Добавил ГОСТ 2012
parent
856bbc8b35
commit
e6962307dd
691
decrypto-pro.c
691
decrypto-pro.c
|
@ -1,4 +1,6 @@
|
|||
// https://habrahabr.ru/post/275039/
|
||||
// https://github.com/kulikan/privkey
|
||||
// MIT license
|
||||
// Требуется либо OpenSSL 1.0.x (ГОСТ в составе), либо https://github.com/gost-engine/engine
|
||||
// Сборка:
|
||||
// 1) apt-get install libengine-gost-openssl1.1
|
||||
|
@ -13,336 +15,463 @@
|
|||
#include <openssl/err.h>
|
||||
#include "gost_lcl.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
#define fill_GOST2001_params fill_GOST_EC_params
|
||||
#define gost2001_compute_public gost_ec_compute_public
|
||||
#endif
|
||||
#include "gosthash2012.h"
|
||||
|
||||
/* Convert little-endian byte array into bignum */
|
||||
BIGNUM *reverse32bn(char *b, BN_CTX *ctx)
|
||||
#define MAX_HEADER 20000
|
||||
char header_buf[MAX_HEADER];
|
||||
int header_len;
|
||||
|
||||
int find_public8_in_header_buf(char *pub)
|
||||
{
|
||||
BIGNUM *res;
|
||||
char buf[32];
|
||||
BUF_reverse(buf, b, 32);
|
||||
res = BN_bin2bn(buf, 32, BN_CTX_get(ctx));
|
||||
OPENSSL_cleanse(buf, sizeof(buf));
|
||||
return res;
|
||||
int i;
|
||||
char buf[10];
|
||||
buf[0]=0x8a;
|
||||
buf[1]=0x08;
|
||||
memcpy(buf+2, pub, 8);
|
||||
for(i=0;i<header_len-10;i++)
|
||||
{
|
||||
if (memcmp(header_buf+i, buf, 10)==0) return 0; //found public8 in header.key
|
||||
}
|
||||
return 1; //error
|
||||
}
|
||||
|
||||
void xor_material(char *buf36, char *buf5C, char *src)
|
||||
//remove the function if link failed
|
||||
void inc_counter(unsigned char *counter, size_t counter_bytes)
|
||||
{
|
||||
int i;
|
||||
for(i = 0; i < 32; i++)
|
||||
{
|
||||
buf36[i] = src[i] ^ 0x36;
|
||||
buf5C[i] = src[i] ^ 0x5C;
|
||||
}
|
||||
unsigned char c;
|
||||
unsigned int n = counter_bytes;
|
||||
|
||||
do {
|
||||
--n;
|
||||
c = counter[n];
|
||||
++c;
|
||||
counter[n] = c;
|
||||
if (c)
|
||||
return;
|
||||
} while (n);
|
||||
}
|
||||
|
||||
/* Convert little-endian byte array into bignum */
|
||||
BIGNUM *reverse_bn(char *b, int len, BN_CTX *ctx)
|
||||
{
|
||||
BIGNUM *res;
|
||||
char buf[64];
|
||||
BUF_reverse(buf, b, len);
|
||||
res = BN_bin2bn(buf, len, BN_CTX_get(ctx));
|
||||
OPENSSL_cleanse(buf, sizeof(buf));
|
||||
return res;
|
||||
}
|
||||
|
||||
void xor_material(char *buf36, char *buf5C, char *src, int len_material)
|
||||
{
|
||||
int i;
|
||||
for(i = 0; i < len_material; i++)
|
||||
{
|
||||
buf36[i] = src[i] ^ 0x36;
|
||||
buf5C[i] = src[i] ^ 0x5C;
|
||||
}
|
||||
}
|
||||
|
||||
int make_pwd_key64(char *result_key, char *start12, int start12_len, char *passw)
|
||||
{
|
||||
int result;
|
||||
int i;
|
||||
char pincode4[1024];
|
||||
int pin_len;
|
||||
char current[64];
|
||||
char material36[64];
|
||||
char material5C[64];
|
||||
char hash_result[32];
|
||||
gost2012_hash_ctx ctx;
|
||||
|
||||
memset(pincode4, 0, sizeof(pincode4));
|
||||
pin_len = strlen(passw);
|
||||
if (pin_len*4 > sizeof(pincode4)) { result = 1; goto err; }
|
||||
for(i = 0; i < pin_len; i++)
|
||||
pincode4[i*4] = passw[i];
|
||||
|
||||
init_gost2012_hash_ctx(&ctx, 256);
|
||||
gost2012_hash_block(&ctx, start12, start12_len);
|
||||
if (pin_len)
|
||||
gost2012_hash_block(&ctx, pincode4, pin_len * 4);
|
||||
gost2012_finish_hash(&ctx, hash_result);
|
||||
|
||||
memcpy(current, (char*)"DENEFH028.760246785.IUEFHWUIO.EF", 32);
|
||||
memset(current+32, 0, 32);
|
||||
|
||||
for(i = 0; i < (pin_len?2000:2); i++)
|
||||
{
|
||||
xor_material(material36, material5C, current, 64);
|
||||
init_gost2012_hash_ctx(&ctx, 256);
|
||||
gost2012_hash_block(&ctx, material36, 64);
|
||||
gost2012_hash_block(&ctx, hash_result, 32);
|
||||
gost2012_hash_block(&ctx, material5C, 64);
|
||||
gost2012_hash_block(&ctx, hash_result, 32);
|
||||
gost2012_finish_hash(&ctx, current);
|
||||
}
|
||||
|
||||
xor_material(material36, material5C, current, 64);
|
||||
|
||||
init_gost2012_hash_ctx(&ctx, 256);
|
||||
gost2012_hash_block(&ctx, material36, 32);
|
||||
gost2012_hash_block(&ctx, start12, start12_len);
|
||||
gost2012_hash_block(&ctx, material5C, 32);
|
||||
if (pin_len)
|
||||
gost2012_hash_block(&ctx, pincode4, pin_len * 4);
|
||||
gost2012_finish_hash(&ctx, current);
|
||||
|
||||
init_gost2012_hash_ctx(&ctx, 256);
|
||||
gost2012_hash_block(&ctx, current, 32);
|
||||
gost2012_finish_hash(&ctx, result_key);
|
||||
|
||||
result = 0; //ok
|
||||
err:
|
||||
return result;
|
||||
}
|
||||
|
||||
int make_pwd_key(char *result_key, char *start12, int start12_len, char *passw)
|
||||
{
|
||||
int result;
|
||||
int i;
|
||||
char pincode4[1024];
|
||||
int pin_len;
|
||||
char current[32];
|
||||
char material36[32];
|
||||
char material5C[32];
|
||||
char hash_result[32];
|
||||
gost_hash_ctx ctx;
|
||||
init_gost_hash_ctx(&ctx, &GostR3411_94_CryptoProParamSet);
|
||||
memset(pincode4, 0, sizeof(pincode4));
|
||||
pin_len = strlen(passw);
|
||||
if (pin_len*4 > sizeof(pincode4)) { result = 1; goto err; }
|
||||
for(i = 0; i < pin_len; i++)
|
||||
pincode4[i*4] = passw[i];
|
||||
int result;
|
||||
int i;
|
||||
char pincode4[1024];
|
||||
int pin_len;
|
||||
char current[32];
|
||||
char material36[32];
|
||||
char material5C[32];
|
||||
char hash_result[32];
|
||||
gost_hash_ctx ctx;
|
||||
init_gost_hash_ctx(&ctx, &GostR3411_94_CryptoProParamSet);
|
||||
memset(pincode4, 0, sizeof(pincode4));
|
||||
pin_len = strlen(passw);
|
||||
if (pin_len*4 > sizeof(pincode4)) { result = 1; goto err; }
|
||||
for(i = 0; i < pin_len; i++)
|
||||
pincode4[i*4] = passw[i];
|
||||
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, start12, start12_len);
|
||||
if (pin_len)
|
||||
hash_block(&ctx, pincode4, pin_len * 4);
|
||||
finish_hash(&ctx, hash_result);
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, start12, start12_len);
|
||||
if (pin_len)
|
||||
hash_block(&ctx, pincode4, pin_len * 4);
|
||||
finish_hash(&ctx, hash_result);
|
||||
|
||||
memcpy(current, (char*)"DENEFH028.760246785.IUEFHWUIO.EF", 32);
|
||||
memcpy(current, (char*)"DENEFH028.760246785.IUEFHWUIO.EF", 32);
|
||||
|
||||
for(i = 0; i < (pin_len?2000:2); i++)
|
||||
{
|
||||
xor_material(material36, material5C, current);
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, material36, 32);
|
||||
hash_block(&ctx, hash_result, 32);
|
||||
hash_block(&ctx, material5C, 32);
|
||||
hash_block(&ctx, hash_result, 32);
|
||||
finish_hash(&ctx, current);
|
||||
}
|
||||
for(i = 0; i < (pin_len?2000:2); i++)
|
||||
{
|
||||
xor_material(material36, material5C, current, 32);
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, material36, 32);
|
||||
hash_block(&ctx, hash_result, 32);
|
||||
hash_block(&ctx, material5C, 32);
|
||||
hash_block(&ctx, hash_result, 32);
|
||||
finish_hash(&ctx, current);
|
||||
}
|
||||
|
||||
xor_material(material36, material5C, current);
|
||||
xor_material(material36, material5C, current, 32);
|
||||
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, material36, 32);
|
||||
hash_block(&ctx, start12, start12_len);
|
||||
hash_block(&ctx, material5C, 32);
|
||||
if (pin_len)
|
||||
hash_block(&ctx, pincode4, pin_len * 4);
|
||||
finish_hash(&ctx, current);
