static int
cast5_setkey(void *ctx, const u8 * key, unsigned key_len, u32 * flags)
{
int i;
u32 x[4];
u32 z[4];
u32 k[16];
__be32 p_key[4];
struct cast5_ctx *c = (struct cast5_ctx *) ctx;
if (key_len < 5 || key_len > 16) {
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
return -EINVAL;
}
c->rr = key_len <= 10 ? 1 : 0;
memset(p_key, 0, 16);
memcpy(p_key, key, key_len);
x[0] = be32_to_cpu(p_key[0]);
x[1] = be32_to_cpu(p_key[1]);
x[2] = be32_to_cpu(p_key[2]);
x[3] = be32_to_cpu(p_key[3]);
key_schedule(x, z, k);
for (i = 0; i < 16; i++)
c->Km[i] = k[i];
key_schedule(x, z, k);
for (i = 0; i < 16; i++)
c->Kr[i] = k[i] & 0x1f;
return 0;
}
static int cast5_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned key_len)
{
struct cast5_ctx *c = crypto_tfm_ctx(tfm);
int i;
u32 x[4];
u32 z[4];
u32 k[16];
__be32 p_key[4];
c->rr = key_len <= 10 ? 1 : 0;
memset(p_key, 0, 16);
memcpy(p_key, key, key_len);
x[0] = be32_to_cpu(p_key[0]);
x[1] = be32_to_cpu(p_key[1]);
x[2] = be32_to_cpu(p_key[2]);
x[3] = be32_to_cpu(p_key[3]);
key_schedule(x, z, k);
for (i = 0; i < 16; i++)
c->Km[i] = k[i];
key_schedule(x, z, k);
for (i = 0; i < 16; i++)
c->Kr[i] = k[i] & 0x1f;
return 0;
}
int crypto_stream_skinny128128ecb_avx2(
unsigned char *out,
unsigned char *in,
unsigned long long inlen,
const unsigned char *k
)
{
int i, j;
u256 rk[40][16];
u256 x[32];
u256 key;
if (!inlen) return 0;
key_schedule(k, rk);
while(inlen >= 1024){
pack_message(x, in);
encrypt_64blocks(x, rk);
unpack_and_store_message(out, x);
inlen -= 1024;
in += 1024;
out += 1024;
}
return 0;
}
char* serpent_decrypt(uint32_t key[KEY_LENGTH], char* input, int test) {
char* output;
output = (char*) malloc(sizeof(char));
output[0] = '\0';
int done = F;
uint32_t round_keys[NUM_ROUND_KEYS][ROUND_KEY_LENGTH]; uint32_t current_block[BLOCK_LENGTH];
uint32_t past_block[BLOCK_LENGTH];
uint32_t iv[BLOCK_LENGTH];
char** input_ptr = &input;
key_schedule(round_keys, key);
if (!test) {
read_iv(input_ptr, iv); /* If test there isn't an IV */
}
memcpy(past_block, iv, BLOCK_LENGTH * BYTE_CHUNK_SIZE);
while (!done) {
done = decrypt_read_block(input_ptr, current_block);
decrypt_block(round_keys, current_block, past_block, output, test); // the function sets current_block from this call to past_block for next
}
return output;
}
void test_key_schedule_128bitkey(){
unsigned char keys[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
unsigned char expected[] =
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x62, 0x63, 0x63, 0x63, 0x62, 0x63, 0x63, 0x63, 0x62, 0x63, 0x63, 0x63, 0x62, 0x63, 0x63, 0x63,
0x9b, 0x98, 0x98, 0xc9, 0xf9, 0xfb, 0xfb, 0xaa, 0x9b, 0x98, 0x98, 0xc9, 0xf9, 0xfb, 0xfb, 0xaa,
0x90, 0x97, 0x34, 0x50, 0x69, 0x6c, 0xcf, 0xfa, 0xf2, 0xf4, 0x57, 0x33, 0x0b, 0x0f, 0xac, 0x99,
0xee, 0x06, 0xda, 0x7b, 0x87, 0x6a, 0x15, 0x81, 0x75, 0x9e, 0x42, 0xb2, 0x7e, 0x91, 0xee, 0x2b,
0x7f, 0x2e, 0x2b, 0x88, 0xf8, 0x44, 0x3e, 0x09, 0x8d, 0xda, 0x7c, 0xbb, 0xf3, 0x4b, 0x92, 0x90,
0xec, 0x61, 0x4b, 0x85, 0x14, 0x25, 0x75, 0x8c, 0x99, 0xff, 0x09, 0x37, 0x6a, 0xb4, 0x9b, 0xa7,
0x21, 0x75, 0x17, 0x87, 0x35, 0x50, 0x62, 0x0b, 0xac, 0xaf, 0x6b, 0x3c, 0xc6, 0x1b, 0xf0, 0x9b,
0x0e, 0xf9, 0x03, 0x33, 0x3b, 0xa9, 0x61, 0x38, 0x97, 0x06, 0x0a, 0x04, 0x51, 0x1d, 0xfa, 0x9f,
0xb1, 0xd4, 0xd8, 0xe2, 0x8a, 0x7d, 0xb9, 0xda, 0x1d, 0x7b, 0xb3, 0xde, 0x4c, 0x66, 0x49, 0x41,
0xb4, 0xef, 0x5b, 0xcb, 0x3e, 0x92, 0xe2, 0x11, 0x23, 0xe9, 0x51, 0xcf, 0x6f, 0x8f, 0x18, 0x8e};
key_schedule(keys, 16);
print_keys(keys, 176);
printf("\n");
print_keys(expected, 176);
assert( bytencmp(keys, expected, 176) == 0 );
}
int main()
{
uint16_t
x[2*N_BRANCHES],
master_key[2*K_SIZE],
k[N_BRANCHES*N_STEPS+1][2*ROUNDS_PER_STEPS] = {{0}};
uint8_t i, j;
initialize_test_vectors(x, master_key);
printf("master = ");
for (i=0 ; i<2*K_SIZE ; i++)
{
printf("%04x ", master_key[i]);
}
key_schedule(k, master_key);
for (i=0 ; i<N_BRANCHES*N_STEPS+1 ; i++)
{
printf("\nk^{%2d} = ", i);
for (j=0 ; j<2*ROUNDS_PER_STEPS ; j++)
printf("%04x ", k[i][j]);
}
printf("\n\nplaintext = ");
for (i=0 ; i<2*N_BRANCHES ; i++)
{
printf("%04x ", x[i]);
}
sparx_encrypt(x, k);
printf("\nciphertext = ");
for (i=0 ; i<2*N_BRANCHES ; i++)
{
printf("%04x ", x[i]);
}
check_test_vectors(x, 0);
sparx_decrypt(x, k);
printf("\ndecryption = ");
for (i=0 ; i<2*N_BRANCHES ; i++)
{
printf("%04x ", x[i]);
}
check_test_vectors(x, 1);
printf("\n");
return 0;
}
void Tiger::Transform (word64 *digest, const word64 *X)
{
word64 a = digest[0];
word64 b = digest[1];
word64 c = digest[2];
word64 Y[8];
pass(a,b,c,5,X);
key_schedule(Y,X);
pass(c,a,b,7,Y);
key_schedule(Y,Y);
pass(b,c,a,9,Y);
digest[0] = a ^ digest[0];
digest[1] = b - digest[1];
digest[2] = c + digest[2];
Y[0] = Y[1] = Y[2] = Y[3] = Y[4] = Y[5] = Y[6] = Y[7] = 0;
}
void PRESENT80_InitKEY(const unsigned char* userkey){
ALIGN16(unsigned char tk[16]);
memset(tk, 0, sizeof(tk));
memcpy(tk, userkey, 2);
memcpy(tk+8, userkey, 2);
dqword lowkey = LOAD(tk);
memcpy(tk, userkey+2, 8);
memcpy(tk+8, userkey+2, 8);
dqword highkey = LOAD(tk);
rks[0] = highkey;
format_input(&rks[0]);
for(int i=0; i<31; i++){
key_schedule(&highkey, &lowkey, i);
rks[i+1] = highkey;
format_input(&rks[i+1]);
}
}
void aes128_ecb_decrypt(uint8_t *plaintext, const uint8_t *key, const uint8_t *ciphertext) {
int round;
memcpy(plaintext, ciphertext, 16);
key_schedule(key, round_keys);
add_round_key(plaintext, round_keys + 160);
inv_shift_rows(plaintext);
inv_sub_bytes(plaintext);
for (round = N_ROUNDS - 1; round > 0; round--) {
add_round_key(plaintext, round_keys + 16 * round);
inv_mix_columns(plaintext);
inv_shift_rows(plaintext);
inv_sub_bytes(plaintext);
}
add_round_key(plaintext, round_keys);
}
void aes128_ecb_encrypt(const uint8_t *plaintext, const uint8_t *key, uint8_t *ciphertext) {
int round;
memcpy(ciphertext, plaintext, 16);
key_schedule(key, round_keys);
add_round_key(ciphertext, round_keys);
for (round = 1; round < N_ROUNDS; round++) {
sub_bytes(ciphertext);
shift_rows(ciphertext);
mix_columns(ciphertext);
add_round_key(ciphertext, round_keys + 16 * round);
}
sub_bytes(ciphertext);
shift_rows(ciphertext);
