Crypto++
3way.cpp
1 // 3way.cpp - modifed by Wei Dai from Joan Daemen's 3way.c
2 // The original code and all modifications are in the public domain.
3 
4 #include "pch.h"
5 #include "3way.h"
6 #include "misc.h"
7 
8 NAMESPACE_BEGIN(CryptoPP)
9 
10 void ThreeWay_TestInstantiations()
11 {
12  ThreeWay::Encryption x1;
13  ThreeWay::Decryption x2;
14 }
15 
16 static const word32 START_E = 0x0b0b; // round constant of first encryption round
17 static const word32 START_D = 0xb1b1; // round constant of first decryption round
18 static const word32 RC_MODULUS = 0x11011;
19 
20 static inline word32 reverseBits(word32 a)
21 {
22  a = ((a & 0xAAAAAAAA) >> 1) | ((a & 0x55555555) << 1);
23  a = ((a & 0xCCCCCCCC) >> 2) | ((a & 0x33333333) << 2);
24  return ((a & 0xF0F0F0F0) >> 4) | ((a & 0x0F0F0F0F) << 4);
25 }
26 
27 #define mu(a0, a1, a2) \
28 { \
29  a1 = reverseBits(a1); \
30  word32 t = reverseBits(a0); \
31  a0 = reverseBits(a2); \
32  a2 = t; \
33 }
34 
35 #define pi_gamma_pi(a0, a1, a2) \
36 { \
37  word32 b0, b2; \
38  b2 = rotlFixed(a2, 1U); \
39  b0 = rotlFixed(a0, 22U); \
40  a0 = rotlFixed(b0 ^ (a1|(~b2)), 1U); \
41  a2 = rotlFixed(b2 ^ (b0|(~a1)), 22U);\
42  a1 ^= (b2|(~b0)); \
43 }
44 
45 // thanks to Paulo Barreto for this optimized theta()
46 #define theta(a0, a1, a2) \
47 { \
48  word32 b0, b1, c; \
49  c = a0 ^ a1 ^ a2; \
50  c = rotlFixed(c, 16U) ^ rotlFixed(c, 8U); \
51  b0 = (a0 << 24) ^ (a2 >> 8) ^ (a1 << 8) ^ (a0 >> 24); \
52  b1 = (a1 << 24) ^ (a0 >> 8) ^ (a2 << 8) ^ (a1 >> 24); \
53  a0 ^= c ^ b0; \
54  a1 ^= c ^ b1; \
55  a2 ^= c ^ (b0 >> 16) ^ (b1 << 16); \
56 }
57 
58 #define rho(a0, a1, a2) \
59 { \
60  theta(a0, a1, a2); \
61  pi_gamma_pi(a0, a1, a2); \
62 }
63 
64 void ThreeWay::Base::UncheckedSetKey(const byte *uk, unsigned int length, const NameValuePairs &params)
65 {
66  AssertValidKeyLength(length);
67 
68  m_rounds = GetRoundsAndThrowIfInvalid(params, this);
69 
70  for (unsigned int i=0; i<3; i++)
71  m_k[i] = (word32)uk[4*i+3] | ((word32)uk[4*i+2]<<8) | ((word32)uk[4*i+1]<<16) | ((word32)uk[4*i]<<24);
72 
73  if (!IsForwardTransformation())
74  {
75  theta(m_k[0], m_k[1], m_k[2]);
76  mu(m_k[0], m_k[1], m_k[2]);
77  m_k[0] = ByteReverse(m_k[0]);
78  m_k[1] = ByteReverse(m_k[1]);
79  m_k[2] = ByteReverse(m_k[2]);
80  }
81 }
82 
83 void ThreeWay::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
84 {
85  typedef BlockGetAndPut<word32, BigEndian> Block;
86 
87  word32 a0, a1, a2;
88  Block::Get(inBlock)(a0)(a1)(a2);
89 
90  word32 rc = START_E;
91 
92  for(unsigned i=0; i<m_rounds; i++)
93  {
94  a0 ^= m_k[0] ^ (rc<<16);
95  a1 ^= m_k[1];
96  a2 ^= m_k[2] ^ rc;
97  rho(a0, a1, a2);
98 
99  rc <<= 1;
100  if (rc&0x10000) rc ^= 0x11011;
101  }
102  a0 ^= m_k[0] ^ (rc<<16);
103  a1 ^= m_k[1];
104  a2 ^= m_k[2] ^ rc;
105  theta(a0, a1, a2);
106 
107  Block::Put(xorBlock, outBlock)(a0)(a1)(a2);
108 }
109 
110 void ThreeWay::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
111 {
112  typedef BlockGetAndPut<word32, LittleEndian> Block;
113 
114  word32 a0, a1, a2;
115  Block::Get(inBlock)(a0)(a1)(a2);
116 
117  word32 rc = START_D;
118 
119  mu(a0, a1, a2);
120  for(unsigned i=0; i<m_rounds; i++)
121  {
122  a0 ^= m_k[0] ^ (rc<<16);
123  a1 ^= m_k[1];
124  a2 ^= m_k[2] ^ rc;
125  rho(a0, a1, a2);
126 
127  rc <<= 1;
128  if (rc&0x10000) rc ^= 0x11011;
129  }
130  a0 ^= m_k[0] ^ (rc<<16);
131  a1 ^= m_k[1];
132  a2 ^= m_k[2] ^ rc;
133  theta(a0, a1, a2);
134  mu(a0, a1, a2);
135 
136  Block::Put(xorBlock, outBlock)(a0)(a1)(a2);
137 }
138 
139 NAMESPACE_END
NameValuePairs
interface for retrieving values given their names
Definition: cryptlib.h:225
Generated on Mon Mar 23 2020 21:49:45 for Crypto++ by   doxygen 1.8.5