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, material36, 32);
|
||||
hash_block(&ctx, start12, start12_len);
|
||||
hash_block(&ctx, material5C, 32);
|
||||
if (pin_len)
|
||||
hash_block(&ctx, pincode4, pin_len * 4);
|
||||
finish_hash(&ctx, current);
|
||||
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, current, 32);
|
||||
finish_hash(&ctx, result_key);
|
||||
start_hash(&ctx);
|
||||
hash_block(&ctx, current, 32);
|
||||
finish_hash(&ctx, result_key);
|
||||
|
||||
result = 0; //ok
|
||||
result = 0; //ok
|
||||
err:
|
||||
return result;
|
||||
return result;
|
||||
}
|
||||
|
||||
BIGNUM *decode_primary_key(char *pwd_key, char *primary_key, BN_CTX *bn_ctx)
|
||||
extern gost_subst_block Gost28147_CryptoProParamSetA;
|
||||
extern gost_subst_block Gost28147_TC26ParamSetZ;
|
||||
BIGNUM *decode_primary_key(char *pwd_key, char *primary_key, BN_CTX *bn_ctx, int len_material, int flag_Z)
|
||||
{
|
||||
BIGNUM *res;
|
||||
char buf[32];
|
||||
gost_ctx ctx;
|
||||
gost_init(&ctx, gost_cipher_list->sblock);
|
||||
gost_key(&ctx, pwd_key);
|
||||
gost_dec(&ctx, primary_key, buf, 4);
|
||||
res = reverse32bn(buf, bn_ctx);
|
||||
OPENSSL_cleanse(buf, sizeof(buf));
|
||||
return res;
|
||||
BIGNUM *res;
|
||||
char buf[64];
|
||||
gost_ctx ctx;
|
||||
if (flag_Z==0)
|
||||
gost_init(&ctx, &Gost28147_CryptoProParamSetA);
|
||||
else
|
||||
gost_init(&ctx, &Gost28147_TC26ParamSetZ);
|
||||
gost_key(&ctx, pwd_key);
|
||||
gost_dec(&ctx, primary_key, buf, len_material/8);
|
||||
res = reverse_bn(buf, len_material, bn_ctx);
|
||||
OPENSSL_cleanse(buf, sizeof(buf));
|
||||
return res;
|
||||
}
|
||||
|
||||
BIGNUM *remove_mask_and_check_public(char *oid_param_set8, BIGNUM *key_with_mask, BIGNUM *mask, char *public8, BN_CTX *ctx)
|
||||
BIGNUM *remove_mask_and_check_public(unsigned char *oid_param_set8, BIGNUM *key_with_mask, BIGNUM *mask, char *public8, BN_CTX *ctx)
|
||||
{
|
||||
int result;
|
||||
EC_KEY *eckey = NULL;
|
||||
const EC_POINT *pubkey;
|
||||
const EC_GROUP *group;
|
||||
BIGNUM *X, *Y, *order, *raw_secret, *mask_inv;
|
||||
char outbuf[32], public_X[32];
|
||||
ASN1_OBJECT *obj;
|
||||
int nid;
|
||||
int result;
|
||||
EC_KEY *eckey = NULL;
|
||||
const EC_POINT *pubkey;
|
||||
const EC_GROUP *group;
|
||||
BIGNUM *X, *Y, *order, *raw_secret, *mask_inv;
|
||||
char outbuf[64], public_X[64];
|
||||
ASN1_OBJECT *obj;
|
||||
int nid;
|
||||
|
||||
order = BN_CTX_get(ctx);
|
||||
mask_inv = BN_CTX_get(ctx);
|
||||
raw_secret = BN_CTX_get(ctx);
|
||||
X = BN_CTX_get(ctx);
|
||||
Y = BN_CTX_get(ctx);
|
||||
if (!order || !mask_inv || !raw_secret || !X || !Y) { result = 1; goto err; }
|
||||
order = BN_CTX_get(ctx);
|
||||
mask_inv = BN_CTX_get(ctx);
|
||||
raw_secret = BN_CTX_get(ctx);
|
||||
X = BN_CTX_get(ctx);
|
||||
Y = BN_CTX_get(ctx);
|
||||
if (!order || !mask_inv || !raw_secret || !X || !Y) { result = 1; goto err; }
|
||||
|
||||
obj = ASN1_OBJECT_create(0, oid_param_set8+1, *oid_param_set8, NULL, NULL);
|
||||
nid = OBJ_obj2nid(obj);
|
||||
ASN1_OBJECT_free(obj);
|
||||
obj = ASN1_OBJECT_create(0, oid_param_set8+1, *oid_param_set8, NULL, NULL);
|
||||
nid = OBJ_obj2nid(obj);
|
||||
ASN1_OBJECT_free(obj);
|
||||
|
||||
if (!(eckey = EC_KEY_new())) { result = 1; goto err; }
|
||||
if (!fill_GOST2001_params(eckey, nid)) { result = 1; goto err; }
|
||||
if (!(group = EC_KEY_get0_group(eckey))) { result = 1; goto err; }
|
||||
if (!EC_GROUP_get_order(group, order, ctx)) { result = 1; goto err; }
|
||||
if (!(eckey = EC_KEY_new())) { result = 1; goto err; }
|
||||
if (!fill_GOST_EC_params(eckey, nid)) { result = 1; goto err; }
|
||||
if (!(group = EC_KEY_get0_group(eckey))) { result = 1; goto err; }
|
||||
if (!EC_GROUP_get_order(group, order, ctx)) { result = 1; goto err; }
|
||||
if (!BN_is_word(EC_GROUP_get0_cofactor(group), 1)) BN_rshift(order, order, 2); //get q from m
|
||||
if (!BN_mod_inverse(mask_inv, mask, order, ctx)) { result = 1; goto err; }
|
||||
if (!BN_mod_mul(raw_secret, key_with_mask, mask_inv, order, ctx)) { result = 1; goto err; }
|
||||
|
||||
if (!BN_mod_inverse(mask_inv, mask, order, ctx)) { result = 1; goto err; }
|
||||
if (!BN_mod_mul(raw_secret, key_with_mask, mask_inv, order, ctx)) { result = 1; goto err; }
|
||||
if (!EC_KEY_set_private_key(eckey, raw_secret)) { result = 1; goto err; }
|
||||
if (!gost_ec_compute_public(eckey)) { result = 1; goto err; }
|
||||
if (!(pubkey = EC_KEY_get0_public_key(eckey))) { result = 1; goto err; }
|
||||
if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) { result = 1; goto err; }
|
||||
|
||||
if (!EC_KEY_set_private_key(eckey, raw_secret)) { result = 1; goto err; }
|
||||
if (!gost2001_compute_public(eckey)) { result = 1; goto err; }
|
||||
if (!(pubkey = EC_KEY_get0_public_key(eckey))) { result = 1; goto err; }
|
||||
if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) { result = 1; goto err; }
|
||||
store_bignum(X, outbuf, sizeof(outbuf));
|
||||
BUF_reverse(public_X, outbuf, sizeof(outbuf));
|
||||
// if (memcmp(public_X, public8, 8) != 0) { result = 1; goto err; }
|
||||
if (find_public8_in_header_buf(public_X)) { result = 1; goto err; }
|
||||
|
||||
store_bignum(X, outbuf, sizeof(outbuf));
|
||||
BUF_reverse(public_X, outbuf, sizeof(outbuf));
|
||||
if (memcmp(public_X, public8, 8) != 0) { result = 1; goto err; }
|
||||
|
||||
result = 0; //ok
|
||||
result = 0; //ok
|
||||
err:
|
||||
if (eckey) EC_KEY_free(eckey);
|
||||
if (result == 0) return raw_secret;
|
||||
return NULL;
|
||||
if (eckey) EC_KEY_free(eckey);
|
||||
if (result == 0) return raw_secret;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int file_length(char *fname)
|
||||
{
|
||||
int len;
|
||||
FILE *f = fopen(fname, "rb");
|
||||
if (f == NULL) return -1;
|
||||
fseek(f, 0, SEEK_END);
|
||||
len = ftell(f);
|
||||
fclose(f);
|
||||
return len;
|
||||
int len;
|
||||
FILE *f = fopen(fname, "rb");
|
||||
if (f == NULL) return -1;
|
||||
fseek(f, 0, SEEK_END);
|
||||
len = ftell(f);
|
||||
fclose(f);
|
||||
return len;
|
||||
}
|
||||
|
||||
int read_file(char *fname, int start_pos, char *buf, int len)
|
||||
{
|
||||
int read_len;
|
||||
FILE *f = fopen(fname, "rb");
|
||||
if (f == NULL) return 1;
|
||||
if (start_pos) fseek(f, start_pos, SEEK_SET);
|
||||
read_len = fread(buf, 1, len, f);
|
||||
fclose(f);
|
||||
if (read_len != len) return 1;
|
||||
return 0; //ok
|
||||
int read_len;
|
||||
FILE *f = fopen(fname, "rb");
|
||||
if (f == NULL) return 1;
|
||||
if (start_pos) fseek(f, start_pos, SEEK_SET);
|
||||
read_len = fread(buf, 1, len, f);
|
||||
fclose(f);
|
||||
if (read_len != len) return 1;
|
||||
return 0; //ok
|
||||
}
|
||||
|
||||
int get_asn1_len(unsigned char *buf, int *size_hdr)
|
||||
{
|
||||
int n, i, res;
|
||||
int pos = 0;
|
||||
if ((buf[pos]&0x80) == 0) {
|
||||
*size_hdr = 1;
|
||||
return buf[pos];
|
||||
}
|
||||
n = buf[pos++]&0x7f;
|
||||
res = 0;
|
||||
for(i = 0; i < n; i++) {
|
||||
res = res*256 + buf[pos++];
|
||||
}
|
||||
*size_hdr = n+1;
|
||||
return res;
|
||||
}
|
||||
|
||||
#define MAX_HEADER 20000
|
||||
int read_container(char *fpath, int flag2, char *salt12, char *primary_key, char *masks_key, char *public8, char *oid_param_set8)
|
||||
