3 * $Id: serpent-sbox.h,v 1.2 2004/04/08 01:36:15 mdw Exp $
5 * Bitslice S-box implementations
7 * (c) 2000 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Credit where it's due ---------------------------------------------*
32 * These S-box expressions are taken from the paper `Speeding up Serpent', by
33 * Dag Arne Osvik, submitted to AES3.
36 #ifndef CATACOMB_SERPENT_SBOX_H
37 #define CATACOMB_SERPENT_SBOX_H
43 /*----- Header files ------------------------------------------------------*/
45 #include <mLib/bits.h>
47 /*----- Macros provided ---------------------------------------------------*/
51 #define S0(r0, r1, r2, r3) do { \
53 r3 ^= r0; r4 = r1; r1 &= r3; r4 ^= r2; \
54 r1 ^= r0; r0 |= r3; r0 ^= r4; r4 ^= r3; \
55 r3 ^= r2; r2 |= r1; r2 ^= r4; r4 = ~r4; \
56 r4 |= r1; r1 ^= r3; r1 ^= r4; r3 |= r0; \
58 r3 = r0; r0 = r1; r1 = r4; \
61 #define IS0(r0, r1, r2, r3) do { \
63 r2 = ~r2; r4 = r1; r1 |= r0; r4 = ~r4; \
64 r1 ^= r2; r2 |= r4; r1 ^= r3; r0 ^= r4; \
65 r2 ^= r0; r0 &= r3; r4 ^= r0; r0 |= r1; \
66 r0 ^= r2; r3 ^= r4; r2 ^= r1; r3 ^= r0; \
67 r3 ^= r1; r2 &= r3; r4 ^= r2; \
73 #define S1(r0, r1, r2, r3) do { \
75 r0 = ~r0; r2 = ~r2; r4 = r0; r0 &= r1; \
76 r2 ^= r0; r0 |= r3; r3 ^= r2; r1 ^= r0; \
77 r0 ^= r4; r4 |= r1; r1 ^= r3; r2 |= r0; \
78 r2 &= r4; r0 ^= r1; r1 &= r2; r1 ^= r0; \
80 r4 = r0; r0 = r2; r2 = r3; r3 = r1; r1 = r4; \
83 #define IS1(r0, r1, r2, r3) do { \
85 r4 = r1; r1 ^= r3; r3 &= r1; r4 ^= r2; \
86 r3 ^= r0; r0 |= r1; r2 ^= r3; r0 ^= r4; \
87 r0 |= r2; r1 ^= r3; r0 ^= r1; r1 |= r3; \
88 r1 ^= r0; r4 = ~r4; r4 ^= r1; r1 |= r0; \
89 r1 ^= r0; r1 |= r4; r3 ^= r1; \
90 r1 = r0; r0 = r4; r4 = r2; r2 = r3; r3 = r4; \
95 #define S2(r0, r1, r2, r3) do { \
97 r4 = r0; r0 &= r2; r0 ^= r3; r2 ^= r1; \
98 r2 ^= r0; r3 |= r4; r3 ^= r1; r4 ^= r2; \
99 r1 = r3; r3 |= r4; r3 ^= r0; r0 &= r1; \
100 r4 ^= r0; r1 ^= r3; r1 ^= r4; r4 = ~r4; \
101 r0 = r2; r2 = r1; r1 = r3; r3 = r4; \
104 #define IS2(r0, r1, r2, r3) do { \
106 r2 ^= r3; r3 ^= r0; r4 = r3; r3 &= r2; \
107 r3 ^= r1; r1 |= r2; r1 ^= r4; r4 &= r3; \
108 r2 ^= r3; r4 &= r0; r4 ^= r2; r2 &= r1; \
109 r2 |= r0; r3 = ~r3; r2 ^= r3; r0 ^= r3; \
110 r0 &= r1; r3 ^= r4; r3 ^= r0; \
116 #define S3(r0, r1, r2, r3) do { \
118 r4 = r0; r0 |= r3; r3 ^= r1; r1 &= r4; \
119 r4 ^= r2; r2 ^= r3; r3 &= r0; r4 |= r1; \
120 r3 ^= r4; r0 ^= r1; r4 &= r0; r1 ^= r3; \
121 r4 ^= r2; r1 |= r0; r1 ^= r2; r0 ^= r3; \
122 r2 = r1; r1 |= r3; r1 ^= r0; \
123 r0 = r1; r1 = r2; r2 = r3; r3 = r4; \
126 #define IS3(r0, r1, r2, r3) do { \
128 r4 = r2; r2 ^= r1; r0 ^= r2; r4 &= r2; \