add_round_key(ciphertext, round_keys + 160);
}
void encrypt(WORDSIZE* data, WORDSIZE* key)
{
WORDSIZE round_keys[ROUNDS * 4];
key_schedule(permutation, round_keys, key, ROUNDS, 4);
key_alternating_cipher(permutation, round_keys, data, ROUNDS, 4);
}
int crypto_aead_encrypt(
unsigned char *c,unsigned long long *clen,
const unsigned char *m,unsigned long long mlen,
const unsigned char *ad,unsigned long long adlen,
const unsigned char *nsec,
const unsigned char *npub,
const unsigned char *k
)
{
u8 param[]={0x06,0,0,0,0x80,0,0,0};
block L, W, Delta_0, Delta_1, Delta_2, blk, result, CS;
int i; u8 zeroes[16], ozs[16], blen = 16, Is_final = 0, Is_complete =1;
unsigned long long cnt;
for(i=0; i<16; i++) {zeroes[i]=0x00;}
for(i=1; i<16; i++) {ozs[i]=0x00;} ozs[0] = 0x80;
cnt = (8+mlen-1)/16 + 1;
*clen = (cnt +1)* 16 + 1;
if((mlen+8)%16 == 0)
c[*clen-1] = 0x00;
else
c[*clen-1] = 0x01;
key_schedule(k);
/* ========== Generate the Masks =========== */
AES(6, ENCRYPT, blk, zeroes, &aes_key1);
AES(6, ENCRYPT, L, blk, &aes_key1);
mult_3(Delta_0, L);
mult_inv2(Delta_0, Delta_0);
mult_inv2(Delta_1, L);
mult_3(Delta_2, L);
mult_3(Delta_2, Delta_2);
mult_inv2(Delta_2, Delta_2);
/* ====== Process Associated Data ======== */
for(i=0; i<16; i++)
W[i]=0x00;
process_AD(W, Delta_0, npub, param, ad, adlen);
/* ================ Process Successive Message Blocks ==================== */
/* ====== Process the first Message block, whose first 8 byte is the secret message number ===== */
if(mlen < 8){ Is_complete = 0; }
if(mlen <= 8) { blen = 8 + mlen; }
load_block(blk, nsec, m, 8, blen-8); copy_block(CS, blk);
process_block(Delta_1, Delta_2, result, blk, W, Is_complete, ENCRYPT, Is_final, MESSAGE);
store_bytes(c, result, 0, 15); c +=16;
if(mlen >= 8) {mlen -= 8; m +=8;}
else mlen = 0;
/* ============= Process Message blocks ================== */
while(mlen > 0){
if(mlen >= 16){
load_block(blk, m, ozs, 16, 0);
if(mlen == 16) {xor_block(blk, blk, CS); }
else xor_block(CS, CS, blk);
blen = 16; mlen -= 16; m+=16;
}
else {Is_complete = 0; blen = mlen; mlen = 0;
load_block(blk, m, ozs, blen, 0); xor_block(blk, CS, blk);
}
process_block(Delta_1, Delta_2, result, blk, W, Is_complete, ENCRYPT, Is_final, MESSAGE);
store_bytes(c, result, 0, 15); c +=16;
}
/* ================ Process checksum block ====================== */
process_block(Delta_1, Delta_2, result, blk, W, 1, ENCRYPT, 1, MESSAGE);
store_bytes(c, result, 0, 15);
return 0;
}
/* =================== ELmD(6,0,0) Verified Decryption Function =================== */
int crypto_aead_decrypt(
unsigned char *m,unsigned long long *mlen,
unsigned char *nsec,
const unsigned char *c, unsigned long long clen,
const unsigned char *ad, unsigned long long adlen,
const unsigned char *npub,
const unsigned char *k
)
{
u8 param[]={0x06,0,0,0,0x80,0,0,0};
block L, W, Delta_0, Delta_1, Delta_2, blk, result, CS;
int i, j, flag=0; u8 zeroes[16], ozs[16], blen = 16, Is_final = 0, Is_complete =1;
unsigned long long outputmlen;
for(i=0; i<16; i++) {zeroes[i]=0x00;} // all zero.
for(i=1; i<16; i++) {ozs[i]=0x00;} ozs[0] = 0x80; //useful for padding.
if(((clen % 16) != 1)||(clen < 33))
return -1;
key_schedule(k);
/* =========== Generate the Masks ========== */
AES(6, ENCRYPT, blk, zeroes, &aes_key1);
AES(6, ENCRYPT, L, blk, &aes_key1);
mult_3(Delta_0, L);
mult_inv2(Delta_0, Delta_0);
mult_inv2(Delta_1, L);
mult_3(Delta_2, L);
mult_3(Delta_2, Delta_2);
mult_inv2(Delta_2, Delta_2);
/* ============= Process Associated Data ================ */
for(i=0; i<16; i++)
W[i]=0x00;
process_AD(W, Delta_0, npub, param, ad, adlen);
load_block(CS, zeroes, zeroes, 16, 0);
/* ================ Process Ciphertext Blocks ============ */
load_block(blk, c, zeroes, 16, 0);
/* =================== Process 1st Block =================== */
if( (clen==33) && (c[clen-1]==0x01) ) {
process_block(Delta_2, Delta_1, result, blk, W, 0, DECRYPT, Is_final, CIPHERTEXT);
for(i=15; i>7; i--) { if(result[i]==0x80) { flag=1; break; } }
if(flag == 0) {return -1; }
for(j=i+1; j<16; j++) { if(result[j]!=0) {return -1; }}
store_bytes(m, result, 8, i-1);
outputmlen = i-8;
}
else {
process_block(Delta_2, Delta_1, result, blk, W, 1, DECRYPT, Is_final, CIPHERTEXT);
store_bytes(m, result, 8, 15); m +=8; outputmlen = 8;
}
xor_block(CS, CS, result); store_bytes(nsec, result, 0, 7);
clen -= 16; c+=16;
/* ============= Process Successive Ciphertext Blocks ============== */
while(clen > 17){
load_block(blk, c, zeroes, 16, 0);
if((clen == 33) && (c[clen-1]==0x01)) {
process_block(Delta_2, Delta_1, result, blk, W, 0, DECRYPT, Is_final, CIPHERTEXT);
xor_block(result, result, CS);
for(i=15; i>0; i--) { if(result[i]==0x80) { flag=1; break; } }
if(flag == 0) {return -1;}
for(j=i+1; j<16; j++) { if(result[j]!=0) {return -1; }}
store_bytes(m, result, 0, i-1); outputmlen += i;
}
else{
process_block(Delta_2, Delta_1, result, blk, W, 1, DECRYPT, Is_final, CIPHERTEXT);
if(clen == 33) { xor_block(result, result, CS); }
store_bytes(m, result, 0, 15); outputmlen += 16;
}
xor_block(CS, CS, result);
clen -= 16; c+=16;
if(clen != 17)
m +=16;
}
/* ========== Process checksum block ============= */
Is_final = 1;
process_block(Delta_2, Delta_1, result, c, W, 1, DECRYPT, Is_final, CIPHERTEXT);
for(i=0; i<16; i++) {if(CS[i]!=result[i]) return -1; }
*mlen = outputmlen;
return 0;
}
int crypto_aead_encrypt(
unsigned char *c,unsigned long long *clen,
const unsigned char *m,unsigned long long mlen,
const unsigned char *ad,unsigned long long adlen,
const unsigned char *nsec,
const unsigned char *npub,
const unsigned char *k
)
{
u8 param[]={0x06,0,0x7f,0x81,0x80,0,0,0};
block L, W, Delta_0, Delta_1, Delta_2, blk, result, CS;
int i;
unsigned long long h, blk_ctr=0, blk_ctr1=0 ;
