Botan  1.11.15
src/lib/block/seed/seed.cpp
Go to the documentation of this file.
00001 /*
00002 * SEED
00003 * (C) 1999-2007 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/internal/block_utils.h>
00009 #include <botan/seed.h>
00010 
00011 namespace Botan {
00012 
00013 BOTAN_REGISTER_BLOCK_CIPHER_NOARGS(SEED);
00014 
00015 /*
00016 * SEED G Function
00017 */
00018 u32bit SEED::G_FUNC::operator()(u32bit X) const
00019    {
00020    return (S0[get_byte(3, X)] ^ S1[get_byte(2, X)] ^
00021            S2[get_byte(1, X)] ^ S3[get_byte(0, X)]);
00022    }
00023 
00024 /*
00025 * SEED Encryption
00026 */
00027 void SEED::encrypt_n(const byte in[], byte out[], size_t blocks) const
00028    {
00029    for(size_t i = 0; i != blocks; ++i)
00030       {
00031       u32bit B0 = load_be<u32bit>(in, 0);
00032       u32bit B1 = load_be<u32bit>(in, 1);
00033       u32bit B2 = load_be<u32bit>(in, 2);
00034       u32bit B3 = load_be<u32bit>(in, 3);
00035 
00036       G_FUNC G;
00037 
00038       for(size_t j = 0; j != 16; j += 2)
00039          {
00040          u32bit T0, T1;
00041 
00042          T0 = B2 ^ K[2*j];
00043          T1 = G(B2 ^ B3 ^ K[2*j+1]);
00044          T0 = G(T1 + T0);
00045          T1 = G(T1 + T0);
00046          B1 ^= T1;
00047          B0 ^= T0 + T1;
00048 
00049          T0 = B0 ^ K[2*j+2];
00050          T1 = G(B0 ^ B1 ^ K[2*j+3]);
00051          T0 = G(T1 + T0);
00052          T1 = G(T1 + T0);
00053          B3 ^= T1;
00054          B2 ^= T0 + T1;
00055          }
00056 
00057       store_be(out, B2, B3, B0, B1);
00058 
00059       in += BLOCK_SIZE;
00060       out += BLOCK_SIZE;
00061       }
00062    }
00063 
00064 /*
00065 * SEED Decryption
00066 */
00067 void SEED::decrypt_n(const byte in[], byte out[], size_t blocks) const
00068    {
00069    for(size_t i = 0; i != blocks; ++i)
00070       {
00071       u32bit B0 = load_be<u32bit>(in, 0);
00072       u32bit B1 = load_be<u32bit>(in, 1);
00073       u32bit B2 = load_be<u32bit>(in, 2);
00074       u32bit B3 = load_be<u32bit>(in, 3);
00075 
00076       G_FUNC G;
00077 
00078       for(size_t j = 0; j != 16; j += 2)
00079          {
00080          u32bit T0, T1;
00081 
00082          T0 = B2 ^ K[30-2*j];
00083          T1 = G(B2 ^ B3 ^ K[31-2*j]);
00084          T0 = G(T1 + T0);
00085          T1 = G(T1 + T0);
00086          B1 ^= T1;
00087          B0 ^= T0 + T1;
00088 
00089          T0 = B0 ^ K[28-2*j];
00090          T1 = G(B0 ^ B1 ^ K[29-2*j]);
00091          T0 = G(T1 + T0);
00092          T1 = G(T1 + T0);
00093          B3 ^= T1;
00094          B2 ^= T0 + T1;
00095          }
00096 
00097       store_be(out, B2, B3, B0, B1);
00098 
00099       in += BLOCK_SIZE;
00100       out += BLOCK_SIZE;
00101       }
00102    }
00103 
00104 /*
00105 * SEED Key Schedule
00106 */
00107 void SEED::key_schedule(const byte key[], size_t)
00108    {
00109    const u32bit RC[16] = {
00110       0x9E3779B9, 0x3C6EF373, 0x78DDE6E6, 0xF1BBCDCC,
00111       0xE3779B99, 0xC6EF3733, 0x8DDE6E67, 0x1BBCDCCF,
00112       0x3779B99E, 0x6EF3733C, 0xDDE6E678, 0xBBCDCCF1,
00113       0x779B99E3, 0xEF3733C6, 0xDE6E678D, 0xBCDCCF1B
00114    };
00115 
00116    secure_vector<u32bit> WK(4);
00117 
00118    for(size_t i = 0; i != 4; ++i)
00119       WK[i] = load_be<u32bit>(key, i);
00120 
00121    G_FUNC G;
00122 
00123    K.resize(32);
00124 
00125    for(size_t i = 0; i != 16; i += 2)
00126       {
00127       K[2*i  ] = G(WK[0] + WK[2] - RC[i]);
00128       K[2*i+1] = G(WK[1] - WK[3] + RC[i]) ^ K[2*i];
00129 
00130       byte T = get_byte(3, WK[0]);
00131       WK[0] = (WK[0] >> 8) | (get_byte(3, WK[1]) << 24);
00132       WK[1] = (WK[1] >> 8) | (T << 24);
00133 
00134       K[2*i+2] = G(WK[0] + WK[2] - RC[i+1]);
00135       K[2*i+3] = G(WK[1] - WK[3] + RC[i+1]) ^ K[2*i+2];
00136 
00137       T = get_byte(0, WK[3]);
00138       WK[3] = (WK[3] << 8) | get_byte(0, WK[2]);
00139       WK[2] = (WK[2] << 8) | T;
00140       }
00141    }
00142 
00143 void SEED::clear()
00144    {
00145    zap(K);
00146    }
00147 
00148 }