![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to serpent.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [truecrypt] / truecrypt / crypto|
Return to serpent.c CVS log | Up to [truecrypt] / truecrypt / crypto |
1.1.1.2 root 1: // serpent.cpp - written and placed in the public domain by Wei Dai
1.1 root 2:
1.1.1.6 ! root 3: /* Adapted for TrueCrypt */
1.1 root 4:
1.1.1.5 root 5: #ifdef TC_WINDOWS_BOOT
6: #pragma optimize ("t", on)
7: #endif
8:
1.1.1.2 root 9: #include "Serpent.h"
1.1.1.3 root 10: #include "Common/Endian.h"
1.1 root 11:
1.1.1.2 root 12: #include <memory.h>
1.1 root 13:
1.1.1.2 root 14: #if defined(_WIN32) && !defined(_DEBUG)
15: #include <stdlib.h>
16: #define rotlFixed _rotl
17: #define rotrFixed _rotr
1.1 root 18: #else
1.1.1.2 root 19: #define rotlFixed(x,n) (((x) << (n)) | ((x) >> (32 - (n))))
20: #define rotrFixed(x,n) (((x) >> (n)) | ((x) << (32 - (n))))
1.1 root 21: #endif
22:
1.1.1.2 root 23: // linear transformation
24: #define LT(i,a,b,c,d,e) {\
25: a = rotlFixed(a, 13); \
26: c = rotlFixed(c, 3); \
27: d = rotlFixed(d ^ c ^ (a << 3), 7); \
28: b = rotlFixed(b ^ a ^ c, 1); \
29: a = rotlFixed(a ^ b ^ d, 5); \
30: c = rotlFixed(c ^ d ^ (b << 7), 22);}
31:
32: // inverse linear transformation
33: #define ILT(i,a,b,c,d,e) {\
34: c = rotrFixed(c, 22); \
35: a = rotrFixed(a, 5); \
36: c ^= d ^ (b << 7); \
37: a ^= b ^ d; \
38: b = rotrFixed(b, 1); \
39: d = rotrFixed(d, 7) ^ c ^ (a << 3); \
40: b ^= a ^ c; \
41: c = rotrFixed(c, 3); \
42: a = rotrFixed(a, 13);}
43:
44: // order of output from S-box functions
45: #define beforeS0(f) f(0,a,b,c,d,e)
46: #define afterS0(f) f(1,b,e,c,a,d)
47: #define afterS1(f) f(2,c,b,a,e,d)
48: #define afterS2(f) f(3,a,e,b,d,c)
49: #define afterS3(f) f(4,e,b,d,c,a)
50: #define afterS4(f) f(5,b,a,e,c,d)
51: #define afterS5(f) f(6,a,c,b,e,d)
52: #define afterS6(f) f(7,a,c,d,b,e)
53: #define afterS7(f) f(8,d,e,b,a,c)
54:
55: // order of output from inverse S-box functions
56: #define beforeI7(f) f(8,a,b,c,d,e)
57: #define afterI7(f) f(7,d,a,b,e,c)
58: #define afterI6(f) f(6,a,b,c,e,d)
59: #define afterI5(f) f(5,b,d,e,c,a)
60: #define afterI4(f) f(4,b,c,e,a,d)
61: #define afterI3(f) f(3,a,b,e,c,d)
62: #define afterI2(f) f(2,b,d,e,c,a)
63: #define afterI1(f) f(1,a,b,c,e,d)
64: #define afterI0(f) f(0,a,d,b,e,c)
65:
66: // The instruction sequences for the S-box functions
67: // come from Dag Arne Osvik's paper "Speeding up Serpent".
68:
69: #define S0(i, r0, r1, r2, r3, r4) \
70: { \
71: r3 ^= r0; \
72: r4 = r1; \
73: r1 &= r3; \
74: r4 ^= r2; \
75: r1 ^= r0; \
76: r0 |= r3; \
77: r0 ^= r4; \
78: r4 ^= r3; \
79: r3 ^= r2; \
80: r2 |= r1; \
81: r2 ^= r4; \
82: r4 = ~r4; \
83: r4 |= r1; \
84: r1 ^= r3; \
85: r1 ^= r4; \
86: r3 |= r0; \
87: r1 ^= r3; \
88: r4 ^= r3; \
89: }
90:
91: #define I0(i, r0, r1, r2, r3, r4) \
92: { \
93: r2 = ~r2; \
94: r4 = r1; \
95: r1 |= r0; \
96: r4 = ~r4; \
97: r1 ^= r2; \
98: r2 |= r4; \
99: r1 ^= r3; \
100: r0 ^= r4; \
101: r2 ^= r0; \
102: r0 &= r3; \
103: r4 ^= r0; \
104: r0 |= r1; \
105: r0 ^= r2; \
106: r3 ^= r4; \
107: r2 ^= r1; \
108: r3 ^= r0; \
109: r3 ^= r1; \
110: r2 &= r3; \
111: r4 ^= r2; \
112: }
113:
114: #define S1(i, r0, r1, r2, r3, r4) \
115: { \
116: r0 = ~r0; \
117: r2 = ~r2; \
118: r4 = r0; \
119: r0 &= r1; \
120: r2 ^= r0; \
121: r0 |= r3; \
122: r3 ^= r2; \
123: r1 ^= r0; \
124: r0 ^= r4; \
125: r4 |= r1; \
126: r1 ^= r3; \
127: r2 |= r0; \
128: r2 &= r4; \
129: r0 ^= r1; \
130: r1 &= r2; \
131: r1 ^= r0; \
132: r0 &= r2; \
133: r0 ^= r4; \
134: }
135:
136: #define I1(i, r0, r1, r2, r3, r4) \
137: { \
138: r4 = r1; \
139: r1 ^= r3; \
140: r3 &= r1; \
141: r4 ^= r2; \
142: r3 ^= r0; \
143: r0 |= r1; \
144: r2 ^= r3; \
145: r0 ^= r4; \
146: r0 |= r2; \
147: r1 ^= r3; \
148: r0 ^= r1; \
149: r1 |= r3; \
150: r1 ^= r0; \
151: r4 = ~r4; \
152: r4 ^= r1; \
153: r1 |= r0; \
154: r1 ^= r0; \
155: r1 |= r4; \
156: r3 ^= r1; \
157: }
158:
159: #define S2(i, r0, r1, r2, r3, r4) \
160: { \
161: r4 = r0; \
162: r0 &= r2; \
163: r0 ^= r3; \
164: r2 ^= r1; \
165: r2 ^= r0; \
166: r3 |= r4; \
167: r3 ^= r1; \
168: r4 ^= r2; \
169: r1 = r3; \
170: r3 |= r4; \
171: r3 ^= r0; \
172: r0 &= r1; \
173: r4 ^= r0; \
174: r1 ^= r3; \
175: r1 ^= r4; \
176: r4 = ~r4; \
177: }
178:
179: #define I2(i, r0, r1, r2, r3, r4) \
180: { \
181: r2 ^= r3; \
182: r3 ^= r0; \
183: r4 = r3; \
184: r3 &= r2; \
185: r3 ^= r1; \
186: r1 |= r2; \
187: r1 ^= r4; \
188: r4 &= r3; \
189: r2 ^= r3; \
190: r4 &= r0; \
191: r4 ^= r2; \
192: r2 &= r1; \
193: r2 |= r0; \
194: r3 = ~r3; \
195: r2 ^= r3; \
196: r0 ^= r3; \
197: r0 &= r1; \
198: r3 ^= r4; \
199: r3 ^= r0; \
200: }
201:
202: #define S3(i, r0, r1, r2, r3, r4) \
203: { \
204: r4 = r0; \
205: r0 |= r3; \
206: r3 ^= r1; \
207: r1 &= r4; \
208: r4 ^= r2; \
209: r2 ^= r3; \
210: r3 &= r0; \
211: r4 |= r1; \
212: r3 ^= r4; \
213: r0 ^= r1; \
214: r4 &= r0; \
215: r1 ^= r3; \
216: r4 ^= r2; \
217: r1 |= r0; \
218: r1 ^= r2; \
219: r0 ^= r3; \
220: r2 = r1; \
221: r1 |= r3; \
222: r1 ^= r0; \
223: }
224:
225: #define I3(i, r0, r1, r2, r3, r4) \
226: { \
227: r4 = r2; \
228: r2 ^= r1; \
229: r1 &= r2; \
230: r1 ^= r0; \
231: r0 &= r4; \
232: r4 ^= r3; \
233: r3 |= r1; \
234: r3 ^= r2; \
235: r0 ^= r4; \
236: r2 ^= r0; \
237: r0 |= r3; \
238: r0 ^= r1; \
239: r4 ^= r2; \
240: r2 &= r3; \
241: r1 |= r3; \
242: r1 ^= r2; \
243: r4 ^= r0; \
244: r2 ^= r4; \
245: }
246:
247: #define S4(i, r0, r1, r2, r3, r4) \
248: { \
249: r1 ^= r3; \
250: r3 = ~r3; \
251: r2 ^= r3; \
252: r3 ^= r0; \
253: r4 = r1; \
254: r1 &= r3; \
255: r1 ^= r2; \
256: r4 ^= r3; \
257: r0 ^= r4; \
258: r2 &= r4; \
259: r2 ^= r0; \
260: r0 &= r1; \
261: r3 ^= r0; \
262: r4 |= r1; \
263: r4 ^= r0; \
264: r0 |= r3; \
265: r0 ^= r2; \
266: r2 &= r3; \
267: r0 = ~r0; \
268: r4 ^= r2; \
269: }
270:
271: #define I4(i, r0, r1, r2, r3, r4) \
272: { \
273: r4 = r2; \
274: r2 &= r3; \
275: r2 ^= r1; \
276: r1 |= r3; \
277: r1 &= r0; \
278: r4 ^= r2; \
279: r4 ^= r1; \
280: r1 &= r2; \
281: r0 = ~r0; \
282: r3 ^= r4; \
283: r1 ^= r3; \
284: r3 &= r0; \
285: r3 ^= r2; \
286: r0 ^= r1; \
287: r2 &= r0; \
288: r3 ^= r0; \
289: r2 ^= r4; \
290: r2 |= r3; \
291: r3 ^= r0; \
292: r2 ^= r1; \
293: }
294:
295: #define S5(i, r0, r1, r2, r3, r4) \
296: { \
297: r0 ^= r1; \
298: r1 ^= r3; \
299: r3 = ~r3; \
300: r4 = r1; \
301: r1 &= r0; \
302: r2 ^= r3; \
303: r1 ^= r2; \
304: r2 |= r4; \
305: r4 ^= r3; \
306: r3 &= r1; \
307: r3 ^= r0; \
308: r4 ^= r1; \
309: r4 ^= r2; \
310: r2 ^= r0; \
311: r0 &= r3; \
312: r2 = ~r2; \
313: r0 ^= r4; \
314: r4 |= r3; \
315: r2 ^= r4; \
316: }
317:
318: #define I5(i, r0, r1, r2, r3, r4) \
319: { \
320: r1 = ~r1; \
321: r4 = r3; \
322: r2 ^= r1; \
323: r3 |= r0; \
324: r3 ^= r2; \
325: r2 |= r1; \
326: r2 &= r0; \
327: r4 ^= r3; \
328: r2 ^= r4; \
329: r4 |= r0; \
330: r4 ^= r1; \
331: r1 &= r2; \
332: r1 ^= r3; \
333: r4 ^= r2; \
334: r3 &= r4; \
335: r4 ^= r1; \
336: r3 ^= r0; \
337: r3 ^= r4; \
338: r4 = ~r4; \
339: }
340:
341: #define S6(i, r0, r1, r2, r3, r4) \
342: { \
343: r2 = ~r2; \
344: r4 = r3; \
345: r3 &= r0; \
346: r0 ^= r4; \
347: r3 ^= r2; \
348: r2 |= r4; \
349: r1 ^= r3; \
350: r2 ^= r0; \
351: r0 |= r1; \
352: r2 ^= r1; \
353: r4 ^= r0; \
354: r0 |= r3; \
355: r0 ^= r2; \
356: r4 ^= r3; \
357: r4 ^= r0; \
358: r3 = ~r3; \
359: r2 &= r4; \
360: r2 ^= r3; \
361: }
362:
363: #define I6(i, r0, r1, r2, r3, r4) \
364: { \
365: r0 ^= r2; \
366: r4 = r2; \
367: r2 &= r0; \
368: r4 ^= r3; \
369: r2 = ~r2; \
370: r3 ^= r1; \
371: r2 ^= r3; \
372: r4 |= r0; \
373: r0 ^= r2; \
374: r3 ^= r4; \
375: r4 ^= r1; \
376: r1 &= r3; \
377: r1 ^= r0; \
378: r0 ^= r3; \
379: r0 |= r2; \
380: r3 ^= r1; \
381: r4 ^= r0; \
382: }
383:
384: #define S7(i, r0, r1, r2, r3, r4) \
385: { \
386: r4 = r2; \
387: r2 &= r1; \
388: r2 ^= r3; \
389: r3 &= r1; \
390: r4 ^= r2; \
391: r2 ^= r1; \
392: r1 ^= r0; \
393: r0 |= r4; \
394: r0 ^= r2; \
395: r3 ^= r1; \
396: r2 ^= r3; \
397: r3 &= r0; \
398: r3 ^= r4; \
399: r4 ^= r2; \
