mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-23 20:15:19 -07:00
+ aes256estream
This commit is contained in:
parent
edc5faffd6
commit
57a4552eb1
2
.gitignore
vendored
2
.gitignore
vendored
@ -86,6 +86,8 @@ test/default/stream
|
||||
test/default/stream2
|
||||
test/default/stream3
|
||||
test/default/stream4
|
||||
test/default/stream5
|
||||
test/default/stream6
|
||||
test-driver
|
||||
testing
|
||||
|
||||
|
@ -132,6 +132,11 @@ libsodium_la_SOURCES = \
|
||||
crypto_stream/aes128ctr/portable/stream_aes128ctr.c \
|
||||
crypto_stream/aes128ctr/portable/types.h \
|
||||
crypto_stream/aes128ctr/portable/xor_afternm_aes128ctr.c \
|
||||
crypto_stream/aes256estream/hongjun/aes-table.h \
|
||||
crypto_stream/aes256estream/hongjun/aes256-ctr.c \
|
||||
crypto_stream/aes256estream/hongjun/aes256.h \
|
||||
crypto_stream/aes256estream/hongjun/api.h \
|
||||
crypto_stream/aes256estream/hongjun/ecrypt-sync.h \
|
||||
crypto_stream/salsa20/ref/api.h \
|
||||
crypto_stream/salsa20/ref/stream_salsa20.c \
|
||||
crypto_stream/salsa20/ref/xor_salsa20.c \
|
||||
|
309
src/libsodium/crypto_stream/aes256estream/hongjun/aes-table.h
Normal file
309
src/libsodium/crypto_stream/aes256estream/hongjun/aes-table.h
Normal file
@ -0,0 +1,309 @@
|
||||
static const unsigned char Rcon[31] =
|
||||
{
|
||||
0x0, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20,
|
||||
0x40, 0x80, 0x1b, 0x36, 0x6c, 0xc0,
|
||||
0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc,
|
||||
0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4,
|
||||
0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
|
||||
};
|
||||
|
||||
|
||||
static const unsigned char Sbox[256] = {
|
||||
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
|
||||
0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
|
||||
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
|
||||
0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
|
||||
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
|
||||
0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
|
||||
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
|
||||
0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
|
||||
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
|
||||
0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
|
||||
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
|
||||
0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
|
||||
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
|
||||
0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
|
||||
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
|
||||
0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
|
||||
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
|
||||
0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
|
||||
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
|
||||
0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
|
||||
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
|
||||
0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
|
||||
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
|
||||
0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
|
||||
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
|
||||
0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
|
||||
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
|
||||
0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
|
||||
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
|
||||
0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
|
||||
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
|
||||
0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16};
|
||||
|
||||
unsigned int T0[256] = {
|
||||
0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6,
|
||||
0xdf2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591,
|
||||
0x50303060, 0x3010102, 0xa96767ce, 0x7d2b2b56,
|
||||
0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec,
|
||||
0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
|
||||
0x15fafaef, 0xeb5959b2, 0xc947478e, 0xbf0f0fb,
|
||||
0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45,
|
||||
0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b,
|
||||
0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
|
||||
0x5a36366c, 0x413f3f7e, 0x2f7f7f5, 0x4fcccc83,
|
||||
0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x8f1f1f9,
|
||||
0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
|
||||
0xc040408, 0x52c7c795, 0x65232346, 0x5ec3c39d,
|
||||
0x28181830, 0xa1969637, 0xf05050a, 0xb59a9a2f,
|
||||
0x907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
|
||||
0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea,
|
||||
0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34,
|
||||
0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
|
||||
0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d,
|
||||
0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
|
||||
0xf55353a6, 0x68d1d1b9, 0x0, 0x2cededc1,
|
||||
0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6,
