projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add new hash functions. Provide full help for subcommands. Run the
[u/mdw/catacomb]
/
idea.c
diff --git
a/idea.c
b/idea.c
index
f554bf4
..
c0a1d07
100644
(file)
--- a/
idea.c
+++ b/
idea.c
@@
-1,6
+1,6
@@
/* -*-c-*-
*
/* -*-c-*-
*
- * $Id: idea.c,v 1.
1 1999/09/03 08:41:12
mdw Exp $
+ * $Id: idea.c,v 1.
4 2000/07/15 17:47:58
mdw Exp $
*
* Implementation of the IDEA cipher
*
*
* Implementation of the IDEA cipher
*
@@
-30,6
+30,16
@@
/*----- Revision history --------------------------------------------------*
*
* $Log: idea.c,v $
/*----- Revision history --------------------------------------------------*
*
* $Log: idea.c,v $
+ * Revision 1.4 2000/07/15 17:47:58 mdw
+ * Fix bug in decryption key scheduling.
+ *
+ * Revision 1.3 2000/07/02 18:24:39 mdw
+ * Use a new multiplication function from an Ascom white paper to resist
+ * timing attacks.
+ *
+ * Revision 1.2 2000/06/17 11:24:08 mdw
+ * New key size interface.
+ *
* Revision 1.1 1999/09/03 08:41:12 mdw
* Initial import.
*
* Revision 1.1 1999/09/03 08:41:12 mdw
* Initial import.
*
@@
-45,8
+55,13
@@
#include <mLib/bits.h>
#include "blkc.h"
#include <mLib/bits.h>
#include "blkc.h"
+#include "gcipher.h"
#include "idea.h"
#include "idea.h"
+/*----- Global variables --------------------------------------------------*/
+
+const octet idea_keysz[] = { KSZ_SET, IDEA_KEYSZ };
+
/*----- Main code ---------------------------------------------------------*/
/* --- @inv@ --- *
/*----- Main code ---------------------------------------------------------*/
/* --- @inv@ --- *
@@
-63,13
+78,16
@@
static uint16 inv(uint16 n)
{
uint32 m = 0x10001;
uint32 a = 1, b = 0;
{
uint32 m = 0x10001;
uint32 a = 1, b = 0;
+ uint32 nn = n;
+ if (!nn)
+ nn = 0x10000;
for (;;) {
uint32 q, r, t;
for (;;) {
uint32 q, r, t;
- if (!(r = m % n))
+ if (!(r = m % n
n
))
break;
break;
- q = m / n;
- m = n
;
n = r;
+ q = m / n
n
;
+ m = n
n; n
n = r;
t = a; a = b - q * a; b = t;
}
if (a > MASK16)
t = a; a = b - q * a; b = t;
}
if (a > MASK16)
@@
-82,22
+100,21
@@
static uint16 inv(uint16 n)
* Arguments @x@ and @y@ are two 32-bit values to multiply. On exit, @x@ is
* the product of the two arguments. The result is not normalized back to 16
* bits; the arguments are not expected to be normalized.
* Arguments @x@ and @y@ are two 32-bit values to multiply. On exit, @x@ is
* the product of the two arguments. The result is not normalized back to 16
* bits; the arguments are not expected to be normalized.
+ *
+ * This code is from `Side Channel Attack Hardening of the IDEA Cipher',
+ * published by Ascom Tech.
*/
#define MUL(x, y) do { \
*/
#define MUL(x, y) do { \
- uint32 _mx, _my = (y); \
- if ((_mx = U16(x)) == 0) \
- (x) = 1 - _my; \
- else if (_my == 0) \
- (x) = 1 - _mx; \
- else { \
- _my *= _mx; \
- _mx = U16(_my); _my >>= 16; \
- if (_mx < _my) \
- (x) = _mx - _my + 1; \
- else \
- (x) = _mx - _my; \
- } \
+ unsigned _t; \
+ uint32 _tt; \
+ \
+ x = U16(x - 1); \
+ _t = U16(y - 1); \
+ _tt = (uint32)x * (uint32)_t + (uint32)x + (uint32)_t + 1; \
+ x = U16(_tt); \
+ _t = U16(_tt >> 16); \
+ x = x - _t + (x <= _t); \
} while (0)
/* --- @idea_init@ --- *
} while (0)
/* --- @idea_init@ --- *
@@
-115,7
+132,7
@@
static uint16 inv(uint16 n)
void idea_init(idea_ctx *k, const void *buf, size_t sz)
{
void idea_init(idea_ctx *k, const void *buf, size_t sz)
{
-
assert(((void)"IDEA key must be 128 bits", sz == IDEA_KEYSZ)
);
+
KSZ_ASSERT(idea, sz
);
/* --- Unpack the encryption key --- */
/* --- Unpack the encryption key --- */
@@
-201,28
+218,28
@@
void idea_init(idea_ctx *k, const void *buf, size_t sz)
/* --- @ROUND@ --- */
#define MIX(k, a, b, c, d) do { \
/* --- @ROUND@ --- */
#define MIX(k, a, b, c, d) do { \
- MUL(a,
(k)[0]);
\
-
(b) += (k)[1];
\
-
(c) += (k)[2];
\
- MUL(d,
(k)[3]);
\
+ MUL(a,
k[0]);
\
+
b += k[1];
\
+
c += k[2];
\
+ MUL(d,
k[3]);
\
} while (0)
#define MA(k, a, b, c, d) do { \
} while (0)
#define MA(k, a, b, c, d) do { \
- unsigned _u =
(a) ^ (c);
\
- unsigned _v =
(b) ^ (d);
\
- MUL(_u,
(k)[4]);
\
+ unsigned _u =
a ^ c;
\
+ unsigned _v =
b ^ d;
\
+ MUL(_u,
k[4]);
\
_v += _u; \
_v += _u; \
- MUL(_v,
(k)[5]);
\
+ MUL(_v,
k[5]);
\
_u += _v; \
_u += _v; \
-
(a) ^= _v;
\
-
(b) ^= _u;
\
-
(c) ^= _v;
\
-
(d) ^= _u;
\
+
a ^= _v;
\
+
b ^= _u;
\
+
c ^= _v;
\
+
d ^= _u;
\
} while (0);
#define ROUND(k, a, b, c, d) do { \
} while (0);
#define ROUND(k, a, b, c, d) do { \
- MIX(
(k), (a), (b), (c), (d));
\
- MA(
(k), (a), (b), (c), (d));
\
+ MIX(
k, a, b, c, d);
\
+ MA(
k, a, b, c, d);
\
(k) += 6; \
} while (0)
(k) += 6; \
} while (0)
@@
-244,8
+261,8
@@
void idea_init(idea_ctx *k, const void *buf, size_t sz)
ROUND(_k, _a, _b, _c, _d); \
ROUND(_k, _a, _c, _b, _d); \
MIX (_k, _a, _c, _b, _d); \
ROUND(_k, _a, _b, _c, _d); \
ROUND(_k, _a, _c, _b, _d); \
MIX (_k, _a, _c, _b, _d); \
-
(c) = (U16(_a) << 16) | U16(_c);
\
-
(d) = (U16(_b) << 16) | U16(_d);
\
+
c = ((uint32)U16(_a) << 16) | (uint32)U16(_c);
\
+
d = ((uint32)U16(_b) << 16) | (uint32)U16(_d);
\
} while (0)
#define DBLK(k, a, b) EBLK((k), (a), (b))
} while (0)
#define DBLK(k, a, b) EBLK((k), (a), (b))