rc62.c
05233a45fc0d19749e485bc74e90f9715d0e057f000e7e4b743f5662ac558408
/* This is an independent implementation of the RC6 algorithm that */
/* Ron Rivest and RSA Labs have submitted as a candidate for the */
/* NIST AES activity. Refer to RSA Labs and Ron Rivest for any */
/* copyright, patent or license issues for the RC6 algorithm. */
/* */
/* Copyright in this implementation is held by Dr B R Gladman but */
/* I hereby give permission for its free direct or derivative use */
/* subject to acknowledgment of its origin and compliance with any */
/* constraints that are placed on the exploitation of RC6 by its */
/* designers. */
/* */
/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 18th July 1998 */
/*
Timing data:
Algorithm: rc6 (rc62.c)
128 bit key:
Key Setup: 1584 cycles
Encrypt: 251 cycles = 102.0 mbits/sec
Decrypt: 239 cycles = 107.1 mbits/sec
Mean: 245 cycles = 104.5 mbits/sec
192 bit key:
Key Setup: 1877 cycles
Encrypt: 255 cycles = 100.5 mbits/sec
Decrypt: 248 cycles = 103.2 mbits/sec
Mean: 251 cycles = 101.9 mbits/sec
256 bit key:
Key Setup: 1779 cycles
Encrypt: 244 cycles = 104.8 mbits/sec
Decrypt: 239 cycles = 107.1 mbits/sec
Mean: 242 cycles = 105.9 mbits/sec
*/
#include "../std_defs.h"
static char *alg_name[] = { "rc6", "rc62.c" };
char **cipher_name()
{
return alg_name;
}
#define f_rnd(i,a,b,c,d) \
t = b * (b + b + 1); \
u = d * (d + d + 1); \
a = rotl(a ^ rotl(t,5), u); \
c = rotl(c ^ rotl(u,5), t); \
a += l_key[i]; \
c += l_key[i + 1] \
#define i_rnd(i,a,b,c,d) \
u = rotl(d * (d + d + 1), 5); \
t = rotl(b * (b + b + 1), 5); \
c = rotr(c - l_key[i + 1], t) ^ u; \
a = rotr(a - l_key[i], u) ^ t \
u4byte l_key[44]; /* storage for the key schedule */
/* initialise the key schedule from the user supplied key */
u4byte *set_key(const u4byte in_key[], const u4byte key_len)
{ u4byte i, j, k, a, b, l[8], t;
l_key[0] = 0xb7e15163;
for(k = 1; k < 44; ++k)
l_key[k] = l_key[k - 1] + 0x9e3779b9;
for(k = 0; k < key_len / 32; ++k)
l[k] = in_key[k];
t = (key_len / 32) - 1;
a = b = i = j = 0;
for(k = 0; k < 132; ++k)
{ a = rotl(l_key[i] + a + b, 3); b += a;
b = rotl(l[j] + b, b);
l_key[i] = a; l[j] = b;
i = (i == 43 ? 0 : i + 1);
j = (j == t ? 0 : j + 1);
}
return l_key;
};
/* encrypt a block of text */
void encrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte a,b,c,d,t,u;
a = in_blk[0]; b = in_blk[1] + l_key[0];
c = in_blk[2]; d = in_blk[3] + l_key[1];
f_rnd( 2,a,b,c,d); f_rnd( 4,b,c,d,a);
f_rnd( 6,c,d,a,b); f_rnd( 8,d,a,b,c);
f_rnd(10,a,b,c,d); f_rnd(12,b,c,d,a);
f_rnd(14,c,d,a,b); f_rnd(16,d,a,b,c);
f_rnd(18,a,b,c,d); f_rnd(20,b,c,d,a);
f_rnd(22,c,d,a,b); f_rnd(24,d,a,b,c);
f_rnd(26,a,b,c,d); f_rnd(28,b,c,d,a);
f_rnd(30,c,d,a,b); f_rnd(32,d,a,b,c);
f_rnd(34,a,b,c,d); f_rnd(36,b,c,d,a);
f_rnd(38,c,d,a,b); f_rnd(40,d,a,b,c);
out_blk[0] = a + l_key[42]; out_blk[1] = b;
out_blk[2] = c + l_key[43]; out_blk[3] = d;
};
/* decrypt a block of text */
void decrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte a,b,c,d,t,u;
d = in_blk[3]; c = in_blk[2] - l_key[43];
b = in_blk[1]; a = in_blk[0] - l_key[42];
i_rnd(40,d,a,b,c); i_rnd(38,c,d,a,b);
i_rnd(36,b,c,d,a); i_rnd(34,a,b,c,d);
i_rnd(32,d,a,b,c); i_rnd(30,c,d,a,b);
i_rnd(28,b,c,d,a); i_rnd(26,a,b,c,d);
i_rnd(24,d,a,b,c); i_rnd(22,c,d,a,b);
i_rnd(20,b,c,d,a); i_rnd(18,a,b,c,d);
i_rnd(16,d,a,b,c); i_rnd(14,c,d,a,b);
i_rnd(12,b,c,d,a); i_rnd(10,a,b,c,d);
i_rnd( 8,d,a,b,c); i_rnd( 6,c,d,a,b);
i_rnd( 4,b,c,d,a); i_rnd( 2,a,b,c,d);
out_blk[3] = d - l_key[1]; out_blk[2] = c;
out_blk[1] = b - l_key[0]; out_blk[0] = a;
};