Commit 588e0e8f authored by Niels Möller's avatar Niels Möller

New salsa20 constants.

parent a33775b0
2012-03-31 Niels Möller <nisse@lysator.liu.se>
* salsa20.h (SALSA20_BLOCK_SIZE): New constant.
(_SALSA20_INPUT_LENGTH): New constant.
* salsa20.c: Use these constants.
* salsa20.c (ROTL32): Deleted macro, use the one from macros.h
instead, with reversed order of arguments.
(ROTATE, XOR, PLUS, PLUSONE): Deleted macros, use ROTL32 and
......
......@@ -52,12 +52,12 @@
#define U8TO32_LITTLE(p) U32TO32_LITTLE(((uint32_t*)(p))[0])
#define U32TO8_LITTLE(p, v) (((uint32_t*)(p))[0] = U32TO32_LITTLE(v))
static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
static void salsa20_wordtobyte(uint8_t output[SALSA20_BLOCK_SIZE],const uint32_t input[_SALSA20_INPUT_LENGTH])
{
uint32_t x[16];
uint32_t x[_SALSA20_INPUT_LENGTH];
int i;
for (i = 0;i < 16;++i) x[i] = input[i];
for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) x[i] = input[i];
for (i = 20;i > 0;i -= 2) {
x[ 4] ^= ROTL32( 7, x[ 0] + x[12]);
x[ 8] ^= ROTL32( 9, x[ 4] + x[ 0]);
......@@ -92,12 +92,12 @@ static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
x[14] ^= ROTL32(13, x[13] + x[12]);
x[15] ^= ROTL32(18, x[14] + x[13]);
}
for (i = 0;i < 16;++i) x[i] = x[i] + input[i];
for (i = 0;i < 16;++i) U32TO8_LITTLE(output + 4 * i,x[i]);
for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) x[i] = x[i] + input[i];
for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) U32TO8_LITTLE(output + 4 * i,x[i]);
}
static const char sigma[16] = "expand 32-byte k";
static const char tau[16] = "expand 16-byte k";
static const char sigma[_SALSA20_INPUT_LENGTH] = "expand 32-byte k";
static const char tau[_SALSA20_INPUT_LENGTH] = "expand 16-byte k";
void
salsa20_set_key(struct salsa20_ctx *ctx,
......@@ -144,7 +144,7 @@ salsa20_crypt(struct salsa20_ctx *ctx,
uint8_t *c,
const uint8_t *m)
{
uint8_t output[64];
uint8_t output[SALSA20_BLOCK_SIZE];
unsigned i;
if (!length) return;
......@@ -155,13 +155,13 @@ salsa20_crypt(struct salsa20_ctx *ctx,
ctx->input[9]++;
/* stopping at 2^70 length per nonce is user's responsibility */
}
if (length <= 64) {
if (length <= SALSA20_BLOCK_SIZE) {
for (i = 0;i < length;++i) c[i] = m[i] ^ output[i];
return;
}
for (i = 0;i < 64;++i) c[i] = m[i] ^ output[i];
length -= 64;
c += 64;
m += 64;
for (i = 0;i < SALSA20_BLOCK_SIZE;++i) c[i] = m[i] ^ output[i];
length -= SALSA20_BLOCK_SIZE;
c += SALSA20_BLOCK_SIZE;
m += SALSA20_BLOCK_SIZE;
}
}
......@@ -43,12 +43,24 @@ extern "C" {
#define SALSA20_MIN_KEY_SIZE 16
#define SALSA20_MAX_KEY_SIZE 32
#define SALSA20_KEY_SIZE 32
#define SALSA20_BLOCK_SIZE 64
#define SALSA20_IV_SIZE 8
#define _SALSA20_INPUT_LENGTH 16
struct salsa20_ctx
{
uint32_t input[16];
/* Indices 1-4 and 11-14 holds the key (two identical copies for the
shorter key size), indices 0, 5, 10, 15 are constant, indices 6, 7
are the IV, and indices 8, 9 are the block counter:
C K K K
K C I I
B B C K
K K K C
*/
uint32_t input[_SALSA20_INPUT_LENGTH];
};
void
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment