📄 saferp.c
字号:
for (x = 1; x < 25; x++) { /* rotate 3 bits each */ for (y = 0; y < 25; y++) { t[y] = ((t[y]<<3)|(t[y]>>5)) & 255; } /* select and add */ z = x; for (y = 0; y < 16; y++) { skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255; if (++z == 25) { z = 0; } } } skey->saferp.rounds = 12; } else { /* copy key into t */ for (x = y = 0; x < 32; x++) { t[x] = key[x]; y ^= key[x]; } t[32] = y; /* make round keys */ for (x = 0; x < 16; x++) { skey->saferp.K[0][x] = t[x]; } for (x = 1; x < 33; x++) { /* rotate 3 bits each */ for (y = 0; y < 33; y++) { t[y] = ((t[y]<<3)|(t[y]>>5)) & 255; } /* select and add */ z = x; for (y = 0; y < 16; y++) { skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255; if (++z == 33) { z = 0; } } } skey->saferp.rounds = 16; }#ifdef LTC_CLEAN_STACK zeromem(t, sizeof(t));#endif return CRYPT_OK;}/** Encrypts a block of text with SAFER+ @param pt The input plaintext (16 bytes) @param ct The output ciphertext (16 bytes) @param skey The key as scheduled*/void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey){ unsigned char b[16]; int x; LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); LTC_ARGCHK(skey != NULL); /* do eight rounds */ for (x = 0; x < 16; x++) { b[x] = pt[x]; } ROUND(b, 0); LT(b, ct); ROUND(ct, 2); LT(ct, b); ROUND(b, 4); LT(b, ct); ROUND(ct, 6); LT(ct, b); ROUND(b, 8); LT(b, ct); ROUND(ct, 10); LT(ct, b); ROUND(b, 12); LT(b, ct); ROUND(ct, 14); LT(ct, b); /* 192-bit key? */ if (skey->saferp.rounds > 8) { ROUND(b, 16); LT(b, ct); ROUND(ct, 18); LT(ct, b); ROUND(b, 20); LT(b, ct); ROUND(ct, 22); LT(ct, b); } /* 256-bit key? */ if (skey->saferp.rounds > 12) { ROUND(b, 24); LT(b, ct); ROUND(ct, 26); LT(ct, b); ROUND(b, 28); LT(b, ct); ROUND(ct, 30); LT(ct, b); } ct[0] = b[0] ^ skey->saferp.K[skey->saferp.rounds*2][0]; ct[1] = (b[1] + skey->saferp.K[skey->saferp.rounds*2][1]) & 255; ct[2] = (b[2] + skey->saferp.K[skey->saferp.rounds*2][2]) & 255; ct[3] = b[3] ^ skey->saferp.K[skey->saferp.rounds*2][3]; ct[4] = b[4] ^ skey->saferp.K[skey->saferp.rounds*2][4]; ct[5] = (b[5] + skey->saferp.K[skey->saferp.rounds*2][5]) & 255; ct[6] = (b[6] + skey->saferp.K[skey->saferp.rounds*2][6]) & 255; ct[7] = b[7] ^ skey->saferp.K[skey->saferp.rounds*2][7]; ct[8] = b[8] ^ skey->saferp.K[skey->saferp.rounds*2][8]; ct[9] = (b[9] + skey->saferp.K[skey->saferp.rounds*2][9]) & 255; ct[10] = (b[10] + skey->saferp.K[skey->saferp.rounds*2][10]) & 255; ct[11] = b[11] ^ skey->saferp.K[skey->saferp.rounds*2][11]; ct[12] = b[12] ^ skey->saferp.K[skey->saferp.rounds*2][12]; ct[13] = (b[13] + skey->saferp.K[skey->saferp.rounds*2][13]) & 255; ct[14] = (b[14] + skey->saferp.K[skey->saferp.rounds*2][14]) & 255; ct[15] = b[15] ^ skey->saferp.K[skey->saferp.rounds*2][15];#ifdef LTC_CLEAN_STACK zeromem(b, sizeof(b));#endif}/** Decrypts a block of text with SAFER+ @param ct The input ciphertext (16 bytes) @param pt The output plaintext (16 bytes) @param skey The key as scheduled */void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey){ unsigned char b[16]; int x; LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); LTC_ARGCHK(skey != NULL); /* do eight rounds */ b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0]; b[1] = (ct[1] - skey->saferp.K[skey->saferp.rounds*2][1]) & 255; b[2] = (ct[2] - skey->saferp.K[skey->saferp.rounds*2][2]) & 255; b[3] = ct[3] ^ skey->saferp.K[skey->saferp.rounds*2][3]; b[4] = ct[4] ^ skey->saferp.K[skey->saferp.rounds*2][4]; b[5] = (ct[5] - skey->saferp.K[skey->saferp.rounds*2][5]) & 255; b[6] = (ct[6] - skey->saferp.K[skey->saferp.rounds*2][6]) & 255; b[7] = ct[7] ^ skey->saferp.K[skey->saferp.rounds*2][7]; b[8] = ct[8] ^ skey->saferp.K[skey->saferp.rounds*2][8]; b[9] = (ct[9] - skey->saferp.K[skey->saferp.rounds*2][9]) & 255; b[10] = (ct[10] - skey->saferp.K[skey->saferp.rounds*2][10]) & 255; b[11] = ct[11] ^ skey->saferp.K[skey->saferp.rounds*2][11]; b[12] = ct[12] ^ skey->saferp.K[skey->saferp.rounds*2][12]; b[13] = (ct[13] - skey->saferp.K[skey->saferp.rounds*2][13]) & 255; b[14] = (ct[14] - skey->saferp.K[skey->saferp.rounds*2][14]) & 255; b[15] = ct[15] ^ skey->saferp.K[skey->saferp.rounds*2][15]; /* 256-bit key? */ if (skey->saferp.rounds > 12) { iLT(b, pt); iROUND(pt, 30); iLT(pt, b); iROUND(b, 28); iLT(b, pt); iROUND(pt, 26); iLT(pt, b); iROUND(b, 24); } /* 192-bit key? */ if (skey->saferp.rounds > 8) { iLT(b, pt); iROUND(pt, 22); iLT(pt, b); iROUND(b, 20); iLT(b, pt); iROUND(pt, 18); iLT(pt, b); iROUND(b, 16); } iLT(b, pt); iROUND(pt, 14); iLT(pt, b); iROUND(b, 12); iLT(b, pt); iROUND(pt,10); iLT(pt, b); iROUND(b, 8); iLT(b, pt); iROUND(pt,6); iLT(pt, b); iROUND(b, 4); iLT(b, pt); iROUND(pt,2); iLT(pt, b); iROUND(b, 0); for (x = 0; x < 16; x++) { pt[x] = b[x]; }#ifdef LTC_CLEAN_STACK zeromem(b, sizeof(b));#endif}/** Performs a self-test of the SAFER+ block cipher @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled*/int saferp_test(void){ #ifndef LTC_TEST return CRYPT_NOP; #else static const struct { int keylen; unsigned char key[32], pt[16], ct[16]; } tests[] = { { 16, { 41, 35, 190, 132, 225, 108, 214, 174, 82, 144, 73, 241, 241, 187, 233, 235 }, { 179, 166, 219, 60, 135, 12, 62, 153, 36, 94, 13, 28, 6, 183, 71, 222 }, { 224, 31, 182, 10, 12, 255, 84, 70, 127, 13, 89, 249, 9, 57, 165, 220 } }, { 24, { 72, 211, 143, 117, 230, 217, 29, 42, 229, 192, 247, 43, 120, 129, 135, 68, 14, 95, 80, 0, 212, 97, 141, 190 }, { 123, 5, 21, 7, 59, 51, 130, 31, 24, 112, 146, 218, 100, 84, 206, 177 }, { 92, 136, 4, 63, 57, 95, 100, 0, 150, 130, 130, 16, 193, 111, 219, 133 } }, { 32, { 243, 168, 141, 254, 190, 242, 235, 113, 255, 160, 208, 59, 117, 6, 140, 126, 135, 120, 115, 77, 208, 190, 130, 190, 219, 194, 70, 65, 43, 140, 250, 48 }, { 127, 112, 240, 167, 84, 134, 50, 149, 170, 91, 104, 19, 11, 230, 252, 245 }, { 88, 11, 25, 36, 172, 229, 202, 213, 170, 65, 105, 153, 220, 104, 153, 138 } } }; unsigned char tmp[2][16]; symmetric_key skey; int err, i, y; for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { if ((err = saferp_setup(tests[i].key, tests[i].keylen, 0, &skey)) != CRYPT_OK) { return err; } saferp_ecb_encrypt(tests[i].pt, tmp[0], &skey); saferp_ecb_decrypt(tmp[0], tmp[1], &skey); /* compare */ if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) { return CRYPT_FAIL_TESTVECTOR; } /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ for (y = 0; y < 16; y++) tmp[0][y] = 0; for (y = 0; y < 1000; y++) saferp_ecb_encrypt(tmp[0], tmp[0], &skey); for (y = 0; y < 1000; y++) saferp_ecb_decrypt(tmp[0], tmp[0], &skey); for (y = 0; y < 16; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; } return CRYPT_OK; #endif}/** Terminate the context @param skey The scheduled key*/void saferp_done(symmetric_key *skey){}/** Gets suitable key size @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. @return CRYPT_OK if the input key size is acceptable.*/int saferp_keysize(int *keysize){ LTC_ARGCHK(keysize != NULL); if (*keysize < 16) return CRYPT_INVALID_KEYSIZE; if (*keysize < 24) { *keysize = 16; } else if (*keysize < 32) { *keysize = 24; } else { *keysize = 32; } return CRYPT_OK;}#endif/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/saferp.c,v $ *//* $Revision: 1.7 $ *//* $Date: 2005/05/05 14:35:58 $ */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -