Re-import libtomcrypt 1.05 for cleaner propagating.

From crypt-1.05.tar.bz2, SHA1 of 88250202bb51570dc64f7e8f1c943cda9479258f --HG-- branch : libtomcrypt-orig extra : convert_revision : 5c0c50e93111636ccf8deb758a689ad713797baf
author: Matt Johnston <matt@ucc.asn.au> 2006-03-08 12:58:00 +0000
committer: Matt Johnston <matt@ucc.asn.au> 2006-03-08 12:58:00 +0000
commit: c57e1d8def6e38d350da8b098a91806d405e952e (patch)
tree: dbd7bff4e514b7bfd2f2fe365eeaaea77ebafffd /notes/etc
3 files changed, 291 insertions, 0 deletions
diff --git a/notes/etc/saferp_optimizer.c b/notes/etc/saferp_optimizer.c
new file mode 100644
index 0000000..32de878
--- /dev/null
+++ b/notes/etc/saferp_optimizer.c
@@ -0,0 +1,177 @@
+/* emits an optimized version of SAFER+ ... only does encrypt so far... */
+
+#include <stdio.h>
+#include <string.h>
+
+/* This is the "Armenian" Shuffle.  It takes the input from b and stores it in b2 */
+#define SHUF\
+    b2[0] = b[8]; b2[1] = b[11]; b2[2] = b[12]; b2[3] = b[15];   \
+    b2[4] = b[2]; b2[5] = b[1]; b2[6] = b[6]; b2[7] = b[5];      \
+    b2[8] = b[10]; b2[9] = b[9]; b2[10] = b[14]; b2[11] = b[13]; \
+    b2[12] = b[0]; b2[13] = b[7]; b2[14] = b[4]; b2[15] = b[3]; memcpy(b, b2, sizeof(b));
+
+/* This is the inverse shuffle.  It takes from b and gives to b2 */
+#define iSHUF(b, b2)                                               \
+    b2[0] = b[12]; b2[1] = b[5]; b2[2] = b[4]; b2[3] = b[15];      \
+    b2[4] = b[14]; b2[5] = b[7]; b2[6] = b[6]; b2[7] = b[13];      \
+    b2[8] = b[0]; b2[9] = b[9]; b2[10] = b[8]; b2[11] = b[1];      \
+    b2[12] = b[2]; b2[13] = b[11]; b2[14] = b[10]; b2[15] = b[3]; memcpy(b, b2, sizeof(b));
+    
+#define ROUND(b, i)                                                                        \
+    b[0]  = (safer_ebox[(b[0] ^ skey->saferp.K[i][0]) & 255] + skey->saferp.K[i+1][0]) & 255;    \
+    b[1]  = safer_lbox[(b[1] + skey->saferp.K[i][1]) & 255] ^ skey->saferp.K[i+1][1];            \
+    b[2]  = safer_lbox[(b[2] + skey->saferp.K[i][2]) & 255] ^ skey->saferp.K[i+1][2];            \
+    b[3]  = (safer_ebox[(b[3] ^ skey->saferp.K[i][3]) & 255] + skey->saferp.K[i+1][3]) & 255;    \
+    b[4]  = (safer_ebox[(b[4] ^ skey->saferp.K[i][4]) & 255] + skey->saferp.K[i+1][4]) & 255;    \
+    b[5]  = safer_lbox[(b[5] + skey->saferp.K[i][5]) & 255] ^ skey->saferp.K[i+1][5];            \
+    b[6]  = safer_lbox[(b[6] + skey->saferp.K[i][6]) & 255] ^ skey->saferp.K[i+1][6];            \
+    b[7]  = (safer_ebox[(b[7] ^ skey->saferp.K[i][7]) & 255] + skey->saferp.K[i+1][7]) & 255;    \
+    b[8]  = (safer_ebox[(b[8] ^ skey->saferp.K[i][8]) & 255] + skey->saferp.K[i+1][8]) & 255;    \
+    b[9]  = safer_lbox[(b[9] + skey->saferp.K[i][9]) & 255] ^ skey->saferp.K[i+1][9];            \
+    b[10] = safer_lbox[(b[10] + skey->saferp.K[i][10]) & 255] ^ skey->saferp.K[i+1][10];         \
+    b[11] = (safer_ebox[(b[11] ^ skey->saferp.K[i][11]) & 255] + skey->saferp.K[i+1][11]) & 255; \
+    b[12] = (safer_ebox[(b[12] ^ skey->saferp.K[i][12]) & 255] + skey->saferp.K[i+1][12]) & 255; \
+    b[13] = safer_lbox[(b[13] + skey->saferp.K[i][13]) & 255] ^ skey->saferp.K[i+1][13];         \
+    b[14] = safer_lbox[(b[14] + skey->saferp.K[i][14]) & 255] ^ skey->saferp.K[i+1][14];         \
+    b[15] = (safer_ebox[(b[15] ^ skey->saferp.K[i][15]) & 255] + skey->saferp.K[i+1][15]) & 255;        
+
+int main(void)
+{
+   int b[16], b2[16], x, y, z;
+   
+/* -- ENCRYPT ---  */
+   for (x = 0; x < 16; x++) b[x] = x;
+   /* emit encrypt preabmle  */
+printf(
+"void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)\n"
+"{\n"
+"   int x;\n"
+"   unsigned char b[16];\n"
+"\n"
+"   LTC_ARGCHK(pt   != NULL);\n"
+"   LTC_ARGCHK(ct   != NULL);\n"
+"   LTC_ARGCHK(skey != NULL);\n"
+"\n"
+"   /* do eight rounds */\n"
+"   for (x = 0; x < 16; x++) {\n"
+"       b[x] = pt[x];\n"
+"   }\n");   
+
+   /* do 8 rounds of ROUND; LT; */
+   for (x = 0; x < 8; x++) {
+       /* ROUND(..., x*2) */
+       for (y = 0; y < 16; y++) {
+printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n",
+          b[y], "elle"[y&3], b[y], "^++^"[y&3],      x*2, y, "+^^+"[y&3], x*2+1, y);
+       }
+       
+       /* LT */
+       for (y = 0; y < 4; y++) {
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[2], b[2], b[3], b[3], b[2]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[4], b[4], b[5], b[5], b[4]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[6], b[6], b[7], b[7], b[6]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[8], b[8], b[9], b[9], b[8]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[10], b[10], b[11], b[11], b[10]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], b[12], b[13], b[13], b[12]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]);
+      if (y < 3) {
+         SHUF;
+      }         
+      }   
+  }
+  
+printf(
+"   if (skey->saferp.rounds <= 8) {\n");
+/* finish */
+   for (x = 0; x < 16; x++) {
+   printf(
+"      ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n",
+       x, b[x], "^++^"[x&3], x);
+   }   
+   printf("      return;\n   }\n");
+  
+  /* 192-bit keys */
+printf(  
+"   /* 192-bit key? */\n"
+"   if (skey->saferp.rounds > 8) {\n");
+  
+   /* do 4 rounds of ROUND; LT; */
+   for (x = 8; x < 12; x++) {
+       /* ROUND(..., x*2) */
+       for (y = 0; y < 16; y++) {
+printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n",
+          b[y], "elle"[y&3], b[y], "^++^"[y&3],      x*2, y, "+^^+"[y&3], x*2+1, y);
+       }
+       
+       /* LT */
+       for (y = 0; y < 4; y++) {
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[2], b[2], b[3], b[3], b[2]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[4], b[4], b[5], b[5], b[4]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[6], b[6], b[7], b[7], b[6]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[8], b[8], b[9], b[9], b[8]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[10], b[10], b[11], b[11], b[10]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], b[12], b[13], b[13], b[12]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]);
+      if (y < 3) {
+         SHUF;
+      }         
+      }   
+  }
+printf("}\n");
+  
+printf(
+"   if (skey->saferp.rounds <= 12) {\n");
+/* finish */
+   for (x = 0; x < 16; x++) {
+   printf(
+"      ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n",
+       x, b[x], "^++^"[x&3], x);
+   }   
+   printf("      return;\n   }\n");
+
+  /* 256-bit keys */
+printf(  
+"   /* 256-bit key? */\n"
+"   if (skey->saferp.rounds > 12) {\n");
+  
+   /* do 4 rounds of ROUND; LT; */
+   for (x = 12; x < 16; x++) {
+       /* ROUND(..., x*2) */
+       for (y = 0; y < 16; y++) {
+printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n",
+          b[y], "elle"[y&3], b[y], "^++^"[y&3],      x*2, y, "+^^+"[y&3], x*2+1, y);
+       }
+       
+       /* LT */
+       for (y = 0; y < 4; y++) {
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[2], b[2], b[3], b[3], b[2]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[4], b[4], b[5], b[5], b[4]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[6], b[6], b[7], b[7], b[6]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[8], b[8], b[9], b[9], b[8]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[10], b[10], b[11], b[11], b[10]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], b[12], b[13], b[13], b[12]);
+printf("   b[%d]  = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]);
+      if (y < 3) {
+         SHUF;
+      }         
+      }   
+  }
+/* finish */
+   for (x = 0; x < 16; x++) {
+   printf(
+"      ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n",
+       x, b[x], "^++^"[x&3], x);
+   }   
+   printf("   return;\n");
+printf("   }\n}\n\n");
+
+   return 0;
+}
+
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/saferp_optimizer.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
diff --git a/notes/etc/whirlgen.c b/notes/etc/whirlgen.c
new file mode 100644
index 0000000..c06687e
--- /dev/null
+++ b/notes/etc/whirlgen.c
@@ -0,0 +1,95 @@
+#include <stdio.h>
+
+unsigned E[16] =  { 1, 0xb, 9, 0xc, 0xd, 6, 0xf, 3, 0xe, 8, 7, 4, 0xa, 2, 5, 0 };
+unsigned Ei[16];
+unsigned R[16] =  { 7, 0xc, 0xb, 0xd, 0xe, 4, 9, 0xf, 6, 3, 8, 0xa, 2, 5, 1, 0 };
+unsigned cir[8][8] = { 
+ {1, 1, 4, 1, 8, 5, 2, 9 },
+}; 
+
+
+unsigned gf_mul(unsigned a, unsigned b)
+{
+   unsigned r;
+   
+   r = 0;
+   while (a) {
+      if (a & 1) r ^= b;
+      a >>= 1;
+      b = (b << 1) ^ (b & 0x80 ? 0x11d : 0x00);
+   }
+   return r;
+}
+
+unsigned sbox(unsigned x)
+{
+   unsigned a, b, w;
+   
+   a = x >> 4;
+   b = x & 15;
+   
+   a = E[a]; b = Ei[b];
+   w = a ^ b; w = R[w];
+   a = E[a ^ w]; b = Ei[b ^ w];
+   
+   
+   return (a << 4) | b;
+}
+
+int main(void)
+{
+   unsigned x, y;
+   
+   for (x = 0; x < 16; x++) Ei[E[x]] = x;
+   
+//   for (x = 0; x < 16; x++) printf("%2x ", sbox(x));
+   for (y = 1; y < 8; y++) {
+      for (x = 0; x < 8; x++) {
+          cir[y][x] = cir[y-1][(x-1)&7];
+      }
+   }
+
+/*   
+   printf("\n");
+   for (y = 0; y < 8; y++) {
+       for (x = 0; x < 8; x++) printf("%2d ", cir[y][x]);
+       printf("\n");
+   }
+*/
+
+   for (y = 0; y < 8; y++) {
+       printf("static const ulong64 sbox%d[] = {\n", y);
+       for (x = 0; x < 256; ) {
+           printf("CONST64(0x%02x%02x%02x%02x%02x%02x%02x%02x)",
+              gf_mul(sbox(x), cir[y][0]),
+              gf_mul(sbox(x), cir[y][1]),
+              gf_mul(sbox(x), cir[y][2]),
+              gf_mul(sbox(x), cir[y][3]),
+              gf_mul(sbox(x), cir[y][4]),
+              gf_mul(sbox(x), cir[y][5]),
+              gf_mul(sbox(x), cir[y][6]),
+              gf_mul(sbox(x), cir[y][7]));
+           if (x < 255) printf(", ");
+           if (!(++x & 3)) printf("\n");
+       }
+       printf("};\n\n");
+  }
+  
+  printf("static const ulong64 cont[] = {\n");
+  for (y = 0; y <= 10; y++) {
+      printf("CONST64(0x");
+      for (x = 0; x < 8; x++) {
+         printf("%02x", sbox((8*y + x)&255));
+      }
+      printf("),\n");
+  }
+  printf("};\n\n");
+  return 0;
+   
+}
+
+
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/whirlgen.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
diff --git a/notes/etc/whirltest.c b/notes/etc/whirltest.c
new file mode 100644
index 0000000..226e012
--- /dev/null
+++ b/notes/etc/whirltest.c
@@ -0,0 +1,19 @@
+#include <stdio.h>
+
+int main(void)
+{
+   char buf[4096];
+   int x;
+   
+   while (fgets(buf, sizeof(buf)-2, stdin) != NULL) {
+        for (x = 0; x < 128; ) {
+            printf("0x%c%c, ", buf[x], buf[x+1]);
+            if (!((x += 2) & 31)) printf("\n");
+        }
+   }
+}
+
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/whirltest.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
author	Matt Johnston <matt@ucc.asn.au>	2006-03-08 12:58:00 +0000
committer	Matt Johnston <matt@ucc.asn.au>	2006-03-08 12:58:00 +0000
commit	c57e1d8def6e38d350da8b098a91806d405e952e (patch)
tree	dbd7bff4e514b7bfd2f2fe365eeaaea77ebafffd /notes/etc