Skip to content

lwc / candidates

Go to a project
Switch branch/tag
Find file
Normal viewHistoryPermalink
encrypt.c 5.27 KB
Newer Older
knot armcortex
3f904077
 
KNOT team committed
1 2 3 
#include"auxFormat.h"

#define aead_RATE (128 / 8)
knot
727508dc
 
Wentao Zhang committed
4 5 6 7 8 9 10 11 12 13 14 15 16 


#define PR0_ROUNDS 100
#define PR_ROUNDS 52
#define PRF_ROUNDS 56
/*

#define PR0_ROUNDS 100
#define PR_ROUNDS 76
#define PRF_ROUNDS 80
knot armcortex
3f904077
 
KNOT team committed
17 18 19 
#define PR0_ROUNDS 100
#define PR_ROUNDS 52
#define PRF_ROUNDS 56
knot
727508dc
 
Wentao Zhang committed
20 21 

 * */
knot
8e94fb3c
 
Zhao Xuefeng committed
22 23 24 25 26 27 
void Initialize(u32 *s, const unsigned char *npub, const unsigned char *k) {
	packU128FormatToFourPacket(s, npub);
	packU128FormatToFourPacket(s + 4, npub + 16);
	packU128FormatToFourPacket(s + 8, k);
	packU128FormatToFourPacket(s + 12, k + 16);
	P512(s, constant7Format_aead, PR0_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
28 
}
knot
8e94fb3c
 
Zhao Xuefeng committed
29 
void ProcessAssocData(u32 *s, const u8* ad, unsigned long long adlen) {
knot armcortex
3f904077
 
KNOT team committed
30 
	u32 dataFormat[4] = { 0 };
knot
8e94fb3c
 
Zhao Xuefeng committed
31 
	u8 tempData[16] = { 0 };
knot armcortex
3f904077
 
KNOT team committed
32 33 34 35 36 37 38 
	if (adlen) {
		while (adlen >= aead_RATE) {
			packU128FormatToFourPacket(dataFormat, ad);
			s[0] ^= dataFormat[0];
			s[1] ^= dataFormat[1];
			s[2] ^= dataFormat[2];
			s[3] ^= dataFormat[3];
knot
8e94fb3c
 
Zhao Xuefeng committed
39 
			P512(s, constant7Format_aead, PR_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
40 41 42 43 44 45 46 47 48 49 50 
			adlen -= aead_RATE;
			ad += aead_RATE;
		}
		memset(tempData, 0, sizeof(tempData));
		memcpy(tempData, ad, adlen * sizeof(unsigned char));
		tempData[adlen] = 0x01;
		packU128FormatToFourPacket(dataFormat, tempData);
		s[0] ^= dataFormat[0];
		s[1] ^= dataFormat[1];
		s[2] ^= dataFormat[2];
		s[3] ^= dataFormat[3];
knot
8e94fb3c
 
Zhao Xuefeng committed
51 
		P512(s, constant7Format_aead, PR_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
52 53 
	}
	s[15] ^= 0x80000000;
knot
8e94fb3c
 
Zhao Xuefeng committed
54 55 56 57 58 
}
void ProcessPlaintext(u32 *s, const u8* m, unsigned long long mlen,
		unsigned char *c) {
	u32 dataFormat[4] = { 0 };
	u8 tempData[16] = { 0 };
knot armcortex
3f904077
 
KNOT team committed
59 60 61 62 63 64 65 66 
	if (mlen) {
		while (mlen >= aead_RATE) {
			packU128FormatToFourPacket(dataFormat, m);
			s[0] ^= dataFormat[0];
			s[1] ^= dataFormat[1];
			s[2] ^= dataFormat[2];
			s[3] ^= dataFormat[3];
			unpackU128FormatToFourPacket(c, s);
knot
8e94fb3c
 
Zhao Xuefeng committed
67 
			P512(s, constant7Format_aead, PR_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
68 69 70 71 72 73 
			mlen -= aead_RATE;
			m += aead_RATE;
			c += aead_RATE;
		}
		memset(tempData, 0, sizeof(tempData));
		memcpy(tempData, m, mlen * sizeof(unsigned char));
knot
8e94fb3c
 
Zhao Xuefeng committed
74 
		tempData[mlen] = 0x01;
knot armcortex
3f904077
 
KNOT team committed
75 76 77 78 79 80 81 
		packU128FormatToFourPacket(dataFormat, tempData);
		s[0] ^= dataFormat[0];
		s[1] ^= dataFormat[1];
		s[2] ^= dataFormat[2];
		s[3] ^= dataFormat[3];
		unpackU128FormatToFourPacket(tempData, s);
		memcpy(c, tempData, mlen * sizeof(unsigned char));
knot
8e94fb3c
 
Zhao Xuefeng committed
82 
		//c += mlen;
knot armcortex
3f904077
 
KNOT team committed
83 
	}
knot
8e94fb3c
 
Zhao Xuefeng committed
84 85 86 87 
}

void Finalize_GenerateTag(u32 *s, unsigned char *c) {
	P512(s, constant7Format_aead, PRF_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
88 89 
	// return tag
	unpackU128FormatToFourPacket(c, s);
knot
8e94fb3c
 
Zhao Xuefeng committed
90 
	unpackU128FormatToFourPacket(c + 16, s + 4);
knot armcortex
3f904077
 
KNOT team committed
91 
}
knot
8e94fb3c
 
Zhao Xuefeng committed
92 93 94 95 96 97 98 99 100 
int Finalize_VerifyTag(u32 *s, const unsigned char *c, unsigned char *m,
		unsigned long long *mlen) {
	u8 tempU8[32] = { 0 };
	P512(s, constant7Format_aead, PRF_ROUNDS);
	unpackU128FormatToFourPacket(tempU8, s);
	unpackU128FormatToFourPacket(tempU8 + 16, s + 4);
	if (memcmp((void*) tempU8, (void*) (c), CRYPTO_ABYTES)) {
		memset(m, 0, sizeof(unsigned char) * (*mlen));
		*mlen = 0;
knot armcortex
3f904077
 
KNOT team committed
101 102 
		return -1;
	}
knot
8e94fb3c
 
Zhao Xuefeng committed
103 104 105 106 107 108 
	return 0;
}
void ProcessCiphertext(u32 *s, unsigned char *m, const unsigned char *c,
		unsigned long long clen) {
	u32 dataFormat[8] = { 0 };
	u32 dataFormat_1[4] = { 0 };
knot
727508dc
 
Wentao Zhang committed
109 
	u8 tempData[64] = { 0 }, tempU8[64] = { 0 };
knot armcortex
3f904077
 
KNOT team committed
110 111 
	if (clen) {
		while (clen >= aead_RATE) {
knot
8e94fb3c
 
Zhao Xuefeng committed
112 113 114 115 116 
			packU128FormatToFourPacket(dataFormat, c);
			dataFormat_1[0] = s[0] ^ dataFormat[0];
			dataFormat_1[1] = s[1] ^ dataFormat[1];
			dataFormat_1[2] = s[2] ^ dataFormat[2];
			dataFormat_1[3] = s[3] ^ dataFormat[3];
knot armcortex
3f904077
 
KNOT team committed
117 
			unpackU128FormatToFourPacket(m, dataFormat_1);
knot
8e94fb3c
 
Zhao Xuefeng committed
118 119 120 121 122 
			s[0] = dataFormat[0];
			s[1] = dataFormat[1];
			s[2] = dataFormat[2];
			s[3] = dataFormat[3];
			P512(s, constant7Format_aead, PR_ROUNDS);
knot armcortex
3f904077
 
KNOT team committed
123 124 125 126 127 
			clen -= aead_RATE;
			m += aead_RATE;
			c += aead_RATE;
		}
		unpackU128FormatToFourPacket(tempU8, s);
knot
727508dc
 
Wentao Zhang committed
128 129 130 131 132 133 134 135 136 137 138 139 140 141 
		  memset(tempData, 0, sizeof(tempData));
		  memcpy(tempData, c, clen * sizeof(unsigned char));
		  tempData[clen] = 0x01;
		  U32BIG(((u32*)tempU8)[0]) ^= U32BIG(
		    ((u32* )tempData)[0]);
		  U32BIG(((u32*)tempU8)[1]) ^= U32BIG(
		    ((u32* )tempData)[1]);
		  U32BIG(((u32*)tempU8)[2]) ^= U32BIG(
		    ((u32* )tempData)[2]);
		  U32BIG(((u32*)tempU8)[3]) ^= U32BIG(
		    ((u32* )tempData)[3]);
		  memcpy(m, tempU8, clen * sizeof(unsigned char));
		  memcpy(tempU8, tempData, clen * sizeof(unsigned char));
		  c += clen;
knot armcortex
3f904077
 
KNOT team committed
142 143 
		packU128FormatToFourPacket(s, tempU8);
	}
knot
8e94fb3c
 
Zhao Xuefeng committed
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 
}

int crypto_aead_encrypt(unsigned char *c, unsigned long long *clen,
		const unsigned char *m, unsigned long long mlen,
		const unsigned char *ad, unsigned long long adlen,
		const unsigned char *nsec, const unsigned char *npub,
		const unsigned char *k) {
	u32 s[16] = { 0 };
	*clen = mlen + CRYPTO_ABYTES;
	//initialization
	Initialize(s, npub, k);
	// process associated data

	ProcessAssocData(s, ad, adlen);

	ProcessPlaintext(s, m, mlen, c);
knot armcortex
3f904077
 
KNOT team committed
161 
	// finalization
knot
8e94fb3c
 
Zhao Xuefeng committed
162 
	Finalize_GenerateTag(s, c + mlen);
knot armcortex
3f904077
 
KNOT team committed
163 
	return 0;
knot
8e94fb3c
 
Zhao Xuefeng committed
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 
}
int crypto_aead_decrypt(unsigned char *m, unsigned long long *mlen,
		unsigned char *nsec, const unsigned char *c, unsigned long long clen,
		const unsigned char *ad, unsigned long long adlen,
		const unsigned char *npub, const unsigned char *k) {
	u32 s[16] = { 0 };
	if (clen < CRYPTO_ABYTES)
		return -1;
	*mlen = clen - CRYPTO_ABYTES;
	//initialization
	Initialize(s, npub, k);
	ProcessAssocData(s, ad, adlen);
	ProcessCiphertext(s, m, c, clen - CRYPTO_ABYTES);
	// finalization		
	return Finalize_VerifyTag(s, c + clen - CRYPTO_KEYBYTES, m, mlen);
}