** This algorithm and source code is released to the public domain.
**
***************************************************************************
-**
+**
** The following compile-time switches may be defined to control some
** tradeoffs between speed, code size, error checking, and security.
**
** [default: no callouts (no overhead)]
**
** SKEIN_ERR_CHECK -- how error checking is handled inside Skein
-** code. If not defined, most error checking
-** is disabled (for performance). Otherwise,
+** code. If not defined, most error checking
+** is disabled (for performance). Otherwise,
** the switch value is interpreted as:
** 0: use assert() to flag errors
** 1: return SKEIN_FAIL to flag errors
** After an InitExt() call, just use Update/Final calls as with Init().
**
** Notes: Same parameters as _Init() calls, plus treeInfo/key/keyBytes.
-** When keyBytes == 0 and treeInfo == SKEIN_SEQUENTIAL,
+** When keyBytes == 0 and treeInfo == SKEIN_SEQUENTIAL,
** the results of InitExt() are identical to calling Init().
** The function Init() may be called once to "precompute" the IV for
** a given hashBitLen value, then by saving a copy of the context
** the IV computation may be avoided in later calls.
-** Similarly, the function InitExt() may be called once per MAC key
+** Similarly, the function InitExt() may be called once per MAC key
** to precompute the MAC IV, then a copy of the context saved and
** reused for each new MAC computation.
**/
/*****************************************************************
** "Internal" Skein definitions
-** -- not needed for sequential hashing API, but will be
+** -- not needed for sequential hashing API, but will be
** helpful for other uses of Skein (e.g., tree hash mode).
** -- included here so that they can be shared between
** reference and optimized code.
/*****************************************************************
** Skein block function constants (shared across Ref and Opt code)
******************************************************************/
-enum
- {
+enum
+ {
/* Skein_256 round rotation constants */
R_256_0_0 = 14, R_256_0_1 = 16,
R_256_1_0 = 52, R_256_1_1 = 57,
* of Skein. The design and the way to use the functions follow the openSSL
* design but at the same time take care of some Skein specific behaviour
* and possibilities.
- *
+ *
* The functions enable applications to create a normal Skein hashes and
* message authentication codes (MAC).
- *
+ *
* Using these functions is simple and straight forward:
- *
+ *
* @code
- *
+ *
* #include <skeinApi.h>
- *
+ *
* ...
* struct skein_ctx ctx; // a Skein hash or MAC context
- *
+ *
* // prepare context, here for a Skein with a state size of 512 bits.
* skeinCtxPrepare(&ctx, Skein512);
- *
+ *
* // Initialize the context to set the requested hash length in bits
* // here request a output hash size of 31 bits (Skein supports variable
* // output sizes even very strange sizes)
* skeinInit(&ctx, 31);
- *
+ *
* // Now update Skein with any number of message bits. A function that
* // takes a number of bytes is also available.
* skeinUpdateBits(&ctx, message, msgLength);
- *
+ *
* // Now get the result of the Skein hash. The output buffer must be
* // large enough to hold the request number of output bits. The application
* // may now extract the bits.
* skeinFinal(&ctx, result);
* ...
* @endcode
- *
+ *
* An application may use @c skeinReset to reset a Skein context and use
* it for creation of another hash with the same Skein state size and output
* bit length. In this case the API implementation restores some internal
* internal state data and saves a full Skein initialization round.
- *
- * To create a MAC the application just uses @c skeinMacInit instead of
+ *
+ * To create a MAC the application just uses @c skeinMacInit instead of
* @c skeinInit. All other functions calls remain the same.
- *
+ *
*/
#include <linux/types.h>
/**
* Prepare a Skein context.
- *
+ *
* An application must call this function before it can use the Skein
* context. The functions clears memory and initializes size dependent
* variables.
/**
* Initialize a Skein context.
*
- * Initializes the context with this data and saves the resulting Skein
+ * Initializes the context with this data and saves the resulting Skein
* state variables for further use.
*
* @param ctx
/**
* Resets a Skein context for further use.
- *
- * Restores the saved chaining variables to reset the Skein context.
- * Thus applications can reuse the same setup to process several
+ *
+ * Restores the saved chaining variables to reset the Skein context.
