9#if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE
10# pragma GCC diagnostic ignored "-Wmissing-braces"
17 static const byte iG[8][8] = {
18 0xe7, 0x30, 0x90, 0x85, 0xd0, 0x4b, 0x91, 0x41,
19 0x53, 0x95, 0x9b, 0xa5, 0x96, 0xbc, 0xa1, 0x68,
20 0x02, 0x45, 0xf7, 0x65, 0x5c, 0x1f, 0xb6, 0x52,
21 0xa2, 0xca, 0x22, 0x94, 0x44, 0x63, 0x2a, 0xa2,
22 0xfc, 0x67, 0x8e, 0x10, 0x29, 0x75, 0x85, 0x71,
23 0x24, 0x45, 0xa2, 0xcf, 0x2f, 0x22, 0xc1, 0x0e,
24 0xa1, 0xf1, 0x71, 0x40, 0x91, 0x27, 0x18, 0xa5,
25 0x56, 0xf4, 0xaf, 0x32, 0xd2, 0xa4, 0xdc, 0x71,
30 for (
unsigned int i=0; i<8; i++)
31 for(
unsigned int j=0; j<8; j++)
32 result ^=
word64(gf256.Multiply(iG[i][j], GF256::Element(a>>(56-8*j)))) << (56-8*i);
36void SHARK::Base::UncheckedSetKey(
const byte *key,
unsigned int keyLen,
const NameValuePairs ¶ms)
38 AssertValidKeyLength(keyLen);
40 m_rounds = GetRoundsAndThrowIfInvalid(params,
this);
41 m_roundKeys.New(m_rounds+1);
44 for (
unsigned int i=0; i<(m_rounds+1)*8; i++)
45 ((
byte *)m_roundKeys.begin())[i] = key[i%keyLen];
49 byte IV[8] = {0,0,0,0,0,0,0,0};
52 cfb.ProcessString((
byte *)m_roundKeys.begin(), (m_rounds+1)*8);
56 m_roundKeys[m_rounds] = SHARKTransform(m_roundKeys[m_rounds]);
58 if (!IsForwardTransformation())
63 for (i=0; i<m_rounds/2; i++)
64 std::swap(m_roundKeys[i], m_roundKeys[m_rounds-i]);
66 for (i=1; i<m_rounds; i++)
67 m_roundKeys[i] = SHARKTransform(m_roundKeys[i]);
70#if (CRYPTOPP_LITTLE_ENDIAN)
72 m_roundKeys[m_rounds] =
ByteReverse(m_roundKeys[m_rounds]);
77void SHARK::Enc::InitForKeySetup()
79 m_rounds = DEFAULT_ROUNDS;
80 m_roundKeys.New(DEFAULT_ROUNDS+1);
82 for (
unsigned int i=0; i<DEFAULT_ROUNDS; i++)
83 m_roundKeys[i] = cbox[0][i];
85 m_roundKeys[DEFAULT_ROUNDS] = SHARKTransform(cbox[0][DEFAULT_ROUNDS]);
87#if (CRYPTOPP_LITTLE_ENDIAN)
89 m_roundKeys[m_rounds] =
ByteReverse(m_roundKeys[m_rounds]);
93void SHARK::Enc::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock,
byte *outBlock)
const
96 word64 tmp = *(
word64 *)(
void *)inBlock ^ m_roundKeys[0];
99 tmp = cbox[0][
GetByte(order, tmp, 0)] ^ cbox[1][
GetByte(order, tmp, 1)]
100 ^ cbox[2][
GetByte(order, tmp, 2)] ^ cbox[3][
GetByte(order, tmp, 3)]
101 ^ cbox[4][
GetByte(order, tmp, 4)] ^ cbox[5][
GetByte(order, tmp, 5)]
102 ^ cbox[6][
GetByte(order, tmp, 6)] ^ cbox[7][
GetByte(order, tmp, 7)]
105 for(
unsigned int i=2; i<m_rounds; i++)
107 tmp = cbox[0][GETBYTE(tmp, 7)] ^ cbox[1][GETBYTE(tmp, 6)]
108 ^ cbox[2][GETBYTE(tmp, 5)] ^ cbox[3][GETBYTE(tmp, 4)]
109 ^ cbox[4][GETBYTE(tmp, 3)] ^ cbox[5][GETBYTE(tmp, 2)]
110 ^ cbox[6][GETBYTE(tmp, 1)] ^ cbox[7][GETBYTE(tmp, 0)]
115 (sbox[GETBYTE(tmp, 7)])
116 (sbox[GETBYTE(tmp, 6)])
117 (sbox[GETBYTE(tmp, 5)])
118 (sbox[GETBYTE(tmp, 4)])
119 (sbox[GETBYTE(tmp, 3)])
120 (sbox[GETBYTE(tmp, 2)])
121 (sbox[GETBYTE(tmp, 1)])
122 (sbox[GETBYTE(tmp, 0)]);
125 *(
word64 *)(
void *)outBlock ^= m_roundKeys[m_rounds];
128void SHARK::Dec::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock,
byte *outBlock)
const
131 word64 tmp = *(
word64 *)(
void *)inBlock ^ m_roundKeys[0];
134 tmp = cbox[0][
GetByte(order, tmp, 0)] ^ cbox[1][
GetByte(order, tmp, 1)]
135 ^ cbox[2][
GetByte(order, tmp, 2)] ^ cbox[3][
GetByte(order, tmp, 3)]
136 ^ cbox[4][
GetByte(order, tmp, 4)] ^ cbox[5][
GetByte(order, tmp, 5)]
137 ^ cbox[6][
GetByte(order, tmp, 6)] ^ cbox[7][
GetByte(order, tmp, 7)]
140 for(
unsigned int i=2; i<m_rounds; i++)
142 tmp = cbox[0][GETBYTE(tmp, 7)] ^ cbox[1][GETBYTE(tmp, 6)]
143 ^ cbox[2][GETBYTE(tmp, 5)] ^ cbox[3][GETBYTE(tmp, 4)]
144 ^ cbox[4][GETBYTE(tmp, 3)] ^ cbox[5][GETBYTE(tmp, 2)]
145 ^ cbox[6][GETBYTE(tmp, 1)] ^ cbox[7][GETBYTE(tmp, 0)]
150 (sbox[GETBYTE(tmp, 7)])
151 (sbox[GETBYTE(tmp, 6)])
152 (sbox[GETBYTE(tmp, 5)])
153 (sbox[GETBYTE(tmp, 4)])
154 (sbox[GETBYTE(tmp, 3)])
155 (sbox[GETBYTE(tmp, 2)])
156 (sbox[GETBYTE(tmp, 1)])
157 (sbox[GETBYTE(tmp, 0)]);
160 *(
word64 *)(
void *)outBlock ^= m_roundKeys[m_rounds];
GF(256) with polynomial basis.
Interface for retrieving values given their names.
Access a block of memory.
unsigned long long word64
64-bit unsigned datatype
ByteOrder
Provides the byte ordering.
@ BIG_ENDIAN_ORDER
byte order is big-endian
Classes and functions for schemes over GF(256)
Utility functions for the Crypto++ library.
byte ByteReverse(byte value)
Reverses bytes in a 8-bit value.
bool IsAlignedOn(const void *ptr, unsigned int alignment)
Determines whether ptr is aligned to a minimum value.
T ConditionalByteReverse(ByteOrder order, T value)
Reverses bytes in a value depending upon endianness.
unsigned int GetByte(ByteOrder order, T value, unsigned int index)
Gets a byte from a value.
ByteOrder GetNativeByteOrder()
Returns NativeByteOrder as an enumerated ByteOrder value.
Classes for block cipher modes of operation.
Crypto++ library namespace.
const char * IV()
ConstByteArrayParameter, also accepts const byte * for backwards compatibility.
void swap(::SecBlock< T, A > &a, ::SecBlock< T, A > &b)
Swap two SecBlocks.
Classes for the SHARK block cipher.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.