5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 1999 - 2007 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
23 /* General definitions for algorithms */
24 typedef unsigned char u1byte;
25 typedef SilcUInt32 u4byte;
26 typedef SilcUInt32 u32;
27 typedef SilcUInt32 uint_32t;
28 typedef SilcUInt8 uint_8t;
30 #define rotr(x, nr) silc_ror(x, nr)
31 #define rotl(x, nr) silc_rol(x, nr)
32 #define byte(x, nr) ((x) >> (nr * 8) & 255)
34 /* Byte key to words */
35 #define SILC_GET_WORD_KEY(s, d, len) \
38 for (_i = 0; _i < (len / 8) / 4; _i++) \
39 SILC_GET32_LSB(d[_i], s + (_i * 4)); \
42 /* CBC mode 128-bit block, LSB, 32-bit block argument must be encrypted */
44 #define SILC_CBC_ENC_LSB_128_32(len, iv, block, src, dst, i, enc) \
46 SILC_ASSERT((len & (16 - 1)) == 0); \
50 SILC_GET32_LSB(block[0], &iv[0]); \
51 SILC_GET32_LSB(block[1], &iv[4]); \
52 SILC_GET32_LSB(block[2], &iv[8]); \
53 SILC_GET32_LSB(block[3], &iv[12]); \
55 for (i = 0; i < len; i += 16) { \
56 SILC_GET32_X_LSB(block[0], &src[0]); \
57 SILC_GET32_X_LSB(block[1], &src[4]); \
58 SILC_GET32_X_LSB(block[2], &src[8]); \
59 SILC_GET32_X_LSB(block[3], &src[12]); \
63 SILC_PUT32_LSB(block[0], &dst[0]); \
64 SILC_PUT32_LSB(block[1], &dst[4]); \
65 SILC_PUT32_LSB(block[2], &dst[8]); \
66 SILC_PUT32_LSB(block[3], &dst[12]); \
72 SILC_PUT32_LSB(block[0], &iv[0]); \
73 SILC_PUT32_LSB(block[1], &iv[4]); \
74 SILC_PUT32_LSB(block[2], &iv[8]); \
75 SILC_PUT32_LSB(block[3], &iv[12]); \
78 /* CBC mode 128-bit block, LSB, decrypt block to block_dec. */
80 #define SILC_CBC_DEC_LSB_128_32(len, iv, block_prev, block, \
81 block_dec, src, dst, i, dec) \
83 if (!len || len & (16 - 1)) \
86 SILC_GET32_LSB(block_prev[0], &iv[0]); \
87 SILC_GET32_LSB(block_prev[1], &iv[4]); \
88 SILC_GET32_LSB(block_prev[2], &iv[8]); \
89 SILC_GET32_LSB(block_prev[3], &iv[12]); \
91 for (i = 0; i < len; i += 16) { \
92 SILC_GET32_LSB(block[0], &src[0]); \
93 SILC_GET32_LSB(block[1], &src[4]); \
94 SILC_GET32_LSB(block[2], &src[8]); \
95 SILC_GET32_LSB(block[3], &src[12]); \
99 block_dec[0] ^= block_prev[0]; \
100 block_dec[1] ^= block_prev[1]; \
101 block_dec[2] ^= block_prev[2]; \
102 block_dec[3] ^= block_prev[3]; \
104 SILC_PUT32_LSB(block_dec[0], &dst[0]); \
105 SILC_PUT32_LSB(block_dec[1], &dst[4]); \
106 SILC_PUT32_LSB(block_dec[2], &dst[8]); \
107 SILC_PUT32_LSB(block_dec[3], &dst[12]); \
109 block_prev[0] = block[0]; \
110 block_prev[1] = block[1]; \
111 block_prev[2] = block[2]; \
112 block_prev[3] = block[3]; \
118 SILC_PUT32_LSB(block[0], &iv[0]); \
119 SILC_PUT32_LSB(block[1], &iv[4]); \
120 SILC_PUT32_LSB(block[2], &iv[8]); \
121 SILC_PUT32_LSB(block[3], &iv[12]); \
124 /* CBC mode 128-bit block, MSB, 32-bit block argument must be encrypted */
126 #define SILC_CBC_ENC_MSB_128_32(len, iv, block, src, dst, i, enc) \
128 SILC_ASSERT((len & (16 - 1)) == 0); \
129 if (len & (16 - 1)) \
132 SILC_GET32_MSB(block[0], &iv[0]); \
133 SILC_GET32_MSB(block[1], &iv[4]); \
134 SILC_GET32_MSB(block[2], &iv[8]); \
135 SILC_GET32_MSB(block[3], &iv[12]); \
137 for (i = 0; i < len; i += 16) { \
138 SILC_GET32_X_MSB(block[0], &src[0]); \
139 SILC_GET32_X_MSB(block[1], &src[4]); \
140 SILC_GET32_X_MSB(block[2], &src[8]); \
141 SILC_GET32_X_MSB(block[3], &src[12]); \
145 SILC_PUT32_MSB(block[0], &dst[0]); \
146 SILC_PUT32_MSB(block[1], &dst[4]); \
147 SILC_PUT32_MSB(block[2], &dst[8]); \
148 SILC_PUT32_MSB(block[3], &dst[12]); \
154 SILC_PUT32_MSB(block[0], &iv[0]); \
155 SILC_PUT32_MSB(block[1], &iv[4]); \
156 SILC_PUT32_MSB(block[2], &iv[8]); \
157 SILC_PUT32_MSB(block[3], &iv[12]); \
160 /* CBC mode 128-bit block, MSB, decrypt block to block_dec. */
162 #define SILC_CBC_DEC_MSB_128_32(len, iv, block_prev, block, \
163 block_dec, src, dst, i, dec) \
165 if (!len || len & (16 - 1)) \
168 SILC_GET32_MSB(block_prev[0], &iv[0]); \
169 SILC_GET32_MSB(block_prev[1], &iv[4]); \
170 SILC_GET32_MSB(block_prev[2], &iv[8]); \
171 SILC_GET32_MSB(block_prev[3], &iv[12]); \
173 for (i = 0; i < len; i += 16) { \
174 SILC_GET32_MSB(block[0], &src[0]); \
175 SILC_GET32_MSB(block[1], &src[4]); \
176 SILC_GET32_MSB(block[2], &src[8]); \
177 SILC_GET32_MSB(block[3], &src[12]); \
181 block_dec[0] ^= block_prev[0]; \
182 block_dec[1] ^= block_prev[1]; \
183 block_dec[2] ^= block_prev[2]; \
184 block_dec[3] ^= block_prev[3]; \
186 SILC_PUT32_MSB(block_dec[0], &dst[0]); \
187 SILC_PUT32_MSB(block_dec[1], &dst[4]); \
188 SILC_PUT32_MSB(block_dec[2], &dst[8]); \
189 SILC_PUT32_MSB(block_dec[3], &dst[12]); \
191 block_prev[0] = block[0]; \
192 block_prev[1] = block[1]; \
193 block_prev[2] = block[2]; \
194 block_prev[3] = block[3]; \
200 SILC_PUT32_MSB(block[0], &iv[0]); \
201 SILC_PUT32_MSB(block[1], &iv[4]); \
202 SILC_PUT32_MSB(block[2], &iv[8]); \
203 SILC_PUT32_MSB(block[3], &iv[12]); \