+ * Thus applications can reuse the same setup to process several
* messages. This saves a complete Skein initialization cycle.
- *
+ *
* @param ctx
* Pointer to a pre-initialized Skein MAC context
*/
/**
* Initializes a Skein context for MAC usage.
- *
- * Initializes the context with this data and saves the resulting Skein
+ *
+ * Initializes the context with this data and saves the resulting Skein
* state variables for further use.
*
* Applications call the normal Skein functions to update the MAC and
/**
* Finalize Skein and return the hash.
- *
+ *
* Before an application can reuse a Skein setup the application must
* reset the Skein context.
*
* @{
*
* This API and the functions that implement this API simplify the usage
- * of the Threefish cipher. The design and the way to use the functions
+ * of the Threefish cipher. The design and the way to use the functions
* follow the openSSL design but at the same time take care of some Threefish
* specific behaviour and possibilities.
*
* These are the low level functions that deal with Threefisch blocks only.
- * Implementations for cipher modes such as ECB, CFB, or CBC may use these
+ * Implementations for cipher modes such as ECB, CFB, or CBC may use these
* functions.
- *
+ *
@code
// Threefish cipher context data
struct threefish_key keyCtx;
/**
* Context for Threefish key and tweak words.
- *
+ *
* This structure was setup with some know-how of the internal
* Skein structures, in particular ordering of header and size dependent
* variables. If Skein implementation changes this, the adapt these
/**
* Set Threefish key and tweak data.
- *
+ *
* This function sets the key and tweak data for the Threefish cipher of
* the given size. The key data must have the same length (number of bits)
- * as the state size
+ * as the state size
*
* @param keyCtx
* Pointer to a Threefish key structure.
/**
* Encrypt Threefisch block (bytes).
- *
- * The buffer must have at least the same length (number of bits) aas the
+ *
+ * The buffer must have at least the same length (number of bits) aas the
* state size for this key. The function uses the first @c stateSize bits
* of the input buffer, encrypts them and stores the result in the output
* buffer.
- *
+ *
* @param keyCtx
* Pointer to a Threefish key structure.
* @param in
/**
* Encrypt Threefisch block (words).
- *
- * The buffer must have at least the same length (number of bits) aas the
+ *
+ * The buffer must have at least the same length (number of bits) aas the
* state size for this key. The function uses the first @c stateSize bits
* of the input buffer, encrypts them and stores the result in the output
* buffer.
- *
+ *
* The wordsize ist set to 64 bits.
- *
+ *
* @param keyCtx
* Pointer to a Threefish key structure.
* @param in
/**
* Decrypt Threefisch block (bytes).
- *
- * The buffer must have at least the same length (number of bits) aas the
+ *
+ * The buffer must have at least the same length (number of bits) aas the
* state size for this key. The function uses the first @c stateSize bits
* of the input buffer, decrypts them and stores the result in the output
* buffer
- *
+ *
* @param keyCtx
* Pointer to a Threefish key structure.
* @param in
/**
* Decrypt Threefisch block (words).
- *
- * The buffer must have at least the same length (number of bits) aas the
+ *
+ * The buffer must have at least the same length (number of bits) aas the
* state size for this key. The function uses the first @c stateSize bits
* of the input buffer, encrypts them and stores the result in the output
* buffer.
- *
+ *
* The wordsize ist set to 64 bits.
- *
+ *
* @param keyCtx
* Pointer to a Threefish key structure.
