[apple/xnu.git] / bsd / crypto / rc5 / rc5.c

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
#include <crypto/rc5/rc5.h>


void
set_rc5_expandkey(e_key, key, keylen, rounds)
	RC5_WORD *e_key;
	u_int8_t *key;
	size_t keylen;
	int rounds;
{
	int i, j, k, LL, t, T;
	RC5_WORD L[256/WW];
	RC5_WORD A, B;

	LL = (keylen + WW - 1) / WW;

	bzero(L, sizeof(RC5_WORD)*LL);

	for (i = 0; i < keylen; i++) {
		t = (key[i] & 0xff) << (8*(i%4));
		L[i/WW] = L[i/WW] + t;
	}

	T = 2 * (rounds + 1);
	e_key[0] = Pw;
	for (i = 1; i < T; i++)
		e_key[i] = e_key[i-1] + Qw;

	i = j = 0;
	A = B = 0;
	if (LL > T)
		k = 3 * LL;
	else
		k = 3 * T;

	for (; k > 0; k--) {
		A = ROTL(e_key[i]+A+B, 3, W);
		e_key[i] = A;
		B = ROTL(L[j]+A+B, A+B, W);
		L[j] = B;

		i = (i + 1) % T;
		j = (j + 1) % LL;
	}
}


/*
 *
 */
void
rc5_encrypt_round16(out, in, e_key)
	u_int8_t *out;
	const u_int8_t *in;
	const RC5_WORD *e_key;
{
	RC5_WORD A, B;
	const RC5_WORD *e_keyA, *e_keyB;

	A  =  in[0] & 0xff;
	A += (in[1] & 0xff) << 8;
	A += (in[2] & 0xff) << 16;
	A += (in[3] & 0xff) << 24;
	B  =  in[4] & 0xff;
	B += (in[5] & 0xff) << 8;
	B += (in[6] & 0xff) << 16;
	B += (in[7] & 0xff) << 24;

	e_keyA = e_key;
	e_keyB = e_key + 1;

	A += *e_keyA; e_keyA += 2;
	B += *e_keyB; e_keyB += 2;

	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2; /* round 4 */
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2; /* round 8 */
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2; /* round 12 */
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2; /* round 16 */

	out[0] =  A        & 0xff;
	out[1] = (A >>  8) & 0xff;
	out[2] = (A >> 16) & 0xff;
	out[3] = (A >> 24) & 0xff;
	out[4] =  B        & 0xff;
	out[5] = (B >>  8) & 0xff;
	out[6] = (B >> 16) & 0xff;
	out[7] = (B >> 24) & 0xff;
}


/*
 *
 */
void
rc5_decrypt_round16(out, in, e_key)
	u_int8_t *out;
	const u_int8_t *in;
	const RC5_WORD *e_key;
{
	RC5_WORD A, B;
	const RC5_WORD *e_keyA, *e_keyB;

	A  =  in[0] & 0xff;
	A += (in[1] & 0xff) << 8;
	A += (in[2] & 0xff) << 16;
	A += (in[3] & 0xff) << 24;
	B  =  in[4] & 0xff;
	B += (in[5] & 0xff) << 8;
	B += (in[6] & 0xff) << 16;
	B += (in[7] & 0xff) << 24;

	e_keyA = e_key + 2*16;
	e_keyB = e_key + 2*16 + 1;

	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2; /* round 4 */
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2; /* round 8 */
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2; /* round 12 */
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2; /* round 16 */

	B = B - *e_keyB;
	A = A - *e_keyA;

	out[0] =  A        & 0xff;
	out[1] = (A >>  8) & 0xff;
	out[2] = (A >> 16) & 0xff;
	out[3] = (A >> 24) & 0xff;
	out[4] =  B        & 0xff;
	out[5] = (B >>  8) & 0xff;
	out[6] = (B >> 16) & 0xff;
	out[7] = (B >> 24) & 0xff;
}
Commit	Line	Data
1c79356b A	1	/*
	2	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	3	* All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. Neither the name of the project nor the names of its contributors
	14	* may be used to endorse or promote products derived from this software
	15	* without specific prior written permission.
	16	*
	17	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	18	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	19	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	20	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	21	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	22	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	23	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	24	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	25	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	26	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	27	* SUCH DAMAGE.
	28	*/
	29	#include <crypto/rc5/rc5.h>
	30
	31
	32	void
	33	set_rc5_expandkey(e_key, key, keylen, rounds)
	34	RC5_WORD *e_key;
	35	u_int8_t *key;
	36	size_t keylen;
	37	int rounds;
	38	{
	39	int i, j, k, LL, t, T;
	40	RC5_WORD L[256/WW];
	41	RC5_WORD A, B;
	42
	43	LL = (keylen + WW - 1) / WW;
	44
	45	bzero(L, sizeof(RC5_WORD)*LL);
	46
	47	for (i = 0; i < keylen; i++) {
	48	t = (key[i] & 0xff) << (8*(i%4));
	49	L[i/WW] = L[i/WW] + t;
	50	}
	51
	52	T = 2 * (rounds + 1);
	53	e_key[0] = Pw;
	54	for (i = 1; i < T; i++)
	55	e_key[i] = e_key[i-1] + Qw;
	56
	57	i = j = 0;
	58	A = B = 0;
	59	if (LL > T)
	60	k = 3 * LL;
	61	else
	62	k = 3 * T;
	63
	64	for (; k > 0; k--) {
65	A = ROTL(e_key[i]+A+B, 3, W);
66	e_key[i] = A;
67	B = ROTL(L[j]+A+B, A+B, W);
68	L[j] = B;
69
70	i = (i + 1) % T;
71	j = (j + 1) % LL;
72	}
73	}
74
75
76	/*
77	*
78	*/
79	void
80	rc5_encrypt_round16(out, in, e_key)
81	u_int8_t *out;
82	const u_int8_t *in;
83	const RC5_WORD *e_key;
84	{
85	RC5_WORD A, B;
86	const RC5_WORD e_keyA, e_keyB;
87
88	A = in[0] & 0xff;
89	A += (in[1] & 0xff) << 8;
90	A += (in[2] & 0xff) << 16;
91	A += (in[3] & 0xff) << 24;
92	B = in[4] & 0xff;
93	B += (in[5] & 0xff) << 8;
94	B += (in[6] & 0xff) << 16;
95	B += (in[7] & 0xff) << 24;
96
97	e_keyA = e_key;
98	e_keyB = e_key + 1;
99
100	A += *e_keyA; e_keyA += 2;
101	B += *e_keyB; e_keyB += 2;
102
103	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
104	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
105	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
106	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
107	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
108	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
109	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
110	B = ROTL(B^A, A, W) + e_keyB; e_keyB += 2; / round 4 */
111	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
112	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
113	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
114	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
115	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
116	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
117	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
118	B = ROTL(B^A, A, W) + e_keyB; e_keyB += 2; / round 8 */
119	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
120	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
121	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
122	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
123	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
124	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
125	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
126	B = ROTL(B^A, A, W) + e_keyB; e_keyB += 2; / round 12 */
127	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
128	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
129	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
130	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
131	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
132	B = ROTL(B^A, A, W) + *e_keyB; e_keyB += 2;
133	A = ROTL(A^B, B, W) + *e_keyA; e_keyA += 2;
134	B = ROTL(B^A, A, W) + e_keyB; e_keyB += 2; / round 16 */
135
136	out[0] = A & 0xff;
137	out[1] = (A >> 8) & 0xff;
138	out[2] = (A >> 16) & 0xff;
139	out[3] = (A >> 24) & 0xff;
140	out[4] = B & 0xff;
141	out[5] = (B >> 8) & 0xff;
142	out[6] = (B >> 16) & 0xff;
143	out[7] = (B >> 24) & 0xff;
144	}
145
146
147	/*
148	*
149	*/
150	void
151	rc5_decrypt_round16(out, in, e_key)
152	u_int8_t *out;
153	const u_int8_t *in;
154	const RC5_WORD *e_key;
155	{
156	RC5_WORD A, B;
157	const RC5_WORD e_keyA, e_keyB;
158
159	A = in[0] & 0xff;
160	A += (in[1] & 0xff) << 8;
161	A += (in[2] & 0xff) << 16;
162	A += (in[3] & 0xff) << 24;
163	B = in[4] & 0xff;
164	B += (in[5] & 0xff) << 8;
165	B += (in[6] & 0xff) << 16;
166	B += (in[7] & 0xff) << 24;
167
168	e_keyA = e_key + 2*16;
169	e_keyB = e_key + 2*16 + 1;
170
171	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
172	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
173	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
174	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
175	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
176	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
177	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
178	A = ROTR(A-e_keyA, B, W) ^ B; e_keyA -= 2; / round 4 */
179	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
180	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
181	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
182	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
183	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
184	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
185	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
186	A = ROTR(A-e_keyA, B, W) ^ B; e_keyA -= 2; / round 8 */
187	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
188	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
189	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
190	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
191	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
192	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
193	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
194	A = ROTR(A-e_keyA, B, W) ^ B; e_keyA -= 2; / round 12 */
195	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
196	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
197	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
198	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
199	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
200	A = ROTR(A-*e_keyA, B, W) ^ B; e_keyA -= 2;
201	B = ROTR(B-*e_keyB, A, W) ^ A; e_keyB -= 2;
202	A = ROTR(A-e_keyA, B, W) ^ B; e_keyA -= 2; / round 16 */
203
204	B = B - *e_keyB;
205	A = A - *e_keyA;
206
207	out[0] = A & 0xff;
208	out[1] = (A >> 8) & 0xff;
209	out[2] = (A >> 16) & 0xff;
210	out[3] = (A >> 24) & 0xff;
211	out[4] = B & 0xff;
212	out[5] = (B >> 8) & 0xff;
213	out[6] = (B >> 16) & 0xff;
214	out[7] = (B >> 24) & 0xff;
215	}
216