|
||||
0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972,
|
||||
0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
|
||||
0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
|
||||
0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511,
|
||||
0xcf45458a, 0x10f9f9e9, 0x6020204, 0x817f7ffe,
|
||||
0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b,
|
||||
0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05,
|
||||
0xad92923f, 0xbc9d9d21, 0x48383870, 0x4f5f5f1,
|
||||
0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142,
|
||||
0x30101020, 0x1affffe5, 0xef3f3fd, 0x6dd2d2bf,
|
||||
0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
|
||||
0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e,
|
||||
0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
|
||||
0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
|
||||
0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3,
|
||||
0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b,
|
||||
0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
|
||||
0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
|
||||
0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14,
|
||||
0xdb494992, 0xa06060c, 0x6c242448, 0xe45c5cb8,
|
||||
0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4,
|
||||
0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2,
|
||||
0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
|
||||
0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949,
|
||||
0xb46c6cd8, 0xfa5656ac, 0x7f4f4f3, 0x25eaeacf,
|
||||
0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
|
||||
0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c,
|
||||
0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
|
||||
0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
|
||||
0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f,
|
||||
0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc,
|
||||
0xd8484890, 0x5030306, 0x1f6f6f7, 0x120e0e1c,
|
||||
0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
|
||||
0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27,
|
||||
0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
|
||||
0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433,
|
||||
0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9,
|
||||
0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
|
||||
0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a,
|
||||
0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0,
|
||||
0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
|
||||
0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c};
|
||||
|
||||
|
||||
unsigned int T1[256] = {
|
||||
0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d,
|
||||
0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154,
|
||||
0x30306050, 0x1010203, 0x6767cea9, 0x2b2b567d,
|
||||
0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a,
|
||||
0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87,
|
||||
0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
|
||||
0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea,
|
||||
0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b,
|
||||
0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
|
||||
0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f,
|
||||
0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908,
|
||||
0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
|
||||
0x404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e,
|
||||
0x18183028, 0x969637a1, 0x5050a0f, 0x9a9a2fb5,
|
||||
0x7070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
|
||||
0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f,
|
||||
0x909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e,
|
||||
0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
|
||||
0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce,
|
||||
0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397,
|
||||
0x5353a6f5, 0xd1d1b968, 0x0, 0xededc12c,
|
||||
0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed,
|
||||
0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b,
|
||||
0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
|
||||
0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16,
|
||||
0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194,
|
||||
0x45458acf, 0xf9f9e910, 0x2020406, 0x7f7ffe81,
|
||||
0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3,
|
||||
0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a,
|
||||
0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
|
||||
0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263,
|
||||
0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d,
|
||||
0xcdcd814c, 0xc0c1814, 0x13132635, 0xececc32f,
|
||||
0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39,
|
||||
0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47,
|
||||
0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
|
||||
0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f,
|
||||
0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83,
|
||||
0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
|
||||
0xdedea779, 0x5e5ebce2, 0xb0b161d, 0xdbdbad76,
|
||||
0xe0e0db3b, 0x32326456, 0x3a3a744e, 0xa0a141e,
|
||||
0x494992db, 0x6060c0a, 0x2424486c, 0x5c5cb8e4,
|
||||
0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6,
|
||||
0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b,
|
||||
0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
|
||||
0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0,
|
||||
0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25,
|
||||
0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x8081018,
|
||||
0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72,
|
||||
0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751,
|
||||
0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
|
||||
0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85,
|
||||
0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa,
|
||||
0x484890d8, 0x3030605, 0xf6f6f701, 0xe0e1c12,
|
||||
0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0,
|
||||
0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9,
|
||||
0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
|
||||
0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7,
|
||||
0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920,
|
||||
0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
|
||||
0x8c8c038f, 0xa1a159f8, 0x89890980, 0xd0d1a17,
|
||||
0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8,
|
||||
0x414182c3, 0x999929b0, 0x2d2d5a77, 0xf0f1e11,
|
||||
0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a};
|
||||
|
||||
unsigned int T2[256] = {
|
||||
0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b,
|
||||
0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5,
|
||||
0x30605030, 0x1020301, 0x67cea967, 0x2b567d2b,
|
||||
0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76,
|
||||
0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d,
|
||||
0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
|
||||
0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf,
|
||||
0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0,
|
||||
0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
|
||||
0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc,
|
||||
0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1,
|
||||
0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
|
||||
0x4080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3,
|
||||
0x18302818, 0x9637a196, 0x50a0f05, 0x9a2fb59a,
|
||||
0x70e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
|
||||
0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75,
|
||||
0x9121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a,
|
||||
0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
|
||||
0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3,
|
||||
0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784,
|
||||
0x53a6f553, 0xd1b968d1, 0x0, 0xedc12ced,
|
||||
0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b,
|
||||
0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39,
|
||||
0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
|
||||
0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb,
|
||||
0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485,
|
||||
0x458acf45, 0xf9e910f9, 0x2040602, 0x7ffe817f,
|
||||
0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8,
|
||||
0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f,
|
||||
0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
|
||||
0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321,
|
||||
0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2,
|
||||
0xcd814ccd, 0xc18140c, 0x13263513, 0xecc32fec,
|
||||
0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917,
|
||||
0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d,
|
||||
0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
|
||||
0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc,
|
||||
0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388,
|
||||
0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
|
||||
0xdea779de, 0x5ebce25e, 0xb161d0b, 0xdbad76db,
|
||||
0xe0db3be0, 0x32645632, 0x3a744e3a, 0xa141e0a,
|
||||
0x4992db49, 0x60c0a06, 0x24486c24, 0x5cb8e45c,
|
||||
0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662,
|
||||
0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79,
|
||||
0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
|
||||
0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9,
|
||||
0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea,
|
||||
0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x8101808,
|
||||
0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e,
|
||||
0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6,
|
||||
0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
|
||||
0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a,
|
||||
0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66,
|
||||