400: r2 &= r0; \
401: r4 = ~r4; \
402: r2 ^= r4; \
403: r4 &= r0; \
404: r1 ^= r3; \
405: r4 ^= r1; \
406: }
407:
408: #define I7(i, r0, r1, r2, r3, r4) \
409: { \
410: r4 = r2; \
411: r2 ^= r0; \
412: r0 &= r3; \
413: r2 = ~r2; \
414: r4 |= r3; \
415: r3 ^= r1; \
416: r1 |= r0; \
417: r0 ^= r2; \
418: r2 &= r4; \
419: r1 ^= r2; \
420: r2 ^= r0; \
421: r0 |= r2; \
422: r3 &= r4; \
423: r0 ^= r3; \
424: r4 ^= r1; \
425: r3 ^= r4; \
426: r4 |= r0; \
427: r3 ^= r2; \
428: r4 ^= r2; \
429: }
430:
431: // key xor
432: #define KX(r, a, b, c, d, e) {\
433: a ^= k[4 * r + 0]; \
434: b ^= k[4 * r + 1]; \
435: c ^= k[4 * r + 2]; \
436: d ^= k[4 * r + 3];}
1.1 root 437:
438:
1.1.1.5 root 439: #ifdef TC_MINIMIZE_CODE_SIZE
440:
441: static void S0f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
442: {
443: *r3 ^= *r0;
444: *r4 = *r1;
445: *r1 &= *r3;
446: *r4 ^= *r2;
447: *r1 ^= *r0;
448: *r0 |= *r3;
449: *r0 ^= *r4;
450: *r4 ^= *r3;
451: *r3 ^= *r2;
452: *r2 |= *r1;
453: *r2 ^= *r4;
454: *r4 = ~*r4;
455: *r4 |= *r1;
456: *r1 ^= *r3;
457: *r1 ^= *r4;
458: *r3 |= *r0;
459: *r1 ^= *r3;
460: *r4 ^= *r3;
461: }
462:
463: static void S1f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
464: {
465: *r0 = ~*r0;
466: *r2 = ~*r2;
467: *r4 = *r0;
468: *r0 &= *r1;
469: *r2 ^= *r0;
470: *r0 |= *r3;
471: *r3 ^= *r2;
472: *r1 ^= *r0;
473: *r0 ^= *r4;
474: *r4 |= *r1;
475: *r1 ^= *r3;
476: *r2 |= *r0;
477: *r2 &= *r4;
478: *r0 ^= *r1;
479: *r1 &= *r2;
480: *r1 ^= *r0;
481: *r0 &= *r2;
482: *r0 ^= *r4;
483: }
484:
485: static void S2f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
486: {
487: *r4 = *r0;
488: *r0 &= *r2;
489: *r0 ^= *r3;
490: *r2 ^= *r1;
491: *r2 ^= *r0;
492: *r3 |= *r4;
493: *r3 ^= *r1;
494: *r4 ^= *r2;
495: *r1 = *r3;
496: *r3 |= *r4;
497: *r3 ^= *r0;
498: *r0 &= *r1;
499: *r4 ^= *r0;
500: *r1 ^= *r3;
501: *r1 ^= *r4;
502: *r4 = ~*r4;
503: }
504:
505: static void S3f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
506: {
507: *r4 = *r0;
508: *r0 |= *r3;
509: *r3 ^= *r1;
510: *r1 &= *r4;
511: *r4 ^= *r2;
512: *r2 ^= *r3;
513: *r3 &= *r0;
514: *r4 |= *r1;
515: *r3 ^= *r4;
516: *r0 ^= *r1;
517: *r4 &= *r0;
518: *r1 ^= *r3;
519: *r4 ^= *r2;
520: *r1 |= *r0;
521: *r1 ^= *r2;
522: *r0 ^= *r3;
523: *r2 = *r1;
524: *r1 |= *r3;
525: *r1 ^= *r0;
526: }
527:
528: static void S4f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
529: {
530: *r1 ^= *r3;
531: *r3 = ~*r3;
532: *r2 ^= *r3;
533: *r3 ^= *r0;
534: *r4 = *r1;
535: *r1 &= *r3;
536: *r1 ^= *r2;
537: *r4 ^= *r3;
538: *r0 ^= *r4;
539: *r2 &= *r4;
540: *r2 ^= *r0;
541: *r0 &= *r1;
542: *r3 ^= *r0;
543: *r4 |= *r1;
544: *r4 ^= *r0;
545: *r0 |= *r3;
546: *r0 ^= *r2;
547: *r2 &= *r3;
548: *r0 = ~*r0;
549: *r4 ^= *r2;
550: }
551:
