diff --git a/include/nil/crypto3/block/des.hpp b/include/nil/crypto3/block/des.hpp new file mode 100644 index 0000000..7ef7cd3 --- /dev/null +++ b/include/nil/crypto3/block/des.hpp @@ -0,0 +1,212 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2018-2020 Mikhail Komarov +// Copyright (c) 2020 Nikita Kaskov +// +// Distributed under the Boost Software License, Version 1.0 +// See accompanying file LICENSE_1_0.txt or copy at +// http://www.boost.org/LICENSE_1_0.txt +//---------------------------------------------------------------------------// + +#ifndef CRYPTO3_BLOCK_DES_HPP +#define CRYPTO3_BLOCK_DES_HPP + +#include + +#include + +#include +#include + +namespace nil { + namespace crypto3 { + namespace block { + /*! + * @brief DES. Triple DES. Originally designed by IBM and NSA in the 1970s. + * + * Today, DES's 56-bit key renders it insecure to any well-resourced + * attacker. DESX and 3DES extend the key length, and are still thought + * to be secure, modulo the limitation of a 64-bit block. + * All are somewhat common in some industries such as finance. + * Avoid in new code. + * + * @ingroup block + */ + class des { + protected: + typedef detail::des_functions policy_type; + + constexpr static const std::size_t key_schedule_size = policy_type::key_schedule_size; + typedef typename policy_type::key_schedule_type key_schedule_type; + + public: + constexpr static const std::size_t word_bits = policy_type::word_bits; + typedef typename policy_type::word_type word_type; + + constexpr static const std::size_t block_bits = policy_type::block_bits; + constexpr static const std::size_t block_words = policy_type::block_words; + typedef typename policy_type::block_type block_type; + + constexpr static const std::size_t key_bits = policy_type::key_bits; + constexpr static const std::size_t key_words = policy_type::key_words; + typedef typename policy_type::key_type key_type; + + template + struct stream_processor { + struct params_type { + + constexpr static const std::size_t value_bits = ValueBits; + constexpr static const std::size_t length_bits = policy_type::word_bits * 2; + }; + + typedef block_stream_processor type; + }; + + typedef typename stream_endian::little_octet_big_bit endian_type; + + des(const key_type &key) { + schedule_key(key); + } + + ~des() { + round_key.fill(0); + } + + inline block_type encrypt(const block_type &plaintext) const { + return encrypt_block(plaintext); + } + + inline block_type decrypt(const block_type &ciphertext) const { + return decrypt_block(ciphertext); + } + + protected: + key_schedule_type round_key; + + inline void schedule_key(const key_type &key) { + policy_type::des_key_schedule(round_key, key); + } + + inline block_type encrypt_block(const block_type &plaintext) const { + block_type out; + + word_type L, R; + policy_type::ip(L, R, plaintext); + policy_type::des_encrypt(L, R, round_key); + policy_type::fp(L, R, out); + + return out; + } + + inline block_type decrypt_block(const block_type &ciphertext) const { + block_type out; + + word_type L, R; + policy_type::ip(L, R, ciphertext); + policy_type::des_decrypt(L, R, round_key); + policy_type::fp(L, R, out); + + return out; + } + }; + + template + class triple_des { + protected: + typedef detail::des_functions> policy_type; + + public: + constexpr static const std::size_t rounds = policy_type::rounds; + + constexpr static const std::size_t word_bits = policy_type::word_bits; + typedef typename policy_type::word_type word_type; + + constexpr static const std::size_t block_bits = policy_type::block_bits; + constexpr static const std::size_t block_words = policy_type::block_words; + typedef typename policy_type::block_type block_type; + + constexpr static const std::size_t key_bits = policy_type::key_bits; + constexpr static const std::size_t key_words = policy_type::key_words; + typedef typename policy_type::key_type key_type; + + constexpr static const std::size_t key_schedule_size = policy_type::key_schedule_size; + typedef typename policy_type::key_schedule_type key_schedule_type; + + template class Mode, typename StateAccumulator, std::size_t ValueBits, + typename Padding> + struct stream_processor { + struct params_type { + typedef typename stream_endian::little_octet_big_bit endian_type; + + constexpr static const std::size_t value_bits = ValueBits; + constexpr static const std::size_t length_bits = policy_type::word_bits * 2; + }; + + typedef block_stream_processor, Padding>, StateAccumulator, params_type> + type; + }; + + triple_des(const key_type &key) { + schedule_key(key); + } + + ~triple_des() { + round_key.fill(0); + } + + inline block_type encrypt(const block_type &plaintext) const { + return encrypt_block(plaintext); + } + + inline block_type decrypt(const block_type &ciphertext) const { + return decrypt_block(ciphertext); + } + + protected: + key_schedule_type round_key; + + inline void schedule_key(const key_type &key) { + policy_type::des_key_schedule(&round_key[0], key); + policy_type::des_key_schedule(&round_key[32], key + 8); + + if (key.size() == 24) { + policy_type::des_key_schedule(&round_key[64], key + 16); + } else { + copy_mem(&round_key[64], &round_key[0], 32); + } + } + + inline block_type encrypt_block(const block_type &plaintext) const { + block_type out; + word_type L, R; + + policy_type::ip(L, R, plaintext); + + policy_type::des_encrypt(L, R, &round_key[0]); + policy_type::des_decrypt(R, L, &round_key[32]); + policy_type::des_encrypt(L, R, &round_key[64]); + + policy_type::fp(L, R, out); + + return out; + } + + inline block_type decrypt_block(const block_type &ciphertext) const { + block_type out; + word_type L, R; + + policy_type::ip(L, R, ciphertext); + + policy_type::des_decrypt(L, R, &round_key[64]); + policy_type::des_encrypt(R, L, &round_key[32]); + policy_type::des_decrypt(L, R, &round_key[0]); + + policy_type::fp(L, R, out); + + return out; + } + }; + } // namespace block + } // namespace crypto3 +} // namespace nil + +#endif diff --git a/include/nil/crypto3/block/detail/des/basic_des_policy.hpp b/include/nil/crypto3/block/detail/des/basic_des_policy.hpp new file mode 100644 index 0000000..c3a05f6 --- /dev/null +++ b/include/nil/crypto3/block/detail/des/basic_des_policy.hpp @@ -0,0 +1,609 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2018-2020 Mikhail Komarov +// +// Distributed under the Boost Software License, Version 1.0 +// See accompanying file LICENSE_1_0.txt or copy at +// http://www.boost.org/LICENSE_1_0.txt +//---------------------------------------------------------------------------// + +#ifndef CRYPTO3_BASIC_DES_POLICY_HPP +#define CRYPTO3_BASIC_DES_POLICY_HPP + +#include + +namespace nil { + namespace crypto3 { + namespace block { + namespace detail { + struct basic_des_policy : public ::nil::crypto3::detail::basic_functions<32> { + typedef ::nil::crypto3::detail::basic_functions<32> policy_type; + + typedef typename policy_type::byte_type byte_type; + + constexpr static const std::size_t word_bits = policy_type::word_bits; + typedef typename policy_type::word_type word_type; + + constexpr static const std::size_t substitution_size = 256; + typedef std::array substitution_type; + typedef std::array::exact, substitution_size> table_type; + + constexpr static const substitution_type sbox1 = { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004, + 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004, + 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004, + 0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004}; + + constexpr static const substitution_type sbox2 = { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000, + 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000, + 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000, + 0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000}; + + constexpr static const substitution_type sbox3 = { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200, + 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200, + 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200, + 0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200}; + + constexpr static const substitution_type sbox4 = { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080}; + + constexpr static const substitution_type sbox5 = { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100, + 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100, + 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100, + 0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100}; + + constexpr static const substitution_type sbox6 = { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010, + 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010, + 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010, + 0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010}; + + constexpr static const substitution_type sbox7 = { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002, + 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002, + 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002, + 0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002}; + + constexpr static const substitution_type sbox8 = { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000, + 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000, + 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000, + 0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000}; + + constexpr static const table_type iptab1 = { + 0x0000000000000000, 0x0000000200000000, 0x0000000000000002, 0x0000000200000002, + 0x0000020000000000, 0x0000020200000000, 0x0000020000000002, 0x0000020200000002, + 0x0000000000000200, 0x0000000200000200, 0x0000000000000202, 0x0000000200000202, + 0x0000020000000200, 0x0000020200000200, 0x0000020000000202, 0x0000020200000202, + 0x0002000000000000, 0x0002000200000000, 0x0002000000000002, 0x0002000200000002, + 0x0002020000000000, 0x0002020200000000, 0x0002020000000002, 0x0002020200000002, + 0x0002000000000200, 0x0002000200000200, 0x0002000000000202, 0x0002000200000202, + 0x0002020000000200, 0x0002020200000200, 0x0002020000000202, 0x0002020200000202, + 0x0000000000020000, 0x0000000200020000, 0x0000000000020002, 0x0000000200020002, + 0x0000020000020000, 0x0000020200020000, 0x0000020000020002, 0x0000020200020002, + 0x0000000000020200, 0x0000000200020200, 0x0000000000020202, 0x0000000200020202, + 0x0000020000020200, 0x0000020200020200, 0x0000020000020202, 0x0000020200020202, + 0x0002000000020000, 0x0002000200020000, 0x0002000000020002, 0x0002000200020002, + 0x0002020000020000, 0x0002020200020000, 0x0002020000020002, 0x0002020200020002, + 0x0002000000020200, 0x0002000200020200, 0x0002000000020202, 0x0002000200020202, + 0x0002020000020200, 0x0002020200020200, 0x0002020000020202, 0x0002020200020202, + 0x0200000000000000, 0x0200000200000000, 0x0200000000000002, 0x0200000200000002, + 0x0200020000000000, 0x0200020200000000, 0x0200020000000002, 0x0200020200000002, + 0x0200000000000200, 0x0200000200000200, 0x0200000000000202, 0x0200000200000202, + 0x0200020000000200, 0x0200020200000200, 0x0200020000000202, 0x0200020200000202, + 0x0202000000000000, 0x0202000200000000, 0x0202000000000002, 0x0202000200000002, + 0x0202020000000000, 0x0202020200000000, 0x0202020000000002, 0x0202020200000002, + 0x0202000000000200, 0x0202000200000200, 0x0202000000000202, 0x0202000200000202, + 0x0202020000000200, 0x0202020200000200, 0x0202020000000202, 0x0202020200000202, + 0x0200000000020000, 0x0200000200020000, 0x0200000000020002, 0x0200000200020002, + 0x0200020000020000, 0x0200020200020000, 0x0200020000020002, 0x0200020200020002, + 0x0200000000020200, 0x0200000200020200, 0x0200000000020202, 0x0200000200020202, + 0x0200020000020200, 0x0200020200020200, 0x0200020000020202, 0x0200020200020202, + 0x0202000000020000, 0x0202000200020000, 0x0202000000020002, 0x0202000200020002, + 0x0202020000020000, 0x0202020200020000, 0x0202020000020002, 0x0202020200020002, + 0x0202000000020200, 0x0202000200020200, 0x0202000000020202, 0x0202000200020202, + 0x0202020000020200, 0x0202020200020200, 0x0202020000020202, 0x0202020200020202, + 0x0000000002000000, 0x0000000202000000, 0x0000000002000002, 0x0000000202000002, + 0x0000020002000000, 0x0000020202000000, 0x0000020002000002, 0x0000020202000002, + 0x0000000002000200, 0x0000000202000200, 0x0000000002000202, 0x0000000202000202, + 0x0000020002000200, 0x0000020202000200, 0x0000020002000202, 0x0000020202000202, + 0x0002000002000000, 0x0002000202000000, 0x0002000002000002, 0x0002000202000002, + 0x0002020002000000, 0x0002020202000000, 0x0002020002000002, 0x0002020202000002, + 0x0002000002000200, 0x0002000202000200, 0x0002000002000202, 0x0002000202000202, + 0x0002020002000200, 0x0002020202000200, 0x0002020002000202, 0x0002020202000202, + 0x0000000002020000, 0x0000000202020000, 0x0000000002020002, 0x0000000202020002, + 0x0000020002020000, 0x0000020202020000, 0x0000020002020002, 0x0000020202020002, + 0x0000000002020200, 0x0000000202020200, 0x0000000002020202, 0x0000000202020202, + 0x0000020002020200, 0x0000020202020200, 0x0000020002020202, 0x0000020202020202, + 0x0002000002020000, 0x0002000202020000, 0x0002000002020002, 0x0002000202020002, + 0x0002020002020000, 0x0002020202020000, 0x0002020002020002, 0x0002020202020002, + 0x0002000002020200, 0x0002000202020200, 0x0002000002020202, 0x0002000202020202, + 0x0002020002020200, 0x0002020202020200, 0x0002020002020202, 0x0002020202020202, + 0x0200000002000000, 0x0200000202000000, 0x0200000002000002, 0x0200000202000002, + 0x0200020002000000, 0x0200020202000000, 0x0200020002000002, 0x0200020202000002, + 0x0200000002000200, 0x0200000202000200, 0x0200000002000202, 0x0200000202000202, + 0x0200020002000200, 0x0200020202000200, 0x0200020002000202, 0x0200020202000202, + 0x0202000002000000, 0x0202000202000000, 0x0202000002000002, 0x0202000202000002, + 0x0202020002000000, 0x0202020202000000, 0x0202020002000002, 0x0202020202000002, + 0x0202000002000200, 0x0202000202000200, 0x0202000002000202, 0x0202000202000202, + 0x0202020002000200, 0x0202020202000200, 0x0202020002000202, 0x0202020202000202, + 0x0200000002020000, 0x0200000202020000, 0x0200000002020002, 0x0200000202020002, + 0x0200020002020000, 0x0200020202020000, 0x0200020002020002, 0x0200020202020002, + 0x0200000002020200, 0x0200000202020200, 0x0200000002020202, 0x0200000202020202, + 0x0200020002020200, 0x0200020202020200, 0x0200020002020202, 0x0200020202020202, + 0x0202000002020000, 0x0202000202020000, 0x0202000002020002, 0x0202000202020002, + 0x0202020002020000, 0x0202020202020000, 0x0202020002020002, 0x0202020202020002, + 0x0202000002020200, 0x0202000202020200, 0x0202000002020202, 0x0202000202020202, + 0x0202020002020200, 0x0202020202020200, 0x0202020002020202, 0x0202020202020202}; + + constexpr static const table_type iptab2 = { + 0x0000000000000000, 0x0000010000000000, 0x0000000000000100, 0x0000010000000100, + 0x0001000000000000, 0x0001010000000000, 0x0001000000000100, 0x0001010000000100, + 0x0000000000010000, 0x0000010000010000, 0x0000000000010100, 0x0000010000010100, + 0x0001000000010000, 0x0001010000010000, 0x0001000000010100, 0x0001010000010100, + 0x0100000000000000, 0x0100010000000000, 0x0100000000000100, 0x0100010000000100, + 0x0101000000000000, 0x0101010000000000, 0x0101000000000100, 0x0101010000000100, + 0x0100000000010000, 0x0100010000010000, 0x0100000000010100, 0x0100010000010100, + 0x0101000000010000, 0x0101010000010000, 0x0101000000010100, 0x0101010000010100, + 0x0000000001000000, 0x0000010001000000, 0x0000000001000100, 0x0000010001000100, + 0x0001000001000000, 0x0001010001000000, 0x0001000001000100, 0x0001010001000100, + 0x0000000001010000, 0x0000010001010000, 0x0000000001010100, 0x0000010001010100, + 0x0001000001010000, 0x0001010001010000, 0x0001000001010100, 0x0001010001010100, + 0x0100000001000000, 0x0100010001000000, 0x0100000001000100, 0x0100010001000100, + 0x0101000001000000, 0x0101010001000000, 0x0101000001000100, 0x0101010001000100, + 0x0100000001010000, 0x0100010001010000, 0x0100000001010100, 0x0100010001010100, + 0x0101000001010000, 0x0101010001010000, 0x0101000001010100, 0x0101010001010100, + 0x0000000100000000, 0x0000010100000000, 0x0000000100000100, 0x0000010100000100, + 0x0001000100000000, 0x0001010100000000, 0x0001000100000100, 0x0001010100000100, + 0x0000000100010000, 0x0000010100010000, 0x0000000100010100, 0x0000010100010100, + 0x0001000100010000, 0x0001010100010000, 0x0001000100010100, 0x0001010100010100, + 0x0100000100000000, 0x0100010100000000, 0x0100000100000100, 0x0100010100000100, + 0x0101000100000000, 0x0101010100000000, 0x0101000100000100, 0x0101010100000100, + 0x0100000100010000, 0x0100010100010000, 0x0100000100010100, 0x0100010100010100, + 0x0101000100010000, 0x0101010100010000, 0x0101000100010100, 0x0101010100010100, + 0x0000000101000000, 0x0000010101000000, 0x0000000101000100, 0x0000010101000100, + 0x0001000101000000, 0x0001010101000000, 0x0001000101000100, 0x0001010101000100, + 0x0000000101010000, 0x0000010101010000, 0x0000000101010100, 0x0000010101010100, + 0x0001000101010000, 0x0001010101010000, 0x0001000101010100, 0x0001010101010100, + 0x0100000101000000, 0x0100010101000000, 0x0100000101000100, 0x0100010101000100, + 0x0101000101000000, 0x0101010101000000, 0x0101000101000100, 0x0101010101000100, + 0x0100000101010000, 0x0100010101010000, 0x0100000101010100, 0x0100010101010100, + 0x0101000101010000, 0x0101010101010000, 0x0101000101010100, 0x0101010101010100, + 0x0000000000000001, 0x0000010000000001, 0x0000000000000101, 0x0000010000000101, + 0x0001000000000001, 0x0001010000000001, 0x0001000000000101, 0x0001010000000101, + 0x0000000000010001, 0x0000010000010001, 0x0000000000010101, 0x0000010000010101, + 0x0001000000010001, 0x0001010000010001, 0x0001000000010101, 0x0001010000010101, + 0x0100000000000001, 0x0100010000000001, 0x0100000000000101, 0x0100010000000101, + 0x0101000000000001, 0x0101010000000001, 0x0101000000000101, 0x0101010000000101, + 0x0100000000010001, 0x0100010000010001, 0x0100000000010101, 0x0100010000010101, + 0x0101000000010001, 0x0101010000010001, 0x0101000000010101, 0x0101010000010101, + 0x0000000001000001, 0x0000010001000001, 0x0000000001000101, 0x0000010001000101, + 0x0001000001000001, 0x0001010001000001, 0x0001000001000101, 0x0001010001000101, + 0x0000000001010001, 0x0000010001010001, 0x0000000001010101, 0x0000010001010101, + 0x0001000001010001, 0x0001010001010001, 0x0001000001010101, 0x0001010001010101, + 0x0100000001000001, 0x0100010001000001, 0x0100000001000101, 0x0100010001000101, + 0x0101000001000001, 0x0101010001000001, 0x0101000001000101, 0x0101010001000101, + 0x0100000001010001, 0x0100010001010001, 0x0100000001010101, 0x0100010001010101, + 0x0101000001010001, 0x0101010001010001, 0x0101000001010101, 0x0101010001010101, + 0x0000000100000001, 0x0000010100000001, 0x0000000100000101, 0x0000010100000101, + 0x0001000100000001, 0x0001010100000001, 0x0001000100000101, 0x0001010100000101, + 0x0000000100010001, 0x0000010100010001, 0x0000000100010101, 0x0000010100010101, + 0x0001000100010001, 0x0001010100010001, 0x0001000100010101, 0x0001010100010101, + 0x0100000100000001, 0x0100010100000001, 0x0100000100000101, 0x0100010100000101, + 0x0101000100000001, 0x0101010100000001, 0x0101000100000101, 0x0101010100000101, + 0x0100000100010001, 0x0100010100010001, 0x0100000100010101, 0x0100010100010101, + 0x0101000100010001, 0x0101010100010001, 0x0101000100010101, 0x0101010100010101, + 0x0000000101000001, 0x0000010101000001, 0x0000000101000101, 0x0000010101000101, + 0x0001000101000001, 0x0001010101000001, 0x0001000101000101, 0x0001010101000101, + 0x0000000101010001, 0x0000010101010001, 0x0000000101010101, 0x0000010101010101, + 0x0001000101010001, 0x0001010101010001, 0x0001000101010101, 0x0001010101010101, + 0x0100000101000001, 0x0100010101000001, 0x0100000101000101, 0x0100010101000101, + 0x0101000101000001, 0x0101010101000001, 0x0101000101000101, 0x0101010101000101, + 0x0100000101010001, 0x0100010101010001, 0x0100000101010101, 0x0100010101010101, + 0x0101000101010001, 0x0101010101010001, 0x0101000101010101, 0x0101010101010101}; + + constexpr static const table_type fptab1 = { + 0x0000000000000000, 0x0000000100000000, 0x0000000004000000, 0x0000000104000000, + 0x0000000000040000, 0x0000000100040000, 0x0000000004040000, 0x0000000104040000, + 0x0000000000000400, 0x0000000100000400, 0x0000000004000400, 0x0000000104000400, + 0x0000000000040400, 0x0000000100040400, 0x0000000004040400, 0x0000000104040400, + 0x0000000000000004, 0x0000000100000004, 0x0000000004000004, 0x0000000104000004, + 0x0000000000040004, 0x0000000100040004, 0x0000000004040004, 0x0000000104040004, + 0x0000000000000404, 0x0000000100000404, 0x0000000004000404, 0x0000000104000404, + 0x0000000000040404, 0x0000000100040404, 0x0000000004040404, 0x0000000104040404, + 0x0400000000000000, 0x0400000100000000, 0x0400000004000000, 0x0400000104000000, + 0x0400000000040000, 0x0400000100040000, 0x0400000004040000, 0x0400000104040000, + 0x0400000000000400, 0x0400000100000400, 0x0400000004000400, 0x0400000104000400, + 0x0400000000040400, 0x0400000100040400, 0x0400000004040400, 0x0400000104040400, + 0x0400000000000004, 0x0400000100000004, 0x0400000004000004, 0x0400000104000004, + 0x0400000000040004, 0x0400000100040004, 0x0400000004040004, 0x0400000104040004, + 0x0400000000000404, 0x0400000100000404, 0x0400000004000404, 0x0400000104000404, + 0x0400000000040404, 0x0400000100040404, 0x0400000004040404, 0x0400000104040404, + 0x0004000000000000, 0x0004000100000000, 0x0004000004000000, 0x0004000104000000, + 0x0004000000040000, 0x0004000100040000, 0x0004000004040000, 0x0004000104040000, + 0x0004000000000400, 0x0004000100000400, 0x0004000004000400, 0x0004000104000400, + 0x0004000000040400, 0x0004000100040400, 0x0004000004040400, 0x0004000104040400, + 0x0004000000000004, 0x0004000100000004, 0x0004000004000004, 0x0004000104000004, + 0x0004000000040004, 0x0004000100040004, 0x0004000004040004, 0x0004000104040004, + 0x0004000000000404, 0x0004000100000404, 0x0004000004000404, 0x0004000104000404, + 0x0004000000040404, 0x0004000100040404, 0x0004000004040404, 0x0004000104040404, + 0x0404000000000000, 0x0404000100000000, 0x0404000004000000, 0x0404000104000000, + 0x0404000000040000, 0x0404000100040000, 0x0404000004040000, 0x0404000104040000, + 0x0404000000000400, 0x0404000100000400, 0x0404000004000400, 0x0404000104000400, + 0x0404000000040400, 0x0404000100040400, 0x0404000004040400, 0x0404000104040400, + 0x0404000000000004, 0x0404000100000004, 0x0404000004000004, 0x0404000104000004, + 0x0404000000040004, 0x0404000100040004, 0x0404000004040004, 0x0404000104040004, + 0x0404000000000404, 0x0404000100000404, 0x0404000004000404, 0x0404000104000404, + 0x0404000000040404, 0x0404000100040404, 0x0404000004040404, 0x0404000104040404, + 0x0000040000000000, 0x0000040100000000, 0x0000040004000000, 0x0000040104000000, + 0x0000040000040000, 0x0000040100040000, 0x0000040004040000, 0x0000040104040000, + 0x0000040000000400, 0x0000040100000400, 0x0000040004000400, 0x0000040104000400, + 0x0000040000040400, 0x0000040100040400, 0x0000040004040400, 0x0000040104040400, + 0x0000040000000004, 0x0000040100000004, 0x0000040004000004, 0x0000040104000004, + 0x0000040000040004, 0x0000040100040004, 0x0000040004040004, 0x0000040104040004, + 0x0000040000000404, 0x0000040100000404, 0x0000040004000404, 0x0000040104000404, + 0x0000040000040404, 0x0000040100040404, 0x0000040004040404, 0x0000040104040404, + 0x0400040000000000, 0x0400040100000000, 0x0400040004000000, 0x0400040104000000, + 0x0400040000040000, 0x0400040100040000, 0x0400040004040000, 0x0400040104040000, + 0x0400040000000400, 0x0400040100000400, 0x0400040004000400, 0x0400040104000400, + 0x0400040000040400, 0x0400040100040400, 0x0400040004040400, 0x0400040104040400, + 0x0400040000000004, 0x0400040100000004, 0x0400040004000004, 0x0400040104000004, + 0x0400040000040004, 0x0400040100040004, 0x0400040004040004, 0x0400040104040004, + 0x0400040000000404, 0x0400040100000404, 0x0400040004000404, 0x0400040104000404, + 0x0400040000040404, 0x0400040100040404, 0x0400040004040404, 0x0400040104040404, + 0x0004040000000000, 0x0004040100000000, 0x0004040004000000, 0x0004040104000000, + 0x0004040000040000, 0x0004040100040000, 0x0004040004040000, 0x0004040104040000, + 0x0004040000000400, 0x0004040100000400, 0x0004040004000400, 0x0004040104000400, + 0x0004040000040400, 0x0004040100040400, 0x0004040004040400, 0x0004040104040400, + 0x0004040000000004, 0x0004040100000004, 0x0004040004000004, 0x0004040104000004, + 0x0004040000040004, 0x0004040100040004, 0x0004040004040004, 0x0004040104040004, + 0x0004040000000404, 0x0004040100000404, 0x0004040004000404, 0x0004040104000404, + 0x0004040000040404, 0x0004040100040404, 0x0004040004040404, 0x0004040104040404, + 0x0404040000000000, 0x0404040100000000, 0x0404040004000000, 0x0404040104000000, + 0x0404040000040000, 0x0404040100040000, 0x0404040004040000, 0x0404040104040000, + 0x0404040000000400, 0x0404040100000400, 0x0404040004000400, 0x0404040104000400, + 0x0404040000040400, 0x0404040100040400, 0x0404040004040400, 0x0404040104040400, + 0x0404040000000004, 0x0404040100000004, 0x0404040004000004, 0x0404040104000004, + 0x0404040000040004, 0x0404040100040004, 0x0404040004040004, 0x0404040104040004, + 0x0404040000000404, 0x0404040100000404, 0x0404040004000404, 0x0404040104000404, + 0x0404040000040404, 0x0404040100040404, 0x0404040004040404, 0x0404040104040404}; + + constexpr static const table_type fptab2 = { + 0x0000000000000000, 0x0000004000000000, 0x0000000001000000, 0x0000004001000000, + 0x0000000000010000, 0x0000004000010000, 0x0000000001010000, 0x0000004001010000, + 0x0000000000000100, 0x0000004000000100, 0x0000000001000100, 0x0000004001000100, + 0x0000000000010100, 0x0000004000010100, 0x0000000001010100, 0x0000004001010100, + 0x0000000000000001, 0x0000004000000001, 0x0000000001000001, 0x0000004001000001, + 0x0000000000010001, 0x0000004000010001, 0x0000000001010001, 0x0000004001010001, + 0x0000000000000101, 0x0000004000000101, 0x0000000001000101, 0x0000004001000101, + 0x0000000000010101, 0x0000004000010101, 0x0000000001010101, 0x0000004001010101, + 0x0100000000000000, 0x0100004000000000, 0x0100000001000000, 0x0100004001000000, + 0x0100000000010000, 0x0100004000010000, 0x0100000001010000, 0x0100004001010000, + 0x0100000000000100, 0x0100004000000100, 0x0100000001000100, 0x0100004001000100, + 0x0100000000010100, 0x0100004000010100, 0x0100000001010100, 0x0100004001010100, + 0x0100000000000001, 0x0100004000000001, 0x0100000001000001, 0x0100004001000001, + 0x0100000000010001, 0x0100004000010001, 0x0100000001010001, 0x0100004001010001, + 0x0100000000000101, 0x0100004000000101, 0x0100000001000101, 0x0100004001000101, + 0x0100000000010101, 0x0100004000010101, 0x0100000001010101, 0x0100004001010101, + 0x0001000000000000, 0x0001004000000000, 0x0001000001000000, 0x0001004001000000, + 0x0001000000010000, 0x0001004000010000, 0x0001000001010000, 0x0001004001010000, + 0x0001000000000100, 0x0001004000000100, 0x0001000001000100, 0x0001004001000100, + 0x0001000000010100, 0x0001004000010100, 0x0001000001010100, 0x0001004001010100, + 0x0001000000000001, 0x0001004000000001, 0x0001000001000001, 0x0001004001000001, + 0x0001000000010001, 0x0001004000010001, 0x0001000001010001, 0x0001004001010001, + 0x0001000000000101, 0x0001004000000101, 0x0001000001000101, 0x0001004001000101, + 0x0001000000010101, 0x0001004000010101, 0x0001000001010101, 0x0001004001010101, + 0x0101000000000000, 0x0101004000000000, 0x0101000001000000, 0x0101004001000000, + 0x0101000000010000, 0x0101004000010000, 0x0101000001010000, 0x0101004001010000, + 0x0101000000000100, 0x0101004000000100, 0x0101000001000100, 0x0101004001000100, + 0x0101000000010100, 0x0101004000010100, 0x0101000001010100, 0x0101004001010100, + 0x0101000000000001, 0x0101004000000001, 0x0101000001000001, 0x0101004001000001, + 0x0101000000010001, 0x0101004000010001, 0x0101000001010001, 0x0101004001010001, + 0x0101000000000101, 0x0101004000000101, 0x0101000001000101, 0x0101004001000101, + 0x0101000000010101, 0x0101004000010101, 0x0101000001010101, 0x0101004001010101, + 0x0000010000000000, 0x0000014000000000, 0x0000010001000000, 0x0000014001000000, + 0x0000010000010000, 0x0000014000010000, 0x0000010001010000, 0x0000014001010000, + 0x0000010000000100, 0x0000014000000100, 0x0000010001000100, 0x0000014001000100, + 0x0000010000010100, 0x0000014000010100, 0x0000010001010100, 0x0000014001010100, + 0x0000010000000001, 0x0000014000000001, 0x0000010001000001, 0x0000014001000001, + 0x0000010000010001, 0x0000014000010001, 0x0000010001010001, 0x0000014001010001, + 0x0000010000000101, 0x0000014000000101, 0x0000010001000101, 0x0000014001000101, + 0x0000010000010101, 0x0000014000010101, 0x0000010001010101, 0x0000014001010101, + 0x0100010000000000, 0x0100014000000000, 0x0100010001000000, 0x0100014001000000, + 0x0100010000010000, 0x0100014000010000, 0x0100010001010000, 0x0100014001010000, + 0x0100010000000100, 0x0100014000000100, 0x0100010001000100, 0x0100014001000100, + 