3 * Bitslice S-box implementations
5 * (c) 2000 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of Catacomb.
12 * Catacomb is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU Library General Public License as
14 * published by the Free Software Foundation; either version 2 of the
15 * License, or (at your option) any later version.
17 * Catacomb is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU Library General Public License for more details.
22 * You should have received a copy of the GNU Library General Public
23 * License along with Catacomb; if not, write to the Free
24 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
28 /*----- Credit where it's due ---------------------------------------------*
30 * These S-box expressions are taken from the paper `Speeding up Serpent', by
31 * Dag Arne Osvik, submitted to AES3.
34 #ifndef CATACOMB_SERPENT_SBOX_H
35 #define CATACOMB_SERPENT_SBOX_H
41 /*----- Header files ------------------------------------------------------*/
43 #include <mLib/bits.h>
45 /*----- Macros provided ---------------------------------------------------*/
49 #define S0(r0, r1, r2, r3) do { \
51 r3 ^= r0; r4 = r1; r1 &= r3; r4 ^= r2; \
52 r1 ^= r0; r0 |= r3; r0 ^= r4; r4 ^= r3; \
53 r3 ^= r2; r2 |= r1; r2 ^= r4; r4 = ~r4; \
54 r4 |= r1; r1 ^= r3; r1 ^= r4; r3 |= r0; \
56 r3 = r0; r0 = r1; r1 = r4; \
59 #define IS0(r0, r1, r2, r3) do { \
61 r2 = ~r2; r4 = r1; r1 |= r0; r4 = ~r4; \
62 r1 ^= r2; r2 |= r4; r1 ^= r3; r0 ^= r4; \
63 r2 ^= r0; r0 &= r3; r4 ^= r0; r0 |= r1; \
64 r0 ^= r2; r3 ^= r4; r2 ^= r1; r3 ^= r0; \
65 r3 ^= r1; r2 &= r3; r4 ^= r2; \
71 #define S1(r0, r1, r2, r3) do { \
73 r0 = ~r0; r2 = ~r2; r4 = r0; r0 &= r1; \
74 r2 ^= r0; r0 |= r3; r3 ^= r2; r1 ^= r0; \
75 r0 ^= r4; r4 |= r1; r1 ^= r3; r2 |= r0; \
76 r2 &= r4; r0 ^= r1; r1 &= r2; r1 ^= r0; \
78 r4 = r0; r0 = r2; r2 = r3; r3 = r1; r1 = r4; \
81 #define IS1(r0, r1, r2, r3) do { \
83 r4 = r1; r1 ^= r3; r3 &= r1; r4 ^= r2; \
84 r3 ^= r0; r0 |= r1; r2 ^= r3; r0 ^= r4; \
85 r0 |= r2; r1 ^= r3; r0 ^= r1; r1 |= r3; \
86 r1 ^= r0; r4 = ~r4; r4 ^= r1; r1 |= r0; \
87 r1 ^= r0; r1 |= r4; r3 ^= r1; \
88 r1 = r0; r0 = r4; r4 = r2; r2 = r3; r3 = r4; \
93 #define S2(r0, r1, r2, r3) do { \
95 r4 = r0; r0 &= r2; r0 ^= r3; r2 ^= r1; \
96 r2 ^= r0; r3 |= r4; r3 ^= r1; r4 ^= r2; \
97 r1 = r3; r3 |= r4; r3 ^= r0; r0 &= r1; \
98 r4 ^= r0; r1 ^= r3; r1 ^= r4; r4 = ~r4; \
99 r0 = r2; r2 = r1; r1 = r3; r3 = r4; \
102 #define IS2(r0, r1, r2, r3) do { \
104 r2 ^= r3; r3 ^= r0; r4 = r3; r3 &= r2; \
105 r3 ^= r1; r1 |= r2; r1 ^= r4; r4 &= r3; \
106 r2 ^= r3; r4 &= r0; r4 ^= r2; r2 &= r1; \
107 r2 |= r0; r3 = ~r3; r2 ^= r3; r0 ^= r3; \
108 r0 &= r1; r3 ^= r4; r3 ^= r0; \
114 #define S3(r0, r1, r2, r3) do { \
116 r4 = r0; r0 |= r3; r3 ^= r1; r1 &= r4; \
117 r4 ^= r2; r2 ^= r3; r3 &= r0; r4 |= r1; \