{
|
||||
int result;
|
||||
char primary_path[1024+30];
|
||||
char masks_path[1024+30];
|
||||
char header_path[1024+30];
|
||||
char header_buf[MAX_HEADER];
|
||||
int header_len;
|
||||
int i, len, pos, size_hdr;
|
||||
|
||||
if (strlen(fpath)>1024) { result = 1; goto err; }
|
||||
|
||||
sprintf(header_path, "%s/header.key", fpath);
|
||||
if (flag2 == 0)
|
||||
{
|
||||
sprintf(primary_path, "%s/primary.key", fpath);
|
||||
sprintf(masks_path, "%s/masks.key", fpath);
|
||||
}
|
||||
else
|
||||
{
|
||||
sprintf(primary_path, "%s/primary2.key", fpath);
|
||||
sprintf(masks_path, "%s/masks2.key", fpath);
|
||||
}
|
||||
|
||||
if (read_file(primary_path, 4, primary_key, 32)) { result = 1; goto err; }
|
||||
if (read_file(masks_path, 4, masks_key, 32)) { result = 1; goto err; }
|
||||
if (read_file(masks_path, 0x26, salt12, 12)) { result = 1; goto err; }
|
||||
|
||||
header_len = file_length(header_path);
|
||||
if (header_len < 0x42 || header_len > MAX_HEADER) { result = 1; goto err; }
|
||||
if (read_file(header_path, 0, header_buf, header_len)) { result = 1; goto err; }
|
||||
|
||||
//------------- skip certificate ---------------------------
|
||||
pos = 0;
|
||||
for(i = 0; i < 2; i++)
|
||||
{
|
||||
get_asn1_len(header_buf+pos+1, &size_hdr);
|
||||
pos += size_hdr+1;
|
||||
if (pos > header_len-8) { result = 2; goto err; }
|
||||
}
|
||||
|
||||
//------------------ get oid_param_set8 -----------------------
|
||||
#define PARAM_SET_POS 34
|
||||
if (memcmp(header_buf+pos+PARAM_SET_POS, "\x6\x7", 2) != 0) { result = 2; goto err; }
|
||||
memcpy(oid_param_set8, header_buf+pos+PARAM_SET_POS+1, 8);
|
||||
|
||||
//------------------ get public8 -----------------------
|
||||
result = 2; //not found
|
||||
pos += 52;
|
||||
for(i = 0; i < 3; i++)
|
||||
{
|
||||
len = get_asn1_len(header_buf+pos+1, &size_hdr);
|
||||
if (len == 8 && memcmp(header_buf+pos, "\x8a\x8", 2) == 0)
|
||||
{
|
||||
memcpy(public8,header_buf+pos+2,8);
|
||||
result = 0; //ok
|
||||
break;
|
||||
}
|
||||
pos += len+size_hdr+1;
|
||||
if (pos > header_len-8) { result = 2; goto err; }
|
||||
}
|
||||
err:
|
||||
OPENSSL_cleanse(header_buf, sizeof(header_buf));
|
||||
return result;
|
||||
}
|
||||
|
||||
#define START_OID 0x12
|
||||
#define START_KEY 0x28
|
||||
unsigned char asn1_private_key[72] = {
|
||||
0x30,0x46,2,1,0,0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x11,
|
||||
0x11,0x11,0x11,0x11,0x11,0x11,6,7,0x2a,0x85,3,2,2,0x1e,1,4,0x23,2,0x21,0
|
||||
#define OID_LIST 14
|
||||
static unsigned char oid_list[OID_LIST][35] = {
|
||||
{0x30,0x21,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,1,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,1,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,2,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,3,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x24,0,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0x30,0x1c,6,6,0x2a,0x85,3,2,2,0x13,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x24,1,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0x30,0x1f,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x1f,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,2,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x1f,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,3,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x1f,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x24,0,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x1f,6,8,0x2a,0x85,3,7,1,1,1,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x24,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0x30,0x21,6,8,0x2a,0x85,3,7,1,1,1,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,1,6,8,0x2a,0x85,3,7,1,1,2,3},
|
||||
{0x30,0x21,6,8,0x2a,0x85,3,7,1,1,1,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,2,6,8,0x2a,0x85,3,7,1,1,2,3},
|
||||
{0x30,0x21,6,8,0x2a,0x85,3,7,1,1,1,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,3,6,8,0x2a,0x85,3,7,1,1,2,3}
|
||||
};
|
||||
static unsigned char oid_list_header[OID_LIST][35] = {
|
||||
{0xa0,0x21,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,1,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x1c,6,6,0x2a,0x85,3,2,2,0x62,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,1,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0xa0,0x1c,6,6,0x2a,0x85,3,2,2,0x62,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,2,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0xa0,0x1c,6,6,0x2a,0x85,3,2,2,0x62,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x23,3,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0xa0,0x1c,6,6,0x2a,0x85,3,2,2,0x62,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x24,0,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0xa0,0x1c,6,6,0x2a,0x85,3,2,2,0x62,0x30,0x12,6,7,0x2a,0x85,3,2,2,0x24,1,6,7,0x2a,0x85,3,2,2,0x1e,1},
|
||||
{0xa0,0x1f,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x1f,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,2,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x1f,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x23,3,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x1f,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x24,0,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x1f,6,8,0x2a,0x85,3,7,1,1,6,1,0x30,0x13,6,7,0x2a,0x85,3,2,2,0x24,1,6,8,0x2a,0x85,3,7,1,1,2,2},
|
||||
{0xa0,0x21,6,8,0x2a,0x85,3,7,1,1,6,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,1,6,8,0x2a,0x85,3,7,1,1,2,3},
|
||||
{0xa0,0x21,6,8,0x2a,0x85,3,7,1,1,6,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,2,6,8,0x2a,0x85,3,7,1,1,2,3},
|
||||
{0xa0,0x21,6,8,0x2a,0x85,3,7,1,1,6,2,0x30,0x15,6,9,0x2a,0x85,3,7,1,2,1,2,3,6,8,0x2a,0x85,3,7,1,1,2,3}
|
||||
};
|
||||
static int flag_z_list[OID_LIST] = {1,0,0,0,0,0,1,1,1,1,1,1,1,1};
|
||||
static int len_material_list[OID_LIST] = {32,32,32,32,32,32,32,32,32,32,32,64,64,64};
|
||||
static int len_material_pwd_list[OID_LIST] = {64,32,32,32,32,32,64,64,64,64,64,64,64,64};
|
||||
|
||||
#define OID_LEN 1
|
||||
int check_oid(unsigned char *str1, int str1_len, unsigned char *str2)
|
||||
{
|
||||
int i,j;
|
||||
int str2_len = str2[OID_LEN]+2; //oid len
|
||||
for(i=0;i<str1_len-str2_len;i++)
|
||||
{
|
||||
for(j=0;;j++)
|
||||
{
|
||||
if (j==str2_len) return 0; //ok
|
||||
if (str1[i+j]!=str2[j]) break;
|
||||
}
|
||||
}
|
||||
return 1; //not found
|
||||
}
|
||||
|
||||
int read_container(char *fpath, int flag2, char *salt12, char *primary_key, char *masks_key, char *public8, int *param_set)
|
||||
{
|
||||
int result=0;
|
||||
char primary_path[1024+30];
|
||||
char masks_path[1024+30];
|
||||
char header_path[1024+30];
|
||||
int i, len, pos, size_hdr;
|
||||
|
||||
if (strlen(fpath)>1024) { result = 1; goto err; }
|
||||
|
||||
sprintf(header_path, "%s/header.key", fpath);
|
||||
if (flag2 == 0)
|
||||
{
|
||||
sprintf(primary_path, "%s/primary.key", fpath);
|
||||
sprintf(masks_path, "%s/masks.key", fpath);
|
||||
}
|
||||
else
|
||||
{
|
||||
sprintf(primary_path, "%s/primary2.key", fpath);
|
||||
sprintf(masks_path, "%s/masks2.key", fpath);
|
||||
}
|
||||
header_len = file_length(header_path);
|
||||
if (header_len < 0x42 || header_len > MAX_HEADER) { result = 1; goto err; }
|
||||
if (read_file(header_path, 0, header_buf, header_len)) { result = 1; goto err; }
|
||||
//------------- get param set ---------------------------
|
||||
for(i=0;i<OID_LIST;i++) if (check_oid(header_buf, header_len, oid_list_header[i])==0) break;
|
||||
if (i==OID_LIST) { result = 2; goto err; }; //not found
|
||||
*param_set = i; //param set found
|
||||
if (read_file(primary_path, 4, primary_key, len_material_list[i])) { result = 1; goto err; }
|
||||
if (read_file(masks_path, 4, masks_key, len_material_list[i])) { result = 1; goto err; }
|
||||
if (read_file(masks_path, 0x26+len_material_list[i]-32, salt12, 12)) { result = 1; goto err; }
|
||||
//------------------ get public8 -----------------------
|
||||
// pos = header_len - 51;
|
||||
// if (memcmp(header_buf+pos, "\x8a\x8", 2) == 0)
|
||||
// {
|
||||
// memcpy(public8,header_buf+pos+2,8);
|
||||
// result = 0; //ok
|
||||
// }
|
||||
// else
|
||||
// result = 2; //not found
|
||||
err:
|
||||
// OPENSSL_cleanse(header_buf, sizeof(header_buf));
|
||||
return result;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
int result;
|
||||
char *container_path;
|
||||
char *passw;
|
||||
char salt12[12];
|
||||
char primary_key[32];
|
||||
char masks_key[32];
|
||||
char public8[8];
|
||||
char oid_param_set8[8];
|
||||
BN_CTX *ctx;
|
||||
BIGNUM *key_with_mask;
|
||||
BIGNUM *mask;
|
||||
BIGNUM *raw_key;
|
||||
char pwd_key[32];
|
||||
char outbuf[32];
|
||||
int result;
|
||||
char *container_path;
|
||||
char *passw;
|
||||
char salt12[12];
|
||||
char primary_key[64];
|
||||
char masks_key[64];
|
||||
char public8[8];
|
||||
unsigned char *oid_publ_key;
|
||||
BN_CTX *ctx;
|
||||
BIGNUM *key_with_mask;
|
||||
BIGNUM *mask;
|
||||
BIGNUM *raw_key;
|
||||
char pwd_key[32];
|
||||
char outbuf[64];
|
||||
int param_set;
|
||||
int len_material;
|
||||
char asn1_private_key[5+50+5+50];
|
||||
int len_private_key;
|
||||
|
||||
ctx = BN_CTX_new();
|
||||
ctx = BN_CTX_new();
|
||||
|
||||
if (argc == 2)
|
||||
{
|
||||
container_path = argv[1];
|
||||
passw = "";
|
||||
}
|
||||
else
|
||||
if (argc == 3)
|
||||
{
|
||||
container_path = argv[1];
|
||||
passw = argv[2];
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("get_private container_path [passw]\n");
|
||||
result = 1;
|
||||
goto err;
|
||||
}
|
||||
if (argc == 2)
|
||||
{
|
||||
container_path = argv[1];
|
||||
passw = "";
|
||||
}
|
||||
else
|
||||
if (argc == 3)
|
||||
{
|
||||
container_path = argv[1];
|
||||
passw = argv[2];
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("%s <path to cryptopro key container> [passw]\n", argv[0]);
|
||||
result = 1;
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (read_container(container_path, 0, salt12, primary_key, masks_key, public8, oid_param_set8) != 0 &&
|
||||
read_container(container_path, 1, salt12, primary_key, masks_key, public8, oid_param_set8) != 0)
|
||||
{
|
||||
printf("can not read container from %s\n", container_path);
|
||||
result = 2;
|
||||
goto err;
|
||||
}
|
||||
if (read_container(container_path, 0, salt12, primary_key, masks_key, public8, ¶m_set) != 0 &&
|
||||
read_container(container_path, 1, salt12, primary_key, masks_key, public8, ¶m_set) != 0)
|
||||
{
|
||||
printf("cannot read container from %s\n", container_path);
|
||||
result = 2;
|
||||
goto err;
|
||||
}
|
||||
len_material = len_material_list[param_set];
|
||||
oid_publ_key = oid_list[param_set]+3;
|
||||
oid_publ_key += oid_publ_key[0]+4;
|
||||
|
||||
make_pwd_key(pwd_key, salt12, 12, passw);
|
||||
key_with_mask = decode_primary_key(pwd_key, primary_key, ctx);
|
||||
OPENSSL_cleanse(pwd_key, sizeof(pwd_key));
|
||||
mask = reverse32bn(masks_key, ctx);
|
||||
raw_key = remove_mask_and_check_public(oid_param_set8, key_with_mask, mask, public8, ctx);
|
||||
if (len_material_pwd_list[param_set]==64)
|
||||
make_pwd_key64(pwd_key, salt12, 12, passw);
|
||||
else
|
||||
make_pwd_key(pwd_key, salt12, 12, passw);
|
||||
key_with_mask = decode_primary_key(pwd_key, primary_key, ctx, len_material, flag_z_list[param_set]);
|
||||
OPENSSL_cleanse(pwd_key, sizeof(pwd_key));
|
||||
mask = reverse_bn(masks_key, len_material, ctx);
|
||||
raw_key = remove_mask_and_check_public(oid_publ_key, key_with_mask, mask, public8, ctx);
|
||||
|
||||
if (raw_key)
|
||||
{
|
||||
BIO *bio;
|
||||
store_bignum(raw_key, outbuf, sizeof(outbuf));
|
||||
memcpy(asn1_private_key+START_OID, oid_param_set8, 8);
|
||||
memcpy(asn1_private_key+START_KEY, outbuf, 32);
|
||||
//bio = BIO_new_file("private.key", "w");
|
||||
bio = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||
PEM_write_bio(bio, "PRIVATE KEY", "", asn1_private_key, sizeof(asn1_private_key));
|
||||
BIO_free(bio);
|
||||
OPENSSL_cleanse(outbuf, sizeof(outbuf));
|
||||
OPENSSL_cleanse(asn1_private_key, sizeof(asn1_private_key));
|
||||
result = 0; //ok
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("Error check public key\n");
|
||||
result = 3;
|
||||
}
|
||||
if (raw_key)
|
||||
{
|
||||
BIO *bio;
|
||||
int flag_pad=0;
|
||||
int len_oid;
|
||||
store_bignum(raw_key, outbuf, len_material);
|
||||
if (outbuf[0]&0x80) flag_pad=1;
|
||||
len_private_key=0;
|
||||
asn1_private_key[len_private_key++]=0x30;
|
||||
asn1_private_key[len_private_key++]=0x46;
|
||||
asn1_private_key[len_private_key++]=2;
|
||||
asn1_private_key[len_private_key++]=1;
|
||||
asn1_private_key[len_private_key++]=0;
|
||||
len_oid=oid_list[param_set][OID_LEN]+2;
|
||||
memcpy(asn1_private_key+len_private_key, oid_list[param_set], len_oid); len_private_key+=len_oid;
|
||||
asn1_private_key[len_private_key++]=0x4;
|
||||
asn1_private_key[len_private_key++]=len_material+flag_pad+2;
|
||||
asn1_private_key[len_private_key++]=0x2;
|
||||
asn1_private_key[len_private_key++]=len_material+flag_pad;
|
||||
if (flag_pad) asn1_private_key[len_private_key++]=0;
|
||||
memcpy(asn1_private_key+len_private_key, outbuf, len_material); len_private_key+=len_material;
|
||||
asn1_private_key[1]=len_private_key-2;
|
||||
//bio = BIO_new_file("private.key", "w");
|
||||
bio = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||
PEM_write_bio(bio, "PRIVATE KEY", "", asn1_private_key, len_private_key);
|
||||
BIO_free(bio);
|
||||
OPENSSL_cleanse(outbuf, sizeof(outbuf));
|
||||
OPENSSL_cleanse(asn1_private_key, sizeof(asn1_private_key));
|
||||
result = 0; //ok
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("Error check public key\n");
|
||||
result = 3;
|
||||
}
|
||||
|
||||
err:
|
||||
BN_CTX_free(ctx);
|
||||
OPENSSL_cleanse(salt12, sizeof(salt12));
|
||||
OPENSSL_cleanse(primary_key, sizeof(primary_key));
|
||||
OPENSSL_cleanse(masks_key, sizeof(masks_key));
|
||||
return result;
|
||||
BN_CTX_free(ctx);
|
||||
OPENSSL_cleanse(salt12, sizeof(salt12));
|
||||
OPENSSL_cleanse(primary_key, sizeof(primary_key));
|
||||
OPENSSL_cleanse(masks_key, sizeof(masks_key));
|
||||
return result;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
/*
|
||||
* GOST R 34.11-2012 core functions definitions.
|
||||
*
|
||||
* Copyright (c) 2013 Cryptocom LTD.
|
||||
* This file is distributed under the same license as OpenSSL.
