Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
lwc
/
candidates
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
ae78ab5e
authored
May 05, 2020
by
Enrico Pozzobon
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
tinyjambu ref: changes unsigned int to uint32_t for arduino uno
parent
90acf8b3
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
143 additions
and
137 deletions
+143
-137
tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c
+25
-24
tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c
+22
-21
tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c
+27
-26
tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c
+22
-21
tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c
+25
-24
tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c
+22
-21
No files found.
tinyjambu/Implementations/crypto_aead/tinyjambu128/opt/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,10 +21,10 @@
...
@@ -20,10 +21,10 @@
#define NROUND2 128*8
#define NROUND2 128*8
/*optimized state update function*/
/*optimized state update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
;
u
int32_
t
i
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
;
u
int32_
t
t1
,
t2
,
t3
,
t4
;
//in each iteration, we compute 128 rounds of the state update function.
//in each iteration, we compute 128 rounds of the state update function.
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
4
)
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
4
)
...
@@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
0
];
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
0
];
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
1
];
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
1
];
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
2
];
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
2
];
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
3
];
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
3
];
}
}
}
}
// The initialization
// The initialization
/* The input to initialization is the 128-bit key; 96-bit IV;*/
/* The input to initialization is the 128-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -109,9 +110,9 @@ int crypto_aead_encrypt(
...
@@ -109,9 +110,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -124,8 +125,8 @@ int crypto_aead_encrypt(
...
@@ -124,8 +125,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -143,11 +144,11 @@ int crypto_aead_encrypt(
...
@@ -143,11 +144,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -166,9 +167,9 @@ int crypto_aead_decrypt(
...
@@ -166,9 +167,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -183,8 +184,8 @@ int crypto_aead_decrypt(
...
@@ -183,8 +184,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -202,11 +203,11 @@ int crypto_aead_decrypt(
...
@@ -202,11 +203,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
tinyjambu/Implementations/crypto_aead/tinyjambu128/ref/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,17 +21,17 @@
...
@@ -20,17 +21,17 @@
#define NROUND2 128*8
#define NROUND2 128*8
/*no-optimized date update function*/
/*no-optimized date update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
;
u
int32_
t
i
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
,
feedback
;
u
int32_
t
t1
,
t2
,
t3
,
t4
,
feedback
;
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
{
{
t1
=
(
state
[
1
]
>>
15
)
|
(
state
[
2
]
<<
17
);
// 47 = 1*32+15
t1
=
(
state
[
1
]
>>
15
)
|
(
state
[
2
]
<<
17
);
// 47 = 1*32+15
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
i
&
3
];
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
i
&
3
];
// shift 32 bit positions
// shift 32 bit positions
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
3
]
=
feedback
;
state
[
3
]
=
feedback
;
...
@@ -39,7 +40,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -39,7 +40,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
// The initialization
// The initialization
/* The input to initialization is the 128-bit key; 96-bit IV;*/
/* The input to initialization is the 128-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -54,21 +55,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -54,21 +55,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -92,9 +93,9 @@ int crypto_aead_encrypt(
...
@@ -92,9 +93,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -107,8 +108,8 @@ int crypto_aead_encrypt(
...
@@ -107,8 +108,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -126,11 +127,11 @@ int crypto_aead_encrypt(
...
@@ -126,11 +127,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -149,9 +150,9 @@ int crypto_aead_decrypt(
...
@@ -149,9 +150,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -166,8 +167,8 @@ int crypto_aead_decrypt(
...
@@ -166,8 +167,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -185,11 +186,11 @@ int crypto_aead_decrypt(
...
@@ -185,11 +186,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
tinyjambu/Implementations/crypto_aead/tinyjambu192/opt/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,10 +21,10 @@
...
@@ -20,10 +21,10 @@
#define NROUND2 128*9
#define NROUND2 128*9
/*optimized state update function*/
/*optimized state update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
,
temp
;
u
int32_
t
i
,
temp
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
;
u
int32_
t
t1
,
t2
,
t3
,
t4
;
//in each iteration, we compute 192 rounds of the state update function.
//in each iteration, we compute 192 rounds of the state update function.
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
6
)
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
6
)
{
{
...
@@ -31,37 +32,37 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -31,37 +32,37 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
0
];
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
0
];
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
1
];
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
1
];
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
2
];
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
2
];
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
3
];
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
3
];
t1
=
(
state
[
1
]
>>
15
)
|
(
state
[
2
]
<<
17
);
t1
=
(
state
[
1
]
>>
15
)
|
(
state
[
2
]
<<
17
);
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
4
];
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
4
];
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
5
];
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
5
];
//shift the state by 64-bit position
//shift the state by 64-bit position
temp
=
state
[
0
];
state
[
0
]
=
state
[
2
];
state
[
2
]
=
temp
;
temp
=
state
[
0
];
state
[
0
]
=
state
[
2
];
state
[
2
]
=
temp
;
...
@@ -71,7 +72,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -71,7 +72,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
// The initialization
// The initialization
/* The input to initialization is the 192-bit key; 96-bit IV;*/
/* The input to initialization is the 192-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -86,21 +87,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -86,21 +87,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -124,9 +125,9 @@ int crypto_aead_encrypt(
...
@@ -124,9 +125,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -139,8 +140,8 @@ int crypto_aead_encrypt(
...
@@ -139,8 +140,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -158,11 +159,11 @@ int crypto_aead_encrypt(
...
@@ -158,11 +159,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -181,9 +182,9 @@ int crypto_aead_decrypt(
...
@@ -181,9 +182,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -198,8 +199,8 @@ int crypto_aead_decrypt(
...
@@ -198,8 +199,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -218,11 +219,11 @@ int crypto_aead_decrypt(
...
@@ -218,11 +219,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
tinyjambu/Implementations/crypto_aead/tinyjambu192/ref/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,10 +21,10 @@
...
@@ -20,10 +21,10 @@
#define NROUND2 128*9
#define NROUND2 128*9
/*no-optimized state update function*/
/*no-optimized state update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
;
u
int32_
t
i
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
,
feedback
;
u
int32_
t
t1
,
t2
,
t3
,
t4
,
feedback
;
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
{
{
...
@@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
i
%
6
];
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
i
%
6
];
// shift 32 bit positions
// shift 32 bit positions
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
3
]
=
feedback
;
state
[
3
]
=
feedback
;
...
@@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
// The initialization
// The initialization
/* The input to initialization is the 192-bit key; 96-bit IV;*/
/* The input to initialization is the 192-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -93,9 +94,9 @@ int crypto_aead_encrypt(
...
@@ -93,9 +94,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -108,8 +109,8 @@ int crypto_aead_encrypt(
...
@@ -108,8 +109,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -127,11 +128,11 @@ int crypto_aead_encrypt(
...
@@ -127,11 +128,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -150,9 +151,9 @@ int crypto_aead_decrypt(
...
@@ -150,9 +151,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -167,8 +168,8 @@ int crypto_aead_decrypt(
...
@@ -167,8 +168,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -187,11 +188,11 @@ int crypto_aead_decrypt(
...
@@ -187,11 +188,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
tinyjambu/Implementations/crypto_aead/tinyjambu256/opt/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,10 +21,10 @@
...
@@ -20,10 +21,10 @@
#define NROUND2 128*10
#define NROUND2 128*10
/*optimized state update function*/
/*optimized state update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
,
j
;
u
int32_
t
i
,
j
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
;
u
int32_
t
t1
,
t2
,
t3
,
t4
;
//in each iteration, we compute 128 rounds of the state update function.
//in each iteration, we compute 128 rounds of the state update function.
for
(
i
=
0
,
j
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
4
)
for
(
i
=
0
,
j
=
0
;
i
<
(
number_of_steps
>>
5
);
i
=
i
+
4
)
...
@@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -32,31 +33,31 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[(
j
++
)
&
7
];
state
[
0
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[(
j
++
)
&
7
];
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t1
=
(
state
[
2
]
>>
15
)
|
(
state
[
3
]
<<
17
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t2
=
(
state
[
3
]
>>
6
)
|
(
state
[
0
]
<<
26
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t3
=
(
state
[
3
]
>>
21
)
|
(
state
[
0
]
<<
11
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
t4
=
(
state
[
3
]
>>
27
)
|
(
state
[
0
]
<<
5
);
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[(
j
++
)
&
7
];
state
[
1
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[(
j
++
)
&
7
];
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t1
=
(
state
[
3
]
>>
15
)
|
(
state
[
0
]
<<
17
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t2
=
(
state
[
0
]
>>
6
)
|
(
state
[
1
]
<<
26
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t3
=
(
state
[
0
]
>>
21
)
|
(
state
[
1
]
<<
11
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
t4
=
(
state
[
0
]
>>
27
)
|
(
state
[
1
]
<<
5
);
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[(
j
++
)
&
7
];
state
[
2
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[(
j
++
)
&
7
];
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t1
=
(
state
[
0
]
>>
15
)
|
(
state
[
1
]
<<
17
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t2
=
(
state
[
1
]
>>
6
)
|
(
state
[
2
]
<<
26
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t3
=
(
state
[
1
]
>>
21
)
|
(
state
[
2
]
<<
11
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
t4
=
(
state
[
1
]
>>
27
)
|
(
state
[
2
]
<<
5
);
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[(
j
++
)
&
7
];
state
[
3
]
^=
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[(
j
++
)
&
7
];
}
}
}
}
// The initialization
// The initialization
/* The input to initialization is the 128-bit key; 96-bit IV;*/
/* The input to initialization is the 128-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -71,21 +72,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -109,9 +110,9 @@ int crypto_aead_encrypt(
...
@@ -109,9 +110,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -124,8 +125,8 @@ int crypto_aead_encrypt(
...
@@ -124,8 +125,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -143,11 +144,11 @@ int crypto_aead_encrypt(
...
@@ -143,11 +144,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -166,9 +167,9 @@ int crypto_aead_decrypt(
...
@@ -166,9 +167,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -183,8 +184,8 @@ int crypto_aead_decrypt(
...
@@ -183,8 +184,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -202,11 +203,11 @@ int crypto_aead_decrypt(
...
@@ -202,11 +203,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
tinyjambu/Implementations/crypto_aead/tinyjambu256/ref/encrypt.c
View file @
ae78ab5e
...
@@ -9,6 +9,7 @@
...
@@ -9,6 +9,7 @@
#include <string.h>
#include <string.h>
#include <stdio.h>
#include <stdio.h>
#include <stdint.h>
#include "crypto_aead.h"
#include "crypto_aead.h"
#define FrameBitsIV 0x10
#define FrameBitsIV 0x10
...
@@ -20,10 +21,10 @@
...
@@ -20,10 +21,10 @@
#define NROUND2 128*10
#define NROUND2 128*10
/*non-optimized state update function*/
/*non-optimized state update function*/
void
state_update
(
u
nsigned
int
*
state
,
const
unsigned
char
*
key
,
unsigned
in
t
number_of_steps
)
void
state_update
(
u
int32_t
*
state
,
const
unsigned
char
*
key
,
uint32_
t
number_of_steps
)
{
{
u
nsigned
in
t
i
;
u
int32_
t
i
;
u
nsigned
in
t
t1
,
t2
,
t3
,
t4
,
feedback
;
u
int32_
t
t1
,
t2
,
t3
,
t4
,
feedback
;
//in each iteration, we compute 256 steps of the state update function.
//in each iteration, we compute 256 steps of the state update function.
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
for
(
i
=
0
;
i
<
(
number_of_steps
>>
5
);
i
++
)
{
{
...
@@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -31,7 +32,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t2
=
(
state
[
2
]
>>
6
)
|
(
state
[
3
]
<<
26
);
// 47 + 23 = 70 = 2*32 + 6
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t3
=
(
state
[
2
]
>>
21
)
|
(
state
[
3
]
<<
11
);
// 47 + 23 + 15 = 85 = 2*32 + 21
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
t4
=
(
state
[
2
]
>>
27
)
|
(
state
[
3
]
<<
5
);
// 47 + 23 + 15 + 6 = 91 = 2*32 + 27
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
nsigned
in
t
*
)
key
)[
i
&
7
];
feedback
=
state
[
0
]
^
t1
^
(
~
(
t2
&
t3
))
^
t4
^
((
u
int32_
t
*
)
key
)[
i
&
7
];
// shift 32 bit positions
// shift 32 bit positions
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
0
]
=
state
[
1
];
state
[
1
]
=
state
[
2
];
state
[
2
]
=
state
[
3
];
state
[
3
]
=
feedback
;
state
[
3
]
=
feedback
;
...
@@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
...
@@ -40,7 +41,7 @@ void state_update(unsigned int *state, const unsigned char *key, unsigned int nu
// The initialization
// The initialization
/* The input to initialization is the 128-bit key; 96-bit IV;*/
/* The input to initialization is the 128-bit key; 96-bit IV;*/
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
nsigned
in
t
*
state
)
void
initialization
(
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
u
int32_
t
*
state
)
{
{
int
i
;
int
i
;
...
@@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
...
@@ -55,21 +56,21 @@ void initialization(const unsigned char *key, const unsigned char *iv, unsigned
{
{
state
[
1
]
^=
FrameBitsIV
;
state
[
1
]
^=
FrameBitsIV
;
state_update
(
state
,
key
,
NROUND1
);
state_update
(
state
,
key
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
iv
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
iv
)[
i
];
}
}
}
}
//process the associated data
//process the associated data
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
nsigned
in
t
*
state
)
void
process_ad
(
const
unsigned
char
*
k
,
const
unsigned
char
*
ad
,
unsigned
long
long
adlen
,
u
int32_
t
*
state
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
for
(
i
=
0
;
i
<
(
adlen
>>
2
);
i
++
)
{
{
state
[
1
]
^=
FrameBitsAD
;
state
[
1
]
^=
FrameBitsAD
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
ad
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
ad
)[
i
];
}
}
// if adlen is not a multiple of 4, we process the remaining bytes
// if adlen is not a multiple of 4, we process the remaining bytes
...
@@ -93,9 +94,9 @@ int crypto_aead_encrypt(
...
@@ -93,9 +94,9 @@ int crypto_aead_encrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
;
u
int32_
t
j
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
//initialization stage
//initialization stage
initialization
(
k
,
npub
,
state
);
initialization
(
k
,
npub
,
state
);
...
@@ -108,8 +109,8 @@ int crypto_aead_encrypt(
...
@@ -108,8 +109,8 @@ int crypto_aead_encrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
((
u
nsigned
int
*
)
c
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
m
)[
i
];
((
u
int32_t
*
)
c
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
mlen
&
3
)
>
0
)
if
((
mlen
&
3
)
>
0
)
...
@@ -127,11 +128,11 @@ int crypto_aead_encrypt(
...
@@ -127,11 +128,11 @@ int crypto_aead_encrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
*
clen
=
mlen
+
8
;
*
clen
=
mlen
+
8
;
memcpy
(
c
+
mlen
,
mac
,
8
);
memcpy
(
c
+
mlen
,
mac
,
8
);
...
@@ -150,9 +151,9 @@ int crypto_aead_decrypt(
...
@@ -150,9 +151,9 @@ int crypto_aead_decrypt(
)
)
{
{
unsigned
long
long
i
;
unsigned
long
long
i
;
u
nsigned
in
t
j
,
check
=
0
;
u
int32_
t
j
,
check
=
0
;
unsigned
char
mac
[
8
];
unsigned
char
mac
[
8
];
u
nsigned
in
t
state
[
4
];
u
int32_
t
state
[
4
];
*
mlen
=
clen
-
8
;
*
mlen
=
clen
-
8
;
...
@@ -167,8 +168,8 @@ int crypto_aead_decrypt(
...
@@ -167,8 +168,8 @@ int crypto_aead_decrypt(
{
{
state
[
1
]
^=
FrameBitsPC
;
state
[
1
]
^=
FrameBitsPC
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
int
*
)
m
)[
i
]
=
state
[
2
]
^
((
unsigned
in
t
*
)
c
)[
i
];
((
u
int32_t
*
)
m
)[
i
]
=
state
[
2
]
^
((
uint32_
t
*
)
c
)[
i
];
state
[
3
]
^=
((
u
nsigned
in
t
*
)
m
)[
i
];
state
[
3
]
^=
((
u
int32_
t
*
)
m
)[
i
];
}
}
// if mlen is not a multiple of 4, we process the remaining bytes
// if mlen is not a multiple of 4, we process the remaining bytes
if
((
*
mlen
&
3
)
>
0
)
if
((
*
mlen
&
3
)
>
0
)
...
@@ -186,11 +187,11 @@ int crypto_aead_decrypt(
...
@@ -186,11 +187,11 @@ int crypto_aead_decrypt(
//finalization stage, we assume that the tag length is 8 bytes
//finalization stage, we assume that the tag length is 8 bytes
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND2
);
state_update
(
state
,
k
,
NROUND2
);
((
u
nsigned
in
t
*
)
mac
)[
0
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
0
]
=
state
[
2
];
state
[
1
]
^=
FrameBitsFinalization
;
state
[
1
]
^=
FrameBitsFinalization
;
state_update
(
state
,
k
,
NROUND1
);
state_update
(
state
,
k
,
NROUND1
);
((
u
nsigned
in
t
*
)
mac
)[
1
]
=
state
[
2
];
((
u
int32_
t
*
)
mac
)[
1
]
=
state
[
2
];
//verification of the authentication tag
//verification of the authentication tag
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
for
(
j
=
0
;
j
<
8
;
j
++
)
{
check
|=
(
mac
[
j
]
^
c
[
clen
-
8
+
j
]);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment