Botan  2.1.0
Crypto and TLS for C++11
xtea.cpp
Go to the documentation of this file.
1 /*
2 * XTEA
3 * (C) 1999-2009,2016 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/xtea.h>
9 #include <botan/loadstor.h>
10 
11 namespace Botan {
12 
13 /*
14 * XTEA Encryption
15 */
16 void XTEA::encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
17  {
18  const uint32_t* EK = &m_EK[0];
19 
20  const size_t blocks4 = blocks / 4;
21  const size_t blocks_left = blocks % 4;
22 
23  BOTAN_PARALLEL_FOR(size_t i = 0; i < blocks4; i++)
24  {
25  uint32_t L0, R0, L1, R1, L2, R2, L3, R3;
26  load_be(in + 4*BLOCK_SIZE*i, L0, R0, L1, R1, L2, R2, L3, R3);
27 
28  for(size_t r = 0; r != 32; ++r)
29  {
30  L0 += (((R0 << 4) ^ (R0 >> 5)) + R0) ^ EK[2*r];
31  L1 += (((R1 << 4) ^ (R1 >> 5)) + R1) ^ EK[2*r];
32  L2 += (((R2 << 4) ^ (R2 >> 5)) + R2) ^ EK[2*r];
33  L3 += (((R3 << 4) ^ (R3 >> 5)) + R3) ^ EK[2*r];
34 
35  R0 += (((L0 << 4) ^ (L0 >> 5)) + L0) ^ EK[2*r+1];
36  R1 += (((L1 << 4) ^ (L1 >> 5)) + L1) ^ EK[2*r+1];
37  R2 += (((L2 << 4) ^ (L2 >> 5)) + L2) ^ EK[2*r+1];
38  R3 += (((L3 << 4) ^ (L3 >> 5)) + L3) ^ EK[2*r+1];
39  }
40 
41  store_be(out + 4*BLOCK_SIZE*i, L0, R0, L1, R1, L2, R2, L3, R3);
42  }
43 
44  BOTAN_PARALLEL_FOR(size_t i = 0; i < blocks_left; ++i)
45  {
46  uint32_t L, R;
47  load_be(in + BLOCK_SIZE*(4*blocks4+i), L, R);
48 
49  for(size_t r = 0; r != 32; ++r)
50  {
51  L += (((R << 4) ^ (R >> 5)) + R) ^ EK[2*r];
52  R += (((L << 4) ^ (L >> 5)) + L) ^ EK[2*r+1];
53  }
54 
55  store_be(out + BLOCK_SIZE*(4*blocks4+i), L, R);
56  }
57  }
58 
59 /*
60 * XTEA Decryption
61 */
62 void XTEA::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
63  {
64  const uint32_t* EK = &m_EK[0];
65 
66  const size_t blocks4 = blocks / 4;
67  const size_t blocks_left = blocks % 4;
68 
69  BOTAN_PARALLEL_FOR(size_t i = 0; i < blocks4; i++)
70  {
71  uint32_t L0, R0, L1, R1, L2, R2, L3, R3;
72  load_be(in + 4*BLOCK_SIZE*i, L0, R0, L1, R1, L2, R2, L3, R3);
73 
74  for(size_t r = 0; r != 32; ++r)
75  {
76  R0 -= (((L0 << 4) ^ (L0 >> 5)) + L0) ^ EK[63 - 2*r];
77  R1 -= (((L1 << 4) ^ (L1 >> 5)) + L1) ^ EK[63 - 2*r];
78  R2 -= (((L2 << 4) ^ (L2 >> 5)) + L2) ^ EK[63 - 2*r];
79  R3 -= (((L3 << 4) ^ (L3 >> 5)) + L3) ^ EK[63 - 2*r];
80 
81  L0 -= (((R0 << 4) ^ (R0 >> 5)) + R0) ^ EK[62 - 2*r];
82  L1 -= (((R1 << 4) ^ (R1 >> 5)) + R1) ^ EK[62 - 2*r];
83  L2 -= (((R2 << 4) ^ (R2 >> 5)) + R2) ^ EK[62 - 2*r];
84  L3 -= (((R3 << 4) ^ (R3 >> 5)) + R3) ^ EK[62 - 2*r];
85  }
86 
87  store_be(out + 4*BLOCK_SIZE*i, L0, R0, L1, R1, L2, R2, L3, R3);
88  }
89 
90  BOTAN_PARALLEL_FOR(size_t i = 0; i < blocks_left; ++i)
91  {
92  uint32_t L, R;
93  load_be(in + BLOCK_SIZE*(4*blocks4+i), L, R);
94 
95  for(size_t r = 0; r != 32; ++r)
96  {
97  R -= (((L << 4) ^ (L >> 5)) + L) ^ m_EK[63 - 2*r];
98  L -= (((R << 4) ^ (R >> 5)) + R) ^ m_EK[62 - 2*r];
99  }
100 
101  store_be(out + BLOCK_SIZE*(4*blocks4+i), L, R);
102  }
103  }
104 
105 /*
106 * XTEA Key Schedule
107 */
108 void XTEA::key_schedule(const uint8_t key[], size_t)
109  {
110  m_EK.resize(64);
111 
113  for(size_t i = 0; i != 4; ++i)
114  UK[i] = load_be<uint32_t>(key, i);
115 
116  uint32_t D = 0;
117  for(size_t i = 0; i != 64; i += 2)
118  {
119  m_EK[i ] = D + UK[D % 4];
120  D += 0x9E3779B9;
121  m_EK[i+1] = D + UK[(D >> 11) % 4];
122  }
123  }
124 
126  {
127  zap(m_EK);
128  }
129 
130 }
void decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const override
Definition: xtea.cpp:62
void clear() override
Definition: xtea.cpp:125
void zap(std::vector< T, Alloc > &vec)
Definition: secmem.h:221
void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:441
uint32_t load_be< uint32_t >(const uint8_t in[], size_t off)
Definition: loadstor.h:185
#define BOTAN_PARALLEL_FOR
Definition: compiler.h:129
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
void encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const override
Definition: xtea.cpp:16
T load_be(const uint8_t in[], size_t off)
Definition: loadstor.h:113
Definition: alg_id.cpp:13