1// shark.cpp - written and placed in the public domain by Wei Dai 2 3#include "pch.h" 4#include "shark.h" 5#include "misc.h" 6#include "modes.h" 7#include "gf256.h" 8 9NAMESPACE_BEGIN(CryptoPP) 10 11static word64 SHARKTransform(word64 a) 12{ 13 static const byte iG[8][8] = { 14 0xe7, 0x30, 0x90, 0x85, 0xd0, 0x4b, 0x91, 0x41, 15 0x53, 0x95, 0x9b, 0xa5, 0x96, 0xbc, 0xa1, 0x68, 16 0x02, 0x45, 0xf7, 0x65, 0x5c, 0x1f, 0xb6, 0x52, 17 0xa2, 0xca, 0x22, 0x94, 0x44, 0x63, 0x2a, 0xa2, 18 0xfc, 0x67, 0x8e, 0x10, 0x29, 0x75, 0x85, 0x71, 19 0x24, 0x45, 0xa2, 0xcf, 0x2f, 0x22, 0xc1, 0x0e, 20 0xa1, 0xf1, 0x71, 0x40, 0x91, 0x27, 0x18, 0xa5, 21 0x56, 0xf4, 0xaf, 0x32, 0xd2, 0xa4, 0xdc, 0x71, 22 }; 23 24 word64 result=0; 25 GF256 gf256(0xf5); 26 for (unsigned int i=0; i<8; i++) 27 for(unsigned int j=0; j<8; j++) 28 result ^= word64(gf256.Multiply(iG[i][j], GF256::Element(a>>(56-8*j)))) << (56-8*i); 29 return result; 30} 31 32void SHARK::Base::UncheckedSetKey(const byte *key, unsigned int keyLen, const NameValuePairs ¶ms) 33{ 34 AssertValidKeyLength(keyLen); 35 36 m_rounds = GetRoundsAndThrowIfInvalid(params, this); 37 m_roundKeys.New(m_rounds+1); 38 39 // concatenate key enought times to fill a 40 for (unsigned int i=0; i<(m_rounds+1)*8; i++) 41 ((byte *)m_roundKeys.begin())[i] = key[i%keyLen]; 42 43 SHARK::Encryption e; 44 e.InitForKeySetup(); 45 byte IV[8] = {0,0,0,0,0,0,0,0}; 46 CFB_Mode_ExternalCipher::Encryption cfb(e, IV); 47 48 cfb.ProcessString((byte *)m_roundKeys.begin(), (m_rounds+1)*8); 49 50 ConditionalByteReverse(BIG_ENDIAN_ORDER, m_roundKeys.begin(), m_roundKeys.begin(), (m_rounds+1)*8); 51 52 m_roundKeys[m_rounds] = SHARKTransform(m_roundKeys[m_rounds]); 53 54 if (!IsForwardTransformation()) 55 { 56 unsigned int i; 57 58 // transform encryption round keys into decryption round keys 59 for (i=0; i<m_rounds/2; i++) 60 std::swap(m_roundKeys[i], m_roundKeys[m_rounds-i]); 61 62 for (i=1; i<m_rounds; i++) 63 m_roundKeys[i] = SHARKTransform(m_roundKeys[i]); 64 } 65 66#ifdef IS_LITTLE_ENDIAN 67 m_roundKeys[0] = ByteReverse(m_roundKeys[0]); 68 m_roundKeys[m_rounds] = ByteReverse(m_roundKeys[m_rounds]); 69#endif 70} 71 72// construct an SHARK_Enc object with fixed round keys, to be used to initialize actual round keys 73void SHARK::Enc::InitForKeySetup() 74{ 75 m_rounds = DEFAULT_ROUNDS; 76 m_roundKeys.New(DEFAULT_ROUNDS+1); 77 78 for (unsigned int i=0; i<DEFAULT_ROUNDS; i++) 79 m_roundKeys[i] = cbox[0][i]; 80 81 m_roundKeys[DEFAULT_ROUNDS] = SHARKTransform(cbox[0][DEFAULT_ROUNDS]); 82 83#ifdef IS_LITTLE_ENDIAN 84 m_roundKeys[0] = ByteReverse(m_roundKeys[0]); 85 m_roundKeys[m_rounds] = ByteReverse(m_roundKeys[m_rounds]); 86#endif 87} 88 89typedef word64 ArrayOf256Word64s[256]; 90 91template <const byte *sbox, const ArrayOf256Word64s *cbox> 92struct SharkProcessAndXorBlock{ // VC60 workaround: problem with template functions 93inline SharkProcessAndXorBlock(const word64 *roundKeys, unsigned int rounds, const byte *inBlock, const byte *xorBlock, byte *outBlock) 94{ 95 word64 tmp = *(word64 *)inBlock ^ roundKeys[0]; 96 97 ByteOrder order = GetNativeByteOrder(); 98 tmp = cbox[0][GetByte(order, tmp, 0)] ^ cbox[1][GetByte(order, tmp, 1)] 99 ^ cbox[2][GetByte(order, tmp, 2)] ^ cbox[3][GetByte(order, tmp, 3)] 100 ^ cbox[4][GetByte(order, tmp, 4)] ^ cbox[5][GetByte(order, tmp, 5)] 101 ^ cbox[6][GetByte(order, tmp, 6)] ^ cbox[7][GetByte(order, tmp, 7)] 102 ^ roundKeys[1]; 103 104 for(unsigned int i=2; i<rounds; i++) 105 { 106 tmp = cbox[0][GETBYTE(tmp, 7)] ^ cbox[1][GETBYTE(tmp, 6)] 107 ^ cbox[2][GETBYTE(tmp, 5)] ^ cbox[3][GETBYTE(tmp, 4)] 108 ^ cbox[4][GETBYTE(tmp, 3)] ^ cbox[5][GETBYTE(tmp, 2)] 109 ^ cbox[6][GETBYTE(tmp, 1)] ^ cbox[7][GETBYTE(tmp, 0)] 110 ^ roundKeys[i]; 111 } 112 113 PutBlock<byte, BigEndian>(xorBlock, outBlock) 114 (sbox[GETBYTE(tmp, 7)]) 115 (sbox[GETBYTE(tmp, 6)]) 116 (sbox[GETBYTE(tmp, 5)]) 117 (sbox[GETBYTE(tmp, 4)]) 118 (sbox[GETBYTE(tmp, 3)]) 119 (sbox[GETBYTE(tmp, 2)]) 120 (sbox[GETBYTE(tmp, 1)]) 121 (sbox[GETBYTE(tmp, 0)]); 122 123 *(word64 *)outBlock ^= roundKeys[rounds]; 124}}; 125 126void SHARK::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const 127{ 128 SharkProcessAndXorBlock<sbox, cbox>(m_roundKeys, m_rounds, inBlock, xorBlock, outBlock); 129} 130 131void SHARK::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const 132{ 133 SharkProcessAndXorBlock<sbox, cbox>(m_roundKeys, m_rounds, inBlock, xorBlock, outBlock); 134} 135 136NAMESPACE_END 137