void
LRWMode::EncryptBlock(ThreadContext& context, uint8 *data, size_t length,
uint64 blockIndex)
{
uint8 i[8];
uint8 t[16];
uint32 b;
blockIndex = ((blockIndex - fOffset) << 5) + 1;
*(uint64*)i = B_HOST_TO_BENDIAN_INT64(blockIndex);
for (b = 0; b < length >> 4; b++) {
gf128_mul_by_tab64(i, t,
(galois_field_context*)context.BufferFor(fGaloisField));
xor128((uint64*)data, (uint64*)t);
fAlgorithm->Encrypt(context, data, 16);
xor128((uint64*)data, (uint64*)t);
data += 16;
if (i[7] != 0xff)
i[7]++;
else {
*(uint64*)i = B_HOST_TO_BENDIAN_INT64(
B_BENDIAN_TO_HOST_INT64(*(uint64*)i) + 1);
}
}
memset(t, 0, sizeof (t));
}
/*
** 正規乱数発生 (Box Muller 法)
*/
static void boxmuller(GLfloat *r)
{
float a = sqrt(-2.0f * log(((float)xor128() + 1.0f) / 4294967296.0f));
float b = 6.2831853f * ((float)xor128() + 1.0f) / 4294967296.0f;
r[0] = a * sin(b);
r[1] = a * cos(b);
}
static __inline void
xts_fullblock(algop_crypt_t *data_crypt, const struct pefs_session *ses,
const struct pefs_ctx *data_ctx,
uint64_t *tweak, const uint8_t *src, uint8_t *dst)
{
xor128(dst, src, tweak);
data_crypt(ses, data_ctx, dst, dst);
xor128(dst, dst, tweak);
gf_mul128(tweak, tweak);
}
static __inline void
xts_lastblock(algop_crypt_t *data_crypt, const struct pefs_session *ses,
const struct pefs_ctx *data_ctx,
uint64_t *tweak, const uint8_t *src, uint8_t *dst, int len)
{
uint8_t b[XTS_BLK_BYTES];
dst -= XTS_BLK_BYTES; /* m - 1 */
memcpy(b, dst, XTS_BLK_BYTES);
memcpy(b, src, len);
memcpy(dst + XTS_BLK_BYTES, dst, len);
xor128(dst, b, tweak);
data_crypt(ses, data_ctx, dst, dst);
xor128(dst, dst, tweak);
}
/*---------------------------------------------------
* internal funcion.
*
* This proceeds instrument's time pointer
* random value is generated here by xor128 based on pitchmode .
* The pitchmode smaller, noise frequency higher
*---------------------------------------------------*/
static void nrsynth_inst_next(nrsynth_inst_t *ni){
ni->elapsed ++;
switch(ni->pitchmode){
case 0:
ni->rnd = (float)xor128()/(float)0x80000000 - 1.0;
break;
case 1:
if((ni->elapsed & 0x1) == 0)
ni->rnd = (float)xor128()/(float)0x80000000 - 1.0;
break;
case 2:
if((ni->elapsed & 0x7) == 0)
ni->rnd = (float)xor128()/(float)0x80000000 - 1.0;
break;
}
}
void emberAfPluginAesMacAuthenticate(const uint8_t *key,
const uint8_t *message,
uint8_t messageLength,
uint8_t *out)
{
uint8_t key1[16];
uint8_t key2[16];
uint8_t lastBlock[16];
uint8_t blockNum;
bool isLastBlockComplete;
uint8_t i;
// Step 1
generateSubKey(key, key1, key2);
// Step 2 (we perform ceil(x/y) by doing: (x + y - 1) / y).