552: static void S5f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
553: {
554: *r0 ^= *r1;
555: *r1 ^= *r3;
556: *r3 = ~*r3;
557: *r4 = *r1;
558: *r1 &= *r0;
559: *r2 ^= *r3;
560: *r1 ^= *r2;
561: *r2 |= *r4;
562: *r4 ^= *r3;
563: *r3 &= *r1;
564: *r3 ^= *r0;
565: *r4 ^= *r1;
566: *r4 ^= *r2;
567: *r2 ^= *r0;
568: *r0 &= *r3;
569: *r2 = ~*r2;
570: *r0 ^= *r4;
571: *r4 |= *r3;
572: *r2 ^= *r4;
573: }
574:
575: static void S6f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
576: {
577: *r2 = ~*r2;
578: *r4 = *r3;
579: *r3 &= *r0;
580: *r0 ^= *r4;
581: *r3 ^= *r2;
582: *r2 |= *r4;
583: *r1 ^= *r3;
584: *r2 ^= *r0;
585: *r0 |= *r1;
586: *r2 ^= *r1;
587: *r4 ^= *r0;
588: *r0 |= *r3;
589: *r0 ^= *r2;
590: *r4 ^= *r3;
591: *r4 ^= *r0;
592: *r3 = ~*r3;
593: *r2 &= *r4;
594: *r2 ^= *r3;
595: }
596:
597: static void S7f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4)
598: {
599: *r4 = *r2;
600: *r2 &= *r1;
601: *r2 ^= *r3;
602: *r3 &= *r1;
603: *r4 ^= *r2;
604: *r2 ^= *r1;
605: *r1 ^= *r0;
606: *r0 |= *r4;
607: *r0 ^= *r2;
608: *r3 ^= *r1;
609: *r2 ^= *r3;
610: *r3 &= *r0;
611: *r3 ^= *r4;
612: *r4 ^= *r2;
613: *r2 &= *r0;
614: *r4 = ~*r4;
615: *r2 ^= *r4;
616: *r4 &= *r0;
617: *r1 ^= *r3;
618: *r4 ^= *r1;
619: }
620:
621: static void KXf (const unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d)
622: {
623: *a ^= k[r];
624: *b ^= k[r + 1];
625: *c ^= k[r + 2];
626: *d ^= k[r + 3];
627: }
628:
629: #endif // TC_MINIMIZE_CODE_SIZE
630:
631: #ifndef TC_MINIMIZE_CODE_SIZE
632:
1.1.1.2 root 633: void serpent_set_key(const unsigned __int8 userKey[], int keylen, unsigned __int8 *ks)
1.1 root 634: {
1.1.1.2 root 635: unsigned __int32 a,b,c,d,e;
636: unsigned __int32 *k = (unsigned __int32 *)ks;
637: unsigned __int32 t;
638: int i;
639:
640: for (i = 0; i < keylen / (int)sizeof(__int32); i++)
641: k[i] = LE32(((unsigned __int32*)userKey)[i]);
642:
643: if (keylen < 32)
644: k[keylen/4] |= (unsigned __int32)1 << ((keylen%4)*8);
645:
646: k += 8;
647: t = k[-1];
648: for (i = 0; i < 132; ++i)
649: k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11);
650: k -= 20;
651:
652: #define LK(r, a, b, c, d, e) {\
653: a = k[(8-r)*4 + 0]; \
654: b = k[(8-r)*4 + 1]; \
655: c = k[(8-r)*4 + 2]; \
656: d = k[(8-r)*4 + 3];}
657:
658: #define SK(r, a, b, c, d, e) {\
659: k[(8-r)*4 + 4] = a; \
660: k[(8-r)*4 + 5] = b; \
661: k[(8-r)*4 + 6] = c; \
662: k[(8-r)*4 + 7] = d;} \
663:
664: for (i=0; i<4; i++)
665: {
666: afterS2(LK); afterS2(S3); afterS3(SK);
667: afterS1(LK); afterS1(S2); afterS2(SK);
668: afterS0(LK); afterS0(S1); afterS1(SK);
669: beforeS0(LK); beforeS0(S0); afterS0(SK);
670: k += 8*4;
671: afterS6(LK); afterS6(S7); afterS7(SK);
672: afterS5(LK); afterS5(S6); afterS6(SK);
673: afterS4(LK); afterS4(S5); afterS5(SK);
