/**
* initialise
*
* @param forEncryption whether or not we are for encryption.
* @param params the parameters required to set up the cipher.
* @exception ArgumentException if the params argument is
* inappropriate.
*/
public virtual void Init(bool forEncryption, ICipherParameters parameters)
{
if (!(parameters is KeyParameter))
{
throw new ArgumentException("Invalid parameters passed to Noekeon init - "
+ Platform.GetTypeName(parameters), "parameters");
}
this._forEncryption = forEncryption;
this._initialised = true;
KeyParameter p = (KeyParameter)parameters;
Pack.BE_To_UInt32(p.GetKey(), 0, k, 0, 4);
if (!forEncryption)
{
// theta(k, new uint[]{ 0x00, 0x00, 0x00, 0x00 });
{
uint a0 = k[0], a1 = k[1], a2 = k[2], a3 = k[3];
uint t = a0 ^ a2;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a1 ^= t;
a3 ^= t;
t = a1 ^ a3;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a0 ^= t;
a2 ^= t;
k[0] = a0; k[1] = a1; k[2] = a2; k[3] = a3;
}
}
}
/**
* initialise
*
* @param forEncryption whether or not we are for encryption.
* @param params the parameters required to set up the cipher.
* @exception ArgumentException if the params argument is
* inappropriate.
*/
public virtual void Init(bool forEncryption, ICipherParameters parameters)
{
if (!(parameters is KeyParameter))
{
throw new ArgumentException("Invalid parameters passed to Noekeon init - "
+ Platform.GetTypeName(parameters), "parameters");
}
KeyParameter p = (KeyParameter)parameters;
byte[] key = p.GetKey();
if (key.Length != 16)
{
throw new ArgumentException("Key length not 128 bits.");
}
Pack.BE_To_UInt32(key, 0, k, 0, 4);
if (!forEncryption)
{
// theta(k, new uint[]{ 0x00, 0x00, 0x00, 0x00 });
{
uint a0 = k[0], a1 = k[1], a2 = k[2], a3 = k[3];
uint t02 = a0 ^ a2;
t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24);
uint t13 = a1 ^ a3;
t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24);
a0 ^= t13;
a1 ^= t02;
a2 ^= t13;
a3 ^= t02;
k[0] = a0; k[1] = a1; k[2] = a2; k[3] = a3;
}
}
this._forEncryption = forEncryption;
this._initialised = true;
}
public override int GetHashCode()
{
return(Field.GetHashCode()
^ Integers.RotateLeft(A.ToBigInteger().GetHashCode(), 8)
^ Integers.RotateLeft(B.ToBigInteger().GetHashCode(), 16));
}
public override int GetHashCode() => (this.subfield.GetHashCode() ^ Integers.RotateLeft(this.minimalPolynomial.GetHashCode(), 0x10));
public override int GetHashCode()
{
return(subfield.GetHashCode() ^ Integers.RotateLeft(minimalPolynomial.GetHashCode(), 16));
}
private int DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
uint a0 = Pack.BE_To_UInt32(input, inOff);
uint a1 = Pack.BE_To_UInt32(input, inOff + 4);
uint a2 = Pack.BE_To_UInt32(input, inOff + 8);
uint a3 = Pack.BE_To_UInt32(input, inOff + 12);
uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3];
int round = Size;
uint t;
for (;;)
{
// theta(a, k);
{
t = a0 ^ a2;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a1 ^= t;
a3 ^= t;
a0 ^= k0;
a1 ^= k1;
a2 ^= k2;
a3 ^= k3;
t = a1 ^ a3;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a0 ^= t;
a2 ^= t;
}
a0 ^= RoundConstants[round];
if (--round < 0)
{
break;
}
// pi1(a);
{
a1 = Integers.RotateLeft(a1, 1);
a2 = Integers.RotateLeft(a2, 5);
a3 = Integers.RotateLeft(a3, 2);
}
// gamma(a);
{
a1 ^= ~a3 & ~a2;
a0 ^= a2 & a1;
t = a3; a3 = a0; a0 = t;
a2 ^= a0 ^ a1 ^ a3;
a1 ^= ~a3 & ~a2;
a0 ^= a2 & a1;
}
// pi2(a);
{
a1 = Integers.RotateLeft(a1, 31);
a2 = Integers.RotateLeft(a2, 27);
a3 = Integers.RotateLeft(a3, 30);
}
}
Pack.UInt32_To_BE(a0, output, outOff);
Pack.UInt32_To_BE(a1, output, outOff + 4);
Pack.UInt32_To_BE(a2, output, outOff + 8);
Pack.UInt32_To_BE(a3, output, outOff + 12);
return(Size);
}
private static uint L_ap(uint B)
{
return(B ^ Integers.RotateLeft(B, 13) ^ Integers.RotateLeft(B, 23));
}
// Linear substitution L
private static uint L(uint B)
{
return(B ^ Integers.RotateLeft(B, 2) ^ Integers.RotateLeft(B, 10) ^ Integers.RotateLeft(B, 18) ^ Integers.RotateLeft(B, 24));
}
public override int GetHashCode()
{
return(((object)subfield).GetHashCode() ^ Integers.RotateLeft(((object)minimalPolynomial).GetHashCode(), 16));
}
/// <summary>
/// ChaCha function.