u8 zeroes[16], ozs[16], blen = 16, Is_final = 0, Is_complete =1;
for(i=0; i<16; i++) {zeroes[i]=0x00;}
for(i=1; i<16; i++) {ozs[i]=0x00;} ozs[0] = 0x80;
h = (mlen+8-1) / (IT_GAP * 16);
if(h > IT_MAX)
h = IT_MAX;
*clen = mlen + 24 + h*16 ;
key_schedule(k);
/* ========== Generate the Masks =========== */
AES(6, ENCRYPT, blk, zeroes, &aes_key1);
AES(6, ENCRYPT, L, blk, &aes_key1);
mult_3(Delta_0, L);
mult_inv2(Delta_0, Delta_0);
mult_inv2(Delta_1, L);
mult_3(Delta_2, L);
mult_3(Delta_2, Delta_2);
mult_inv2(Delta_2, Delta_2);
/* ====== Process Associated Data ======== */
for(i=0; i<16; i++)
W[i]=0x00;
process_AD(W, Delta_0, npub, param, ad, adlen);
/* ================ Process Message Blocks ==================== */
/* ====== Process the first Message block, whose first 8 byte is the secret message number ===== */
if(mlen < 8){ Is_complete = 0; }
if(mlen <= 8) { blen = 8 + mlen; }
load_block(blk, nsec, m, 8, blen-8); copy_block(CS, blk);
process_block(Delta_1, Delta_2, result, blk, W, Is_complete, ENCRYPT, Is_final, MESSAGE);
store_bytes(c, result, 0, 15); c +=16; blk_ctr++;
if(mlen >= 8) {mlen -= 8; m +=8;}
else mlen = 0;
/* ============= Process Message blocks ================== */
while(mlen > 0){
if(mlen >= 16){
load_block(blk, m, ozs, 16, 0);
if(mlen == 16){xor_block(blk, CS, blk); }
else xor_block(CS, CS, blk);
//xor_block(CS, CS, blk);
blen = 16; mlen -= 16; m+=16;
}
else {Is_complete = 0; blen = mlen; mlen = 0;
load_block(blk, m, ozs, blen, 0); xor_block(blk, CS, blk);
}
process_block(Delta_1, Delta_2, result, blk, W, Is_complete, ENCRYPT, Is_final, MESSAGE);
store_bytes(c, result, 0, 15); c +=16; blk_ctr++;
if(blk_ctr == IT_GAP && blk_ctr1 < IT_MAX && mlen>0) {
AES(6, DECRYPT, result, W, &aes_key2);
mask(Delta_2, result, result, 1);
store_bytes(c, result, 0, 15); c +=16; blk_ctr =0; blk_ctr1++;
}
}
/* ================ Process checksum block ====================== */
process_block(Delta_1, Delta_2, result, blk, W, 1, ENCRYPT, 1, MESSAGE);
store_bytes(c, result, 0, blen-1);
return 0;
}
/* =================== ELmD(6,127,1) Verified Decryption Function =================== */
int crypto_aead_decrypt(
unsigned char *m,unsigned long long *mlen,
unsigned char *nsec,
const unsigned char *c, unsigned long long clen,
const unsigned char *ad, unsigned long long adlen,
const unsigned char *npub,
const unsigned char *k
)
{
u8 param[]={0x06,0,0x7f,0x81,0x80,0,0,0};
block L, W, Delta_0, Delta_1, Delta_2, blk, result, CS;
int i; u8 zeroes[16], ozs[16], blen = 16, Is_final = 0, Is_complete =1;
unsigned long long outputmlen, blk_ctr=0, blk_ctr1=0;
for(i=0; i<16; i++) {zeroes[i]=0x00;} // all zero.
for(i=1; i<16; i++) {ozs[i]=0x00;} ozs[0] = 0x80; //useful for padding.
if(clen < 24)
return -1;
key_schedule(k);
/* =========== Generate the Masks ========== */
AES(6, ENCRYPT, blk, zeroes, &aes_key1);
AES(6, ENCRYPT, L, blk, &aes_key1);
mult_3(Delta_0, L);
mult_inv2(Delta_0, Delta_0);
mult_inv2(Delta_1, L);
mult_3(Delta_2, L);
mult_3(Delta_2, Delta_2);
mult_inv2(Delta_2, Delta_2);
/* ============= Process Associated Data ================ */
for(i=0; i<16; i++)
W[i]=0x00;
process_AD(W, Delta_0, npub, param, ad, adlen);
load_block(CS, zeroes, zeroes, 16, 0);
/* ================ Process Ciphertext Blocks ============ */
load_block(blk, c, zeroes, 16, 0);
/* =================== Process 1st Block =================== */
if(clen<32){
process_block(Delta_2, Delta_1, result, blk, W, 0, DECRYPT, Is_final, CIPHERTEXT);
store_bytes(m, result, 8, 8+(clen-25)); outputmlen = clen - 24;
}
else {
process_block(Delta_2, Delta_1, result, blk, W, 1, DECRYPT, Is_final, CIPHERTEXT);
store_bytes(m, result, 8, 15); m +=8; outputmlen = 8;
}
xor_block(CS, CS, result); store_bytes(nsec, result, 0, 7);
clen -= 16; c+=16; blk_ctr ++;
if(clen < 16){
if(result[clen] != 0x80) return -1;
for(i=clen+1; i<16; i++) {if(result[i]!=0) return -1;}
}
/* ============= Process Successive Ciphertext Blocks ============== */
while(clen > 16){
load_block(blk, c, zeroes, 16, 0);
if(clen < 32){
process_block(Delta_2, Delta_1, result, blk, W, 0, DECRYPT, Is_final, CIPHERTEXT);
xor_block(result, result, CS);
store_bytes(m, result, 0, clen - 17); outputmlen += clen-16 ;
}
else{
process_block(Delta_2, Delta_1, result, blk, W, 1, DECRYPT, Is_final, CIPHERTEXT);
if(clen == 32) {xor_block(result, result, CS);}
store_bytes(m, result, 0, 15); outputmlen += 16;
}
xor_block(CS, CS, result);
clen -= 16; c+=16; blk_ctr ++;
if(clen < 16){
if(result[clen] != 0x80) return -1;
for(i=clen+1; i<16; i++) {if(result[i]!=0) return -1;}
}
else
m +=16;
if(blk_ctr == IT_GAP && blk_ctr1 < IT_MAX && clen > 32){
AES(6, DECRYPT, result, W, &aes_key2);
mask(Delta_2, result, result, 1);
for(i=0; i<16; i++) { if(c[i] != result[i]) {return -1; } }
c +=16; clen -= 16; blk_ctr =0; blk_ctr1++;
}
}
/* ========== Process checksum block ============= */
Is_final = 1;
process_block(Delta_1, Delta_2, result, CS, W, 1, ENCRYPT, Is_final, MESSAGE);
for(i=0; i<clen; i++) {if(result[i]!=c[i]) return -1;}
*mlen = outputmlen;
return 0;
}
static Aes aes_encrypt(OE oe, Aes key, Aes in) {
Aes plx = Aes_new(oe);
uint round = 0;
Aes tmp = 0;
*plx = *in;
/*
Add the round key to the state to obtain the final state in
{plx} of this round.
*/
plx=add_round_key(oe,tmp=plx,key);
//oe->p("Final state from this round:");
//print_aes(oe,plx);
Aes_destroy(oe,&tmp);
for(round = 1;round < 11;++round) {
byte b[32] = {0};
/*
Run the key schedule getting the new key in {key1} from the
round number and the old key previously (e.g. before this line)
stored in {key1}.
*/
key = key_schedule(oe,tmp=key,round);
Aes_destroy(oe,&tmp);
/*
Print what round we are at
*/
//osal_sprintf(b,"Round %u:",round);
//oe->p(b);
/*
Perform the S-Box on the state i {plx} which is out AES state.
*/
plx=subbytes(oe,tmp=plx);
//oe->p("After SubBytes:");
//print_aes(oe,plx);
Aes_destroy(oe,&tmp);
/*
Perform the shift rows step from {plx} assigning the new state
to {plx}.
plx = shift_rows(oe,plx);
oe->p("After Shift rows:");
print_aes(oe,plx);
*/
/*
Perform the mix columns step from {plx} assignment the new state
to {plx} again.
*/
if (round < 10) {
//plx = mix_columns(oe,plx);
plx = shift_row_mix_cols(oe,tmp=plx);
Aes_destroy(oe,&tmp);
} else {
plx = shift_rows(oe, tmp=plx);
Aes_destroy(oe,&tmp);
}
//oe->p("After linear transform: ");
//print_aes(oe,plx);
/*
Add the round key to the state to obtain the final state in
{plx} of this round.
*/
plx=add_round_key(oe,tmp=plx,key);
//oe->p("Final state from this round:");
//print_aes(oe,plx);
Aes_destroy(oe,&tmp);
/*
Print the round key.