blockNum = (messageLength + 15) / 16;
// Step 3
if (blockNum == 0) {
blockNum = 1;
isLastBlockComplete = false;
} else {
isLastBlockComplete = ((messageLength % 16) == 0);
}
// Step 4
if (isLastBlockComplete) {
xor128(message + (blockNum - 1)*16, key1, lastBlock);
} else {
padding(message + (blockNum - 1)*16, messageLength % 16, lastBlock);
xor128(lastBlock, key2, lastBlock);
}
// Step 5
initToConstZero(out);
// Step 6
for (i=0; i<blockNum - 1; i++) {
xor128(out, message + i*16, out);
aesEncrypt(out, key);
}
xor128(out, lastBlock, out);
aesEncrypt(out, key);
}
int crypto_stream_xor(unsigned char *out, const unsigned char *in,
unsigned long long inlen, const unsigned char *n,
const unsigned char *k)
{
#define CTX_TYPE struct aes_ctx_bitslice
#define PTR_ALIGN(ptr, mask) ((void *)((((long)(ptr)) + (mask)) & ~((long)(mask))))
const unsigned long align = 16;
char ctxbuf[sizeof(CTX_TYPE) + align];
CTX_TYPE *ctx = PTR_ALIGN(ctxbuf, align - 1);
uint128_t iv;
aes_init_bitslice(ctx, k, CRYPTO_KEYBYTES);
bswap128(&iv, (const uint128_t *)n); /* be => le */
if (likely(inlen >= PARALLEL_BLOCKS * BLOCKSIZE)) {
unsigned long chunks = inlen / (PARALLEL_BLOCKS * BLOCKSIZE);
aes_ctr_8way(ctx, out, in, &iv, chunks);
inlen -= chunks * PARALLEL_BLOCKS * BLOCKSIZE;
out += chunks * PARALLEL_BLOCKS * BLOCKSIZE;
in += unlikely(in) ? chunks * PARALLEL_BLOCKS * BLOCKSIZE : 0;
}
if (unlikely(inlen > 0)) {
uint128_t buf[PARALLEL_BLOCKS];
unsigned int i, j;
aes_ctr_8way(ctx, buf, NULL, &iv, 1);
if (in) {
for (i = 0; inlen >= BLOCKSIZE; i++) {
xor128((uint128_t *)out, (uint128_t *)in, &buf[i]);
inlen -= BLOCKSIZE;
in += BLOCKSIZE;
out += BLOCKSIZE;
}
for (j = 0; j < inlen; j++)
out[j] = in[j] ^ ((uint8_t*)&buf[i])[j];
} else {
for (i = 0; inlen >= BLOCKSIZE; i++) {
mov128((uint128_t *)out, &buf[i]);
inlen -= BLOCKSIZE;
out += BLOCKSIZE;
}
for (j = 0; j < inlen; j++)
out[j] = ((uint8_t*)&buf[i])[j];
}
}
return 0;
}
HIDDEN void generateSubKey(const uint8_t *key, uint8_t *outKey1, uint8_t *outKey2)
{
uint8_t L[16];
uint8_t constRb[16];
initToConstRb(constRb);
// Step 1
initToConstZero(L);
aesEncrypt(L, key);
// Step 2
oneBitLeftShift(L, outKey1); // // K1:= L << 1;
if (MSB(L)) { // K1:= (L << 1) XOR const_Rb;
xor128(outKey1, constRb, outKey1);
}
// Step 3
oneBitLeftShift(outKey1, outKey2); // // K2 := K1 << 1;
if (MSB(outKey1)) { // K2 := (K1 << 1) XOR const_Rb;
xor128(outKey2, constRb, outKey2);
}
}
// コンストラクタ (節点数 n)
Noise1::Noise1(int n)
{
if (n > 0)
{
this->n = n;
this->p = new double[n];
for (int i = 0; i < n; ++i)
this->p[i] = xor128() - 0.5;
}
else
{
this->p = 0;
}
}
static __inline void
xts_smallblock(const struct pefs_alg *alg, const struct pefs_session *ses,
const struct pefs_ctx *data_ctx,
uint64_t *tweak, const uint8_t *src, uint8_t *dst, int len)
{
uint8_t buf[XTS_BLK_BYTES], *p;
/*
* Encryption/decryption of sectors smaller then 128 bits is not defined
* by IEEE P1619 standard.
