[PATCH 03/10] cipher/gost28147: generate optimized s-boxes from compact ones
Dmitry Eremin-Solenikov
dbaryshkov at gmail.com
Fri Jun 6 20:48:29 CEST 2014
* cipher/gost-s-box.c: New. Outputs optimized expanded representation of
s-boxes (4x256) from compact 16x8 representation.
* cipher/Makefile.am: Add gost-sb.h dependency to gost28147.lo
* cipher/gost.h: Add sbox to the GOST28147_context structure.
* cipher/gost28147.c (gost_setkey): Set default s-box to test s-box from
GOST R 34.11 (this was the only one S-box before).
* cipher/gost28147.c (gost_val): Use sbox from the context.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov at gmail.com>
---
.gitignore | 2 +
cipher/Makefile.am | 5 +
cipher/gost-s-box.c | 256 +++++++++++++++++++++++++++++++++++++++++++++++
cipher/gost.h | 1 +
cipher/gost28147.c | 282 ++--------------------------------------------------
5 files changed, 272 insertions(+), 274 deletions(-)
create mode 100644 cipher/gost-s-box.c
diff --git a/.gitignore b/.gitignore
index 8b235f9..3929e4d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,6 +15,8 @@ po/messages.mo
/stamp-h1
/Makefile.in
cipher/Makefile.in
+cipher/gost-s-box
+cipher/gost-sb.h
compat/Makefile.in
doc/Makefile.in
m4/Makefile.in
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 8a3bd19..c165356 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -93,6 +93,11 @@ rfc2268.c \
camellia.c camellia.h camellia-glue.c camellia-aesni-avx-amd64.S \
camellia-aesni-avx2-amd64.S camellia-arm.S
+noinst_PROGRAMS = gost-s-box
+gost28147.lo: gost-sb.h
+gost-sb.h: gost-s-box
+ $(builddir)/gost-s-box $@
+
if ENABLE_O_FLAG_MUNGING
o_flag_munging = sed -e 's/-O\([2-9s][2-9s]*\)/-O1/' -e 's/-Ofast/-O1/g'
else
diff --git a/cipher/gost-s-box.c b/cipher/gost-s-box.c
new file mode 100644
index 0000000..0094f65
--- /dev/null
+++ b/cipher/gost-s-box.c
@@ -0,0 +1,256 @@
+/* gost-s-box.c - GOST 28147-89 S-Box expander
+ * Copyright (C) 2013 Dmitry Eremin-Solenikov
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#define DIM(v) (sizeof(v)/sizeof((v)[0]))
+
+struct gost_sbox
+{
+ const char *name;
+ const char *oid;
+ unsigned char sbox[16*8];
+} gost_sboxes[] = {
+ { "test_3411", "1.2.643.2.2.30.0", {
+ 0x4, 0xE, 0x5, 0x7, 0x6, 0x4, 0xD, 0x1,
+ 0xA, 0xB, 0x8, 0xD, 0xC, 0xB, 0xB, 0xF,
+ 0x9, 0x4, 0x1, 0xA, 0x7, 0xA, 0x4, 0xD,
+ 0x2, 0xC, 0xD, 0x1, 0x1, 0x0, 0x1, 0x0,
+
+ 0xD, 0x6, 0xA, 0x0, 0x5, 0x7, 0x3, 0x5,
+ 0x8, 0xD, 0x3, 0x8, 0xF, 0x2, 0xF, 0x7,
+ 0x0, 0xF, 0x4, 0x9, 0xD, 0x1, 0x5, 0xA,
+ 0xE, 0xA, 0x2, 0xF, 0x8, 0xD, 0x9, 0x4,
+
+ 0x6, 0x2, 0xE, 0xE, 0x4, 0x3, 0x0, 0x9,
+ 0xB, 0x3, 0xF, 0x4, 0xA, 0x6, 0xA, 0x2,
+ 0x1, 0x8, 0xC, 0x6, 0x9, 0x8, 0xE, 0x3,
+ 0xC, 0x1, 0x7, 0xC, 0xE, 0x5, 0x7, 0xE,
+
+ 0x7, 0x0, 0x6, 0xB, 0x0, 0x9, 0x6, 0x6,
+ 0xF, 0x7, 0x0, 0x2, 0x3, 0xC, 0x8, 0xB,
+ 0x5, 0x5, 0x9, 0x5, 0xB, 0xF, 0x2, 0x8,
+ 0x3, 0x9, 0xB, 0x3, 0x2, 0xE, 0xC, 0xC,
+ }
+ },
+ { "CryptoPro_3411", "1.2.643.2.2.30.1", {
+ 0xA, 0x5, 0x7, 0x4, 0x7, 0x7, 0xD, 0x1,
+ 0x4, 0xF, 0xF, 0xA, 0x6, 0x6, 0xE, 0x3,
+ 0x5, 0x4, 0xC, 0x7, 0x4, 0x2, 0x4, 0xA,
+ 0x6, 0x0, 0xE, 0xC, 0xB, 0x4, 0x1, 0x9,
+
+ 0x8, 0x2, 0x9, 0x0, 0x9, 0xD, 0x7, 0x5,
+ 0x1, 0xD, 0x4, 0xF, 0xC, 0x9, 0x0, 0xB,
+ 0x3, 0xB, 0x1, 0x2, 0x2, 0xF, 0x5, 0x4,
+ 0x7, 0x9, 0x0, 0x8, 0xA, 0x0, 0xA, 0xF,
+
+ 0xD, 0x1, 0x3, 0xE, 0x1, 0xA, 0x3, 0x8,
+ 0xC, 0x7, 0xB, 0x1, 0x8, 0x1, 0xC, 0x6,
+ 0xE, 0x6, 0x5, 0x6, 0x0, 0x5, 0x8, 0x7,
+ 0x0, 0x3, 0x2, 0x5, 0xE, 0xB, 0xF, 0xE,
+
+ 0x9, 0xC, 0x6, 0xD, 0xF, 0x8, 0x6, 0xD,
+ 0x2, 0xE, 0xA, 0xB, 0xD, 0xE, 0x2, 0x0,
+ 0xB, 0xA, 0x8, 0x9, 0x3, 0xC, 0x9, 0x2,
+ 0xF, 0x8, 0xD, 0x3, 0x5, 0x3, 0xB, 0xC,
+ }
+ },
+ { "Test_89", "1.2.643.2.2.31.0", {
+ 0x4, 0xC, 0xD, 0xE, 0x3, 0x8, 0x9, 0xC,
+ 0x2, 0x9, 0x8, 0x9, 0xE, 0xF, 0xB, 0x6,
+ 0xF, 0xF, 0xE, 0xB, 0x5, 0x6, 0xC, 0x5,
+ 0x5, 0xE, 0xC, 0x2, 0x9, 0xB, 0x0, 0x2,
+
+ 0x9, 0x8, 0x7, 0x5, 0x6, 0x1, 0x3, 0xB,
+ 0x1, 0x1, 0x3, 0xF, 0x8, 0x9, 0x6, 0x0,
+ 0x0, 0x3, 0x9, 0x7, 0x0, 0xC, 0x7, 0x9,
+ 0x8, 0xA, 0xA, 0x1, 0xD, 0x5, 0x5, 0xD,
+
+ 0xE, 0x2, 0x1, 0x0, 0xA, 0xD, 0x4, 0x3,
+ 0x3, 0x7, 0x5, 0xD, 0xB, 0x3, 0x8, 0xE,
+ 0xB, 0x4, 0x2, 0xC, 0x7, 0x7, 0xE, 0x7,
+ 0xC, 0xD, 0x4, 0x6, 0xC, 0xA, 0xF, 0xA,
+
+ 0xD, 0x6, 0x6, 0xA, 0x2, 0x0, 0x1, 0xF,
+ 0x7, 0x0, 0xF, 0x4, 0x1, 0xE, 0xA, 0x4,
+ 0xA, 0xB, 0x0, 0x3, 0xF, 0x2, 0x2, 0x1,
+ 0x6, 0x5, 0xB, 0x8, 0x4, 0x4, 0xD, 0x8,
+ }
+ },
+ { "CryptoPro_A", "1.2.643.2.2.31.1", {
+ 0x9, 0x3, 0xE, 0xE, 0xB, 0x3, 0x1, 0xB,
+ 0x6, 0x7, 0x4, 0x7, 0x5, 0xA, 0xD, 0xA,
+ 0x3, 0xE, 0x6, 0xA, 0x1, 0xD, 0x2, 0xF,
+ 0x2, 0x9, 0x2, 0xC, 0x9, 0xC, 0x9, 0x5,
+
+ 0x8, 0x8, 0xB, 0xD, 0x8, 0x1, 0x7, 0x0,
+ 0xB, 0xA, 0x3, 0x1, 0xD, 0x2, 0xA, 0xC,
+ 0x1, 0xF, 0xD, 0x3, 0xF, 0x0, 0x6, 0xE,
+ 0x7, 0x0, 0x8, 0x9, 0x0, 0xB, 0x0, 0x8,
+
+ 0xA, 0x5, 0xC, 0x0, 0xE, 0x7, 0x8, 0x6,
+ 0x4, 0x2, 0xF, 0x2, 0x4, 0x5, 0xC, 0x2,
+ 0xE, 0x6, 0x5, 0xB, 0x2, 0x9, 0x4, 0x3,
+ 0xF, 0xC, 0xA, 0x4, 0x3, 0x4, 0x5, 0x9,
+
+ 0xC, 0xB, 0x0, 0xF, 0xC, 0x8, 0xF, 0x1,
+ 0x0, 0x4, 0x7, 0x8, 0x7, 0xF, 0x3, 0x7,
+ 0xD, 0xD, 0x1, 0x5, 0xA, 0xE, 0xB, 0xD,
+ 0x5, 0x1, 0x9, 0x6, 0x6, 0x6, 0xE, 0x4,
+ }
+ },
+ { "CryptoPro_B", "1.2.643.2.2.31.2", {
+ 0x8, 0x0, 0xE, 0x7, 0x2, 0x8, 0x5, 0x0,
+ 0x4, 0x1, 0xC, 0x5, 0x7, 0x3, 0x2, 0x4,
+ 0xB, 0x2, 0x0, 0x0, 0xC, 0x2, 0xA, 0xB,
+ 0x1, 0xA, 0xA, 0xD, 0xF, 0x6, 0xB, 0xE,
+
+ 0x3, 0x4, 0x9, 0xB, 0x9, 0x4, 0x9, 0x8,
+ 0x5, 0xD, 0x2, 0x6, 0x5, 0xD, 0x1, 0x3,
+ 0x0, 0x5, 0xD, 0x1, 0xA, 0xE, 0xC, 0x7,
+ 0x9, 0xC, 0xB, 0x2, 0xB, 0xB, 0x3, 0x1,
+
+ 0x2, 0x9, 0x7, 0x3, 0x1, 0xC, 0x7, 0xA,
+ 0xE, 0x7, 0x5, 0xA, 0x4, 0x1, 0x4, 0x2,
+ 0xA, 0x3, 0x8, 0xC, 0x0, 0x7, 0xD, 0x9,
+ 0xC, 0xF, 0xF, 0xF, 0xD, 0xF, 0x0, 0x6,
+
+ 0x6, 0x8, 0x6, 0xE, 0x8, 0x0, 0xF, 0xD,
+ 0x7, 0x6, 0x1, 0x9, 0xE, 0x9, 0x8, 0x5,
+ 0xF, 0xE, 0x4, 0x8, 0x3, 0x5, 0xE, 0xC,
+ }
+ },
+ { "CryptoPro_C", "1.2.643.2.2.31.3", {
+ 0x1, 0x0, 0x8, 0x3, 0x8, 0xC, 0xA, 0x7,
+ 0xB, 0x1, 0x2, 0x6, 0xD, 0x9, 0x9, 0x4,
+ 0xC, 0x7, 0x5, 0x0, 0xB, 0xB, 0x6, 0x0,
+ 0x2, 0xD, 0x0, 0x1, 0x0, 0x1, 0x8, 0x5,
+
+ 0x9, 0xB, 0x4, 0x5, 0x4, 0x8, 0xD, 0xA,
+ 0xD, 0x4, 0x9, 0xD, 0x5, 0xE, 0xE, 0x2,
+ 0x0, 0x5, 0xF, 0xA, 0x1, 0x2, 0x2, 0xF,
+ 0xF, 0x2, 0xA, 0x8, 0x2, 0x4, 0x0, 0xE,
+
+ 0x4, 0x8, 0x3, 0xB, 0x9, 0x7, 0xF, 0xC,
+ 0x5, 0xE, 0x7, 0x2, 0x3, 0x3, 0x3, 0x6,
+ 0x8, 0xF, 0xC, 0x9, 0xC, 0x6, 0x5, 0x1,
+ 0xE, 0xC, 0xD, 0x7, 0xE, 0x5, 0xB, 0xB,
+
+ 0xA, 0x9, 0x6, 0xE, 0x6, 0xA, 0x4, 0xD,
+ 0x7, 0xA, 0xE, 0xF, 0xF, 0x0, 0x1, 0x9,
+ 0x6, 0x6, 0x1, 0xC, 0xA, 0xF, 0xC, 0x3,
+ 0x3, 0x3, 0xB, 0x4, 0x7, 0xD, 0x7, 0x8,
+ }
+ },
+ { "CryptoPro_D", "1.2.643.2.2.31.4", {
+ 0xF, 0xB, 0x1, 0x1, 0x0, 0x8, 0x3, 0x1,
+ 0xC, 0x6, 0xC, 0x5, 0xC, 0x0, 0x0, 0xA,
+ 0x2, 0x3, 0xB, 0xE, 0x8, 0xF, 0x6, 0x6,
+ 0xA, 0x4, 0x0, 0xC, 0x9, 0x3, 0xF, 0x8,
+
+ 0x6, 0xC, 0xF, 0xA, 0xD, 0x2, 0x1, 0xF,
+ 0x4, 0xF, 0xE, 0x7, 0x2, 0x5, 0xE, 0xB,
+ 0x5, 0xE, 0x6, 0x0, 0xA, 0xE, 0x9, 0x0,
+ 0x0, 0x2, 0x5, 0xD, 0xB, 0xB, 0x2, 0x4,
+
+ 0x7, 0x7, 0xA, 0x6, 0x7, 0x1, 0xD, 0xC,
+ 0x9, 0xD, 0xD, 0x2, 0x3, 0xA, 0x8, 0x3,
+ 0xE, 0x8, 0x4, 0xB, 0x6, 0x4, 0xC, 0x5,
+ 0xD, 0x0, 0x8, 0x4, 0x5, 0x7, 0x4, 0x9,
+
+ 0x1, 0x5, 0x9, 0x9, 0x4, 0xC, 0xB, 0x7,
+ 0xB, 0xA, 0x3, 0x3, 0xE, 0x9, 0xA, 0xD,
+ 0x8, 0x9, 0x7, 0xF, 0xF, 0xD, 0x5, 0x2,
+ 0x3, 0x1, 0x2, 0x8, 0x1, 0x6, 0x7, 0xE,
+ }
+ },
+ { "TC26_A", "1.2.643.7.1.2.5.1.1", {
+ 0xc, 0x6, 0xb, 0xc, 0x7, 0x5, 0x8, 0x1,
+ 0x4, 0x8, 0x3, 0x8, 0xf, 0xd, 0xe, 0x7,
+ 0x6, 0x2, 0x5, 0x2, 0x5, 0xf, 0x2, 0xe,
+ 0x2, 0x3, 0x8, 0x1, 0xa, 0x6, 0x5, 0xd,
+
+ 0xa, 0x9, 0x2, 0xd, 0x8, 0x9, 0x6, 0x0,
+ 0x5, 0xa, 0xf, 0x4, 0x1, 0x2, 0x9, 0x5,
+ 0xb, 0x5, 0xa, 0xf, 0x6, 0xc, 0x1, 0x8,
+ 0x9, 0xc, 0xd, 0x6, 0xd, 0xa, 0xc, 0x3,
+
+ 0xe, 0x1, 0xe, 0x7, 0x0, 0xb, 0xf, 0x4,
+ 0x8, 0xe, 0x1, 0x0, 0x9, 0x7, 0x4, 0xf,
+ 0xd, 0x4, 0x7, 0xa, 0x3, 0x8, 0xb, 0xa,
+ 0x7, 0x7, 0x4, 0x5, 0xe, 0x1, 0x0, 0x6,
+
+ 0x0, 0xb, 0xc, 0x3, 0xb, 0x4, 0xd, 0x9,
+ 0x3, 0xd, 0x9, 0xe, 0x4, 0x3, 0xa, 0xc,
+ 0xf, 0x0, 0x6, 0x9, 0x2, 0xe, 0x3, 0xb,
+ 0x1, 0xf, 0x0, 0xb, 0xc, 0x0, 0x7, 0x2,
+ }
+ },
+};
+
+int main(int argc, char **argv)
+{
+ unsigned int i, j, s;
+ FILE *f;
+
+ if (argc == 1)
+ f = stdin;
+ else
+ f = fopen(argv[1], "w");
+
+ if (!f)
+ {
+ perror("fopen");
+ exit(1);
+ }
+
+ for (s = 0; s < DIM(gost_sboxes); s++)
+ {
+ unsigned char *sbox = gost_sboxes[s].sbox;
+ fprintf (f, "static const u32 sbox_%s[4*256] =\n {", gost_sboxes[s].name);
+ for (i = 0; i < 4; i++) {
+ fprintf (f, "\n /* %d */\n ", i);
+ for (j = 0; j < 256; j++) {
+ unsigned int val;
+ if (j % 4 == 0 && j != 0)
+ fprintf (f, "\n ");
+ val = sbox[ (j & 0xf) * 8 + 2 * i + 0] |
+ (sbox[ (j >> 4) * 8 + 2 * i + 1] << 4);
+ val <<= (8*i);
+ val = (val << 11) | (val >> 21);
+ fprintf (f, " 0x%08x,", val);
+ }
+ }
+ fprintf (f, "\n };\n\n");
+ }
+
+ fprintf (f, "static struct\n{\n const char *oid;\n const u32 *sbox;\n} gost_oid_map[] = {\n");
+
+ for (s = 0; s < DIM(gost_sboxes); s++)
+ {
+ fprintf (f, " { \"%s\", sbox_%s },\n", gost_sboxes[s].oid, gost_sboxes[s].name );
+ }
+
+ fprintf(f, " { NULL, NULL }\n};\n");
+
+ fclose (f);
+
+ return 0;
+}
diff --git a/cipher/gost.h b/cipher/gost.h
index d058eb2..3fbd9df 100644
--- a/cipher/gost.h
+++ b/cipher/gost.h
@@ -22,6 +22,7 @@
typedef struct {
u32 key[8];
+ const u32 *sbox;
} GOST28147_context;
/* This is a simple interface that will be used by GOST R 34.11-94 */
diff --git a/cipher/gost28147.c b/cipher/gost28147.c
index 1e48eb0..1720f45 100644
--- a/cipher/gost28147.c
+++ b/cipher/gost28147.c
@@ -34,277 +34,8 @@
#include "g10lib.h"
#include "cipher.h"
-
-/* This is an s-box from RFC4357, named GostR3411-94-TestParamSet
- * For now it is the only s-box supported, as libgcrypt lacks mechanism
- * for passing parameters to cipher in a usefull way.
- * S-boxes was modified from 4->4 to 8->8 bits unit with precalculated
- * shift and rotation by optimisation reasons.
- */
-static const u32 test_sbox[4][256] = {
- /* 0 */
- { 0x00072000, 0x00075000, 0x00074800, 0x00071000,
- 0x00076800, 0x00074000, 0x00070000, 0x00077000,
- 0x00073000, 0x00075800, 0x00070800, 0x00076000,
- 0x00073800, 0x00077800, 0x00072800, 0x00071800,
- 0x0005a000, 0x0005d000, 0x0005c800, 0x00059000,
- 0x0005e800, 0x0005c000, 0x00058000, 0x0005f000,
- 0x0005b000, 0x0005d800, 0x00058800, 0x0005e000,
- 0x0005b800, 0X0005F800, 0x0005a800, 0x00059800,
- 0x00022000, 0x00025000, 0x00024800, 0x00021000,
- 0x00026800, 0x00024000, 0x00020000, 0x00027000,
- 0X00023000, 0x00025800, 0x00020800, 0x00026000,
- 0x00023800, 0x00027800, 0x00022800, 0x00021800,
- 0x00062000, 0x00065000, 0x00064800, 0x00061000,
- 0x00066800, 0x00064000, 0x00060000, 0x00067000,
- 0x00063000, 0x00065800, 0x00060800, 0x00066000,
- 0x00063800, 0x00067800, 0x00062800, 0x00061800,
- 0x00032000, 0x00035000, 0x00034800, 0x00031000,
- 0x00036800, 0x00034000, 0x00030000, 0x00037000,
- 0x00033000, 0x00035800, 0x00030800, 0x00036000,
- 0x00033800, 0x00037800, 0x00032800, 0x00031800,
- 0x0006a000, 0x0006d000, 0x0006c800, 0x00069000,
- 0x0006e800, 0x0006c000, 0x00068000, 0x0006f000,
- 0x0006b000, 0x0006d800, 0x00068800, 0x0006e000,
- 0x0006b800, 0x0006f800, 0x0006a800, 0x00069800,
- 0x0007a000, 0x0007d000, 0x0007c800, 0x00079000,
- 0x0007e800, 0x0007c000, 0x00078000, 0x0007f000,
- 0x0007b000, 0x0007d800, 0x00078800, 0x0007e000,
- 0x0007b800, 0x0007f800, 0x0007a800, 0x00079800,
- 0x00052000, 0x00055000, 0x00054800, 0x00051000,
- 0x00056800, 0x00054000, 0x00050000, 0x00057000,
- 0x00053000, 0x00055800, 0x00050800, 0x00056000,
- 0x00053800, 0x00057800, 0x00052800, 0x00051800,
- 0x00012000, 0x00015000, 0x00014800, 0x00011000,
- 0x00016800, 0x00014000, 0x00010000, 0x00017000,
- 0x00013000, 0x00015800, 0x00010800, 0x00016000,
- 0x00013800, 0x00017800, 0x00012800, 0x00011800,
- 0x0001a000, 0x0001d000, 0x0001c800, 0x00019000,
- 0x0001e800, 0x0001c000, 0x00018000, 0x0001f000,
- 0x0001b000, 0x0001d800, 0x00018800, 0x0001e000,
- 0x0001b800, 0x0001f800, 0x0001a800, 0x00019800,
- 0x00042000, 0x00045000, 0x00044800, 0x00041000,
- 0x00046800, 0x00044000, 0x00040000, 0x00047000,
- 0x00043000, 0x00045800, 0x00040800, 0x00046000,
- 0x00043800, 0x00047800, 0x00042800, 0x00041800,
- 0x0000a000, 0x0000d000, 0x0000c800, 0x00009000,
- 0x0000e800, 0x0000c000, 0x00008000, 0x0000f000,
- 0x0000b000, 0x0000d800, 0x00008800, 0x0000e000,
- 0x0000b800, 0x0000f800, 0x0000a800, 0x00009800,
- 0x00002000, 0x00005000, 0x00004800, 0x00001000,
- 0x00006800, 0x00004000, 0x00000000, 0x00007000,
- 0x00003000, 0x00005800, 0x00000800, 0x00006000,
- 0x00003800, 0x00007800, 0x00002800, 0x00001800,
- 0x0003a000, 0x0003d000, 0x0003c800, 0x00039000,
- 0x0003e800, 0x0003c000, 0x00038000, 0x0003f000,
- 0x0003b000, 0x0003d800, 0x00038800, 0x0003e000,
- 0x0003b800, 0x0003f800, 0x0003a800, 0x00039800,
- 0x0002a000, 0x0002d000, 0x0002c800, 0x00029000,
- 0x0002e800, 0x0002c000, 0x00028000, 0x0002f000,
- 0x0002b000, 0x0002d800, 0x00028800, 0x0002e000,
- 0x0002b800, 0x0002f800, 0x0002a800, 0x00029800,
- 0x0004a000, 0x0004d000, 0x0004c800, 0x00049000,
- 0x0004e800, 0x0004c000, 0x00048000, 0x0004f000,
- 0x0004b000, 0x0004d800, 0x00048800, 0x0004e000,
- 0x0004b800, 0x0004f800, 0x0004a800, 0x00049800 },
- /* 1 */
- { 0x03a80000, 0x03c00000, 0x03880000, 0x03e80000,
- 0x03d00000, 0x03980000, 0x03a00000, 0x03900000,
- 0x03f00000, 0x03f80000, 0x03e00000, 0x03b80000,
- 0x03b00000, 0x03800000, 0x03c80000, 0x03d80000,
