#include "serpent.h"
#include "serpentsboxes.h"
+#ifdef SERPENT_BIGENDIAN
+
#define GETPUT_CP(bytenum) \
(((basep) + (lenbytes) - (offset) - 4)[(bytenum)])
+#define SERPENT_DECORATE(func) serpentbe_##func
+
+#else /* !defined(SERPENT_BIGENDIAN) */
+
+#define GETPUT_CP(bytenum) \
+ (((basep) + (offset))[3-(bytenum)])
+
+#define SERPENT_DECORATE(func) serpent_##func
+
+#endif /* !defined(SERPENT_BIGENDIAN) */
+
static uint32_t serpent_get_32bit(const uint8_t *basep,
int lenbytes, int offset)
{
GETPUT_CP(3) = (char)(value);
}
-void serpent_makekey(struct keyInstance *key, int keyLen,
+void SERPENT_DECORATE(makekey)(struct keyInstance *key, int keyLen,
const uint8_t *keyMaterial)
{
int i;
key->subkeys[i][j] = k[4*i+j];
}
-void serpent_encrypt(struct keyInstance *key,
+void SERPENT_DECORATE(encrypt)(struct keyInstance *key,
const uint8_t plaintext[16],
uint8_t ciphertext[16])
{
serpent_put_32bit(ciphertext,16,12, x3);
}
-void serpent_decrypt(struct keyInstance *key,
+void SERPENT_DECORATE(decrypt)(struct keyInstance *key,
const uint8_t ciphertext[16],
uint8_t plaintext[16])
{
}
#endif /* 0 */
- serpent_makekey(&ti->cryptkey,256,key);
- serpent_makekey(&ti->mackey,256,key+32);
+ serpentbe_makekey(&ti->cryptkey,256,key);
+ serpentbe_makekey(&ti->mackey,256,key+32);
ti->cryptiv=get_uint32(key+64);
ti->maciv=get_uint32(key+68);
ti->sendseq=get_uint32(key+72);
message stays a multiple of 16 bytes long.) */
memset(iv,0,16);
put_uint32(iv, ti->maciv);
- serpent_encrypt(&ti->mackey,iv,macacc);
+ serpentbe_encrypt(&ti->mackey,iv,macacc);
/* CBCMAC: encrypt in CBC mode. The MAC is the last encrypted
block encrypted once again. */
{
for (i = 0; i < 16; i++)
macplain[i] = macacc[i] ^ n[i];
- serpent_encrypt(&ti->mackey,macplain,macacc);
+ serpentbe_encrypt(&ti->mackey,macplain,macacc);
}
- serpent_encrypt(&ti->mackey,macacc,macacc);
+ serpentbe_encrypt(&ti->mackey,macacc,macacc);
memcpy(buf_append(buf,16),macacc,16);
/* Serpent-CBC. We expand the ID as for CBCMAC, do the encryption,
and prepend the IV before increasing it. */
memset(iv,0,16);
put_uint32(iv, ti->cryptiv);
- serpent_encrypt(&ti->cryptkey,iv,iv);
+ serpentbe_encrypt(&ti->cryptkey,iv,iv);
/* CBC: each block is XORed with the previous encrypted block (or the IV)
before being encrypted. */
{
for (i = 0; i < 16; i++)
n[i] ^= p[i];
- serpent_encrypt(&ti->cryptkey,n,n);
+ serpentbe_encrypt(&ti->cryptkey,n,n);
p=n;
}
*errmsg="msg not multiple of cipher blocksize";
return 1;
}
- serpent_encrypt(&ti->cryptkey,iv,iv);
+ serpentbe_encrypt(&ti->cryptkey,iv,iv);
for (n=buf->start; n<buf->start+buf->size; n+=16)
{
for (i = 0; i < 16; i++)
pct[i] = n[i];
- serpent_decrypt(&ti->cryptkey,n,n);
+ serpentbe_decrypt(&ti->cryptkey,n,n);
for (i = 0; i < 16; i++)
n[i] ^= iv[i];
memcpy(iv, pct, 16);
macexpected=buf_unappend(buf,16);
memset(iv,0,16);
put_uint32(iv, ti->maciv);
- serpent_encrypt(&ti->mackey,iv,macacc);
+ serpentbe_encrypt(&ti->mackey,iv,macacc);
/* CBCMAC: encrypt in CBC mode. The MAC is the last encrypted
block encrypted once again. */
{
for (i = 0; i < 16; i++)
macplain[i] = macacc[i] ^ n[i];
- serpent_encrypt(&ti->mackey,macplain,macacc);
+ serpentbe_encrypt(&ti->mackey,macplain,macacc);
}
- serpent_encrypt(&ti->mackey,macacc,macacc);
+ serpentbe_encrypt(&ti->mackey,macacc,macacc);
if (!consttime_memeq(macexpected,macacc,16)!=0) {
*errmsg="invalid MAC";
return 1;
/*
* Serpent self-test.
*
- * This test pattern is taken directly from the Serpent test
- * vectors, to ensure we have all endianness issues correct. -sgt
+ * This test pattern was taken directly from the Serpent test
+ * vectors, which results in a big-endian Serpent which is not
+ * compatible with other implementations.
*/
/* Serpent self-test */
"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff"
"\xff\xee\xdd\xcc\xbb\xaa\x99\x88\x77\x66\x55\x44\x33\x22\x11\x00",
32);
- serpent_makekey(&k,256,data);
+ serpentbe_makekey(&k,256,data);
memcpy(plaintext,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10",
16);
- serpent_encrypt(&k,plaintext,ciphertext);
+ serpentbe_encrypt(&k,plaintext,ciphertext);
if (memcmp(ciphertext, "\xca\x7f\xa1\x93\xe3\xeb\x9e\x99"
"\xbd\x87\xe3\xaf\x3c\x9a\xdf\x93", 16)) {
fatal("transform_module: serpent failed self-test (encrypt)");
}
- serpent_decrypt(&k,ciphertext,plaintext);
+ serpentbe_decrypt(&k,ciphertext,plaintext);
if (memcmp(plaintext, "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10", 16)) {
fatal("transform_module: serpent failed self-test (decrypt)");