24#define S0(x) (rotrConstant<2>(x)^rotrConstant<13>(x)^rotrConstant<22>(x))
25#define S1(x) (rotrConstant<6>(x)^rotrConstant<11>(x)^rotrConstant<25>(x))
26#define s0(x) (rotrConstant<7>(x)^rotrConstant<18>(x)^(x>>3))
27#define s1(x) (rotrConstant<17>(x)^rotrConstant<19>(x)^(x>>10))
29#define Ch(x,y,z) (z^(x&(y^z)))
30#define Maj(x,y,z) ((x&y)|(z&(x|y)))
34#define R(a,b,c,d,e,f,g,h,k) \
35 h+=S1(e)+Ch(e,f,g)+*k++;d+=h;h+=S0(a)+Maj(a,b,c);
39#define P(a,b,c,d,e,f,g,h,k) \
40 h-=S0(a)+Maj(a,b,c);d-=h;h-=S1(e)+Ch(e,f,g)+*--k;
42#if CRYPTOPP_SHANI_AVAILABLE
43extern void SHACAL2_Enc_ProcessAndXorBlock_SHANI(
const word32* subKeys,
44 const byte *inBlock,
const byte *xorBlock,
byte *outBlock);
47std::string SHACAL2::Base::AlgorithmProvider()
const
49#if CRYPTOPP_SHANI_AVAILABLE
56void SHACAL2::Base::UncheckedSetKey(
const byte *userKey,
unsigned int keylen,
const NameValuePairs &)
58 AssertValidKeyLength(keylen);
66 for (i = 0; i < 48; i++, rk++)
68 rk[16] = rk[0] + s0(rk[1]) + rk[9] + s1(rk[14]);
71 for (i = 48; i < 64; i++, rk++)
79void SHACAL2::Enc::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock,
byte *outBlock)
const
81#if CRYPTOPP_SHANI_AVAILABLE
84 SHACAL2_Enc_ProcessAndXorBlock_SHANI(m_key, inBlock, xorBlock, outBlock);
89 word32 a, b, c, d, e, f, g, h;
95 Block::Get(inBlock)(a)(b)(c)(d)(e)(f)(g)(h);
100 for (
unsigned int j=0; j<64; j+=8)
102 R(a,b,c,d,e,f,g,h,rk);
103 R(h,a,b,c,d,e,f,g,rk);
104 R(g,h,a,b,c,d,e,f,rk);
105 R(f,g,h,a,b,c,d,e,rk);
106 R(e,f,g,h,a,b,c,d,rk);
107 R(d,e,f,g,h,a,b,c,rk);
108 R(c,d,e,f,g,h,a,b,rk);
109 R(b,c,d,e,f,g,h,a,rk);
116 Block::Put(xorBlock, outBlock)(a)(b)(c)(d)(e)(f)(g)(h);
119void SHACAL2::Dec::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock,
byte *outBlock)
const
121 word32 a, b, c, d, e, f, g, h;
122 const word32 *rk = m_key + 64;
127 Block::Get(inBlock)(a)(b)(c)(d)(e)(f)(g)(h);
132 for (
unsigned int j=0; j<64; j+=8)
134 P(b,c,d,e,f,g,h,a,rk);
135 P(c,d,e,f,g,h,a,b,rk);
136 P(d,e,f,g,h,a,b,c,rk);
137 P(e,f,g,h,a,b,c,d,rk);
138 P(f,g,h,a,b,c,d,e,rk);
139 P(g,h,a,b,c,d,e,f,rk);
140 P(h,a,b,c,d,e,f,g,rk);
141 P(a,b,c,d,e,f,g,h,rk);
148 Block::Put(xorBlock, outBlock)(a)(b)(c)(d)(e)(f)(g)(h);
152const word32 SHACAL2::Base::K[64] =
154 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
155 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
156 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
157 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
158 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
159 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
160 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
161 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
162 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
163 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
164 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
165 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
166 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
167 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
168 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
169 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
Interface for retrieving values given their names.
Access a block of memory.
Library configuration file.
unsigned int word32
32-bit unsigned datatype
Functions for CPU features and intrinsics.
@ BIG_ENDIAN_ORDER
byte order is big-endian
Utility functions for the Crypto++ library.
void GetUserKey(ByteOrder order, T *out, size_t outlen, const byte *in, size_t inlen)
Copy bytes in a buffer to an array of elements in big-endian order.
Crypto++ library namespace.
Classes for the SHACAL-2 block cipher.
Access a block of memory.