diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c index bfbfe7f..dbca8ea 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,10 +21,10 @@ #define NROUND2 128*8 /*optimized state update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i; - unsigned int t1, t2, t3, t4; + uint32_t i; + uint32_t t1, t2, t3, t4; //in each iteration, we compute 128 rounds of the state update function. for (i = 0; i < (number_of_steps >> 5); i = i+4) @@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[0]; + state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[0]; t1 = (state[2] >> 15) | (state[3] << 17); t2 = (state[3] >> 6) | (state[0] << 26); t3 = (state[3] >> 21) | (state[0] << 11); t4 = (state[3] >> 27) | (state[0] << 5); - state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[1]; + state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[1]; t1 = (state[3] >> 15) | (state[0] << 17); t2 = (state[0] >> 6) | (state[1] << 26); t3 = (state[0] >> 21) | (state[1] << 11); t4 = (state[0] >> 27) | (state[1] << 5); - state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[2]; + state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[2]; t1 = (state[0] >> 15) | (state[1] << 17); t2 = (state[1] >> 6) | (state[2] << 26); t3 = (state[1] >> 21) | (state[2] << 11); t4 = (state[1] >> 27) | (state[2] << 5); - state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[3]; + state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[3]; } } // The initialization /* The input to initialization is the 128-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -109,9 +110,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -124,8 +125,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -143,11 +144,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -166,9 +167,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -183,8 +184,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -202,11 +203,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); } diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c index cf7ac85..4f42fa8 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,17 +21,17 @@ #define NROUND2 128*8 /*no-optimized date update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i; - unsigned int t1, t2, t3, t4, feedback; + uint32_t i; + uint32_t t1, t2, t3, t4, feedback; for (i = 0; i < (number_of_steps >> 5); i++) { t1 = (state[1] >> 15) | (state[2] << 17); // 47 = 1*32+15 t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[i & 3]; + feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[i & 3]; // shift 32 bit positions state[0] = state[1]; state[1] = state[2]; state[2] = state[3]; state[3] = feedback ; @@ -39,7 +40,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu // The initialization /* The input to initialization is the 128-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -54,21 +55,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -92,9 +93,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -107,8 +108,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -126,11 +127,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -149,9 +150,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -166,8 +167,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -185,11 +186,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); } diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c index 23c6998..ca92863 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,10 +21,10 @@ #define NROUND2 128*9 /*optimized state update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i, temp; - unsigned int t1, t2, t3, t4; + uint32_t i, temp; + uint32_t t1, t2, t3, t4; //in each iteration, we compute 192 rounds of the state update function. for (i = 0; i < (number_of_steps >> 5); i = i+6) { @@ -31,37 +32,37 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[0]; + state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[0]; t1 = (state[2] >> 15) | (state[3] << 17); t2 = (state[3] >> 6) | (state[0] << 26); t3 = (state[3] >> 21) | (state[0] << 11); t4 = (state[3] >> 27) | (state[0] << 5); - state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[1]; + state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[1]; t1 = (state[3] >> 15) | (state[0] << 17); t2 = (state[0] >> 6) | (state[1] << 26); t3 = (state[0] >> 21) | (state[1] << 11); t4 = (state[0] >> 27) | (state[1] << 5); - state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[2]; + state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[2]; t1 = (state[0] >> 15) | (state[1] << 17); t2 = (state[1] >> 6) | (state[2] << 26); t3 = (state[1] >> 21) | (state[2] << 11); t4 = (state[1] >> 27) | (state[2] << 5); - state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[3]; + state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[3]; t1 = (state[1] >> 15) | (state[2] << 17); t2 = (state[2] >> 6) | (state[3] << 26); t3 = (state[2] >> 21) | (state[3] << 11); t4 = (state[2] >> 27) | (state[3] << 5); - state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[4]; + state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[4]; t1 = (state[2] >> 15) | (state[3] << 17); t2 = (state[3] >> 6) | (state[0] << 26); t3 = (state[3] >> 21) | (state[0] << 11); t4 = (state[3] >> 27) | (state[0] << 5); - state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[5]; + state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[5]; //shift the state by 64-bit position temp = state[0]; state[0] = state[2]; state[2] = temp; @@ -71,7 +72,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu // The initialization /* The input to initialization is the 192-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -86,21 +87,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -124,9 +125,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -139,8 +140,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -158,11 +159,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -181,9 +182,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -198,8 +199,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -218,11 +219,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); } diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c index fe4c2bc..15e02df 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,10 +21,10 @@ #define NROUND2 128*9 /*no-optimized state update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i; - unsigned int t1, t2, t3, t4, feedback; + uint32_t i; + uint32_t t1, t2, t3, t4, feedback; for (i = 0; i < (number_of_steps >> 5); i++) { @@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[i % 6]; + feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[i % 6]; // shift 32 bit positions state[0] = state[1]; state[1] = state[2]; state[2] = state[3]; state[3] = feedback; @@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu // The initialization /* The input to initialization is the 192-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -93,9 +94,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -108,8 +109,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -127,11 +128,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -150,9 +151,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -167,8 +168,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -187,11 +188,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); } diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c index f2f9545..f28b362 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,10 +21,10 @@ #define NROUND2 128*10 /*optimized state update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i, j; - unsigned int t1, t2, t3, t4; + uint32_t i, j; + uint32_t t1, t2, t3, t4; //in each iteration, we compute 128 rounds of the state update function. for (i = 0, j = 0; i < (number_of_steps >> 5); i = i+4) @@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[(j++)&7]; + state[0] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[(j++)&7]; t1 = (state[2] >> 15) | (state[3] << 17); t2 = (state[3] >> 6) | (state[0] << 26); t3 = (state[3] >> 21) | (state[0] << 11); t4 = (state[3] >> 27) | (state[0] << 5); - state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[(j++) & 7]; + state[1] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[(j++) & 7]; t1 = (state[3] >> 15) | (state[0] << 17); t2 = (state[0] >> 6) | (state[1] << 26); t3 = (state[0] >> 21) | (state[1] << 11); t4 = (state[0] >> 27) | (state[1] << 5); - state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[(j++) & 7]; + state[2] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[(j++) & 7]; t1 = (state[0] >> 15) | (state[1] << 17); t2 = (state[1] >> 6) | (state[2] << 26); t3 = (state[1] >> 21) | (state[2] << 11); t4 = (state[1] >> 27) | (state[2] << 5); - state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[(j++) & 7]; + state[3] ^= t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[(j++) & 7]; } } // The initialization /* The input to initialization is the 128-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -109,9 +110,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -124,8 +125,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -143,11 +144,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -166,9 +167,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -183,8 +184,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -202,11 +203,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); } diff --git a/tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c b/tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c index 2e661d5..e6464ba 100644 --- a/tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c +++ b/tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c @@ -9,6 +9,7 @@ #include #include +#include #include "crypto_aead.h" #define FrameBitsIV 0x10 @@ -20,10 +21,10 @@ #define NROUND2 128*10 /*non-optimized state update function*/ -void state_update(unsigned int *state, const unsigned char *key, unsigned int number_of_steps) +void state_update(uint32_t *state, const unsigned char *key, uint32_t number_of_steps) { - unsigned int i; - unsigned int t1, t2, t3, t4, feedback; + uint32_t i; + uint32_t t1, t2, t3, t4, feedback; //in each iteration, we compute 256 steps of the state update function. for (i = 0; i < (number_of_steps >> 5); i++) { @@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu t2 = (state[2] >> 6) | (state[3] << 26); // 47 + 23 = 70 = 2*32 + 6 t3 = (state[2] >> 21) | (state[3] << 11); // 47 + 23 + 15 = 85 = 2*32 + 21 t4 = (state[2] >> 27) | (state[3] << 5); // 47 + 23 + 15 + 6 = 91 = 2*32 + 27 - feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((unsigned int*)key)[i & 7]; + feedback = state[0] ^ t1 ^ (~(t2 & t3)) ^ t4 ^ ((uint32_t*)key)[i & 7]; // shift 32 bit positions state[0] = state[1]; state[1] = state[2]; state[2] = state[3]; state[3] = feedback; @@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu // The initialization /* The input to initialization is the 128-bit key; 96-bit IV;*/ -void initialization(const unsigned char *key, const unsigned char *iv, unsigned int *state) +void initialization(const unsigned char *key, const unsigned char *iv, uint32_t *state) { int i; @@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned { state[1] ^= FrameBitsIV; state_update(state, key, NROUND1); - state[3] ^= ((unsigned int*)iv)[i]; + state[3] ^= ((uint32_t*)iv)[i]; } } //process the associated data -void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, unsigned int *state) +void process_ad(const unsigned char *k, const unsigned char *ad, unsigned long long adlen, uint32_t *state) { unsigned long long i; - unsigned int j; + uint32_t j; for (i = 0; i < (adlen >> 2); i++) { state[1] ^= FrameBitsAD; state_update(state, k, NROUND1); - state[3] ^= ((unsigned int*)ad)[i]; + state[3] ^= ((uint32_t*)ad)[i]; } // if adlen is not a multiple of 4, we process the remaining bytes @@ -93,9 +94,9 @@ int crypto_aead_encrypt( ) { unsigned long long i; - unsigned int j; + uint32_t j; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; //initialization stage initialization(k, npub, state); @@ -108,8 +109,8 @@ int crypto_aead_encrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - state[3] ^= ((unsigned int*)m)[i]; - ((unsigned int*)c)[i] = state[2] ^ ((unsigned int*)m)[i]; + state[3] ^= ((uint32_t*)m)[i]; + ((uint32_t*)c)[i] = state[2] ^ ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((mlen & 3) > 0) @@ -127,11 +128,11 @@ int crypto_aead_encrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; *clen = mlen + 8; memcpy(c + mlen, mac, 8); @@ -150,9 +151,9 @@ int crypto_aead_decrypt( ) { unsigned long long i; - unsigned int j, check = 0; + uint32_t j, check = 0; unsigned char mac[8]; - unsigned int state[4]; + uint32_t state[4]; *mlen = clen - 8; @@ -167,8 +168,8 @@ int crypto_aead_decrypt( { state[1] ^= FrameBitsPC; state_update(state, k, NROUND2); - ((unsigned int*)m)[i] = state[2] ^ ((unsigned int*)c)[i]; - state[3] ^= ((unsigned int*)m)[i]; + ((uint32_t*)m)[i] = state[2] ^ ((uint32_t*)c)[i]; + state[3] ^= ((uint32_t*)m)[i]; } // if mlen is not a multiple of 4, we process the remaining bytes if ((*mlen & 3) > 0) @@ -186,11 +187,11 @@ int crypto_aead_decrypt( //finalization stage, we assume that the tag length is 8 bytes state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND2); - ((unsigned int*)mac)[0] = state[2]; + ((uint32_t*)mac)[0] = state[2]; state[1] ^= FrameBitsFinalization; state_update(state, k, NROUND1); - ((unsigned int*)mac)[1] = state[2]; + ((uint32_t*)mac)[1] = state[2]; //verification of the authentication tag for (j = 0; j < 8; j++) { check |= (mac[j] ^ c[clen - 8 + j]); }