* To work around it encrypt such sector in CTR mode.
* CTR tweak (counter) value is XTS-tweak xor'ed with block length, i.e.
* entire small block has to be reencrypted after length change.
*/
memset(buf, len, XTS_BLK_BYTES);
xor128(buf, buf, tweak);
alg->pa_encrypt(ses, data_ctx, buf, buf);
for (p = buf; len > 0; len--)
*(dst++) = *(src++) ^ *(p++);
}
/*
* returns the maximum Lyapunov exponent from n-dimensional time series
* this algorithm was proposed by M. Sato, S. Sano and Y. Sawada
* (Phys. Rev. Lett 55, 1082, 1985)
*
* @parameter data : n-dimensional time series
* @parameter t : length of time series
* @parameter n : dimension of time series
* @parameter T : sampling interval
* @parameter N : number of sample
*
* @return : maximum Lyapunov exponent
*/
double lyapunov_exponent_sss (
const double* const* data,
int t,
int n,
int T,
int N)
{
if (t <= T) return 0;
double lyap_exp = 0;
for (int i = 0; i < N; i++) {
/* selects a sample from data randomly */
int I = xor128() % (t-T);
int J = index_of_nearest_point((const double* const*)data, I, t-T, n);
double dist_0 = get_distance(data[I], data[J], n);
double dist_T = get_distance(data[I+T], data[J+T], n);
if (isnormal(dist_0)) { /* check dist_0 > 0 */
lyap_exp += log(dist_T/dist_0);
}
}
lyap_exp /= N*T;
return lyap_exp;
}
static bool IPC_AddNewClient(SERVER_HANDLE *lpServer,HANDLE hProc,IPC_CONNECTION_INFO *lpConnInfo)
{
bool bRet=false;
EnterSafeCriticalSection(&lpServer->csClients);
{
IPC_ACCEPTED_CLIENT_INFO *lpClient=(IPC_ACCEPTED_CLIENT_INFO*)MemAlloc(sizeof(IPC_ACCEPTED_CLIENT_INFO));
do
{
if (!lpClient)
break;
if (!DuplicateHandle(hProc,lpConnInfo->hSrv2CliEvent,GetCurrentProcess(),&lpClient->SharedObjects.hSrv2CliEvent,0,false,DUPLICATE_SAME_ACCESS))
break;
if (!DuplicateHandle(hProc,lpConnInfo->hCli2SrvEvent,GetCurrentProcess(),&lpClient->SharedObjects.hCli2SrvEvent,0,false,DUPLICATE_SAME_ACCESS))
break;
if (!DuplicateHandle(hProc,lpConnInfo->hStopEvent,GetCurrentProcess(),&lpClient->SharedObjects.hStopEvent,0,false,DUPLICATE_SAME_ACCESS))
break;
if (!DuplicateHandle(hProc,lpConnInfo->hProtectionMutex,GetCurrentProcess(),&lpClient->SharedObjects.hProtectionMutex,0,false,DUPLICATE_SAME_ACCESS))
break;
if (!DuplicateHandle(hProc,lpConnInfo->hSharedMapping,GetCurrentProcess(),&lpClient->SharedObjects.hSharedMapping,0,false,DUPLICATE_SAME_ACCESS))
break;
lpClient->SharedObjects.lpSharedMapping=(IPC_COMMUNICATION_BUFFER*)MapViewOfFile(lpClient->SharedObjects.hSharedMapping,FILE_MAP_WRITE|FILE_MAP_READ,0,0,0);
if (!lpClient->SharedObjects.lpSharedMapping)
break;
lpClient->SharedObjects.lpSharedMapping->bDirection=IPC_MESSAGE_BAD_DIRECTION;
lpClient->lpServer=lpServer;
lpClient->hClientProc=hProc;
if (!lpServer->lpClients)
lpServer->lpClients=lpClient;
else
{
IPC_ACCEPTED_CLIENT_INFO *lpCur=lpServer->lpClients;
while (lpCur->lpNext)
lpCur=lpCur->lpNext;
lpCur->lpNext=lpClient;
}
if (lpServer->bSecure)
{
DWORD dwKeySize;
do
{
dwKeySize=xor128(256);
}
while (dwKeySize <= 20);
StrGenerateA(lpConnInfo->szRc4Key,dwKeySize,STRGEN_STRONGPASS);
lpConnInfo->dwRc4KeySize=dwKeySize;
lpClient->lpRc4Key=(PCHAR)MemCopyEx(lpConnInfo->szRc4Key,dwKeySize);
lpClient->dwRc4KeySize=dwKeySize;
}
IPC_HANDLE *lpHandle=SYSLIB::IPC_CreateHandle(IPC_ACCEPTED_CLIENT);
lpClient->lpHandle=lpHandle;
lpHandle->SrvClient.lpClient=lpClient;
lpClient->hThreadInitEvent=CreateEvent(NULL,false,false,NULL);
ThreadsGroup_CreateThread(lpServer->hEventsThreadsGroup,0,(LPTHREAD_START_ROUTINE)IPC_ClientInputEventsServer,lpClient,NULL,NULL);
WaitForSingleObject(lpClient->hThreadInitEvent,INFINITE);
SysCloseHandle(lpClient->hThreadInitEvent);
IPC_AppendSystemMsg(lpServer,lpClient,IPC_MSG_CLIENT_CONNECTED);
bRet=true;
}
while (false);
if ((!bRet) && (lpClient))
{
SYSLIB::IPC_CloseSharedHandles(&lpClient->SharedObjects);
MemFree(lpClient);
}
}
LeaveSafeCriticalSection(&lpServer->csClients);
return bRet;
}
static void test_kullback_leibler_divergence (void)
{
int dimension, length, max_block_length;
struct block_frequency bf_x, bf_y;
int **x, **y;
double kl_div;
dimension = 2;
length = 1024;
max_block_length = 5;
MALLOC2(x, length, dimension);
MALLOC2(y, length, dimension);
int *tmp;
MALLOC(tmp, length);
gen_Morse_sequence(tmp, length);
for (int n = 0; n < length; n++) {
for (int i = 0; i < dimension; i++) {
x[n][i] = tmp[(n+i) % length];
y[n][i] = tmp[(n+i+300) % length];
}
}
FREE(tmp);
for (int n = 1; n < max_block_length; n++) {
init_block_frequency(&bf_x, (const int* const*)x, dimension, length, n);
init_block_frequency(&bf_y, (const int* const*)y, dimension, length, n);
kl_div = kullback_leibler_divergence(&bf_x, &bf_y);
assert_equal_double(0, kl_div, 1e-3);
free_block_frequency(&bf_x);
free_block_frequency(&bf_y);
}
init_genrand(61107L);
for (int i = 0; i < 10; i++) {
for (int n = 0; n < length; n++) {
for (int j = 0; j < dimension; j++) {
x[n][j] = xor128() % 2;
y[n][j] = xor128() % 2;
}
}
for (int n = 1; n < max_block_length; n++) {
init_block_frequency(&bf_x, (const int* const*)x, dimension, length,
n);
init_block_frequency(&bf_y, (const int* const*)y, dimension, length,
n);
kl_div = kullback_leibler_divergence(&bf_x, &bf_y);
mu_assert(kl_div >= 0);
free_block_frequency(&bf_x);
free_block_frequency(&bf_y);
init_block_frequency(&bf_x, (const int* const*)x, dimension,
length-100, n);
