Commit 20c14ca3 authored by Niels Möller's avatar Niels Möller
Browse files

Reverted broken byte-order change from 2001-06-17:

* serpent.c (serpent_set_key): Use correct byteorder.
(serpent_encrypt): Likewise.
(serpent_decrypt): Likewise.

Rev: nettle/serpent.c:1.3
parent 837992e8
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
/* nettle, low-level cryptographics library /* nettle, low-level cryptographics library
* *
* Copyright (C) 1998, 2000, 2001, Ross Anderson, Eli Biham, Lars * Copyright (C) 1998, 2000, 2001, 2011,
* Knudsen, Rafael R. Sevilla, Niels Mller * Ross Anderson, Eli Biham, Lars Knudsen, Rafael R. Sevilla, Niels Mller
* *
* This program is free software; you can redistribute it and/or * This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as * modify it under the terms of the GNU General Public License as
...@@ -56,26 +56,23 @@ serpent_set_key(struct serpent_ctx *ctx, ...@@ -56,26 +56,23 @@ serpent_set_key(struct serpent_ctx *ctx,
assert(key_size >= SERPENT_MIN_KEY_SIZE); assert(key_size >= SERPENT_MIN_KEY_SIZE);
assert(key_size <= SERPENT_MAX_KEY_SIZE); assert(key_size <= SERPENT_MAX_KEY_SIZE);
for (i = key_size, j = 0; for (i = 0; key_size >= 4; key_size -= 4, key += 4, i++)
(i >= 4);
i-=4, j++)
{ {
assert(j<8); assert(i < 8);
/* Read the key in the reverse direction. Why? */ w[i] = LE_READ_UINT32 (key);
w[j] = READ_UINT32(key + i - 4);
} }
if (j < 8) if (i < 8)
{ {
/* Pad key, "aabbccddeeff" -> 0xccddeeff, 0x01aabb" */ /* Pad key, "aabbcc" -> "aabbcc0100...00" -> 0x01ccbbaa*/
uint32_t partial = 0x01; uint32_t partial = 0x01;
while (i) while (key_size > 0)
partial = (partial << 8 ) | *key++; partial = (partial << 8 ) | key[--key_size];
w[j++] = partial;
while (j < 8) w[i++] = partial;
w[j++] = 0; while (i < 8)
} w[i++] = 0;
}
for(i=8; i<16; i++) for(i=8; i<16; i++)
w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^(i-8),11); w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^(i-8),11);
...@@ -133,11 +130,10 @@ serpent_encrypt(const struct serpent_ctx *ctx, ...@@ -133,11 +130,10 @@ serpent_encrypt(const struct serpent_ctx *ctx,
FOR_BLOCKS(length, dst, plain, SERPENT_BLOCK_SIZE) FOR_BLOCKS(length, dst, plain, SERPENT_BLOCK_SIZE)
{ {
/* Why the reverse order? */ x0 = LE_READ_UINT32(plain);
x0=READ_UINT32(plain + 12); x1 = LE_READ_UINT32(plain + 4);
x1=READ_UINT32(plain + 8); x2 = LE_READ_UINT32(plain + 8);
x2=READ_UINT32(plain + 4); x3 = LE_READ_UINT32(plain + 12);
x3=READ_UINT32(plain);
/* Start to encrypt the plaintext x */ /* Start to encrypt the plaintext x */
keying(x0, x1, x2, x3, ctx->keys[ 0]); keying(x0, x1, x2, x3, ctx->keys[ 0]);
...@@ -239,12 +235,10 @@ serpent_encrypt(const struct serpent_ctx *ctx, ...@@ -239,12 +235,10 @@ serpent_encrypt(const struct serpent_ctx *ctx,
keying(x0, x1, x2, x3, ctx->keys[32]); keying(x0, x1, x2, x3, ctx->keys[32]);
/* The ciphertext is now in x */ /* The ciphertext is now in x */
LE_WRITE_UINT32(dst, x0);
/* Why the reverse order? */ LE_WRITE_UINT32(dst+4, x1);
WRITE_UINT32(dst, x3); LE_WRITE_UINT32(dst+8, x2);
WRITE_UINT32(dst+4, x2); LE_WRITE_UINT32(dst+12, x3);
WRITE_UINT32(dst+8, x1);
WRITE_UINT32(dst+12, x0);
} }
} }
...@@ -258,11 +252,10 @@ serpent_decrypt(const struct serpent_ctx *ctx, ...@@ -258,11 +252,10 @@ serpent_decrypt(const struct serpent_ctx *ctx,
FOR_BLOCKS(length, dst, cipher, SERPENT_BLOCK_SIZE) FOR_BLOCKS(length, dst, cipher, SERPENT_BLOCK_SIZE)
{ {
/* Why the reverse order? */ x0 = LE_READ_UINT32(cipher);
x0 = READ_UINT32(cipher + 12); x1 = LE_READ_UINT32(cipher + 4);
x1 = READ_UINT32(cipher + 8); x2 = LE_READ_UINT32(cipher + 8);
x2 = READ_UINT32(cipher + 4); x3 = LE_READ_UINT32(cipher + 12);
x3 = READ_UINT32(cipher);
/* Start to decrypt the ciphertext x */ /* Start to decrypt the ciphertext x */
keying(x0, x1, x2, x3, ctx->keys[32]); keying(x0, x1, x2, x3, ctx->keys[32]);
...@@ -364,11 +357,9 @@ serpent_decrypt(const struct serpent_ctx *ctx, ...@@ -364,11 +357,9 @@ serpent_decrypt(const struct serpent_ctx *ctx,
keying(x0, x1, x2, x3, ctx->keys[ 0]); keying(x0, x1, x2, x3, ctx->keys[ 0]);
/* The plaintext is now in x */ /* The plaintext is now in x */
LE_WRITE_UINT32(dst, x0);
/* Why the reverse order? */ LE_WRITE_UINT32(dst+4, x1);
WRITE_UINT32(dst, x3); LE_WRITE_UINT32(dst+8, x2);
WRITE_UINT32(dst+4, x2); LE_WRITE_UINT32(dst+12, x3);
WRITE_UINT32(dst+8, x1);
WRITE_UINT32(dst+12, x0);
} }
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment