-
Notifications
You must be signed in to change notification settings - Fork 5
/
haraka.c
87 lines (72 loc) · 1.75 KB
/
haraka.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/*
* Copyright (C) 2017 Nagravision S.A.
*/
#include "haraka.h"
#include <string.h>
void aesenc (uint8_t *s, const uint8_t *rk) {
uint8_t i, t, u, v[4][4];
for (i = 0; i < 16; ++i) v[((i / 4) + 4 - (i % 4)) % 4][i % 4] = sbox[s[i]];
for (i = 0; i < 4; ++i) {
t = v[i][0];
u = v[i][0] ^ v[i][1] ^ v[i][2] ^ v[i][3];
v[i][0] ^= u ^ XT (v[i][0] ^ v[i][1]);
v[i][1] ^= u ^ XT (v[i][1] ^ v[i][2]);
v[i][2] ^= u ^ XT (v[i][2] ^ v[i][3]);
v[i][3] ^= u ^ XT (v[i][3] ^ t);
}
for (i = 0; i < 16; ++i) s[i] = v[i / 4][i % 4] ^ rk[i];
}
void haraka256 (uint8_t *out, const uint8_t *in) {
uint8_t s0[16], s1[16];
uint32_t tmp[4];
int i;
memcpy (s0, in, 16);
memcpy (s1, in + 16, 16);
AES2 (0);
MIX2;
AES2 (4);
MIX2;
AES2 (8);
MIX2;
AES2 (12);
MIX2;
AES2 (16);
MIX2;
AES2 (20);
MIX2;
for (i = 0; i < 16; ++i) {
out[i] = in[i] ^ s0[i];
out[i + 16] = in[i + 16] ^ s1[i];
}
}
void haraka512 (uint8_t *out, const uint8_t *in) {
uint8_t s0[16], s1[16], s2[16], s3[16];
uint32_t tmp[5];
int i;
memcpy (s0, in, 16);
memcpy (s1, in + 16, 16);
memcpy (s2, in + 32, 16);
memcpy (s3, in + 48, 16);
AES4 (0);
MIX4;
AES4 (8);
MIX4;
AES4 (16);
MIX4;
AES4 (24);
MIX4;
AES4 (32);
MIX4;
AES4 (40);
MIX4;
for (i = 0; i < 16; ++i) {
s0[i] = in[i] ^ s0[i];
s1[i] = in[i + 16] ^ s1[i];
s2[i] = in[i + 32] ^ s2[i];
s3[i] = in[i + 48] ^ s3[i];
}
((uint64_t *)out)[0] = ((uint64_t *)s0)[1];
((uint64_t *)out)[1] = ((uint64_t *)s1)[1];
((uint64_t *)out)[2] = ((uint64_t *)s2)[0];
((uint64_t *)out)[3] = ((uint64_t *)s3)[0];
}