/// </summary>
/// <param name="rounds">The number of ChaCha rounds to execute</param>
/// <param name="input">The input words.</param>
/// <param name="x">The ChaCha state to modify.</param>
internal static void ChachaCore(int rounds, uint[] input, uint[] x)
{
if (input.Length != 16)
{
throw new ArgumentException();
}
if (x.Length != 16)
{
throw new ArgumentException();
}
if (rounds % 2 != 0)
{
throw new ArgumentException("Number of rounds must be even");
}
uint x00 = input[0];
uint x01 = input[1];
uint x02 = input[2];
uint x03 = input[3];
uint x04 = input[4];
uint x05 = input[5];
uint x06 = input[6];
uint x07 = input[7];
uint x08 = input[8];
uint x09 = input[9];
uint x10 = input[10];
uint x11 = input[11];
uint x12 = input[12];
uint x13 = input[13];
uint x14 = input[14];
uint x15 = input[15];
for (int i = rounds; i > 0; i -= 2)
{
x00 += x04; x12 = Integers.RotateLeft(x12 ^ x00, 16);
x08 += x12; x04 = Integers.RotateLeft(x04 ^ x08, 12);
x00 += x04; x12 = Integers.RotateLeft(x12 ^ x00, 8);
x08 += x12; x04 = Integers.RotateLeft(x04 ^ x08, 7);
x01 += x05; x13 = Integers.RotateLeft(x13 ^ x01, 16);
x09 += x13; x05 = Integers.RotateLeft(x05 ^ x09, 12);
x01 += x05; x13 = Integers.RotateLeft(x13 ^ x01, 8);
x09 += x13; x05 = Integers.RotateLeft(x05 ^ x09, 7);
x02 += x06; x14 = Integers.RotateLeft(x14 ^ x02, 16);
x10 += x14; x06 = Integers.RotateLeft(x06 ^ x10, 12);
x02 += x06; x14 = Integers.RotateLeft(x14 ^ x02, 8);
x10 += x14; x06 = Integers.RotateLeft(x06 ^ x10, 7);
x03 += x07; x15 = Integers.RotateLeft(x15 ^ x03, 16);
x11 += x15; x07 = Integers.RotateLeft(x07 ^ x11, 12);
x03 += x07; x15 = Integers.RotateLeft(x15 ^ x03, 8);
x11 += x15; x07 = Integers.RotateLeft(x07 ^ x11, 7);
x00 += x05; x15 = Integers.RotateLeft(x15 ^ x00, 16);
x10 += x15; x05 = Integers.RotateLeft(x05 ^ x10, 12);
x00 += x05; x15 = Integers.RotateLeft(x15 ^ x00, 8);
x10 += x15; x05 = Integers.RotateLeft(x05 ^ x10, 7);
x01 += x06; x12 = Integers.RotateLeft(x12 ^ x01, 16);
x11 += x12; x06 = Integers.RotateLeft(x06 ^ x11, 12);
x01 += x06; x12 = Integers.RotateLeft(x12 ^ x01, 8);
x11 += x12; x06 = Integers.RotateLeft(x06 ^ x11, 7);
x02 += x07; x13 = Integers.RotateLeft(x13 ^ x02, 16);
x08 += x13; x07 = Integers.RotateLeft(x07 ^ x08, 12);
x02 += x07; x13 = Integers.RotateLeft(x13 ^ x02, 8);
x08 += x13; x07 = Integers.RotateLeft(x07 ^ x08, 7);
x03 += x04; x14 = Integers.RotateLeft(x14 ^ x03, 16);
x09 += x14; x04 = Integers.RotateLeft(x04 ^ x09, 12);
x03 += x04; x14 = Integers.RotateLeft(x14 ^ x03, 8);
x09 += x14; x04 = Integers.RotateLeft(x04 ^ x09, 7);
}
x[0] = x00 + input[0];
x[1] = x01 + input[1];
x[2] = x02 + input[2];
x[3] = x03 + input[3];
x[4] = x04 + input[4];
x[5] = x05 + input[5];
x[6] = x06 + input[6];
x[7] = x07 + input[7];
x[8] = x08 + input[8];
x[9] = x09 + input[9];
x[10] = x10 + input[10];
x[11] = x11 + input[11];
x[12] = x12 + input[12];
x[13] = x13 + input[13];
x[14] = x14 + input[14];
x[15] = x15 + input[15];
}
public override int GetHashCode() => ((this.Field.GetHashCode() ^ Integers.RotateLeft(this.A.ToBigInteger().GetHashCode(), 8)) ^ Integers.RotateLeft(this.B.ToBigInteger().GetHashCode(), 0x10));
internal static void SalsaCore(int rounds, uint[] input, uint[] x)
{
if (input.Length != 16)
{
throw new ArgumentException();
}
if (x.Length != 16)
{
throw new ArgumentException();
}
if (rounds % 2 != 0)
{
throw new ArgumentException("Number of rounds must be even");
