[PATCH 2/4] cast5: read Kr four blocks at time and shift for current round
Jussi Kivilinna
jussi.kivilinna at iki.fi
Sun Mar 31 17:59:34 CEST 2019
* cipher/cast5.c (do_encrypt_block, do_decrypt_block): Read Kr as
32-bit words instead of bytes and shift value for each round.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
cipher/cast5.c | 72 ++++++++++++++++++++++++++++----------------------------
1 file changed, 36 insertions(+), 36 deletions(-)
diff --git a/cipher/cast5.c b/cipher/cast5.c
index cc5bd9d66..65485ba23 100644
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@@ -483,10 +483,10 @@ do_encrypt_block( CAST5_context *c, byte *outbuf, const byte *inbuf )
u32 l, r, t;
u32 I; /* used by the Fx macros */
u32 *Km;
- byte *Kr;
+ u32 Kr;
Km = c->Km;
- Kr = c->Kr;
+ Kr = buf_get_le32(c->Kr + 0);
/* (L0,R0) <-- (m1...m64). (Split the plaintext into left and
* right 32-bit halves L0 = m1...m32 and R0 = m33...m64.)
@@ -502,22 +502,22 @@ do_encrypt_block( CAST5_context *c, byte *outbuf, const byte *inbuf )
* Rounds 3, 6, 9, 12, and 15 use f function Type 3.
*/
- t = l; l = r; r = t ^ F1(r, Km[ 0], Kr[ 0]);
- t = l; l = r; r = t ^ F2(r, Km[ 1], Kr[ 1]);
- t = l; l = r; r = t ^ F3(r, Km[ 2], Kr[ 2]);
- t = l; l = r; r = t ^ F1(r, Km[ 3], Kr[ 3]);
- t = l; l = r; r = t ^ F2(r, Km[ 4], Kr[ 4]);
- t = l; l = r; r = t ^ F3(r, Km[ 5], Kr[ 5]);
- t = l; l = r; r = t ^ F1(r, Km[ 6], Kr[ 6]);
- t = l; l = r; r = t ^ F2(r, Km[ 7], Kr[ 7]);
- t = l; l = r; r = t ^ F3(r, Km[ 8], Kr[ 8]);
- t = l; l = r; r = t ^ F1(r, Km[ 9], Kr[ 9]);
- t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]);
- t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]);
- t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]);
- t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]);
- t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]);
- t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]);
+ t = l; l = r; r = t ^ F1(r, Km[ 0], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[ 1], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[ 2], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 3], Kr & 31); Kr = buf_get_le32(c->Kr + 4);
+ t = l; l = r; r = t ^ F2(r, Km[ 4], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[ 5], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 6], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[ 7], Kr & 31); Kr = buf_get_le32(c->Kr + 8);
+ t = l; l = r; r = t ^ F3(r, Km[ 8], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 9], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[10], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[11], Kr & 31); Kr = buf_get_le32(c->Kr + 12);
+ t = l; l = r; r = t ^ F1(r, Km[12], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[13], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[14], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[15], Kr & 31);
/* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and
* concatenate to form the ciphertext.) */
@@ -540,30 +540,30 @@ do_decrypt_block (CAST5_context *c, byte *outbuf, const byte *inbuf )
u32 l, r, t;
u32 I;
u32 *Km;
- byte *Kr;
+ u32 Kr;
Km = c->Km;
- Kr = c->Kr;
+ Kr = buf_get_be32(c->Kr + 12);
l = buf_get_be32(inbuf + 0);
r = buf_get_be32(inbuf + 4);
- t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]);
- t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]);
- t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]);
- t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]);
- t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]);
- t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]);
- t = l; l = r; r = t ^ F1(r, Km[ 9], Kr[ 9]);
- t = l; l = r; r = t ^ F3(r, Km[ 8], Kr[ 8]);
- t = l; l = r; r = t ^ F2(r, Km[ 7], Kr[ 7]);
- t = l; l = r; r = t ^ F1(r, Km[ 6], Kr[ 6]);
- t = l; l = r; r = t ^ F3(r, Km[ 5], Kr[ 5]);
- t = l; l = r; r = t ^ F2(r, Km[ 4], Kr[ 4]);
- t = l; l = r; r = t ^ F1(r, Km[ 3], Kr[ 3]);
- t = l; l = r; r = t ^ F3(r, Km[ 2], Kr[ 2]);
- t = l; l = r; r = t ^ F2(r, Km[ 1], Kr[ 1]);
- t = l; l = r; r = t ^ F1(r, Km[ 0], Kr[ 0]);
+ t = l; l = r; r = t ^ F1(r, Km[15], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[14], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[13], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[12], Kr & 31); Kr = buf_get_be32(c->Kr + 8);
+ t = l; l = r; r = t ^ F3(r, Km[11], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[10], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 9], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[ 8], Kr & 31); Kr = buf_get_be32(c->Kr + 4);
+ t = l; l = r; r = t ^ F2(r, Km[ 7], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 6], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[ 5], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[ 4], Kr & 31); Kr = buf_get_be32(c->Kr + 0);
+ t = l; l = r; r = t ^ F1(r, Km[ 3], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F3(r, Km[ 2], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F2(r, Km[ 1], Kr & 31); Kr >>= 8;
+ t = l; l = r; r = t ^ F1(r, Km[ 0], Kr & 31);
buf_put_be32(outbuf + 0, r);
buf_put_be32(outbuf + 4, l);
More information about the Gcrypt-devel
mailing list