* @param in
carry += words[i];
words[i] = carry;
carry >>= 32;
- }
+ }
tweak[0] = words[0] & 0xffffffffL;
tweak[0] |= (words[1] & 0xffffffffL) << 32;
tweak[1] |= words[2] & 0xffffffffL;
carry += words[i];
words[i] = carry;
carry >>= 32;
- }
+ }
tweak[0] = words[0] & 0xffffffffL;
tweak[0] |= (words[1] & 0xffffffffL) << 32;
tweak[1] |= words[2] & 0xffffffffL;
carry += words[i];
words[i] = carry;
carry >>= 32;
- }
+ }
tweak[0] = words[0] & 0xffffffffL;
tweak[0] |= (words[1] & 0xffffffffL) << 32;
tweak[1] |= words[2] & 0xffffffffL;
#define BLK_BITS (WCNT*64) /* some useful definitions for code here */
#define KW_TWK_BASE (0)
#define KW_KEY_BASE (3)
-#define ks (kw + KW_KEY_BASE)
+#define ks (kw + KW_KEY_BASE)
#define ts (kw + KW_TWK_BASE)
#ifdef SKEIN_DEBUG
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
- ks[0] = ctx->X[0];
+ ks[0] = ctx->X[0];
ks[1] = ctx->X[1];
ks[2] = ctx->X[2];
ks[3] = ctx->X[3];
X##p0 += X##p1; X##p1 = RotL_64(X##p1, ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3, ROT##_1); X##p3 ^= X##p2; \
-#if SKEIN_UNROLL_256 == 0
+#if SKEIN_UNROLL_256 == 0
#define R256(p0, p1, p2, p3, ROT, rNum) /* fully unrolled */ \
Round256(p0, p1, p2, p3, ROT, rNum) \
Skein_Show_R_Ptr(BLK_BITS, &ctx->h, rNum, Xptr);
Skein_Show_R_Ptr(BLK_BITS, &ctx->h, SKEIN_RND_KEY_INJECT, Xptr);
for (r = 1; r < 2 * RCNT; r += 2 * SKEIN_UNROLL_256) /* loop thru it */
-#endif
- {
+#endif
+ {
#define R256_8_rounds(R) \
R256(0, 1, 2, 3, R_256_0, 8 * (R) + 1); \
R256(0, 3, 2, 1, R_256_1, 8 * (R) + 2); \
ks[5] = ctx->X[5];
ks[6] = ctx->X[6];
ks[7] = ctx->X[7];
- ks[8] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^
+ ks[8] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^
ks[4] ^ ks[5] ^ ks[6] ^ ks[7] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
X##p4 += X##p5; X##p5 = RotL_64(X##p5, ROT##_2); X##p5 ^= X##p4; \
X##p6 += X##p7; X##p7 = RotL_64(X##p7, ROT##_3); X##p7 ^= X##p6; \
-#if SKEIN_UNROLL_512 == 0
+#if SKEIN_UNROLL_512 == 0
#define R512(p0, p1, p2, p3, p4, p5, p6, p7, ROT, rNum) /* unrolled */ \
Round512(p0, p1, p2, p3, p4, p5, p6, p7, ROT, rNum) \
Skein_Show_R_Ptr(BLK_BITS, &ctx->h, rNum, Xptr);
X##pC += X##pD; X##pD = RotL_64(X##pD, ROT##_6); X##pD ^= X##pC; \
X##pE += X##pF; X##pF = RotL_64(X##pF, ROT##_7); X##pF ^= X##pE; \
-#if SKEIN_UNROLL_1024 == 0
+#if SKEIN_UNROLL_1024 == 0
#define R1024(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, pA, pB, pC, pD, pE, pF, ROT, rn) \
Round1024(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, pA, pB, pC, pD, pE, pF, ROT, rn) \
Skein_Show_R_Ptr(BLK_BITS, &ctx->h, rn, Xptr);
X13 += ks[((R) + 14) % 17] + ts[((R) + 1) % 3]; \
X14 += ks[((R) + 15) % 17] + ts[((R) + 2) % 3]; \
X15 += ks[((R) + 16) % 17] + (R) + 1; \
- Skein_Show_R_Ptr(BLK_BITS, &ctx->h, SKEIN_RND_KEY_INJECT, Xptr);
+ Skein_Show_R_Ptr(BLK_BITS, &ctx->h, SKEIN_RND_KEY_INJECT, Xptr);
#else /* looping version */
#define R1024(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, pA, pB, pC, pD, pE, pF, ROT, rn) \
Round1024(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, pA, pB, pC, pD, pE, pF, ROT, rn) \
Skein_Show_R_Ptr(BLK_BITSi, &ctx->h, SKEIN_RND_KEY_INJECT, Xptr);
for (r = 1; r <= 2 * RCNT; r += 2 * SKEIN_UNROLL_1024) /* loop thru it */
-#endif
+#endif
{
#define R1024_8_rounds(R) /* do 8 full rounds */ \
R1024(00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, R1024_0, 8*(R) + 1); \