| 1 | /* |
| 2 | * This file is |
| 3 | * Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen |
| 4 | * |
| 5 | * For more information see http://www.cl.cam.ac.uk/users/rja14/serpent.html |
| 6 | * |
| 7 | * This program is free software; you can redistribute it and/or modify |
| 8 | * it under the terms of the GNU General Public License as published by |
| 9 | * the Free Software Foundation; either version 2, or (at your option) |
| 10 | * any later version. |
| 11 | * |
| 12 | * This program is distributed in the hope that it will be useful, |
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 15 | * GNU General Public License for more details. |
| 16 | * |
| 17 | * You should have received a copy of the GNU General Public License |
| 18 | * along with this program; if not, write to the Free Software Foundation, |
| 19 | * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
| 20 | * |
| 21 | */ |
| 22 | |
| 23 | #include "secnet.h" |
| 24 | |
| 25 | #include "serpent.h" |
| 26 | #include "serpentsboxes.h" |
| 27 | |
| 28 | void serpent_makekey(struct keyInstance *key, int keyLen, |
| 29 | uint8_t *keyMaterial) |
| 30 | { |
| 31 | uint32_t i,j; |
| 32 | uint32_t w[132],k[132]; |
| 33 | |
| 34 | for(i=0; i<keyLen/32; i++) |
| 35 | w[i]=keyMaterial[i]; |
| 36 | if(keyLen<256) |
| 37 | w[i]=(keyMaterial[i]&((1L<<((keyLen&31)))-1))|(1L<<((keyLen&31))); |
| 38 | for(i++; i<8; i++) |
| 39 | w[i]=0; |
| 40 | for(i=8; i<16; i++) |
| 41 | w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^(i-8),11); |
| 42 | for(i=0; i<8; i++) |
| 43 | w[i]=w[i+8]; |
| 44 | for(i=8; i<132; i++) |
| 45 | w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^i,11); |
| 46 | |
| 47 | RND03(w[ 0], w[ 1], w[ 2], w[ 3], k[ 0], k[ 1], k[ 2], k[ 3]); |
| 48 | RND02(w[ 4], w[ 5], w[ 6], w[ 7], k[ 4], k[ 5], k[ 6], k[ 7]); |
| 49 | RND01(w[ 8], w[ 9], w[ 10], w[ 11], k[ 8], k[ 9], k[ 10], k[ 11]); |
| 50 | RND00(w[ 12], w[ 13], w[ 14], w[ 15], k[ 12], k[ 13], k[ 14], k[ 15]); |
| 51 | RND31(w[ 16], w[ 17], w[ 18], w[ 19], k[ 16], k[ 17], k[ 18], k[ 19]); |
| 52 | RND30(w[ 20], w[ 21], w[ 22], w[ 23], k[ 20], k[ 21], k[ 22], k[ 23]); |
| 53 | RND29(w[ 24], w[ 25], w[ 26], w[ 27], k[ 24], k[ 25], k[ 26], k[ 27]); |
| 54 | RND28(w[ 28], w[ 29], w[ 30], w[ 31], k[ 28], k[ 29], k[ 30], k[ 31]); |
| 55 | RND27(w[ 32], w[ 33], w[ 34], w[ 35], k[ 32], k[ 33], k[ 34], k[ 35]); |
| 56 | RND26(w[ 36], w[ 37], w[ 38], w[ 39], k[ 36], k[ 37], k[ 38], k[ 39]); |
| 57 | RND25(w[ 40], w[ 41], w[ 42], w[ 43], k[ 40], k[ 41], k[ 42], k[ 43]); |
| 58 | RND24(w[ 44], w[ 45], w[ 46], w[ 47], k[ 44], k[ 45], k[ 46], k[ 47]); |
| 59 | RND23(w[ 48], w[ 49], w[ 50], w[ 51], k[ 48], k[ 49], k[ 50], k[ 51]); |
| 60 | RND22(w[ 52], w[ 53], w[ 54], w[ 55], k[ 52], k[ 53], k[ 54], k[ 55]); |
| 61 | RND21(w[ 56], w[ 57], w[ 58], w[ 59], k[ 56], k[ 57], k[ 58], k[ 59]); |
| 62 | RND20(w[ 60], w[ 61], w[ 62], w[ 63], k[ 60], k[ 61], k[ 62], k[ 63]); |
| 63 | RND19(w[ 64], w[ 65], w[ 66], w[ 67], k[ 64], k[ 65], k[ 66], k[ 67]); |
| 64 | RND18(w[ 68], w[ 69], w[ 70], w[ 71], k[ 68], k[ 69], k[ 70], k[ 71]); |
| 65 | RND17(w[ 72], w[ 73], w[ 74], w[ 75], k[ 72], k[ 73], k[ 74], k[ 75]); |
