Botan  1.10.9
seed.cpp
Go to the documentation of this file.
1 /*
2 * SEED
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/seed.h>
9 #include <botan/loadstor.h>
10 
11 namespace Botan {
12 
13 /*
14 * SEED G Function
15 */
16 u32bit SEED::G_FUNC::operator()(u32bit X) const
17  {
18  return (S0[get_byte(3, X)] ^ S1[get_byte(2, X)] ^
19  S2[get_byte(1, X)] ^ S3[get_byte(0, X)]);
20  }
21 
22 /*
23 * SEED Encryption
24 */
25 void SEED::encrypt_n(const byte in[], byte out[], size_t blocks) const
26  {
27  for(size_t i = 0; i != blocks; ++i)
28  {
29  u32bit B0 = load_be<u32bit>(in, 0);
30  u32bit B1 = load_be<u32bit>(in, 1);
31  u32bit B2 = load_be<u32bit>(in, 2);
32  u32bit B3 = load_be<u32bit>(in, 3);
33 
34  G_FUNC G;
35 
36  for(size_t j = 0; j != 16; j += 2)
37  {
38  u32bit T0, T1;
39 
40  T0 = B2 ^ K[2*j];
41  T1 = G(B2 ^ B3 ^ K[2*j+1]);
42  T0 = G(T1 + T0);
43  T1 = G(T1 + T0);
44  B1 ^= T1;
45  B0 ^= T0 + T1;
46 
47  T0 = B0 ^ K[2*j+2];
48  T1 = G(B0 ^ B1 ^ K[2*j+3]);
49  T0 = G(T1 + T0);
50  T1 = G(T1 + T0);
51  B3 ^= T1;
52  B2 ^= T0 + T1;
53  }
54 
55  store_be(out, B2, B3, B0, B1);
56 
57  in += BLOCK_SIZE;
58  out += BLOCK_SIZE;
59  }
60  }
61 
62 /*
63 * SEED Decryption
64 */
65 void SEED::decrypt_n(const byte in[], byte out[], size_t blocks) const
66  {
67  for(size_t i = 0; i != blocks; ++i)
68  {
69  u32bit B0 = load_be<u32bit>(in, 0);
70  u32bit B1 = load_be<u32bit>(in, 1);
71  u32bit B2 = load_be<u32bit>(in, 2);
72  u32bit B3 = load_be<u32bit>(in, 3);
73 
74  G_FUNC G;
75 
76  for(size_t j = 0; j != 16; j += 2)
77  {
78  u32bit T0, T1;
79 
80  T0 = B2 ^ K[30-2*j];
81  T1 = G(B2 ^ B3 ^ K[31-2*j]);
82  T0 = G(T1 + T0);
83  T1 = G(T1 + T0);
84  B1 ^= T1;
85  B0 ^= T0 + T1;
86 
87  T0 = B0 ^ K[28-2*j];
88  T1 = G(B0 ^ B1 ^ K[29-2*j]);
89  T0 = G(T1 + T0);
90  T1 = G(T1 + T0);
91  B3 ^= T1;
92  B2 ^= T0 + T1;
93  }
94 
95  store_be(out, B2, B3, B0, B1);
96 
97  in += BLOCK_SIZE;
98  out += BLOCK_SIZE;
99  }
100  }
101 
102 /*
103 * SEED Key Schedule
104 */
105 void SEED::key_schedule(const byte key[], size_t)
106  {
107  const u32bit RC[16] = {
108  0x9E3779B9, 0x3C6EF373, 0x78DDE6E6, 0xF1BBCDCC,
109  0xE3779B99, 0xC6EF3733, 0x8DDE6E67, 0x1BBCDCCF,
110  0x3779B99E, 0x6EF3733C, 0xDDE6E678, 0xBBCDCCF1,
111  0x779B99E3, 0xEF3733C6, 0xDE6E678D, 0xBCDCCF1B
112  };
113 
114  SecureVector<u32bit> WK(4);
115 
116  for(size_t i = 0; i != 4; ++i)
117  WK[i] = load_be<u32bit>(key, i);
118 
119  G_FUNC G;
120 
121  for(size_t i = 0; i != 16; i += 2)
122  {
123  K[2*i ] = G(WK[0] + WK[2] - RC[i]);
124  K[2*i+1] = G(WK[1] - WK[3] + RC[i]) ^ K[2*i];
125 
126  byte T = get_byte(3, WK[0]);
127  WK[0] = (WK[0] >> 8) | (get_byte(3, WK[1]) << 24);
128  WK[1] = (WK[1] >> 8) | (T << 24);
129 
130  K[2*i+2] = G(WK[0] + WK[2] - RC[i+1]);
131  K[2*i+3] = G(WK[1] - WK[3] + RC[i+1]) ^ K[2*i+2];
132 
133  T = get_byte(0, WK[3]);
134  WK[3] = (WK[3] << 8) | get_byte(0, WK[2]);
135  WK[2] = (WK[2] << 8) | T;
136  }
137  }
138 
139 }
void decrypt_n(const byte in[], byte out[], size_t blocks) const
Definition: seed.cpp:65
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned char byte
Definition: types.h:22
void encrypt_n(const byte in[], byte out[], size_t blocks) const
Definition: seed.cpp:25
u32bit load_be< u32bit >(const byte in[], size_t off)
Definition: loadstor.h:166
void store_be(u16bit in, byte out[2])
Definition: loadstor.h:412
unsigned int u32bit
Definition: types.h:32