void SEAL_Policy<B>::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
{
word32 a, b, c, d, n1, n2, n3, n4;
unsigned int p, q;
for (size_t iteration = 0; iteration < iterationCount; ++iteration)
{
#define Ttab(x) *(word32 *)((byte *)m_T.begin()+x)
a = m_outsideCounter ^ m_R[4*m_insideCounter];
b = rotrFixed(m_outsideCounter, 8U) ^ m_R[4*m_insideCounter+1];
c = rotrFixed(m_outsideCounter, 16U) ^ m_R[4*m_insideCounter+2];
d = rotrFixed(m_outsideCounter, 24U) ^ m_R[4*m_insideCounter+3];
for (unsigned int j=0; j<2; j++)
{
p = a & 0x7fc;
b += Ttab(p);
a = rotrFixed(a, 9U);
p = b & 0x7fc;
c += Ttab(p);
b = rotrFixed(b, 9U);
p = c & 0x7fc;
d += Ttab(p);
c = rotrFixed(c, 9U);
p = d & 0x7fc;
a += Ttab(p);
d = rotrFixed(d, 9U);
}
n1 = d, n2 = b, n3 = a, n4 = c;
p = a & 0x7fc;
b += Ttab(p);
a = rotrFixed(a, 9U);
p = b & 0x7fc;
c += Ttab(p);
b = rotrFixed(b, 9U);
p = c & 0x7fc;
d += Ttab(p);
c = rotrFixed(c, 9U);
p = d & 0x7fc;
a += Ttab(p);
d = rotrFixed(d, 9U);
// generate 8192 bits
for (unsigned int i=0; i<64; i++)
{
p = a & 0x7fc;
a = rotrFixed(a, 9U);
b += Ttab(p);
b ^= a;
q = b & 0x7fc;
b = rotrFixed(b, 9U);
c ^= Ttab(q);
c += b;
p = (p+c) & 0x7fc;
c = rotrFixed(c, 9U);
d += Ttab(p);
d ^= c;
q = (q+d) & 0x7fc;
d = rotrFixed(d, 9U);
a ^= Ttab(q);
a += d;
p = (p+a) & 0x7fc;
b ^= Ttab(p);
a = rotrFixed(a, 9U);
q = (q+b) & 0x7fc;
c += Ttab(q);
b = rotrFixed(b, 9U);
p = (p+c) & 0x7fc;
d ^= Ttab(p);
c = rotrFixed(c, 9U);
q = (q+d) & 0x7fc;
d = rotrFixed(d, 9U);
a += Ttab(q);
#define SEAL_OUTPUT(x) \
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, B::ToEnum(), 0, b + m_S[4*i+0]);\
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, B::ToEnum(), 1, c ^ m_S[4*i+1]);\
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, B::ToEnum(), 2, d + m_S[4*i+2]);\
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, B::ToEnum(), 3, a ^ m_S[4*i+3]);
CRYPTOPP_KEYSTREAM_OUTPUT_SWITCH(SEAL_OUTPUT, 4*4);
if (i & 1)
{
a += n3;
b += n4;
c ^= n3;
d ^= n4;
}
else
{
a += n1;
b += n2;
c ^= n1;
d ^= n2;
}
}
if (++m_insideCounter == m_iterationsPerCount)
{
++m_outsideCounter;
m_insideCounter = 0;
}
}
a = b = c = d = n1 = n2 = n3 = n4 = 0;
p = q = 0;
}
void SEAL::Generate(word32 in, byte *out) const
{
word32 a, b, c, d, n1, n2, n3, n4;
unsigned int p, q;
word32 *wout = (word32 *)out;
for (unsigned int l=0; l<L/8192; l++)
{
a = in ^ R[4*l];
b = rotrFixed(in, 8U) ^ R[4*l+1];
c = rotrFixed(in, 16U) ^ R[4*l+2];
d = rotrFixed(in, 24U) ^ R[4*l+3];
#define Ttab(x) *(word32 *)((byte *)T.ptr+x)
for (unsigned int j=0; j<2; j++)
{
p = a & 0x7fc;
b += Ttab(p);
a = rotrFixed(a, 9U);
p = b & 0x7fc;
c += Ttab(p);
b = rotrFixed(b, 9U);
p = c & 0x7fc;
d += Ttab(p);
c = rotrFixed(c, 9U);
p = d & 0x7fc;
a += Ttab(p);
d = rotrFixed(d, 9U);
}
n1 = d; n2 = b; n3 = a; n4 = c;
p = a & 0x7fc;
b += Ttab(p);
a = rotrFixed(a, 9U);
p = b & 0x7fc;
c += Ttab(p);
b = rotrFixed(b, 9U);
p = c & 0x7fc;
d += Ttab(p);
c = rotrFixed(c, 9U);
p = d & 0x7fc;
a += Ttab(p);
d = rotrFixed(d, 9U);
// generate 8192 bits
for (unsigned int i=0; i<64; i++)
{
p = a & 0x7fc;
a = rotrFixed(a, 9U);
b += Ttab(p);
b ^= a;
q = b & 0x7fc;
b = rotrFixed(b, 9U);
c ^= Ttab(q);
c += b;
p = (p+c) & 0x7fc;
c = rotrFixed(c, 9U);
d += Ttab(p);
d ^= c;
q = (q+d) & 0x7fc;
d = rotrFixed(d, 9U);
a ^= Ttab(q);
a += d;
p = (p+a) & 0x7fc;
b ^= Ttab(p);
a = rotrFixed(a, 9U);
q = (q+b) & 0x7fc;
c += Ttab(q);
b = rotrFixed(b, 9U);
p = (p+c) & 0x7fc;
d ^= Ttab(p);
c = rotrFixed(c, 9U);
q = (q+d) & 0x7fc;
d = rotrFixed(d, 9U);
a += Ttab(q);
#ifdef IS_LITTLE_ENDIAN
wout[0] = byteReverse(b + S[4*i+0]);
wout[1] = byteReverse(c ^ S[4*i+1]);
wout[2] = byteReverse(d + S[4*i+2]);
wout[3] = byteReverse(a ^ S[4*i+3]);
#else
wout[0] = b + S[4*i+0];
wout[1] = c ^ S[4*i+1];
wout[2] = d + S[4*i+2];
wout[3] = a ^ S[4*i+3];
#endif
wout += 4;
if (i & 1)
{
a += n3;
b += n4;
c ^= n3;
d ^= n4;
}
else
{
a += n1;
b += n2;
c ^= n1;
d ^= n2;
}
}
}
a = b = c = d = n1 = n2 = n3 = n4 = 0;
p = q = 0;
}