| 66 | RND16(w[ 76], w[ 77], w[ 78], w[ 79], k[ 76], k[ 77], k[ 78], k[ 79]); |
| 67 | RND15(w[ 80], w[ 81], w[ 82], w[ 83], k[ 80], k[ 81], k[ 82], k[ 83]); |
| 68 | RND14(w[ 84], w[ 85], w[ 86], w[ 87], k[ 84], k[ 85], k[ 86], k[ 87]); |
| 69 | RND13(w[ 88], w[ 89], w[ 90], w[ 91], k[ 88], k[ 89], k[ 90], k[ 91]); |
| 70 | RND12(w[ 92], w[ 93], w[ 94], w[ 95], k[ 92], k[ 93], k[ 94], k[ 95]); |
| 71 | RND11(w[ 96], w[ 97], w[ 98], w[ 99], k[ 96], k[ 97], k[ 98], k[ 99]); |
| 72 | RND10(w[100], w[101], w[102], w[103], k[100], k[101], k[102], k[103]); |
| 73 | RND09(w[104], w[105], w[106], w[107], k[104], k[105], k[106], k[107]); |
| 74 | RND08(w[108], w[109], w[110], w[111], k[108], k[109], k[110], k[111]); |
| 75 | RND07(w[112], w[113], w[114], w[115], k[112], k[113], k[114], k[115]); |
| 76 | RND06(w[116], w[117], w[118], w[119], k[116], k[117], k[118], k[119]); |
| 77 | RND05(w[120], w[121], w[122], w[123], k[120], k[121], k[122], k[123]); |
| 78 | RND04(w[124], w[125], w[126], w[127], k[124], k[125], k[126], k[127]); |
| 79 | RND03(w[128], w[129], w[130], w[131], k[128], k[129], k[130], k[131]); |
| 80 | |
| 81 | for(i=0; i<=32; i++) |
| 82 | for(j=0; j<4; j++) |
| 83 | key->subkeys[i][j] = k[4*i+j]; |
| 84 | } |
| 85 | |
| 86 | void serpent_encrypt(struct keyInstance *key, |
| 87 | uint32_t plaintext[4], |
| 88 | uint32_t ciphertext[4]) |
| 89 | { |
| 90 | register uint32_t x0, x1, x2, x3; |
| 91 | register uint32_t y0, y1, y2, y3; |
| 92 | |
| 93 | x0=plaintext[0]; |
| 94 | x1=plaintext[1]; |
| 95 | x2=plaintext[2]; |
| 96 | x3=plaintext[3]; |
| 97 | |
| 98 | /* Start to encrypt the plaintext x */ |
| 99 | keying(x0, x1, x2, x3, key->subkeys[ 0]); |
| 100 | RND00(x0, x1, x2, x3, y0, y1, y2, y3); |
| 101 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 102 | keying(x0, x1, x2, x3, key->subkeys[ 1]); |
| 103 | RND01(x0, x1, x2, x3, y0, y1, y2, y3); |
| 104 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 105 | keying(x0, x1, x2, x3, key->subkeys[ 2]); |
| 106 | RND02(x0, x1, x2, x3, y0, y1, y2, y3); |
| 107 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 108 | keying(x0, x1, x2, x3, key->subkeys[ 3]); |
| 109 | RND03(x0, x1, x2, x3, y0, y1, y2, y3); |
| 110 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 111 | keying(x0, x1, x2, x3, key->subkeys[ 4]); |
| 112 | RND04(x0, x1, x2, x3, y0, y1, y2, y3); |
| 113 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 114 | keying(x0, x1, x2, x3, key->subkeys[ 5]); |
| 115 | RND05(x0, x1, x2, x3, y0, y1, y2, y3); |
| 116 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 117 | keying(x0, x1, x2, x3, key->subkeys[ 6]); |
| 118 | RND06(x0, x1, x2, x3, y0, y1, y2, y3); |
| 119 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 120 | keying(x0, x1, x2, x3, key->subkeys[ 7]); |
| 121 | RND07(x0, x1, x2, x3, y0, y1, y2, y3); |
| 122 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 123 | keying(x0, x1, x2, x3, key->subkeys[ 8]); |
| 124 | RND08(x0, x1, x2, x3, y0, y1, y2, y3); |
| 125 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 126 | keying(x0, x1, x2, x3, key->subkeys[ 9]); |
| 127 | RND09(x0, x1, x2, x3, y0, y1, y2, y3); |
| 128 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 129 | keying(x0, x1, x2, x3, key->subkeys[10]); |
| 130 | RND10(x0, x1, x2, x3, y0, y1, y2, y3); |
| 131 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 132 | keying(x0, x1, x2, x3, key->subkeys[11]); |
| 133 | RND11(x0, x1, x2, x3, y0, y1, y2, y3); |
| 134 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 135 | keying(x0, x1, x2, x3, key->subkeys[12]); |
| 136 | RND12(x0, x1, x2, x3, y0, y1, y2, y3); |
| 137 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 138 | keying(x0, x1, x2, x3, key->subkeys[13]); |
| 139 | RND13(x0, x1, x2, x3, y0, y1, y2, y3); |
| 140 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 141 | keying(x0, x1, x2, x3, key->subkeys[14]); |
| 142 | RND14(x0, x1, x2, x3, y0, y1, y2, y3); |
| 143 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 144 | keying(x0, x1, x2, x3, key->subkeys[15]); |
| 145 | RND15(x0, x1, x2, x3, y0, y1, y2, y3); |
| 146 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 147 | keying(x0, x1, x2, x3, key->subkeys[16]); |
| 148 | RND16(x0, x1, x2, x3, y0, y1, y2, y3); |
| 149 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 150 | keying(x0, x1, x2, x3, key->subkeys[17]); |
| 151 | RND17(x0, x1, x2, x3, y0, y1, y2, y3); |
| 152 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 153 | keying(x0, x1, x2, x3, key->subkeys[18]); |
| 154 | RND18(x0, x1, x2, x3, y0, y1, y2, y3); |
| 155 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 156 | keying(x0, x1, x2, x3, key->subkeys[19]); |
| 157 | RND19(x0, x1, x2, x3, y0, y1, y2, y3); |
| 158 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 159 | keying(x0, x1, x2, x3, key->subkeys[20]); |
| 160 | RND20(x0, x1, x2, x3, y0, y1, y2, y3); |
| 161 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 162 | keying(x0, x1, x2, x3, key->subkeys[21]); |
| 163 | RND21(x0, x1, x2, x3, y0, y1, y2, y3); |
| 164 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 165 | keying(x0, x1, x2, x3, key->subkeys[22]); |
| 166 | RND22(x0, x1, x2, x3, y0, y1, y2, y3); |
| 167 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 168 | keying(x0, x1, x2, x3, key->subkeys[23]); |
| 169 | RND23(x0, x1, x2, x3, y0, y1, y2, y3); |
| 170 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 171 | keying(x0, x1, x2, x3, key->subkeys[24]); |
| 172 | RND24(x0, x1, x2, x3, y0, y1, y2, y3); |
| 173 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 174 | keying(x0, x1, x2, x3, key->subkeys[25]); |
| 175 | RND25(x0, x1, x2, x3, y0, y1, y2, y3); |
| 176 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 177 | keying(x0, x1, x2, x3, key->subkeys[26]); |
| 178 | RND26(x0, x1, x2, x3, y0, y1, y2, y3); |
| 179 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 180 | keying(x0, x1, x2, x3, key->subkeys[27]); |
| 181 | RND27(x0, x1, x2, x3, y0, y1, y2, y3); |
| 182 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 183 | keying(x0, x1, x2, x3, key->subkeys[28]); |
| 184 | RND28(x0, x1, x2, x3, y0, y1, y2, y3); |
| 185 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 186 | keying(x0, x1, x2, x3, key->subkeys[29]); |
| 187 | RND29(x0, x1, x2, x3, y0, y1, y2, y3); |