0x4890d848, 0x3060503, 0xf6f701f6, 0xe1c120e,
|
||||
0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9,
|
||||
0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e,
|
||||
0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
|
||||
0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794,
|
||||
0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9,
|
||||
0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
|
||||
0x8c038f8c, 0xa159f8a1, 0x89098089, 0xd1a170d,
|
||||
0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868,
|
||||
0x4182c341, 0x9929b099, 0x2d5a772d, 0xf1e110f,
|
||||
0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16};
|
||||
|
||||
unsigned int T3[256] = {
|
||||
0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b,
|
||||
0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5,
|
||||
0x60503030, 0x2030101, 0xcea96767, 0x567d2b2b,
|
||||
0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676,
|
||||
0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d,
|
||||
0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
|
||||
0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf,
|
||||
0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0,
|
||||
0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
|
||||
0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc,
|
||||
0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1,
|
||||
0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
|
||||
0x80c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3,
|
||||
0x30281818, 0x37a19696, 0xa0f0505, 0x2fb59a9a,
|
||||
0xe090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
|
||||
0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575,
|
||||
0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a,
|
||||
0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
|
||||
0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3,
|
||||
0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484,
|
||||
0xa6f55353, 0xb968d1d1, 0x0, 0xc12ceded,
|
||||
0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b,
|
||||
0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939,
|
||||
0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
|
||||
0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb,
|
||||
0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585,
|
||||
0x8acf4545, 0xe910f9f9, 0x4060202, 0xfe817f7f,
|
||||
0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8,
|
||||
0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x58a8f8f,
|
||||
0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
|
||||
0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121,
|
||||
0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2,
|
||||
0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
|
||||
0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717,
|
||||
0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d,
|
||||
0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
|
||||
0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc,
|
||||
0x44662222, 0x547e2a2a, 0x3bab9090, 0xb838888,
|
||||
0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
|
||||
0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb,
|
||||
0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a,
|
||||
0x92db4949, 0xc0a0606, 0x486c2424, 0xb8e45c5c,
|
||||
0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262,
|
||||
0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979,
|
||||
0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
|
||||
0x18c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9,
|
||||
0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea,
|
||||
0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
|
||||
0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e,
|
||||
0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6,
|
||||
0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
|
||||
0x96dd4b4b, 0x61dcbdbd, 0xd868b8b, 0xf858a8a,
|
||||
0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666,
|
||||
0x90d84848, 0x6050303, 0xf701f6f6, 0x1c120e0e,
|
||||
0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9,
|
||||
0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e,
|
||||
0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
|
||||
0xd2bb6969, 0xa970d9d9, 0x7898e8e, 0x33a79494,
|
||||
0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9,
|
||||
0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
|
||||
0x38f8c8c, 0x59f8a1a1, 0x9808989, 0x1a170d0d,
|
||||
0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868,
|
||||
0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
|
||||
0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616};
|
||||
|
208
src/libsodium/crypto_stream/aes256estream/hongjun/aes256-ctr.c
Normal file
208
src/libsodium/crypto_stream/aes256estream/hongjun/aes256-ctr.c
Normal file
@ -0,0 +1,208 @@
|
||||
/* aes-ctr.c */
|
||||
/* AES in CTR mode. */
|
||||
|
||||
/* Hongjun Wu, January 2007*/
|
||||
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
