab70U, 0x23468ccaU, 0x801d3a27U, - 0x44880d85U, 0x162c5874U, 0x66cc8549U, 0x214284c6U, - 0xfee1df3eU, 0xd5b773c4U, 0x3162c4a6U, 0xd9af43ecU, - 0x356ad4beU, 0x18306050U, 0x0204080cU, 0x64c88d45U, - 0xf2f9ef16U, 0xf1ffe31cU, 0x56ac45e9U, 0xcd871394U, - 0x8219322bU, 0xc88d078aU, 0xba69d2bbU, 0xf0fde71aU, - 0xefc39b58U, 0xe9cf834cU, 0xe8cd874aU, 0xfde7d334U, - 0x890f1e11U, 0xd7b37bc8U, 0xc7933ba8U, 0xb577ee99U, - 0xa455aaffU, 0x2f5ebce2U, 0x95376e59U, 0x13264c6aU, - 0x0b162c3aU, 0xf3fbeb10U, 0xe0dda77aU, 0x376edcb2U, -}; - -static const ulong32 T1[256] = { - 0x53a7f5a6U, 0xbbd3d06bU, 0xd1e66ebfU, 0xe2713bd9U, - 0xbdd0da67U, 0x45accf8aU, 0x9a4db329U, 0xf2790bf9U, - 0x743a9ce8U, 0x8fc98c03U, 0x3f91417eU, 0xe5fc32d7U, - 0x3c1e4478U, 0x8e478f01U, 0xa854e54dU, 0x67bda9ceU, - 0x058c0f0aU, 0x57a5f9aeU, 0xf47a01f5U, 0xebfb20cbU, - 0xc6635791U, 0x6db8b7daU, 0xa7ddf453U, 0xb5d4c277U, - 0xd7e564b3U, 0x7bb38df6U, 0x97c5a433U, 0x61bea3c2U, - 0x4fa9d19eU, 0x0d88171aU, 0x180c2830U, 0x59a2ebb2U, - 0x723996e4U, 0xa3dff85bU, 0x5229f6a4U, 0xa9dae64fU, - 0x562bfaacU, 0x4da8d79aU, 0x8bcb800bU, 0x984cb52dU, - 0x964ba731U, 0x4422cc88U, 0x49aadb92U, 0x4824d890U, - 0x82419b19U, 0xe0703dddU, 0x51a6f3a2U, 0xeff92cc3U, - 0xb45ac175U, 0xd9e276afU, 0x7db087faU, 0x6c36b4d8U, - 0xfa7d13e9U, 0xd5e462b7U, 0x6633aaccU, 0xe3ff38dbU, - 0xc0605d9dU, 0x4020c080U, 0x10083020U, 0x0b8b1d16U, - 0xbc5ed965U, 0x4babdd96U, 0xfe7f1fe1U, 0xf0780dfdU, - 0xf87c15edU, 0x582ce8b0U, 0xae57ef41U, 0xb9d2d66fU, - 0xa5dcf257U, 0xda6d73a9U, 0xfc7e19e5U, 0x1a0d2e34U, - 0xa653f751U, 0x35945f6aU, 0x9bc3b02bU, 0x5028f0a0U, - 0x4e27d29cU, 0x0c061418U, 0xbe5fdf61U, 0x47adc98eU, - 0xce674f81U, 0xb85cd56dU, 0xaa55e349U, 0x9048ad3dU, - 0x1c0e2438U, 0xa452f155U, 0xc9ea468fU, 0x84429115U, - 0xb65bc771U, 0xba5dd369U, 0x6030a0c0U, 0xb058cd7dU, - 0xa251fb59U, 0xb259cb79U, 0x783c88f0U, 0x9c4eb925U, - 0x703890e0U, 0x098a1b12U, 0xe47231d5U, 0x28147850U, - 0xd3e768bbU, 0x91c6ae3fU, 0xa1defe5fU, 0xa050fd5dU, - 0x018e0302U, 0x39924b72U, 0xbfd1dc63U, 0xee772fc1U, - 0x3b934d76U, 0x8a458309U, 0x299a7b52U, 0x81ce9e1fU, - 0x5a2deeb4U, 0x06030a0cU, 0xc4625195U, 0x71b693e2U, - 0x6fb9b1deU, 0x63bfa5c6U, 0x31965362U, 0xd66b67b1U, - 0x7e3f82fcU, 0x0e07121cU, 0x24126c48U, 0x41aec382U, - 0x80409d1dU, 0x6834b8d0U, 0x8c468905U, 0x7c3e84f8U, - 0xabdbe04bU, 0x83cf981bU, 0xc5ec5297U, 0x85cc9217U, - 0x9fc1bc23U, 0x5fa1e1beU, 0x9dc0ba27U, 0xb1d6ce7fU, - 0x3a1d4e74U, 0xf5f402f7U, 0xc2615b99U, 0x763b9aecU, - 0x20106040U, 0xadd8ea47U, 0xd0686dbdU, 0x5da0e7baU, - 0x7fb181feU, 0x140a3c28U, 0xd2696bb9U, 0xd86c75adU, - 0x9249ab39U, 0xe9fa26cfU, 0xec7629c5U, 0x95c4a237U, - 0x219e6342U, 0x2b9b7d56U, 0xdc6e79a5U, 0x2f99715eU, - 0x99c2b62fU, 0x73b795e6U, 0x2d98775aU, 0x65bcafcaU, - 0x038f0506U, 0x1785392eU, 0x3e1f427cU, 0x75b49feaU, - 0xedf82ac7U, 0x22116644U, 0x5c2ee4b8U, 0x00000000U, - 0x4a25de94U, 0x381c4870U, 0x542afca8U, 0x7a3d8ef4U, - 0x0a051e14U, 0x9e4fbf21U, 0xf67b07f1U, 0x79b28bf2U, - 0x6432acc8U, 0x3d90477aU, 0x43afc586U, 0x32195664U, - 0x5ba3edb6U, 0xf3f708fbU, 0xe67337d1U, 0x279d694eU, - 0x2a157e54U, 0xe87425cdU, 0xc1ee5e9fU, 0x89ca860fU, - 0x239f6546U, 0x1e0f223cU, 0x361b5a6cU, 0xea7523c9U, - 0x11863322U, 0x15843f2aU, 0x259c6f4aU, 0x944aa135U, - 0x33975566U, 0x341a5c68U, 0xca654389U, 0xf1f60effU, - 0xc7ed5493U, 0x12093624U, 0x6bbbbdd6U, 0x4c26d498U, - 0x1b832d36U, 0xcbeb408bU, 0xde6f7fa1U, 0x1f81213eU, - 0x08041810U, 0xd46a61b5U, 0x86439711U, 0x02010604U, - 0x2e17725cU, 0xdfe17ca3U, 0x13873526U, 0xf7f504f3U, - 0x078d090eU, 0xdbe370abU, 0x4623ca8cU, 0x1d80273aU, - 0x8844850dU, 0x2c167458U, 0xcc664985U, 0x4221c684U, - 0xe1fe3edfU, 0xb7d5c473U, 0x6231a6c4U, 0xafd9ec43U, - 0x6a35bed4U, 0x30185060U, 0x04020c08U, 0xc864458dU, - 0xf9f216efU, 0xfff11ce3U, 0xac56e945U, 0x87cd9413U, - 0x19822b32U, 0x8dc88a07U, 0x69babbd2U, 0xfdf01ae7U, - 0xc3ef589bU, 0xcfe94c83U, 0xcde84a87U, 0xe7fd34d3U, - 0x0f89111eU, 0xb3d7c87bU, 0x93c7a83bU, 0x77b599eeU, - 0x55a4ffaaU, 0x5e2fe2bcU, 0x3795596eU, 0x26136a4cU, - 0x160b3a2cU, 0xfbf310ebU, 0xdde07aa7U, 0x6e37b2dcU, -}; - -static const ulong32 T2[256] = { - 0xa6f5a753U, 0x6bd0d3bbU, 0xbf6ee6d1U, 0xd93b71e2U, - 0x67dad0bdU, 0x8acfac45U, 0x29b34d9aU, 0xf90b79f2U, - 0xe89c3a74U, 0x038cc98fU, 0x7e41913fU, 0xd732fce5U, - 0x78441e3cU, 0x018f478eU, 0x4de554a8U, 0xcea9bd67U, - 0x0a0f8c05U, 0xaef9a557U, 0xf5017af4U, 0xcb20fbebU, - 0x915763c6U, 0xdab7b86dU, 0x53f4dda7U, 0x77c2d4b5U, - 0xb364e5d7U, 0xf68db37bU, 0x33a4c597U, 0xc2a3be61U, - 0x9ed1a94fU, 0x1a17880dU, 0x30280c18U, 0xb2eba259U, - 0xe4963972U, 0x5bf8dfa3U, 0xa4f62952U, 0x4fe6daa9U, - 0xacfa2b56U, 0x9ad7a84dU, 0x0b80cb8bU, 0x2db54c98U, - 0x31a74b96U, 0x88cc2244U, 0x92dbaa49U, 0x90d82448U, - 0x199b4182U, 0xdd3d70e0U, 0xa2f3a651U, 0xc32cf9efU, - 0x75c15ab4U, 0xaf76e2d9U, 0xfa87b07dU, 0xd8b4366cU, - 0xe9137dfaU, 0xb762e4d5U, 0xccaa3366U, 0xdb38ffe3U, - 0x9d5d60c0U, 0x80c02040U, 0x20300810U, 0x161d8b0bU, - 0x65d95ebcU, 0x96ddab4bU, 0xe11f7ffeU, 0xfd0d78f0U, - 0xed157cf8U, 0xb0e82c58U, 0x41ef57aeU, 0x6fd6d2b9U, - 0x57f2dca5U, 0xa9736ddaU, 0xe5197efcU, 0x342e0d1aU, - 0x51f753a6U, 0x6a5f9435U, 0x2bb0c39bU, 0xa0f02850U, - 0x9cd2274eU, 0x1814060cU, 0x61df5fbeU, 0x8ec9ad47U, - 0x814f67ceU, 0x6dd55cb8U, 0x49e355aaU, 0x3dad4890U, - 0x38240e1cU, 0x55f152a4U, 0x8f46eac9U, 0x15914284U, - 0x71c75bb6U, 0x69d35dbaU, 0xc0a03060U, 0x7dcd58b0U, - 0x59fb51a2U, 0x79cb59b2U, 0xf0883c78U, 0x25b94e9cU, - 0xe0903870U, 0x121b8a09U, 0xd53172e4U, 0x50781428U, - 0xbb68e7d3U, 0x3faec691U, 0x5ffedea1U, 0x5dfd50a0U, - 0x02038e01U, 0x724b9239U, 0x63dcd1bfU, 0xc12f77eeU, - 0x764d933bU, 0x0983458aU, 0x527b9a29U, 0x1f9ece81U, - 0xb4ee2d5aU, 0x0c0a0306U, 0x955162c4U, 0xe293b671U, - 0xdeb1b96fU, 0xc6a5bf63U, 0x62539631U, 0xb1676bd6U, - 0xfc823f7eU, 0x1c12070eU, 0x486c1224U, 0x82c3ae41U, - 0x1d9d4080U, 0xd0b83468U, 0x0589468cU, 0xf8843e7cU, - 0x4be0dbabU, 0x1b98cf83U, 0x9752ecc5U, 0x1792cc85U, - 0x23bcc19fU, 0xbee1a15fU, 0x27bac09dU, 0x7fced6b1U, - 0x744e1d3aU, 0xf702f4f5U, 0x995b61c2U, 0xec9a3b76U, - 0x40601020U, 0x47ead8adU, 0xbd6d68d0U, 0xbae7a05dU, - 0xfe81b17fU, 0x283c0a14U, 0xb96b69d2U, 0xad756cd8U, - 0x39ab4992U, 0xcf26fae9U, 0xc52976ecU, 0x37a2c495U, - 0x42639e21U, 0x567d9b2bU, 0xa5796edcU, 0x5e71992fU, - 0x2fb6c299U, 0xe695b773U, 0x5a77982dU, 0xcaafbc65U, - 0x06058f03U, 0x2e398517U, 0x7c421f3eU, 0xea9fb475U, - 0xc72af8edU, 0x44661122U, 0xb8e42e5cU, 0x00000000U, - 0x94de254aU, 0x70481c38U, 0xa8fc2a54U, 0xf48e3d7aU, - 0x141e050aU, 0x21bf4f9eU, 0xf1077bf6U, 0xf28bb279U, - 0xc8ac3264U, 0x7a47903dU, 0x86c5af43U, 0x64561932U, - 0xb6eda35bU, 0xfb08f7f3U, 0xd13773e6U, 0x4e699d27U, - 0x547e152aU, 0xcd2574e8U, 0x9f5eeec1U, 0x0f86ca89U, - 0x46659f23U, 0x3c220f1eU, 0x6c5a1b36U, 0xc92375eaU, - 0x22338611U, 0x2a3f8415U, 0x4a6f9c25U, 0x35a14a94U, - 0x66559733U, 0x685c1a34U, 0x894365caU, 0xff0ef6f1U, - 0x9354edc7U, 0x24360912U, 0xd6bdbb6bU, 0x98d4264cU, - 0x362d831bU, 0x8b40ebcbU, 0xa17f6fdeU, 0x3e21811fU, - 0x10180408U, 0xb5616ad4U, 0x11974386U, 0x04060102U, - 0x5c72172eU, 0xa37ce1dfU, 0x26358713U, 0xf304f5f7U, - 0x0e098d07U, 0xab70e3dbU, 0x8cca2346U, 0x3a27801dU, - 0x0d854488U, 0x5874162cU, 0x854966ccU, 0x84c62142U, - 0xdf3efee1U, 0x73c4d5b7U, 0xc4a63162U, 0x43ecd9afU, - 0xd4be356aU, 0x60501830U, 0x080c0204U, 0x8d4564c8U, - 0xef16f2f9U, 0xe31cf1ffU, 0x45e956acU, 0x1394cd87U, - 0x322b8219U, 0x078ac88dU, 0xd2bbba69U, 0xe71af0fdU, - 0x9b58efc3U, 0x834ce9cfU, 0x874ae8cdU, 0xd334fde7U, - 0x1e11890fU, 0x7bc8d7b3U, 0x3ba8c793U, 0xee99b577U, - 0xaaffa455U, 0xbce22f5eU, 0x6e599537U, 0x4c6a1326U, - 0x2c3a0b16U, 0xeb10f3fbU, 0xa77ae0ddU, 0xdcb2376eU, -}; - -static const ulong32 T3[256] = { - 0xf5a653a7U, 0xd06bbbd3U, 0x6ebfd1e6U, 0x3bd9e271U, - 0xda67bdd0U, 0xcf8a45acU, 0xb3299a4dU, 0x0bf9f279U, - 0x9ce8743aU, 0x8c038fc9U, 0x417e3f91U, 0x32d7e5fcU, - 0x44783c1eU, 0x8f018e47U, 0xe54da854U, 0xa9ce67bdU, - 0x0f0a058cU, 0xf9ae57a5U, 0x01f5f47aU, 0x20cbebfbU, - 0x5791c663U, 0xb7da6db8U, 0xf453a7ddU, 0xc277b5d4U, - 0x64b3d7e5U, 0x8df67bb3U, 0xa43397c5U, 0xa3c261beU, - 0xd19e4fa9U, 0x171a0d88U, 0x2830180cU, 0xebb259a2U, - 0x96e47239U, 0xf85ba3dfU, 0xf6a45229U, 0xe64fa9daU, - 0xfaac562bU, 0xd79a4da8U, 0x800b8bcbU, 0xb52d984cU, - 0xa731964bU, 0xcc884422U, 0xdb9249aaU, 0xd8904824U, - 0x9b198241U, 0x3ddde070U, 0xf3a251a6U, 0x2cc3eff9U, - 0xc175b45aU, 0x76afd9e2U, 0x87fa7db0U, 0xb4d86c36U, - 0x13e9fa7dU, 0x62b7d5e4U, 0xaacc6633U, 0x38dbe3ffU, - 0x5d9dc060U, 0xc0804020U, 0x30201008U, 0x1d160b8bU, - 0xd965bc5eU, 0xdd964babU, 0x1fe1fe7fU, 0x0dfdf078U, - 0x15edf87cU, 0xe8b0582cU, 0xef41ae57U, 0xd66fb9d2U, - 0xf257a5dcU, 0x73a9da6dU, 0x19e5fc7eU, 0x2e341a0dU, - 0xf751a653U, 0x5f6a3594U, 0xb02b9bc3U, 0xf0a05028U, - 0xd29c4e27U, 0x14180c06U, 0xdf61be5fU, 0xc98e47adU, - 0x4f81ce67U, 0xd56db85cU, 0xe349aa55U, 0xad3d9048U, - 0x24381c0eU, 0xf155a452U, 0x468fc9eaU, 0x91158442U, - 0xc771b65bU, 0xd369ba5dU, 0xa0c06030U, 0xcd7db058U, - 0xfb59a251U, 0xcb79b259U, 0x88f0783cU, 0xb9259c4eU, - 0x90e07038U, 0x1b12098aU, 0x31d5e472U, 0x78502814U, - 0x68bbd3e7U, 0xae3f91c6U, 0xfe5fa1deU, 0xfd5da050U, - 0x0302018eU, 0x4b723992U, 0xdc63bfd1U, 0x2fc1ee77U, - 0x4d763b93U, 0x83098a45U, 0x7b52299aU, 0x9e1f81ceU, - 0xeeb45a2dU, 0x0a0c0603U, 0x5195c462U, 0x93e271b6U, - 0xb1de6fb9U, 0xa5c663bfU, 0x53623196U, 0x67b1d66bU, - 0x82fc7e3fU, 0x121c0e07U, 0x6c482412U, 0xc38241aeU, - 0x9d1d8040U, 0xb8d06834U, 0x89058c46U, 0x84f87c3eU, - 0xe04babdbU, 0x981b83cfU, 0x5297c5ecU, 0x921785ccU, - 0xbc239fc1U, 0xe1be5fa1U, 0xba279dc0U, 0xce7fb1d6U, - 0x4e743a1dU, 0x02f7f5f4U, 0x5b99c261U, 0x9aec763bU, - 0x60402010U, 0xea47add8U, 0x6dbdd068U, 0xe7ba5da0U, - 0x81fe7fb1U, 0x3c28140aU, 0x6bb9d269U, 0x75add86cU, - 0xab399249U, 0x26cfe9faU, 0x29c5ec76U, 0xa23795c4U, - 0x6342219eU, 0x7d562b9bU, 0x79a5dc6eU, 0x715e2f99U, - 0xb62f99c2U, 0x95e673b7U, 0x775a2d98U, 0xafca65bcU, - 0x0506038fU, 0x392e1785U, 0x427c3e1fU, 0x9fea75b4U, - 0x2ac7edf8U, 0x66442211U, 0xe4b85c2eU, 0x00000000U, - 0xde944a25U, 0x4870381cU, 0xfca8542aU, 0x8ef47a3dU, - 0x1e140a05U, 0xbf219e4fU, 0x07f1f67bU, 0x8bf279b2U, - 0xacc86432U, 0x477a3d90U, 0xc58643afU, 0x56643219U, - 0xedb65ba3U, 0x08fbf3f7U, 0x37d1e673U, 0x694e279dU, - 0x7e542a15U, 0x25cde874U, 0x5e9fc1eeU, 0x860f89caU, - 0x6546239fU, 0x223c1e0fU, 0x5a6c361bU, 0x23c9ea75U, - 0x33221186U, 0x3f2a1584U, 0x6f4a259cU, 0xa135944aU, - 0x55663397U, 0x5c68341aU, 0x4389ca65U, 0x0efff1f6U, - 0x5493c7edU, 0x36241209U, 0xbdd66bbbU, 0xd4984c26U, - 0x2d361b83U, 0x408bcbebU, 0x7fa1de6fU, 0x213e1f81U, - 0x18100804U, 0x61b5d46aU, 0x97118643U, 0x06040201U, - 0x725c2e17U, 0x7ca3dfe1U, 0x35261387U, 0x04f3f7f5U, - 0x090e078dU, 0x70abdbe3U, 0xca8c4623U, 0x273a1d80U, - 0x850d8844U, 0x74582c16U, 0x4985cc66U, 0xc6844221U, - 0x3edfe1feU, 0xc473b7d5U, 0xa6c46231U, 0xec43afd9U, - 0xbed46a35U, 0x50603018U, 0x0c080402U, 0x458dc864U, - 0x16eff9f2U, 0x1ce3fff1U, 0xe945ac56U, 0x941387cdU, - 0x2b321982U, 0x8a078dc8U, 0xbbd269baU, 0x1ae7fdf0U, - 0x589bc3efU, 0x4c83cfe9U, 0x4a87cde8U, 0x34d3e7fdU, - 0x111e0f89U, 0xc87bb3d7U, 0xa83b93c7U, 0x99ee77b5U, - 0xffaa55a4U, 0xe2bc5e2fU, 0x596e3795U, 0x6a4c2613U, - 0x3a2c160bU, 0x10ebfbf3U, 0x7aa7dde0U, 0xb2dc6e37U, -}; - -static const ulong32 T4[256] = { - 0xa7a7a7a7U, 0xd3d3d3d3U, 0xe6e6e6e6U, 0x71717171U, - 0xd0d0d0d0U, 0xacacacacU, 0x4d4d4d4dU, 0x79797979U, - 0x3a3a3a3aU, 0xc9c9c9c9U, 0x91919191U, 0xfcfcfcfcU, - 0x1e1e1e1eU, 0x47474747U, 0x54545454U, 0xbdbdbdbdU, - 0x8c8c8c8cU, 0xa5a5a5a5U, 0x7a7a7a7aU, 0xfbfbfbfbU, - 0x63636363U, 0xb8b8b8b8U, 0xddddddddU, 0xd4d4d4d4U, - 0xe5e5e5e5U, 0xb3b3b3b3U, 0xc5c5c5c5U, 0xbebebebeU, - 0xa9a9a9a9U, 0x88888888U, 0x0c0c0c0cU, 0xa2a2a2a2U, - 0x39393939U, 0xdfdfdfdfU, 0x29292929U, 0xdadadadaU, - 0x2b2b2b2bU, 0xa8a8a8a8U, 0xcbcbcbcbU, 0x4c4c4c4cU, - 0x4b4b4b4bU, 0x22222222U, 0xaaaaaaaaU, 0x24242424U, - 0x41414141U, 0x70707070U, 0xa6a6a6a6U, 0xf9f9f9f9U, - 0x5a5a5a5aU, 0xe2e2e2e2U, 0xb0b0b0b0U, 0x36363636U, - 0x7d7d7d7dU, 0xe4e4e4e4U, 0x33333333U, 0xffffffffU, - 0x60606060U, 0x20202020U, 0x08080808U, 0x8b8b8b8bU, - 0x5e5e5e5eU, 0xababababU, 0x7f7f7f7fU, 0x78787878U, - 0x7c7c7c7cU, 0x2c2c2c2cU, 0x57575757U, 0xd2d2d2d2U, - 0xdcdcdcdcU, 0x6d6d6d6dU, 0x7e7e7e7eU, 0x0d0d0d0dU, - 0x53535353U, 0x94949494U, 0xc3c3c3c3U, 0x28282828U, - 0x27272727U, 0x06060606U, 0x5f5f5f5fU, 0xadadadadU, - 0x67676767U, 0x5c5c5c5cU, 0x55555555U, 0x48484848U, - 0x0e0e0e0eU, 0x52525252U, 0xeaeaeaeaU, 0x42424242U, - 0x5b5b5b5bU, 0x5d5d5d5dU, 0x30303030U, 0x58585858U, - 0x51515151U, 0x59595959U, 0x3c3c3c3cU, 0x4e4e4e4eU, - 0x38383838U, 0x8a8a8a8aU, 0x72727272U, 0x14141414U, - 0xe7e7e7e7U, 0xc6c6c6c6U, 0xdedededeU, 0x50505050U, - 0x8e8e8e8eU, 0x92929292U, 0xd1d1d1d1U, 0x77777777U, - 0x93939393U, 0x45454545U, 0x9a9a9a9aU, 0xcecececeU, - 0x2d2d2d2dU, 0x03030303U, 0x62626262U, 0xb6b6b6b6U, - 0xb9b9b9b9U, 0xbfbfbfbfU, 0x96969696U, 0x6b6b6b6bU, - 0x3f3f3f3fU, 0x07070707U, 0x12121212U, 0xaeaeaeaeU, - 0x40404040U, 0x34343434U, 0x46464646U, 0x3e3e3e3eU, - 0xdbdbdbdbU, 0xcfcfcfcfU, 0xececececU, 0xccccccccU, - 0xc1c1c1c1U, 0xa1a1a1a1U, 0xc0c0c0c0U, 0xd6d6d6d6U, - 0x1d1d1d1dU, 0xf4f4f4f4U, 0x61616161U, 0x3b3b3b3bU, - 0x10101010U, 0xd8d8d8d8U, 0x68686868U, 0xa0a0a0a0U, - 0xb1b1b1b1U, 0x0a0a0a0aU, 0x69696969U, 0x6c6c6c6cU, - 0x49494949U, 0xfafafafaU, 0x76767676U, 0xc4c4c4c4U, - 0x9e9e9e9eU, 0x9b9b9b9bU, 0x6e6e6e6eU, 0x99999999U, - 0xc2c2c2c2U, 0xb7b7b7b7U, 0x98989898U, 0xbcbcbcbcU, - 0x8f8f8f8fU, 0x85858585U, 0x1f1f1f1fU, 0xb4b4b4b4U, - 0xf8f8f8f8U, 0x11111111U, 0x2e2e2e2eU, 0x00000000U, - 0x25252525U, 0x1c1c1c1cU, 0x2a2a2a2aU, 0x3d3d3d3dU, - 0x05050505U, 0x4f4f4f4fU, 0x7b7b7b7bU, 0xb2b2b2b2U, - 0x32323232U, 0x90909090U, 0xafafafafU, 0x19191919U, - 0xa3a3a3a3U, 0xf7f7f7f7U, 0x73737373U, 0x9d9d9d9dU, - 0x15151515U, 0x74747474U, 0xeeeeeeeeU, 0xcacacacaU, - 0x9f9f9f9fU, 0x0f0f0f0fU, 0x1b1b1b1bU, 0x75757575U, - 0x86868686U, 0x84848484U, 0x9c9c9c9cU, 0x4a4a4a4aU, - 0x97979797U, 0x1a1a1a1aU, 0x65656565U, 0xf6f6f6f6U, - 0xededededU, 0x09090909U, 0xbbbbbbbbU, 0x26262626U, - 0x83838383U, 0xebebebebU, 0x6f6f6f6fU, 0x81818181U, - 0x04040404U, 0x6a6a6a6aU, 0x43434343U, 0x01010101U, - 0x17171717U, 0xe1e1e1e1U, 0x87878787U, 0xf5f5f5f5U, - 0x8d8d8d8dU, 0xe3e3e3e3U, 0x23232323U, 0x80808080U, - 0x44444444U, 0x16161616U, 0x66666666U, 0x21212121U, - 0xfefefefeU, 0xd5d5d5d5U, 0x31313131U, 0xd9d9d9d9U, - 0x35353535U, 0x18181818U, 0x02020202U, 0x64646464U, - 0xf2f2f2f2U, 0xf1f1f1f1U, 0x56565656U, 0xcdcdcdcdU, - 0x82828282U, 0xc8c8c8c8U, 0xbabababaU, 0xf0f0f0f0U, - 0xefefefefU, 0xe9e9e9e9U, 0xe8e8e8e8U, 0xfdfdfdfdU, - 0x89898989U, 0xd7d7d7d7U, 0xc7c7c7c7U, 0xb5b5b5b5U, - 0xa4a4a4a4U, 0x2f2f2f2fU, 0x95959595U, 0x13131313U, - 0x0b0b0b0bU, 0xf3f3f3f3U, 0xe0e0e0e0U, 0x37373737U, -}; - -static const ulong32 T5[256] = { - 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, - 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, - 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, - 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, - 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, - 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, - 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, - 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, - 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, - 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, - 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, - 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, - 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, - 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, - 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, - 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, - 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, - 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, - 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, - 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, - 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, - 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, - 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, - 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, - 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, - 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, - 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, - 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, - 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, - 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, - 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, - 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, - 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, - 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, - 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, - 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, - 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, - 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, - 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, - 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, - 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, - 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, - 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, - 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, - 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, - 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, - 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, - 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, - 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, - 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, - 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, - 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, - 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, - 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, - 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, - 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, - 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, - 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, - 