| 188 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 189 | keying(x0, x1, x2, x3, key->subkeys[30]); |
| 190 | RND30(x0, x1, x2, x3, y0, y1, y2, y3); |
| 191 | transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 192 | keying(x0, x1, x2, x3, key->subkeys[31]); |
| 193 | RND31(x0, x1, x2, x3, y0, y1, y2, y3); |
| 194 | x0 = y0; x1 = y1; x2 = y2; x3 = y3; |
| 195 | keying(x0, x1, x2, x3, key->subkeys[32]); |
| 196 | /* The ciphertext is now in x */ |
| 197 | |
| 198 | ciphertext[0] = x0; |
| 199 | ciphertext[1] = x1; |
| 200 | ciphertext[2] = x2; |
| 201 | ciphertext[3] = x3; |
| 202 | } |
| 203 | |
| 204 | void serpent_decrypt(struct keyInstance *key, |
| 205 | uint32_t ciphertext[4], |
| 206 | uint32_t plaintext[4]) |
| 207 | { |
| 208 | register uint32_t x0, x1, x2, x3; |
| 209 | register uint32_t y0, y1, y2, y3; |
| 210 | |
| 211 | x0=ciphertext[0]; |
| 212 | x1=ciphertext[1]; |
| 213 | x2=ciphertext[2]; |
| 214 | x3=ciphertext[3]; |
| 215 | |
| 216 | /* Start to decrypt the ciphertext x */ |
| 217 | keying(x0, x1, x2, x3, key->subkeys[32]); |
| 218 | InvRND31(x0, x1, x2, x3, y0, y1, y2, y3); |
| 219 | keying(y0, y1, y2, y3, key->subkeys[31]); |
| 220 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 221 | InvRND30(x0, x1, x2, x3, y0, y1, y2, y3); |
| 222 | keying(y0, y1, y2, y3, key->subkeys[30]); |
| 223 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 224 | InvRND29(x0, x1, x2, x3, y0, y1, y2, y3); |
| 225 | keying(y0, y1, y2, y3, key->subkeys[29]); |
| 226 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 227 | InvRND28(x0, x1, x2, x3, y0, y1, y2, y3); |
| 228 | keying(y0, y1, y2, y3, key->subkeys[28]); |
| 229 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 230 | InvRND27(x0, x1, x2, x3, y0, y1, y2, y3); |
| 231 | keying(y0, y1, y2, y3, key->subkeys[27]); |
| 232 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 233 | InvRND26(x0, x1, x2, x3, y0, y1, y2, y3); |
| 234 | keying(y0, y1, y2, y3, key->subkeys[26]); |
| 235 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 236 | InvRND25(x0, x1, x2, x3, y0, y1, y2, y3); |
| 237 | keying(y0, y1, y2, y3, key->subkeys[25]); |
| 238 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 239 | InvRND24(x0, x1, x2, x3, y0, y1, y2, y3); |
| 240 | keying(y0, y1, y2, y3, key->subkeys[24]); |
| 241 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 242 | InvRND23(x0, x1, x2, x3, y0, y1, y2, y3); |
| 243 | keying(y0, y1, y2, y3, key->subkeys[23]); |
| 244 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 245 | InvRND22(x0, x1, x2, x3, y0, y1, y2, y3); |
| 246 | keying(y0, y1, y2, y3, key->subkeys[22]); |
| 247 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 248 | InvRND21(x0, x1, x2, x3, y0, y1, y2, y3); |
| 249 | keying(y0, y1, y2, y3, key->subkeys[21]); |
| 250 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 251 | InvRND20(x0, x1, x2, x3, y0, y1, y2, y3); |
| 252 | keying(y0, y1, y2, y3, key->subkeys[20]); |
| 253 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 254 | InvRND19(x0, x1, x2, x3, y0, y1, y2, y3); |
| 255 | keying(y0, y1, y2, y3, key->subkeys[19]); |
| 256 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 257 | InvRND18(x0, x1, x2, x3, y0, y1, y2, y3); |
