15ANONYMOUS_NAMESPACE_BEGIN
32 h = (((
static_cast<word32>(a*a) >> 17U) +
static_cast<word32>(a*b)) >> 15U) + b*b;
36 return static_cast<word32>(h^l);
42 return static_cast<word32>((z >> 32) ^ z);
55 c[0] =
static_cast<word32>(c[0] + 0x4D34D34D + carry);
56 c[1] =
static_cast<word32>(c[1] + 0xD34D34D3 + (c[0] < c_old[0]));
57 c[2] =
static_cast<word32>(c[2] + 0x34D34D34 + (c[1] < c_old[1]));
58 c[3] =
static_cast<word32>(c[3] + 0x4D34D34D + (c[2] < c_old[2]));
59 c[4] =
static_cast<word32>(c[4] + 0xD34D34D3 + (c[3] < c_old[3]));
60 c[5] =
static_cast<word32>(c[5] + 0x34D34D34 + (c[4] < c_old[4]));
61 c[6] =
static_cast<word32>(c[6] + 0x4D34D34D + (c[5] < c_old[5]));
62 c[7] =
static_cast<word32>(c[7] + 0xD34D34D3 + (c[6] < c_old[6]));
63 carry = (c[7] < c_old[7]);
67 g[i] = G_func(
static_cast<word32>(x[i] + c[i]));
70 x[0] =
static_cast<word32>(g[0] + rotlConstant<16>(g[7]) + rotlConstant<16>(g[6]));
71 x[1] =
static_cast<word32>(g[1] + rotlConstant<8>(g[0]) + g[7]);
72 x[2] =
static_cast<word32>(g[2] + rotlConstant<16>(g[1]) + rotlConstant<16>(g[0]));
73 x[3] =
static_cast<word32>(g[3] + rotlConstant<8>(g[2]) + g[1]);
74 x[4] =
static_cast<word32>(g[4] + rotlConstant<16>(g[3]) + rotlConstant<16>(g[2]));
75 x[5] =
static_cast<word32>(g[5] + rotlConstant<8>(g[4]) + g[3]);
76 x[6] =
static_cast<word32>(g[6] + rotlConstant<16>(g[5]) + rotlConstant<16>(g[4]));
77 x[7] =
static_cast<word32>(g[7] + rotlConstant<8>(g[6]) + g[5]);
82ANONYMOUS_NAMESPACE_END
86void RabbitPolicy::CipherSetKey(
const NameValuePairs ¶ms,
const byte *userKey,
size_t keylen)
89 CRYPTOPP_UNUSED(params);
97 m_mx[1] =
static_cast<word32>(m_t[3] << 16) | (m_t[2] >> 16);
98 m_mx[3] =
static_cast<word32>(m_t[0] << 16) | (m_t[3] >> 16);
99 m_mx[5] =
static_cast<word32>(m_t[1] << 16) | (m_t[0] >> 16);
100 m_mx[7] =
static_cast<word32>(m_t[2] << 16) | (m_t[1] >> 16);
103 m_mc[0] = rotlConstant<16>(m_t[2]);
104 m_mc[2] = rotlConstant<16>(m_t[3]);
105 m_mc[4] = rotlConstant<16>(m_t[0]);
106 m_mc[6] = rotlConstant<16>(m_t[1]);
107 m_mc[1] = (m_t[0] & 0xFFFF0000) | (m_t[1] & 0xFFFF);
108 m_mc[3] = (m_t[1] & 0xFFFF0000) | (m_t[2] & 0xFFFF);
109 m_mc[5] = (m_t[2] & 0xFFFF0000) | (m_t[3] & 0xFFFF);
110 m_mc[7] = (m_t[3] & 0xFFFF0000) | (m_t[0] & 0xFFFF);
116 for (
unsigned int i = 0; i<4; i++)
117 m_mcy = NextState(m_mc, m_mx, m_mcy);
120 for (
unsigned int i = 0; i<8; i++)
121 m_mc[i] ^= m_mx[(i + 4) & 0x7];
124 for (
unsigned int i = 0; i<8; i++)
132void RabbitPolicy::OperateKeystream(
KeystreamOperation operation,
byte *output,
const byte *input,
size_t iterationCount)
135 for (
size_t i = 0; i<iterationCount; ++i, out += 16)
138 m_wcy = NextState(m_wc, m_wx, m_wcy);
157void RabbitWithIVPolicy::CipherSetKey(
const NameValuePairs ¶ms,
const byte *userKey,
size_t keylen)
160 CRYPTOPP_UNUSED(params);
168 m_mx[1] =
static_cast<word32>(m_t[3] << 16) | (m_t[2] >> 16);
169 m_mx[3] =
static_cast<word32>(m_t[0] << 16) | (m_t[3] >> 16);
170 m_mx[5] =
static_cast<word32>(m_t[1] << 16) | (m_t[0] >> 16);
171 m_mx[7] =
static_cast<word32>(m_t[2] << 16) | (m_t[1] >> 16);
174 m_mc[0] = rotlConstant<16>(m_t[2]);
175 m_mc[2] = rotlConstant<16>(m_t[3]);
176 m_mc[4] = rotlConstant<16>(m_t[0]);
177 m_mc[6] = rotlConstant<16>(m_t[1]);
178 m_mc[1] = (m_t[0] & 0xFFFF0000) | (m_t[1] & 0xFFFF);
179 m_mc[3] = (m_t[1] & 0xFFFF0000) | (m_t[2] & 0xFFFF);
180 m_mc[5] = (m_t[2] & 0xFFFF0000) | (m_t[3] & 0xFFFF);
181 m_mc[7] = (m_t[3] & 0xFFFF0000) | (m_t[0] & 0xFFFF);
187 for (
unsigned int i = 0; i<4; i++)
188 m_mcy = NextState(m_mc, m_mx, m_mcy);
191 for (
unsigned int i = 0; i<8; i++)
192 m_mc[i] ^= m_mx[(i + 4) & 0x7];
195 for (
unsigned int i = 0; i<8; i++)
203void RabbitWithIVPolicy::CipherResynchronize(
byte *keystreamBuffer,
const byte *iv,
size_t length)
205 CRYPTOPP_UNUSED(keystreamBuffer);
206 CRYPTOPP_UNUSED(length);
211 m_t[1] = (m_t[0] >> 16) | (m_t[2] & 0xFFFF0000);
212 m_t[3] = (m_t[2] << 16) | (m_t[0] & 0x0000FFFF);
215 m_wc[0] = m_mc[0] ^ m_t[0];
216 m_wc[1] = m_mc[1] ^ m_t[1];
217 m_wc[2] = m_mc[2] ^ m_t[2];
218 m_wc[3] = m_mc[3] ^ m_t[3];
219 m_wc[4] = m_mc[4] ^ m_t[0];
220 m_wc[5] = m_mc[5] ^ m_t[1];
221 m_wc[6] = m_mc[6] ^ m_t[2];
222 m_wc[7] = m_mc[7] ^ m_t[3];
225 for (
unsigned int i = 0; i<8; i++)
230 for (
unsigned int i = 0; i<4; i++)
231 m_wcy = NextState(m_wc, m_wx, m_wcy);
234void RabbitWithIVPolicy::OperateKeystream(
KeystreamOperation operation,
byte *output,
const byte *input,
size_t iterationCount)
237 for (
unsigned int i = 0; i<iterationCount; ++i, out += 16)
240 m_wcy = NextState(m_wc, m_wx, m_wcy);
Access a block of memory.
Interface for retrieving values given their names.
iterator begin()
Provides an iterator pointing to the first element in the memory block.
Library configuration file.
unsigned int word32
32-bit unsigned datatype
unsigned long long word64
64-bit unsigned datatype
@ LITTLE_ENDIAN_ORDER
byte order is little-endian
Utility functions for the Crypto++ library.
T rotlConstant(T x)
Performs a left rotate.
void GetUserKey(ByteOrder order, T *out, size_t outlen, const byte *in, size_t inlen)
Copy bytes in a buffer to an array of elements in big-endian order.
#define EnumToInt(v)
Integer value.
void PutWord(bool assumeAligned, ByteOrder order, byte *block, T value, const byte *xorBlock=NULL)
Access a block of memory.
CRYPTOPP_DLL void xorbuf(byte *buf, const byte *mask, size_t count)
Performs an XOR of a buffer with a mask.
Crypto++ library namespace.
Classes for Rabbit stream cipher.
Classes and functions for secure memory allocations.
KeystreamOperation
Keystream operation flags.
@ INPUT_NULL
Input buffer is NULL.
unsigned int GetBytesPerIteration() const
Provides number of bytes operated upon during an iteration.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.