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, - 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, - 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, - 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, - 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, - 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, -}; - -/** - * The round constants. - */ -static const ulong32 rc[] = { - 0xa7d3e671U, 0xd0ac4d79U, 0x3ac991fcU, 0x1e4754bdU, - 0x8ca57afbU, 0x63b8ddd4U, 0xe5b3c5beU, 0xa9880ca2U, - 0x39df29daU, 0x2ba8cb4cU, 0x4b22aa24U, 0x4170a6f9U, - 0x5ae2b036U, 0x7de433ffU, 0x6020088bU, 0x5eab7f78U, - 0x7c2c57d2U, 0xdc6d7e0dU, 0x5394c328U, -}; - -#endif - - /** - Initialize the Anubis block cipher - @param key The symmetric key you wish to pass - @param keylen The key length in bytes - @param num_rounds The number of rounds desired (0 for default) - @param skey The key in as scheduled by this function. - @return CRYPT_OK if successful - */ -#ifdef LTC_CLEAN_STACK -static int _anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -#else -int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -#endif -{ - int N, R, i, pos, r; - ulong32 kappa[MAX_N]; - ulong32 inter[MAX_N]; - ulong32 v, K0, K1, K2, K3; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - /* Valid sizes (in bytes) are 16, 20, 24, 28, 32, 36, and 40. */ - if ((keylen & 3) || (keylen < 16) || (keylen > 40)) { - return CRYPT_INVALID_KEYSIZE; - } - skey->anubis.keyBits = keylen*8; - - /* - * determine the N length parameter: - * (N.B. it is assumed that the key length is valid!) - */ - N = skey->anubis.keyBits >> 5; - - /* - * determine number of rounds from key size: - */ - skey->anubis.R = R = 8 + N; - - if (num_rounds != 0 && num_rounds != skey->anubis.R) { - return CRYPT_INVALID_ROUNDS; - } - - /* - * map cipher key to initial key state (mu): - */ - for (i = 0, pos = 0; i < N; i++, pos += 4) { - kappa[i] = - (key[pos ] << 24) ^ - (key[pos + 1] << 16) ^ - (key[pos + 2] << 8) ^ - (key[pos + 3] ); - } - - /* - * generate R + 1 round keys: - */ - for (r = 0; r <= R; r++) { - /* - * generate r-th round key K^r: - */ - K0 = T4[(kappa[N - 1] >> 24) ]; - K1 = T4[(kappa[N - 1] >> 16) & 0xff]; - K2 = T4[(kappa[N - 1] >> 8) & 0xff]; - K3 = T4[(kappa[N - 1] ) & 0xff]; - for (i = N - 2; i >= 0; i--) { - K0 = T4[(kappa[i] >> 24) ] ^ - (T5[(K0 >> 24) ] & 0xff000000U) ^ - (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K0 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K0 ) & 0xff] & 0x000000ffU); - K1 = T4[(kappa[i] >> 16) & 0xff] ^ - (T5[(K1 >> 24) ] & 0xff000000U) ^ - (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K1 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K1 ) & 0xff] & 0x000000ffU); - K2 = T4[(kappa[i] >> 8) & 0xff] ^ - (T5[(K2 >> 24) ] & 0xff000000U) ^ - (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K2 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K2 ) & 0xff] & 0x000000ffU); - K3 = T4[(kappa[i] ) & 0xff] ^ - (T5[(K3 >> 24) ] & 0xff000000U) ^ - (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K3 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K3 ) & 0xff] & 0x000000ffU); - } - /* - -- this is the code to use with the large U tables: - K0 = K1 = K2 = K3 = 0; - for (i = 0; i < N; i++) { - K0 ^= U[i][(kappa[i] >> 24) ]; - K1 ^= U[i][(kappa[i] >> 16) & 0xff]; - K2 ^= U[i][(kappa[i] >> 8) & 0xff]; - K3 ^= U[i][(kappa[i] ) & 0xff]; - } - */ - skey->anubis.roundKeyEnc[r][0] = K0; - skey->anubis.roundKeyEnc[r][1] = K1; - skey->anubis.roundKeyEnc[r][2] = K2; - skey->anubis.roundKeyEnc[r][3] = K3; - - /* - * compute kappa^{r+1} from kappa^r: - */ - if (r == R) { - break; - } - for (i = 0; i < N; i++) { - int j = i; - inter[i] = T0[(kappa[j--] >> 24) ]; if (j < 0) j = N - 1; - inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; if (j < 0) j = N - 1; - inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; if (j < 0) j = N - 1; - inter[i] ^= T3[(kappa[j ] ) & 0xff]; - } - kappa[0] = inter[0] ^ rc[r]; - for (i = 1; i < N; i++) { - kappa[i] = inter[i]; - } - } - - /* - * generate inverse key schedule: K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}): - */ - for (i = 0; i < 4; i++) { - skey->anubis.roundKeyDec[0][i] = skey->anubis.roundKeyEnc[R][i]; - skey->anubis.roundKeyDec[R][i] = skey->anubis.roundKeyEnc[0][i]; - } - for (r = 1; r < R; r++) { - for (i = 0; i < 4; i++) { - v = skey->anubis.roundKeyEnc[R - r][i]; - skey->anubis.roundKeyDec[r][i] = - T0[T4[(v >> 24) ] & 0xff] ^ - T1[T4[(v >> 16) & 0xff] & 0xff] ^ - T2[T4[(v >> 8) & 0xff] & 0xff] ^ - T3[T4[(v ) & 0xff] & 0xff]; - } - } - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - int err; - err = _anubis_setup(key, keylen, num_rounds, skey); - burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5)); - return err; -} -#endif - - -static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext, - ulong32 roundKey[18 + 1][4], int R) { - int i, pos, r; - ulong32 state[4]; - ulong32 inter[4]; - - /* - * map plaintext block to cipher state (mu) - * and add initial round key (sigma[K^0]): - */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - state[i] = - (plaintext[pos ] << 24) ^ - (plaintext[pos + 1] << 16) ^ - (plaintext[pos + 2] << 8) ^ - (plaintext[pos + 3] ) ^ - roundKey[0][i]; - } - - /* - * R - 1 full rounds: - */ - for (r = 1; r < R; r++) { - inter[0] = - T0[(state[0] >> 24) ] ^ - T1[(state[1] >> 24) ] ^ - T2[(state[2] >> 24) ] ^ - T3[(state[3] >> 24) ] ^ - roundKey[r][0]; - inter[1] = - T0[(state[0] >> 16) & 0xff] ^ - T1[(state[1] >> 16) & 0xff] ^ - T2[(state[2] >> 16) & 0xff] ^ - T3[(state[3] >> 16) & 0xff] ^ - roundKey[r][1]; - inter[2] = - T0[(state[0] >> 8) & 0xff] ^ - T1[(state[1] >> 8) & 0xff] ^ - T2[(state[2] >> 8) & 0xff] ^ - T3[(state[3] >> 8) & 0xff] ^ - roundKey[r][2]; - inter[3] = - T0[(state[0] ) & 0xff] ^ - T1[(state[1] ) & 0xff] ^ - T2[(state[2] ) & 0xff] ^ - T3[(state[3] ) & 0xff] ^ - roundKey[r][3]; - state[0] = inter[0]; - state[1] = inter[1]; - state[2] = inter[2]; - state[3] = inter[3]; - } - - /* - * last round: - */ - inter[0] = - (T0[(state[0] >> 24) ] & 0xff000000U) ^ - (T1[(state[1] >> 24) ] & 0x00ff0000U) ^ - (T2[(state[2] >> 24) ] & 0x0000ff00U) ^ - (T3[(state[3] >> 24) ] & 0x000000ffU) ^ - roundKey[R][0]; - inter[1] = - (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^ - (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^ - roundKey[R][1]; - inter[2] = - (T0[(state[0] >> 8) & 0xff] & 0xff000000U) ^ - (T1[(state[1] >> 8) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] >> 8) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] >> 8) & 0xff] & 0x000000ffU) ^ - roundKey[R][2]; - inter[3] = - (T0[(state[0] ) & 0xff] & 0xff000000U) ^ - (T1[(state[1] ) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] ) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] ) & 0xff] & 0x000000ffU) ^ - roundKey[R][3]; - - /* - * map cipher state to ciphertext block (mu^{-1}): - */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - ulong32 w = inter[i]; - ciphertext[pos ] = (unsigned char)(w >> 24); - ciphertext[pos + 1] = (unsigned char)(w >> 16); - ciphertext[pos + 2] = (unsigned char)(w >> 8); - ciphertext[pos + 3] = (unsigned char)(w ); - } -} - -/** - Encrypts a block of text with Anubis - @param pt The input plaintext (16 bytes) - @param ct The output ciphertext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); - return CRYPT_OK; -} - -/** - Decrypts a block of text with Anubis - @param ct The input ciphertext (16 bytes) - @param pt The output plaintext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); - return CRYPT_OK; -} - -/** - Performs a self-test of the Anubis block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int anubis_test(void) -{ -#if !defined(LTC_TEST) - return CRYPT_NOP; -#else - static const struct test { - int keylen; - unsigned char pt[16], ct[16], key[40]; - } tests[] = { -#ifndef ANUBIS_TWEAK - /**** ORIGINAL ANUBIS ****/ - /* 128 bit keys */ -{ - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xF0, 0x68, 0x60, 0xFC, 0x67, 0x30, 0xE8, 0x18, - 0xF1, 0x32, 0xC7, 0x8A, 0xF4, 0x13, 0x2A, 0xFE }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xA8, 0x66, 0x84, 0x80, 0x07, 0x74, 0x5C, 0x89, - 0xFC, 0x5E, 0xB5, 0xBA, 0xD4, 0xFE, 0x32, 0x6D }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 160-bit keys */ -{ - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xBD, 0x5E, 0x32, 0xBE, 0x51, 0x67, 0xA8, 0xE2, - 0x72, 0xD7, 0x95, 0x0F, 0x83, 0xC6, 0x8C, 0x31 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x4C, 0x1F, 0x86, 0x2E, 0x11, 0xEB, 0xCE, 0xEB, - 0xFE, 0xB9, 0x73, 0xC9, 0xDF, 0xEF, 0x7A, 0xDB }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 192-bit keys */ -{ - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x17, 0xAC, 0x57, 0x44, 0x9D, 0x59, 0x61, 0x66, - 0xD0, 0xC7, 0x9E, 0x04, 0x7C, 0xC7, 0x58, 0xF0 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x71, 0x52, 0xB4, 0xEB, 0x1D, 0xAA, 0x36, 0xFD, - 0x57, 0x14, 0x5F, 0x57, 0x04, 0x9F, 0x70, 0x74 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 224-bit keys */ -{ - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xA2, 0xF0, 0xA6, 0xB9, 0x17, 0x93, 0x2A, 0x3B, - 0xEF, 0x08, 0xE8, 0x7A, 0x58, 0xD6, 0xF8, 0x53 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xF0, 0xCA, 0xFC, 0x78, 0x8B, 0x4B, 0x4E, 0x53, - 0x8B, 0xC4, 0x32, 0x6A, 0xF5, 0xB9, 0x1B, 0x5F }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 256-bit keys */ -{ - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE0, 0x86, 0xAC, 0x45, 0x6B, 0x3C, 0xE5, 0x13, - 0xED, 0xF5, 0xDF, 0xDD, 0xD6, 0x3B, 0x71, 0x93 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x50, 0x01, 0xB9, 0xF5, 0x21, 0xC1, 0xC1, 0x29, - 0x00, 0xD5, 0xEC, 0x98, 0x2B, 0x9E, 0xE8, 0x21 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 288-bit keys */ -{ - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE8, 0xF4, 0xAF, 0x2B, 0x21, 0xA0, 0x87, 0x9B, - 0x41, 0x95, 0xB9, 0x71, 0x75, 0x79, 0x04, 0x7C }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE6, 0xA6, 0xA5, 0xBC, 0x8B, 0x63, 0x6F, 0xE2, - 0xBD, 0xA7, 0xA7, 0x53, 0xAB, 0x40, 0x22, 0xE0 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 320-bit keys */ -{ - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x17, 0x04, 0xD7, 0x2C, 0xC6, 0x85, 0x76, 0x02, - 0x4B, 0xCC, 0x39, 0x80, 0xD8, 0x22, 0xEA, 0xA4 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x7A, 0x41, 0xE6, 0x7D, 0x4F, 0xD8, 0x64, 0xF0, - 0x44, 0xA8, 0x3C, 0x73, 0x81, 0x7E, 0x53, 0xD8 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -} -#else - /**** Tweaked ANUBIS ****/ - /* 128 bit keys */ -{ - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB8, 0x35, 0xBD, 0xC3, 0x34, 0x82, 0x9D, 0x83, - 0x71, 0xBF, 0xA3, 0x71, 0xE4, 0xB3, 0xC4, 0xFD }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE6, 0x14, 0x1E, 0xAF, 0xEB, 0xE0, 0x59, 0x3C, - 0x48, 0xE1, 0xCD, 0xF2, 0x1B, 0xBA, 0xA1, 0x89 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 160-bit keys */ -{ - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x97, 0x59, 0x79, 0x4B, 0x5C, 0xA0, 0x70, 0x73, - 0x24, 0xEF, 0xB3, 0x58, 0x67, 0xCA, 0xD4, 0xB3 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB8, 0x0D, 0xFB, 0x9B, 0xE4, 0xA1, 0x58, 0x87, - 0xB3, 0x76, 0xD5, 0x02, 0x18, 0x95, 0xC1, 0x2E }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 192-bit keys */ -{ - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x7D, 0x62, 0x3B, 0x52, 0xC7, 0x4C, 0x64, 0xD8, - 0xEB, 0xC7, 0x2D, 0x57, 0x97, 0x85, 0x43, 0x8F }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB1, 0x0A, 0x59, 0xDD, 0x5D, 0x5D, 0x8D, 0x67, - 0xEC, 0xEE, 0x4A, 0xC4, 0xBE, 0x4F, 0xA8, 0x4F }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 224-bit keys */ -{ - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x68, 0x9E, 0x05, 0x94, 0x6A, 0x94, 0x43, 0x8F, - 0xE7, 0x8E, 0x37, 0x3D, 0x24, 0x97, 0x92, 0xF5 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xDD, 0xB7, 0xB0, 0xB4, 0xE9, 0xB4, 0x9B, 0x9C, - 0x38, 0x20, 0x25, 0x0B, 0x47, 0xC2, 0x1F, 0x89 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 256-bit keys */ -{ - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x96, 0x00, 0xF0, 0x76, 0x91, 0x69, 0x29, 0x87, - 0xF5, 0xE5, 0x97, 0xDB, 0xDB, 0xAF, 0x1B, 0x0A }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x69, 0x9C, 0xAF, 0xDD, 0x94, 0xC7, 0xBC, 0x60, - 0x44, 0xFE, 0x02, 0x05, 0x8A, 0x6E, 0xEF, 0xBD }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 288-bit keys */ -{ - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x0F, 0xC7, 0xA2, 0xC0, 0x11, 0x17, 0xAC, 0x43, - 0x52, 0x5E, 0xDF, 0x6C, 0xF3, 0x96, 0x33, 0x6C }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xAD, 0x08, 0x4F, 0xED, 0x55, 0xA6, 0x94, 0x3E, - 0x7E, 0x5E, 0xED, 0x05, 0xA1, 0x9D, 0x41, 0xB4 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 320-bit keys */ -{ - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xFE, 0xE2, 0x0E, 0x2A, 0x9D, 0xC5, 0x83, 0xBA, - 0xA3, 0xA6, 0xD6, 0xA6, 0xF2, 0xE8, 0x06, 0xA5 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x86, 0x3D, 0xCC, 0x4A, 0x60, 0x34, 0x9C, 0x28, - 0xA7, 0xDA, 0xA4, 0x3B, 0x0A, 0xD7, 0xFD, 0xC7 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -} -#endif -}; - int x, y; - unsigned char buf[2][16]; - symmetric_key skey; - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - anubis_setup(tests[x].key, tests[x].keylen, 0, &skey); - anubis_ecb_encrypt(tests[x].pt, buf[0], &skey); - anubis_ecb_decrypt(buf[0], buf[1], &skey); - if (memcmp(buf[0], tests[x].ct, 16) || memcmp(buf[1], tests[x].pt, 16)) { - return CRYPT_FAIL_TESTVECTOR; - } - - for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey); - for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey); - if (memcmp(buf[0], tests[x].ct, 16)) { - return CRYPT_FAIL_TESTVECTOR; - } - - } - return CRYPT_OK; -#endif -} - -/** Terminate the context - @param skey The scheduled key -*/ -void anubis_done(symmetric_key *skey) -{ -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int anubis_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 40) { - *keysize = 40; - } else if (*keysize >= 36) { - *keysize = 36; - } else if (*keysize >= 32) { - *keysize = 32; - } else if (*keysize >= 28) { - *keysize = 28; - } else if (*keysize >= 24) { - *keysize = 24; - } else if (*keysize >= 20) { - *keysize = 20; - } else if (*keysize >= 16) { - *keysize = 16; - } else { - return CRYPT_INVALID_KEYSIZE; - } - return CRYPT_OK; -} - -#endif - - -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ + +/** + @file anubis.c + Anubis implementation derived from public domain source + Authors: Paulo S.L.M. Barreto and Vincent Rijmen. +*/ + +#include "tomcrypt.h" + +#ifdef ANUBIS + +const struct ltc_cipher_descriptor anubis_desc = { + "anubis", + 19, + 16, 40, 16, 12, + &anubis_setup, + &anubis_ecb_encrypt, + &anubis_ecb_decrypt, + &anubis_test, + &anubis_done, + &anubis_keysize, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL +}; + +#define MIN_N 4 +#define MAX_N 10 +#define MIN_ROUNDS (8 + MIN_N) +#define MAX_ROUNDS (8 + MAX_N) +#define MIN_KEYSIZEB (4*MIN_N) +#define MAX_KEYSIZEB (4*MAX_N) +#define BLOCKSIZE 128 +#define BLOCKSIZEB (BLOCKSIZE/8) + + +/* + * Though Anubis is endianness-neutral, the encryption tables are listed + * in BIG-ENDIAN format, which is adopted throughout this implementation + * (but little-endian notation would be equally suitable if consistently + * employed). + */ +#if defined(ANUBIS_TWEAK) + +static const ulong32 T0[256] = { + 0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U, + 0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U, + 0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U, + 0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U, + 0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU, + 0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U, + 0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U, + 0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U, + 0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU, + 0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U, + 0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U, + 0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU, + 0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U, + 0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U, + 0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U, + 0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U, + 0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U, + 0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U, + 0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U, + 0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U, + 0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U, + 0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U, + 0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U, + 0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U, + 0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU, + 0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU, + 0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU, + 0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U, + 0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU, + 0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU, + 0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U, + 0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U, + 0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U, + 0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U, + 0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U, + 0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U, + 0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU, + 0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU, + 0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU, + 0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU, + 0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU, + 