674: afterS3(LK); afterS3(S4); afterS4(SK);
675: }
676: afterS2(LK); afterS2(S3); afterS3(SK);
1.1 root 677: }
678:
1.1.1.5 root 679: #else // TC_MINIMIZE_CODE_SIZE
680:
681: static void LKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d)
682: {
683: *a = k[r];
684: *b = k[r + 1];
685: *c = k[r + 2];
686: *d = k[r + 3];
687: }
688:
689: static void SKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d)
690: {
691: k[r + 4] = *a;
692: k[r + 5] = *b;
693: k[r + 6] = *c;
694: k[r + 7] = *d;
695: }
696:
697: void serpent_set_key(const unsigned __int8 userKey[], int keylen, unsigned __int8 *ks)
698: {
699: unsigned __int32 a,b,c,d,e;
700: unsigned __int32 *k = (unsigned __int32 *)ks;
701: unsigned __int32 t;
702: int i;
703:
704: for (i = 0; i < keylen / (int)sizeof(__int32); i++)
705: k[i] = LE32(((unsigned __int32*)userKey)[i]);
706:
707: if (keylen < 32)
708: k[keylen/4] |= (unsigned __int32)1 << ((keylen%4)*8);
709:
710: k += 8;
711: t = k[-1];
712: for (i = 0; i < 132; ++i)
713: k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11);
714: k -= 20;
715:
716: for (i=0; i<4; i++)
717: {
718: LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c);
719: LKf (k, 24, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); SKf (k, 20, &a, &e, &b, &d);
720: LKf (k, 28, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); SKf (k, 24, &c, &b, &a, &e);
721: LKf (k, 32, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); SKf (k, 28, &b, &e, &c, &a);
722: k += 8*4;
723: LKf (k, 4, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); SKf (k, 0, &d, &e, &b, &a);
724: LKf (k, 8, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); SKf (k, 4, &a, &c, &d, &b);
725: LKf (k, 12, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); SKf (k, 8, &a, &c, &b, &e);
726: LKf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); SKf (k, 12, &b, &a, &e, &c);
727: }
728: LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c);
729: }
730:
731: #endif // TC_MINIMIZE_CODE_SIZE
732:
733:
1.1.1.4 root 734: #ifndef TC_MINIMIZE_CODE_SIZE
1.1 root 735:
1.1.1.2 root 736: void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks)
1.1 root 737: {
1.1.1.2 root 738: unsigned __int32 a, b, c, d, e;
739: unsigned int i=1;
740: const unsigned __int32 *k = (unsigned __int32 *)ks + 8;
741: unsigned __int32 *in = (unsigned __int32 *) inBlock;
742: unsigned __int32 *out = (unsigned __int32 *) outBlock;
743:
744: a = LE32(in[0]);
745: b = LE32(in[1]);
746: c = LE32(in[2]);
747: d = LE32(in[3]);
748:
749: do
750: {
751: beforeS0(KX); beforeS0(S0); afterS0(LT);
752: afterS0(KX); afterS0(S1); afterS1(LT);
753: afterS1(KX); afterS1(S2); afterS2(LT);
754: afterS2(KX); afterS2(S3); afterS3(LT);
755: afterS3(KX); afterS3(S4); afterS4(LT);