#include "api.h"
|
||||
#include "aes256.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* key setup for AES-256*/
|
||||
static void ECRYPT_keysetup(
|
||||
ECRYPT_ctx* ctx,
|
||||
const u8* key,
|
||||
u32 keysize,
|
||||
u32 ivsize)
|
||||
{
|
||||
unsigned int w[Nk*(Nr+1)], temp;
|
||||
|
||||
int i, j;
|
||||
|
||||
(void) sizeof(char[sizeof *ctx == crypto_stream_BEFORENMBYTES ? 1 : -1]);
|
||||
|
||||
i = 0;
|
||||
|
||||
for( i = 0; i < Nk; i++ )
|
||||
{
|
||||
w[i] = key[(i << 2)];
|
||||
w[i] |= key[(i << 2)+1] << 8;
|
||||
w[i] |= key[(i << 2)+2] << 16;
|
||||
w[i] |= key[(i << 2)+3] << 24;
|
||||
}
|
||||
|
||||
i = Nk;
|
||||
|
||||
while( i < Nb*(Nr+1) )
|
||||
{
|
||||
temp = w[i-1];
|
||||
|
||||
temp = Sbox[ temp & 0xFF] << 24 ^
|
||||
Sbox[(temp >> 8) & 0xFF] ^
|
||||
(Sbox[(temp >> 16) & 0xFF] << 8 ) ^
|
||||
(Sbox[(temp >> 24) & 0xFF] << 16) ^
|
||||
Rcon[i/Nk];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
temp = Sbox[ temp & 0xFF] ^
|
||||
Sbox[(temp >> 8) & 0xFF] << 8 ^
|
||||
(Sbox[(temp >> 16) & 0xFF] << 16 ) ^
|
||||
(Sbox[(temp >> 24) & 0xFF] << 24);
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
|
||||
temp = w[i-1];
|
||||
w[i] = w[i-Nk] ^ temp;
|
||||
i++;
|
||||
}
|
||||
|
||||
|
||||
for (i = 0; i <= Nr; i++)
|
||||
for (j = 0; j < Nb; j++)
|
||||
ctx->round_key[i][j] = w[(i<<2)+j];
|
||||
}
|
||||
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
|
||||
static void ECRYPT_ivsetup(
|
||||
ECRYPT_ctx* ctx,
|
||||
const u8* iv)
|
||||
{
|
||||
(void) sizeof(char[(sizeof ctx->counter) == crypto_stream_NONCEBYTES ? 1 : -1]);
|
||||
memcpy(ctx->counter, iv, crypto_stream_NONCEBYTES);
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
static void ECRYPT_process_bytes(
|
||||
int action,
|
||||
ECRYPT_ctx* ctx,
|
||||
const u8* input,
|
||||
u8* output,
|
||||
u32 msglen)
|
||||
{
|
||||
u8 keystream[16];
|
||||
u32 i;
|
||||
|
||||
partial_precompute_tworounds(ctx);
|
||||
|
||||
for ( ; msglen >= 16; msglen -= 16, input += 16, output += 16)
|
||||
{
|
||||
aes256_enc_block(ctx->counter, keystream, ctx);
|
||||
|
||||
((u32*)output)[0] = ((u32*)input)[0] ^ ((u32*)keystream)[0] ^ ctx->round_key[Nr][0];
|
||||
((u32*)output)[1] = ((u32*)input)[1] ^ ((u32*)keystream)[1] ^ ctx->round_key[Nr][1];
|
||||
((u32*)output)[2] = ((u32*)input)[2] ^ ((u32*)keystream)[2] ^ ctx->round_key[Nr][2];
|
||||
((u32*)output)[3] = ((u32*)input)[3] ^ ((u32*)keystream)[3] ^ ctx->round_key[Nr][3];
|
||||
|
||||
ctx->counter[0]++;
|
||||
|
||||
if ((ctx->counter[0] & 0xff)== 0) partial_precompute_tworounds(ctx);
|
||||
}
|
||||
|
||||
if (msglen > 0)
|
||||
{
|
||||
aes256_enc_block(ctx->counter, keystream, ctx);
|
||||
((u32*)keystream)[0] ^= ctx->round_key[Nr][0];
|
||||
((u32*)keystream)[1] ^= ctx->round_key[Nr][1];
|
||||
((u32*)keystream)[2] ^= ctx->round_key[Nr][2];
|
||||
((u32*)keystream)[3] ^= ctx->round_key[Nr][3];
|
||||
|
||||
for (i = 0; i < msglen; i ++)
|
||||
output[i] = input[i] ^ keystream[i];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
#include "ecrypt-sync.h"
|
||||
|
||||
int
|
||||
crypto_stream_beforenm(unsigned char *c, const unsigned char *k)
|
||||
{
|
||||
ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c;
|
||||
|
||||
ECRYPT_keysetup(ctx,k,crypto_stream_KEYBYTES * 8,
|
||||
crypto_stream_NONCEBYTES * 8);
|
||||
}
|
||||
|
||||
int
|
||||
crypto_stream_afternm(unsigned char *outp, unsigned long long len,
|
||||
const unsigned char *noncep, const unsigned char *c)
|
||||
{
|
||||
ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c;
|
||||
unsigned long long i;
|
||||
|
||||
ECRYPT_ivsetup(ctx, noncep);
|
||||
for (i = 0U; i < len; ++i) {
|
||||
outp[i] = 0U;
|
||||
}
|
||||
ECRYPT_encrypt_bytes(ctx, (u8 *) outp, (u8 *) outp, len);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
crypto_stream_xor_afternm(unsigned char *outp, const unsigned char *inp,
|
||||
unsigned long long len, const unsigned char *noncep,
|
||||
const unsigned char *c)
|
||||
{
|
||||
ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c;
|
||||
|
||||
ECRYPT_ivsetup(ctx, noncep);
|
||||
ECRYPT_encrypt_bytes(ctx, (const u8 *) inp, (u8 *) outp, len);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
crypto_stream(unsigned char *out, unsigned long long outlen,
|
||||
const unsigned char *n, const unsigned char *k)
|
||||
{
|
||||
unsigned char d[crypto_stream_BEFORENMBYTES];
|
||||
crypto_stream_beforenm(d, k);
|
||||
crypto_stream_afternm(out, outlen, n, d);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int crypto_stream_xor(unsigned char *out, const unsigned char *in,
|
||||
unsigned long long inlen, const unsigned char *n,
|
||||
const unsigned char *k)
|
||||
{
|
||||
unsigned char d[crypto_stream_BEFORENMBYTES];
|
||||
|
||||
crypto_stream_beforenm(d, k);
|
||||
crypto_stream_xor_afternm(out, in, inlen, n, d);
|
||||
|
||||
return 0;
|
||||
}
|
187
src/libsodium/crypto_stream/aes256estream/hongjun/aes256.h
Normal file
187
src/libsodium/crypto_stream/aes256estream/hongjun/aes256.h
Normal file
@ -0,0 +1,187 @@
|
||||
/* aes256.h */
|
||||
/* Hongjun Wu, January 2007*/
|
||||
|
||||
|
||||
#include "ecrypt-sync.h"
|
||||
#include "aes-table.h"
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#define first_round(ctx,x0,y0) { \
|
||||
u32 z0,t0,tem0; \
|
||||
z0 = (x0) ^ ctx->round_key[0][0]; \
|
||||
t0 = (u8) z0; \
|
||||
tem0 = T0[t0]; \
|
||||
(y0) = tem0 ^ ctx->first_round_output_x0; \
|
||||
}
|
||||
|
||||
#define second_round(ctx,x0,y0,y1,y2,y3) { \
|
||||
u32 t0,t7,t10,t13; \
|
||||
u32 tem0,tem7,tem10,tem13; \
|
||||
t0 = (u8)(x0); \
|
||||
tem0 = T0[t0]; \
|
||||
(y0) = tem0 ^ ctx->second_round_output[0]; \
|
||||
t7 = (u8)((x0)>>24); \
|
||||
tem7 = T3[t7]; \
|
||||
(y1) = tem7 ^ ctx->second_round_output[1]; \
|
||||
t10 = (u8)((x0)>>16); \
|
||||
tem10 = T2[t10]; \
|
||||
(y2) = tem10 ^ ctx->second_round_output[2]; \
|
||||
t13 = (u8)((x0)>>8); \
|
||||
tem13 = T1[t13];\
|
||||
(y3) = tem13 ^ ctx->second_round_output[3]; \
|
||||
}
|
||||
|
||||
#define round(ctx,x0,x1,x2,x3,y0,y1,y2,y3,r) { \
|
||||
u32 t0,t1,t2,t3; \
|
||||
u32 t4,t5,t6,t7; \
|
||||
u32 t8,t9,t10,t11; \
|
||||
u32 t12,t13,t14,t15;\
|
||||
u32 tem0,tem1,tem2,tem3; \
|
||||
u32 tem4,tem5,tem6,tem7; \
|
||||
u32 tem8,tem9,tem10,tem11; \
|
||||
u32 tem12,tem13,tem14,tem15;\
|
||||
\
|
||||
t0 = (u8)(x0); \
|
||||
tem0 = T0[t0]; \
|
||||
t1 = (u8)((x1)>>8); \
|
||||
tem1 = tem0 ^ T1[t1]; \
|
||||
t2 = (u8)((x2)>>16); \
|
||||
tem2 = tem1 ^ T2[t2]; \
|
||||
t3 = (u8)((x3)>>24); \
|
||||
tem3 = tem2 ^ T3[t3]; \
|
||||
(y0) = tem3 ^ ctx->round_key[r][0]; \
|
||||
\
|
||||
t4 = (u8)(x1); \
|
||||
tem4 = T0[t4]; \
|
||||
t5 = (u8)((x2)>>8); \
|
||||
tem5 = tem4 ^ T1[t5]; \
|
||||
t6 = (u8)((x3)>>16); \
|
||||
tem6 = tem5 ^ T2[t6]; \
|
||||
t7 = (u8)((x0)>>24); \
|
||||
tem7 = tem6 ^ T3[t7]; \
|
||||
(y1) = tem7 ^ ctx->round_key[r][1]; \
|
||||
\
|
||||
t8 = (u8)(x2); \
|
||||
tem8 = T0[t8]; \
|
||||
t9 = (u8)((x3)>>8); \
|
||||
tem9 = tem8 ^ T1[t9]; \
|
||||
t10 = (u8)((x0)>>16); \
|
||||
tem10 = tem9 ^ T2[t10]; \
|
||||
t11 = (u8)((x1)>>24); \
|
||||
tem11 = tem10 ^ T3[t11];\
|
||||
(y2) = tem11 ^ ctx->round_key[r][2]; \
|
||||
\
|
||||
t12 = (u8)(x3); \
|
||||
tem12 = T0[t12]; \
|
||||
t13 = (u8)((x0)>>8); \
|
||||
tem13 = tem12 ^ T1[t13];\
|
||||
t14 = (u8)((x1)>>16); \
|
||||
tem14 = tem13 ^ T2[t14];\
|
||||
t15 = (u8)((x2)>>24); \
|
||||
tem15 = tem14 ^ T3[t15];\
|
||||
(y3) = tem15 ^ ctx->round_key[r][3]; \
|
||||
}
|
||||
|
||||
/* 22.14 cycles/byte*/
|
||||
#define last_round(ctx,x0,x1,x2,x3,output,r) { \
|
||||
u32 t0,t1,t2,t3; \
|
||||
u32 t4,t5,t6,t7; \
|
||||
u32 t8,t9,t10,t11; \
|
||||
u32 t12,t13,t14,t15;\
|
||||
\
|
||||
t0 = (u8)(x0); \
|
||||
output[0] = Sbox[t0]; \
|
||||
t7 = (u8)((x0)>>24); \
|
||||
output[7] = Sbox[t7]; \
|
||||
t10 = (u8)((x0)>>16); \
|
||||
output[10] = Sbox[t10]; \
|
||||
t13 = (u8)((x0)>>8); \
|
||||
output[13] = Sbox[t13]; \
|
||||
\
|
||||
t1 = (u8)((x1)>>8); \
|
||||
output[1] = Sbox[t1]; \
|
||||
t4 = (u8)(x1); \
|
||||
output[4] = Sbox[t4]; \
|
||||
t11 = (u8)((x1)>>24); \
|
||||
output[11] = Sbox[t11]; \
|
||||
t14 = (u8)((x1)>>16); \
|
||||
output[14] = Sbox[t14]; \
|
||||
\
|
||||
t2 = (u8)((x2)>>16); \
|
||||
output[2] = Sbox[t2]; \
|
||||
t5 = (u8)((x2)>>8); \
|
||||
output[5] = Sbox[t5]; \
|
||||
t8 = (u8)(x2); \
|
||||
output[8] = Sbox[t8]; \
|
||||
t15 = (u8)((x2)>>24); \
|
||||
output[15] = Sbox[t15]; \
|
||||
\
|
||||
t3 = (u8)((x3)>>24); \
|
||||
output[3] = Sbox[t3]; \
|
||||
t6 = (u8)((x3)>>16); \
|
||||
output[6] = Sbox[t6]; \
|
||||
t9 = (u8)((x3)>>8); \
|
||||
output[9] = Sbox[t9]; \
|
||||
t12 = (u8)(x3); \
|
||||
output[12] = Sbox[t12]; \
|
||||
}
|
||||
|
||||
/*
|
||||
((u32*)output)[0] ^= ctx->round_key[r][0]; \
|
||||
((u32*)output)[1] ^= ctx->round_key[r][1]; \
|
||||
((u32*)output)[2] ^= ctx->round_key[r][2]; \
|
||||
((u32*)output)[3] ^= ctx->round_key[r][3]; \
|
||||
}
|
||||
*/
|
||||
|
||||
#define aes256_enc_block(x,output,ctx) {\
|
||||
u32 y0,y1,y2,y3;\
|
||||
u32 z0,z1,z2,z3;\
|
||||
u32 a0,a1,a2,a3;\
|
||||
u32 b0,b1,b2,b3;\
|
||||
u32 c0,c1,c2,c3;\
|
||||
u32 d0,d1,d2,d3;\
|
||||
u32 e0,e1,e2,e3;\
|
||||
u32 f0,f1,f2,f3;\
|
||||
u32 g0,g1,g2,g3;\
|
||||
u32 h0,h1,h2,h3;\
|
||||
u32 i0,i1,i2,i3;\
|
||||
u32 j0,j1,j2,j3;\
|
||||
u32 k0,k1,k2,k3;\
|
||||
first_round(ctx,x[0],y0);\
|
||||
second_round(ctx,y0,z0,z1,z2,z3);\
|
||||
round(ctx,z0,z1,z2,z3,a0,a1,a2,a3,3);\
|
||||
round(ctx,a0,a1,a2,a3,b0,b1,b2,b3,4);\
|
||||
round(ctx,b0,b1,b2,b3,c0,c1,c2,c3,5);\
|
||||
round(ctx,c0,c1,c2,c3,d0,d1,d2,d3,6);\
|
||||
round(ctx,d0,d1,d2,d3,e0,e1,e2,e3,7);\
|
||||
round(ctx,e0,e1,e2,e3,f0,f1,f2,f3,8);\
|
||||
round(ctx,f0,f1,f2,f3,g0,g1,g2,g3,9);\
|
||||
round(ctx,g0,g1,g2,g3,h0,h1,h2,h3,10);\
|
||||
round(ctx,h0,h1,h2,h3,i0,i1,i2,i3,11);\
|
||||
round(ctx,i0,i1,i2,i3,j0,j1,j2,j3,12);\
|
||||
round(ctx,j0,j1,j2,j3,k0,k1,k2,k3,13);\
|
||||
last_round(ctx,k0,k1,k2,k3,(output),14);\
|
||||
}
|
||||
|
||||
/*compute the intermediate values for the first two rounds*/
|
||||
void partial_precompute_tworounds(ECRYPT_ctx* ctx)
|
||||
{
|
||||
u32 x0,x1,x2,x3,y0,y1,y2,y3;
|
||||
|
||||
x0 = ctx->counter[0] ^ ctx->round_key[0][0];
|
||||
x1 = ctx->counter[1] ^ ctx->round_key[0][1];
|
||||
x2 = ctx->counter[2] ^ ctx->round_key[0][2];
|
||||
x3 = ctx->counter[3] ^ ctx->round_key[0][3];
|
||||
x0 &= 0xffffff00;
|
||||
round(ctx,x0,x1,x2,x3,y0,y1,y2,y3,1);
|
||||
ctx->first_round_output_x0 = y0 ^ T0[0];
|
||||
y0 = 0;
|
||||
round(ctx,y0,y1,y2,y3,x0,x1,x2,x3,2);
|
||||
ctx->second_round_output[0] = x0 ^ T0[0];
|
||||
ctx->second_round_output[1] = x1 ^ T3[0];
|
||||
ctx->second_round_output[2] = x2 ^ T2[0];
|
||||
ctx->second_round_output[3] = x3 ^ T1[0];
|
||||
}
|
||||
|
14
src/libsodium/crypto_stream/aes256estream/hongjun/api.h
Normal file
14
src/libsodium/crypto_stream/aes256estream/hongjun/api.h
Normal file
@ -0,0 +1,14 @@
|
||||
|
||||
#include "crypto_stream_aes256estream.h"
|
||||
|
||||
#define crypto_stream crypto_stream_aes256estream
|
||||
#define crypto_stream_xor crypto_stream_aes256estream_xor
|
||||
#define crypto_stream_beforenm crypto_stream_aes256estream_beforenm
|
||||
#define crypto_stream_afternm crypto_stream_aes256estream_afternm
|
||||
#define crypto_stream_xor_afternm crypto_stream_aes256estream_xor_afternm
|
||||
#define crypto_stream_KEYBYTES crypto_stream_aes256estream_KEYBYTES
|
||||
#define crypto_stream_NONCEBYTES crypto_stream_aes256estream_NONCEBYTES
|
||||
#define crypto_stream_BEFORENMBYTES crypto_stream_aes256estream_BEFORENMBYTES
|
||||
#define crypto_stream_PRIMITIVE "aes256estream"
|
||||
#define crypto_stream_IMPLEMENTATION crypto_stream_aes256estream_IMPLEMENTATION
|
||||
#define crypto_stream_VERSION crypto_stream_aes256estream_VERSION
|
@ -0,0 +1,27 @@
|
||||
|
||||
#ifndef __ECRYPT_SYNC__
|
||||
#define __ECRYPT_SYNC__
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
typedef uint8_t u8;
|
||||
typedef uint32_t u32;
|
||||
|
||||
#define Nr 14
|
||||
#define Nk 8
|
||||
#define Nb 4
|
||||
|
||||
#pragma pack(push, 1)
|
||||
__attribute__((aligned(64))) typedef struct
|
||||
{
|
||||
u32 round_key[Nr+1][4];
|
||||
u32 counter[4];
|
||||
u32 first_round_output_x0;
|
||||
u32 second_round_output[4];
|
||||
} ECRYPT_ctx;
|
||||
#pragma pack(pop)
|
||||
|
||||
#define ECRYPT_encrypt_bytes(ctx, plaintext, ciphertext, msglen) \
|
||||
ECRYPT_process_bytes(0, ctx, plaintext, ciphertext, msglen)
|
||||
|
||||
#endif
|
@ -33,6 +33,7 @@ SODIUM_EXPORT = \
|
||||
sodium/crypto_sign_edwards25519sha512batch.h \
|
||||
sodium/crypto_stream.h \
|
||||
sodium/crypto_stream_aes128ctr.h \
|
||||
sodium/crypto_stream_aes256estream.h \
|
||||
sodium/crypto_stream_salsa20.h \
|
||||
sodium/crypto_stream_salsa2012.h \
|
||||
sodium/crypto_stream_salsa208.h \
|
||||
|
@ -32,6 +32,7 @@
|
||||
#include <sodium/crypto_sign_edwards25519sha512batch.h>
|
||||
#include <sodium/crypto_stream.h>
|
||||
#include <sodium/crypto_stream_aes128ctr.h>
|
||||
#include <sodium/crypto_stream_aes256estream.h>
|
||||
#include <sodium/crypto_stream_salsa20.h>
|
||||
#include <sodium/crypto_stream_salsa2012.h>
|
||||
#include <sodium/crypto_stream_salsa208.h>
|
||||
|
48
src/libsodium/include/sodium/crypto_stream_aes256estream.h
Normal file
48
src/libsodium/include/sodium/crypto_stream_aes256estream.h
Normal file
@ -0,0 +1,48 @@
|
||||
#ifndef crypto_stream_aes256estream_H
|
||||
#define crypto_stream_aes256estream_H
|
||||
|
||||
/*
|
||||
* WARNING: This is just a stream cipher. It is NOT authenticated encryption.
|
||||
* While it provides some protection against eavesdropping, it does NOT
|
||||
* provide any security against active attacks.
|
||||
* Furthermore, this implementation was not part of NaCl.
|
||||
* Unless you know what you're doing, what you are looking for is probably
|
||||
* the crypto_box functions.
|
||||
*/
|
||||
|
||||
#include "export.h"
|
||||
|
||||
#define crypto_stream_aes256estream_KEYBYTES 32
|
||||
#define crypto_stream_aes256estream_NONCEBYTES 16
|
||||
#define crypto_stream_aes256estream_BEFORENMBYTES 276
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_stream_aes256estream(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_stream_aes256estream_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_stream_aes256estream_beforenm(unsigned char *,const unsigned char *);
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_stream_aes256estream_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_stream_aes256estream_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#define crypto_stream_aes256estream_hongjun crypto_stream_aes256estream
|
||||
#define crypto_stream_aes256estream_hongjun_xor crypto_stream_aes256estream_xor
|
||||
#define crypto_stream_aes256estream_hongjun_beforenm crypto_stream_aes256estream_beforenm
|
||||
#define crypto_stream_aes256estream_hongjun_afternm crypto_stream_aes256estream_afternm
|
||||
#define crypto_stream_aes256estream_hongjun_xor_afternm crypto_stream_aes256estream_xor_afternm
|
||||
|
||||
#endif
|
@ -38,7 +38,9 @@ EXTRA_DIST = \
|
||||
stream.exp \
|
||||
stream2.exp \
|
||||
stream3.exp \
|
||||
stream4.exp
|
||||
stream4.exp \
|
||||
stream5.exp \
|
||||
stream6.exp
|
||||
|
||||
AM_CPPFLAGS = \
|
||||
-I$(top_srcdir)/src/libsodium/include \
|
||||
@ -85,7 +87,9 @@ TESTS_TARGETS = \
|
||||
stream \
|
||||
stream2 \
|
||||
stream3 \
|
||||
stream4
|
||||
stream4 \
|
||||
stream5 \
|
||||
stream6
|
||||
|
||||
check_PROGRAMS = $(TESTS_TARGETS)
|
||||
|
||||
@ -208,4 +212,10 @@ stream3_LDADD = $(TESTS_LDADD)
|
||||
stream4_SOURCE = cmptest.h stream4.c
|
||||
stream4_LDADD = $(TESTS_LDADD)
|
||||
|
||||
stream5_SOURCE = cmptest.h stream5.c
|
||||
stream5_LDADD = $(TESTS_LDADD)
|
||||
|
||||
stream6_SOURCE = cmptest.h stream6.c
|
||||
stream6_LDADD = $(TESTS_LDADD)
|
||||
|
||||
verify: check
|
||||
|
29
test/default/stream5.c
Normal file
29
test/default/stream5.c
Normal file
@ -0,0 +1,29 @@
|
||||
#include <stdio.h>
|
||||
|
||||
#define TEST_NAME "stream5"
|
||||
#include "cmptest.h"
|
||||
|
||||
unsigned char firstkey[32] = {
|
||||
0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4
|
||||
,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7
|
||||
,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2
|
||||
,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89
|
||||
} ;
|
||||
|
||||
unsigned char nonce[16] = {
|
||||
0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73
|
||||
,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6
|
||||
} ;
|
||||
|
||||
unsigned char output[4194304];
|
||||
|
||||
unsigned char h[32];
|
||||
|
||||
int main(void)
|
||||
{
|
||||
int i;
|
||||
crypto_stream_aes256estream(output,4194304,nonce,firstkey);
|
||||
crypto_hash_sha256(h,output,sizeof output);
|
||||
for (i = 0;i < 32;++i) printf("%02x",h[i]); printf("\n");
|
||||
return 0;
|
||||
}
|
1
test/default/stream5.exp
Normal file
1
test/default/stream5.exp
Normal file
@ -0,0 +1 @@
|
||||
b5d3f979ab4a760787484b4e0cf7c82db358b06fdf365cc7d456cc91258af618
|
54
test/default/stream6.c
Normal file
54
test/default/stream6.c
Normal file
@ -0,0 +1,54 @@
|
||||
#include <stdio.h>
|
||||
|
||||
#define TEST_NAME "stream6"
|
||||
#include "cmptest.h"
|
||||
|
||||
unsigned char firstkey[32] = {
|
||||
0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4
|
||||
,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7
|
||||
,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2
|
||||
,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89
|
||||
} ;
|
||||
|
||||
unsigned char nonce[16] = {
|
||||
0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73
|
||||
,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6
|
||||
} ;
|
||||
|
||||
unsigned char m[163] = {
|
||||
0, 0, 0, 0, 0, 0, 0, 0
|
||||
, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5
|
||||
,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b
|
||||
,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4
|
||||
,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc
|
||||
,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a
|
||||
,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29
|
||||
,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4
|
||||
,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31
|
||||
,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d
|
||||
,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57
|
||||
,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a
|
||||
,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde
|
||||
,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd
|
||||
,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52
|
||||
,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40
|
||||
,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64
|
||||
,0x5e,0x07,0x05
|
||||
} ;
|
||||
|
||||
unsigned char c[163];
|
||||
|
||||
int main(void)
|
||||
{
|
||||
int i;
|
||||
crypto_stream_aes256estream_xor(c,m,163,nonce,firstkey);
|
||||
for (i = 32;i < 163;++i) {
|
||||
printf(",0x%02x",(unsigned int) c[i]);
|
||||
if (i % 8 == 7) printf("\n");
|
||||
}
|
||||
printf("\n");
|
||||
return 0;
|
||||
}
|
17
test/default/stream6.exp
Normal file
17
test/default/stream6.exp
Normal file
@ -0,0 +1,17 @@
|
||||
,0x04,0x1d,0x9f,0xb0,0x61,0x23,0xe3,0x37
|
||||
,0x05,0xbb,0x0a,0xfe,0x81,0xc6,0x63,0x87
|
||||
,0xd0,0x61,0x26,0xd8,0xd7,0x18,0x97,0x66
|
||||
,0xc6,0x15,0xf3,0x46,0x58,0x7d,0xdc,0x0a
|
||||
,0x68,0xdd,0xc0,0xaa,0x44,0x80,0xc5,0xa2
|
||||
,0x1c,0xea,0x1f,0xfa,0x17,0xfe,0xe0,0xd1
|
||||
,0x00,0x0f,0x8f,0x70,0x0c,0xd2,0x9e,0xe1
|
||||
,0x00,0x88,0xdf,0xfa,0xf8,0xbd,0x07,0x62
|
||||
,0xbf,0xfd,0x81,0xa8,0x84,0x30,0x39,0x01
|
||||
,0x85,0x08,0x8d,0x66,0x5d,0x96,0x20,0x14
|
||||
,0xa0,0x5a,0xa4,0xe8,0xd2,0x07,0x4f,0x47
|
||||
,0x0c,0x2b,0xbc,0x9b,0xd1,0x11,0x85,0xda
|
||||
,0x71,0xc3,0x59,0x5c,0xd9,0x27,0x64,0x89
|
||||
,0xf2,0x2d,0xa7,0x10,0x80,0xdf,0xbb,0x0f
|
||||
,0x32,0xb9,0x9a,0x07,0x66,0x6c,0x7c,0x41
|
||||
,0xf6,0x78,0x71,0xf7,0x8d,0x69,0xb9,0xb1
|
||||
,0x79,0x8e,0xe3
|
Loading…
Reference in New Issue
Block a user