|
||||
*
|
||||
* Author: Alexey Degtyarev <alexey@renatasystems.org>
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef OPENSSL_IA32_SSE2
|
||||
# ifdef __MMX__
|
||||
# ifdef __SSE2__
|
||||
# define __GOST3411_HAS_SSE2__
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifdef __GOST3411_HAS_SSE2__
|
||||
# if (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 2)
|
||||
# undef __GOST3411_HAS_SSE2__
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef L_ENDIAN
|
||||
# define __GOST3411_BIG_ENDIAN__
|
||||
#endif
|
||||
#if defined __GOST3411_HAS_SSE2__
|
||||
# include "gosthash2012_sse2.h"
|
||||
#else
|
||||
# include "gosthash2012_ref.h"
|
||||
#endif
|
||||
|
||||
#ifdef _MSC_VER
|
||||
# define ALIGN(x) __declspec(align(x))
|
||||
#else
|
||||
# define ALIGN(x) __attribute__ ((__aligned__(x)))
|
||||
#endif
|
||||
|
||||
ALIGN(16)
|
||||
typedef union uint512_u {
|
||||
unsigned long long QWORD[8];
|
||||
} uint512_u;
|
||||
|
||||
#include "gosthash2012_const.h"
|
||||
#include "gosthash2012_precalc.h"
|
||||
|
||||
/* GOST R 34.11-2012 hash context */
|
||||
ALIGN(16)
|
||||
typedef struct gost2012_hash_ctx {
|
||||
ALIGN(16) unsigned char buffer[64];
|
||||
union uint512_u hash;
|
||||
union uint512_u h;
|
||||
union uint512_u N;
|
||||
union uint512_u Sigma;
|
||||
size_t bufsize;
|
||||
unsigned int digest_size;
|
||||
} gost2012_hash_ctx;
|
||||
|
||||
void init_gost2012_hash_ctx(gost2012_hash_ctx * CTX,
|
||||
const unsigned int digest_size);
|
||||
void gost2012_hash_block(gost2012_hash_ctx * CTX,
|
||||
const unsigned char *data, size_t len);
|
||||
void gost2012_finish_hash(gost2012_hash_ctx * CTX, unsigned char *digest);
|
|
@ -0,0 +1,352 @@
|
|||
/*
|
||||
* GOST R 34.11-2012 constants.
|
||||
*
|
||||
* Copyright (c) 2013 Cryptocom LTD.
|
||||
* This file is distributed under the same license as OpenSSL.
|
||||
*
|
||||
* Author: Alexey Degtyarev <alexey@renatasystems.org>
|
||||
*
|
||||
*/
|
||||
|
||||
ALIGN(16)
|
||||
static const union uint512_u buffer0 = {
|
||||
{0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL}
|
||||
};
|
||||
|
||||
#ifndef __GOST3411_BIG_ENDIAN__
|
||||
ALIGN(16)
|
||||
static const union uint512_u buffer512 = {
|
||||
{0x0000000000000200ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL,
|
||||
0x0ULL}
|
||||
};
|
||||
#else
|
||||
ALIGN(16)
|
||||
static const union uint512_u buffer512 = {
|
||||
{0x0002000000000000ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL, 0x0ULL,
|
||||
0x0ULL}
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifndef __GOST3411_BIG_ENDIAN__
|
||||
ALIGN(16)
|
||||
static const union uint512_u C[12] = {
|
||||
{{
|
||||
0xdd806559f2a64507ULL,
|
||||
0x05767436cc744d23ULL,
|
||||
0xa2422a08a460d315ULL,
|
||||
0x4b7ce09192676901ULL,
|
||||
0x714eb88d7585c4fcULL,
|
||||
0x2f6a76432e45d016ULL,
|
||||
0xebcb2f81c0657c1fULL,
|
||||
0xb1085bda1ecadae9ULL}},
|
||||
{{
|
||||
0xe679047021b19bb7ULL,
|
||||
0x55dda21bd7cbcd56ULL,
|
||||
0x5cb561c2db0aa7caULL,
|
||||
0x9ab5176b12d69958ULL,
|
||||
0x61d55e0f16b50131ULL,
|
||||
0xf3feea720a232b98ULL,
|
||||
0x4fe39d460f70b5d7ULL,
|
||||
0x6fa3b58aa99d2f1aULL}},
|
||||
{{
|
||||
0x991e96f50aba0ab2ULL,
|
||||
0xc2b6f443867adb31ULL,
|
||||
0xc1c93a376062db09ULL,
|
||||
0xd3e20fe490359eb1ULL,
|
||||
0xf2ea7514b1297b7bULL,
|
||||
0x06f15e5f529c1f8bULL,
|
||||
0x0a39fc286a3d8435ULL,
|
||||
0xf574dcac2bce2fc7ULL}},
|
||||
{{
|
||||
0x220cbebc84e3d12eULL,
|
||||
0x3453eaa193e837f1ULL,
|
||||
0xd8b71333935203beULL,
|
||||
0xa9d72c82ed03d675ULL,
|
||||
0x9d721cad685e353fULL,
|
||||
0x488e857e335c3c7dULL,
|
||||
0xf948e1a05d71e4ddULL,
|
||||
0xef1fdfb3e81566d2ULL}},
|
||||
{{
|
||||
0x601758fd7c6cfe57ULL,
|
||||
0x7a56a27ea9ea63f5ULL,
|
||||
0xdfff00b723271a16ULL,
|
||||
0xbfcd1747253af5a3ULL,
|
||||
0x359e35d7800fffbdULL,
|
||||
0x7f151c1f1686104aULL,
|
||||
0x9a3f410c6ca92363ULL,
|
||||
0x4bea6bacad474799ULL}},
|
||||
{{
|
||||
0xfa68407a46647d6eULL,
|
||||
0xbf71c57236904f35ULL,
|
||||
0x0af21f66c2bec6b6ULL,
|
||||
0xcffaa6b71c9ab7b4ULL,
|
||||
0x187f9ab49af08ec6ULL,
|
||||
0x2d66c4f95142a46cULL,
|
||||
0x6fa4c33b7a3039c0ULL,
|
||||
0xae4faeae1d3ad3d9ULL}},
|
||||
{{
|
||||
0x8886564d3a14d493ULL,
|
||||
0x3517454ca23c4af3ULL,
|
||||
0x06476983284a0504ULL,
|
||||
0x0992abc52d822c37ULL,
|
||||
0xd3473e33197a93c9ULL,
|
||||
0x399ec6c7e6bf87c9ULL,
|
||||
0x51ac86febf240954ULL,
|
||||
0xf4c70e16eeaac5ecULL}},
|
||||
{{
|
||||
0xa47f0dd4bf02e71eULL,
|
||||
0x36acc2355951a8d9ULL,
|
||||
0x69d18d2bd1a5c42fULL,
|
||||
0xf4892bcb929b0690ULL,
|
||||
0x89b4443b4ddbc49aULL,
|
||||
0x4eb7f8719c36de1eULL,
|
||||
0x03e7aa020c6e4141ULL,
|
||||
0x9b1f5b424d93c9a7ULL}},
|
||||
{{
|
||||
0x7261445183235adbULL,
|
||||
0x0e38dc92cb1f2a60ULL,
|
||||
0x7b2b8a9aa6079c54ULL,
|
||||
0x800a440bdbb2ceb1ULL,
|
||||
0x3cd955b7e00d0984ULL,
|
||||
0x3a7d3a1b25894224ULL,
|
||||
0x944c9ad8ec165fdeULL,
|
||||
0x378f5a541631229bULL}},
|
||||
{{
|
||||
0x74b4c7fb98459cedULL,
|
||||
0x3698fad1153bb6c3ULL,
|
||||
0x7a1e6c303b7652f4ULL,
|
||||
0x9fe76702af69334bULL,
|
||||
0x1fffe18a1b336103ULL,
|
||||
0x8941e71cff8a78dbULL,
|
||||
0x382ae548b2e4f3f3ULL,
|
||||
0xabbedea680056f52ULL}},
|
||||
{{
|
||||
0x6bcaa4cd81f32d1bULL,
|
||||
0xdea2594ac06fd85dULL,
|
||||
0xefbacd1d7d476e98ULL,
|
||||
0x8a1d71efea48b9caULL,
|
||||
0x2001802114846679ULL,
|
||||
0xd8fa6bbbebab0761ULL,
|
||||
0x3002c6cd635afe94ULL,
|
||||
0x7bcd9ed0efc889fbULL}},
|
||||
{{
|
||||
0x48bc924af11bd720ULL,
|
||||
0xfaf417d5d9b21b99ULL,
|
||||
0xe71da4aa88e12852ULL,
|
||||
0x5d80ef9d1891cc86ULL,
|
||||
0xf82012d430219f9bULL,
|
||||
0xcda43c32bcdf1d77ULL,
|
||||
0xd21380b00449b17aULL,
|
||||
0x378ee767f11631baULL}}
|
||||
};
|
||||
#else
|
||||
ALIGN(16)
|
||||
static const union uint512_u C[12] = {
|
||||
{{
|
||||
0x0745a6f2596580ddULL,
|
||||
0x234d74cc36747605ULL,
|
||||
0x15d360a4082a42a2ULL,
|
||||
0x0169679291e07c4bULL,
|
||||
0xfcc485758db84e71ULL,
|
||||
0x16d0452e43766a2fULL,
|
||||
0x1f7c65c0812fcbebULL,
|
||||
0xe9daca1eda5b08b1ULL}},
|
||||
{{
|
||||
0xb79bb121700479e6ULL,
|
||||
0x56cdcbd71ba2dd55ULL,
|
||||
0xcaa70adbc261b55cULL,
|
||||
0x5899d6126b17b59aULL,
|
||||
0x3101b5160f5ed561ULL,
|
||||
0x982b230a72eafef3ULL,
|
||||
0xd7b5700f469de34fULL,
|
||||
0x1a2f9da98ab5a36fULL}},
|
||||
{{
|
||||
0xb20aba0af5961e99ULL,
|
||||
0x31db7a8643f4b6c2ULL,
|
||||
0x09db6260373ac9c1ULL,
|
||||
0xb19e3590e40fe2d3ULL,
|
||||
0x7b7b29b11475eaf2ULL,
|
||||
0x8b1f9c525f5ef106ULL,
|
||||
0x35843d6a28fc390aULL,
|
||||
0xc72fce2bacdc74f5ULL}},
|
||||
{{
|
||||
0x2ed1e384bcbe0c22ULL,
|
||||
0xf137e893a1ea5334ULL,
|
||||
0xbe0352933313b7d8ULL,
|
||||
0x75d603ed822cd7a9ULL,
|
||||
0x3f355e68ad1c729dULL,
|
||||
0x7d3c5c337e858e48ULL,
|
||||
0xdde4715da0e148f9ULL,
|
||||
0xd26615e8b3df1fefULL}},
|
||||
{{
|
||||
0x57fe6c7cfd581760ULL,
|
||||
0xf563eaa97ea2567aULL,
|
||||
0x161a2723b700ffdfULL,
|
||||
0xa3f53a254717cdbfULL,
|
||||
0xbdff0f80d7359e35ULL,
|
||||
0x4a1086161f1c157fULL,
|
||||
0x6323a96c0c413f9aULL,
|
||||
0x994747adac6bea4bULL}},
|
||||
{{
|
||||
0x6e7d64467a4068faULL,
|
||||
0x354f903672c571bfULL,
|
||||
0xb6c6bec2661ff20aULL,
|
||||
0xb4b79a1cb7a6facfULL,
|
||||
0xc68ef09ab49a7f18ULL,
|
||||
0x6ca44251f9c4662dULL,
|
||||
0xc039307a3bc3a46fULL,
|
||||
0xd9d33a1daeae4faeULL}},
|
||||
{{
|
||||
0x93d4143a4d568688ULL,
|
||||
0xf34a3ca24c451735ULL,
|
||||
0x04054a2883694706ULL,
|
||||
0x372c822dc5ab9209ULL,
|
||||
0xc9937a19333e47d3ULL,
|
||||
0xc987bfe6c7c69e39ULL,
|
||||
0x540924bffe86ac51ULL,
|
||||
0xecc5aaee160ec7f4ULL}},
|
||||
{{
|
||||
0x1ee702bfd40d7fa4ULL,
|
||||
0xd9a8515935c2ac36ULL,
|
||||
0x2fc4a5d12b8dd169ULL,
|
||||
0x90069b92cb2b89f4ULL,
|
||||
0x9ac4db4d3b44b489ULL,
|
||||
0x1ede369c71f8b74eULL,
|
||||
0x41416e0c02aae703ULL,
|
||||
0xa7c9934d425b1f9bULL}},
|
||||
{{
|
||||
0xdb5a238351446172ULL,
|
||||
0x602a1fcb92dc380eULL,
|
||||
0x549c07a69a8a2b7bULL,
|
||||
0xb1ceb2db0b440a80ULL,
|
||||
0x84090de0b755d93cULL,
|
||||
0x244289251b3a7d3aULL,
|
||||
0xde5f16ecd89a4c94ULL,
|
||||
0x9b223116545a8f37ULL}},
|
||||
{{
|
||||
0xed9c4598fbc7b474ULL,
|
||||
0xc3b63b15d1fa9836ULL,
|
||||
0xf452763b306c1e7aULL,
|
||||
0x4b3369af0267e79fULL,
|
||||
0x0361331b8ae1ff1fULL,
|
||||
0xdb788aff1ce74189ULL,
|
||||
0xf3f3e4b248e52a38ULL,
|
||||
0x526f0580a6debeabULL}},
|
||||
{{
|
||||
0x1b2df381cda4ca6bULL,
|
||||
0x5dd86fc04a59a2deULL,
|
||||
0x986e477d1dcdbaefULL,
|
||||
0xcab948eaef711d8aULL,
|
||||
0x7966841421800120ULL,
|
||||
0x6107abebbb6bfad8ULL,
|
||||
0x94fe5a63cdc60230ULL,
|
||||
0xfb89c8efd09ecd7bULL}},
|
||||
{{
|
||||
0x20d71bf14a92bc48ULL,
|
||||
0x991bb2d9d517f4faULL,
|
||||
0x5228e188aaa41de7ULL,
|
||||
0x86cc91189def805dULL,
|
||||
0x9b9f2130d41220f8ULL,
|
||||
0x771ddfbc323ca4cdULL,
|
||||
0x7ab14904b08013d2ULL,
|
||||
0xba3116f167e78e37ULL}}
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifndef __GOST3411_BIG_ENDIAN__
|
||||
static const unsigned long long A[64] = {
|
||||
0x8e20faa72ba0b470ULL, 0x47107ddd9b505a38ULL, 0xad08b0e0c3282d1cULL,
|
||||
0xd8045870ef14980eULL, 0x6c022c38f90a4c07ULL, 0x3601161cf205268dULL,
|
||||
0x1b8e0b0e798c13c8ULL, 0x83478b07b2468764ULL, 0xa011d380818e8f40ULL,
|
||||
0x5086e740ce47c920ULL, 0x2843fd2067adea10ULL, 0x14aff010bdd87508ULL,
|
||||
0x0ad97808d06cb404ULL, 0x05e23c0468365a02ULL, 0x8c711e02341b2d01ULL,
|
||||
0x46b60f011a83988eULL, 0x90dab52a387ae76fULL, 0x486dd4151c3dfdb9ULL,
|
||||
0x24b86a840e90f0d2ULL, 0x125c354207487869ULL, 0x092e94218d243cbaULL,
|
||||
0x8a174a9ec8121e5dULL, 0x4585254f64090fa0ULL, 0xaccc9ca9328a8950ULL,
|
||||
0x9d4df05d5f661451ULL, 0xc0a878a0a1330aa6ULL, 0x60543c50de970553ULL,
|
||||
0x302a1e286fc58ca7ULL, 0x18150f14b9ec46ddULL, 0x0c84890ad27623e0ULL,
|
||||
0x0642ca05693b9f70ULL, 0x0321658cba93c138ULL, 0x86275df09ce8aaa8ULL,
|
||||
0x439da0784e745554ULL, 0xafc0503c273aa42aULL, 0xd960281e9d1d5215ULL,
|
||||
0xe230140fc0802984ULL, 0x71180a8960409a42ULL, 0xb60c05ca30204d21ULL,
|
||||
0x5b068c651810a89eULL, 0x456c34887a3805b9ULL, 0xac361a443d1c8cd2ULL,
|
||||
0x561b0d22900e4669ULL, 0x2b838811480723baULL, 0x9bcf4486248d9f5dULL,
|
||||
0xc3e9224312c8c1a0ULL, 0xeffa11af0964ee50ULL, 0xf97d86d98a327728ULL,
|
||||
0xe4fa2054a80b329cULL, 0x727d102a548b194eULL, 0x39b008152acb8227ULL,
|
||||
0x9258048415eb419dULL, 0x492c024284fbaec0ULL, 0xaa16012142f35760ULL,
|
||||
0x550b8e9e21f7a530ULL, 0xa48b474f9ef5dc18ULL, 0x70a6a56e2440598eULL,
|
||||
0x3853dc371220a247ULL, 0x1ca76e95091051adULL, 0x0edd37c48a08a6d8ULL,
|
||||
0x07e095624504536cULL, 0x8d70c431ac02a736ULL, 0xc83862965601dd1bULL,
|
||||
0x641c314b2b8ee083ULL
|
||||
};
|
||||
#else
|
||||
static const unsigned long long A[64] = {
|
||||
0x70b4a02ba7fa208eULL, 0x385a509bdd7d1047ULL, 0x1c2d28c3e0b008adULL,
|
||||
0x0e9814ef705804d8ULL, 0x074c0af9382c026cULL, 0x8d2605f21c160136ULL,
|
||||
0xc8138c790e0b8e1bULL, 0x648746b2078b4783ULL, 0x408f8e8180d311a0ULL,
|
||||
0x20c947ce40e78650ULL, 0x10eaad6720fd4328ULL, 0x0875d8bd10f0af14ULL,
|
||||
0x04b46cd00878d90aULL, 0x025a3668043ce205ULL, 0x012d1b34021e718cULL,
|
||||
0x8e98831a010fb646ULL, 0x6fe77a382ab5da90ULL, 0xb9fd3d1c15d46d48ULL,
|
||||
0xd2f0900e846ab824ULL, 0x6978480742355c12ULL, 0xba3c248d21942e09ULL,
|
||||
0x5d1e12c89e4a178aULL, 0xa00f09644f258545ULL, 0x50898a32a99cccacULL,
|
||||
0x5114665f5df04d9dULL, 0xa60a33a1a078a8c0ULL, 0x530597de503c5460ULL,
|
||||
0xa78cc56f281e2a30ULL, 0xdd46ecb9140f1518ULL, 0xe02376d20a89840cULL,
|
||||
0x709f3b6905ca4206ULL, 0x38c193ba8c652103ULL, 0xa8aae89cf05d2786ULL,
|
||||
0x5455744e78a09d43ULL, 0x2aa43a273c50c0afULL, 0x15521d9d1e2860d9ULL,
|
||||
0x842980c00f1430e2ULL, 0x429a4060890a1871ULL, 0x214d2030ca050cb6ULL,
|
||||
0x9ea81018658c065bULL, 0xb905387a88346c45ULL, 0xd28c1c3d441a36acULL,
|
||||
0x69460e90220d1b56ULL, 0xba2307481188832bULL, 0x5d9f8d248644cf9bULL,
|
||||
0xa0c1c8124322e9c3ULL, 0x50ee6409af11faefULL, 0x2877328ad9867df9ULL,
|
||||
0x9c320ba85420fae4ULL, 0x4e198b542a107d72ULL, 0x2782cb2a1508b039ULL,
|
||||
0x9d41eb1584045892ULL, 0xc0aefb8442022c49ULL, 0x6057f342210116aaULL,
|
||||
0x30a5f7219e8e0b55ULL, 0x18dcf59e4f478ba4ULL, 0x8e5940246ea5a670ULL,
|
||||
0x47a2201237dc5338ULL, 0xad511009956ea71cULL, 0xd8a6088ac437dd0eULL,
|
||||
0x6c5304456295e007ULL, 0x36a702ac31c4708dULL, 0x1bdd0156966238c8ULL,
|
||||
0x83e08e2b4b311c64ULL
|
||||
};
|
||||
#endif
|
||||
|
||||
static const unsigned char Tau[64] = {
|
||||
0, 8, 16, 24, 32, 40, 48, 56,
|
||||
1, 9, 17, 25, 33, 41, 49, 57,
|
||||
2, 10, 18, 26, 34, 42, 50, 58,
|
||||
3, 11, 19, 27, 35, 43, 51, 59,
|
||||
4, 12, 20, 28, 36, 44, 52, 60,
|
||||
5, 13, 21, 29, 37, 45, 53, 61,
|
||||
6, 14, 22, 30, 38, 46, 54, 62,
|
||||
7, 15, 23, 31, 39, 47, 55, 63
|
||||
};
|
||||
|
||||
static const unsigned char Pi[256] = {
|
||||
252, 238, 221, 17, 207, 110, 49, 22,
|
||||
251, 196, 250, 218, 35, 197, 4, 77,
|
||||
233, 119, 240, 219, 147, 46, 153, 186,
|
||||
23, 54, 241, 187, 20, 205, 95, 193,
|
||||
249, 24, 101, 90, 226, 92, 239, 33,
|
||||
129, 28, 60, 66, 139, 1, 142, 79,
|
||||
5, 132, 2, 174, 227, 106, 143, 160,
|
||||
6, 11, 237, 152, 127, 212, 211, 31,
|
||||
235, 52, 44, 81, 234, 200, 72, 171,
|
||||
242, 42, 104, 162, 253, 58, 206, 204,
|
||||
181, 112, 14, 86, 8, 12, 118, 18,
|
||||
191, 114, 19, 71, 156, 183, 93, 135,
|
||||
21, 161, 150, 41, 16, 123, 154, 199,
|
||||
243, 145, 120, 111, 157, 158, 178, 177,
|
||||
50, 117, 25, 61, 255, 53, 138, 126,
|
||||
109, 84, 198, 128, 195, 189, 13, 87,
|
||||
223, 245, 36, 169, 62, 168, 67, 201,
|
||||
215, 121, 214, 246, 124, 34, 185, 3,
|
||||
224, 15, 236, 222, 122, 148, 176, 188,
|
||||
220, 232, 40, 80, 78, 51, 10, 74,
|
||||
167, 151, 96, 115, 30, 0, 98, 68,
|
||||
26, 184, 56, 130, 100, 159, 38, 65,
|
||||
173, 69, 70, 146, 39, 94, 85, 47,
|
||||
140, 163, 165, 125, 105, 213, 149, 59,
|
||||
7, 88, 179, 64, 134, 172, 29, 247,
|
||||
48, 55, 107, 228, 136, 217, 231, 137,
|
||||
225, 27, 131, 73, 76, 63, 248, 254,
|
||||
141, 83, 170, 144, 202, 216, 133, 97,
|
||||
32, 113, 103, 164, 45, 43, 9, 91,
|
||||
203, 155, 37, 208, 190, 229, 108, 82,
|
||||
89, 166, 116, 210, 230, 244, 180, 192,
|
||||
209, 102, 175, 194, 57, 75, 99, 182
|
||||
};
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,63 @@
|
|||
/*
|
||||
* Portable implementation of core functions for GOST R 34.11-2012.
|
||||
*
|
||||
* Copyright (c) 2013 Cryptocom LTD.
|
||||
* This file is distributed under the same license as OpenSSL.
|
||||
*
|
||||
* Author: Alexey Degtyarev <alexey@renatasystems.org>
|
||||
*
|
||||
*/
|
||||
|
||||
#ifdef __GOST3411_HAS_SSE2__
|
||||
# error "GOST R 34.11-2012: portable implementation disabled in config.h"
|
||||
#endif
|
||||
|
||||
#define X(x, y, z) { \
|
||||
z->QWORD[0] = x->QWORD[0] ^ y->QWORD[0]; \
|
||||
z->QWORD[1] = x->QWORD[1] ^ y->QWORD[1]; \
|
||||
z->QWORD[2] = x->QWORD[2] ^ y->QWORD[2]; \
|
||||
z->QWORD[3] = x->QWORD[3] ^ y->QWORD[3]; \
|
||||
z->QWORD[4] = x->QWORD[4] ^ y->QWORD[4]; \
|
||||
z->QWORD[5] = x->QWORD[5] ^ y->QWORD[5]; \
|
||||
z->QWORD[6] = x->QWORD[6] ^ y->QWORD[6]; \
|
||||
z->QWORD[7] = x->QWORD[7] ^ y->QWORD[7]; \
|
||||
}
|
||||
|
||||
#ifndef __GOST3411_BIG_ENDIAN__
|
||||
# define __XLPS_FOR for (_i = 0; _i <= 7; _i++)
|
||||
# define _datai _i
|
||||
#else
|
||||
# define __XLPS_FOR for (_i = 7; _i >= 0; _i--)
|
||||
# define _datai 7 - _i
|
||||
#endif
|
||||
|
||||
#define XLPS(x, y, data) { \
|
||||
register unsigned long long r0, r1, r2, r3, r4, r5, r6, r7; \
|
||||
int _i; \
|
||||
\
|
||||
r0 = x->QWORD[0] ^ y->QWORD[0]; \
|
||||
r1 = x->QWORD[1] ^ y->QWORD[1]; \
|
||||
r2 = x->QWORD[2] ^ y->QWORD[2]; \
|
||||
r3 = x->QWORD[3] ^ y->QWORD[3]; \
|
||||
r4 = x->QWORD[4] ^ y->QWORD[4]; \
|
||||
r5 = x->QWORD[5] ^ y->QWORD[5]; \
|
||||
r6 = x->QWORD[6] ^ y->QWORD[6]; \
|
||||
r7 = x->QWORD[7] ^ y->QWORD[7]; \
|
||||
\
|
||||
\
|
||||
__XLPS_FOR {\
|
||||
data->QWORD[_datai] = Ax[0][(r0 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[1][(r1 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[2][(r2 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[3][(r3 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[4][(r4 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[5][(r5 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[6][(r6 >> (_i << 3)) & 0xFF]; \
|
||||
data->QWORD[_datai] ^= Ax[7][(r7 >> (_i << 3)) & 0xFF]; \
|
||||
}\
|
||||
}
|
||||
|
||||
#define ROUND(i, Ki, data) { \
|
||||
XLPS(Ki, (&C[i]), Ki); \
|
||||
XLPS(Ki, data, data); \
|
||||
}
|
|
@ -0,0 +1,204 @@
|
|||
/*
|
||||
* Implementation of core functions for GOST R 34.11-2012 using SSE2.
|
||||
*
|
||||
* Copyright (c) 2013 Cryptocom LTD.
|
||||
* This file is distributed under the same license as OpenSSL.
