Commit | Line | Data |
---|---|---|
6a0a5bdc | 1 | /* -*-c-*- |
2 | * | |
b817bfc6 | 3 | * $Id: skipjack.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ |
6a0a5bdc | 4 | * |
5 | * The Skipjack block cipher | |
6 | * | |
7 | * (c) 2000 Straylight/Edgeware | |
8 | */ | |
9 | ||
45c0fd36 | 10 | /*----- Licensing notice --------------------------------------------------* |
6a0a5bdc | 11 | * |
12 | * This file is part of Catacomb. | |
13 | * | |
14 | * Catacomb is free software; you can redistribute it and/or modify | |
15 | * it under the terms of the GNU Library General Public License as | |
16 | * published by the Free Software Foundation; either version 2 of the | |
17 | * License, or (at your option) any later version. | |
45c0fd36 | 18 | * |
6a0a5bdc | 19 | * Catacomb is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | * GNU Library General Public License for more details. | |
45c0fd36 | 23 | * |
6a0a5bdc | 24 | * You should have received a copy of the GNU Library General Public |
25 | * License along with Catacomb; if not, write to the Free | |
26 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, | |
27 | * MA 02111-1307, USA. | |
28 | */ | |
6a0a5bdc | 29 | |
30 | /*----- Header files ------------------------------------------------------*/ | |
31 | ||
32 | #include <mLib/bits.h> | |
33 | ||
34 | #include "blkc.h" | |
35 | #include "gcipher.h" | |
36 | #include "skipjack.h" | |
37 | #include "skipjack-tab.h" | |
38 | ||
39 | /*----- Global variables --------------------------------------------------*/ | |
40 | ||
41 | const octet skipjack_keysz[] = { KSZ_SET, 10, 0 }; | |
42 | ||
43 | /*----- The Skipjack S-box ------------------------------------------------*/ | |
44 | ||
4e66da02 | 45 | static const octet f[256] = SKIPJACK_S; |
6a0a5bdc | 46 | |
47 | /*----- Main code ---------------------------------------------------------*/ | |
48 | ||
49 | /* --- @skipjack_init@ --- * | |
50 | * | |
45c0fd36 MW |
51 | * Arguments: @skipjack_ctx *k@ = pointer to key block |
52 | * @const void *buf@ = pointer to key buffer | |
53 | * @size_t sz@ = size of key material | |
6a0a5bdc | 54 | * |
45c0fd36 | 55 | * Returns: --- |
6a0a5bdc | 56 | * |
45c0fd36 | 57 | * Use: Initializes a Skipjack key buffer. The key buffer must be |
6a0a5bdc | 58 | * exactly 10 bytes long. |
59 | */ | |
60 | ||
61 | void skipjack_init(skipjack_ctx *k, const void *buf, size_t sz) | |
62 | { | |
fe371977 | 63 | const octet *b = buf; |
64 | uint32 crud; | |
6a0a5bdc | 65 | KSZ_ASSERT(skipjack, sz); |
fe371977 | 66 | k->ka = LOAD32(b); |
67 | k->kb = LOAD32(b + 4); | |
68 | crud = LOAD16(b + 8); | |
69 | k->kc = U32((crud << 16) | (k->ka >> 16)); | |
70 | k->kd = U32((k->ka << 16) | (k->kb >> 16)); | |
71 | k->ke = U32((k->kb << 16) | crud); | |
72 | crud = 0; | |
6a0a5bdc | 73 | } |
74 | ||
75 | /* --- @skipjack_eblk@, @skipjack_dblk@ --- * | |
76 | * | |
45c0fd36 MW |
77 | * Arguments: @const skipjack_ctx *k@ = pointer to key block |
78 | * @const uint32 s[2]@ = pointer to source block | |
79 | * @uint32 d[2]@ = pointer to skipjacktination block | |
6a0a5bdc | 80 | * |
45c0fd36 | 81 | * Returns: --- |
6a0a5bdc | 82 | * |
45c0fd36 | 83 | * Use: Low-level block encryption and decryption. |
6a0a5bdc | 84 | */ |
85 | ||
fe371977 | 86 | #define G(x, k) do { \ |
6a0a5bdc | 87 | octet _x = U8(x >> 8), _y = U8(x); \ |
fe371977 | 88 | _x ^= f[_y ^ U8(k >> 24)]; \ |
89 | _y ^= f[_x ^ U8(k >> 16)]; \ | |
45c0fd36 MW |
90 | _x ^= f[_y ^ U8(k >> 8)]; \ |
91 | _y ^= f[_x ^ U8(k >> 0)]; \ | |
fe371977 | 92 | x = (_x << 8) | _y; \ |
6a0a5bdc | 93 | } while (0) |
94 | ||
fe371977 | 95 | #define RULE_A(w, x, y, z, n, k) do { \ |
96 | G(w, k); z ^= w ^ n++; \ | |
6a0a5bdc | 97 | } while (0) |
98 | ||
fe371977 | 99 | #define RULE_B(w, x, y, z, n, k) do { \ |
100 | x ^= w ^ n++; G(w, k); \ | |
6a0a5bdc | 101 | } while (0) |
102 | ||
103 | void skipjack_eblk(const skipjack_ctx *k, const uint32 *s, uint32 *d) | |
104 | { | |
6a0a5bdc | 105 | unsigned n = 1; |
106 | uint16 w = U16(s[0] >> 16), x = U16(s[0]); | |
107 | uint16 y = U16(s[1] >> 16), z = U16(s[1]); | |
fe371977 | 108 | uint32 ka = k->ka, kb = k->kb, kc = k->kc, kd = k->kd, ke = k->ke; |
109 | ||
110 | RULE_A(w, x, y, z, n, ka); RULE_A(z, w, x, y, n, kb); | |
111 | RULE_A(y, z, w, x, n, kc); RULE_A(x, y, z, w, n, kd); | |
112 | RULE_A(w, x, y, z, n, ke); RULE_A(z, w, x, y, n, ka); | |
113 | RULE_A(y, z, w, x, n, kb); RULE_A(x, y, z, w, n, kc); | |
114 | RULE_B(w, x, y, z, n, kd); RULE_B(z, w, x, y, n, ke); | |
115 | RULE_B(y, z, w, x, n, ka); RULE_B(x, y, z, w, n, kb); | |
116 | RULE_B(w, x, y, z, n, kc); RULE_B(z, w, x, y, n, kd); | |
117 | RULE_B(y, z, w, x, n, ke); RULE_B(x, y, z, w, n, ka); | |
118 | RULE_A(w, x, y, z, n, kb); RULE_A(z, w, x, y, n, kc); | |
119 | RULE_A(y, z, w, x, n, kd); RULE_A(x, y, z, w, n, ke); | |
120 | RULE_A(w, x, y, z, n, ka); RULE_A(z, w, x, y, n, kb); | |
121 | RULE_A(y, z, w, x, n, kc); RULE_A(x, y, z, w, n, kd); | |
122 | RULE_B(w, x, y, z, n, ke); RULE_B(z, w, x, y, n, ka); | |
123 | RULE_B(y, z, w, x, n, kb); RULE_B(x, y, z, w, n, kc); | |
124 | RULE_B(w, x, y, z, n, kd); RULE_B(z, w, x, y, n, ke); | |
