Bad bug makes all previous testing worthless.

[storin] / storin.c

/* -*-c-*-
 *
 * $Id: storin.c,v 1.1 2000/05/21 11:28:30 mdw Exp $
 *
 * Block cipher optimized for DSPs
 *
 * (c) 2000 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * Copyright (c) 2000 Mark Wooding
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * 
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 
 * 2, Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 
 * 3. The name of the authors may not be used to endorse or promote
 *    products derived from this software without specific prior written
 *    permission.
 * 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN
 * NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 * 
 * Instead of accepting the above terms, you may redistribute and/or modify
 * this software under the terms of either the GNU General Public License,
 * or the GNU Library General Public License, published by the Free
 * Software Foundation; either version 2 of the License, or (at your
 * option) any later version.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: storin.c,v $
 * Revision 1.1  2000/05/21 11:28:30  mdw
 * Initial check-in.
 *
 */

/*----- Header files ------------------------------------------------------*/

#include "storin.h"
#include "storin-tab.h"

#include "matrix.h"

/*----- Debugging output --------------------------------------------------*/

/* #define DEBUG */
/* #define TIMER */

#ifdef DEBUG
#  include <stdio.h>
#  define D(x) x
#else
#  define D(x)
#endif

/*----- The constant matrix -----------------------------------------------*/

static const uint24 m[] = STORIN_M, mi[] = STORIN_MI;

/*----- Main code ---------------------------------------------------------*/

/* --- @storin_init24@ --- *
 *
 * Arguments:	@storin_ctx *k@ = pointer to cipher context to initialize
 *		@const uint24 *buf@ = pointer to buffer of key material
 *		@size_t sz@ = size of the key material
 *
 * Returns:	---
 *
 * Use:		Initializes the storin for use.
 */

void storin_init24(storin_ctx *k, const uint24 *buf, size_t sz)
{
  unsigned i, n;
  uint24 mm[16];
  const uint24 *d;
  uint24 *dd;

#define KEYS (4 * (STORIN_ROUNDS + 1))

  D( puts("Key schedule...\n"); )

  /* --- Seed the subkey array --- */

  d = m;
  dd = k->k;
  n = KEYS;
  while (n > 15) {
    matmul(dd, d, m, 4, 4, 4);
    n -= 16;
    d = dd;
    dd += 16;
  }
  matmul(mm, d, m, 4, 4, 4);
  for (i = 0; i < n; i++)
    *dd++ = mm[i];

  D( puts("Constant initial array contents:");
     for (i = 0; i < KEYS; i++) {
       printf("%06x ", k->k[i]);
       if (i % 4 == 3)
	 fputc('\n', stdout);
     }
     fputc('\n', stdout); )

  /* --- Mix in the real key material --- */

  dd = k->k;
  d = buf;
  n = sz;
  for (i = 0; i < KEYS; i++) {
    *dd++ ^= *d++;
    n--;
    if (n == 0) {
      n = sz;
      d = buf;
    }
  }

  D( puts("Array after mixing in key material:");
     for (i = 0; i < KEYS; i++) {
       printf("%06x ", k->k[i]);
       if (i % 4 == 3)
	 fputc('\n', stdout);
     }
     fputc('\n', stdout); )

  /* --- Now mangle the key material horribly --- */

  for (i = 0; i < 4; i++)
    mm[i] = 0;

  dd = k->k;
  for (i = 0; i < KEYS; i += 4) {
    storin_eblk24(k, mm, mm);
    for (n = 0; n < 4; n++)
      dd[n] = mm[n];
    dd += 4;
  }

  D( puts("Final round subkeys:");
     for (i = 0; i < KEYS; i++) {
       printf("%06x ", k->k[i]);
       if (i % 4 == 3)
	 fputc('\n', stdout);
     }
     fputc('\n', stdout); )
}

/* --- @storin_eblk24@, @storin_dblk24@ --- *
 *
 * Arguments:	@const storin_ctx *k@ = pointer to cipher context
 *		@const uint24 s[4]@ = pointer to source block
 *		@uint24 d[4]@ = pointer to destination block
 *
 * Returns:	---
 *
 * Use:		Low-level block encryption and decryption.
 */

void storin_eblk24(const storin_ctx *k, const uint24 *s, uint24 *d)
{
  unsigned i, j;
  uint24 p[4], q[4];
  const uint24 *kk = k->k;

  D( puts("Encryption...");
     printf(" plaintext: %06x %06x %06x %06x\n", s[0], s[1], s[2], s[3]); )

  for (j = 0; j < 4; j++)
    p[j] = s[j];

  /* --- Main cipher guts --- */

  for (i = 0; i < STORIN_ROUNDS; i++) {
    D( printf("round %2i\n", i); )
    for (j = 0; j < 4; j++)
      q[j] = p[j] ^ *kk++;
    D( printf("   mix key: %06x %06x %06x %06x\n", q[0], q[1], q[2], q[3]); )
    matmul(p, m, q, 4, 4, 1);
    D( printf("    matrix: %06x %06x %06x %06x\n", p[0], p[1], p[2], p[3]); )
    for (j = 0; j < 4; j++)
      p[j] ^= p[j] >> 12;
    D( printf(" lin trans: %06x %06x %06x %06x\n", p[0], p[1], p[2], p[3]); )
  }

  /* --- Postwhitening and output --- */

  for (j = 0; j < 4; j++)
    d[j] = p[j] ^ *kk++;

  D( printf("ciphertext: %06x %06x %06x %06x\n", d[0], d[1], d[2], d[3]); )
}


void storin_dblk24(const storin_ctx *k, const uint24 *s, uint24 *d)
{
  unsigned i, j;
  uint24 p[4], q[4];
  const uint24 *kk = k->k + KEYS;

  D( puts("Decryption...");
     printf("ciphertext: %06x %06x %06x %06x\n", s[0], s[1], s[2], s[3]); )

  for (j = 0; j < 4; j++)
    p[j] = s[j];

  /* --- Main cipher guts --- */

  for (i = 0; i < STORIN_ROUNDS; i++) {
    D( printf("round %2i\n", i); )
    for (j = 0; j < 4; j++)
      q[3 - j] = p[3 - j] ^ *--kk;
    D( printf("   mix key: %06x %06x %06x %06x\n", q[0], q[1], q[2], q[3]); )
    for (j = 0; j < 4; j++)
      q[j] ^= q[j] >> 12;
    D( printf(" lin trans: %06x %06x %06x %06x\n", p[0], p[1], p[2], p[3]); )
    matmul(p, mi, q, 4, 4, 1);
    D( printf("    matrix: %06x %06x %06x %06x\n", p[0], p[1], p[2], p[3]); )
  }

  /* --- Postwhitening and output --- */

  for (j = 0; j < 4; j++)
    d[3 - j] = p[3 - j] ^ *--kk;

  D( printf(" plaintext: %06x %06x %06x %06x\n", d[0], d[1], d[2], d[3]); )
}

/*----- Test rig ----------------------------------------------------------*/

#if defined(DEBUG) || defined(TIMER)

#include <time.h>

int main(void)
{
  uint24 kk[] = { 1, 2, 3, 4, 5 };
  uint24 p[4] = { 6, 7, 8, 9 };
  uint24 q[4];
  storin_ctx c;

  storin_init24(&c, kk, 5);

#ifdef DEBUG
  storin_eblk24(&c, p, q);
  storin_dblk24(&c, q, q);
#endif

#ifdef TIMER
  {
    time_t now, then;
    unsigned n = 0;

    then = time(0);
    for (;;) {
      storin_eblk24(&c, p, q);
      n++;
      now = time(0);
      if (difftime(now, then) > 10.0)
	break;
    }
    printf("%g blocks/s = %g bits/s\n", n / 10.0, n * 96.0 / 10.0);
  }
#endif
  return (0);
}

#endif

/*----- That's all, folks -------------------------------------------------*/