init_block_frequency(&bf_y, (const int* const*)y, dimension, length,
n);
kl_div = kullback_leibler_divergence(&bf_x, &bf_y);
mu_assert(kl_div >= 0);
free_block_frequency(&bf_x);
free_block_frequency(&bf_y);
init_block_frequency(&bf_x, (const int* const*)x, dimension, length,
n);
init_block_frequency(&bf_y, (const int* const*)y, dimension,
length-100, n);
kl_div = kullback_leibler_divergence(&bf_x, &bf_y);
mu_assert(kl_div >= 0);
free_block_frequency(&bf_x);
free_block_frequency(&bf_y);
}
}
for (int n = 0; n < length; n++) {
for (int i = 0; i < dimension; i++) {
x[n][i] = i;
y[n][i] = i + 1;
}
}
for (int n = 1; n < max_block_length; n++) {
init_block_frequency(&bf_x, (const int* const*)x, dimension, length, n);
init_block_frequency(&bf_y, (const int* const*)y, dimension, length, n);
kl_div = kullback_leibler_divergence(&bf_x, &bf_y);
mu_assert(kl_div > 0);
free_block_frequency(&bf_x);
free_block_frequency(&bf_y);
}
FREE2(x);
FREE2(y);
}
int crypto_stream_xor(unsigned char *out, const unsigned char *in,
unsigned long long inlen, const unsigned char *n,
const unsigned char *k)
{
#define PTR_ALIGN(ptr, mask) ((void *)((((long)(ptr)) + (mask)) & ~((long)(mask))))
const unsigned long align = 16;
char ctxbuf[sizeof(struct blowfish_ctx) + align];
struct blowfish_ctx *ctx = PTR_ALIGN(ctxbuf, align - 1);
uint64_t iv;
uint64_t ivs[16];
unsigned int i;
blowfish_init(ctx, k, CRYPTO_KEYBYTES);
bswap64(&iv, (const uint64_t *)n); /* be => le */
while (likely(inlen >= BLOCKSIZE * 16)) {
bswap64(&ivs[0], &iv); /* le => be */
for (i = 1; i < 16; i++) {
add64(&ivs[i], &iv, i);
bswap64(&ivs[i], &ivs[i]); /* le => be */
}
add64(&iv, &iv, 16);
__blowfish_enc_blk_16way(ctx, out, (uint8_t *)ivs, 0);
if (unlikely(in)) {
for (i = 0; i < 16; i+=2)
xor128(&((uint64_t *)out)[i], &((uint64_t *)out)[i], &((uint64_t *)in)[i]);
in += BLOCKSIZE * 16;
}
out += BLOCKSIZE * 16;
inlen -= BLOCKSIZE * 16;
}
if (unlikely(inlen > 0)) {
unsigned int nblock = inlen / BLOCKSIZE;
unsigned int lastlen = inlen % BLOCKSIZE;
unsigned int j;
for (i = 0; i < nblock + !!lastlen; i++) {
bswap64(&ivs[i], &iv); /* le => be */
inc64(&iv);
}
for (; i < 16; i++) {
ivs[i] = 0;
}
__blowfish_enc_blk_16way(ctx, (uint8_t *)ivs, (uint8_t *)ivs, 0);
if (in) {
for (i = 0; inlen >= 2*BLOCKSIZE; i+=2) {
xor128((uint64_t *)out, (uint64_t *)in, (uint64_t *)&ivs[i]);
inlen -= 2*BLOCKSIZE;
in += 2*BLOCKSIZE;
out += 2*BLOCKSIZE;
}
for (j = 0; j < inlen; j++)
out[j] = in[j] ^ ((uint8_t*)&ivs[i])[j];
} else {
for (i = 0; inlen >= 2*BLOCKSIZE; i+=2) {
mov128((uint64_t *)out, (uint64_t *)&ivs[i]);
inlen -= 2*BLOCKSIZE;
out += 2*BLOCKSIZE;
}
for (j = 0; j < inlen; j++)
out[j] = ((uint8_t*)&ivs[i])[j];
}
}
return 0;
}