| 258 | keying(y0, y1, y2, y3, key->subkeys[18]); |
| 259 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 260 | InvRND17(x0, x1, x2, x3, y0, y1, y2, y3); |
| 261 | keying(y0, y1, y2, y3, key->subkeys[17]); |
| 262 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 263 | InvRND16(x0, x1, x2, x3, y0, y1, y2, y3); |
| 264 | keying(y0, y1, y2, y3, key->subkeys[16]); |
| 265 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 266 | InvRND15(x0, x1, x2, x3, y0, y1, y2, y3); |
| 267 | keying(y0, y1, y2, y3, key->subkeys[15]); |
| 268 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 269 | InvRND14(x0, x1, x2, x3, y0, y1, y2, y3); |
| 270 | keying(y0, y1, y2, y3, key->subkeys[14]); |
| 271 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 272 | InvRND13(x0, x1, x2, x3, y0, y1, y2, y3); |
| 273 | keying(y0, y1, y2, y3, key->subkeys[13]); |
| 274 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 275 | InvRND12(x0, x1, x2, x3, y0, y1, y2, y3); |
| 276 | keying(y0, y1, y2, y3, key->subkeys[12]); |
| 277 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 278 | InvRND11(x0, x1, x2, x3, y0, y1, y2, y3); |
| 279 | keying(y0, y1, y2, y3, key->subkeys[11]); |
| 280 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 281 | InvRND10(x0, x1, x2, x3, y0, y1, y2, y3); |
| 282 | keying(y0, y1, y2, y3, key->subkeys[10]); |
| 283 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 284 | InvRND09(x0, x1, x2, x3, y0, y1, y2, y3); |
| 285 | keying(y0, y1, y2, y3, key->subkeys[ 9]); |
| 286 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 287 | InvRND08(x0, x1, x2, x3, y0, y1, y2, y3); |
| 288 | keying(y0, y1, y2, y3, key->subkeys[ 8]); |
| 289 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 290 | InvRND07(x0, x1, x2, x3, y0, y1, y2, y3); |
| 291 | keying(y0, y1, y2, y3, key->subkeys[ 7]); |
| 292 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 293 | InvRND06(x0, x1, x2, x3, y0, y1, y2, y3); |
| 294 | keying(y0, y1, y2, y3, key->subkeys[ 6]); |
| 295 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 296 | InvRND05(x0, x1, x2, x3, y0, y1, y2, y3); |
| 297 | keying(y0, y1, y2, y3, key->subkeys[ 5]); |
| 298 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 299 | InvRND04(x0, x1, x2, x3, y0, y1, y2, y3); |
| 300 | keying(y0, y1, y2, y3, key->subkeys[ 4]); |
| 301 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 302 | InvRND03(x0, x1, x2, x3, y0, y1, y2, y3); |
| 303 | keying(y0, y1, y2, y3, key->subkeys[ 3]); |
| 304 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 305 | InvRND02(x0, x1, x2, x3, y0, y1, y2, y3); |
| 306 | keying(y0, y1, y2, y3, key->subkeys[ 2]); |
| 307 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 308 | InvRND01(x0, x1, x2, x3, y0, y1, y2, y3); |
| 309 | keying(y0, y1, y2, y3, key->subkeys[ 1]); |
| 310 | inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); |
| 311 | InvRND00(x0, x1, x2, x3, y0, y1, y2, y3); |
| 312 | x0 = y0; x1 = y1; x2 = y2; x3 = y3; |
| 313 | keying(x0, x1, x2, x3, key->subkeys[ 0]); |
| 314 | /* The plaintext is now in x */ |
| 315 | |
| 316 | plaintext[0] = x0; |
| 317 | plaintext[1] = x1; |
| 318 | plaintext[2] = x2; |
| 319 | plaintext[3] = x3; |
| 320 | } |