129 r4 ^= r0; r0 &= r1; r1 ^= r3; r3 |= r4; \
130 r2 ^= r3; r0 ^= r3; r1 ^= r4; r3 &= r2; \
131 r3 ^= r1; r1 ^= r0; r1 |= r2; r0 ^= r3; \
132 r1 ^= r4; r0 ^= r1; \
133 r4 = r0; r0 = r2; r2 = r3; r3 = r4; \
138 #define S4(r0, r1, r2, r3) do { \
140 r1 ^= r3; r3 = ~r3; r2 ^= r3; r3 ^= r0; \
141 r4 = r1; r1 &= r3; r1 ^= r2; r4 ^= r3; \
142 r0 ^= r4; r2 &= r4; r2 ^= r0; r0 &= r1; \
143 r3 ^= r0; r4 |= r1; r4 ^= r0; r0 |= r3; \
144 r0 ^= r2; r2 &= r3; r0 = ~r0; r4 ^= r2; \
145 r2 = r0; r0 = r1; r1 = r4; \
148 #define IS4(r0, r1, r2, r3) do { \
150 r4 = r2; r2 &= r3; r2 ^= r1; r1 |= r3; \
151 r1 &= r0; r4 ^= r2; r4 ^= r1; r1 &= r2; \
152 r0 = ~r0; r3 ^= r4; r1 ^= r3; r3 &= r0; \
153 r3 ^= r2; r0 ^= r1; r2 &= r0; r3 ^= r0; \
154 r2 ^= r4, r2 |= r3; r3 ^= r0; r2 ^= r1; \
160 #define S5(r0, r1, r2, r3) do { \
162 r0 ^= r1; r1 ^= r3; r3 = ~r3; r4 = r1; \
163 r1 &= r0; r2 ^= r3; r1 ^= r2; r2 |= r4; \
164 r4 ^= r3; r3 &= r1; r3 ^= r0; r4 ^= r1; \
165 r4 ^= r2; r2 ^= r0; r0 &= r3; r2 = ~r2; \
166 r0 ^= r4; r4 |= r3; r2 ^= r4; \
167 r4 = r3; r3 = r2; r2 = r0; r0 = r1; r1 = r4; \
170 #define IS5(r0, r1, r2, r3) do { \
172 r1 = ~r1; r4 = r3; r2 ^= r1; r3 |= r0; \
173 r3 ^= r2; r2 |= r1; r2 &= r0; r4 ^= r3; \
174 r2 ^= r4; r4 |= r0; r4 ^= r1; r1 &= r2; \
175 r1 ^= r3; r4 ^= r2; r3 &= r4; r4 ^= r1; \
176 r3 ^= r4; r4 = ~r4; r3 ^= r0; \
177 r0 = r1; r1 = r4; r4 = r3; r3 = r2; r2 = r4; \
182 #define S6(r0, r1, r2, r3) do { \
184 r2 = ~r2; r4 = r3; r3 &= r0; r0 ^= r4; \
185 r3 ^= r2; r2 |= r4; r1 ^= r3; r2 ^= r0; \
186 r0 |= r1; r2 ^= r1; r4 ^= r0; r0 |= r3; \
187 r0 ^= r2; r4 ^= r3; r4 ^= r0; r3 = ~r3; \
188 r2 &= r4; r2 ^= r3; \
192 #define IS6(r0, r1, r2, r3) do { \
194 r0 ^= r2; r4 = r2; r2 &= r0; r4 ^= r3; \
195 r2 = ~r2; r3 ^= r1; r2 ^= r3; r4 |= r0; \
196 r0 ^= r2; r3 ^= r4; r4 ^= r1; r1 &= r3; \
197 r1 ^= r0; r0 ^= r3; r0 |= r2; r3 ^= r1; \
199 r0 = r1; r1 = r2; r2 = r4; \
204 #define S7(r0, r1, r2, r3) do { \
206 r4 = r1; r1 |= r2; r1 ^= r3; r4 ^= r2; \
207 r2 ^= r1; r3 |= r4; r3 &= r0; r4 ^= r2; \
208 r3 ^= r1; r1 |= r4; r1 ^= r0; r0 |= r4; \
209 r0 ^= r2; r1 ^= r4; r2 ^= r1; r1 &= r0; \
210 r1 ^= r4; r2 = ~r2; r2 |= r0; r4 ^= r2; \
211 r2 = r1; r1 = r3; r3 = r0; r0 = r4; \
214 #define IS7(r0, r1, r2, r3) do { \
216 r4 = r2; r2 ^= r0; r0 &= r3; r4 |= r3; \
217 r2 = ~r2; r3 ^= r1; r1 |= r0; r0 ^= r2; \
218 r2 &= r4; r3 &= r4; r1 ^= r2; r2 ^= r0; \
219 r0 |= r2; r4 ^= r1; r0 ^= r3; r3 ^= r4; \
220 r4 |= r0; r3 ^= r2; r4 ^= r2; \
221 r2 = r1; r1 = r0; r0 = r3; r3 = r4; \
224 /*----- That's all, folks -------------------------------------------------*/