Skip to content

Commit b157b4d

Browse files
noloadernoloader
committed
Switch Rabbit and RabbitWithIV to use CRYPTOPP_KEYSTREAM_OUTPUT_SWITCH (GH weidai11#1231)
1 parent 560d48f commit b157b4d

File tree

1 file changed

+25
-40
lines changed

1 file changed

+25
-40
lines changed

rabbit.cpp

+25-40
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,19 @@
1010

1111
#include "rabbit.h"
1212
#include "secblock.h"
13+
#include "strciphr.h"
1314
#include "misc.h"
1415

16+
#define WordType word32
17+
18+
#define BYTES_PER_ITERATION 16
19+
20+
#define RABBIT_OUTPUT(x){\
21+
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, LITTLE_ENDIAN_ORDER, 0, (m_wx[0] ^ (m_wx[5] >> 16) ^ (m_wx[3] << 16)));\
22+
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, LITTLE_ENDIAN_ORDER, 1, (m_wx[2] ^ (m_wx[7] >> 16) ^ (m_wx[5] << 16)));\
23+
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, LITTLE_ENDIAN_ORDER, 2, (m_wx[4] ^ (m_wx[1] >> 16) ^ (m_wx[7] << 16)));\
24+
CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, LITTLE_ENDIAN_ORDER, 3, (m_wx[6] ^ (m_wx[3] >> 16) ^ (m_wx[1] << 16)));}
25+
1526
ANONYMOUS_NAMESPACE_BEGIN
1627

1728
using CryptoPP::word32;
@@ -113,15 +124,15 @@ void RabbitPolicy::CipherSetKey(const NameValuePairs &params, const byte *userKe
113124
m_mcy = 0;
114125

115126
/* Iterate the system four times */
116-
for (unsigned int i = 0; i<4; i++)
127+
for (size_t i = 0; i<4; i++)
117128
m_mcy = NextState(m_mc, m_mx, m_mcy);
118129

119130
/* Modify the counters */
120-
for (unsigned int i = 0; i<8; i++)
131+
for (size_t i = 0; i<8; i++)
121132
m_mc[i] ^= m_mx[(i + 4) & 0x7];
122133

123134
/* Copy master instance to work instance */
124-
for (unsigned int i = 0; i<8; i++)
135+
for (size_t i = 0; i<8; i++)
125136
{
126137
m_wx[i] = m_mx[i];
127138
m_wc[i] = m_mc[i];
@@ -131,27 +142,14 @@ void RabbitPolicy::CipherSetKey(const NameValuePairs &params, const byte *userKe
131142

132143
void RabbitPolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
133144
{
134-
byte* out = output;
135-
for (size_t i = 0; i<iterationCount; ++i, out += 16)
145+
do
136146
{
137147
/* Iterate the system */
138148
m_wcy = NextState(m_wc, m_wx, m_wcy);
139149

140-
/* Encrypt/decrypt 16 bytes of data */
141-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 0, m_wx[0] ^ (m_wx[5] >> 16) ^ (m_wx[3] << 16));
142-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 4, m_wx[2] ^ (m_wx[7] >> 16) ^ (m_wx[5] << 16));
143-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 8, m_wx[4] ^ (m_wx[1] >> 16) ^ (m_wx[7] << 16));
144-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 12, m_wx[6] ^ (m_wx[3] >> 16) ^ (m_wx[1] << 16));
145-
}
150+
CRYPTOPP_KEYSTREAM_OUTPUT_SWITCH(RABBIT_OUTPUT, BYTES_PER_ITERATION);
146151

147-
// If AdditiveCipherTemplate does not have an accumulated keystream
148-
// then it will ask OperateKeystream to generate one. Optionally it
149-
// will ask for an XOR of the input with the keystream while
150-
// writing the result to the output buffer. In all cases the
151-
// keystream is written to the output buffer. The optional part is
152-
// adding the input buffer and keystream.
153-
if ((operation & EnumToInt(INPUT_NULL)) != EnumToInt(INPUT_NULL))
154-
xorbuf(output, input, GetBytesPerIteration() * iterationCount);
152+
} while (--iterationCount);
155153
}
156154

157155
void RabbitWithIVPolicy::CipherSetKey(const NameValuePairs &params, const byte *userKey, size_t keylen)
@@ -184,15 +182,15 @@ void RabbitWithIVPolicy::CipherSetKey(const NameValuePairs &params, const byte *
184182
m_mcy = 0;
185183

186184
/* Iterate the system four times */
187-
for (unsigned int i = 0; i<4; i++)
185+
for (size_t i = 0; i<4; i++)
188186
m_mcy = NextState(m_mc, m_mx, m_mcy);
189187

190188
/* Modify the counters */
191-
for (unsigned int i = 0; i<8; i++)
189+
for (size_t i = 0; i<8; i++)
192190
m_mc[i] ^= m_mx[(i + 4) & 0x7];
193191

194192
/* Copy master instance to work instance */
195-
for (unsigned int i = 0; i<8; i++)
193+
for (size_t i = 0; i<8; i++)
196194
{
197195
m_wx[i] = m_mx[i];
198196
m_wc[i] = m_mc[i];
@@ -222,38 +220,25 @@ void RabbitWithIVPolicy::CipherResynchronize(byte *keystreamBuffer, const byte *
222220
m_wc[7] = m_mc[7] ^ m_t[3];
223221

224222
/* Copy state variables */
225-
for (unsigned int i = 0; i<8; i++)
223+
for (size_t i = 0; i<8; i++)
226224
m_wx[i] = m_mx[i];
227225
m_wcy = m_mcy;
228226

229227
/* Iterate the system four times */
230-
for (unsigned int i = 0; i<4; i++)
228+
for (size_t i = 0; i<4; i++)
231229
m_wcy = NextState(m_wc, m_wx, m_wcy);
232230
}
233231

234232
void RabbitWithIVPolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
235233
{
236-
byte* out = output;
237-
for (unsigned int i = 0; i<iterationCount; ++i, out += 16)
234+
do
238235
{
239236
/* Iterate the system */
240237
m_wcy = NextState(m_wc, m_wx, m_wcy);
241238

242-
/* Encrypt/decrypt 16 bytes of data */
243-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 0, m_wx[0] ^ (m_wx[5] >> 16) ^ (m_wx[3] << 16));
244-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 4, m_wx[2] ^ (m_wx[7] >> 16) ^ (m_wx[5] << 16));
245-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 8, m_wx[4] ^ (m_wx[1] >> 16) ^ (m_wx[7] << 16));
246-
PutWord(false, LITTLE_ENDIAN_ORDER, out + 12, m_wx[6] ^ (m_wx[3] >> 16) ^ (m_wx[1] << 16));
247-
}
239+
CRYPTOPP_KEYSTREAM_OUTPUT_SWITCH(RABBIT_OUTPUT, BYTES_PER_ITERATION);
248240

249-
// If AdditiveCipherTemplate does not have an accumulated keystream
250-
// then it will ask OperateKeystream to generate one. Optionally it
251-
// will ask for an XOR of the input with the keystream while
252-
// writing the result to the output buffer. In all cases the
253-
// keystream is written to the output buffer. The optional part is
254-
// adding the input buffer and keystream.
255-
if ((operation & EnumToInt(INPUT_NULL)) != EnumToInt(INPUT_NULL))
256-
xorbuf(output, input, GetBytesPerIteration() * iterationCount);
241+
} while (--iterationCount);
257242
}
258243

259244
NAMESPACE_END

0 commit comments

Comments
 (0)