}
uint x00 = input[0];
uint x01 = input[1];
uint x02 = input[2];
uint x03 = input[3];
uint x04 = input[4];
uint x05 = input[5];
uint x06 = input[6];
uint x07 = input[7];
uint x08 = input[8];
uint x09 = input[9];
uint x10 = input[10];
uint x11 = input[11];
uint x12 = input[12];
uint x13 = input[13];
uint x14 = input[14];
uint x15 = input[15];
for (int i = rounds; i > 0; i -= 2)
{
x04 ^= Integers.RotateLeft((x00 + x12), 7);
x08 ^= Integers.RotateLeft((x04 + x00), 9);
x12 ^= Integers.RotateLeft((x08 + x04), 13);
x00 ^= Integers.RotateLeft((x12 + x08), 18);
x09 ^= Integers.RotateLeft((x05 + x01), 7);
x13 ^= Integers.RotateLeft((x09 + x05), 9);
x01 ^= Integers.RotateLeft((x13 + x09), 13);
x05 ^= Integers.RotateLeft((x01 + x13), 18);
x14 ^= Integers.RotateLeft((x10 + x06), 7);
x02 ^= Integers.RotateLeft((x14 + x10), 9);
x06 ^= Integers.RotateLeft((x02 + x14), 13);
x10 ^= Integers.RotateLeft((x06 + x02), 18);
x03 ^= Integers.RotateLeft((x15 + x11), 7);
x07 ^= Integers.RotateLeft((x03 + x15), 9);
x11 ^= Integers.RotateLeft((x07 + x03), 13);
x15 ^= Integers.RotateLeft((x11 + x07), 18);
x01 ^= Integers.RotateLeft((x00 + x03), 7);
x02 ^= Integers.RotateLeft((x01 + x00), 9);
x03 ^= Integers.RotateLeft((x02 + x01), 13);
x00 ^= Integers.RotateLeft((x03 + x02), 18);
x06 ^= Integers.RotateLeft((x05 + x04), 7);
x07 ^= Integers.RotateLeft((x06 + x05), 9);
x04 ^= Integers.RotateLeft((x07 + x06), 13);
x05 ^= Integers.RotateLeft((x04 + x07), 18);
x11 ^= Integers.RotateLeft((x10 + x09), 7);
x08 ^= Integers.RotateLeft((x11 + x10), 9);
x09 ^= Integers.RotateLeft((x08 + x11), 13);
x10 ^= Integers.RotateLeft((x09 + x08), 18);
x12 ^= Integers.RotateLeft((x15 + x14), 7);
x13 ^= Integers.RotateLeft((x12 + x15), 9);
x14 ^= Integers.RotateLeft((x13 + x12), 13);
x15 ^= Integers.RotateLeft((x14 + x13), 18);
}
x[0] = x00 + input[0];
x[1] = x01 + input[1];
x[2] = x02 + input[2];
x[3] = x03 + input[3];
x[4] = x04 + input[4];
x[5] = x05 + input[5];
x[6] = x06 + input[6];
x[7] = x07 + input[7];
x[8] = x08 + input[8];
x[9] = x09 + input[9];
x[10] = x10 + input[10];
x[11] = x11 + input[11];
x[12] = x12 + input[12];
x[13] = x13 + input[13];
x[14] = x14 + input[14];
x[15] = x15 + input[15];
}
private int EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
uint a0 = Pack.BE_To_UInt32(input, inOff);
uint a1 = Pack.BE_To_UInt32(input, inOff + 4);
uint a2 = Pack.BE_To_UInt32(input, inOff + 8);
uint a3 = Pack.BE_To_UInt32(input, inOff + 12);
uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3];
int round = 0;
for (;;)
{
a0 ^= RoundConstants[round];
// theta(a, k);
{
uint t02 = a0 ^ a2;
t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24);
a0 ^= k0;
a1 ^= k1;
a2 ^= k2;
a3 ^= k3;
uint t13 = a1 ^ a3;
t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24);
a0 ^= t13;
a1 ^= t02;
a2 ^= t13;
a3 ^= t02;
}
if (++round > Size)
{
break;
}
// pi1(a);
{
a1 = Integers.RotateLeft(a1, 1);
a2 = Integers.RotateLeft(a2, 5);
a3 = Integers.RotateLeft(a3, 2);
}
// gamma(a);
{
uint t = a3;
a1 ^= a3 | a2;
a3 = a0 ^ (a2 & ~a1);
a2 = t ^ ~a1 ^ a2 ^ a3;
a1 ^= a3 | a2;
a0 = t ^ (a2 & a1);
}
// pi2(a);
{
a1 = Integers.RotateLeft(a1, 31);
a2 = Integers.RotateLeft(a2, 27);
a3 = Integers.RotateLeft(a3, 30);
}
}
Pack.UInt32_To_BE(a0, output, outOff);
Pack.UInt32_To_BE(a1, output, outOff + 4);
Pack.UInt32_To_BE(a2, output, outOff + 8);
Pack.UInt32_To_BE(a3, output, outOff + 12);
return(Size);
}
