1 /* Modified for SILC. -Pekka */
3 /* This is an independent implementation of the encryption algorithm: */
5 /* RC6 by Ron Rivest and RSA Labs */
7 /* which is a candidate algorithm in the Advanced Encryption Standard */
8 /* programme of the US National Institute of Standards and Technology. */
10 /* Copyright in this implementation is held by Dr B R Gladman but I */
11 /* hereby give permission for its free direct or derivative use subject */
12 /* to acknowledgment of its origin and compliance with any conditions */
13 /* that the originators of the algorithm place on its exploitation. */
15 /* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 */
17 /* Timing data for RC6 (rc6.c)
20 Key Setup: 1632 cycles
21 Encrypt: 270 cycles = 94.8 mbits/sec
22 Decrypt: 226 cycles = 113.3 mbits/sec
23 Mean: 248 cycles = 103.2 mbits/sec
26 Key Setup: 1885 cycles
27 Encrypt: 267 cycles = 95.9 mbits/sec
28 Decrypt: 235 cycles = 108.9 mbits/sec
29 Mean: 251 cycles = 102.0 mbits/sec
32 Key Setup: 1877 cycles
33 Encrypt: 270 cycles = 94.8 mbits/sec
34 Decrypt: 227 cycles = 112.8 mbits/sec
35 Mean: 249 cycles = 103.0 mbits/sec
39 #include "silcincludes.h"
40 #include "rc6_internal.h"
44 * SILC Crypto API for RC6
47 /* Sets the key for the cipher. */
49 SILC_CIPHER_API_SET_KEY(rc6)
53 SILC_GET_WORD_KEY(key, k, keylen);
54 rc6_set_key((RC6Context *)context, k, keylen);
59 /* Sets the string as a new key for the cipher. The string is first
60 hashed and then used as a new key. */
62 SILC_CIPHER_API_SET_KEY_WITH_STRING(rc6)
67 /* Encrypts with the cipher in CBC mode. Source and destination buffers
68 maybe one and same. */
70 SILC_CIPHER_API_ENCRYPT_CBC(rc6)
75 SILC_CBC_GET_IV(tiv, iv);
77 SILC_CBC_ENC_PRE(tiv, src);
78 rc6_encrypt((RC6Context *)context, tiv, tiv);
79 SILC_CBC_ENC_POST(tiv, dst, src);
81 for (i = 16; i < len; i += 16) {
82 SILC_CBC_ENC_PRE(tiv, src);
83 rc6_encrypt((RC6Context *)context, tiv, tiv);
84 SILC_CBC_ENC_POST(tiv, dst, src);
87 SILC_CBC_PUT_IV(tiv, iv);
92 /* Decrypts with the cipher in CBC mode. Source and destination buffers
93 maybe one and same. */
95 SILC_CIPHER_API_DECRYPT_CBC(rc6)
97 SilcUInt32 tmp[4], tmp2[4], tiv[4];
100 SILC_CBC_GET_IV(tiv, iv);
102 SILC_CBC_DEC_PRE(tmp, src);
103 rc6_decrypt((RC6Context *)context, tmp, tmp2);
104 SILC_CBC_DEC_POST(tmp2, dst, src, tmp, tiv);
106 for (i = 16; i < len; i += 16) {
107 SILC_CBC_DEC_PRE(tmp, src);
108 rc6_decrypt((RC6Context *)context, tmp, tmp2);
109 SILC_CBC_DEC_POST(tmp2, dst, src, tmp, tiv);
112 SILC_CBC_PUT_IV(tiv, iv);
117 /* Returns the size of the cipher context. */