|
||||
*
|
||||
* Author: Alexey Degtyarev <alexey@renatasystems.org>
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef __GOST3411_HAS_SSE2__
|
||||
# error "GOST R 34.11-2012: SSE2 not enabled"
|
||||
#endif
|
||||
|
||||
#include <mmintrin.h>
|
||||
#include <emmintrin.h>
|
||||
|
||||
#define LO(v) ((unsigned char) (v))
|
||||
#define HI(v) ((unsigned char) (((unsigned int) (v)) >> 8))
|
||||
|
||||
#ifdef __i386__
|
||||
# define EXTRACT EXTRACT32
|
||||
#else
|
||||
# define EXTRACT EXTRACT64
|
||||
#endif
|
||||
|
||||
#ifndef __ICC
|
||||
# define _mm_cvtsi64_m64(v) (__m64) v
|
||||
# define _mm_cvtm64_si64(v) (long long) v
|
||||
#endif
|
||||
|
||||
#define LOAD(P, xmm0, xmm1, xmm2, xmm3) { \
|
||||
const __m128i *__m128p = (const __m128i *) &P[0]; \
|
||||
xmm0 = _mm_load_si128(&__m128p[0]); \
|
||||
xmm1 = _mm_load_si128(&__m128p[1]); \
|
||||
xmm2 = _mm_load_si128(&__m128p[2]); \
|
||||
xmm3 = _mm_load_si128(&__m128p[3]); \
|
||||
}
|
||||
|
||||
#define UNLOAD(P, xmm0, xmm1, xmm2, xmm3) { \
|
||||
__m128i *__m128p = (__m128i *) &P[0]; \
|
||||
_mm_store_si128(&__m128p[0], xmm0); \
|
||||
_mm_store_si128(&__m128p[1], xmm1); \
|
||||
_mm_store_si128(&__m128p[2], xmm2); \
|
||||
_mm_store_si128(&__m128p[3], xmm3); \
|
||||
}
|
||||
|
||||
#define X128R(xmm0, xmm1, xmm2, xmm3, xmm4, xmm5, xmm6, xmm7) { \
|
||||
xmm0 = _mm_xor_si128(xmm0, xmm4); \
|
||||
xmm1 = _mm_xor_si128(xmm1, xmm5); \
|
||||
xmm2 = _mm_xor_si128(xmm2, xmm6); \
|
||||
xmm3 = _mm_xor_si128(xmm3, xmm7); \
|
||||
}
|
||||
|
||||
#define X128M(P, xmm0, xmm1, xmm2, xmm3) { \
|
||||
const __m128i *__m128p = (const __m128i *) &P[0]; \
|
||||
xmm0 = _mm_xor_si128(xmm0, _mm_load_si128(&__m128p[0])); \
|
||||
xmm1 = _mm_xor_si128(xmm1, _mm_load_si128(&__m128p[1])); \
|
||||
xmm2 = _mm_xor_si128(xmm2, _mm_load_si128(&__m128p[2])); \
|
||||
xmm3 = _mm_xor_si128(xmm3, _mm_load_si128(&__m128p[3])); \
|
||||
}
|
||||
|
||||
#define _mm_xor_64(mm0, mm1) _mm_xor_si64(mm0, _mm_cvtsi64_m64(mm1))
|
||||
|
||||
#define EXTRACT32(row, xmm0, xmm1, xmm2, xmm3, xmm4) { \
|
||||
register unsigned short ax; \
|
||||
__m64 mm0, mm1; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm0, row + 0); \
|
||||
mm0 = _mm_cvtsi64_m64(Ax[0][LO(ax)]); \
|
||||
mm1 = _mm_cvtsi64_m64(Ax[0][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm0, row + 4); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[1][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[1][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm1, row + 0); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[2][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[2][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm1, row + 4); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[3][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[3][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm2, row + 0); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[4][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[4][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm2, row + 4); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[5][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[5][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm3, row + 0); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[6][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[6][HI(ax)]); \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm3, row + 4); \
|
||||
mm0 = _mm_xor_64(mm0, Ax[7][LO(ax)]); \
|
||||
mm1 = _mm_xor_64(mm1, Ax[7][HI(ax)]); \
|
||||
\
|
||||
xmm4 = _mm_set_epi64(mm1, mm0); \
|
||||
}
|
||||
|
||||
#define __EXTRACT64(row, xmm0, xmm1, xmm2, xmm3, xmm4) { \
|
||||
__m128i tmm4; \
|
||||
register unsigned long long r0, r1; \
|
||||
r0 = Ax[0][_mm_extract_epi8(xmm0, row + 0)]; \
|
||||
r0 ^= Ax[1][_mm_extract_epi8(xmm0, row + 8)]; \
|
||||
r0 ^= Ax[2][_mm_extract_epi8(xmm1, row + 0)]; \
|
||||
r0 ^= Ax[3][_mm_extract_epi8(xmm1, row + 8)]; \
|
||||
r0 ^= Ax[4][_mm_extract_epi8(xmm2, row + 0)]; \
|
||||
r0 ^= Ax[5][_mm_extract_epi8(xmm2, row + 8)]; \
|
||||
r0 ^= Ax[6][_mm_extract_epi8(xmm3, row + 0)]; \
|
||||
r0 ^= Ax[7][_mm_extract_epi8(xmm3, row + 8)]; \
|
||||
\
|
||||
r1 = Ax[0][_mm_extract_epi8(xmm0, row + 1)]; \
|
||||
r1 ^= Ax[1][_mm_extract_epi8(xmm0, row + 9)]; \
|
||||
r1 ^= Ax[2][_mm_extract_epi8(xmm1, row + 1)]; \
|
||||
r1 ^= Ax[3][_mm_extract_epi8(xmm1, row + 9)]; \
|
||||
r1 ^= Ax[4][_mm_extract_epi8(xmm2, row + 1)]; \
|
||||
r1 ^= Ax[5][_mm_extract_epi8(xmm2, row + 9)]; \
|
||||
r1 ^= Ax[6][_mm_extract_epi8(xmm3, row + 1)]; \
|
||||
r1 ^= Ax[7][_mm_extract_epi8(xmm3, row + 9)]; \
|
||||
xmm4 = _mm_cvtsi64_si128((long long) r0); \
|
||||
tmm4 = _mm_cvtsi64_si128((long long) r1); \
|
||||
xmm4 = _mm_unpacklo_epi64(xmm4, tmm4); \
|
||||
}
|
||||
|
||||
#define EXTRACT64(row, xmm0, xmm1, xmm2, xmm3, xmm4) { \
|
||||
__m128i tmm4; \
|
||||
register unsigned short ax; \
|
||||
register unsigned long long r0, r1; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm0, row + 0); \
|
||||
r0 = Ax[0][LO(ax)]; \
|
||||
r1 = Ax[0][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm0, row + 4); \
|
||||
r0 ^= Ax[1][LO(ax)]; \
|
||||
r1 ^= Ax[1][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm1, row + 0); \
|
||||
r0 ^= Ax[2][LO(ax)]; \
|
||||
r1 ^= Ax[2][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm1, row + 4); \
|
||||
r0 ^= Ax[3][LO(ax)]; \
|
||||
r1 ^= Ax[3][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm2, row + 0); \
|
||||
r0 ^= Ax[4][LO(ax)]; \
|
||||
r1 ^= Ax[4][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm2, row + 4); \
|
||||
r0 ^= Ax[5][LO(ax)]; \
|
||||
r1 ^= Ax[5][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm3, row + 0); \
|
||||
r0 ^= Ax[6][LO(ax)]; \
|
||||
r1 ^= Ax[6][HI(ax)]; \
|
||||
\
|
||||
ax = (unsigned short) _mm_extract_epi16(xmm3, row + 4); \
|
||||
r0 ^= Ax[7][LO(ax)]; \
|
||||
r1 ^= Ax[7][HI(ax)]; \
|
||||
\
|
||||
xmm4 = _mm_cvtsi64_si128((long long) r0); \
|
||||
tmm4 = _mm_cvtsi64_si128((long long) r1); \
|
||||
xmm4 = _mm_unpacklo_epi64(xmm4, tmm4); \
|
||||
}
|
||||
|
||||
#define XLPS128M(P, xmm0, xmm1, xmm2, xmm3) { \
|
||||
__m128i tmm0, tmm1, tmm2, tmm3; \
|
||||
X128M(P, xmm0, xmm1, xmm2, xmm3); \
|
||||
\
|
||||
EXTRACT(0, xmm0, xmm1, xmm2, xmm3, tmm0); \
|
||||
EXTRACT(1, xmm0, xmm1, xmm2, xmm3, tmm1); \
|
||||
EXTRACT(2, xmm0, xmm1, xmm2, xmm3, tmm2); \
|
||||
EXTRACT(3, xmm0, xmm1, xmm2, xmm3, tmm3); \
|
||||
\
|
||||
xmm0 = tmm0; \
|
||||
xmm1 = tmm1; \
|
||||
xmm2 = tmm2; \
|
||||
xmm3 = tmm3; \
|
||||
}
|
||||
|
||||
#define XLPS128R(xmm0, xmm1, xmm2, xmm3, xmm4, xmm5, xmm6, xmm7) { \
|
||||
__m128i tmm0, tmm1, tmm2, tmm3; \
|
||||
X128R(xmm4, xmm5, xmm6, xmm7, xmm0, xmm1, xmm2, xmm3); \
|
||||
\
|
||||
EXTRACT(0, xmm4, xmm5, xmm6, xmm7, tmm0); \
|
||||
EXTRACT(1, xmm4, xmm5, xmm6, xmm7, tmm1); \
|
||||
EXTRACT(2, xmm4, xmm5, xmm6, xmm7, tmm2); \
|
||||
EXTRACT(3, xmm4, xmm5, xmm6, xmm7, tmm3); \
|
||||
\
|
||||
xmm4 = tmm0; \
|
||||
xmm5 = tmm1; \
|
||||
xmm6 = tmm2; \
|
||||
xmm7 = tmm3; \
|
||||
}
|
||||
|
||||
#define ROUND128(i, xmm0, xmm2, xmm4, xmm6, xmm1, xmm3, xmm5, xmm7) { \
|
||||
XLPS128M((&C[i]), xmm0, xmm2, xmm4, xmm6); \
|
||||
XLPS128R(xmm0, xmm2, xmm4, xmm6, xmm1, xmm3, xmm5, xmm7); \
|
||||
}
|
Loading…
Reference in New Issue