diff options
Diffstat (limited to 'src/libsodium/crypto_core')
-rw-r--r-- | src/libsodium/crypto_core/hsalsa20/checksum | 1 | ||||
-rw-r--r-- | src/libsodium/crypto_core/hsalsa20/core_hsalsa20_api.c | 21 | ||||
-rw-r--r-- | src/libsodium/crypto_core/hsalsa20/ref2/api.h | 10 | ||||
-rw-r--r-- | src/libsodium/crypto_core/hsalsa20/ref2/core_hsalsa20.c | 108 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa20/checksum | 1 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa20/core_salsa20_api.c | 21 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa20/ref/api.h | 10 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa20/ref/core_salsa20.c | 134 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa2012/checksum | 1 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa2012/core_salsa2012_api.c | 21 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa2012/ref/api.h | 10 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c | 134 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa208/checksum | 1 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa208/core_salsa208_api.c | 21 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa208/ref/api.h | 10 | ||||
-rw-r--r-- | src/libsodium/crypto_core/salsa208/ref/core_salsa208.c | 134 |
16 files changed, 638 insertions, 0 deletions
diff --git a/src/libsodium/crypto_core/hsalsa20/checksum b/src/libsodium/crypto_core/hsalsa20/checksum new file mode 100644 index 0000000..f67bb2e --- /dev/null +++ b/src/libsodium/crypto_core/hsalsa20/checksum @@ -0,0 +1 @@ +28ebe700b5878570702a68740aa131e6fa907e58a3f6915cd183c6db3f7afd7a diff --git a/src/libsodium/crypto_core/hsalsa20/core_hsalsa20_api.c b/src/libsodium/crypto_core/hsalsa20/core_hsalsa20_api.c new file mode 100644 index 0000000..37c4923 --- /dev/null +++ b/src/libsodium/crypto_core/hsalsa20/core_hsalsa20_api.c @@ -0,0 +1,21 @@ +#include "crypto_core_hsalsa20.h" + +size_t +crypto_core_hsalsa20_outputbytes(void) { + return crypto_core_hsalsa20_OUTPUTBYTES; +} + +size_t +crypto_core_hsalsa20_inputbytes(void) { + return crypto_core_hsalsa20_INPUTBYTES; +} + +size_t +crypto_core_hsalsa20_keybytes(void) { + return crypto_core_hsalsa20_KEYBYTES; +} + +size_t +crypto_core_hsalsa20_constbytes(void) { + return crypto_core_hsalsa20_CONSTBYTES; +} diff --git a/src/libsodium/crypto_core/hsalsa20/ref2/api.h b/src/libsodium/crypto_core/hsalsa20/ref2/api.h new file mode 100644 index 0000000..582cba6 --- /dev/null +++ b/src/libsodium/crypto_core/hsalsa20/ref2/api.h @@ -0,0 +1,10 @@ + +#include "crypto_core_hsalsa20.h" + +#define crypto_core crypto_core_hsalsa20 +#define crypto_core_OUTPUTBYTES crypto_core_hsalsa20_OUTPUTBYTES +#define crypto_core_INPUTBYTES crypto_core_hsalsa20_INPUTBYTES +#define crypto_core_KEYBYTES crypto_core_hsalsa20_KEYBYTES +#define crypto_core_CONSTBYTES crypto_core_hsalsa20_CONSTBYTES +#define crypto_core_IMPLEMENTATION crypto_core_hsalsa20_IMPLEMENTATION +#define crypto_core_VERSION crypto_core_hsalsa20_VERSION diff --git a/src/libsodium/crypto_core/hsalsa20/ref2/core_hsalsa20.c b/src/libsodium/crypto_core/hsalsa20/ref2/core_hsalsa20.c new file mode 100644 index 0000000..c9bd359 --- /dev/null +++ b/src/libsodium/crypto_core/hsalsa20/ref2/core_hsalsa20.c @@ -0,0 +1,108 @@ +/* +version 20080912 +D. J. Bernstein +Public domain. +*/ + +#include "api.h" + +#define ROUNDS 20 + +typedef unsigned int uint32; + +static uint32 rotate(uint32 u,int c) +{ + return (u << c) | (u >> (32 - c)); +} + +static uint32 load_littleendian(const unsigned char *x) +{ + return + (uint32) (x[0]) \ + | (((uint32) (x[1])) << 8) \ + | (((uint32) (x[2])) << 16) \ + | (((uint32) (x[3])) << 24) + ; +} + +static void store_littleendian(unsigned char *x,uint32 u) +{ + x[0] = u; u >>= 8; + x[1] = u; u >>= 8; + x[2] = u; u >>= 8; + x[3] = u; +} + +int crypto_core( + unsigned char *out, + const unsigned char *in, + const unsigned char *k, + const unsigned char *c +) +{ + uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + int i; + + x0 = load_littleendian(c + 0); + x1 = load_littleendian(k + 0); + x2 = load_littleendian(k + 4); + x3 = load_littleendian(k + 8); + x4 = load_littleendian(k + 12); + x5 = load_littleendian(c + 4); + x6 = load_littleendian(in + 0); + x7 = load_littleendian(in + 4); + x8 = load_littleendian(in + 8); + x9 = load_littleendian(in + 12); + x10 = load_littleendian(c + 8); + x11 = load_littleendian(k + 16); + x12 = load_littleendian(k + 20); + x13 = load_littleendian(k + 24); + x14 = load_littleendian(k + 28); + x15 = load_littleendian(c + 12); + + for (i = ROUNDS;i > 0;i -= 2) { + x4 ^= rotate( x0+x12, 7); + x8 ^= rotate( x4+ x0, 9); + x12 ^= rotate( x8+ x4,13); + x0 ^= rotate(x12+ x8,18); + x9 ^= rotate( x5+ x1, 7); + x13 ^= rotate( x9+ x5, 9); + x1 ^= rotate(x13+ x9,13); + x5 ^= rotate( x1+x13,18); + x14 ^= rotate(x10+ x6, 7); + x2 ^= rotate(x14+x10, 9); + x6 ^= rotate( x2+x14,13); + x10 ^= rotate( x6+ x2,18); + x3 ^= rotate(x15+x11, 7); + x7 ^= rotate( x3+x15, 9); + x11 ^= rotate( x7+ x3,13); + x15 ^= rotate(x11+ x7,18); + x1 ^= rotate( x0+ x3, 7); + x2 ^= rotate( x1+ x0, 9); + x3 ^= rotate( x2+ x1,13); + x0 ^= rotate( x3+ x2,18); + x6 ^= rotate( x5+ x4, 7); + x7 ^= rotate( x6+ x5, 9); + x4 ^= rotate( x7+ x6,13); + x5 ^= rotate( x4+ x7,18); + x11 ^= rotate(x10+ x9, 7); + x8 ^= rotate(x11+x10, 9); + x9 ^= rotate( x8+x11,13); + x10 ^= rotate( x9+ x8,18); + x12 ^= rotate(x15+x14, 7); + x13 ^= rotate(x12+x15, 9); + x14 ^= rotate(x13+x12,13); + x15 ^= rotate(x14+x13,18); + } + + store_littleendian(out + 0,x0); + store_littleendian(out + 4,x5); + store_littleendian(out + 8,x10); + store_littleendian(out + 12,x15); + store_littleendian(out + 16,x6); + store_littleendian(out + 20,x7); + store_littleendian(out + 24,x8); + store_littleendian(out + 28,x9); + + return 0; +} diff --git a/src/libsodium/crypto_core/salsa20/checksum b/src/libsodium/crypto_core/salsa20/checksum new file mode 100644 index 0000000..fcf5618 --- /dev/null +++ b/src/libsodium/crypto_core/salsa20/checksum @@ -0,0 +1 @@ +9d1ee8d84b974e648507ffd93829376c5b4420751710e44f6593abd8769378011d85ecda51ceb8f43661d3c65ef5b57c4f5bf8df76c8202784c8df8def61e6a6 diff --git a/src/libsodium/crypto_core/salsa20/core_salsa20_api.c b/src/libsodium/crypto_core/salsa20/core_salsa20_api.c new file mode 100644 index 0000000..910b461 --- /dev/null +++ b/src/libsodium/crypto_core/salsa20/core_salsa20_api.c @@ -0,0 +1,21 @@ +#include "crypto_core_salsa20.h" + +size_t +crypto_core_salsa20_outputbytes(void) { + return crypto_core_salsa20_OUTPUTBYTES; +} + +size_t +crypto_core_salsa20_inputbytes(void) { + return crypto_core_salsa20_INPUTBYTES; +} + +size_t +crypto_core_salsa20_keybytes(void) { + return crypto_core_salsa20_KEYBYTES; +} + +size_t +crypto_core_salsa20_constbytes(void) { + return crypto_core_salsa20_CONSTBYTES; +} diff --git a/src/libsodium/crypto_core/salsa20/ref/api.h b/src/libsodium/crypto_core/salsa20/ref/api.h new file mode 100644 index 0000000..d34ddeb --- /dev/null +++ b/src/libsodium/crypto_core/salsa20/ref/api.h @@ -0,0 +1,10 @@ + +#include "crypto_core_salsa20.h" + +#define crypto_core crypto_core_salsa20 +#define crypto_core_OUTPUTBYTES crypto_core_salsa20_OUTPUTBYTES +#define crypto_core_INPUTBYTES crypto_core_salsa20_INPUTBYTES +#define crypto_core_KEYBYTES crypto_core_salsa20_KEYBYTES +#define crypto_core_CONSTBYTES crypto_core_salsa20_CONSTBYTES +#define crypto_core_IMPLEMENTATION crypto_core_salsa20_IMPLEMENTATION +#define crypto_core_VERSION crypto_core_salsa20_VERSION diff --git a/src/libsodium/crypto_core/salsa20/ref/core_salsa20.c b/src/libsodium/crypto_core/salsa20/ref/core_salsa20.c new file mode 100644 index 0000000..b2f6f5c --- /dev/null +++ b/src/libsodium/crypto_core/salsa20/ref/core_salsa20.c @@ -0,0 +1,134 @@ +/* +version 20080912 +D. J. Bernstein +Public domain. +*/ + +#include "api.h" + +#define ROUNDS 20 + +typedef unsigned int uint32; + +static uint32 rotate(uint32 u,int c) +{ + return (u << c) | (u >> (32 - c)); +} + +static uint32 load_littleendian(const unsigned char *x) +{ + return + (uint32) (x[0]) \ + | (((uint32) (x[1])) << 8) \ + | (((uint32) (x[2])) << 16) \ + | (((uint32) (x[3])) << 24) + ; +} + +static void store_littleendian(unsigned char *x,uint32 u) +{ + x[0] = u; u >>= 8; + x[1] = u; u >>= 8; + x[2] = u; u >>= 8; + x[3] = u; +} + +int crypto_core( + unsigned char *out, + const unsigned char *in, + const unsigned char *k, + const unsigned char *c +) +{ + uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + uint32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; + int i; + + j0 = x0 = load_littleendian(c + 0); + j1 = x1 = load_littleendian(k + 0); + j2 = x2 = load_littleendian(k + 4); + j3 = x3 = load_littleendian(k + 8); + j4 = x4 = load_littleendian(k + 12); + j5 = x5 = load_littleendian(c + 4); + j6 = x6 = load_littleendian(in + 0); + j7 = x7 = load_littleendian(in + 4); + j8 = x8 = load_littleendian(in + 8); + j9 = x9 = load_littleendian(in + 12); + j10 = x10 = load_littleendian(c + 8); + j11 = x11 = load_littleendian(k + 16); + j12 = x12 = load_littleendian(k + 20); + j13 = x13 = load_littleendian(k + 24); + j14 = x14 = load_littleendian(k + 28); + j15 = x15 = load_littleendian(c + 12); + + for (i = ROUNDS;i > 0;i -= 2) { + x4 ^= rotate( x0+x12, 7); + x8 ^= rotate( x4+ x0, 9); + x12 ^= rotate( x8+ x4,13); + x0 ^= rotate(x12+ x8,18); + x9 ^= rotate( x5+ x1, 7); + x13 ^= rotate( x9+ x5, 9); + x1 ^= rotate(x13+ x9,13); + x5 ^= rotate( x1+x13,18); + x14 ^= rotate(x10+ x6, 7); + x2 ^= rotate(x14+x10, 9); + x6 ^= rotate( x2+x14,13); + x10 ^= rotate( x6+ x2,18); + x3 ^= rotate(x15+x11, 7); + x7 ^= rotate( x3+x15, 9); + x11 ^= rotate( x7+ x3,13); + x15 ^= rotate(x11+ x7,18); + x1 ^= rotate( x0+ x3, 7); + x2 ^= rotate( x1+ x0, 9); + x3 ^= rotate( x2+ x1,13); + x0 ^= rotate( x3+ x2,18); + x6 ^= rotate( x5+ x4, 7); + x7 ^= rotate( x6+ x5, 9); + x4 ^= rotate( x7+ x6,13); + x5 ^= rotate( x4+ x7,18); + x11 ^= rotate(x10+ x9, 7); + x8 ^= rotate(x11+x10, 9); + x9 ^= rotate( x8+x11,13); + x10 ^= rotate( x9+ x8,18); + x12 ^= rotate(x15+x14, 7); + x13 ^= rotate(x12+x15, 9); + x14 ^= rotate(x13+x12,13); + x15 ^= rotate(x14+x13,18); + } + + x0 += j0; + x1 += j1; + x2 += j2; + x3 += j3; + x4 += j4; + x5 += j5; + x6 += j6; + x7 += j7; + x8 += j8; + x9 += j9; + x10 += j10; + x11 += j11; + x12 += j12; + x13 += j13; + x14 += j14; + x15 += j15; + + store_littleendian(out + 0,x0); + store_littleendian(out + 4,x1); + store_littleendian(out + 8,x2); + store_littleendian(out + 12,x3); + store_littleendian(out + 16,x4); + store_littleendian(out + 20,x5); + store_littleendian(out + 24,x6); + store_littleendian(out + 28,x7); + store_littleendian(out + 32,x8); + store_littleendian(out + 36,x9); + store_littleendian(out + 40,x10); + store_littleendian(out + 44,x11); + store_littleendian(out + 48,x12); + store_littleendian(out + 52,x13); + store_littleendian(out + 56,x14); + store_littleendian(out + 60,x15); + + return 0; +} diff --git a/src/libsodium/crypto_core/salsa2012/checksum b/src/libsodium/crypto_core/salsa2012/checksum new file mode 100644 index 0000000..2f99a8d --- /dev/null +++ b/src/libsodium/crypto_core/salsa2012/checksum @@ -0,0 +1 @@ +f36d643f798efc0fca888d3ac4bdcc54c98a968c2da16bd5b8bfe9fe9025a6ca3a207e9362dc7cf17ddfc7477ee754d3f521b1df91640093754f7275b1a54293 diff --git a/src/libsodium/crypto_core/salsa2012/core_salsa2012_api.c b/src/libsodium/crypto_core/salsa2012/core_salsa2012_api.c new file mode 100644 index 0000000..e49a81e --- /dev/null +++ b/src/libsodium/crypto_core/salsa2012/core_salsa2012_api.c @@ -0,0 +1,21 @@ +#include "crypto_core_salsa2012.h" + +size_t +crypto_core_salsa2012_outputbytes(void) { + return crypto_core_salsa2012_OUTPUTBYTES; +} + +size_t +crypto_core_salsa2012_inputbytes(void) { + return crypto_core_salsa2012_INPUTBYTES; +} + +size_t +crypto_core_salsa2012_keybytes(void) { + return crypto_core_salsa2012_KEYBYTES; +} + +size_t +crypto_core_salsa2012_constbytes(void) { + return crypto_core_salsa2012_CONSTBYTES; +} diff --git a/src/libsodium/crypto_core/salsa2012/ref/api.h b/src/libsodium/crypto_core/salsa2012/ref/api.h new file mode 100644 index 0000000..76919a0 --- /dev/null +++ b/src/libsodium/crypto_core/salsa2012/ref/api.h @@ -0,0 +1,10 @@ + +#include "crypto_core_salsa2012.h" + +#define crypto_core crypto_core_salsa2012 +#define crypto_core_OUTPUTBYTES crypto_core_salsa2012_OUTPUTBYTES +#define crypto_core_INPUTBYTES crypto_core_salsa2012_INPUTBYTES +#define crypto_core_KEYBYTES crypto_core_salsa2012_KEYBYTES +#define crypto_core_CONSTBYTES crypto_core_salsa2012_CONSTBYTES +#define crypto_core_IMPLEMENTATION crypto_core_salsa2012_IMPLEMENTATION +#define crypto_core_VERSION crypto_core_salsa2012_VERSION diff --git a/src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c b/src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c new file mode 100644 index 0000000..07a72e7 --- /dev/null +++ b/src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c @@ -0,0 +1,134 @@ +/* +version 20080913 +D. J. Bernstein +Public domain. +*/ + +#include "api.h" + +#define ROUNDS 12 + +typedef unsigned int uint32; + +static uint32 rotate(uint32 u,int c) +{ + return (u << c) | (u >> (32 - c)); +} + +static uint32 load_littleendian(const unsigned char *x) +{ + return + (uint32) (x[0]) \ + | (((uint32) (x[1])) << 8) \ + | (((uint32) (x[2])) << 16) \ + | (((uint32) (x[3])) << 24) + ; +} + +static void store_littleendian(unsigned char *x,uint32 u) +{ + x[0] = u; u >>= 8; + x[1] = u; u >>= 8; + x[2] = u; u >>= 8; + x[3] = u; +} + +int crypto_core( + unsigned char *out, + const unsigned char *in, + const unsigned char *k, + const unsigned char *c +) +{ + uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + uint32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; + int i; + + j0 = x0 = load_littleendian(c + 0); + j1 = x1 = load_littleendian(k + 0); + j2 = x2 = load_littleendian(k + 4); + j3 = x3 = load_littleendian(k + 8); + j4 = x4 = load_littleendian(k + 12); + j5 = x5 = load_littleendian(c + 4); + j6 = x6 = load_littleendian(in + 0); + j7 = x7 = load_littleendian(in + 4); + j8 = x8 = load_littleendian(in + 8); + j9 = x9 = load_littleendian(in + 12); + j10 = x10 = load_littleendian(c + 8); + j11 = x11 = load_littleendian(k + 16); + j12 = x12 = load_littleendian(k + 20); + j13 = x13 = load_littleendian(k + 24); + j14 = x14 = load_littleendian(k + 28); + j15 = x15 = load_littleendian(c + 12); + + for (i = ROUNDS;i > 0;i -= 2) { + x4 ^= rotate( x0+x12, 7); + x8 ^= rotate( x4+ x0, 9); + x12 ^= rotate( x8+ x4,13); + x0 ^= rotate(x12+ x8,18); + x9 ^= rotate( x5+ x1, 7); + x13 ^= rotate( x9+ x5, 9); + x1 ^= rotate(x13+ x9,13); + x5 ^= rotate( x1+x13,18); + x14 ^= rotate(x10+ x6, 7); + x2 ^= rotate(x14+x10, 9); + x6 ^= rotate( x2+x14,13); + x10 ^= rotate( x6+ x2,18); + x3 ^= rotate(x15+x11, 7); + x7 ^= rotate( x3+x15, 9); + x11 ^= rotate( x7+ x3,13); + x15 ^= rotate(x11+ x7,18); + x1 ^= rotate( x0+ x3, 7); + x2 ^= rotate( x1+ x0, 9); + x3 ^= rotate( x2+ x1,13); + x0 ^= rotate( x3+ x2,18); + x6 ^= rotate( x5+ x4, 7); + x7 ^= rotate( x6+ x5, 9); + x4 ^= rotate( x7+ x6,13); + x5 ^= rotate( x4+ x7,18); + x11 ^= rotate(x10+ x9, 7); + x8 ^= rotate(x11+x10, 9); + x9 ^= rotate( x8+x11,13); + x10 ^= rotate( x9+ x8,18); + x12 ^= rotate(x15+x14, 7); + x13 ^= rotate(x12+x15, 9); + x14 ^= rotate(x13+x12,13); + x15 ^= rotate(x14+x13,18); + } + + x0 += j0; + x1 += j1; + x2 += j2; + x3 += j3; + x4 += j4; + x5 += j5; + x6 += j6; + x7 += j7; + x8 += j8; + x9 += j9; + x10 += j10; + x11 += j11; + x12 += j12; + x13 += j13; + x14 += j14; + x15 += j15; + + store_littleendian(out + 0,x0); + store_littleendian(out + 4,x1); + store_littleendian(out + 8,x2); + store_littleendian(out + 12,x3); + store_littleendian(out + 16,x4); + store_littleendian(out + 20,x5); + store_littleendian(out + 24,x6); + store_littleendian(out + 28,x7); + store_littleendian(out + 32,x8); + store_littleendian(out + 36,x9); + store_littleendian(out + 40,x10); + store_littleendian(out + 44,x11); + store_littleendian(out + 48,x12); + store_littleendian(out + 52,x13); + store_littleendian(out + 56,x14); + store_littleendian(out + 60,x15); + + return 0; +} diff --git a/src/libsodium/crypto_core/salsa208/checksum b/src/libsodium/crypto_core/salsa208/checksum new file mode 100644 index 0000000..a16cb52 --- /dev/null +++ b/src/libsodium/crypto_core/salsa208/checksum @@ -0,0 +1 @@ +1e13ea9e74cb36989f7cbf4abc80b29154e1a8b150bd5244951318abea002a93ae9fe2abbcf7217526ac2a85b66c256ba9374b1257eda0c01816da328edfa11a diff --git a/src/libsodium/crypto_core/salsa208/core_salsa208_api.c b/src/libsodium/crypto_core/salsa208/core_salsa208_api.c new file mode 100644 index 0000000..72c336c --- /dev/null +++ b/src/libsodium/crypto_core/salsa208/core_salsa208_api.c @@ -0,0 +1,21 @@ +#include "crypto_core_salsa208.h" + +size_t +crypto_core_salsa208_outputbytes(void) { + return crypto_core_salsa208_OUTPUTBYTES; +} + +size_t +crypto_core_salsa208_inputbytes(void) { + return crypto_core_salsa208_INPUTBYTES; +} + +size_t +crypto_core_salsa208_keybytes(void) { + return crypto_core_salsa208_KEYBYTES; +} + +size_t +crypto_core_salsa208_constbytes(void) { + return crypto_core_salsa208_CONSTBYTES; +} diff --git a/src/libsodium/crypto_core/salsa208/ref/api.h b/src/libsodium/crypto_core/salsa208/ref/api.h new file mode 100644 index 0000000..07d090b --- /dev/null +++ b/src/libsodium/crypto_core/salsa208/ref/api.h @@ -0,0 +1,10 @@ + +#include "crypto_core_salsa208.h" + +#define crypto_core crypto_core_salsa208 +#define crypto_core_OUTPUTBYTES crypto_core_salsa208_OUTPUTBYTES +#define crypto_core_INPUTBYTES crypto_core_salsa208_INPUTBYTES +#define crypto_core_KEYBYTES crypto_core_salsa208_KEYBYTES +#define crypto_core_CONSTBYTES crypto_core_salsa208_CONSTBYTES +#define crypto_core_IMPLEMENTATION crypto_core_salsa208_IMPLEMENTATION +#define crypto_core_VERSION crypto_core_salsa208_VERSION diff --git a/src/libsodium/crypto_core/salsa208/ref/core_salsa208.c b/src/libsodium/crypto_core/salsa208/ref/core_salsa208.c new file mode 100644 index 0000000..be26f82 --- /dev/null +++ b/src/libsodium/crypto_core/salsa208/ref/core_salsa208.c @@ -0,0 +1,134 @@ +/* +version 20080913 +D. J. Bernstein +Public domain. +*/ + +#include "api.h" + +#define ROUNDS 8 + +typedef unsigned int uint32; + +static uint32 rotate(uint32 u,int c) +{ + return (u << c) | (u >> (32 - c)); +} + +static uint32 load_littleendian(const unsigned char *x) +{ + return + (uint32) (x[0]) \ + | (((uint32) (x[1])) << 8) \ + | (((uint32) (x[2])) << 16) \ + | (((uint32) (x[3])) << 24) + ; +} + +static void store_littleendian(unsigned char *x,uint32 u) +{ + x[0] = u; u >>= 8; + x[1] = u; u >>= 8; + x[2] = u; u >>= 8; + x[3] = u; +} + +int crypto_core( + unsigned char *out, + const unsigned char *in, + const unsigned char *k, + const unsigned char *c +) +{ + uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + uint32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; + int i; + + j0 = x0 = load_littleendian(c + 0); + j1 = x1 = load_littleendian(k + 0); + j2 = x2 = load_littleendian(k + 4); + j3 = x3 = load_littleendian(k + 8); + j4 = x4 = load_littleendian(k + 12); + j5 = x5 = load_littleendian(c + 4); + j6 = x6 = load_littleendian(in + 0); + j7 = x7 = load_littleendian(in + 4); + j8 = x8 = load_littleendian(in + 8); + j9 = x9 = load_littleendian(in + 12); + j10 = x10 = load_littleendian(c + 8); + j11 = x11 = load_littleendian(k + 16); + j12 = x12 = load_littleendian(k + 20); + j13 = x13 = load_littleendian(k + 24); + j14 = x14 = load_littleendian(k + 28); + j15 = x15 = load_littleendian(c + 12); + + for (i = ROUNDS;i > 0;i -= 2) { + x4 ^= rotate( x0+x12, 7); + x8 ^= rotate( x4+ x0, 9); + x12 ^= rotate( x8+ x4,13); + x0 ^= rotate(x12+ x8,18); + x9 ^= rotate( x5+ x1, 7); + x13 ^= rotate( x9+ x5, 9); + x1 ^= rotate(x13+ x9,13); + x5 ^= rotate( x1+x13,18); + x14 ^= rotate(x10+ x6, 7); + x2 ^= rotate(x14+x10, 9); + x6 ^= rotate( x2+x14,13); + x10 ^= rotate( x6+ x2,18); + x3 ^= rotate(x15+x11, 7); + x7 ^= rotate( x3+x15, 9); + x11 ^= rotate( x7+ x3,13); + x15 ^= rotate(x11+ x7,18); + x1 ^= rotate( x0+ x3, 7); + x2 ^= rotate( x1+ x0, 9); + x3 ^= rotate( x2+ x1,13); + x0 ^= rotate( x3+ x2,18); + x6 ^= rotate( x5+ x4, 7); + x7 ^= rotate( x6+ x5, 9); + x4 ^= rotate( x7+ x6,13); + x5 ^= rotate( x4+ x7,18); + x11 ^= rotate(x10+ x9, 7); + x8 ^= rotate(x11+x10, 9); + x9 ^= rotate( x8+x11,13); + x10 ^= rotate( x9+ x8,18); + x12 ^= rotate(x15+x14, 7); + x13 ^= rotate(x12+x15, 9); + x14 ^= rotate(x13+x12,13); + x15 ^= rotate(x14+x13,18); + } + + x0 += j0; + x1 += j1; + x2 += j2; + x3 += j3; + x4 += j4; + x5 += j5; + x6 += j6; + x7 += j7; + x8 += j8; + x9 += j9; + x10 += j10; + x11 += j11; + x12 += j12; + x13 += j13; + x14 += j14; + x15 += j15; + + store_littleendian(out + 0,x0); + store_littleendian(out + 4,x1); + store_littleendian(out + 8,x2); + store_littleendian(out + 12,x3); + store_littleendian(out + 16,x4); + store_littleendian(out + 20,x5); + store_littleendian(out + 24,x6); + store_littleendian(out + 28,x7); + store_littleendian(out + 32,x8); + store_littleendian(out + 36,x9); + store_littleendian(out + 40,x10); + store_littleendian(out + 44,x11); + store_littleendian(out + 48,x12); + store_littleendian(out + 52,x13); + store_littleendian(out + 56,x14); + store_littleendian(out + 60,x15); + + return 0; +} |