|
@ -24,7 +24,8 @@ |
|
|
|
|
|
|
|
|
#include "speck.h" |
|
|
#include "speck.h" |
|
|
|
|
|
|
|
|
#if defined (__AVX2__) // AVX support ----------------------------------------------------
|
|
|
|
|
|
|
|
|
#if defined (__AVX2__) // AVX support ----------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
@ -99,6 +100,7 @@ |
|
|
RK(B,A,k,key,21), RK(C,A,k,key,22), RK(D,A,k,key,23), RK(B,A,k,key,24), RK(C,A,k,key,25), RK(D,A,k,key,26), RK(B,A,k,key,27), \ |
|
|
RK(B,A,k,key,21), RK(C,A,k,key,22), RK(D,A,k,key,23), RK(B,A,k,key,24), RK(C,A,k,key,25), RK(D,A,k,key,26), RK(B,A,k,key,27), \ |
|
|
RK(C,A,k,key,28), RK(D,A,k,key,29), RK(B,A,k,key,30), RK(C,A,k,key,31), RK(D,A,k,key,32), RK(B,A,k,key,33)) |
|
|
RK(C,A,k,key,28), RK(D,A,k,key,29), RK(B,A,k,key,30), RK(C,A,k,key,31), RK(D,A,k,key,32), RK(B,A,k,key,33)) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int speck_encrypt_xor(unsigned char *out, const unsigned char *in, u64 nonce[], speck_context_t *ctx, int numbytes) { |
|
|
static int speck_encrypt_xor(unsigned char *out, const unsigned char *in, u64 nonce[], speck_context_t *ctx, int numbytes) { |
|
|
|
|
|
|
|
|
u64 x[2], y[2]; |
|
|
u64 x[2], y[2]; |
|
@ -226,7 +228,7 @@ static int speck_expand_key (const unsigned char *k, speck_context_t *ctx) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#elif defined (__SSE2__) // SSE support ------------------------------------------------------------
|
|
|
#elif defined (__SSE2__) // SSE support ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
@ -350,6 +352,7 @@ static int speck_encrypt_xor (unsigned char *out, const unsigned char *in, u64 n |
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// attention: ctx is provided by value as it is faster in this case, astonishingly
|
|
|
// attention: ctx is provided by value as it is faster in this case, astonishingly
|
|
|
static int internal_speck_ctr (unsigned char *out, const unsigned char *in, unsigned long long inlen, |
|
|
static int internal_speck_ctr (unsigned char *out, const unsigned char *in, unsigned long long inlen, |
|
|
const unsigned char *n, const speck_context_t ctx) { |
|
|
const unsigned char *n, const speck_context_t ctx) { |
|
@ -416,7 +419,7 @@ static int speck_expand_key (const unsigned char *k, speck_context_t *ctx) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#elif defined (__ARM_NEON) // NEON support -------------------------------------------
|
|
|
#elif defined (__ARM_NEON) // NEON support -------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
|
#define LCS(x,r) (((x)<<r)|((x)>>(64-r))) |
|
@ -588,7 +591,7 @@ static int speck_expand_key (const unsigned char *k, speck_context_t *ctx) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#else // plain C ----------------------------------------------------------------
|
|
|
#else // plain C ----------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define ROR(x,r) (((x)>>(r))|((x)<<(64-(r)))) |
|
|
#define ROR(x,r) (((x)>>(r))|((x)<<(64-(r)))) |
|
@ -631,6 +634,7 @@ static int internal_speck_ctr (unsigned char *out, const unsigned char *in, unsi |
|
|
t += 2; |
|
|
t += 2; |
|
|
inlen -= 16; |
|
|
inlen -= 16; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if(inlen > 0) { |
|
|
if(inlen > 0) { |
|
|
x = nonce[1]; y = nonce[0]; |
|
|
x = nonce[1]; y = nonce[0]; |
|
|
speck_encrypt(&x, &y, ctx); |
|
|
speck_encrypt(&x, &y, ctx); |
|
@ -640,6 +644,7 @@ static int internal_speck_ctr (unsigned char *out, const unsigned char *in, unsi |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
free(block); |
|
|
free(block); |
|
|
|
|
|
|
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -661,11 +666,12 @@ static int speck_expand_key (const unsigned char *k, speck_context_t *ctx) { |
|
|
R(K[3], K[0], i + 2); |
|
|
R(K[3], K[0], i + 2); |
|
|
} |
|
|
} |
|
|
ctx->key[33] = K[0]; |
|
|
ctx->key[33] = K[0]; |
|
|
|
|
|
|
|
|
return 1; |
|
|
return 1; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#endif // AVX, SSE, NEON, plain C
|
|
|
#endif // AVX, SSE, NEON, plain C ------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// this functions wraps the call to internal speck_ctr functions which have slightly different
|
|
|
// this functions wraps the call to internal speck_ctr functions which have slightly different
|
|
@ -706,17 +712,19 @@ int speck_deinit (speck_context_t *ctx) { |
|
|
free(ctx); |
|
|
free(ctx); |
|
|
#endif |
|
|
#endif |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ----------------------------------------------------------------------------------------
|
|
|
// ----------------------------------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// cipher SPECK -- 128 bit block size -- 128 bit key size -- CTR mode
|
|
|
// cipher SPECK -- 128 bit block size -- 128 bit key size -- CTR mode
|
|
|
// used for header encryption, thus the prefix 'he_'
|
|
|
// used for header encryption, thus the postfix '_he'
|
|
|
// for now: just plain C -- AVX, SSE, NEON do not make sense for short header
|
|
|
// for now: just plain C -- AVX, SSE, NEON do not make sense for short header
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#define ROR64(x,r) (((x)>>(r))|((x)<<(64-(r)))) |
|
|
#define ROR64(x,r) (((x)>>(r))|((x)<<(64-(r)))) |
|
|
#define ROL64(x,r) (((x)<<(r))|((x)>>(64-(r)))) |
|
|
#define ROL64(x,r) (((x)<<(r))|((x)>>(64-(r)))) |
|
|
#define R64(x,y,k) (x=ROR64(x,8), x+=y, x^=k, y=ROL64(y,3), y^=x) |
|
|
#define R64(x,y,k) (x=ROR64(x,8), x+=y, x^=k, y=ROL64(y,3), y^=x) |
|
@ -745,6 +753,7 @@ int speck_he (unsigned char *out, const unsigned char *in, unsigned long long in |
|
|
free(block); |
|
|
free(block); |
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
nonce[0] = htole64 ( ((u64*)n)[0] ); |
|
|
nonce[0] = htole64 ( ((u64*)n)[0] ); |
|
|
nonce[1] = htole64 ( ((u64*)n)[1] ); |
|
|
nonce[1] = htole64 ( ((u64*)n)[1] ); |
|
|
|
|
|
|
|
@ -767,6 +776,7 @@ int speck_he (unsigned char *out, const unsigned char *in, unsigned long long in |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
free(block); |
|
|
free(block); |
|
|
|
|
|
|
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -783,18 +793,20 @@ int speck_expand_key_he (const unsigned char *k, speck_context_t *ctx) { |
|
|
ctx->key[i] = A; |
|
|
ctx->key[i] = A; |
|
|
R64(B, A, i); |
|
|
R64(B, A, i); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
return 1; |
|
|
return 1; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ----------------------------------------------------------------------------------------
|
|
|
// ----------------------------------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// cipher SPECK -- 96 bit block size -- 96 bit key size -- ECB mode
|
|
|
// cipher SPECK -- 96 bit block size -- 96 bit key size -- ECB mode
|
|
|
// follows endianess rules as used in official implementation guide and NOT as in original 2013 cipher presentation
|
|
|
// follows endianess rules as used in official implementation guide and NOT as in original 2013 cipher presentation
|
|
|
// used for IV in header encryption, thus the prefix 'he_iv_'
|
|
|
// used for IV in header encryption, thus the in/postfix 'he_iv'
|
|
|
// for now: just plain C -- probably no need for AVX, SSE, NEON
|
|
|
// for now: just plain C -- probably no need for AVX, SSE, NEON
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// prerequisite: lower 16 bit reset
|
|
|
// prerequisite: lower 16 bit reset
|
|
|
#define ROTL48(x,r) (((((x)<<(r)) | (x>>(48-(r)))) >> 16) << 16) |
|
|
#define ROTL48(x,r) (((((x)<<(r)) | (x>>(48-(r)))) >> 16) << 16) |
|
|
#define ROTR48(x,r) (((((x)>>(r)) | ((x)<<(48-(r)))) >> 16) << 16) |
|
|
#define ROTR48(x,r) (((((x)>>(r)) | ((x)<<(48-(r)))) >> 16) << 16) |
|
|