- 0x06a80000, 0x06c00000, 0x06880000, 0x06e80000,
- 0x06d00000, 0x06980000, 0x06a00000, 0x06900000,
- 0x06f00000, 0x06f80000, 0x06e00000, 0x06b80000,
- 0x06b00000, 0x06800000, 0x06c80000, 0x06d80000,
- 0x05280000, 0x05400000, 0x05080000, 0x05680000,
- 0x05500000, 0x05180000, 0x05200000, 0x05100000,
- 0x05700000, 0x05780000, 0x05600000, 0x05380000,
- 0x05300000, 0x05000000, 0x05480000, 0x05580000,
- 0x00a80000, 0x00c00000, 0x00880000, 0x00e80000,
- 0x00d00000, 0x00980000, 0x00a00000, 0x00900000,
- 0x00f00000, 0x00f80000, 0x00e00000, 0x00b80000,
- 0x00b00000, 0x00800000, 0x00c80000, 0x00d80000,
- 0x00280000, 0x00400000, 0x00080000, 0x00680000,
- 0x00500000, 0x00180000, 0x00200000, 0x00100000,
- 0x00700000, 0x00780000, 0x00600000, 0x00380000,
- 0x00300000, 0x00000000, 0x00480000, 0x00580000,
- 0x04280000, 0x04400000, 0x04080000, 0x04680000,
- 0x04500000, 0x04180000, 0x04200000, 0x04100000,
- 0x04700000, 0x04780000, 0x04600000, 0x04380000,
- 0x04300000, 0x04000000, 0x04480000, 0x04580000,
- 0x04a80000, 0x04c00000, 0x04880000, 0x04e80000,
- 0x04d00000, 0x04980000, 0x04a00000, 0x04900000,
- 0x04f00000, 0x04f80000, 0x04e00000, 0x04b80000,
- 0x04b00000, 0x04800000, 0x04c80000, 0x04d80000,
- 0x07a80000, 0x07c00000, 0x07880000, 0x07e80000,
- 0x07d00000, 0x07980000, 0x07a00000, 0x07900000,
- 0x07f00000, 0x07f80000, 0x07e00000, 0x07b80000,
- 0x07b00000, 0x07800000, 0x07c80000, 0x07d80000,
- 0x07280000, 0x07400000, 0x07080000, 0x07680000,
- 0x07500000, 0x07180000, 0x07200000, 0x07100000,
- 0x07700000, 0x07780000, 0x07600000, 0x07380000,
- 0x07300000, 0x07000000, 0x07480000, 0x07580000,
- 0x02280000, 0x02400000, 0x02080000, 0x02680000,
- 0x02500000, 0x02180000, 0x02200000, 0x02100000,
- 0x02700000, 0x02780000, 0x02600000, 0x02380000,
- 0x02300000, 0x02000000, 0x02480000, 0x02580000,
- 0x03280000, 0x03400000, 0x03080000, 0x03680000,
- 0x03500000, 0x03180000, 0x03200000, 0x03100000,
- 0x03700000, 0x03780000, 0x03600000, 0x03380000,
- 0x03300000, 0x03000000, 0x03480000, 0x03580000,
- 0x06280000, 0x06400000, 0x06080000, 0x06680000,
- 0x06500000, 0x06180000, 0x06200000, 0x06100000,
- 0x06700000, 0x06780000, 0x06600000, 0x06380000,
- 0x06300000, 0x06000000, 0x06480000, 0x06580000,
- 0x05a80000, 0x05c00000, 0x05880000, 0x05e80000,
- 0x05d00000, 0x05980000, 0x05a00000, 0x05900000,
- 0x05f00000, 0x05f80000, 0x05e00000, 0x05b80000,
- 0x05b00000, 0x05800000, 0x05c80000, 0x05d80000,
- 0x01280000, 0x01400000, 0x01080000, 0x01680000,
- 0x01500000, 0x01180000, 0x01200000, 0x01100000,
- 0x01700000, 0x01780000, 0x01600000, 0x01380000,
- 0x01300000, 0x01000000, 0x01480000, 0x01580000,
- 0x02a80000, 0x02c00000, 0x02880000, 0x02e80000,
- 0x02d00000, 0x02980000, 0x02a00000, 0x02900000,
- 0x02f00000, 0x02f80000, 0x02e00000, 0x02b80000,
- 0x02b00000, 0x02800000, 0x02c80000, 0x02d80000,
- 0x01a80000, 0x01c00000, 0x01880000, 0x01e80000,
- 0x01d00000, 0x01980000, 0x01a00000, 0x01900000,
- 0x01f00000, 0x01f80000, 0x01e00000, 0x01b80000,
- 0x01b00000, 0x01800000, 0x01c80000, 0x01d80000 },
- /* 2 */
- { 0x30000002, 0x60000002, 0x38000002, 0x08000002,
- 0x28000002, 0x78000002, 0x68000002, 0x40000002,
- 0x20000002, 0x50000002, 0x48000002, 0x70000002,
- 0x00000002, 0x18000002, 0x58000002, 0x10000002,
- 0xb0000005, 0xe0000005, 0xb8000005, 0x88000005,
- 0xa8000005, 0xf8000005, 0xe8000005, 0xc0000005,
- 0xa0000005, 0xd0000005, 0xc8000005, 0xf0000005,
- 0x80000005, 0x98000005, 0xd8000005, 0x90000005,
- 0x30000005, 0x60000005, 0x38000005, 0x08000005,
- 0x28000005, 0x78000005, 0x68000005, 0x40000005,
- 0x20000005, 0x50000005, 0x48000005, 0x70000005,
- 0x00000005, 0x18000005, 0x58000005, 0x10000005,
- 0x30000000, 0x60000000, 0x38000000, 0x08000000,
- 0x28000000, 0x78000000, 0x68000000, 0x40000000,
- 0x20000000, 0x50000000, 0x48000000, 0x70000000,
- 0x00000000, 0x18000000, 0x58000000, 0x10000000,
- 0xb0000003, 0xe0000003, 0xb8000003, 0x88000003,
- 0xa8000003, 0xf8000003, 0xe8000003, 0xc0000003,
- 0xa0000003, 0xd0000003, 0xc8000003, 0xf0000003,
- 0x80000003, 0x98000003, 0xd8000003, 0x90000003,
- 0x30000001, 0x60000001, 0x38000001, 0x08000001,
- 0x28000001, 0x78000001, 0x68000001, 0x40000001,
- 0x20000001, 0x50000001, 0x48000001, 0x70000001,
- 0x00000001, 0x18000001, 0x58000001, 0x10000001,
- 0xb0000000, 0xe0000000, 0xb8000000, 0x88000000,
- 0xa8000000, 0xf8000000, 0xe8000000, 0xc0000000,
- 0xa0000000, 0xd0000000, 0xc8000000, 0xf0000000,
- 0x80000000, 0x98000000, 0xd8000000, 0x90000000,
- 0xb0000006, 0xe0000006, 0xb8000006, 0x88000006,
- 0xa8000006, 0xf8000006, 0xe8000006, 0xc0000006,
- 0xa0000006, 0xd0000006, 0xc8000006, 0xf0000006,
- 0x80000006, 0x98000006, 0xd8000006, 0x90000006,
- 0xb0000001, 0xe0000001, 0xb8000001, 0x88000001,
- 0xa8000001, 0xf8000001, 0xe8000001, 0xc0000001,
- 0xa0000001, 0xd0000001, 0xc8000001, 0xf0000001,
- 0x80000001, 0x98000001, 0xd8000001, 0x90000001,
- 0x30000003, 0x60000003, 0x38000003, 0x08000003,
- 0x28000003, 0x78000003, 0x68000003, 0x40000003,
- 0x20000003, 0x50000003, 0x48000003, 0x70000003,
- 0x00000003, 0x18000003, 0x58000003, 0x10000003,
- 0x30000004, 0x60000004, 0x38000004, 0x08000004,
- 0x28000004, 0x78000004, 0x68000004, 0x40000004,
- 0x20000004, 0x50000004, 0x48000004, 0x70000004,
- 0x00000004, 0x18000004, 0x58000004, 0x10000004,
- 0xb0000002, 0xe0000002, 0xb8000002, 0x88000002,
- 0xa8000002, 0xf8000002, 0xe8000002, 0xc0000002,
- 0xa0000002, 0xd0000002, 0xc8000002, 0xf0000002,
- 0x80000002, 0x98000002, 0xd8000002, 0x90000002,
- 0xb0000004, 0xe0000004, 0xb8000004, 0x88000004,
- 0xa8000004, 0xf8000004, 0xe8000004, 0xc0000004,
- 0xa0000004, 0xd0000004, 0xc8000004, 0xf0000004,
- 0x80000004, 0x98000004, 0xd8000004, 0x90000004,
- 0x30000006, 0x60000006, 0x38000006, 0x08000006,
- 0x28000006, 0x78000006, 0x68000006, 0x40000006,
- 0x20000006, 0x50000006, 0x48000006, 0x70000006,
- 0x00000006, 0x18000006, 0x58000006, 0x10000006,
- 0xb0000007, 0xe0000007, 0xb8000007, 0x88000007,
- 0xa8000007, 0xf8000007, 0xe8000007, 0xc0000007,
- 0xa0000007, 0xd0000007, 0xc8000007, 0xf0000007,
- 0x80000007, 0x98000007, 0xd8000007, 0x90000007,
- 0x30000007, 0x60000007, 0x38000007, 0x08000007,
- 0x28000007, 0x78000007, 0x68000007, 0x40000007,
- 0x20000007, 0x50000007, 0x48000007, 0x70000007,
- 0x00000007, 0x18000007, 0x58000007, 0x10000007 },
- /* 3 */
- { 0x000000e8, 0x000000d8, 0x000000a0, 0x00000088,
- 0x00000098, 0x000000f8, 0x000000a8, 0x000000c8,
- 0x00000080, 0x000000d0, 0x000000f0, 0x000000b8,
- 0x000000b0, 0x000000c0, 0x00000090, 0x000000e0,
- 0x000007e8, 0x000007d8, 0x000007a0, 0x00000788,
- 0x00000798, 0x000007f8, 0x000007a8, 0x000007c8,
- 0x00000780, 0x000007d0, 0x000007f0, 0x000007b8,
- 0x000007b0, 0x000007c0, 0x00000790, 0x000007e0,
- 0x000006e8, 0x000006d8, 0x000006a0, 0x00000688,
- 0x00000698, 0x000006f8, 0x000006a8, 0x000006c8,
- 0x00000680, 0x000006d0, 0x000006f0, 0x000006b8,
- 0x000006b0, 0x000006c0, 0x00000690, 0x000006e0,
- 0x00000068, 0x00000058, 0x00000020, 0x00000008,
- 0x00000018, 0x00000078, 0x00000028, 0x00000048,
- 0x00000000, 0x00000050, 0x00000070, 0x00000038,
- 0x00000030, 0x00000040, 0x00000010, 0x00000060,
- 0x000002e8, 0x000002d8, 0x000002a0, 0x00000288,
- 0x00000298, 0x000002f8, 0x000002a8, 0x000002c8,
- 0x00000280, 0x000002d0, 0x000002f0, 0x000002b8,
- 0x000002b0, 0x000002c0, 0x00000290, 0x000002e0,
- 0x000003e8, 0x000003d8, 0x000003a0, 0x00000388,
- 0x00000398, 0x000003f8, 0x000003a8, 0x000003c8,
- 0x00000380, 0x000003d0, 0x000003f0, 0x000003b8,
- 0x000003b0, 0x000003c0, 0x00000390, 0x000003e0,
- 0x00000568, 0x00000558, 0x00000520, 0x00000508,
- 0x00000518, 0x00000578, 0x00000528, 0x00000548,
- 0x00000500, 0x00000550, 0x00000570, 0x00000538,
- 0x00000530, 0x00000540, 0x00000510, 0x00000560,
- 0x00000268, 0x00000258, 0x00000220, 0x00000208,
- 0x00000218, 0x00000278, 0x00000228, 0x00000248,
- 0x00000200, 0x00000250, 0x00000270, 0x00000238,
- 0x00000230, 0x00000240, 0x00000210, 0x00000260,
- 0x000004e8, 0x000004d8, 0x000004a0, 0x00000488,
- 0x00000498, 0x000004f8, 0x000004a8, 0x000004c8,
- 0x00000480, 0x000004d0, 0x000004f0, 0x000004b8,
- 0x000004b0, 0x000004c0, 0x00000490, 0x000004e0,
- 0x00000168, 0x00000158, 0x00000120, 0x00000108,
- 0x00000118, 0x00000178, 0x00000128, 0x00000148,
- 0x00000100, 0x00000150, 0x00000170, 0x00000138,
- 0x00000130, 0x00000140, 0x00000110, 0x00000160,
- 0x000001e8, 0x000001d8, 0x000001a0, 0x00000188,
- 0x00000198, 0x000001f8, 0x000001a8, 0x000001c8,
- 0x00000180, 0x000001d0, 0x000001f0, 0x000001b8,
- 0x000001b0, 0x000001c0, 0x00000190, 0x000001e0,
- 0x00000768, 0x00000758, 0x00000720, 0x00000708,
- 0x00000718, 0x00000778, 0x00000728, 0x00000748,
- 0x00000700, 0x00000750, 0x00000770, 0x00000738,
- 0x00000730, 0x00000740, 0x00000710, 0x00000760,
- 0x00000368, 0x00000358, 0x00000320, 0x00000308,
- 0x00000318, 0x00000378, 0x00000328, 0x00000348,
- 0x00000300, 0x00000350, 0x00000370, 0x00000338,
- 0x00000330, 0x00000340, 0x00000310, 0x00000360,
- 0x000005e8, 0x000005d8, 0x000005a0, 0x00000588,
- 0x00000598, 0x000005f8, 0x000005a8, 0x000005c8,
- 0x00000580, 0x000005d0, 0x000005f0, 0x000005b8,
- 0x000005b0, 0x000005c0, 0x00000590, 0x000005e0,
- 0x00000468, 0x00000458, 0x00000420, 0x00000408,
- 0x00000418, 0x00000478, 0x00000428, 0x00000448,
- 0x00000400, 0x00000450, 0x00000470, 0x00000438,
- 0x00000430, 0x00000440, 0x00000410, 0x00000460,
- 0x00000668, 0x00000658, 0x00000620, 0x00000608,
- 0x00000618, 0x00000678, 0x00000628, 0x00000648,
- 0x00000600, 0x00000650, 0x00000670, 0x00000638,
- 0x00000630, 0x00000640, 0x00000610, 0x00000660 }
-};
-
#include "gost.h"
+#include "gost-sb.h"
static gcry_err_code_t
gost_setkey (void *c, const byte *key, unsigned keylen)
@@ -315,6 +46,9 @@ gost_setkey (void *c, const byte *key, unsigned keylen)
if (keylen != 256 / 8)
return GPG_ERR_INV_KEYLEN;
+ if (!ctx->sbox)
+ ctx->sbox = sbox_test_3411;
+
for (i = 0; i < 8; i++)
{
ctx->key[i] = (key[4 * i + 3] << 24) |
@@ -329,10 +63,10 @@ static u32
gost_val (GOST28147_context *ctx, u32 cm1, int subkey)
{
cm1 += ctx->key[subkey];
- cm1 = test_sbox[0][ (cm1 >> 0) & 0xff] |
- test_sbox[1][ (cm1 >> 8) & 0xff] |
- test_sbox[2][ (cm1 >> 16) & 0xff] |
- test_sbox[3][ (cm1 >> 24) & 0xff];
+ cm1 = ctx->sbox[0*256 + ((cm1 >> 0) & 0xff)] |
+ ctx->sbox[1*256 + ((cm1 >> 8) & 0xff)] |
+ ctx->sbox[2*256 + ((cm1 >> 16) & 0xff)] |
+ ctx->sbox[3*256 + ((cm1 >> 24) & 0xff)];
return cm1;
}
--
2.0.0.rc2
More information about the Gcrypt-devel
mailing list