0x0100010000010100, 0x0100014000010100, 0x0100010001010100, 0x0100014001010100, + 0x0100010000000001, 0x0100014000000001, 0x0100010001000001, 0x0100014001000001, + 0x0100010000010001, 0x0100014000010001, 0x0100010001010001, 0x0100014001010001, + 0x0100010000000101, 0x0100014000000101, 0x0100010001000101, 0x0100014001000101, + 0x0100010000010101, 0x0100014000010101, 0x0100010001010101, 0x0100014001010101, + 0x0001010000000000, 0x0001014000000000, 0x0001010001000000, 0x0001014001000000, + 0x0001010000010000, 0x0001014000010000, 0x0001010001010000, 0x0001014001010000, + 0x0001010000000100, 0x0001014000000100, 0x0001010001000100, 0x0001014001000100, + 0x0001010000010100, 0x0001014000010100, 0x0001010001010100, 0x0001014001010100, + 0x0001010000000001, 0x0001014000000001, 0x0001010001000001, 0x0001014001000001, + 0x0001010000010001, 0x0001014000010001, 0x0001010001010001, 0x0001014001010001, + 0x0001010000000101, 0x0001014000000101, 0x0001010001000101, 0x0001014001000101, + 0x0001010000010101, 0x0001014000010101, 0x0001010001010101, 0x0001014001010101, + 0x0101010000000000, 0x0101014000000000, 0x0101010001000000, 0x0101014001000000, + 0x0101010000010000, 0x0101014000010000, 0x0101010001010000, 0x0101014001010000, + 0x0101010000000100, 0x0101014000000100, 0x0101010001000100, 0x0101014001000100, + 0x0101010000010100, 0x0101014000010100, 0x0101010001010100, 0x0101014001010100, + 0x0101010000000001, 0x0101014000000001, 0x0101010001000001, 0x0101014001000001, + 0x0101010000010001, 0x0101014000010001, 0x0101010001010001, 0x0101014001010001, + 0x0101010000000101, 0x0101014000000101, 0x0101010001000101, 0x0101014001000101, + 0x0101010000010101, 0x0101014000010101, 0x0101010001010101, 0x0101014001010101}; + }; + + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox1; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox2; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox3; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox4; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox5; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox6; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox7; + + constexpr const typename basic_des_policy::substitution_type + basic_des_policy::sbox8; + + constexpr const typename basic_des_policy::table_type + basic_des_policy::iptab1; + + constexpr const typename basic_des_policy::table_type + basic_des_policy::iptab2; + + constexpr const typename basic_des_policy::table_type + basic_des_policy::fptab1; + + constexpr const typename basic_des_policy::table_type + basic_des_policy::fptab2; + + } // namespace detail + } // namespace block + } // namespace crypto3 +} // namespace nil + +#endif // CRYPTO3_BASIC_DES_POLICY_HPP diff --git a/include/nil/crypto3/block/detail/des/des_functions.hpp b/include/nil/crypto3/block/detail/des/des_functions.hpp new file mode 100644 index 0000000..a7b83ff --- /dev/null +++ b/include/nil/crypto3/block/detail/des/des_functions.hpp @@ -0,0 +1,165 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2018-2020 Mikhail Komarov +// +// Distributed under the Boost Software License, Version 1.0 +// See accompanying file LICENSE_1_0.txt or copy at +// http://www.boost.org/LICENSE_1_0.txt +//---------------------------------------------------------------------------// + +#ifndef CRYPTO3_DES_FUNCTIONS_HPP +#define CRYPTO3_DES_FUNCTIONS_HPP + +#include + +#include + +namespace nil { + namespace crypto3 { + namespace block { + namespace detail { + template + struct des_functions : public PolicyType { + protected: + typedef PolicyType policy_type; + + public: + constexpr static const std::size_t rounds = policy_type::rounds; + + typedef typename policy_type::byte_type byte_type; + typedef typename policy_type::word_type word_type; + + typedef typename policy_type::block_type block_type; + + typedef typename policy_type::key_type key_type; + typedef typename policy_type::key_schedule_type key_schedule_type; + + inline static void ip(word_type &L, word_type &R, const block_type &block) { + L = boost::endian::native_to_big(block[0]); + R = boost::endian::native_to_big(block[1]); + + word_type T; + R = policy_type::template rotl<4>(R); + T = (L ^ R) & 0xF0F0F0F0; + L ^= T; + R = policy_type::template rotr<20>(R ^ T); + T = (L ^ R) & 0xFFFF0000; + L ^= T; + R = policy_type::template rotr<18>(R ^ T); + T = (L ^ R) & 0x33333333; + L ^= T; + R = policy_type::template rotr<6>(R ^ T); + T = (L ^ R) & 0x00FF00FF; + L ^= T; + R = policy_type::template rotl<9>(R ^ T); + T = (L ^ R) & 0xAAAAAAAA; + L = policy_type::template rotl<1>(L ^ T); + R ^= T; + } + + inline static void fp(word_type L, word_type R, block_type &block) { + // FP sequence by Wei Dai, taken from public domain Crypto++ + word_type T; + + R = policy_type::template rotr<1>(R); + T = (L ^ R) & 0xAAAAAAAA; + R ^= T; + L = policy_type::template rotr<9>(L ^ T); + T = (L ^ R) & 0x00FF00FF; + R ^= T; + L = policy_type::template rotl<6>(L ^ T); + T = (L ^ R) & 0x33333333; + R ^= T; + L = policy_type::template rotl<18>(L ^ T); + T = (L ^ R) & 0xFFFF0000; + R ^= T; + L = policy_type::template rotl<20>(L ^ T); + T = (L ^ R) & 0xF0F0F0F0; + R ^= T; + L = policy_type::template rotr<4>(L ^ T); + + block = {boost::endian::native_to_big(R), boost::endian::native_to_big(L)}; + } + + inline static void des_key_schedule(key_schedule_type &round_key, const key_type &key) { + + constexpr static const std::array ROT = {1, 1, 2, 2, 2, 2, 2, 2, + 1, 2, 2, 2, 2, 2, 2, 1}; + + word_type C = ((key[7] & 0x80) << 20) | ((key[6] & 0x80) << 19) | ((key[5] & 0x80) << 18) | + ((key[4] & 0x80) << 17) | ((key[3] & 0x80) << 16) | ((key[2] & 0x80) << 15) | + ((key[1] & 0x80) << 14) | ((key[0] & 0x80) << 13) | ((key[7] & 0x40) << 13) | + ((key[6] & 0x40) << 12) | ((key[5] & 0x40) << 11) | ((key[4] & 0x40) << 10) | + ((key[3] & 0x40) << 9) | ((key[2] & 0x40) << 8) | ((key[1] & 0x40) << 7) | + ((key[0] & 0x40) << 6) | ((key[7] & 0x20) << 6) | ((key[6] & 0x20) << 5) | + ((key[5] & 0x20) << 4) | ((key[4] & 0x20) << 3) | ((key[3] & 0x20) << 2) | + ((key[2] & 0x20) << 1) | ((key[1] & 0x20)) | ((key[0] & 0x20) >> 1) | + ((key[7] & 0x10) >> 1) | ((key[6] & 0x10) >> 2) | ((key[5] & 0x10) >> 3) | + ((key[4] & 0x10) >> 4); + word_type D = ((key[7] & 0x02) << 26) | ((key[6] & 0x02) << 25) | ((key[5] & 0x02) << 24) | + ((key[4] & 0x02) << 23) | ((key[3] & 0x02) << 22) | ((key[2] & 0x02) << 21) | + ((key[1] & 0x02) << 20) | ((key[0] & 0x02) << 19) | ((key[7] & 0x04) << 17) | + ((key[6] & 0x04) << 16) | ((key[5] & 0x04) << 15) | ((key[4] & 0x04) << 14) | + ((key[3] & 0x04) << 13) | ((key[2] & 0x04) << 12) | ((key[1] & 0x04) << 11) | + ((key[0] & 0x04) << 10) | ((key[7] & 0x08) << 8) | ((key[6] & 0x08) << 7) | + ((key[5] & 0x08) << 6) | ((key[4] & 0x08) << 5) | ((key[3] & 0x08) << 4) | + ((key[2] & 0x08) << 3) | ((key[1] & 0x08) << 2) | ((key[0] & 0x08) << 1) | + ((key[3] & 0x10) >> 1) | ((key[2] & 0x10) >> 2) | ((key[1] & 0x10) >> 3) | + ((key[0] & 0x10) >> 4); + + for (size_t i = 0; i != 16; ++i) { + C = ((C << ROT[i]) | (C >> (28 - ROT[i]))) & 0x0FFFFFFF; + D = ((D << ROT[i]) | (D >> (28 - ROT[i]))) & 0x0FFFFFFF; + round_key[2 * i] = + ((C & 0x00000010) << 22) | ((C & 0x00000800) << 17) | ((C & 0x00000020) << 16) | + ((C & 0x00004004) << 15) | ((C & 0x00000200) << 11) | ((C & 0x00020000) << 10) | + ((C & 0x01000000) >> 6) | ((C & 0x00100000) >> 4) | ((C & 0x00010000) << 3) | + ((C & 0x08000000) >> 2) | ((C & 0x00800000) << 1) | ((D & 0x00000010) << 8) | + ((D & 0x00000002) << 7) | ((D & 0x00000001) << 2) | ((D & 0x00000200)) | + ((D & 0x00008000) >> 2) | ((D & 0x00000088) >> 3) | ((D & 0x00001000) >> 7) | + ((D & 0x00080000) >> 9) | ((D & 0x02020000) >> 14) | ((D & 0x00400000) >> 21); + round_key[2 * i + 1] = + ((C & 0x00000001) << 28) | ((C & 0x00000082) << 18) | ((C & 0x00002000) << 14) | + ((C & 0x00000100) << 10) | ((C & 0x00001000) << 9) | ((C & 0x00040000) << 6) | + ((C & 0x02400000) << 4) | ((C & 0x00008000) << 2) | ((C & 0x00200000) >> 1) | + ((C & 0x04000000) >> 10) | ((D & 0x00000020) << 6) | ((D & 0x00000100)) | + ((D & 0x00000800) >> 1) | ((D & 0x00000040) >> 3) | ((D & 0x00010000) >> 4) | + ((D & 0x00000400) >> 5) | ((D & 0x00004000) >> 10) | ((D & 0x04000000) >> 13) | + ((D & 0x00800000) >> 14) | ((D & 0x00100000) >> 18) | ((D & 0x01000000) >> 24) | + ((D & 0x08000000) >> 26); + } + } + + inline static word_type spbox(word_type T0, word_type T1) { + return policy_type::sbox1[::nil::crypto3::detail::extract_uint_t(T0, 0)] ^ + policy_type::sbox2[::nil::crypto3::detail::extract_uint_t(T1, 0)] ^ + policy_type::sbox3[::nil::crypto3::detail::extract_uint_t(T0, 1)] ^ + policy_type::sbox4[::nil::crypto3::detail::extract_uint_t(T1, 1)] ^ + policy_type::sbox5[::nil::crypto3::detail::extract_uint_t(T0, 2)] ^ + policy_type::sbox6[::nil::crypto3::detail::extract_uint_t(T1, 2)] ^ + policy_type::sbox7[::nil::crypto3::detail::extract_uint_t(T0, 3)] ^ + policy_type::sbox8[::nil::crypto3::detail::extract_uint_t(T1, 3)]; + } + + inline static void des_encrypt(word_type &L, word_type &R, const key_schedule_type &round_key) { + for (size_t i = 0; i != policy_type::rounds; i += 2) { + L ^= spbox(policy_type::template rotr<4>(R) ^ round_key[2 * i], R ^ round_key[2 * i + 1]); + R ^= spbox(policy_type::template rotr<4>(L) ^ round_key[2 * i + 2], + L ^ round_key[2 * i + 3]); + } + } + + inline static void des_decrypt(word_type &L, word_type &R, const key_schedule_type &round_key) { + for (size_t i = policy_type::rounds; i != 0; i -= 2) { + L ^= spbox(policy_type::template rotr<4>(R) ^ round_key[2 * i - 2], + R ^ round_key[2 * i - 1]); + R ^= spbox(policy_type::template rotr<4>(L) ^ round_key[2 * i - 4], + L ^ round_key[2 * i - 3]); + } + } + }; + } // namespace detail + } // namespace block + } // namespace crypto3 +} // namespace nil + +#endif // CRYPTO3_DES_FUNCTIONS_HPP diff --git a/include/nil/crypto3/block/detail/des/des_policy.hpp b/include/nil/crypto3/block/detail/des/des_policy.hpp new file mode 100644 index 0000000..a8f03ac --- /dev/null +++ b/include/nil/crypto3/block/detail/des/des_policy.hpp @@ -0,0 +1,55 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2018-2020 Mikhail Komarov +// +// Distributed under the Boost Software License, Version 1.0 +// See accompanying file LICENSE_1_0.txt or copy at +// http://www.boost.org/LICENSE_1_0.txt +//---------------------------------------------------------------------------// + +#ifndef CRYPTO3_DES_POLICY_HPP +#define CRYPTO3_DES_POLICY_HPP + +#include + +#include + +namespace nil { + namespace crypto3 { + namespace block { + namespace detail { + struct des_policy : public basic_des_policy { + constexpr static const std::size_t rounds = 16; + + constexpr static const std::size_t block_bits = 64; + constexpr static const std::size_t block_words = block_bits / word_bits; + typedef std::array block_type; + + constexpr static const std::size_t key_bits = 56; + constexpr static const std::size_t key_words = key_bits / word_bits; + typedef std::array key_type; + + constexpr static const std::size_t key_schedule_size = 32; + typedef std::array key_schedule_type; + }; + + template + struct triple_des_policy : public basic_des_policy { + constexpr static const std::size_t rounds = 48; + + constexpr static const std::size_t block_bits = 64; + constexpr static const std::size_t block_words = block_bits / word_bits; + typedef std::array block_type; + + constexpr static const std::size_t key_bits = KeyBits; + constexpr static const std::size_t key_words = key_bits / word_bits; + typedef std::array key_type; + + constexpr static const std::size_t key_schedule_size = 96; + typedef std::array key_schedule_type; + }; + } // namespace detail + } // namespace block + } // namespace crypto3 +} // namespace nil + +#endif // CRYPTO3_DES_POLICY_HPP diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 6e6c334..1dd0279 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -39,6 +39,7 @@ endmacro() set(TESTS_NAMES "pack" "rijndael" + "des" "md4" "md5" "shacal" diff --git a/test/des.cpp b/test/des.cpp new file mode 100644 index 0000000..8aa5ead --- /dev/null +++ b/test/des.cpp @@ -0,0 +1,230 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2018-2020 Mikhail Komarov +// Copyright (c) 2020 Nikita Kaskov +// +// Distributed under the Boost Software License, Version 1.0 +// See accompanying file LICENSE_1_0.txt or copy at +// http://www.boost.org/LICENSE_1_0.txt +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE des_cipher_test + +#include +#include + +#include +#include +#include + +#include +#include + +#include +#include + +#include +#include + +#include + +#include + +using namespace nil::crypto3; +using namespace nil::crypto3::block; +using namespace nil::crypto3::detail; + +namespace boost { + namespace test_tools { + namespace tt_detail { + template class P, typename K, typename V> + struct print_log_value> { + void operator()(std::ostream &, P const &) { + } + }; + } // namespace tt_detail + } // namespace test_tools +} // namespace boost + +class byte_string { + typedef std::vector vec_type; + + vec_type s_; + +public: + typedef vec_type::size_type size_type; + typedef vec_type::value_type value_type; + typedef vec_type::pointer pointer; + typedef vec_type::const_pointer const_pointer; + typedef vec_type::reference reference; + typedef vec_type::const_reference const_reference; + typedef vec_type::iterator iterator; + typedef vec_type::const_iterator const_iterator; + + explicit byte_string(size_type n, const value_type &value = value_type()) : s_(n, value) { + } + + template + byte_string(InputIterator first, InputIterator last) : s_(first, last) { + } + + byte_string(const std::string &src) { + assert(!(src.size() % 2)); + // const unsigned char* src = static_cast(vsrc); + s_.resize(src.size() / 2); + unsigned int j = 0; + for (unsigned int i = 0; i < src.size();) { + if (src[i] >= '0' && src[i] <= '9') { + s_[j] = 16 * (src[i] - '0'); + } else if (src[i] >= 'a' && src[i] <= 'f') { + s_[j] = 16 * (src[i] - 'a' + 10); + } else if (src[i] >= 'A' && src[i] <= 'F') { + s_[j] = 16 * (src[i] - 'A' + 10); + } + ++i; + if (src[i] >= '0' && src[i] <= '9') { + s_[j] += src[i] - '0'; + } else if (src[i] >= 'a' && src[i] <= 'f') { + s_[j] += src[i] - 'a' + 10; + } else if (src[i] >= 'A' && src[i] <= 'F') { + s_[j] = 16 * (src[i] - 'A' + 10); + } + ++i; + ++j; + } + + /*for (size_type i = 0; i < len;) + { + value_type x; + if (src[i] >= '0' && src[i] <= '9') + x = 16 * (src[i] - '0'); + else if (src[i] >= 'a' && src[i] <= 'f') + x = 16 * (src[i] - 'a' + 10); + ++i; + if (src[i] >= '0' && src[i] <= '9') + x += src[i] - '0'; + else if (src[i] >= 'a' && src[i] <= 'f') + x += src[i] - 'a' + 10; + s_.push_back(x); + ++i; + }*/ + } + + byte_string(const byte_string ©) : s_(copy.s_) { + } + + size_type size() const { + return s_.size(); + } + + pointer data() { + return &s_[0]; + } + + const_pointer data() const { + return &s_[0]; + } + + reference operator[](size_type i) { + return s_[i]; + } + + const_reference operator[](size_type i) const { + return s_[i]; + } + + void reserve(size_type n) { + s_.reserve(n); + } + + void resize(size_type n, value_type c = value_type()) { + s_.resize(n, c); + } + + iterator begin() { + return s_.begin(); + } + + const_iterator begin() const { + return s_.begin(); + } + + iterator end() { + return s_.end(); + } + + const_iterator end() const { + return s_.end(); + } + + iterator erase(iterator loc) { + return s_.erase(loc); + } + + iterator erase(iterator first, iterator last) { + return s_.erase(first, last); + } + + friend bool operator==(const byte_string &, const byte_string &); + + friend bool operator!=(const byte_string &, const byte_string &); + + byte_string &operator+=(const byte_string &rhs) { + s_.insert(s_.end(), rhs.s_.begin(), rhs.s_.end()); + return *this; + } +}; + +template +std::basic_ostream &operator<<(std::basic_ostream &out, const byte_string &s) { + byte_string::size_type bufsize = s.size() * 2 + 1; + char buf[bufsize]; + for (byte_string::size_type i = 0; i < s.size(); ++i) { + std::sprintf(buf + i * 2, "%02x", s[i]); + } + buf[bufsize - 1] = '\0'; + out << buf; + return out; +} + +inline bool operator==(const byte_string &lhs, const byte_string &rhs) { + return lhs.s_ == rhs.s_; +} + +inline bool operator!=(const byte_string &lhs, const byte_string &rhs) { + return lhs.s_ != rhs.s_; +} + +const char *test_data = "data/des.json"; + +boost::property_tree::ptree string_data(const char *child_name) { + boost::property_tree::ptree root_data; + boost::property_tree::read_json(test_data, root_data); + return root_data.get_child(child_name); +} + +BOOST_AUTO_TEST_SUITE(des_stream_processor_filedriven_test_suite) + +BOOST_AUTO_TEST_CASE(des_1) { + + std::vector input = {'\x05', '\x9b', '\x5e', '\x08', '\x51', '\xcf', '\x14', '\x3a'}; + std::vector key = {'\x01', '\x13', '\xb9', '\x70', '\xfd', '\x34', '\xf2', '\xce'}; + + std::string out = encrypt(input, key); + + BOOST_CHECK_EQUAL(out, "86a560f10ec6d85b"); +} +/* +BOOST_DATA_TEST_CASE(des_ecb, string_data("ecb_fixed_key"), triples) { + + byte_string const p(triples.first); + + BOOST_FOREACH(boost::property_tree::ptree::value_type pair, triples.second) { + byte_string const k(pair.first); + + std::string out = encrypt(p, k); + + BOOST_CHECK_EQUAL(out, pair.second.data()); + } +}*/ + +BOOST_AUTO_TEST_SUITE_END()