Crypto++ 8.7
Free C++ class library of cryptographic schemes
serpentp.h
1// private header for Serpent and Sosemanuk
2
3#ifndef CRYPTOPP_SERPENTP_H
4#define CRYPTOPP_SERPENTP_H
5
6NAMESPACE_BEGIN(CryptoPP)
7
8// linear transformation
9#define LT(i,a,b,c,d,e) {\
10 a = rotlConstant<13>(a); \
11 c = rotlConstant<3>(c); \
12 d = rotlConstant<7>(d ^ c ^ (a << 3)); \
13 b = rotlConstant<1>(b ^ a ^ c); \
14 a = rotlConstant<5>(a ^ b ^ d); \
15 c = rotlConstant<22>(c ^ d ^ (b << 7));}
16
17// inverse linear transformation
18#define ILT(i,a,b,c,d,e) {\
19 c = rotrConstant<22>(c); \
20 a = rotrConstant<5>(a); \
21 c ^= d ^ (b << 7); \
22 a ^= b ^ d; \
23 b = rotrConstant<1>(b); \
24 d = rotrConstant<7>(d) ^ c ^ (a << 3); \
25 b ^= a ^ c; \
26 c = rotrConstant<3>(c); \
27 a = rotrConstant<13>(a);}
28
29// order of output from S-box functions
30#define beforeS0(f) f(0,a,b,c,d,e)
31#define afterS0(f) f(1,b,e,c,a,d)
32#define afterS1(f) f(2,c,b,a,e,d)
33#define afterS2(f) f(3,a,e,b,d,c)
34#define afterS3(f) f(4,e,b,d,c,a)
35#define afterS4(f) f(5,b,a,e,c,d)
36#define afterS5(f) f(6,a,c,b,e,d)
37#define afterS6(f) f(7,a,c,d,b,e)
38#define afterS7(f) f(8,d,e,b,a,c)
39
40// order of output from inverse S-box functions
41#define beforeI7(f) f(8,a,b,c,d,e)
42#define afterI7(f) f(7,d,a,b,e,c)
43#define afterI6(f) f(6,a,b,c,e,d)
44#define afterI5(f) f(5,b,d,e,c,a)
45#define afterI4(f) f(4,b,c,e,a,d)
46#define afterI3(f) f(3,a,b,e,c,d)
47#define afterI2(f) f(2,b,d,e,c,a)
48#define afterI1(f) f(1,a,b,c,e,d)
49#define afterI0(f) f(0,a,d,b,e,c)
50
51// The instruction sequences for the S-box functions
52// come from Dag Arne Osvik's paper "Speeding up Serpent".
53
54#define S0(i, r0, r1, r2, r3, r4) \
55 { \
56 r3 ^= r0; \
57 r4 = r1; \
58 r1 &= r3; \
59 r4 ^= r2; \
60 r1 ^= r0; \
61 r0 |= r3; \
62 r0 ^= r4; \
63 r4 ^= r3; \
64 r3 ^= r2; \
65 r2 |= r1; \
66 r2 ^= r4; \
67 r4 = ~r4; \
68 r4 |= r1; \
69 r1 ^= r3; \
70 r1 ^= r4; \
71 r3 |= r0; \
72 r1 ^= r3; \
73 r4 ^= r3; \
74 }
75
76#define I0(i, r0, r1, r2, r3, r4) \
77 { \
78 r2 = ~r2; \
79 r4 = r1; \
80 r1 |= r0; \
81 r4 = ~r4; \
82 r1 ^= r2; \
83 r2 |= r4; \
84 r1 ^= r3; \
85 r0 ^= r4; \
86 r2 ^= r0; \
87 r0 &= r3; \
88 r4 ^= r0; \
89 r0 |= r1; \
90 r0 ^= r2; \
91 r3 ^= r4; \
92 r2 ^= r1; \
93 r3 ^= r0; \
94 r3 ^= r1; \
95 r2 &= r3; \
96 r4 ^= r2; \
97 }
98
99#define S1(i, r0, r1, r2, r3, r4) \
100 { \
101 r0 = ~r0; \
102 r2 = ~r2; \
103 r4 = r0; \
104 r0 &= r1; \
105 r2 ^= r0; \
106 r0 |= r3; \
107 r3 ^= r2; \
108 r1 ^= r0; \
109 r0 ^= r4; \
110 r4 |= r1; \
111 r1 ^= r3; \
112 r2 |= r0; \
113 r2 &= r4; \
114 r0 ^= r1; \
115 r1 &= r2; \
116 r1 ^= r0; \
117 r0 &= r2; \
118 r0 ^= r4; \
119 }
120
121#define I1(i, r0, r1, r2, r3, r4) \
122 { \
123 r4 = r1; \
124 r1 ^= r3; \
125 r3 &= r1; \
126 r4 ^= r2; \
127 r3 ^= r0; \
128 r0 |= r1; \
129 r2 ^= r3; \
130 r0 ^= r4; \
131 r0 |= r2; \
132 r1 ^= r3; \
133 r0 ^= r1; \
134 r1 |= r3; \
135 r1 ^= r0; \
136 r4 = ~r4; \
137 r4 ^= r1; \
138 r1 |= r0; \
139 r1 ^= r0; \
140 r1 |= r4; \
141 r3 ^= r1; \
142 }
143
144#define S2(i, r0, r1, r2, r3, r4) \
145 { \
146 r4 = r0; \
147 r0 &= r2; \
148 r0 ^= r3; \
149 r2 ^= r1; \
150 r2 ^= r0; \
151 r3 |= r4; \
152 r3 ^= r1; \
153 r4 ^= r2; \
154 r1 = r3; \
155 r3 |= r4; \
156 r3 ^= r0; \
157 r0 &= r1; \
158 r4 ^= r0; \
159 r1 ^= r3; \
160 r1 ^= r4; \
161 r4 = ~r4; \
162 }
163
164#define I2(i, r0, r1, r2, r3, r4) \
165 { \
166 r2 ^= r3; \
167 r3 ^= r0; \
168 r4 = r3; \
169 r3 &= r2; \
170 r3 ^= r1; \
171 r1 |= r2; \
172 r1 ^= r4; \
173 r4 &= r3; \
174 r2 ^= r3; \
175 r4 &= r0; \
176 r4 ^= r2; \
177 r2 &= r1; \
178 r2 |= r0; \
179 r3 = ~r3; \
180 r2 ^= r3; \
181 r0 ^= r3; \
182 r0 &= r1; \
183 r3 ^= r4; \
184 r3 ^= r0; \
185 }
186
187#define S3(i, r0, r1, r2, r3, r4) \
188 { \
189 r4 = r0; \
190 r0 |= r3; \
191 r3 ^= r1; \
192 r1 &= r4; \
193 r4 ^= r2; \
194 r2 ^= r3; \
195 r3 &= r0; \
196 r4 |= r1; \
197 r3 ^= r4; \
198 r0 ^= r1; \
199 r4 &= r0; \
200 r1 ^= r3; \
201 r4 ^= r2; \
202 r1 |= r0; \
203 r1 ^= r2; \
204 r0 ^= r3; \
205 r2 = r1; \
206 r1 |= r3; \
207 r1 ^= r0; \
208 }
209
210#define I3(i, r0, r1, r2, r3, r4) \
211 { \
212 r4 = r2; \
213 r2 ^= r1; \
214 r1 &= r2; \
215 r1 ^= r0; \
216 r0 &= r4; \
217 r4 ^= r3; \
218 r3 |= r1; \
219 r3 ^= r2; \
220 r0 ^= r4; \
221 r2 ^= r0; \
222 r0 |= r3; \
223 r0 ^= r1; \
224 r4 ^= r2; \
225 r2 &= r3; \
226 r1 |= r3; \
227 r1 ^= r2; \
228 r4 ^= r0; \
229 r2 ^= r4; \
230 }
231
232#define S4(i, r0, r1, r2, r3, r4) \
233 { \
234 r1 ^= r3; \
235 r3 = ~r3; \
236 r2 ^= r3; \
237 r3 ^= r0; \
238 r4 = r1; \
239 r1 &= r3; \
240 r1 ^= r2; \
241 r4 ^= r3; \
242 r0 ^= r4; \
243 r2 &= r4; \
244 r2 ^= r0; \
245 r0 &= r1; \
246 r3 ^= r0; \
247 r4 |= r1; \
248 r4 ^= r0; \
249 r0 |= r3; \
250 r0 ^= r2; \
251 r2 &= r3; \
252 r0 = ~r0; \
253 r4 ^= r2; \
254 }
255
256#define I4(i, r0, r1, r2, r3, r4) \
257 { \
258 r4 = r2; \
259 r2 &= r3; \
260 r2 ^= r1; \
261 r1 |= r3; \
262 r1 &= r0; \
263 r4 ^= r2; \
264 r4 ^= r1; \
265 r1 &= r2; \
266 r0 = ~r0; \
267 r3 ^= r4; \
268 r1 ^= r3; \
269 r3 &= r0; \
270 r3 ^= r2; \
271 r0 ^= r1; \
272 r2 &= r0; \
273 r3 ^= r0; \
274 r2 ^= r4; \
275 r2 |= r3; \
276 r3 ^= r0; \
277 r2 ^= r1; \
278 }
279
280#define S5(i, r0, r1, r2, r3, r4) \
281 { \
282 r0 ^= r1; \
283 r1 ^= r3; \
284 r3 = ~r3; \
285 r4 = r1; \
286 r1 &= r0; \
287 r2 ^= r3; \
288 r1 ^= r2; \
289 r2 |= r4; \
290 r4 ^= r3; \
291 r3 &= r1; \
292 r3 ^= r0; \
293 r4 ^= r1; \
294 r4 ^= r2; \
295 r2 ^= r0; \
296 r0 &= r3; \
297 r2 = ~r2; \
298 r0 ^= r4; \
299 r4 |= r3; \
300 r2 ^= r4; \
301 }
302
303#define I5(i, r0, r1, r2, r3, r4) \
304 { \
305 r1 = ~r1; \
306 r4 = r3; \
307 r2 ^= r1; \
308 r3 |= r0; \
309 r3 ^= r2; \
310 r2 |= r1; \
311 r2 &= r0; \
312 r4 ^= r3; \
313 r2 ^= r4; \
314 r4 |= r0; \
315 r4 ^= r1; \
316 r1 &= r2; \
317 r1 ^= r3; \
318 r4 ^= r2; \
319 r3 &= r4; \
320 r4 ^= r1; \
321 r3 ^= r0; \
322 r3 ^= r4; \
323 r4 = ~r4; \
324 }
325
326#define S6(i, r0, r1, r2, r3, r4) \
327 { \
328 r2 = ~r2; \
329 r4 = r3; \
330 r3 &= r0; \
331 r0 ^= r4; \
332 r3 ^= r2; \
333 r2 |= r4; \
334 r1 ^= r3; \
335 r2 ^= r0; \
336 r0 |= r1; \
337 r2 ^= r1; \
338 r4 ^= r0; \
339 r0 |= r3; \
340 r0 ^= r2; \
341 r4 ^= r3; \
342 r4 ^= r0; \
343 r3 = ~r3; \
344 r2 &= r4; \
345 r2 ^= r3; \
346 }
347
348#define I6(i, r0, r1, r2, r3, r4) \
349 { \
350 r0 ^= r2; \
351 r4 = r2; \
352 r2 &= r0; \
353 r4 ^= r3; \
354 r2 = ~r2; \
355 r3 ^= r1; \
356 r2 ^= r3; \
357 r4 |= r0; \
358 r0 ^= r2; \
359 r3 ^= r4; \
360 r4 ^= r1; \
361 r1 &= r3; \
362 r1 ^= r0; \
363 r0 ^= r3; \
364 r0 |= r2; \
365 r3 ^= r1; \
366 r4 ^= r0; \
367 }
368
369#define S7(i, r0, r1, r2, r3, r4) \
370 { \
371 r4 = r2; \
372 r2 &= r1; \
373 r2 ^= r3; \
374 r3 &= r1; \
375 r4 ^= r2; \
376 r2 ^= r1; \
377 r1 ^= r0; \
378 r0 |= r4; \
379 r0 ^= r2; \
380 r3 ^= r1; \
381 r2 ^= r3; \
382 r3 &= r0; \
383 r3 ^= r4; \
384 r4 ^= r2; \
385 r2 &= r0; \
386 r4 = ~r4; \
387 r2 ^= r4; \
388 r4 &= r0; \
389 r1 ^= r3; \
390 r4 ^= r1; \
391 }
392
393#define I7(i, r0, r1, r2, r3, r4) \
394 { \
395 r4 = r2; \
396 r2 ^= r0; \
397 r0 &= r3; \
398 r2 = ~r2; \
399 r4 |= r3; \
400 r3 ^= r1; \
401 r1 |= r0; \
402 r0 ^= r2; \
403 r2 &= r4; \
404 r1 ^= r2; \
405 r2 ^= r0; \
406 r0 |= r2; \
407 r3 &= r4; \
408 r0 ^= r3; \
409 r4 ^= r1; \
410 r3 ^= r4; \
411 r4 |= r0; \
412 r3 ^= r2; \
413 r4 ^= r2; \
414 }
415
416// key xor
417#define KX(r, a, b, c, d, e) {\
418 a ^= k[4 * r + 0]; \
419 b ^= k[4 * r + 1]; \
420 c ^= k[4 * r + 2]; \
421 d ^= k[4 * r + 3];}
422
423#define LK(r, a, b, c, d, e) {\
424 a = k[(8-r)*4 + 0]; \
425 b = k[(8-r)*4 + 1]; \
426 c = k[(8-r)*4 + 2]; \
427 d = k[(8-r)*4 + 3];}
428
429#define SK(r, a, b, c, d, e) {\
430 k[(8-r)*4 + 4] = a; \
431 k[(8-r)*4 + 5] = b; \
432 k[(8-r)*4 + 6] = c; \
433 k[(8-r)*4 + 7] = d;}
434
435void Serpent_KeySchedule(word32 *k, unsigned int rounds, const byte *userKey, size_t keylen);
436
437NAMESPACE_END
438
439#endif // CRYPTOPP_SERPENTP_H
word32
unsigned int word32
32-bit unsigned datatype
Definition: config_int.h:62
CryptoPP
Crypto++ library namespace.
Generated on Thu Aug 25 2022 17:44:25 for Crypto++ by doxygen 1.9.4