119 SILC_CIPHER_API_CONTEXT_LEN(rc6)
121 return sizeof(RC6Context);
125 #define f_rnd(i,a,b,c,d) \
126 u = rotl(d * (d + d + 1), 5); \
127 t = rotl(b * (b + b + 1), 5); \
128 a = rotl(a ^ t, u) + l_key[i]; \
129 c = rotl(c ^ u, t) + l_key[i + 1]
131 #define i_rnd(i,a,b,c,d) \
132 u = rotl(d * (d + d + 1), 5); \
133 t = rotl(b * (b + b + 1), 5); \
134 c = rotr(c - l_key[i + 1], t) ^ u; \
135 a = rotr(a - l_key[i], u) ^ t
137 /* initialise the key schedule from the user supplied key */
139 u4byte *rc6_set_key(RC6Context *ctx,
140 const u4byte in_key[], const u4byte key_len)
142 u4byte i, j, k, a, b, l[8], t;
143 u4byte *l_key = ctx->l_key;
145 l_key[0] = 0xb7e15163;
147 for(k = 1; k < 44; ++k)
149 l_key[k] = l_key[k - 1] + 0x9e3779b9;
151 for(k = 0; k < key_len / 32; ++k)
155 t = (key_len / 32) - 1; /* t = (key_len / 32); */
159 for(k = 0; k < 132; ++k)
160 { a = rotl(l_key[i] + a + b, 3); b += a;
161 b = rotl(l[j] + b, b);
162 l_key[i] = a; l[j] = b;
163 i = (i == 43 ? 0 : i + 1); /* i = (i + 1) % 44; */
164 j = (j == t ? 0 : j + 1); /* j = (j + 1) % t; */
170 /* encrypt a block of text */
172 void rc6_encrypt(RC6Context *ctx,
173 const u4byte in_blk[4], u4byte out_blk[4])
176 u4byte *l_key = ctx->l_key;
178 a = in_blk[0]; b = in_blk[1] + l_key[0];
179 c = in_blk[2]; d = in_blk[3] + l_key[1];
181 f_rnd( 2,a,b,c,d); f_rnd( 4,b,c,d,a);
182 f_rnd( 6,c,d,a,b); f_rnd( 8,d,a,b,c);
183 f_rnd(10,a,b,c,d); f_rnd(12,b,c,d,a);
184 f_rnd(14,c,d,a,b); f_rnd(16,d,a,b,c);
185 f_rnd(18,a,b,c,d); f_rnd(20,b,c,d,a);
186 f_rnd(22,c,d,a,b); f_rnd(24,d,a,b,c);
187 f_rnd(26,a,b,c,d); f_rnd(28,b,c,d,a);
188 f_rnd(30,c,d,a,b); f_rnd(32,d,a,b,c);
189 f_rnd(34,a,b,c,d); f_rnd(36,b,c,d,a);
190 f_rnd(38,c,d,a,b); f_rnd(40,d,a,b,c);
192 out_blk[0] = a + l_key[42]; out_blk[1] = b;
193 out_blk[2] = c + l_key[43]; out_blk[3] = d;
196 /* decrypt a block of text */
198 void rc6_decrypt(RC6Context *ctx,
199 const u4byte in_blk[4], u4byte out_blk[4])
202 u4byte *l_key = ctx->l_key;
204 d = in_blk[3]; c = in_blk[2] - l_key[43];
205 b = in_blk[1]; a = in_blk[0] - l_key[42];
207 i_rnd(40,d,a,b,c); i_rnd(38,c,d,a,b);
208 i_rnd(36,b,c,d,a); i_rnd(34,a,b,c,d);
209 i_rnd(32,d,a,b,c); i_rnd(30,c,d,a,b);
210 i_rnd(28,b,c,d,a); i_rnd(26,a,b,c,d);
211 i_rnd(24,d,a,b,c); i_rnd(22,c,d,a,b);
212 i_rnd(20,b,c,d,a); i_rnd(18,a,b,c,d);
213 i_rnd(16,d,a,b,c); i_rnd(14,c,d,a,b);
214 i_rnd(12,b,c,d,a); i_rnd(10,a,b,c,d);
215 i_rnd( 8,d,a,b,c); i_rnd( 6,c,d,a,b);
216 i_rnd( 4,b,c,d,a); i_rnd( 2,a,b,c,d);
218 out_blk[3] = d - l_key[1]; out_blk[2] = c;
219 out_blk[1] = b - l_key[0]; out_blk[0] = a;