206 /* CBC mode 64-bit block, MSB, 32-bit block argument must be encrypted */
208 #define SILC_CBC_ENC_MSB_64_32(len, iv, block, src, dst, i, enc) \
210 SILC_ASSERT((len & (8 - 1)) == 0); \
214 SILC_GET32_MSB(block[0], &iv[0]); \
215 SILC_GET32_MSB(block[1], &iv[4]); \
217 for (i = 0; i < len; i += 8) { \
218 SILC_GET32_X_MSB(block[0], &src[0]); \
219 SILC_GET32_X_MSB(block[1], &src[4]); \
223 SILC_PUT32_MSB(block[0], &dst[0]); \
224 SILC_PUT32_MSB(block[1], &dst[4]); \
230 SILC_PUT32_MSB(block[0], &iv[0]); \
231 SILC_PUT32_MSB(block[1], &iv[4]); \
234 /* CBC mode 64-bit block, MSB, decrypt block to block_dec. */
236 #define SILC_CBC_DEC_MSB_64_32(len, iv, block_prev, block, \
237 block_dec, src, dst, i, dec) \
239 if (!len || len & (8 - 1)) \
242 SILC_GET32_MSB(block_prev[0], &iv[0]); \
243 SILC_GET32_MSB(block_prev[1], &iv[4]); \
245 for (i = 0; i < len; i += 8) { \
246 SILC_GET32_MSB(block[0], &src[0]); \
247 SILC_GET32_MSB(block[1], &src[4]); \
251 block_dec[0] ^= block_prev[0]; \
252 block_dec[1] ^= block_prev[1]; \
254 SILC_PUT32_MSB(block_dec[0], &dst[0]); \
255 SILC_PUT32_MSB(block_dec[1], &dst[4]); \
257 block_prev[0] = block[0]; \
258 block_prev[1] = block[1]; \
264 SILC_PUT32_MSB(block[0], &iv[0]); \
265 SILC_PUT32_MSB(block[1], &iv[4]); \
269 /* CTR mode 128-bit block, MSB, MSB counter, the 8-bit enc_ctr argument must
272 #define SILC_CTR_MSB_128_8(iv, ctr, enc_ctr, pad, src, dst, enc) \
274 SILC_GET32_MSB(ctr[0], iv); \
275 SILC_GET32_MSB(ctr[1], iv + 4); \
276 SILC_GET32_MSB(ctr[2], iv + 8); \
277 SILC_GET32_MSB(ctr[3], iv + 12); \
282 while (len-- > 0) { \
289 SILC_PUT32_MSB(ctr[0], enc_ctr); \
290 SILC_PUT32_MSB(ctr[1], enc_ctr + 4); \
291 SILC_PUT32_MSB(ctr[2], enc_ctr + 8); \
292 SILC_PUT32_MSB(ctr[3], enc_ctr + 12); \
297 *dst++ = *src++ ^ enc_ctr[pad++]; \
300 SILC_PUT32_MSB(ctr[0], iv); \
301 SILC_PUT32_MSB(ctr[1], iv + 4); \
302 SILC_PUT32_MSB(ctr[2], iv + 8); \
303 SILC_PUT32_MSB(ctr[3], iv + 12); \
306 /* CTR mode 128-bit block, MSB, MSB counter, the 32-bit ctr argument must
307 be encrypted to enc_ctr */
309 #define SILC_CTR_MSB_128_32(iv, ctr, enc_ctr, pad, src, dst, enc) \
311 SILC_GET32_MSB(ctr[0], iv); \
312 SILC_GET32_MSB(ctr[1], iv + 4); \
313 SILC_GET32_MSB(ctr[2], iv + 8); \
314 SILC_GET32_MSB(ctr[3], iv + 12); \
319 while (len-- > 0) { \
327 SILC_PUT32_MSB(enc_ctr[0], iv); \
328 SILC_PUT32_MSB(enc_ctr[1], iv + 4); \
329 SILC_PUT32_MSB(enc_ctr[2], iv + 8); \
330 SILC_PUT32_MSB(enc_ctr[3], iv + 12); \
333 *dst++ = *src++ ^ enc_ctr[pad++]; \
336 SILC_PUT32_MSB(ctr[0], iv); \
337 SILC_PUT32_MSB(ctr[1], iv + 4); \
338 SILC_PUT32_MSB(ctr[2], iv + 8); \
339 SILC_PUT32_MSB(ctr[3], iv + 12); \
342 /* CTR mode 128-bit block, LSB, MSB counter, the 32-bit enc_ctr argument
345 #define SILC_CTR_LSB_128_32(iv, ctr, enc_ctr, pad, src, dst, enc) \
347 SILC_GET32_MSB(ctr[0], iv); \
348 SILC_GET32_MSB(ctr[1], iv + 4); \
349 SILC_GET32_MSB(ctr[2], iv + 8); \
350 SILC_GET32_MSB(ctr[3], iv + 12); \
355 while (len-- > 0) { \
362 enc_ctr[0] = SILC_SWAB_32(ctr[0]); \
363 enc_ctr[1] = SILC_SWAB_32(ctr[1]); \
364 enc_ctr[2] = SILC_SWAB_32(ctr[2]); \
365 enc_ctr[3] = SILC_SWAB_32(ctr[3]); \
368 SILC_PUT32_LSB(enc_ctr[0], iv); \
369 SILC_PUT32_LSB(enc_ctr[1], iv + 4); \
370 SILC_PUT32_LSB(enc_ctr[2], iv + 8); \
371 SILC_PUT32_LSB(enc_ctr[3], iv + 12); \
374 *dst++ = *src++ ^ iv[pad++]; \
377 SILC_PUT32_MSB(ctr[0], iv); \
378 SILC_PUT32_MSB(ctr[1], iv + 4); \
379 SILC_PUT32_MSB(ctr[2], iv + 8); \
380 SILC_PUT32_MSB(ctr[3], iv + 12); \
383 /* CTR mode 64-bit block, MSB, MSB counter, the 32-bit ctr argument must
384 be encrypted to enc_ctr */
386 #define SILC_CTR_MSB_64_32(iv, ctr, enc_ctr, pad, src, dst, enc) \
388 SILC_GET32_MSB(ctr[0], iv); \
389 SILC_GET32_MSB(ctr[1], iv + 4); \
394 while (len-- > 0) { \
400 SILC_PUT32_MSB(enc_ctr[0], iv); \
401 SILC_PUT32_MSB(enc_ctr[1], iv + 4); \
404 *dst++ = *src++ ^ iv[pad++]; \
407 SILC_PUT32_MSB(ctr[0], iv); \
408 SILC_PUT32_MSB(ctr[1], iv + 4); \
411 /* CFB 128-bit block, LSB, the 32-bit cfb argument must be encrypted. */
413 #define SILC_CFB_ENC_LSB_128_32(iv, cfb, pad, src, dst, enc) \
415 while (len-- > 0) { \
417 SILC_GET32_LSB(cfb[0], iv); \
418 SILC_GET32_LSB(cfb[1], iv + 4); \
419 SILC_GET32_LSB(cfb[2], iv + 8); \
420 SILC_GET32_LSB(cfb[3], iv + 12); \
424 SILC_PUT32_LSB(cfb[0], iv); \
425 SILC_PUT32_LSB(cfb[1], iv + 4); \
426 SILC_PUT32_LSB(cfb[2], iv + 8); \
427 SILC_PUT32_LSB(cfb[3], iv + 12); \
430 iv[pad] = (*dst = *src ^ iv[pad]); \
437 /* CFB 128-bit block, LSB, the 32-bit cfb argument must be decrypted. */
439 #define SILC_CFB_DEC_LSB_128_32(iv, cfb, pad, src, dst, dec) \
441 unsigned char temp; \
442 while (len-- > 0) { \
444 SILC_GET32_LSB(cfb[0], iv); \
445 SILC_GET32_LSB(cfb[1], iv + 4); \
446 SILC_GET32_LSB(cfb[2], iv + 8); \
447 SILC_GET32_LSB(cfb[3], iv + 12); \
451 SILC_PUT32_LSB(cfb[0], iv); \
452 SILC_PUT32_LSB(cfb[1], iv + 4); \
453 SILC_PUT32_LSB(cfb[2], iv + 8); \
454 SILC_PUT32_LSB(cfb[3], iv + 12); \
458 *dst = temp ^ iv[pad]; \
465 /* CFB 128-bit block, MSB, the 32-bit cfb argument must be encrypted. */
467 #define SILC_CFB_ENC_MSB_128_32(iv, cfb, pad, src, dst, enc) \
469 while (len-- > 0) { \
471 SILC_GET32_MSB(cfb[0], iv); \
472 SILC_GET32_MSB(cfb[1], iv + 4); \
473 SILC_GET32_MSB(cfb[2], iv + 8); \
474 SILC_GET32_MSB(cfb[3], iv + 12); \
478 SILC_PUT32_MSB(cfb[0], iv); \
479 SILC_PUT32_MSB(cfb[1], iv + 4); \
480 SILC_PUT32_MSB(cfb[2], iv + 8); \
481 SILC_PUT32_MSB(cfb[3], iv + 12); \
484 iv[pad] = (*dst = *src ^ iv[pad]); \
491 /* CFB 128-bit block, MSB, the 32-bit cfb argument must be decrypted. */
493 #define SILC_CFB_DEC_MSB_128_32(iv, cfb, pad, src, dst, dec) \
495 unsigned char temp; \
496 while (len-- > 0) { \
498 SILC_GET32_MSB(cfb[0], iv); \
499 SILC_GET32_MSB(cfb[1], iv + 4); \
500 SILC_GET32_MSB(cfb[2], iv + 8); \
501 SILC_GET32_MSB(cfb[3], iv + 12); \
505 SILC_PUT32_MSB(cfb[0], iv); \
506 SILC_PUT32_MSB(cfb[1], iv + 4); \
507 SILC_PUT32_MSB(cfb[2], iv + 8); \
508 SILC_PUT32_MSB(cfb[3], iv + 12); \
512 *dst = temp ^ iv[pad]; \
519 /* CFB 64-bit block, MSB, the 32-bit cfb argument must be encrypted. */
521 #define SILC_CFB_ENC_MSB_64_32(iv, cfb, pad, src, dst, enc) \
523 while (len-- > 0) { \
525 SILC_GET32_MSB(cfb[0], iv); \
526 SILC_GET32_MSB(cfb[1], iv + 4); \
530 SILC_PUT32_MSB(cfb[0], iv); \
531 SILC_PUT32_MSB(cfb[1], iv + 4); \
534 iv[pad] = (*dst = *src ^ iv[pad]); \
541 /* CFB 64-bit block, MSB, the 32-bit cfb argument must be decrypted. */
543 #define SILC_CFB_DEC_MSB_64_32(iv, cfb, pad, src, dst, dec) \
545 unsigned char temp; \
546 while (len-- > 0) { \
548 SILC_GET32_MSB(cfb[0], iv); \
549 SILC_GET32_MSB(cfb[1], iv + 4); \
553 SILC_PUT32_MSB(cfb[0], iv); \
554 SILC_PUT32_MSB(cfb[1], iv + 4); \
558 *dst = temp ^ iv[pad]; \
565 /* CFB 128-bit block, MSB, the 8-bit iv argument must be encrypted. */
567 #define SILC_CFB_ENC_MSB_128_8(iv, pad, src, dst, enc) \
569 while (len-- > 0) { \
574 iv[pad] = (*dst = *src ^ iv[pad]); \
581 /* CFB 128-bit block, MSB, the 8-bit iv argument must be decrypted. */
583 #define SILC_CFB_DEC_MSB_128_8(iv, pad, src, dst, dec) \
585 unsigned char temp; \
586 while (len-- > 0) { \
592 *dst = temp ^ iv[pad]; \