118 r3 ^= r4; r0 ^= r1; r4 &= r0; r1 ^= r3; \
119 r4 ^= r2; r1 |= r0; r1 ^= r2; r0 ^= r3; \
120 r2 = r1; r1 |= r3; r1 ^= r0; \
121 r0 = r1; r1 = r2; r2 = r3; r3 = r4; \
124 #define IS3(r0, r1, r2, r3) do { \
126 r4 = r2; r2 ^= r1; r0 ^= r2; r4 &= r2; \
127 r4 ^= r0; r0 &= r1; r1 ^= r3; r3 |= r4; \
128 r2 ^= r3; r0 ^= r3; r1 ^= r4; r3 &= r2; \
129 r3 ^= r1; r1 ^= r0; r1 |= r2; r0 ^= r3; \
130 r1 ^= r4; r0 ^= r1; \
131 r4 = r0; r0 = r2; r2 = r3; r3 = r4; \
136 #define S4(r0, r1, r2, r3) do { \
138 r1 ^= r3; r3 = ~r3; r2 ^= r3; r3 ^= r0; \
139 r4 = r1; r1 &= r3; r1 ^= r2; r4 ^= r3; \
140 r0 ^= r4; r2 &= r4; r2 ^= r0; r0 &= r1; \
141 r3 ^= r0; r4 |= r1; r4 ^= r0; r0 |= r3; \
142 r0 ^= r2; r2 &= r3; r0 = ~r0; r4 ^= r2; \
143 r2 = r0; r0 = r1; r1 = r4; \
146 #define IS4(r0, r1, r2, r3) do { \
148 r4 = r2; r2 &= r3; r2 ^= r1; r1 |= r3; \
149 r1 &= r0; r4 ^= r2; r4 ^= r1; r1 &= r2; \
150 r0 = ~r0; r3 ^= r4; r1 ^= r3; r3 &= r0; \
151 r3 ^= r2; r0 ^= r1; r2 &= r0; r3 ^= r0; \
152 r2 ^= r4, r2 |= r3; r3 ^= r0; r2 ^= r1; \
158 #define S5(r0, r1, r2, r3) do { \
160 r0 ^= r1; r1 ^= r3; r3 = ~r3; r4 = r1; \
161 r1 &= r0; r2 ^= r3; r1 ^= r2; r2 |= r4; \
162 r4 ^= r3; r3 &= r1; r3 ^= r0; r4 ^= r1; \
163 r4 ^= r2; r2 ^= r0; r0 &= r3; r2 = ~r2; \
164 r0 ^= r4; r4 |= r3; r2 ^= r4; \
165 r4 = r3; r3 = r2; r2 = r0; r0 = r1; r1 = r4; \
168 #define IS5(r0, r1, r2, r3) do { \
170 r1 = ~r1; r4 = r3; r2 ^= r1; r3 |= r0; \
171 r3 ^= r2; r2 |= r1; r2 &= r0; r4 ^= r3; \
172 r2 ^= r4; r4 |= r0; r4 ^= r1; r1 &= r2; \
173 r1 ^= r3; r4 ^= r2; r3 &= r4; r4 ^= r1; \
174 r3 ^= r4; r4 = ~r4; r3 ^= r0; \
175 r0 = r1; r1 = r4; r4 = r3; r3 = r2; r2 = r4; \
180 #define S6(r0, r1, r2, r3) do { \
182 r2 = ~r2; r4 = r3; r3 &= r0; r0 ^= r4; \
183 r3 ^= r2; r2 |= r4; r1 ^= r3; r2 ^= r0; \
184 r0 |= r1; r2 ^= r1; r4 ^= r0; r0 |= r3; \
185 r0 ^= r2; r4 ^= r3; r4 ^= r0; r3 = ~r3; \
186 r2 &= r4; r2 ^= r3; \
190 #define IS6(r0, r1, r2, r3) do { \
192 r0 ^= r2; r4 = r2; r2 &= r0; r4 ^= r3; \
193 r2 = ~r2; r3 ^= r1; r2 ^= r3; r4 |= r0; \
194 r0 ^= r2; r3 ^= r4; r4 ^= r1; r1 &= r3; \
195 r1 ^= r0; r0 ^= r3; r0 |= r2; r3 ^= r1; \
197 r0 = r1; r1 = r2; r2 = r4; \
202 #define S7(r0, r1, r2, r3) do { \
204 r4 = r1; r1 |= r2; r1 ^= r3; r4 ^= r2; \
205 r2 ^= r1; r3 |= r4; r3 &= r0; r4 ^= r2; \
206 r3 ^= r1; r1 |= r4; r1 ^= r0; r0 |= r4; \
207 r0 ^= r2; r1 ^= r4; r2 ^= r1; r1 &= r0; \
208 r1 ^= r4; r2 = ~r2; r2 |= r0; r4 ^= r2; \
209 r2 = r1; r1 = r3; r3 = r0; r0 = r4; \
212 #define IS7(r0, r1, r2, r3) do { \
214 r4 = r2; r2 ^= r0; r0 &= r3; r4 |= r3; \
215 r2 = ~r2; r3 ^= r1; r1 |= r0; r0 ^= r2; \
216 r2 &= r4; r3 &= r4; r1 ^= r2; r2 ^= r0; \
217 r0 |= r2; r4 ^= r1; r0 ^= r3; r3 ^= r4; \
218 r4 |= r0; r3 ^= r2; r4 ^= r2; \
219 r2 = r1; r1 = r0; r0 = r3; r3 = r4; \
222 /*----- That's all, folks -------------------------------------------------*/