756: afterS4(KX); afterS4(S5); afterS5(LT);
757: afterS5(KX); afterS5(S6); afterS6(LT);
758: afterS6(KX); afterS6(S7);
759:
760: if (i == 4)
761: break;
762:
763: ++i;
764: c = b;
765: b = e;
766: e = d;
767: d = a;
768: a = e;
769: k += 32;
770: beforeS0(LT);
771: }
772: while (1);
773:
774: afterS7(KX);
775:
776: out[0] = LE32(d);
777: out[1] = LE32(e);
778: out[2] = LE32(b);
779: out[3] = LE32(a);
780: }
1.1 root 781:
1.1.1.4 root 782: #else // TC_MINIMIZE_CODE_SIZE
783:
784: typedef unsigned __int32 uint32;
785:
1.1.1.5 root 786: static void LTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d)
1.1.1.4 root 787: {
788: *a = rotlFixed(*a, 13);
789: *c = rotlFixed(*c, 3);
790: *d = rotlFixed(*d ^ *c ^ (*a << 3), 7);
791: *b = rotlFixed(*b ^ *a ^ *c, 1);
792: *a = rotlFixed(*a ^ *b ^ *d, 5);
793: *c = rotlFixed(*c ^ *d ^ (*b << 7), 22);
794: }
795:
796: void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks)
797: {
798: unsigned __int32 a, b, c, d, e;
799: unsigned int i=1;
800: const unsigned __int32 *k = (unsigned __int32 *)ks + 8;
801: unsigned __int32 *in = (unsigned __int32 *) inBlock;
802: unsigned __int32 *out = (unsigned __int32 *) outBlock;
803:
804: a = LE32(in[0]);
805: b = LE32(in[1]);
806: c = LE32(in[2]);
807: d = LE32(in[3]);
808:
809: do
810: {
1.1.1.5 root 811: KXf (k, 0, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); LTf (&b, &e, &c, &a);
812: KXf (k, 4, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); LTf (&c, &b, &a, &e);
813: KXf (k, 8, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); LTf (&a, &e, &b, &d);
814: KXf (k, 12, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); LTf (&e, &b, &d, &c);
815: KXf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); LTf (&b, &a, &e, &c);
816: KXf (k, 20, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); LTf (&a, &c, &b, &e);
817: KXf (k, 24, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); LTf (&a, &c, &d, &b);
818: KXf (k, 28, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e);
1.1.1.4 root 819:
820: if (i == 4)
821: break;
822:
823: ++i;
824: c = b;
825: b = e;
826: e = d;
827: d = a;
828: a = e;
829: k += 32;
1.1.1.5 root 830: LTf (&a,&b,&c,&d);
1.1.1.4 root 831: }
832: while (1);
833:
1.1.1.5 root 834: KXf (k, 32, &d, &e, &b, &a);
1.1.1.4 root 835:
836: out[0] = LE32(d);
837: out[1] = LE32(e);
838: out[2] = LE32(b);
839: out[3] = LE32(a);
840: }
841:
842: #endif // TC_MINIMIZE_CODE_SIZE
843:
1.1.1.5 root 844: #if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_SERPENT)
1.1.1.2 root 845:
846: void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks)
847: {
848: unsigned __int32 a, b, c, d, e;
849: const unsigned __int32 *k = (unsigned __int32 *)ks + 104;
850: unsigned int i=4;
851: unsigned __int32 *in = (unsigned __int32 *) inBlock;
852: unsigned __int32 *out = (unsigned __int32 *) outBlock;
853:
854: a = LE32(in[0]);
855: b = LE32(in[1]);
856: c = LE32(in[2]);
857: d = LE32(in[3]);
858:
859: beforeI7(KX);
860: goto start;
861:
862: do
863: {
864: c = b;
865: b = d;
866: d = e;
867: k -= 32;
868: beforeI7(ILT);
869: start:
870: beforeI7(I7); afterI7(KX);
871: afterI7(ILT); afterI7(I6); afterI6(KX);
872: afterI6(ILT); afterI6(I5); afterI5(KX);
873: afterI5(ILT); afterI5(I4); afterI4(KX);
874: afterI4(ILT); afterI4(I3); afterI3(KX);
875: afterI3(ILT); afterI3(I2); afterI2(KX);
876: afterI2(ILT); afterI2(I1); afterI1(KX);
877: afterI1(ILT); afterI1(I0); afterI0(KX);
878: }
879: while (--i != 0);
880:
881: out[0] = LE32(a);
882: out[1] = LE32(d);
883: out[2] = LE32(b);
884: out[3] = LE32(e);
1.1 root 885: }
1.1.1.4 root 886:
1.1.1.5 root 887: #else // TC_MINIMIZE_CODE_SIZE && !TC_WINDOWS_BOOT_SERPENT
1.1.1.4 root 888:
1.1.1.5 root 889: static void ILTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d)
1.1.1.4 root 890: {
891: *c = rotrFixed(*c, 22);
892: *a = rotrFixed(*a, 5);
893: *c ^= *d ^ (*b << 7);
894: *a ^= *b ^ *d;
895: *b = rotrFixed(*b, 1);
896: *d = rotrFixed(*d, 7) ^ *c ^ (*a << 3);
897: *b ^= *a ^ *c;
898: *c = rotrFixed(*c, 3);
899: *a = rotrFixed(*a, 13);
900: }
901:
902: void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks)
903: {
904: unsigned __int32 a, b, c, d, e;
905: const unsigned __int32 *k = (unsigned __int32 *)ks + 104;
906: unsigned int i=4;
907: unsigned __int32 *in = (unsigned __int32 *) inBlock;
908: unsigned __int32 *out = (unsigned __int32 *) outBlock;
909:
910: a = LE32(in[0]);
911: b = LE32(in[1]);
912: c = LE32(in[2]);
913: d = LE32(in[3]);
914:
1.1.1.5 root 915: KXf (k, 32, &a, &b, &c, &d);
1.1.1.4 root 916: goto start;
917:
918: do
919: {
920: c = b;
921: b = d;
922: d = e;
923: k -= 32;
924: beforeI7(ILT);
925: start:
1.1.1.5 root 926: beforeI7(I7); KXf (k, 28, &d, &a, &b, &e);
927: ILTf (&d, &a, &b, &e); afterI7(I6); KXf (k, 24, &a, &b, &c, &e);
928: ILTf (&a, &b, &c, &e); afterI6(I5); KXf (k, 20, &b, &d, &e, &c);
929: ILTf (&b, &d, &e, &c); afterI5(I4); KXf (k, 16, &b, &c, &e, &a);
930: ILTf (&b, &c, &e, &a); afterI4(I3); KXf (k, 12, &a, &b, &e, &c);
931: ILTf (&a, &b, &e, &c); afterI3(I2); KXf (k, 8, &b, &d, &e, &c);
932: ILTf (&b, &d, &e, &c); afterI2(I1); KXf (k, 4, &a, &b, &c, &e);
933: ILTf (&a, &b, &c, &e); afterI1(I0); KXf (k, 0, &a, &d, &b, &e);
1.1.1.4 root 934: }
935: while (--i != 0);
936:
937: out[0] = LE32(a);
938: out[1] = LE32(d);
939: out[2] = LE32(b);
940: out[3] = LE32(e);
941: }
942:
1.1.1.5 root 943: #endif // TC_MINIMIZE_CODE_SIZE && !TC_WINDOWS_BOOT_SERPENT
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.