0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU, + 0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU, + 0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U, + 0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU, + 0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U, + 0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU, + 0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU, + 0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U, + 0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U, + 0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U, + 0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU, + 0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU, + 0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U, + 0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U, + 0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U, + 0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U, + 0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU, + 0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU, + 0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U, + 0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU, + 0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU, + 0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU, + 0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U, +}; + +static const ulong32 T1[256] = { + 0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU, + 0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U, + 0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U, + 0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU, + 0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U, + 0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U, + 0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU, + 0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U, + 0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U, + 0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U, + 0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU, + 0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U, + 0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U, + 0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U, + 0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U, + 0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU, + 0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U, + 0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U, + 0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU, + 0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU, + 0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U, + 0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U, + 0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U, + 0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U, + 0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U, + 0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU, + 0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U, + 0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U, + 0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U, + 0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU, + 0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U, + 0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U, + 0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU, + 0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U, + 0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU, + 0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU, + 0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU, + 0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U, + 0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU, + 0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU, + 0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU, + 0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U, + 0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U, + 0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U, + 0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U, + 0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U, + 0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U, + 0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU, + 0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U, + 0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U, + 0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U, + 0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U, + 0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U, + 0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU, + 0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U, + 0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U, + 0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U, + 0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U, + 0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU, + 0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU, + 0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U, + 0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU, + 0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U, + 0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U, +}; + +static const ulong32 T2[256] = { + 0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U, + 0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU, + 0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U, + 0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U, + 0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU, + 0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U, + 0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU, + 0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U, + 0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU, + 0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU, + 0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U, + 0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U, + 0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U, + 0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU, + 0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U, + 0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U, + 0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U, + 0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U, + 0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU, + 0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU, + 0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U, + 0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU, + 0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU, + 0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U, + 0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU, + 0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U, + 0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U, + 0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU, + 0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U, + 0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U, + 0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU, + 0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U, + 0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU, + 0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U, + 0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU, + 0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U, + 0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U, + 0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U, + 0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U, + 0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U, + 0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U, + 0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U, + 0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U, + 0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU, + 0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU, + 0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU, + 0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU, + 0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U, + 0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U, + 0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U, + 0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U, + 0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU, + 0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU, + 0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U, + 0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U, + 0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU, + 0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U, + 0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU, + 0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U, + 0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U, + 0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU, + 0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U, + 0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU, + 0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U, +}; + +static const ulong32 T3[256] = { + 0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U, + 0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU, + 0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU, + 0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU, + 0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U, + 0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U, + 0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U, + 0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU, + 0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU, + 0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU, + 0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U, + 0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U, + 0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U, + 0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU, + 0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU, + 0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU, + 0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU, + 0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU, + 0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U, + 0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU, + 0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U, + 0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U, + 0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U, + 0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U, + 0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U, + 0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU, + 0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU, + 0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U, + 0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U, + 0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U, + 0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U, + 0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU, + 0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U, + 0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU, + 0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U, + 0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U, + 0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU, + 0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U, + 0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U, + 0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU, + 0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U, + 0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U, + 0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU, + 0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU, + 0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U, + 0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU, + 0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U, + 0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU, + 0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U, + 0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U, + 0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U, + 0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U, + 0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U, + 0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU, + 0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU, + 0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U, + 0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U, + 0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U, + 0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U, + 0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U, + 0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU, + 0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U, + 0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU, + 0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U, +}; + +static const ulong32 T4[256] = { + 0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U, + 0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU, + 0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU, + 0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU, + 0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U, + 0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U, + 0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U, + 0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU, + 0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU, + 0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU, + 0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U, + 0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U, + 0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U, + 0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU, + 0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU, + 0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU, + 0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU, + 0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU, + 0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U, + 0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU, + 0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U, + 0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U, + 0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U, + 0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U, + 0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U, + 0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU, + 0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU, + 0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U, + 0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U, + 0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U, + 0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U, + 0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU, + 0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U, + 0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU, + 0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U, + 0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U, + 0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU, + 0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U, + 0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U, + 0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU, + 0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U, + 0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U, + 0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU, + 0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU, + 0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U, + 0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU, + 0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U, + 0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU, + 0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U, + 0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U, + 0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U, + 0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U, + 0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U, + 0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU, + 0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU, + 0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U, + 0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U, + 0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U, + 0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U, + 0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U, + 0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU, + 0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U, + 0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU, + 0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U, +}; + +static const ulong32 T5[256] = { + 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, + 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, + 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, + 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, + 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, + 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, + 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, + 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, + 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, + 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, + 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, + 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, + 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, + 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, + 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, + 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, + 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, + 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, + 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, + 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, + 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, + 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, + 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, + 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, + 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, + 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, + 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, + 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, + 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, + 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, + 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, + 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, + 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, + 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, + 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, + 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, + 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, + 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, + 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, + 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, + 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, + 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, + 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, + 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, + 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, + 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, + 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, + 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, + 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, + 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, + 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, + 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, + 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, + 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, + 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, + 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, + 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, + 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, + 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, + 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, + 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, + 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, + 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, + 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, +}; + +/** + * The round constants. + */ +static const ulong32 rc[] = { + 0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU, + 0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU, + 0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U, + 0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU, + 0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U, +}; + + + +#else + + +static const ulong32 T0[256] = { + 0xa753a6f5U, 0xd3bb6bd0U, 0xe6d1bf6eU, 0x71e2d93bU, + 0xd0bd67daU, 0xac458acfU, 0x4d9a29b3U, 0x79f2f90bU, + 0x3a74e89cU, 0xc98f038cU, 0x913f7e41U, 0xfce5d732U, + 0x1e3c7844U, 0x478e018fU, 0x54a84de5U, 0xbd67cea9U, + 0x8c050a0fU, 0xa557aef9U, 0x7af4f501U, 0xfbebcb20U, + 0x63c69157U, 0xb86ddab7U, 0xdda753f4U, 0xd4b577c2U, + 0xe5d7b364U, 0xb37bf68dU, 0xc59733a4U, 0xbe61c2a3U, + 0xa94f9ed1U, 0x880d1a17U, 0x0c183028U, 0xa259b2ebU, + 0x3972e496U, 0xdfa35bf8U, 0x2952a4f6U, 0xdaa94fe6U, + 0x2b56acfaU, 0xa84d9ad7U, 0xcb8b0b80U, 0x4c982db5U, + 0x4b9631a7U, 0x224488ccU, 0xaa4992dbU, 0x244890d8U, + 0x4182199bU, 0x70e0dd3dU, 0xa651a2f3U, 0xf9efc32cU, + 0x5ab475c1U, 0xe2d9af76U, 0xb07dfa87U, 0x366cd8b4U, + 0x7dfae913U, 0xe4d5b762U, 0x3366ccaaU, 0xffe3db38U, + 0x60c09d5dU, 0x204080c0U, 0x08102030U, 0x8b0b161dU, + 0x5ebc65d9U, 0xab4b96ddU, 0x7ffee11fU, 0x78f0fd0dU, + 0x7cf8ed15U, 0x2c58b0e8U, 0x57ae41efU, 0xd2b96fd6U, + 0xdca557f2U, 0x6ddaa973U, 0x7efce519U, 0x0d1a342eU, + 0x53a651f7U, 0x94356a5fU, 0xc39b2bb0U, 0x2850a0f0U, + 0x274e9cd2U, 0x060c1814U, 0x5fbe61dfU, 0xad478ec9U, + 0x67ce814fU, 0x5cb86dd5U, 0x55aa49e3U, 0x48903dadU, + 0x0e1c3824U, 0x52a455f1U, 0xeac98f46U, 0x42841591U, + 0x5bb671c7U, 0x5dba69d3U, 0x3060c0a0U, 0x58b07dcdU, + 0x51a259fbU, 0x59b279cbU, 0x3c78f088U, 0x4e9c25b9U, + 0x3870e090U, 0x8a09121bU, 0x72e4d531U, 0x14285078U, + 0xe7d3bb68U, 0xc6913faeU, 0xdea15ffeU, 0x50a05dfdU, + 0x8e010203U, 0x9239724bU, 0xd1bf63dcU, 0x77eec12fU, + 0x933b764dU, 0x458a0983U, 0x9a29527bU, 0xce811f9eU, + 0x2d5ab4eeU, 0x03060c0aU, 0x62c49551U, 0xb671e293U, + 0xb96fdeb1U, 0xbf63c6a5U, 0x96316253U, 0x6bd6b167U, + 0x3f7efc82U, 0x070e1c12U, 0x1224486cU, 0xae4182c3U, + 0x40801d9dU, 0x3468d0b8U, 0x468c0589U, 0x3e7cf884U, + 0xdbab4be0U, 0xcf831b98U, 0xecc59752U, 0xcc851792U, + 0xc19f23bcU, 0xa15fbee1U, 0xc09d27baU, 0xd6b17fceU, + 0x1d3a744eU, 0xf4f5f702U, 0x61c2995bU, 0x3b76ec9aU, + 0x10204060U, 0xd8ad47eaU, 0x68d0bd6dU, 0xa05dbae7U, + 0xb17ffe81U, 0x0a14283cU, 0x69d2b96bU, 0x6cd8ad75U, + 0x499239abU, 0xfae9cf26U, 0x76ecc529U, 0xc49537a2U, + 0x9e214263U, 0x9b2b567dU, 0x6edca579U, 0x992f5e71U, + 0xc2992fb6U, 0xb773e695U, 0x982d5a77U, 0xbc65caafU, + 0x8f030605U, 0x85172e39U, 0x1f3e7c42U, 0xb475ea9fU, + 0xf8edc72aU, 0x11224466U, 0x2e5cb8e4U, 0x00000000U, + 0x254a94deU, 0x1c387048U, 0x2a54a8fcU, 0x3d7af48eU, + 0x050a141eU, 0x4f9e21bfU, 0x7bf6f107U, 0xb279f28bU, + 0x3264c8acU, 0x903d7a47U, 0xaf4386c5U, 0x19326456U, + 0xa35bb6edU, 0xf7f3fb08U, 0x73e6d137U, 0x9d274e69U, + 0x152a547eU, 0x74e8cd25U, 0xeec19f5eU, 0xca890f86U, + 0x9f234665U, 0x0f1e3c22U, 0x1b366c5aU, 0x75eac923U, + 0x86112233U, 0x84152a3fU, 0x9c254a6fU, 0x4a9435a1U, + 0x97336655U, 0x1a34685cU, 0x65ca8943U, 0xf6f1ff0eU, + 0xedc79354U, 0x09122436U, 0xbb6bd6bdU, 0x264c98d4U, + 0x831b362dU, 0xebcb8b40U, 0x6fdea17fU, 0x811f3e21U, + 0x04081018U, 0x6ad4b561U, 0x43861197U, 0x01020406U, + 0x172e5c72U, 0xe1dfa37cU, 0x87132635U, 0xf5f7f304U, + 0x8d070e09U, 0xe3dbab70U, 0x23468ccaU, 0x801d3a27U, + 0x44880d85U, 0x162c5874U, 0x66cc8549U, 0x214284c6U, + 0xfee1df3eU, 0xd5b773c4U, 0x3162c4a6U, 0xd9af43ecU, + 0x356ad4beU, 0x18306050U, 0x0204080cU, 0x64c88d45U, + 0xf2f9ef16U, 0xf1ffe31cU, 0x56ac45e9U, 0xcd871394U, + 0x8219322bU, 0xc88d078aU, 0xba69d2bbU, 0xf0fde71aU, + 0xefc39b58U, 0xe9cf834cU, 0xe8cd874aU, 0xfde7d334U, + 0x890f1e11U, 0xd7b37bc8U, 0xc7933ba8U, 0xb577ee99U, + 0xa455aaffU, 0x2f5ebce2U, 0x95376e59U, 0x13264c6aU, + 0x0b162c3aU, 0xf3fbeb10U, 0xe0dda77aU, 0x376edcb2U, +}; + +static const ulong32 T1[256] = { + 0x53a7f5a6U, 0xbbd3d06bU, 0xd1e66ebfU, 0xe2713bd9U, + 0xbdd0da67U, 0x45accf8aU, 0x9a4db329U, 0xf2790bf9U, + 0x743a9ce8U, 0x8fc98c03U, 0x3f91417eU, 0xe5fc32d7U, + 0x3c1e4478U, 0x8e478f01U, 0xa854e54dU, 0x67bda9ceU, + 0x058c0f0aU, 0x57a5f9aeU, 0xf47a01f5U, 0xebfb20cbU, + 0xc6635791U, 0x6db8b7daU, 0xa7ddf453U, 0xb5d4c277U, + 0xd7e564b3U, 0x7bb38df6U, 0x97c5a433U, 0x61bea3c2U, + 0x4fa9d19eU, 0x0d88171aU, 0x180c2830U, 0x59a2ebb2U, + 0x723996e4U, 0xa3dff85bU, 0x5229f6a4U, 0xa9dae64fU, + 0x562bfaacU, 0x4da8d79aU, 0x8bcb800bU, 0x984cb52dU, + 0x964ba731U, 0x4422cc88U, 0x49aadb92U, 0x4824d890U, + 0x82419b19U, 0xe0703dddU, 0x51a6f3a2U, 0xeff92cc3U, + 0xb45ac175U, 0xd9e276afU, 0x7db087faU, 0x6c36b4d8U, + 0xfa7d13e9U, 0xd5e462b7U, 0x6633aaccU, 0xe3ff38dbU, + 0xc0605d9dU, 0x4020c080U, 0x10083020U, 0x0b8b1d16U, + 0xbc5ed965U, 0x4babdd96U, 0xfe7f1fe1U, 0xf0780dfdU, + 0xf87c15edU, 0x582ce8b0U, 0xae57ef41U, 0xb9d2d66fU, + 0xa5dcf257U, 0xda6d73a9U, 0xfc7e19e5U, 0x1a0d2e34U, + 0xa653f751U, 0x35945f6aU, 0x9bc3b02bU, 0x5028f0a0U, + 0x4e27d29cU, 0x0c061418U, 0xbe5fdf61U, 0x47adc98eU, + 0xce674f81U, 0xb85cd56dU, 0xaa55e349U, 0x9048ad3dU, + 0x1c0e2438U, 0xa452f155U, 0xc9ea468fU, 0x84429115U, + 0xb65bc771U, 0xba5dd369U, 0x6030a0c0U, 0xb058cd7dU, + 0xa251fb59U, 0xb259cb79U, 0x783c88f0U, 0x9c4eb925U, + 0x703890e0U, 0x098a1b12U, 0xe47231d5U, 0x28147850U, + 0xd3e768bbU, 0x91c6ae3fU, 0xa1defe5fU, 0xa050fd5dU, + 0x018e0302U, 0x39924b72U, 0xbfd1dc63U, 0xee772fc1U, + 0x3b934d76U, 0x8a458309U, 0x299a7b52U, 0x81ce9e1fU, + 0x5a2deeb4U, 0x06030a0cU, 0xc4625195U, 0x71b693e2U, + 0x6fb9b1deU, 0x63bfa5c6U, 0x31965362U, 0xd66b67b1U, + 0x7e3f82fcU, 0x0e07121cU, 0x24126c48U, 0x41aec382U, + 0x80409d1dU, 0x6834b8d0U, 0x8c468905U, 0x7c3e84f8U, + 0xabdbe04bU, 0x83cf981bU, 0xc5ec5297U, 0x85cc9217U, + 0x9fc1bc23U, 0x5fa1e1beU, 0x9dc0ba27U, 0xb1d6ce7fU, + 0x3a1d4e74U, 0xf5f402f7U, 0xc2615b99U, 0x763b9aecU, + 0x20106040U, 0xadd8ea47U, 0xd0686dbdU, 0x5da0e7baU, + 0x7fb181feU, 0x140a3c28U, 0xd2696bb9U, 0xd86c75adU, + 0x9249ab39U, 0xe9fa26cfU, 0xec7629c5U, 0x95c4a237U, + 0x219e6342U, 0x2b9b7d56U, 0xdc6e79a5U, 0x2f99715eU, + 0x99c2b62fU, 0x73b795e6U, 0x2d98775aU, 0x65bcafcaU, + 0x038f0506U, 0x1785392eU, 0x3e1f427cU, 0x75b49feaU, + 0xedf82ac7U, 0x22116644U, 0x5c2ee4b8U, 0x00000000U, + 0x4a25de94U, 0x381c4870U, 0x542afca8U, 0x7a3d8ef4U, + 0x0a051e14U, 0x9e4fbf21U, 0xf67b07f1U, 0x79b28bf2U, + 0x6432acc8U, 0x3d90477aU, 0x43afc586U, 0x32195664U, + 0x5ba3edb6U, 0xf3f708fbU, 0xe67337d1U, 0x279d694eU, + 0x2a157e54U, 0xe87425cdU, 0xc1ee5e9fU, 0x89ca860fU, + 0x239f6546U, 0x1e0f223cU, 0x361b5a6cU, 0xea7523c9U, + 0x11863322U, 0x15843f2aU, 0x259c6f4aU, 0x944aa135U, + 0x33975566U, 0x341a5c68U, 0xca654389U, 0xf1f60effU, + 0xc7ed5493U, 0x12093624U, 0x6bbbbdd6U, 0x4c26d498U, + 0x1b832d36U, 0xcbeb408bU, 0xde6f7fa1U, 0x1f81213eU, + 0x08041810U, 0xd46a61b5U, 0x86439711U, 0x02010604U, + 0x2e17725cU, 0xdfe17ca3U, 0x13873526U, 0xf7f504f3U, + 0x078d090eU, 0xdbe370abU, 0x4623ca8cU, 0x1d80273aU, + 0x8844850dU, 0x2c167458U, 0xcc664985U, 0x4221c684U, + 0xe1fe3edfU, 0xb7d5c473U, 0x6231a6c4U, 0xafd9ec43U, + 0x6a35bed4U, 0x30185060U, 0x04020c08U, 0xc864458dU, + 0xf9f216efU, 0xfff11ce3U, 0xac56e945U, 0x87cd9413U, + 0x19822b32U, 0x8dc88a07U, 0x69babbd2U, 0xfdf01ae7U, + 0xc3ef589bU, 0xcfe94c83U, 0xcde84a87U, 0xe7fd34d3U, + 0x0f89111eU, 0xb3d7c87bU, 0x93c7a83bU, 0x77b599eeU, + 0x55a4ffaaU, 0x5e2fe2bcU, 0x3795596eU, 0x26136a4cU, + 0x160b3a2cU, 0xfbf310ebU, 0xdde07aa7U, 0x6e37b2dcU, +}; + +static const ulong32 T2[256] = { + 0xa6f5a753U, 0x6bd0d3bbU, 0xbf6ee6d1U, 0xd93b71e2U, + 0x67dad0bdU, 0x8acfac45U, 0x29b34d9aU, 0xf90b79f2U, + 0xe89c3a74U, 0x038cc98fU, 0x7e41913fU, 0xd732fce5U, + 0x78441e3cU, 0x018f478eU, 0x4de554a8U, 0xcea9bd67U, + 0x0a0f8c05U, 0xaef9a557U, 0xf5017af4U, 0xcb20fbebU, + 0x915763c6U, 0xdab7b86dU, 0x53f4dda7U, 0x77c2d4b5U, + 0xb364e5d7U, 0xf68db37bU, 0x33a4c597U, 0xc2a3be61U, + 0x9ed1a94fU, 0x1a17880dU, 0x30280c18U, 0xb2eba259U, + 0xe4963972U, 0x5bf8dfa3U, 0xa4f62952U, 0x4fe6daa9U, + 0xacfa2b56U, 0x9ad7a84dU, 0x0b80cb8bU, 0x2db54c98U, + 0x31a74b96U, 0x88cc2244U, 0x92dbaa49U, 0x90d82448U, + 0x199b4182U, 0xdd3d70e0U, 0xa2f3a651U, 0xc32cf9efU, + 0x75c15ab4U, 0xaf76e2d9U, 0xfa87b07dU, 0xd8b4366cU, + 0xe9137dfaU, 0xb762e4d5U, 0xccaa3366U, 0xdb38ffe3U, + 0x9d5d60c0U, 0x80c02040U, 0x20300810U, 0x161d8b0bU, + 0x65d95ebcU, 0x96ddab4bU, 0xe11f7ffeU, 0xfd0d78f0U, + 0xed157cf8U, 0xb0e82c58U, 0x41ef57aeU, 0x6fd6d2b9U, + 0x57f2dca5U, 0xa9736ddaU, 0xe5197efcU, 0x342e0d1aU, + 0x51f753a6U, 0x6a5f9435U, 0x2bb0c39bU, 0xa0f02850U, + 0x9cd2274eU, 0x1814060cU, 0x61df5fbeU, 0x8ec9ad47U, + 0x814f67ceU, 0x6dd55cb8U, 0x49e355aaU, 0x3dad4890U, + 0x38240e1cU, 0x55f152a4U, 0x8f46eac9U, 0x15914284U, + 0x71c75bb6U, 0x69d35dbaU, 0xc0a03060U, 0x7dcd58b0U, + 0x59fb51a2U, 0x79cb59b2U, 0xf0883c78U, 0x25b94e9cU, + 0xe0903870U, 0x121b8a09U, 0xd53172e4U, 0x50781428U, + 0xbb68e7d3U, 0x3faec691U, 0x5ffedea1U, 0x5dfd50a0U, + 0x02038e01U, 0x724b9239U, 0x63dcd1bfU, 0xc12f77eeU, + 0x764d933bU, 0x0983458aU, 0x527b9a29U, 0x1f9ece81U, + 0xb4ee2d5aU, 0x0c0a0306U, 0x955162c4U, 0xe293b671U, + 0xdeb1b96fU, 0xc6a5bf63U, 0x62539631U, 0xb1676bd6U, + 0xfc823f7eU, 0x1c12070eU, 0x486c1224U, 0x82c3ae41U, + 0x1d9d4080U, 0xd0b83468U, 0x0589468cU, 0xf8843e7cU, + 0x4be0dbabU, 0x1b98cf83U, 0x9752ecc5U, 0x1792cc85U, + 0x23bcc19fU, 0xbee1a15fU, 0x27bac09dU, 0x7fced6b1U, + 0x744e1d3aU, 0xf702f4f5U, 0x995b61c2U, 0xec9a3b76U, + 0x40601020U, 0x47ead8adU, 0xbd6d68d0U, 0xbae7a05dU, + 0xfe81b17fU, 0x283c0a14U, 0xb96b69d2U, 0xad756cd8U, + 0x39ab4992U, 0xcf26fae9U, 0xc52976ecU, 0x37a2c495U, + 0x42639e21U, 0x567d9b2bU, 0xa5796edcU, 0x5e71992fU, + 0x2fb6c299U, 0xe695b773U, 0x5a77982dU, 0xcaafbc65U, + 0x06058f03U, 0x2e398517U, 0x7c421f3eU, 0xea9fb475U, + 0xc72af8edU, 0x44661122U, 0xb8e42e5cU, 0x00000000U, + 0x94de254aU, 0x70481c38U, 0xa8fc2a54U, 0xf48e3d7aU, + 0x141e050aU, 0x21bf4f9eU, 0xf1077bf6U, 0xf28bb279U, + 0xc8ac3264U, 0x7a47903dU, 0x86c5af43U, 0x64561932U, + 0xb6eda35bU, 0xfb08f7f3U, 0xd13773e6U, 0x4e699d27U, + 0x547e152aU, 0xcd2574e8U, 0x9f5eeec1U, 0x0f86ca89U, + 0x46659f23U, 0x3c220f1eU, 0x6c5a1b36U, 0xc92375eaU, + 0x22338611U, 0x2a3f8415U, 0x4a6f9c25U, 0x35a14a94U, + 0x66559733U, 0x685c1a34U, 0x894365caU, 0xff0ef6f1U, + 0x9354edc7U, 0x24360912U, 0xd6bdbb6bU, 0x98d4264cU, + 0x362d831bU, 0x8b40ebcbU, 0xa17f6fdeU, 0x3e21811fU, + 0x10180408U, 0xb5616ad4U, 0x11974386U, 0x04060102U, + 0x5c72172eU, 0xa37ce1dfU, 0x26358713U, 0xf304f5f7U, + 0x0e098d07U, 0xab70e3dbU, 0x8cca2346U, 0x3a27801dU, + 0x0d854488U, 0x5874162cU, 0x854966ccU, 0x84c62142U, + 0xdf3efee1U, 0x73c4d5b7U, 0xc4a63162U, 0x43ecd9afU, + 0xd4be356aU, 0x60501830U, 0x080c0204U, 0x8d4564c8U, + 0xef16f2f9U, 0xe31cf1ffU, 0x45e956acU, 0x1394cd87U, + 0x322b8219U, 0x078ac88dU, 0xd2bbba69U, 0xe71af0fdU, + 0x9b58efc3U, 0x834ce9cfU, 0x874ae8cdU, 0xd334fde7U, + 0x1e11890fU, 0x7bc8d7b3U, 0x3ba8c793U, 0xee99b577U, + 0xaaffa455U, 0xbce22f5eU, 0x6e599537U, 0x4c6a1326U, + 0x2c3a0b16U, 0xeb10f3fbU, 0xa77ae0ddU, 0xdcb2376eU, +}; + +static const ulong32 T3[256] = { + 0xf5a653a7U, 0xd06bbbd3U, 0x6ebfd1e6U, 0x3bd9e271U, + 0xda67bdd0U, 0xcf8a45acU, 0xb3299a4dU, 0x0bf9f279U, + 0x9ce8743aU, 0x8c038fc9U, 0x417e3f91U, 0x32d7e5fcU, + 0x44783c1eU, 0x8f018e47U, 0xe54da854U, 0xa9ce67bdU, + 0x0f0a058cU, 0xf9ae57a5U, 0x01f5f47aU, 0x20cbebfbU, + 0x5791c663U, 0xb7da6db8U, 0xf453a7ddU, 0xc277b5d4U, + 0x64b3d7e5U, 0x8df67bb3U, 0xa43397c5U, 0xa3c261beU, + 0xd19e4fa9U, 0x171a0d88U, 0x2830180cU, 0xebb259a2U, + 0x96e47239U, 0xf85ba3dfU, 0xf6a45229U, 0xe64fa9daU, + 0xfaac562bU, 0xd79a4da8U, 0x800b8bcbU, 0xb52d984cU, + 0xa731964bU, 0xcc884422U, 0xdb9249aaU, 0xd8904824U, + 0x9b198241U, 0x3ddde070U, 0xf3a251a6U, 0x2cc3eff9U, + 0xc175b45aU, 0x76afd9e2U, 0x87fa7db0U, 0xb4d86c36U, + 0x13e9fa7dU, 0x62b7d5e4U, 0xaacc6633U, 0x38dbe3ffU, + 0x5d9dc060U, 0xc0804020U, 0x30201008U, 0x1d160b8bU, + 0xd965bc5eU, 0xdd964babU, 0x1fe1fe7fU, 0x0dfdf078U, + 0x15edf87cU, 0xe8b0582cU, 0xef41ae57U, 0xd66fb9d2U, + 0xf257a5dcU, 0x73a9da6dU, 0x19e5fc7eU, 0x2e341a0dU, + 0xf751a653U, 0x5f6a3594U, 0xb02b9bc3U, 0xf0a05028U, + 0xd29c4e27U, 0x14180c06U, 0xdf61be5fU, 0xc98e47adU, + 0x4f81ce67U, 0xd56db85cU, 0xe349aa55U, 0xad3d9048U, + 0x24381c0eU, 0xf155a452U, 0x468fc9eaU, 0x91158442U, + 0xc771b65bU, 0xd369ba5dU, 0xa0c06030U, 0xcd7db058U, + 0xfb59a251U, 0xcb79b259U, 0x88f0783cU, 0xb9259c4eU, + 0x90e07038U, 0x1b12098aU, 0x31d5e472U, 0x78502814U, + 0x68bbd3e7U, 0xae3f91c6U, 0xfe5fa1deU, 0xfd5da050U, + 0x0302018eU, 0x4b723992U, 0xdc63bfd1U, 0x2fc1ee77U, + 0x4d763b93U, 0x83098a45U, 0x7b52299aU, 0x9e1f81ceU, + 0xeeb45a2dU, 0x0a0c0603U, 0x5195c462U, 0x93e271b6U, + 0xb1de6fb9U, 0xa5c663bfU, 0x53623196U, 0x67b1d66bU, + 0x82fc7e3fU, 0x121c0e07U, 0x6c482412U, 0xc38241aeU, + 0x9d1d8040U, 0xb8d06834U, 0x89058c46U, 0x84f87c3eU, + 0xe04babdbU, 0x981b83cfU, 0x5297c5ecU, 0x921785ccU, + 0xbc239fc1U, 0xe1be5fa1U, 0xba279dc0U, 0xce7fb1d6U, + 0x4e743a1dU, 0x02f7f5f4U, 0x5b99c261U, 0x9aec763bU, + 0x60402010U, 0xea47add8U, 0x6dbdd068U, 0xe7ba5da0U, + 0x81fe7fb1U, 0x3c28140aU, 0x6bb9d269U, 0x75add86cU, + 0xab399249U, 0x26cfe9faU, 0x29c5ec76U, 0xa23795c4U, + 0x6342219eU, 0x7d562b9bU, 0x79a5dc6eU, 0x715e2f99U, + 0xb62f99c2U, 0x95e673b7U, 0x775a2d98U, 0xafca65bcU, + 0x0506038fU, 0x392e1785U, 0x427c3e1fU, 0x9fea75b4U, + 0x2ac7edf8U, 0x66442211U, 0xe4b85c2eU, 0x00000000U, + 0xde944a25U, 0x4870381cU, 0xfca8542aU, 0x8ef47a3dU, + 0x1e140a05U, 0xbf219e4fU, 0x07f1f67bU, 0x8bf279b2U, + 0xacc86432U, 0x477a3d90U, 0xc58643afU, 0x56643219U, + 0xedb65ba3U, 0x08fbf3f7U, 0x37d1e673U, 0x694e279dU, + 0x7e542a15U, 0x25cde874U, 0x5e9fc1eeU, 0x860f89caU, + 0x6546239fU, 0x223c1e0fU, 0x5a6c361bU, 0x23c9ea75U, + 0x33221186U, 0x3f2a1584U, 0x6f4a259cU, 0xa135944aU, + 0x55663397U, 0x5c68341aU, 0x4389ca65U, 0x0efff1f6U, + 0x5493c7edU, 0x36241209U, 0xbdd66bbbU, 0xd4984c26U, + 0x2d361b83U, 0x408bcbebU, 0x7fa1de6fU, 0x213e1f81U, + 0x18100804U, 0x61b5d46aU, 0x97118643U, 0x06040201U, + 0x725c2e17U, 0x7ca3dfe1U, 0x35261387U, 0x04f3f7f5U, + 0x090e078dU, 0x70abdbe3U, 0xca8c4623U, 0x273a1d80U, + 0x850d8844U, 0x74582c16U, 0x4985cc66U, 0xc6844221U, + 0x3edfe1feU, 0xc473b7d5U, 0xa6c46231U, 0xec43afd9U, + 0xbed46a35U, 0x50603018U, 0x0c080402U, 0x458dc864U, + 0x16eff9f2U, 0x1ce3fff1U, 0xe945ac56U, 0x941387cdU, + 0x2b321982U, 0x8a078dc8U, 0xbbd269baU, 0x1ae7fdf0U, + 0x589bc3efU, 0x4c83cfe9U, 0x4a87cde8U, 0x34d3e7fdU, + 0x111e0f89U, 0xc87bb3d7U, 0xa83b93c7U, 0x99ee77b5U, + 0xffaa55a4U, 0xe2bc5e2fU, 0x596e3795U, 0x6a4c2613U, + 0x3a2c160bU, 0x10ebfbf3U, 0x7aa7dde0U, 0xb2dc6e37U, +}; + +static const ulong32 T4[256] = { + 0xa7a7a7a7U, 0xd3d3d3d3U, 0xe6e6e6e6U, 0x71717171U, + 0xd0d0d0d0U, 0xacacacacU, 0x4d4d4d4dU, 0x79797979U, + 0x3a3a3a3aU, 0xc9c9c9c9U, 0x91919191U, 0xfcfcfcfcU, + 0x1e1e1e1eU, 0x47474747U, 0x54545454U, 0xbdbdbdbdU, + 0x8c8c8c8cU, 0xa5a5a5a5U, 0x7a7a7a7aU, 0xfbfbfbfbU, + 0x63636363U, 0xb8b8b8b8U, 0xddddddddU, 0xd4d4d4d4U, + 0xe5e5e5e5U, 0xb3b3b3b3U, 0xc5c5c5c5U, 0xbebebebeU, + 0xa9a9a9a9U, 0x88888888U, 0x0c0c0c0cU, 0xa2a2a2a2U, + 0x39393939U, 0xdfdfdfdfU, 0x29292929U, 0xdadadadaU, + 0x2b2b2b2bU, 0xa8a8a8a8U, 0xcbcbcbcbU, 0x4c4c4c4cU, + 0x4b4b4b4bU, 0x22222222U, 0xaaaaaaaaU, 0x24242424U, + 0x41414141U, 0x70707070U, 0xa6a6a6a6U, 0xf9f9f9f9U, + 0x5a5a5a5aU, 0xe2e2e2e2U, 0xb0b0b0b0U, 0x36363636U, + 0x7d7d7d7dU, 0xe4e4e4e4U, 0x33333333U, 0xffffffffU, + 0x60606060U, 0x20202020U, 0x08080808U, 0x8b8b8b8bU, + 0x5e5e5e5eU, 0xababababU, 0x7f7f7f7fU, 0x78787878U, + 0x7c7c7c7cU, 0x2c2c2c2cU, 0x57575757U, 0xd2d2d2d2U, + 0xdcdcdcdcU, 0x6d6d6d6dU, 0x7e7e7e7eU, 0x0d0d0d0dU, + 0x53535353U, 0x94949494U, 0xc3c3c3c3U, 0x28282828U, + 0x27272727U, 0x06060606U, 0x5f5f5f5fU, 0xadadadadU, + 0x67676767U, 0x5c5c5c5cU, 0x55555555U, 0x48484848U, + 0x0e0e0e0eU, 0x52525252U, 0xeaeaeaeaU, 0x42424242U, + 0x5b5b5b5bU, 0x5d5d5d5dU, 0x30303030U, 0x58585858U, + 0x51515151U, 0x59595959U, 0x3c3c3c3cU, 0x4e4e4e4eU, + 0x38383838U, 0x8a8a8a8aU, 0x72727272U, 0x14141414U, + 0xe7e7e7e7U, 0xc6c6c6c6U, 0xdedededeU, 0x50505050U, + 0x8e8e8e8eU, 0x92929292U, 0xd1d1d1d1U, 0x77777777U, + 0x93939393U, 0x45454545U, 0x9a9a9a9aU, 0xcecececeU, + 0x2d2d2d2dU, 0x03030303U, 0x62626262U, 0xb6b6b6b6U, + 0xb9b9b9b9U, 0xbfbfbfbfU, 0x96969696U, 0x6b6b6b6bU, + 0x3f3f3f3fU, 0x07070707U, 0x12121212U, 0xaeaeaeaeU, + 0x40404040U, 0x34343434U, 0x46464646U, 0x3e3e3e3eU, + 0xdbdbdbdbU, 0xcfcfcfcfU, 0xececececU, 0xccccccccU, + 0xc1c1c1c1U, 0xa1a1a1a1U, 0xc0c0c0c0U, 0xd6d6d6d6U, + 0x1d1d1d1dU, 0xf4f4f4f4U, 0x61616161U, 0x3b3b3b3bU, + 0x10101010U, 0xd8d8d8d8U, 0x68686868U, 0xa0a0a0a0U, + 0xb1b1b1b1U, 0x0a0a0a0aU, 0x69696969U, 0x6c6c6c6cU, + 0x49494949U, 0xfafafafaU, 0x76767676U, 0xc4c4c4c4U, + 0x9e9e9e9eU, 0x9b9b9b9bU, 0x6e6e6e6eU, 0x99999999U, + 0xc2c2c2c2U, 0xb7b7b7b7U, 0x98989898U, 0xbcbcbcbcU, + 0x8f8f8f8fU, 0x85858585U, 0x1f1f1f1fU, 0xb4b4b4b4U, + 0xf8f8f8f8U, 0x11111111U, 0x2e2e2e2eU, 0x00000000U, + 0x25252525U, 0x1c1c1c1cU, 0x2a2a2a2aU, 0x3d3d3d3dU, + 0x05050505U, 0x4f4f4f4fU, 0x7b7b7b7bU, 0xb2b2b2b2U, + 0x32323232U, 0x90909090U, 0xafafafafU, 0x19191919U, + 0xa3a3a3a3U, 0xf7f7f7f7U, 0x73737373U, 0x9d9d9d9dU, + 0x15151515U, 0x74747474U, 0xeeeeeeeeU, 0xcacacacaU, + 0x9f9f9f9fU, 0x0f0f0f0fU, 0x1b1b1b1bU, 0x75757575U, + 0x86868686U, 0x84848484U, 0x9c9c9c9cU, 0x4a4a4a4aU, + 0x97979797U, 0x1a1a1a1aU, 0x65656565U, 0xf6f6f6f6U, + 0xededededU, 0x09090909U, 0xbbbbbbbbU, 0x26262626U, + 0x83838383U, 0xebebebebU, 0x6f6f6f6fU, 0x81818181U, + 0x04040404U, 0x6a6a6a6aU, 0x43434343U, 0x01010101U, + 0x17171717U, 0xe1e1e1e1U, 0x87878787U, 0xf5f5f5f5U, + 0x8d8d8d8dU, 0xe3e3e3e3U, 0x23232323U, 0x80808080U, + 0x44444444U, 0x16161616U, 0x66666666U, 0x21212121U, + 0xfefefefeU, 0xd5d5d5d5U, 0x31313131U, 0xd9d9d9d9U, + 0x35353535U, 0x18181818U, 0x02020202U, 0x64646464U, + 0xf2f2f2f2U, 0xf1f1f1f1U, 0x56565656U, 0xcdcdcdcdU, + 0x82828282U, 0xc8c8c8c8U, 0xbabababaU, 0xf0f0f0f0U, + 0xefefefefU, 0xe9e9e9e9U, 0xe8e8e8e8U, 0xfdfdfdfdU, + 0x89898989U, 0xd7d7d7d7U, 0xc7c7c7c7U, 0xb5b5b5b5U, + 0xa4a4a4a4U, 0x2f2f2f2fU, 0x95959595U, 0x13131313U, + 0x0b0b0b0bU, 0xf3f3f3f3U, 0xe0e0e0e0U, 0x37373737U, +}; + +static const ulong32 T5[256] = { + 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, + 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, + 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, + 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, + 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, + 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, + 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, + 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, + 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, + 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, + 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, + 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, + 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, + 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, + 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, + 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, + 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, + 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, + 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, + 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, + 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, + 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, + 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, + 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, + 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, + 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, + 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, + 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, + 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, + 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, + 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, + 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, + 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, + 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, + 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, + 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, + 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, + 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, + 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, + 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, + 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, + 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, + 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, + 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, + 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, + 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, + 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, + 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, + 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, + 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, + 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, + 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, + 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, + 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, + 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, + 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, + 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, + 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, + 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, + 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, + 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, + 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, + 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, + 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, +}; + +/** + * The round constants. + */ +static const ulong32 rc[] = { + 0xa7d3e671U, 0xd0ac4d79U, 0x3ac991fcU, 0x1e4754bdU, + 0x8ca57afbU, 0x63b8ddd4U, 0xe5b3c5beU, 0xa9880ca2U, + 0x39df29daU, 0x2ba8cb4cU, 0x4b22aa24U, 0x4170a6f9U, + 0x5ae2b036U, 0x7de433ffU, 0x6020088bU, 0x5eab7f78U, + 0x7c2c57d2U, 0xdc6d7e0dU, 0x5394c328U, +}; + +#endif + + /** + Initialize the Anubis block cipher + @param key The symmetric key you wish to pass + @param keylen The key length in bytes + @param num_rounds The number of rounds desired (0 for default) + @param skey The key in as scheduled by this function. + @return CRYPT_OK if successful + */ +#ifdef LTC_CLEAN_STACK +static int _anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) +#else +int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) +#endif +{ + int N, R, i, pos, r; + ulong32 kappa[MAX_N]; + ulong32 inter[MAX_N]; + ulong32 v, K0, K1, K2, K3; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(skey != NULL); + + /* Valid sizes (in bytes) are 16, 20, 24, 28, 32, 36, and 40. */ + if ((keylen & 3) || (keylen < 16) || (keylen > 40)) { + return CRYPT_INVALID_KEYSIZE; + } + skey->anubis.keyBits = keylen*8; + + /* + * determine the N length parameter: + * (N.B. it is assumed that the key length is valid!) + */ + N = skey->anubis.keyBits >> 5; + + /* + * determine number of rounds from key size: + */ + skey->anubis.R = R = 8 + N; + + if (num_rounds != 0 && num_rounds != skey->anubis.R) { + return CRYPT_INVALID_ROUNDS; + } + + /* + * map cipher key to initial key state (mu): + */ + for (i = 0, pos = 0; i < N; i++, pos += 4) { + kappa[i] = + (key[pos ] << 24) ^ + (key[pos + 1] << 16) ^ + (key[pos + 2] << 8) ^ + (key[pos + 3] ); + } + + /* + * generate R + 1 round keys: + */ + for (r = 0; r <= R; r++) { + /* + * generate r-th round key K^r: + */ + K0 = T4[(kappa[N - 1] >> 24) ]; + K1 = T4[(kappa[N - 1] >> 16) & 0xff]; + K2 = T4[(kappa[N - 1] >> 8) & 0xff]; + K3 = T4[(kappa[N - 1] ) & 0xff]; + for (i = N - 2; i >= 0; i--) { + K0 = T4[(kappa[i] >> 24) ] ^ + (T5[(K0 >> 24) ] & 0xff000000U) ^ + (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^ + (T5[(K0 >> 8) & 0xff] & 0x0000ff00U) ^ + (T5[(K0 ) & 0xff] & 0x000000ffU); + K1 = T4[(kappa[i] >> 16) & 0xff] ^ + (T5[(K1 >> 24) ] & 0xff000000U) ^ + (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^ + (T5[(K1 >> 8) & 0xff] & 0x0000ff00U) ^ + (T5[(K1 ) & 0xff] & 0x000000ffU); + K2 = T4[(kappa[i] >> 8) & 0xff] ^ + (T5[(K2 >> 24) ] & 0xff000000U) ^ + (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^ + (T5[(K2 >> 8) & 0xff] & 0x0000ff00U) ^ + (T5[(K2 ) & 0xff] & 0x000000ffU); + K3 = T4[(kappa[i] ) & 0xff] ^ + (T5[(K3 >> 24) ] & 0xff000000U) ^ + (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^ + (T5[(K3 >> 8) & 0xff] & 0x0000ff00U) ^ + (T5[(K3 ) & 0xff] & 0x000000ffU); + } + /* + -- this is the code to use with the large U tables: + K0 = K1 = K2 = K3 = 0; + for (i = 0; i < N; i++) { + K0 ^= U[i][(kappa[i] >> 24) ]; + K1 ^= U[i][(kappa[i] >> 16) & 0xff]; + K2 ^= U[i][(kappa[i] >> 8) & 0xff]; + K3 ^= U[i][(kappa[i] ) & 0xff]; + } + */ + skey->anubis.roundKeyEnc[r][0] = K0; + skey->anubis.roundKeyEnc[r][1] = K1; + skey->anubis.roundKeyEnc[r][2] = K2; + skey->anubis.roundKeyEnc[r][3] = K3; + + /* + * compute kappa^{r+1} from kappa^r: + */ + if (r == R) { + break; + } + for (i = 0; i < N; i++) { + int j = i; + inter[i] = T0[(kappa[j--] >> 24) ]; if (j < 0) j = N - 1; + inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; if (j < 0) j = N - 1; + inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; if (j < 0) j = N - 1; + inter[i] ^= T3[(kappa[j ] ) & 0xff]; + } + kappa[0] = inter[0] ^ rc[r]; + for (i = 1; i < N; i++) { + kappa[i] = inter[i]; + } + } + + /* + * generate inverse key schedule: K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}): + */ + for (i = 0; i < 4; i++) { + skey->anubis.roundKeyDec[0][i] = skey->anubis.roundKeyEnc[R][i]; + skey->anubis.roundKeyDec[R][i] = skey->anubis.roundKeyEnc[0][i]; + } + for (r = 1; r < R; r++) { + for (i = 0; i < 4; i++) { + v = skey->anubis.roundKeyEnc[R - r][i]; + skey->anubis.roundKeyDec[r][i] = + T0[T4[(v >> 24) ] & 0xff] ^ + T1[T4[(v >> 16) & 0xff] & 0xff] ^ + T2[T4[(v >> 8) & 0xff] & 0xff] ^ + T3[T4[(v ) & 0xff] & 0xff]; + } + } + + return CRYPT_OK; +} + +#ifdef LTC_CLEAN_STACK +int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) +{ + int err; + err = _anubis_setup(key, keylen, num_rounds, skey); + burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5)); + return err; +} +#endif + + +static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext, + ulong32 roundKey[18 + 1][4], int R) { + int i, pos, r; + ulong32 state[4]; + ulong32 inter[4]; + + /* + * map plaintext block to cipher state (mu) + * and add initial round key (sigma[K^0]): + */ + for (i = 0, pos = 0; i < 4; i++, pos += 4) { + state[i] = + (plaintext[pos ] << 24) ^ + (plaintext[pos + 1] << 16) ^ + (plaintext[pos + 2] << 8) ^ + (plaintext[pos + 3] ) ^ + roundKey[0][i]; + } + + /* + * R - 1 full rounds: + */ + for (r = 1; r < R; r++) { + inter[0] = + T0[(state[0] >> 24) ] ^ + T1[(state[1] >> 24) ] ^ + T2[(state[2] >> 24) ] ^ + T3[(state[3] >> 24) ] ^ + roundKey[r][0]; + inter[1] = + T0[(state[0] >> 16) & 0xff] ^ + T1[(state[1] >> 16) & 0xff] ^ + T2[(state[2] >> 16) & 0xff] ^ + T3[(state[3] >> 16) & 0xff] ^ + roundKey[r][1]; + inter[2] = + T0[(state[0] >> 8) & 0xff] ^ + T1[(state[1] >> 8) & 0xff] ^ + T2[(state[2] >> 8) & 0xff] ^ + T3[(state[3] >> 8) & 0xff] ^ + roundKey[r][2]; + inter[3] = + T0[(state[0] ) & 0xff] ^ + T1[(state[1] ) & 0xff] ^ + T2[(state[2] ) & 0xff] ^ + T3[(state[3] ) & 0xff] ^ + roundKey[r][3]; + state[0] = inter[0]; + state[1] = inter[1]; + state[2] = inter[2]; + state[3] = inter[3]; + } + + /* + * last round: + */ + inter[0] = + (T0[(state[0] >> 24) ] & 0xff000000U) ^ + (T1[(state[1] >> 24) ] & 0x00ff0000U) ^ + (T2[(state[2] >> 24) ] & 0x0000ff00U) ^ + (T3[(state[3] >> 24) ] & 0x000000ffU) ^ + roundKey[R][0]; + inter[1] = + (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^ + (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^ + (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^ + (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^ + roundKey[R][1]; + inter[2] = + (T0[(state[0] >> 8) & 0xff] & 0xff000000U) ^ + (T1[(state[1] >> 8) & 0xff] & 0x00ff0000U) ^ + (T2[(state[2] >> 8) & 0xff] & 0x0000ff00U) ^ + (T3[(state[3] >> 8) & 0xff] & 0x000000ffU) ^ + roundKey[R][2]; + inter[3] = + (T0[(state[0] ) & 0xff] & 0xff000000U) ^ + (T1[(state[1] ) & 0xff] & 0x00ff0000U) ^ + (T2[(state[2] ) & 0xff] & 0x0000ff00U) ^ + (T3[(state[3] ) & 0xff] & 0x000000ffU) ^ + roundKey[R][3]; + + /* + * map cipher state to ciphertext block (mu^{-1}): + */ + for (i = 0, pos = 0; i < 4; i++, pos += 4) { + ulong32 w = inter[i]; + ciphertext[pos ] = (unsigned char)(w >> 24); + ciphertext[pos + 1] = (unsigned char)(w >> 16); + ciphertext[pos + 2] = (unsigned char)(w >> 8); + ciphertext[pos + 3] = (unsigned char)(w ); + } +} + +/** + Encrypts a block of text with Anubis + @param pt The input plaintext (16 bytes) + @param ct The output ciphertext (16 bytes) + @param skey The key as scheduled + @return CRYPT_OK if successful +*/ +int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +{ + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(skey != NULL); + anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); + return CRYPT_OK; +} + +/** + Decrypts a block of text with Anubis + @param ct The input ciphertext (16 bytes) + @param pt The output plaintext (16 bytes) + @param skey The key as scheduled + @return CRYPT_OK if successful +*/ +int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +{ + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(skey != NULL); + anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); + return CRYPT_OK; +} + +/** + Performs a self-test of the Anubis block cipher + @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled +*/ +int anubis_test(void) +{ +#if !defined(LTC_TEST) + return CRYPT_NOP; +#else + static const struct test { + int keylen; + unsigned char pt[16], ct[16], key[40]; + } tests[] = { +#ifndef ANUBIS_TWEAK + /**** ORIGINAL ANUBIS ****/ + /* 128 bit keys */ +{ + 16, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xF0, 0x68, 0x60, 0xFC, 0x67, 0x30, 0xE8, 0x18, + 0xF1, 0x32, 0xC7, 0x8A, 0xF4, 0x13, 0x2A, 0xFE }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 16, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xA8, 0x66, 0x84, 0x80, 0x07, 0x74, 0x5C, 0x89, + 0xFC, 0x5E, 0xB5, 0xBA, 0xD4, 0xFE, 0x32, 0x6D }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 160-bit keys */ +{ + 20, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xBD, 0x5E, 0x32, 0xBE, 0x51, 0x67, 0xA8, 0xE2, + 0x72, 0xD7, 0x95, 0x0F, 0x83, 0xC6, 0x8C, 0x31 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 20, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x4C, 0x1F, 0x86, 0x2E, 0x11, 0xEB, 0xCE, 0xEB, + 0xFE, 0xB9, 0x73, 0xC9, 0xDF, 0xEF, 0x7A, 0xDB }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 192-bit keys */ +{ + 24, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x17, 0xAC, 0x57, 0x44, 0x9D, 0x59, 0x61, 0x66, + 0xD0, 0xC7, 0x9E, 0x04, 0x7C, 0xC7, 0x58, 0xF0 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 24, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x71, 0x52, 0xB4, 0xEB, 0x1D, 0xAA, 0x36, 0xFD, + 0x57, 0x14, 0x5F, 0x57, 0x04, 0x9F, 0x70, 0x74 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 224-bit keys */ +{ + 28, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xA2, 0xF0, 0xA6, 0xB9, 0x17, 0x93, 0x2A, 0x3B, + 0xEF, 0x08, 0xE8, 0x7A, 0x58, 0xD6, 0xF8, 0x53 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 28, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xF0, 0xCA, 0xFC, 0x78, 0x8B, 0x4B, 0x4E, 0x53, + 0x8B, 0xC4, 0x32, 0x6A, 0xF5, 0xB9, 0x1B, 0x5F }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 256-bit keys */ +{ + 32, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xE0, 0x86, 0xAC, 0x45, 0x6B, 0x3C, 0xE5, 0x13, + 0xED, 0xF5, 0xDF, 0xDD, 0xD6, 0x3B, 0x71, 0x93 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 32, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x50, 0x01, 0xB9, 0xF5, 0x21, 0xC1, 0xC1, 0x29, + 0x00, 0xD5, 0xEC, 0x98, 0x2B, 0x9E, 0xE8, 0x21 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 288-bit keys */ +{ + 36, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xE8, 0xF4, 0xAF, 0x2B, 0x21, 0xA0, 0x87, 0x9B, + 0x41, 0x95, 0xB9, 0x71, 0x75, 0x79, 0x04, 0x7C }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 36, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xE6, 0xA6, 0xA5, 0xBC, 0x8B, 0x63, 0x6F, 0xE2, + 0xBD, 0xA7, 0xA7, 0x53, 0xAB, 0x40, 0x22, 0xE0 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 320-bit keys */ +{ + 40, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x17, 0x04, 0xD7, 0x2C, 0xC6, 0x85, 0x76, 0x02, + 0x4B, 0xCC, 0x39, 0x80, 0xD8, 0x22, 0xEA, 0xA4 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 40, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x7A, 0x41, 0xE6, 0x7D, 0x4F, 0xD8, 0x64, 0xF0, + 0x44, 0xA8, 0x3C, 0x73, 0x81, 0x7E, 0x53, 0xD8 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +} +#else + /**** Tweaked ANUBIS ****/ + /* 128 bit keys */ +{ + 16, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xB8, 0x35, 0xBD, 0xC3, 0x34, 0x82, 0x9D, 0x83, + 0x71, 0xBF, 0xA3, 0x71, 0xE4, 0xB3, 0xC4, 0xFD }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 16, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xE6, 0x14, 0x1E, 0xAF, 0xEB, 0xE0, 0x59, 0x3C, + 0x48, 0xE1, 0xCD, 0xF2, 0x1B, 0xBA, 0xA1, 0x89 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 160-bit keys */ +{ + 20, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x97, 0x59, 0x79, 0x4B, 0x5C, 0xA0, 0x70, 0x73, + 0x24, 0xEF, 0xB3, 0x58, 0x67, 0xCA, 0xD4, 0xB3 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 20, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xB8, 0x0D, 0xFB, 0x9B, 0xE4, 0xA1, 0x58, 0x87, + 0xB3, 0x76, 0xD5, 0x02, 0x18, 0x95, 0xC1, 0x2E }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 192-bit keys */ +{ + 24, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x7D, 0x62, 0x3B, 0x52, 0xC7, 0x4C, 0x64, 0xD8, + 0xEB, 0xC7, 0x2D, 0x57, 0x97, 0x85, 0x43, 0x8F }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 24, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xB1, 0x0A, 0x59, 0xDD, 0x5D, 0x5D, 0x8D, 0x67, + 0xEC, 0xEE, 0x4A, 0xC4, 0xBE, 0x4F, 0xA8, 0x4F }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 224-bit keys */ +{ + 28, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x68, 0x9E, 0x05, 0x94, 0x6A, 0x94, 0x43, 0x8F, + 0xE7, 0x8E, 0x37, 0x3D, 0x24, 0x97, 0x92, 0xF5 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 28, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xDD, 0xB7, 0xB0, 0xB4, 0xE9, 0xB4, 0x9B, 0x9C, + 0x38, 0x20, 0x25, 0x0B, 0x47, 0xC2, 0x1F, 0x89 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 256-bit keys */ +{ + 32, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x96, 0x00, 0xF0, 0x76, 0x91, 0x69, 0x29, 0x87, + 0xF5, 0xE5, 0x97, 0xDB, 0xDB, 0xAF, 0x1B, 0x0A }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 32, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x69, 0x9C, 0xAF, 0xDD, 0x94, 0xC7, 0xBC, 0x60, + 0x44, 0xFE, 0x02, 0x05, 0x8A, 0x6E, 0xEF, 0xBD }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +}, + + /* 288-bit keys */ +{ + 36, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x0F, 0xC7, 0xA2, 0xC0, 0x11, 0x17, 0xAC, 0x43, + 0x52, 0x5E, 0xDF, 0x6C, 0xF3, 0x96, 0x33, 0x6C }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}, { + 36, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xAD, 0x08, 0x4F, 0xED, 0x55, 0xA6, 0x94, 0x3E, + 0x7E, 0x5E, 0xED, 0x05, 0xA1, 0x9D, 0x41, 0xB4 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 } +}, + + /* 320-bit keys */ +{ + 40, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xFE, 0xE2, 0x0E, 0x2A, 0x9D, 0xC5, 0x83, 0xBA, + 0xA3, 0xA6, 0xD6, 0xA6, 0xF2, 0xE8, 0x06, 0xA5 }, + { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}, { + 40, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x86, 0x3D, 0xCC, 0x4A, 0x60, 0x34, 0x9C, 0x28, + 0xA7, 0xDA, 0xA4, 0x3B, 0x0A, 0xD7, 0xFD, 0xC7 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } +} +#endif +}; + int x, y; + unsigned char buf[2][16]; + symmetric_key skey; + + for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + anubis_setup(tests[x].key, tests[x].keylen, 0, &skey); + anubis_ecb_encrypt(tests[x].pt, buf[0], &skey); + anubis_ecb_decrypt(buf[0], buf[1], &skey); + if (memcmp(buf[0], tests[x].ct, 16) || memcmp(buf[1], tests[x].pt, 16)) { + return CRYPT_FAIL_TESTVECTOR; + } + + for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey); + for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey); + if (memcmp(buf[0], tests[x].ct, 16)) { + return CRYPT_FAIL_TESTVECTOR; + } + + } + return CRYPT_OK; +#endif +} + +/** Terminate the context + @param skey The scheduled key +*/ +void anubis_done(symmetric_key *skey) +{ +} + +/** + Gets suitable key size + @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. + @return CRYPT_OK if the input key size is acceptable. +*/ +int anubis_keysize(int *keysize) +{ + LTC_ARGCHK(keysize != NULL); + if (*keysize >= 40) { + *keysize = 40; + } else if (*keysize >= 36) { + *keysize = 36; + } else if (*keysize >= 32) { + *keysize = 32; + } else if (*keysize >= 28) { + *keysize = 28; + } else if (*keysize >= 24) { + *keysize = 24; + } else if (*keysize >= 20) { + *keysize = 20; + } else if (*keysize >= 16) { + *keysize = 16; + } else { + return CRYPT_INVALID_KEYSIZE; + } + return CRYPT_OK; +} + +#endif + + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/hashes/helper/hash_filehandle.c b/src/hashes/helper/hash_filehandle.c index 0582449..1c9b68b 100644 --- a/src/hashes/helper/hash_filehandle.c +++ b/src/hashes/helper/hash_filehandle.c @@ -42,6 +42,7 @@ int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outle } if (*outlen < hash_descriptor[hash].hashsize) { + *outlen = hash_descriptor[hash].hashsize; return CRYPT_BUFFER_OVERFLOW; } if ((err = hash_descriptor[hash].init(&md)) != CRYPT_OK) { diff --git a/src/hashes/helper/hash_memory.c b/src/hashes/helper/hash_memory.c index 96875b1..17579d0 100644 --- a/src/hashes/helper/hash_memory.c +++ b/src/hashes/helper/hash_memory.c @@ -38,6 +38,7 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned } if (*outlen < hash_descriptor[hash].hashsize) { + *outlen = hash_descriptor[hash].hashsize; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/hashes/helper/hash_memory_multi.c b/src/hashes/helper/hash_memory_multi.c index 6523c7e..c1e3a8b 100644 --- a/src/hashes/helper/hash_memory_multi.c +++ b/src/hashes/helper/hash_memory_multi.c @@ -43,6 +43,7 @@ int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen, } if (*outlen < hash_descriptor[hash].hashsize) { + *outlen = hash_descriptor[hash].hashsize; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/headers/tomcrypt.h b/src/headers/tomcrypt.h index 972fe56..a732033 100644 --- a/src/headers/tomcrypt.h +++ b/src/headers/tomcrypt.h @@ -16,8 +16,8 @@ extern "C" { #endif /* version */ -#define CRYPT 0x0112 -#define SCRYPT "1.12" +#define CRYPT 0x0113 +#define SCRYPT "1.13" /* max size of either a cipher/hash block or symmetric key [largest of the two] */ #define MAXBLOCKSIZE 128 diff --git a/src/headers/tomcrypt_argchk.h b/src/headers/tomcrypt_argchk.h index a617c8f..68edb91 100644 --- a/src/headers/tomcrypt_argchk.h +++ b/src/headers/tomcrypt_argchk.h @@ -7,19 +7,28 @@ /* this is the default LibTomCrypt macro */ void crypt_argchk(char *v, char *s, int d); #define LTC_ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } +#define LTC_ARGCHKVD(x) LTC_ARGCHK(x) #elif ARGTYPE == 1 /* fatal type of error */ #define LTC_ARGCHK(x) assert((x)) +#define LTC_ARGCHKVD(x) LTC_ARGCHK(x) #elif ARGTYPE == 2 #define LTC_ARGCHK(x) if (!(x)) { fprintf(stderr, "\nwarning: ARGCHK failed at %s:%d\n", __FILE__, __LINE__); } +#define LTC_ARGCHKVD(x) LTC_ARGCHK(x) #elif ARGTYPE == 3 #define LTC_ARGCHK(x) +#define LTC_ARGCHKVD(x) LTC_ARGCHK(x) + +#elif ARGTYPE == 4 + +#define LTC_ARGCHK(x) return CRYPT_INVALID_ARG; +#define LTC_ARGCHKVD(x) return; #endif diff --git a/src/headers/tomcrypt_cipher.h b/src/headers/tomcrypt_cipher.h index 8a8a588..6203308 100644 --- a/src/headers/tomcrypt_cipher.h +++ b/src/headers/tomcrypt_cipher.h @@ -274,6 +274,24 @@ typedef struct { } symmetric_LRW; #endif +#ifdef LTC_F8_MODE +/** A block cipher F8 structure */ +typedef struct { + /** The index of the cipher chosen */ + int cipher, + /** The block size of the given cipher */ + blocklen, + /** The padding offset */ + padlen; + /** The current IV */ + unsigned char IV[MAXBLOCKSIZE], + MIV[MAXBLOCKSIZE]; + /** Current block count */ + ulong32 blockcnt; + /** The scheduled key */ + symmetric_key key; +} symmetric_F8; +#endif /** cipher descriptor table, last entry has "name == NULL" to mark the end of table */ @@ -706,9 +724,21 @@ int lrw_test(void); /* don't call */ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw); - - #endif + +#ifdef LTC_F8_MODE +int f8_start( int cipher, const unsigned char *IV, + const unsigned char *key, int keylen, + const unsigned char *salt_key, int skeylen, + int num_rounds, symmetric_F8 *f8); +int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8); +int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8); +int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8); +int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8); +int f8_done(symmetric_F8 *f8); +#endif + + int find_cipher(const char *name); int find_cipher_any(const char *name, int blocklen, int keylen); int find_cipher_id(unsigned char ID); diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h index 8790160..cf201eb 100644 --- a/src/headers/tomcrypt_custom.h +++ b/src/headers/tomcrypt_custom.h @@ -140,6 +140,9 @@ #define CBC #define CTR +/* F8 chaining mode */ +#define LTC_F8_MODE + /* LRW mode */ #define LRW_MODE #ifndef LTC_NO_TABLES diff --git a/src/headers/tomcrypt_math.h b/src/headers/tomcrypt_math.h index c36f67c..a3534df 100644 --- a/src/headers/tomcrypt_math.h +++ b/src/headers/tomcrypt_math.h @@ -225,7 +225,7 @@ typedef struct { @param d The remainder (can be NULL to signify don't care) @return CRYPT_OK on success */ - int (*div)(void *a, void *b, void *c, void *d); + int (*mpdiv)(void *a, void *b, void *c, void *d); /** divide by two @param a The integer to divide (shift right) @@ -267,6 +267,14 @@ typedef struct { */ int (*mulmod)(void *a, void *b, void *c, void *d); + /** Modular squaring + @param a The first source + @param b The modulus + @param c The destination (a*a mod b) + @return CRYPT_OK on success + */ + int (*sqrmod)(void *a, void *b, void *c); + /** Modular inversion @param a The value to invert @param b The modulus @@ -446,14 +454,15 @@ extern const ltc_math_descriptor gmp_desc; #define mp_mul(a, b, c) ltc_mp.mul(a, b, c) #define mp_mul_d(a, b, c) ltc_mp.muli(a, b, c) #define mp_sqr(a, b) ltc_mp.sqr(a, b) -#define mp_div(a, b, c, d) ltc_mp.div(a, b, c, d) +#define mp_div(a, b, c, d) ltc_mp.mpdiv(a, b, c, d) #define mp_div_2(a, b) ltc_mp.div_2(a, b) -#define mp_mod(a, b, c) ltc_mp.div(a, b, NULL, c) +#define mp_mod(a, b, c) ltc_mp.mpdiv(a, b, NULL, c) #define mp_mod_d(a, b, c) ltc_mp.modi(a, b, c) #define mp_gcd(a, b, c) ltc_mp.gcd(a, b, c) #define mp_lcm(a, b, c) ltc_mp.lcm(a, b, c) #define mp_mulmod(a, b, c, d) ltc_mp.mulmod(a, b, c, d) +#define mp_sqrmod(a, b, c) ltc_mp.sqrmod(a, b, c) #define mp_invmod(a, b, c) ltc_mp.invmod(a, b, c) #define mp_montgomery_setup(a, b) ltc_mp.montgomery_setup(a, b) diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index ae9e4d6..9803f83 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -359,7 +359,7 @@ typedef struct ltc_asn1_list_ { int LTC_MACRO_temp = (index); \ ltc_asn1_list *LTC_MACRO_list = (list); \ LTC_MACRO_list[LTC_MACRO_temp].type = (Type); \ - LTC_MACRO_list[LTC_MACRO_temp].data = (Data); \ + LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \ LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \ LTC_MACRO_list[LTC_MACRO_temp].used = 0; \ } while (0); diff --git a/src/math/fp/ltc_ecc_fp_mulmod.c b/src/math/fp/ltc_ecc_fp_mulmod.c index 52bc4b7..614ef20 100644 --- a/src/math/fp/ltc_ecc_fp_mulmod.c +++ b/src/math/fp/ltc_ecc_fp_mulmod.c @@ -35,11 +35,12 @@ /** Our FP cache */ static struct { ecc_point *g, /* cached COPY of base point */ - *LUT[1<x, mu, modulus, fp_cache[idx].LUT[1]->x) != CRYPT_OK) || (mp_mulmod(fp_cache[idx].g->y, mu, modulus, fp_cache[idx].LUT[1]->y) != CRYPT_OK) || - (mp_mulmod(fp_cache[idx].g->z, mu, modulus, fp_cache[idx].LUT[1]->z) != CRYPT_OK)) { goto ERR; } + (mp_mulmod(fp_cache[idx].g->z, mu, modulus, fp_cache[idx].LUT[1]->z) != CRYPT_OK)) { goto ERR; } /* make all single bit entries */ for (x = 1; x < FP_LUT; x++) { if ((mp_copy(fp_cache[idx].LUT[1<<(x-1)]->x, fp_cache[idx].LUT[1<x) != CRYPT_OK) || (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->y, fp_cache[idx].LUT[1<y) != CRYPT_OK) || - (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->z, fp_cache[idx].LUT[1<z) != CRYPT_OK)) { goto ERR; } + (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->z, fp_cache[idx].LUT[1<z) != CRYPT_OK)) { goto ERR; } /* now double it bitlen/FP_LUT times */ for (y = 0; y < lut_gap; y++) { @@ -700,7 +716,7 @@ static int build_lut(int idx, void *modulus, void *mp, void *mu) /* now make all entries in increase order of hamming weight */ for (x = 2; x <= FP_LUT; x++) { - for (y = 0; y < (1<z, modulus, mp)) != CRYPT_OK) { goto ERR; } + + /* invert it */ + if ((err = mp_invmod(fp_cache[idx].LUT[x]->z, modulus, fp_cache[idx].LUT[x]->z)) != CRYPT_OK) { goto ERR; } + + /* now square it */ + if ((err = mp_sqrmod(fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK) { goto ERR; } + + /* fix x */ + if ((err = mp_mulmod(fp_cache[idx].LUT[x]->x, tmp, modulus, fp_cache[idx].LUT[x]->x)) != CRYPT_OK) { goto ERR; } + + /* get 1/z^3 */ + if ((err = mp_mulmod(tmp, fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK) { goto ERR; } + + /* fix y */ + if ((err = mp_mulmod(fp_cache[idx].LUT[x]->y, tmp, modulus, fp_cache[idx].LUT[x]->y)) != CRYPT_OK) { goto ERR; } + + /* free z */ + mp_clear(fp_cache[idx].LUT[x]->z); + fp_cache[idx].LUT[x]->z = NULL; + } + mp_clear(tmp); + return CRYPT_OK; ERR: err = CRYPT_MEM; DONE: - for (y = 0; y < (1<x, R->x) != CRYPT_OK) || (mp_copy(fp_cache[idx].LUT[z]->y, R->y) != CRYPT_OK) || - (mp_copy(fp_cache[idx].LUT[z]->z, R->z) != CRYPT_OK)) { return CRYPT_MEM; } + (mp_copy(fp_cache[idx].mu, R->z) != CRYPT_OK)) { return CRYPT_MEM; } first = 0; } } @@ -846,6 +897,14 @@ static int accel_fp_mul(int idx, void *k, ecc_point *R, void *modulus, void *mp, return err; } +/** ECC Fixed Point mulmod global + @param k The multiplicand + @param G Base point to multiply + @param R [out] Destination of product + @param modulus The modulus for the curve + @param map [boolean] If non-zero maps the point back to affine co-ordinates, otherwise it's left in jacobian-montgomery form + @return CRYPT_OK if successful +*/ int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) { int idx, err; @@ -909,18 +968,23 @@ LBL_ERR: return err; } +/** Free the Fixed Point tables */ void ltc_ecc_fp_free(void) { - int x, y; + unsigned x, y; LTC_MUTEX_LOCK(<c_ecc_fp_lock); for (x = 0; x < FP_ENTRIES; x++) { if (fp_cache[x].g != NULL) { - for (y = 0; y < (1<y, &t1); if ( (fp_cmp(P->x, Q->x) == FP_EQ) && - (fp_cmp(P->z, Q->z) == FP_EQ) && + (Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) && (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) { return tfm_ecc_projective_dbl_point(P, R, modulus, Mp); } @@ -546,6 +554,7 @@ static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R fp_copy(P->z, &z); /* if Z is one then these are no-operations */ + if (Q->z != NULL) { /* T1 = Z' * Z' */ fp_sqr(Q->z, &t1); fp_montgomery_reduce(&t1, modulus, mp); @@ -558,7 +567,8 @@ static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R /* Y = Y * T1 */ fp_mul(&t1, &y, &y); fp_montgomery_reduce(&y, modulus, mp); - + } + /* T1 = Z*Z */ fp_sqr(&z, &t1); fp_montgomery_reduce(&t1, modulus, mp); @@ -604,10 +614,12 @@ static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R } /* if Z' != 1 */ + if (Q->z != NULL) { /* Z = Z * Z' */ fp_mul(&z, Q->z, &z); fp_montgomery_reduce(&z, modulus, mp); - + } + /* Z = Z * X */ fp_mul(&z, &x, &z); fp_montgomery_reduce(&z, modulus, mp); @@ -710,6 +722,7 @@ const ltc_math_descriptor tfm_desc = { &lcm, &mulmod, + &sqrmod, &invmod, &montgomery_setup, diff --git a/src/misc/base64/base64_encode.c b/src/misc/base64/base64_encode.c index b7c3f89..7f4b11d 100644 --- a/src/misc/base64/base64_encode.c +++ b/src/misc/base64/base64_encode.c @@ -42,6 +42,7 @@ int base64_encode(const unsigned char *in, unsigned long inlen, /* valid output size ? */ len2 = 4 * ((inlen + 2) / 3); if (*outlen < len2 + 1) { + *outlen = len2 + 1; return CRYPT_BUFFER_OVERFLOW; } p = out; diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c index e3dd6c9..7b4e7df 100644 --- a/src/misc/crypt/crypt.c +++ b/src/misc/crypt/crypt.c @@ -175,6 +175,9 @@ const char *crypt_build_settings = #endif "\n" #endif +#if defined(LTC_F8_MODE) + " F8 MODE\n" +#endif "\nMACs:\n" #if defined(HMAC) diff --git a/src/misc/zeromem.c b/src/misc/zeromem.c index 995a498..09b7023 100644 --- a/src/misc/zeromem.c +++ b/src/misc/zeromem.c @@ -23,7 +23,7 @@ void zeromem(void *out, size_t outlen) { unsigned char *mem = out; - LTC_ARGCHK(out != NULL); + LTC_ARGCHKVD(out != NULL); while (outlen-- > 0) { *mem++ = 0; } diff --git a/src/modes/cbc/cbc_getiv.c b/src/modes/cbc/cbc_getiv.c index 9117423..055fcc5 100644 --- a/src/modes/cbc/cbc_getiv.c +++ b/src/modes/cbc/cbc_getiv.c @@ -30,6 +30,7 @@ int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc) LTC_ARGCHK(len != NULL); LTC_ARGCHK(cbc != NULL); if ((unsigned long)cbc->blocklen > *len) { + *len = cbc->blocklen; return CRYPT_BUFFER_OVERFLOW; } XMEMCPY(IV, cbc->IV, cbc->blocklen); diff --git a/src/modes/cfb/cfb_getiv.c b/src/modes/cfb/cfb_getiv.c index a27f6a6..f764970 100644 --- a/src/modes/cfb/cfb_getiv.c +++ b/src/modes/cfb/cfb_getiv.c @@ -30,6 +30,7 @@ int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb) LTC_ARGCHK(len != NULL); LTC_ARGCHK(cfb != NULL); if ((unsigned long)cfb->blocklen > *len) { + *len = cfb->blocklen; return CRYPT_BUFFER_OVERFLOW; } XMEMCPY(IV, cfb->IV, cfb->blocklen); diff --git a/src/modes/ctr/ctr_getiv.c b/src/modes/ctr/ctr_getiv.c index 8bf4ecb..ff44482 100644 --- a/src/modes/ctr/ctr_getiv.c +++ b/src/modes/ctr/ctr_getiv.c @@ -30,6 +30,7 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr) LTC_ARGCHK(len != NULL); LTC_ARGCHK(ctr != NULL); if ((unsigned long)ctr->blocklen > *len) { + *len = ctr->blocklen; return CRYPT_BUFFER_OVERFLOW; } XMEMCPY(IV, ctr->ctr, ctr->blocklen); diff --git a/src/modes/f8/f8_decrypt.c b/src/modes/f8/f8_decrypt.c new file mode 100644 index 0000000..0fbe3c0 --- /dev/null +++ b/src/modes/f8/f8_decrypt.c @@ -0,0 +1,43 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_decrypt.c + F8 implementation, decrypt data, Tom St Denis +*/ + +#ifdef LTC_F8_MODE + +/** + F8 decrypt + @param ct Ciphertext + @param pt [out] Plaintext + @param len Length of ciphertext (octets) + @param f8 F8 state + @return CRYPT_OK if successful +*/ +int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8) +{ + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(f8 != NULL); + return f8_encrypt(ct, pt, len, f8); +} + + +#endif + + + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_done.c b/src/modes/f8/f8_done.c new file mode 100644 index 0000000..14a54d0 --- /dev/null +++ b/src/modes/f8/f8_done.c @@ -0,0 +1,42 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_done.c + F8 implementation, finish chain, Tom St Denis +*/ + +#ifdef LTC_F8_MODE + +/** Terminate the chain + @param f8 The F8 chain to terminate + @return CRYPT_OK on success +*/ +int f8_done(symmetric_F8 *f8) +{ + int err; + LTC_ARGCHK(f8 != NULL); + + if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) { + return err; + } + cipher_descriptor[f8->cipher].done(&f8->key); + return CRYPT_OK; +} + + + +#endif + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_encrypt.c b/src/modes/f8/f8_encrypt.c new file mode 100644 index 0000000..6fd9950 --- /dev/null +++ b/src/modes/f8/f8_encrypt.c @@ -0,0 +1,68 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_encrypt.c + F8 implementation, encrypt data, Tom St Denis +*/ + +#ifdef LTC_F8_MODE + +/** + F8 encrypt + @param pt Plaintext + @param ct [out] Ciphertext + @param len Length of plaintext (octets) + @param f8 F8 state + @return CRYPT_OK if successful +*/ +int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8) +{ + int err, x; + unsigned char buf[MAXBLOCKSIZE]; + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(f8 != NULL); + if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) { + return err; + } + + /* is blocklen/padlen valid? */ + if (f8->blocklen < 0 || f8->blocklen > (int)sizeof(f8->IV) || + f8->padlen < 0 || f8->padlen > (int)sizeof(f8->IV)) { + return CRYPT_INVALID_ARG; + } + + zeromem(buf, sizeof(buf)); + while (len-- > 0) { + if (f8->padlen == f8->blocklen) { + /* xor of IV, MIV and blockcnt == what goes into cipher */ + STORE32H(f8->blockcnt, (buf+(f8->blocklen-4))); + ++(f8->blockcnt); + for (x = 0; x < f8->blocklen; x++) { + f8->IV[x] ^= f8->MIV[x] ^ buf[x]; + } + if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(f8->IV, f8->IV, &f8->key)) != CRYPT_OK) { + return err; + } + f8->padlen = 0; + } + *ct++ = *pt++ ^ f8->IV[f8->padlen++]; + } + return CRYPT_OK; +} + +#endif + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_getiv.c b/src/modes/f8/f8_getiv.c new file mode 100644 index 0000000..ddf9a72 --- /dev/null +++ b/src/modes/f8/f8_getiv.c @@ -0,0 +1,46 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file ofb_getiv.c + F8 implementation, get IV, Tom St Denis +*/ + +#ifdef LTC_F8_MODE + +/** + Get the current initial vector + @param IV [out] The destination of the initial vector + @param len [in/out] The max size and resulting size of the initial vector + @param f8 The F8 state + @return CRYPT_OK if successful +*/ +int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8) +{ + LTC_ARGCHK(IV != NULL); + LTC_ARGCHK(len != NULL); + LTC_ARGCHK(f8 != NULL); + if ((unsigned long)f8->blocklen > *len) { + *len = f8->blocklen; + return CRYPT_BUFFER_OVERFLOW; + } + XMEMCPY(IV, f8->IV, f8->blocklen); + *len = f8->blocklen; + + return CRYPT_OK; +} + +#endif + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_setiv.c b/src/modes/f8/f8_setiv.c new file mode 100644 index 0000000..f1bbe2a --- /dev/null +++ b/src/modes/f8/f8_setiv.c @@ -0,0 +1,52 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_setiv.c + F8 implementation, set IV, Tom St Denis +*/ + +#ifdef LTC_F8_MODE + +/** + Set an initial vector + @param IV The initial vector + @param len The length of the vector (in octets) + @param f8 The F8 state + @return CRYPT_OK if successful +*/ +int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8) +{ + int err; + + LTC_ARGCHK(IV != NULL); + LTC_ARGCHK(f8 != NULL); + + if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) { + return err; + } + + if (len != (unsigned long)f8->blocklen) { + return CRYPT_INVALID_ARG; + } + + /* force next block */ + f8->padlen = 0; + return cipher_descriptor[f8->cipher].ecb_encrypt(IV, f8->IV, &f8->key); +} + +#endif + + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_start.c b/src/modes/f8/f8_start.c new file mode 100644 index 0000000..398f395 --- /dev/null +++ b/src/modes/f8/f8_start.c @@ -0,0 +1,91 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_start.c + F8 implementation, start chain, Tom St Denis +*/ + + +#ifdef LTC_F8_MODE + +/** + Initialize an F8 context + @param cipher The index of the cipher desired + @param IV The initial vector + @param key The secret key + @param keylen The length of the secret key (octets) + @param salt_key The salting key for the IV + @param skeylen The length of the salting key (octets) + @param num_rounds Number of rounds in the cipher desired (0 for default) + @param f8 The F8 state to initialize + @return CRYPT_OK if successful +*/ +int f8_start( int cipher, const unsigned char *IV, + const unsigned char *key, int keylen, + const unsigned char *salt_key, int skeylen, + int num_rounds, symmetric_F8 *f8) +{ + int x, err; + unsigned char tkey[MAXBLOCKSIZE]; + + LTC_ARGCHK(IV != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(salt_key != NULL); + LTC_ARGCHK(f8 != NULL); + + if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { + return err; + } + + /* copy details */ + f8->blockcnt = 0; + f8->cipher = cipher; + f8->blocklen = cipher_descriptor[cipher].block_length; + f8->padlen = f8->blocklen; + + /* now get key ^ salt_key [extend salt_ket with 0x55 as required to match length] */ + for (x = 0; x < keylen && x < (int)sizeof(tkey); x++) { + tkey[x] = key[x]; + } + for (x = 0; x < skeylen && x < (int)sizeof(tkey); x++) { + tkey[x] ^= salt_key[x]; + } + for (; x < keylen && x < (int)sizeof(tkey); x++) { + tkey[x] ^= 0x55; + } + + /* now encrypt with tkey[0..keylen-1] the IV and use that as the IV */ + if ((err = cipher_descriptor[cipher].setup(tkey, keylen, num_rounds, &f8->key)) != CRYPT_OK) { + return err; + } + + /* encrypt IV */ + if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(IV, f8->MIV, &f8->key)) != CRYPT_OK) { + cipher_descriptor[f8->cipher].done(&f8->key); + return err; + } + zeromem(tkey, sizeof(tkey)); + zeromem(f8->IV, sizeof(f8->IV)); + + /* terminate this cipher */ + cipher_descriptor[f8->cipher].done(&f8->key); + + /* init the cipher */ + return cipher_descriptor[cipher].setup(key, keylen, num_rounds, &f8->key); +} + +#endif + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/f8/f8_test_mode.c b/src/modes/f8/f8_test_mode.c new file mode 100644 index 0000000..d343e5b --- /dev/null +++ b/src/modes/f8/f8_test_mode.c @@ -0,0 +1,75 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file f8_test_mode.c + F8 implementation, test, Tom St Denis +*/ + + +#ifdef LTC_F8_MODE + +int f8_test_mode(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + const unsigned char key[16] = { 0x23, 0x48, 0x29, 0x00, 0x84, 0x67, 0xbe, 0x18, + 0x6c, 0x3d, 0xe1, 0x4a, 0xae, 0x72, 0xd6, 0x2c }; + const unsigned char salt[4] = { 0x32, 0xf2, 0x87, 0x0d }; + const unsigned char IV[16] = { 0x00, 0x6e, 0x5c, 0xba, 0x50, 0x68, 0x1d, 0xe5, + 0x5c, 0x62, 0x15, 0x99, 0xd4, 0x62, 0x56, 0x4a }; + const unsigned char pt[39] = { 0x70, 0x73, 0x65, 0x75, 0x64, 0x6f, 0x72, 0x61, + 0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73, + 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, + 0x6e, 0x65, 0x78, 0x74, 0x20, 0x62, 0x65, 0x73, + 0x74, 0x20, 0x74, 0x68, 0x69, 0x6e, 0x67 }; + const unsigned char ct[39] = { 0x01, 0x9c, 0xe7, 0xa2, 0x6e, 0x78, 0x54, 0x01, + 0x4a, 0x63, 0x66, 0xaa, 0x95, 0xd4, 0xee, 0xfd, + 0x1a, 0xd4, 0x17, 0x2a, 0x14, 0xf9, 0xfa, 0xf4, + 0x55, 0xb7, 0xf1, 0xd4, 0xb6, 0x2b, 0xd0, 0x8f, + 0x56, 0x2c, 0x0e, 0xef, 0x7c, 0x48, 0x02 }; + unsigned char buf[39]; + symmetric_F8 f8; + int err, idx; + + idx = find_cipher("aes"); + if (idx == -1) { + idx = find_cipher("rijndael"); + if (idx == -1) return CRYPT_NOP; + } + + /* initialize the context */ + if ((err = f8_start(idx, IV, key, sizeof(key), salt, sizeof(salt), 0, &f8)) != CRYPT_OK) { + return err; + } + f8_done(&f8); + + /* encrypt block */ + if ((err = f8_encrypt(pt, buf, sizeof(pt), &f8)) != CRYPT_OK) { + return err; + } + + /* compare */ + if (XMEMCMP(buf, ct, sizeof(ct))) { + return CRYPT_FAIL_TESTVECTOR; + } + + return CRYPT_OK; +#endif +} + +#endif + +/* $Source$ */ +/* $Revision$ */ +/* $Date$ */ diff --git a/src/modes/lrw/lrw_getiv.c b/src/modes/lrw/lrw_getiv.c index f183169..0b8adb7 100644 --- a/src/modes/lrw/lrw_getiv.c +++ b/src/modes/lrw/lrw_getiv.c @@ -30,6 +30,7 @@ int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw) LTC_ARGCHK(len != NULL); LTC_ARGCHK(lrw != NULL); if (*len < 16) { + *len = 16; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/modes/ofb/ofb_getiv.c b/src/modes/ofb/ofb_getiv.c index f32028c..99c97ac 100644 --- a/src/modes/ofb/ofb_getiv.c +++ b/src/modes/ofb/ofb_getiv.c @@ -30,6 +30,7 @@ int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb) LTC_ARGCHK(len != NULL); LTC_ARGCHK(ofb != NULL); if ((unsigned long)ofb->blocklen > *len) { + *len = ofb->blocklen; return CRYPT_BUFFER_OVERFLOW; } XMEMCPY(IV, ofb->IV, ofb->blocklen); diff --git a/src/pk/asn1/der/bit/der_decode_bit_string.c b/src/pk/asn1/der/bit/der_decode_bit_string.c index 488386c..a1c849a 100644 --- a/src/pk/asn1/der/bit/der_decode_bit_string.c +++ b/src/pk/asn1/der/bit/der_decode_bit_string.c @@ -78,6 +78,7 @@ int der_decode_bit_string(const unsigned char *in, unsigned long inlen, /* too many bits? */ if (blen > *outlen) { + *outlen = blen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/bit/der_encode_bit_string.c b/src/pk/asn1/der/bit/der_encode_bit_string.c index f1e3cca..62cc5a2 100644 --- a/src/pk/asn1/der/bit/der_encode_bit_string.c +++ b/src/pk/asn1/der/bit/der_encode_bit_string.c @@ -42,6 +42,7 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen, } if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/boolean/der_encode_boolean.c b/src/pk/asn1/der/boolean/der_encode_boolean.c index 82fb5f1..7833775 100644 --- a/src/pk/asn1/der/boolean/der_encode_boolean.c +++ b/src/pk/asn1/der/boolean/der_encode_boolean.c @@ -32,6 +32,7 @@ int der_encode_boolean(int in, LTC_ARGCHK(out != NULL); if (*outlen < 3) { + *outlen = 3; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/ia5/der_decode_ia5_string.c b/src/pk/asn1/der/ia5/der_decode_ia5_string.c index 7d3bf94..98404f8 100644 --- a/src/pk/asn1/der/ia5/der_decode_ia5_string.c +++ b/src/pk/asn1/der/ia5/der_decode_ia5_string.c @@ -67,6 +67,7 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, /* is it too long? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/ia5/der_encode_ia5_string.c b/src/pk/asn1/der/ia5/der_encode_ia5_string.c index 385b4d6..f19756d 100644 --- a/src/pk/asn1/der/ia5/der_encode_ia5_string.c +++ b/src/pk/asn1/der/ia5/der_encode_ia5_string.c @@ -42,6 +42,7 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen, /* too big? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/integer/der_encode_integer.c b/src/pk/asn1/der/integer/der_encode_integer.c index 74750bf..10985f9 100644 --- a/src/pk/asn1/der/integer/der_encode_integer.c +++ b/src/pk/asn1/der/integer/der_encode_integer.c @@ -41,6 +41,7 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) } if (*outlen < tmplen) { + *outlen = tmplen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c index a7e689e..9f1fe3b 100644 --- a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c @@ -39,6 +39,7 @@ int der_encode_object_identifier(unsigned long *words, unsigned long nwords, return err; } if (x > *outlen) { + *outlen = x; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/octet/der_decode_octet_string.c b/src/pk/asn1/der/octet/der_decode_octet_string.c index b0577da..2b7401b 100644 --- a/src/pk/asn1/der/octet/der_decode_octet_string.c +++ b/src/pk/asn1/der/octet/der_decode_octet_string.c @@ -66,6 +66,7 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen, /* is it too long? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/octet/der_encode_octet_string.c b/src/pk/asn1/der/octet/der_encode_octet_string.c index 4cd1eb2..54bd38b 100644 --- a/src/pk/asn1/der/octet/der_encode_octet_string.c +++ b/src/pk/asn1/der/octet/der_encode_octet_string.c @@ -43,6 +43,7 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen, /* too big? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/printable_string/der_decode_printable_string.c b/src/pk/asn1/der/printable_string/der_decode_printable_string.c index aa13cdb..932b5ab 100644 --- a/src/pk/asn1/der/printable_string/der_decode_printable_string.c +++ b/src/pk/asn1/der/printable_string/der_decode_printable_string.c @@ -67,6 +67,7 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, /* is it too long? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/printable_string/der_encode_printable_string.c b/src/pk/asn1/der/printable_string/der_encode_printable_string.c index ce9ce94..ae81ced 100644 --- a/src/pk/asn1/der/printable_string/der_encode_printable_string.c +++ b/src/pk/asn1/der/printable_string/der_encode_printable_string.c @@ -42,6 +42,7 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen, /* too big? */ if (len > *outlen) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/sequence/der_encode_sequence_ex.c b/src/pk/asn1/der/sequence/der_encode_sequence_ex.c index aa6e6de..fc2eba1 100644 --- a/src/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/src/pk/asn1/der/sequence/der_encode_sequence_ex.c @@ -153,6 +153,7 @@ int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, /* too big ? */ if (*outlen < y) { + *outlen = y; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/asn1/der/short_integer/der_encode_short_integer.c b/src/pk/asn1/der/short_integer/der_encode_short_integer.c index 5f3e06f..d9aebba 100644 --- a/src/pk/asn1/der/short_integer/der_encode_short_integer.c +++ b/src/pk/asn1/der/short_integer/der_encode_short_integer.c @@ -42,6 +42,7 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon } if (*outlen < len) { + *outlen = len; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/asn1/der/utctime/der_encode_utctime.c b/src/pk/asn1/der/utctime/der_encode_utctime.c index 021a38a..510f09f 100644 --- a/src/pk/asn1/der/utctime/der_encode_utctime.c +++ b/src/pk/asn1/der/utctime/der_encode_utctime.c @@ -44,6 +44,7 @@ int der_encode_utctime(ltc_utctime *utctime, return err; } if (tmplen > *outlen) { + *outlen = tmplen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/dsa/dsa_decrypt_key.c b/src/pk/dsa/dsa_decrypt_key.c index ab4b3e4..d574759 100644 --- a/src/pk/dsa/dsa_decrypt_key.c +++ b/src/pk/dsa/dsa_decrypt_key.c @@ -105,6 +105,7 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, /* avoid buffer overflow */ if (*outlen < decode[2].size) { + *outlen = decode[2].size; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/dsa/dsa_free.c b/src/pk/dsa/dsa_free.c index 102230f..9a6d4f9 100644 --- a/src/pk/dsa/dsa_free.c +++ b/src/pk/dsa/dsa_free.c @@ -23,7 +23,7 @@ */ void dsa_free(dsa_key *key) { - LTC_ARGCHK(key != NULL); + LTC_ARGCHKVD(key != NULL); mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); } diff --git a/src/pk/dsa/dsa_shared_secret.c b/src/pk/dsa/dsa_shared_secret.c index 564fe8e..ed7c4fb 100644 --- a/src/pk/dsa/dsa_shared_secret.c +++ b/src/pk/dsa/dsa_shared_secret.c @@ -51,6 +51,7 @@ int dsa_shared_secret(void *private_key, void *base, x = (unsigned long)mp_unsigned_bin_size(res); if (*outlen < x) { + *outlen = x; err = CRYPT_BUFFER_OVERFLOW; goto done; } diff --git a/src/pk/ecc/ecc_decrypt_key.c b/src/pk/ecc/ecc_decrypt_key.c index 6d2aea9..6f5dccd 100644 --- a/src/pk/ecc/ecc_decrypt_key.c +++ b/src/pk/ecc/ecc_decrypt_key.c @@ -116,6 +116,7 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, /* avoid buffer overflow */ if (*outlen < decode[2].size) { + *outlen = decode[2].size; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/ecc/ecc_free.c b/src/pk/ecc/ecc_free.c index f5f92f3..5d8b7c2 100644 --- a/src/pk/ecc/ecc_free.c +++ b/src/pk/ecc/ecc_free.c @@ -29,7 +29,7 @@ */ void ecc_free(ecc_key *key) { - LTC_ARGCHK(key != NULL); + LTC_ARGCHKVD(key != NULL); mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); } diff --git a/src/pk/ecc/ecc_shared_secret.c b/src/pk/ecc/ecc_shared_secret.c index 4f135a4..c1f8a7d 100644 --- a/src/pk/ecc/ecc_shared_secret.c +++ b/src/pk/ecc/ecc_shared_secret.c @@ -73,6 +73,7 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, x = (unsigned long)mp_unsigned_bin_size(prime); if (*outlen < x) { + *outlen = x; err = CRYPT_BUFFER_OVERFLOW; goto done; } diff --git a/src/pk/ecc/ecc_sizes.c b/src/pk/ecc/ecc_sizes.c index 41da86f..c673bfc 100644 --- a/src/pk/ecc/ecc_sizes.c +++ b/src/pk/ecc/ecc_sizes.c @@ -26,8 +26,8 @@ void ecc_sizes(int *low, int *high) { int i; - LTC_ARGCHK(low != NULL); - LTC_ARGCHK(high != NULL); + LTC_ARGCHKVD(low != NULL); + LTC_ARGCHKVD(high != NULL); *low = INT_MAX; *high = 0; diff --git a/src/pk/ecc/ltc_ecc_points.c b/src/pk/ecc/ltc_ecc_points.c index 6b10d11..07d003b 100644 --- a/src/pk/ecc/ltc_ecc_points.c +++ b/src/pk/ecc/ltc_ecc_points.c @@ -48,7 +48,7 @@ void ltc_ecc_del_point(ecc_point *p) { /* prevents free'ing null arguments */ if (p != NULL) { - mp_clear_multi(p->x, p->y, p->z, NULL); + mp_clear_multi(p->x, p->y, p->z, NULL); /* note: p->z may be NULL but that's ok with this function anyways */ XFREE(p); } } diff --git a/src/pk/ecc/ltc_ecc_projective_add_point.c b/src/pk/ecc/ltc_ecc_projective_add_point.c index 7be6704..1cf4880 100644 --- a/src/pk/ecc/ltc_ecc_projective_add_point.c +++ b/src/pk/ecc/ltc_ecc_projective_add_point.c @@ -51,7 +51,7 @@ int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK) { goto done; } if ( (mp_cmp(P->x, Q->x) == LTC_MP_EQ) && - (mp_cmp(P->z, Q->z) == LTC_MP_EQ) && + (Q->z != NULL && mp_cmp(P->z, Q->z) == LTC_MP_EQ) && (mp_cmp(P->y, Q->y) == LTC_MP_EQ || mp_cmp(P->y, t1) == LTC_MP_EQ)) { mp_clear_multi(t1, t2, x, y, z, NULL); return ltc_ecc_projective_dbl_point(P, R, modulus, mp); @@ -62,6 +62,7 @@ int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void