*/
//oe->p("Key");
//print_aes(oe,key);
}
return plx;
}
void encrypt3(char *s,FILE* f,FILE* p,int decrypt){
char PC1[56]={0};
char PC2[48]={0};
unsigned char input[8]={0};
char V[16]={0};
int K1[16][48],K2[16][48],K3[16][48];
char IP[64]={0};
char IP1[64]={0};
unsigned int m[64]={0};
int L0[32]={0},R0[32]={0};
int i=0,j,k,temp,c,r;
char E[48]={0};
char S[8][64];
char P[32];
int Rtemp[48]={0};
char T[32]={0};
char fun[32]={0};
int output[64]={0};
int outtemp[64]={0};
int cc;
int flag=0;
int count=0;
//fseek(f,0,SEEK_SET);
if(tablecheck(f,PC1,V,PC2,IP,E,S,P)==false){
fprintf(stderr,"malformed table\n");
return ;
}
if(s[0]!='1'){
fprintf(stderr,"key too short\n");
return ;
}
key_schedule(s,PC1,V,PC2,K1);
key_schedule(s+16,PC1,V,PC2,K2);
key_schedule(s+32,PC1,V,PC2,K3);
while((cc=fgetc(p))!=EOF){
input[count]=cc;
count++;
if (count==8) {
array_hex_to_bin(input,m,8,0);
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==0){
Rtemp[j]=(R0[E[j]-1]+K1[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K3[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
for(i=0;i<64;i++){
m[i]=output[i];
}
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==1){
Rtemp[j]=(R0[E[j]-1]+K2[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K2[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
for(i=0;i<64;i++){
m[i]=output[i];
}
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==0){
Rtemp[j]=(R0[E[j]-1]+K3[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K1[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
print_char_from_bin(output,64);
flag=1;
count=0;
}
}
if(count>0){
array_hex_to_bin(input,m,count,8-count);
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==0){
Rtemp[j]=(R0[E[j]-1]+K1[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K3[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
for(i=0;i<64;i++){
m[i]=output[i];
}
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==1){
Rtemp[j]=(R0[E[j]-1]+K2[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K2[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
for(i=0;i<64;i++){
m[i]=output[i];
}
for(i=0;i<32;i++){
L0[i]=m[IP[i]-1];// IP (m1m2...m64)
}
for(i=32;i<64;i++){
R0[i-32]=m[IP[i]-1];
}
if (flag==0) {
fprintf(stderr,"(L0,R0)=");
print_hex_from_bin(L0,32);
print_hex_from_bin(R0,32);
fprintf(stderr,"\n");
}
for(i=0;i<16;i++){
for(j=0;j<48;j++)
{
if(decrypt==0){
Rtemp[j]=(R0[E[j]-1]+K3[i][j])%2;// E(Ri-1)+ki
}else{
Rtemp[j]=(R0[E[j]-1]+K1[15-i][j])%2;
}
}
for(j=0;j<8;j++){
r=Rtemp[j*6]*2+Rtemp[j*6+5];//r and c
c=0;
temp=8;
for(k=1;k<5;k++){
c+=Rtemp[j*6+k]*temp;
temp/=2;
}
temp=S[j][r*16+c];// Sbox
T[j*4+3]=temp%2;
temp/=2;
T[j*4+2]=temp%2;
temp/=2;
T[j*4+1]=temp%2;
temp/=2;
T[j*4]=temp%2;
}
for(j=0;j<32;j++){
fun[j]=T[P[j]-1];//P permutation
}
for(j=0;j<32;j++){
Rtemp[j]=(L0[j]+fun[j])%2;//L0 +
}
if (flag==0) {
fprintf(stderr,"(L%d,R%d)=",i+1,i+1);
print_hex_from_bin(R0,32);
print_hex_from_bin(Rtemp,32);
fprintf(stderr,"\n");
}
if(i!=15){
for(j=0;j<32;j++){
L0[j]=R0[j];
}
for(j=0;j<32;j++){
R0[j]=Rtemp[j];
}
}
}
inverse(IP,IP1);
for(i=0;i<64;i++){
if(i<32)
outtemp[i]=Rtemp[i];
else
outtemp[i]=R0[i-32];
}
for(i=0;i<64;i++){
output[i]=outtemp[IP1[i]-1];
}
//----------------------------------------------------------------------------------------------
print_char_from_bin(output,64);
}
return;
}