125 | RULE_B(y, z, w, x, n, ka); RULE_B(x, y, z, w, n, kb); | |
6a0a5bdc | 126 | |
127 | d[0] = ((uint32)w << 16) | (uint32)x; | |
128 | d[1] = ((uint32)y << 16) | (uint32)z; | |
129 | } | |
130 | ||
fe371977 | 131 | #define G_INV(x, k) do { \ |
6a0a5bdc | 132 | octet _x = U8(x >> 8), _y = U8(x); \ |
45c0fd36 MW |
133 | _y ^= f[_x ^ U8(k >> 0)]; \ |
134 | _x ^= f[_y ^ U8(k >> 8)]; \ | |
fe371977 | 135 | _y ^= f[_x ^ U8(k >> 16)]; \ |
136 | _x ^= f[_y ^ U8(k >> 24)]; \ | |
137 | x = (_x << 8) | _y; \ | |
6a0a5bdc | 138 | } while (0) |
139 | ||
140 | #define RULE_A_INV(w, x, y, z, n, i) do { \ | |
141 | w ^= x ^ --n; G_INV(x, i); \ | |
142 | } while (0) | |
143 | ||
144 | #define RULE_B_INV(w, x, y, z, n, i) do { \ | |
145 | G_INV(x, i); y ^= x ^ --n; \ | |
146 | } while (0) | |
147 | ||
148 | void skipjack_dblk(const skipjack_ctx *k, const uint32 *s, uint32 *d) | |
149 | { | |
6a0a5bdc | 150 | unsigned n = 33; |
151 | uint16 w = U16(s[0] >> 16), x = U16(s[0]); | |
152 | uint16 y = U16(s[1] >> 16), z = U16(s[1]); | |
fe371977 | 153 | uint32 ka = k->ka, kb = k->kb, kc = k->kc, kd = k->kd, ke = k->ke; |
154 | ||
155 | RULE_B_INV(w, x, y, z, n, kb); RULE_B_INV(x, y, z, w, n, ka); | |
156 | RULE_B_INV(y, z, w, x, n, ke); RULE_B_INV(z, w, x, y, n, kd); | |
157 | RULE_B_INV(w, x, y, z, n, kc); RULE_B_INV(x, y, z, w, n, kb); | |
158 | RULE_B_INV(y, z, w, x, n, ka); RULE_B_INV(z, w, x, y, n, ke); | |
159 | RULE_A_INV(w, x, y, z, n, kd); RULE_A_INV(x, y, z, w, n, kc); | |
160 | RULE_A_INV(y, z, w, x, n, kb); RULE_A_INV(z, w, x, y, n, ka); | |
161 | RULE_A_INV(w, x, y, z, n, ke); RULE_A_INV(x, y, z, w, n, kd); | |
162 | RULE_A_INV(y, z, w, x, n, kc); RULE_A_INV(z, w, x, y, n, kb); | |
163 | RULE_B_INV(w, x, y, z, n, ka); RULE_B_INV(x, y, z, w, n, ke); | |
164 | RULE_B_INV(y, z, w, x, n, kd); RULE_B_INV(z, w, x, y, n, kc); | |
165 | RULE_B_INV(w, x, y, z, n, kb); RULE_B_INV(x, y, z, w, n, ka); | |
166 | RULE_B_INV(y, z, w, x, n, ke); RULE_B_INV(z, w, x, y, n, kd); | |
167 | RULE_A_INV(w, x, y, z, n, kc); RULE_A_INV(x, y, z, w, n, kb); | |
168 | RULE_A_INV(y, z, w, x, n, ka); RULE_A_INV(z, w, x, y, n, ke); | |
169 | RULE_A_INV(w, x, y, z, n, kd); RULE_A_INV(x, y, z, w, n, kc); | |
170 | RULE_A_INV(y, z, w, x, n, kb); RULE_A_INV(z, w, x, y, n, ka); | |
6a0a5bdc | 171 | |
172 | d[0] = ((uint32)w << 16) | (uint32)x; | |
173 | d[1] = ((uint32)y << 16) | (uint32)z; | |
174 | } | |
175 | ||
176 | BLKC_TEST(SKIPJACK, skipjack) | |
177 | ||
178 | /*----- That's all, folks -------------------------------------------------*/ |