if ((err = mp_copy(P->z, z)) != CRYPT_OK) { goto done; } /* if Z is one then these are no-operations */ + if (Q->z != NULL) { /* T1 = Z' * Z' */ if ((err = mp_sqr(Q->z, t1)) != CRYPT_OK) { goto done; } if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } @@ -74,7 +75,8 @@ int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void /* Y = Y * T1 */ if ((err = mp_mul(t1, y, y)) != CRYPT_OK) { goto done; } if ((err = mp_montgomery_reduce(y, modulus, mp)) != CRYPT_OK) { goto done; } - + } + /* T1 = Z*Z */ if ((err = mp_sqr(z, t1)) != CRYPT_OK) { goto done; } if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } @@ -120,10 +122,12 @@ int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void } /* if Z' != 1 */ + if (Q->z != NULL) { /* Z = Z * Z' */ if ((err = mp_mul(z, Q->z, z)) != CRYPT_OK) { goto done; } if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } - + } + /* Z = Z * X */ if ((err = mp_mul(z, x, z)) != CRYPT_OK) { goto done; } if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } diff --git a/src/pk/katja/katja_encrypt_key.c b/src/pk/katja/katja_encrypt_key.c index e4f6f54..fada966 100644 --- a/src/pk/katja/katja_encrypt_key.c +++ b/src/pk/katja/katja_encrypt_key.c @@ -64,6 +64,7 @@ int katja_encrypt_key(const unsigned char *in, unsigned long inlen, /* outlen must be at least the size of the modulus */ modulus_bytelen = mp_unsigned_bin_size((key->N)); if (modulus_bytelen > *outlen) { + *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/katja/katja_exptmod.c b/src/pk/katja/katja_exptmod.c index 7e8d1ee..4f4bf4c 100644 --- a/src/pk/katja/katja_exptmod.c +++ b/src/pk/katja/katja_exptmod.c @@ -83,6 +83,7 @@ int katja_exptmod(const unsigned char *in, unsigned long inlen, /* read it back */ x = (unsigned long)mp_unsigned_bin_size(key->N); if (x > *outlen) { + *outlen = x; err = CRYPT_BUFFER_OVERFLOW; goto done; } diff --git a/src/pk/pkcs1/pkcs_1_oaep_decode.c b/src/pk/pkcs1/pkcs_1_oaep_decode.c index 3b7c2dd..81bff41 100644 --- a/src/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/src/pk/pkcs1/pkcs_1_oaep_decode.c @@ -154,6 +154,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, /* rest is the message (and skip 0x01) */ if ((modulus_len - hLen - 1 - ++x) > *outlen) { + *outlen = modulus_len - hLen - 1 - x; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/pkcs1/pkcs_1_oaep_encode.c b/src/pk/pkcs1/pkcs_1_oaep_encode.c index bb34bd7..842f0b9 100644 --- a/src/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/src/pk/pkcs1/pkcs_1_oaep_encode.c @@ -135,6 +135,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, /* create string of length modulus_len */ if (*outlen < modulus_len) { + *outlen = modulus_len; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/pkcs1/pkcs_1_pss_encode.c b/src/pk/pkcs1/pkcs_1_pss_encode.c index 8087c69..e435d3d 100644 --- a/src/pk/pkcs1/pkcs_1_pss_encode.c +++ b/src/pk/pkcs1/pkcs_1_pss_encode.c @@ -129,6 +129,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, /* output is DB || hash || 0xBC */ if (*outlen < modulus_len) { + *outlen = modulus_len; err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } diff --git a/src/pk/rsa/rsa_encrypt_key.c b/src/pk/rsa/rsa_encrypt_key.c index c8c2686..91bac09 100644 --- a/src/pk/rsa/rsa_encrypt_key.c +++ b/src/pk/rsa/rsa_encrypt_key.c @@ -58,6 +58,7 @@ int rsa_encrypt_key(const unsigned char *in, unsigned long inlen, /* outlen must be at least the size of the modulus */ modulus_bytelen = mp_unsigned_bin_size( (key->N)); if (modulus_bytelen > *outlen) { + *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/pk/rsa/rsa_exptmod.c b/src/pk/rsa/rsa_exptmod.c index ce70835..e751365 100644 --- a/src/pk/rsa/rsa_exptmod.c +++ b/src/pk/rsa/rsa_exptmod.c @@ -83,6 +83,7 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* read it back */ x = (unsigned long)mp_unsigned_bin_size(key->N); if (x > *outlen) { + *outlen = x; err = CRYPT_BUFFER_OVERFLOW; goto done; } diff --git a/src/pk/rsa/rsa_free.c b/src/pk/rsa/rsa_free.c index 972a8ea..b477fb9 100644 --- a/src/pk/rsa/rsa_free.c +++ b/src/pk/rsa/rsa_free.c @@ -23,7 +23,7 @@ */ void rsa_free(rsa_key *key) { - LTC_ARGCHK(key != NULL); + LTC_ARGCHKVD(key != NULL); mp_clear_multi( key->e, key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); } diff --git a/src/pk/rsa/rsa_sign_hash.c b/src/pk/rsa/rsa_sign_hash.c index bae8aa9..dcaf4ed 100644 --- a/src/pk/rsa/rsa_sign_hash.c +++ b/src/pk/rsa/rsa_sign_hash.c @@ -58,6 +58,7 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen, /* outlen must be at least the size of the modulus */ modulus_bytelen = mp_unsigned_bin_size( (key->N)); if (modulus_bytelen > *outlen) { + *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 1724ffc..72055c9 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -74,6 +74,7 @@ static int fortuna_reseed(prng_state *prng) /* new K == SHA256(K || s) where s == SHA256(P0) || SHA256(P1) ... */ sha256_init(&md); if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) { + sha256_done(&md, tmp); return err; } @@ -81,14 +82,19 @@ static int fortuna_reseed(prng_state *prng) if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) { /* terminate this hash */ if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) { + sha256_done(&md, tmp); return err; } /* add it to the string */ if ((err = sha256_process(&md, tmp, 32)) != CRYPT_OK) { + sha256_done(&md, tmp); return err; } /* reset this pool */ - sha256_init(&prng->fortuna.pool[x]); + if ((err = sha256_init(&prng->fortuna.pool[x])) != CRYPT_OK) { + sha256_done(&md, tmp); + return err; + } } else { break; } @@ -123,13 +129,19 @@ static int fortuna_reseed(prng_state *prng) */ int fortuna_start(prng_state *prng) { - int err, x; + int err, x, y; + unsigned char tmp[MAXBLOCKSIZE]; LTC_ARGCHK(prng != NULL); /* initialize the pools */ for (x = 0; x < FORTUNA_POOLS; x++) { - sha256_init(&prng->fortuna.pool[x]); + if ((err = sha256_init(&prng->fortuna.pool[x])) != CRYPT_OK) { + for (y = 0; y < x; y++) { + sha256_done(&prng->fortuna.pool[x], tmp); + } + return err; + } } prng->fortuna.pool_idx = prng->fortuna.pool0_len = prng->fortuna.reset_cnt = prng->fortuna.wd = 0; @@ -137,6 +149,9 @@ int fortuna_start(prng_state *prng) /* reset bufs */ zeromem(prng->fortuna.K, 32); if ((err = rijndael_setup(prng->fortuna.K, 32, 0, &prng->fortuna.skey)) != CRYPT_OK) { + for (x = 0; x < FORTUNA_POOLS; x++) { + sha256_done(&prng->fortuna.pool[x], tmp); + } return err; } zeromem(prng->fortuna.IV, 16); @@ -312,6 +327,7 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng) /* we'll write bytes for s&g's */ if (*outlen < 32*FORTUNA_POOLS) { LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock); + *outlen = 32*FORTUNA_POOLS; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/prngs/rc4.c b/src/prngs/rc4.c index 5c78006..da52cb6 100644 --- a/src/prngs/rc4.c +++ b/src/prngs/rc4.c @@ -171,6 +171,7 @@ int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng) LTC_ARGCHK(prng != NULL); if (*outlen < 32) { + *outlen = 32; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/prngs/sober128.c b/src/prngs/sober128.c index 191a4d3..34c0b51 100644 --- a/src/prngs/sober128.c +++ b/src/prngs/sober128.c @@ -381,6 +381,7 @@ int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng) LTC_ARGCHK(prng != NULL); if (*outlen < 64) { + *outlen = 64; return CRYPT_BUFFER_OVERFLOW; } diff --git a/src/prngs/yarrow.c b/src/prngs/yarrow.c index dc7aec0..298ec5e 100644 --- a/src/prngs/yarrow.c +++ b/src/prngs/yarrow.c @@ -273,6 +273,7 @@ int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng) /* we'll write 64 bytes for s&g's */ if (*outlen < 64) { LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock); + *outlen = 64; return CRYPT_BUFFER_OVERFLOW; } diff --git a/testprof/der_tests.c b/testprof/der_tests.c index e3ad1ed..315ba98 100644 --- a/testprof/der_tests.c +++ b/testprof/der_tests.c @@ -63,19 +63,19 @@ static void der_set_test(void) exit(EXIT_FAILURE); } - strcpy(strs[0], "one"); - strcpy(strs[1], "one2"); - strcpy(strs[2], "two"); - strcpy(strs[3], "aaa"); - strcpy(strs[4], "aaaa"); - strcpy(strs[5], "aab"); - strcpy(strs[6], "aaab"); - strcpy(strs[7], "bbb"); - strcpy(strs[8], "bbba"); - strcpy(strs[9], "bbbb"); + strcpy((char*)strs[0], "one"); + strcpy((char*)strs[1], "one2"); + strcpy((char*)strs[2], "two"); + strcpy((char*)strs[3], "aaa"); + strcpy((char*)strs[4], "aaaa"); + strcpy((char*)strs[5], "aab"); + strcpy((char*)strs[6], "aaab"); + strcpy((char*)strs[7], "bbb"); + strcpy((char*)strs[8], "bbba"); + strcpy((char*)strs[9], "bbbb"); for (x = 0; x < 10; x++) { - LTC_SET_ASN1(list, x, LTC_ASN1_PRINTABLE_STRING, strs[x], strlen(strs[x])); + LTC_SET_ASN1(list, x, LTC_ASN1_PRINTABLE_STRING, strs[x], strlen((char*)strs[x])); } outlen = sizeof(outbuf); @@ -96,8 +96,8 @@ static void der_set_test(void) /* now compare */ for (x = 1; x < 10; x++) { - if (!(strlen(strs[x-1]) <= strlen(strs[x])) && strcmp(strs[x-1], strs[x]) >= 0) { - fprintf(stderr, "error SET OF order at %d is wrong\n", x); + if (!(strlen((char*)strs[x-1]) <= strlen((char*)strs[x])) && strcmp((char*)strs[x-1], (char*)strs[x]) >= 0) { + fprintf(stderr, "error SET OF order at %lu is wrong\n", x); exit(EXIT_FAILURE); } } @@ -638,7 +638,7 @@ int der_tests(void) /* test OID */ x = sizeof(buf[0]); - DO(der_encode_object_identifier(rsa_oid, sizeof(rsa_oid)/sizeof(rsa_oid[0]), buf[0], &x)); + DO(der_encode_object_identifier((unsigned long*)rsa_oid, sizeof(rsa_oid)/sizeof(rsa_oid[0]), buf[0], &x)); if (x != sizeof(rsa_oid_der) || memcmp(rsa_oid_der, buf[0], x)) { fprintf(stderr, "rsa_oid_der encode failed to match, %lu, ", x); for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); @@ -698,45 +698,45 @@ int der_tests(void) /* IA5 string */ x = sizeof(buf[0]); - DO(der_encode_ia5_string(rsa_ia5, strlen(rsa_ia5), buf[0], &x)); + DO(der_encode_ia5_string(rsa_ia5, strlen((char*)rsa_ia5), buf[0], &x)); if (x != sizeof(rsa_ia5_der) || memcmp(buf[0], rsa_ia5_der, x)) { fprintf(stderr, "IA5 encode failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_ia5_der)); return 1; } - DO(der_length_ia5_string(rsa_ia5, strlen(rsa_ia5), &y)); + DO(der_length_ia5_string(rsa_ia5, strlen((char*)rsa_ia5), &y)); if (y != x) { fprintf(stderr, "IA5 length failed to match: %lu, %lu\n", x, y); return 1; } y = sizeof(buf[1]); DO(der_decode_ia5_string(buf[0], x, buf[1], &y)); - if (y != strlen(rsa_ia5) || memcmp(buf[1], rsa_ia5, strlen(rsa_ia5))) { + if (y != strlen((char*)rsa_ia5) || memcmp(buf[1], rsa_ia5, strlen((char*)rsa_ia5))) { fprintf(stderr, "DER IA5 failed test vector\n"); return 1; } /* Printable string */ x = sizeof(buf[0]); - DO(der_encode_printable_string(rsa_printable, strlen(rsa_printable), buf[0], &x)); + DO(der_encode_printable_string(rsa_printable, strlen((char*)rsa_printable), buf[0], &x)); if (x != sizeof(rsa_printable_der) || memcmp(buf[0], rsa_printable_der, x)) { fprintf(stderr, "PRINTABLE encode failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_printable_der)); return 1; } - DO(der_length_printable_string(rsa_printable, strlen(rsa_printable), &y)); + DO(der_length_printable_string(rsa_printable, strlen((char*)rsa_printable), &y)); if (y != x) { fprintf(stderr, "printable length failed to match: %lu, %lu\n", x, y); return 1; } y = sizeof(buf[1]); DO(der_decode_printable_string(buf[0], x, buf[1], &y)); - if (y != strlen(rsa_printable) || memcmp(buf[1], rsa_printable, strlen(rsa_printable))) { + if (y != strlen((char*)rsa_printable) || memcmp(buf[1], rsa_printable, strlen((char*)rsa_printable))) { fprintf(stderr, "DER printable failed test vector\n"); return 1; } /* Test UTC time */ x = sizeof(buf[0]); - DO(der_encode_utctime(&rsa_time1, buf[0], &x)); + DO(der_encode_utctime((ltc_utctime*)&rsa_time1, buf[0], &x)); if (x != sizeof(rsa_time1_der) || memcmp(buf[0], rsa_time1_der, x)) { fprintf(stderr, "UTCTIME encode of rsa_time1 failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_time1_der)); fprintf(stderr, "\n\n"); @@ -744,7 +744,7 @@ for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n"); return 1; } - DO(der_length_utctime(&rsa_time1, &y)); + DO(der_length_utctime((ltc_utctime*)&rsa_time1, &y)); if (y != x) { fprintf(stderr, "UTCTIME length failed to match for rsa_time1: %lu, %lu\n", x, y); return 1; @@ -766,7 +766,7 @@ tmp_time.off_hh); } x = sizeof(buf[0]); - DO(der_encode_utctime(&rsa_time2, buf[0], &x)); + DO(der_encode_utctime((ltc_utctime*)&rsa_time2, buf[0], &x)); if (x != sizeof(rsa_time2_der) || memcmp(buf[0], rsa_time2_der, x)) { fprintf(stderr, "UTCTIME encode of rsa_time2 failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_time1_der)); fprintf(stderr, "\n\n"); @@ -774,7 +774,7 @@ for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n"); return 1; } - DO(der_length_utctime(&rsa_time2, &y)); + DO(der_length_utctime((ltc_utctime*)&rsa_time2, &y)); if (y != x) { fprintf(stderr, "UTCTIME length failed to match for rsa_time2: %lu, %lu\n", x, y); return 1; diff --git a/testprof/makefile b/testprof/makefile index 05ff9b4..4cc70ff 100644 --- a/testprof/makefile +++ b/testprof/makefile @@ -7,7 +7,7 @@ endif OBJECTS = base64_test.o cipher_hash_test.o der_tests.o \ dsa_test.o ecc_test.o mac_test.o modes_test.o pkcs_1_test.o rsa_test.o \ -store_test.o test.o x86_prof.o katja_test.o +store_test.o test_driver.o x86_prof.o katja_test.o ifndef LIBTEST_S LIBTEST_S=libtomcrypt_prof.a diff --git a/testprof/makefile.icc b/testprof/makefile.icc index e021d77..60628ce 100644 --- a/testprof/makefile.icc +++ b/testprof/makefile.icc @@ -3,7 +3,7 @@ CC=icc OBJECTS = base64_test.o cipher_hash_test.o der_tests.o \ dsa_test.o ecc_test.o mac_test.o modes_test.o pkcs_1_test.o rsa_test.o \ -store_test.o test.o x86_prof.o katja_test.o +store_test.o test_driver.o x86_prof.o katja_test.o ifndef LIBTEST_S LIBTEST_S = libtomcrypt_prof.a diff --git a/testprof/makefile.msvc b/testprof/makefile.msvc index e05e9e6..d330f93 100644 --- a/testprof/makefile.msvc +++ b/testprof/makefile.msvc @@ -2,7 +2,7 @@ CFLAGS = /I../src/headers/ /I./ /Ox /DWIN32 /DLTC_SOURCE /W3 /Fo$@ OBJECTS=base64_test.obj cipher_hash_test.obj der_tests.obj \ dsa_test.obj ecc_test.obj mac_test.obj modes_test.obj pkcs_1_test.obj \ -rsa_test.obj store_test.obj test.obj x86_prof.obj katja_test.obj +rsa_test.obj store_test.obj test_driver.obj x86_prof.obj katja_test.obj tomcrypt_prof.lib: $(OBJECTS) lib /out:tomcrypt_prof.lib $(OBJECTS) diff --git a/testprof/makefile.shared b/testprof/makefile.shared index f57968b..b3abba5 100644 --- a/testprof/makefile.shared +++ b/testprof/makefile.shared @@ -9,7 +9,7 @@ endif OBJECTS = base64_test.o cipher_hash_test.o der_tests.o \ dsa_test.o ecc_test.o mac_test.o modes_test.o pkcs_1_test.o rsa_test.o \ -store_test.o test.o x86_prof.o katja_test.o +store_test.o test_driver.o x86_prof.o katja_test.o ifndef LIBTEST LIBTEST=libtomcrypt_prof.la diff --git a/testprof/modes_test.c b/testprof/modes_test.c index e6d49f8..0e7c672 100644 --- a/testprof/modes_test.c +++ b/testprof/modes_test.c @@ -31,6 +31,10 @@ int modes_test(void) return 1; } +#ifdef LTC_F8_MODE + DO(f8_test_mode()); +#endif + #ifdef LRW_MODE DO(lrw_test()); #endif diff --git a/testprof/test.c b/testprof/test_driver.c similarity index 100% rename from testprof/test.c rename to testprof/test_driver.c diff --git a/testprof/tomcrypt_test.h b/testprof/tomcrypt_test.h index 559d6cf..ebcacbb 100644 --- a/testprof/tomcrypt_test.h +++ b/testprof/tomcrypt_test.h @@ -5,7 +5,7 @@ #include /* enable stack testing */ -// #define STACK_TEST +/* #define STACK_TEST */ /* stack testing, define this if stack usage goes downwards [e.g. x86] */ #define STACK_DOWN diff --git a/testprof/x86_prof.c b/testprof/x86_prof.c index 0fbc7ad..03c58d6 100644 --- a/testprof/x86_prof.c +++ b/testprof/x86_prof.c @@ -18,7 +18,7 @@ void tally_results(int type) { int x; - // qsort the results + /* qsort the results */ qsort(results, no_results, sizeof(struct list), &sorter); fprintf(stderr, "\n"); @@ -75,7 +75,7 @@ ulong64 rdtsc (void) return XCLOCK(); #endif - // Microsoft and Intel Windows compilers + /* Microsoft and Intel Windows compilers */ #elif defined _M_IX86 && !defined(LTC_NO_ASM) __asm rdtsc #elif defined _M_AMD64 && !defined(LTC_NO_ASM) @@ -627,7 +627,7 @@ int time_hash(void) } #undef MPI -//#warning you need an mp_rand!!! +/*#warning you need an mp_rand!!!*/ #ifdef MPI void time_mult(void) @@ -781,7 +781,7 @@ void time_rsa(void) t_start(); t1 = t_read(); z = sizeof(buf[1]); - if ((err = rsa_encrypt_key(buf[0], 32, buf[1], &z, "testprog", 8, &yarrow_prng, + if ((err = rsa_encrypt_key(buf[0], 32, buf[1], &z, (const unsigned char *)"testprog", 8, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_encrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); @@ -798,7 +798,7 @@ void time_rsa(void) t_start(); t1 = t_read(); zzz = sizeof(buf[0]); - if ((err = rsa_decrypt_key(buf[1], z, buf[0], &zzz, "testprog", 8, find_hash("sha1"), + if ((err = rsa_decrypt_key(buf[1], z, buf[0], &zzz, (const unsigned char *)"testprog", 8, find_hash("sha1"), &zz, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_decrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -916,7 +916,7 @@ void time_ecc(void) for (x = sizes[i=0]; x < 100000; x = sizes[++i]) { t2 = 0; - for (y = 0; y < 64; y++) { + for (y = 0; y < 256; y++) { t_start(); t1 = t_read(); if ((err = ecc_make_key(&yarrow_prng, find_prng("yarrow"), x, &key)) != CRYPT_OK) { @@ -926,15 +926,15 @@ void time_ecc(void) t1 = t_read() - t1; t2 += t1; - if (y < 63) { + if (y < 255) { ecc_free(&key); } } - t2 >>= 6; + t2 >>= 8; fprintf(stderr, "ECC-%lu make_key took %15llu cycles\n", x*8, t2); t2 = 0; - for (y = 0; y < 16; y++) { + for (y = 0; y < 256; y++) { t_start(); t1 = t_read(); z = sizeof(buf[1]); @@ -946,7 +946,7 @@ void time_ecc(void) t1 = t_read() - t1; t2 += t1; } - t2 >>= 4; + t2 >>= 8; fprintf(stderr, "ECC-%lu encrypt_key took %15llu cycles\n", x*8, t2); ecc_free(&key); }