Jeffrey Walton
GitHub
parent
d106256a29
commit
6faaf35195
59
salsa.cpp
59
salsa.cpp
|
|
@ -36,6 +36,65 @@ void Salsa20_TestInstantiations()
|
|||
}
|
||||
#endif
|
||||
|
||||
void Salsa20_Core(word32* data, unsigned int rounds)
|
||||
{
|
||||
CRYPTOPP_ASSERT(data != NULLPTR);
|
||||
CRYPTOPP_ASSERT(rounds % 2 == 0);
|
||||
|
||||
CRYPTOPP_ALIGN_DATA(16) word32 x[16];
|
||||
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
x[i] = data[i];
|
||||
|
||||
// Rounds must be even
|
||||
for (size_t i = 0; i < rounds; i += 2)
|
||||
{
|
||||
x[ 4] ^= rotlConstant< 7>(x[ 0]+x[12]);
|
||||
x[ 8] ^= rotlConstant< 9>(x[ 4]+x[ 0]);
|
||||
x[12] ^= rotlConstant<13>(x[ 8]+x[ 4]);
|
||||
x[ 0] ^= rotlConstant<18>(x[12]+x[ 8]);
|
||||
|
||||
x[ 9] ^= rotlConstant< 7>(x[ 5]+x[ 1]);
|
||||
x[13] ^= rotlConstant< 9>(x[ 9]+x[ 5]);
|
||||
x[ 1] ^= rotlConstant<13>(x[13]+x[ 9]);
|
||||
x[ 5] ^= rotlConstant<18>(x[ 1]+x[13]);
|
||||
|
||||
x[14] ^= rotlConstant< 7>(x[10]+x[ 6]);
|
||||
x[ 2] ^= rotlConstant< 9>(x[14]+x[10]);
|
||||
x[ 6] ^= rotlConstant<13>(x[ 2]+x[14]);
|
||||
x[10] ^= rotlConstant<18>(x[ 6]+x[ 2]);
|
||||
|
||||
x[ 3] ^= rotlConstant< 7>(x[15]+x[11]);
|
||||
x[ 7] ^= rotlConstant< 9>(x[ 3]+x[15]);
|
||||
x[11] ^= rotlConstant<13>(x[ 7]+x[ 3]);
|
||||
x[15] ^= rotlConstant<18>(x[11]+x[ 7]);
|
||||
|
||||
x[ 1] ^= rotlConstant< 7>(x[ 0]+x[ 3]);
|
||||
x[ 2] ^= rotlConstant< 9>(x[ 1]+x[ 0]);
|
||||
x[ 3] ^= rotlConstant<13>(x[ 2]+x[ 1]);
|
||||
x[ 0] ^= rotlConstant<18>(x[ 3]+x[ 2]);
|
||||
|
||||
x[ 6] ^= rotlConstant< 7>(x[ 5]+x[ 4]);
|
||||
x[ 7] ^= rotlConstant< 9>(x[ 6]+x[ 5]);
|
||||
x[ 4] ^= rotlConstant<13>(x[ 7]+x[ 6]);
|
||||
x[ 5] ^= rotlConstant<18>(x[ 4]+x[ 7]);
|
||||
|
||||
x[11] ^= rotlConstant< 7>(x[10]+x[ 9]);
|
||||
x[ 8] ^= rotlConstant< 9>(x[11]+x[10]);
|
||||
x[ 9] ^= rotlConstant<13>(x[ 8]+x[11]);
|
||||
x[10] ^= rotlConstant<18>(x[ 9]+x[ 8]);
|
||||
|
||||
x[12] ^= rotlConstant< 7>(x[15]+x[14]);
|
||||
x[13] ^= rotlConstant< 9>(x[12]+x[15]);
|
||||
x[14] ^= rotlConstant<13>(x[13]+x[12]);
|
||||
x[15] ^= rotlConstant<18>(x[14]+x[13]);
|
||||
}
|
||||
|
||||
#pragma omp simd
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
data[i] += x[i];
|
||||
}
|
||||
|
||||
void Salsa20_Policy::CipherSetKey(const NameValuePairs ¶ms, const byte *key, size_t length)
|
||||
{
|
||||
m_rounds = params.GetIntValueWithDefault(Name::Rounds(), 20);
|
||||
|
|
|
|||
9
salsa.h
9
salsa.h
|
|
@ -16,6 +16,15 @@
|
|||
|
||||
NAMESPACE_BEGIN(CryptoPP)
|
||||
|
||||
/// \brief Salsa20 core transform
|
||||
/// \param data the data to transform
|
||||
/// \param rounds the number of rounds
|
||||
/// \details Several algorithms, like CryptoBox and Scrypt, require access to
|
||||
/// the core Salsa20 transform. The current Crypto++ implementation does not
|
||||
/// lend itself to disgorging the Salsa20 cipher from the Salsa20 core transform.
|
||||
/// Instead Salsa20_Core is provided with customary accelerations.
|
||||
void Salsa20_Core(word32* data, unsigned int rounds);
|
||||
|
||||
/// \brief Salsa20 stream cipher information
|
||||
struct Salsa20_Info : public VariableKeyLength<32, 16, 32, 16, SimpleKeyingInterface::UNIQUE_IV, 8>
|
||||
{
|
||||
|
|
|
|||
53
scrypt.cpp
53
scrypt.cpp
|
|
@ -23,6 +23,7 @@ ANONYMOUS_NAMESPACE_BEGIN
|
|||
using CryptoPP::byte;
|
||||
using CryptoPP::word32;
|
||||
using CryptoPP::word64;
|
||||
using CryptoPP::Salsa20_Core;
|
||||
using CryptoPP::rotlConstant;
|
||||
using CryptoPP::AlignedSecByteBlock;
|
||||
using CryptoPP::LITTLE_ENDIAN_ORDER;
|
||||
|
|
@ -76,60 +77,12 @@ static inline void PBKDF2_SHA256(byte* buf, size_t dkLen,
|
|||
|
||||
static inline void Salsa20_8(byte B[64])
|
||||
{
|
||||
word32 B32[16], x[16];
|
||||
word32 B32[16];
|
||||
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
B32[i] = LE32DEC(&B[i * 4]);
|
||||
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
x[i] = B32[i];
|
||||
|
||||
for (size_t i = 0; i < 8; i += 2)
|
||||
{
|
||||
x[ 4] ^= rotlConstant< 7>(x[ 0]+x[12]);
|
||||
x[ 8] ^= rotlConstant< 9>(x[ 4]+x[ 0]);
|
||||
x[12] ^= rotlConstant<13>(x[ 8]+x[ 4]);
|
||||
x[ 0] ^= rotlConstant<18>(x[12]+x[ 8]);
|
||||
|
||||
x[ 9] ^= rotlConstant< 7>(x[ 5]+x[ 1]);
|
||||
x[13] ^= rotlConstant< 9>(x[ 9]+x[ 5]);
|
||||
x[ 1] ^= rotlConstant<13>(x[13]+x[ 9]);
|
||||
x[ 5] ^= rotlConstant<18>(x[ 1]+x[13]);
|
||||
|
||||
x[14] ^= rotlConstant< 7>(x[10]+x[ 6]);
|
||||
x[ 2] ^= rotlConstant< 9>(x[14]+x[10]);
|
||||
x[ 6] ^= rotlConstant<13>(x[ 2]+x[14]);
|
||||
x[10] ^= rotlConstant<18>(x[ 6]+x[ 2]);
|
||||
|
||||
x[ 3] ^= rotlConstant< 7>(x[15]+x[11]);
|
||||
x[ 7] ^= rotlConstant< 9>(x[ 3]+x[15]);
|
||||
x[11] ^= rotlConstant<13>(x[ 7]+x[ 3]);
|
||||
x[15] ^= rotlConstant<18>(x[11]+x[ 7]);
|
||||
|
||||
x[ 1] ^= rotlConstant< 7>(x[ 0]+x[ 3]);
|
||||
x[ 2] ^= rotlConstant< 9>(x[ 1]+x[ 0]);
|
||||
x[ 3] ^= rotlConstant<13>(x[ 2]+x[ 1]);
|
||||
x[ 0] ^= rotlConstant<18>(x[ 3]+x[ 2]);
|
||||
|
||||
x[ 6] ^= rotlConstant< 7>(x[ 5]+x[ 4]);
|
||||
x[ 7] ^= rotlConstant< 9>(x[ 6]+x[ 5]);
|
||||
x[ 4] ^= rotlConstant<13>(x[ 7]+x[ 6]);
|
||||
x[ 5] ^= rotlConstant<18>(x[ 4]+x[ 7]);
|
||||
|
||||
x[11] ^= rotlConstant< 7>(x[10]+x[ 9]);
|
||||
x[ 8] ^= rotlConstant< 9>(x[11]+x[10]);
|
||||
x[ 9] ^= rotlConstant<13>(x[ 8]+x[11]);
|
||||
x[10] ^= rotlConstant<18>(x[ 9]+x[ 8]);
|
||||
|
||||
x[12] ^= rotlConstant< 7>(x[15]+x[14]);
|
||||
x[13] ^= rotlConstant< 9>(x[12]+x[15]);
|
||||
x[14] ^= rotlConstant<13>(x[13]+x[12]);
|
||||
x[15] ^= rotlConstant<18>(x[14]+x[13]);
|
||||
}
|
||||
|
||||
#pragma omp simd
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
B32[i] += x[i];
|
||||
Salsa20_Core(B32, 8);
|
||||
|
||||
for (size_t i = 0; i < 16; ++i)
|
||||
LE32ENC(&B[4 * i], B32[i]);
|
||||
|
|
|
|||
Loading…
Reference in New Issue