release/src/router/libsodium/src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c

   1 /*
   2 version 20080913
   3 D. J. Bernstein
   4 Public domain.
   5 */
   6
   7 #include <stdint.h>
   8 #include <stdlib.h>
   9
  10 #include "crypto_core_salsa2012.h"
  11 #include "private/common.h"
  12
  13 #define ROUNDS 12
  14 #define U32C(v) (v##U)
  15
  16 static uint32_t rotate(uint32_t u,int c)
  17 {
  18   return (u << c) | (u >> (32 - c));
  19 }
  20
  21 int crypto_core_salsa2012(
  22         unsigned char *out,
  23   const unsigned char *in,
  24   const unsigned char *k,
  25   const unsigned char *c
  26 )
  27 {
  28   uint32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
  29   uint32_t j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
  30   int i;
  31
  32   if (c == NULL) {
  33     j0 = x0 = U32C(0x61707865);
  34     j5 = x5 = U32C(0x3320646e);
  35     j10 = x10 = U32C(0x79622d32);
  36     j15 = x15 = U32C(0x6b206574);
  37   } else {
  38     j0 = x0 = LOAD32_LE(c + 0);
  39     j5 = x5 = LOAD32_LE(c + 4);
  40     j10 = x10 = LOAD32_LE(c + 8);
  41     j15 = x15 = LOAD32_LE(c + 12);
  42   }
  43   j1 = x1 = LOAD32_LE(k + 0);
  44   j2 = x2 = LOAD32_LE(k + 4);
  45   j3 = x3 = LOAD32_LE(k + 8);
  46   j4 = x4 = LOAD32_LE(k + 12);
  47   j6 = x6 = LOAD32_LE(in + 0);
  48   j7 = x7 = LOAD32_LE(in + 4);
  49   j8 = x8 = LOAD32_LE(in + 8);
  50   j9 = x9 = LOAD32_LE(in + 12);
  51   j11 = x11 = LOAD32_LE(k + 16);
  52   j12 = x12 = LOAD32_LE(k + 20);
  53   j13 = x13 = LOAD32_LE(k + 24);
  54   j14 = x14 = LOAD32_LE(k + 28);
  55
  56   for (i = ROUNDS;i > 0;i -= 2) {
  57      x4 ^= rotate( x0+x12, 7);
  58      x8 ^= rotate( x4+ x0, 9);
  59     x12 ^= rotate( x8+ x4,13);
  60      x0 ^= rotate(x12+ x8,18);
  61      x9 ^= rotate( x5+ x1, 7);
  62     x13 ^= rotate( x9+ x5, 9);
  63      x1 ^= rotate(x13+ x9,13);
  64      x5 ^= rotate( x1+x13,18);
  65     x14 ^= rotate(x10+ x6, 7);
  66      x2 ^= rotate(x14+x10, 9);
  67      x6 ^= rotate( x2+x14,13);
  68     x10 ^= rotate( x6+ x2,18);
  69      x3 ^= rotate(x15+x11, 7);
  70      x7 ^= rotate( x3+x15, 9);
  71     x11 ^= rotate( x7+ x3,13);
  72     x15 ^= rotate(x11+ x7,18);
  73      x1 ^= rotate( x0+ x3, 7);
  74      x2 ^= rotate( x1+ x0, 9);
  75      x3 ^= rotate( x2+ x1,13);
  76      x0 ^= rotate( x3+ x2,18);
  77      x6 ^= rotate( x5+ x4, 7);
  78      x7 ^= rotate( x6+ x5, 9);
  79      x4 ^= rotate( x7+ x6,13);
  80      x5 ^= rotate( x4+ x7,18);
  81     x11 ^= rotate(x10+ x9, 7);
  82      x8 ^= rotate(x11+x10, 9);
  83      x9 ^= rotate( x8+x11,13);
  84     x10 ^= rotate( x9+ x8,18);
  85     x12 ^= rotate(x15+x14, 7);
  86     x13 ^= rotate(x12+x15, 9);
  87     x14 ^= rotate(x13+x12,13);
  88     x15 ^= rotate(x14+x13,18);
  89   }
  90
  91   x0 += j0;
  92   x1 += j1;
  93   x2 += j2;
  94   x3 += j3;
  95   x4 += j4;
  96   x5 += j5;
  97   x6 += j6;
  98   x7 += j7;
  99   x8 += j8;
 100   x9 += j9;
 101   x10 += j10;
 102   x11 += j11;
 103   x12 += j12;
 104   x13 += j13;
 105   x14 += j14;
 106   x15 += j15;
 107
 108   STORE32_LE(out + 0,x0);
 109   STORE32_LE(out + 4,x1);
 110   STORE32_LE(out + 8,x2);
 111   STORE32_LE(out + 12,x3);
 112   STORE32_LE(out + 16,x4);
 113   STORE32_LE(out + 20,x5);
 114   STORE32_LE(out + 24,x6);
 115   STORE32_LE(out + 28,x7);
 116   STORE32_LE(out + 32,x8);
 117   STORE32_LE(out + 36,x9);
 118   STORE32_LE(out + 40,x10);
 119   STORE32_LE(out + 44,x11);
 120   STORE32_LE(out + 48,x12);
 121   STORE32_LE(out + 52,x13);
 122   STORE32_LE(out + 56,x14);
 123   STORE32_LE(out + 60,x15);
 124
 125   return 0;
 126 }