/**
* Expand a user-supplied key material into a session key.
*
* @param key The user-key bytes (multiples of 4) to use.
* @exception ArgumentException
*/
protected override int[] MakeWorkingKey(byte[] key)
{
//
// pad key to 256 bits
//
int[] kPad = new int[16];
int off = 0;
int length = 0;
for (off = key.Length - 4; off > 0; off -= 4)
{
kPad[length++] = (int)Pack.BE_To_UInt32(key, off);
}
if (off == 0)
{
kPad[length++] = (int)Pack.BE_To_UInt32(key, 0);
if (length < 8)
{
kPad[length] = 1;
}
}
else
{
throw new ArgumentException("key must be a multiple of 4 bytes");
}
//
// expand the padded key up to 33 x 128 bits of key material
//
int amount = (ROUNDS + 1) * 4;
int[] w = new int[amount];
//
// compute w0 to w7 from w-8 to w-1
//
for (int i = 8; i < 16; i++)
{
kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
}
Array.Copy(kPad, 8, w, 0, 8);
//
// compute w8 to w136
//
for (int i = 8; i < amount; i++)
{
w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
}
//
// create the working keys by processing w with the Sbox and IP
//
Sb3(w[0], w[1], w[2], w[3]);
w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3;
Sb2(w[4], w[5], w[6], w[7]);
w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3;
Sb1(w[8], w[9], w[10], w[11]);
w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3;
Sb0(w[12], w[13], w[14], w[15]);
w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3;
Sb7(w[16], w[17], w[18], w[19]);
w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3;
Sb6(w[20], w[21], w[22], w[23]);
w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3;
Sb5(w[24], w[25], w[26], w[27]);
w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3;
Sb4(w[28], w[29], w[30], w[31]);
w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3;
Sb3(w[32], w[33], w[34], w[35]);
w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3;
Sb2(w[36], w[37], w[38], w[39]);
w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3;
Sb1(w[40], w[41], w[42], w[43]);
w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3;
Sb0(w[44], w[45], w[46], w[47]);
w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3;
Sb7(w[48], w[49], w[50], w[51]);
w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3;
Sb6(w[52], w[53], w[54], w[55]);
w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3;
Sb5(w[56], w[57], w[58], w[59]);
w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3;
Sb4(w[60], w[61], w[62], w[63]);
w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3;
Sb3(w[64], w[65], w[66], w[67]);
w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3;
Sb2(w[68], w[69], w[70], w[71]);
w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3;
Sb1(w[72], w[73], w[74], w[75]);
w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3;
Sb0(w[76], w[77], w[78], w[79]);
w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3;
Sb7(w[80], w[81], w[82], w[83]);
w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3;
Sb6(w[84], w[85], w[86], w[87]);
w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3;
Sb5(w[88], w[89], w[90], w[91]);
w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3;
Sb4(w[92], w[93], w[94], w[95]);
w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3;
Sb3(w[96], w[97], w[98], w[99]);
w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3;
Sb2(w[100], w[101], w[102], w[103]);
w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3;
Sb1(w[104], w[105], w[106], w[107]);
w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3;
Sb0(w[108], w[109], w[110], w[111]);
w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3;
Sb7(w[112], w[113], w[114], w[115]);
w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3;
Sb6(w[116], w[117], w[118], w[119]);
w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3;
Sb5(w[120], w[121], w[122], w[123]);
w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3;
Sb4(w[124], w[125], w[126], w[127]);
w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3;
Sb3(w[128], w[129], w[130], w[131]);
w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3;
return(w);
}
/**
* the DES engine.
*/
internal static void DesFunc(
int[] wKey,
byte[] input,
int inOff,
byte[] outBytes,
int outOff)
{
uint left = Pack.BE_To_UInt32(input, inOff);
uint right = Pack.BE_To_UInt32(input, inOff + 4);
uint work;
work = ((left >> 4) ^ right) & 0x0f0f0f0f;
right ^= work;
left ^= (work << 4);
work = ((left >> 16) ^ right) & 0x0000ffff;
right ^= work;
left ^= (work << 16);
work = ((right >> 2) ^ left) & 0x33333333;
left ^= work;
right ^= (work << 2);
work = ((right >> 8) ^ left) & 0x00ff00ff;
left ^= work;
right ^= (work << 8);
right = (right << 1) | (right >> 31);
work = (left ^ right) & 0xaaaaaaaa;
left ^= work;
right ^= work;
left = (left << 1) | (left >> 31);
for (int round = 0; round < 8; round++)
{
uint fval;
work = (right << 28) | (right >> 4);
work ^= (uint)wKey[round * 4 + 0];
fval = SP7[work & 0x3f];
fval |= SP5[(work >> 8) & 0x3f];
fval |= SP3[(work >> 16) & 0x3f];
fval |= SP1[(work >> 24) & 0x3f];
work = right ^ (uint)wKey[round * 4 + 1];
fval |= SP8[work & 0x3f];
fval |= SP6[(work >> 8) & 0x3f];
fval |= SP4[(work >> 16) & 0x3f];
fval |= SP2[(work >> 24) & 0x3f];
left ^= fval;
work = (left << 28) | (left >> 4);
work ^= (uint)wKey[round * 4 + 2];
fval = SP7[work & 0x3f];
fval |= SP5[(work >> 8) & 0x3f];
fval |= SP3[(work >> 16) & 0x3f];
fval |= SP1[(work >> 24) & 0x3f];
work = left ^ (uint)wKey[round * 4 + 3];
fval |= SP8[work & 0x3f];
fval |= SP6[(work >> 8) & 0x3f];
fval |= SP4[(work >> 16) & 0x3f];
fval |= SP2[(work >> 24) & 0x3f];
right ^= fval;
}
right = (right << 31) | (right >> 1);
work = (left ^ right) & 0xaaaaaaaa;
left ^= work;
right ^= work;
left = (left << 31) | (left >> 1);
work = ((left >> 8) ^ right) & 0x00ff00ff;
right ^= work;
left ^= (work << 8);
work = ((left >> 2) ^ right) & 0x33333333;
right ^= work;
left ^= (work << 2);
work = ((right >> 16) ^ left) & 0x0000ffff;
left ^= work;
right ^= (work << 16);
work = ((right >> 4) ^ left) & 0x0f0f0f0f;
left ^= work;
right ^= (work << 4);
Pack.UInt32_To_BE(right, outBytes, outOff);
Pack.UInt32_To_BE(left, outBytes, outOff + 4);
}
internal static void DesFunc(int[] wKey, byte[] input, int inOff, byte[] outBytes, int outOff)
{
uint num = Pack.BE_To_UInt32(input, inOff);
uint num2 = Pack.BE_To_UInt32(input, inOff + 4);
uint num3 = (num >> 4 ^ num2) & 252645135u;
num2 ^= num3;
num ^= num3 << 4;
num3 = ((num >> 16 ^ num2) & 65535u);
num2 ^= num3;
num ^= num3 << 16;
num3 = ((num2 >> 2 ^ num) & 858993459u);
num ^= num3;
num2 ^= num3 << 2;
num3 = ((num2 >> 8 ^ num) & 16711935u);
num ^= num3;
num2 ^= num3 << 8;
num2 = (num2 << 1 | num2 >> 31);
num3 = ((num ^ num2) & 2863311530u);
num ^= num3;
num2 ^= num3;
num = (num << 1 | num >> 31);
for (int i = 0; i < 8; i++)
{
num3 = (num2 << 28 | num2 >> 4);
num3 ^= (uint)wKey[i * 4];
uint num4 = DesEngine.SP7[(int)((UIntPtr)(num3 & 63u))];
num4 |= DesEngine.SP5[(int)((UIntPtr)(num3 >> 8 & 63u))];
num4 |= DesEngine.SP3[(int)((UIntPtr)(num3 >> 16 & 63u))];
num4 |= DesEngine.SP1[(int)((UIntPtr)(num3 >> 24 & 63u))];
num3 = (num2 ^ (uint)wKey[i * 4 + 1]);
num4 |= DesEngine.SP8[(int)((UIntPtr)(num3 & 63u))];
num4 |= DesEngine.SP6[(int)((UIntPtr)(num3 >> 8 & 63u))];
num4 |= DesEngine.SP4[(int)((UIntPtr)(num3 >> 16 & 63u))];
num4 |= DesEngine.SP2[(int)((UIntPtr)(num3 >> 24 & 63u))];
num ^= num4;
num3 = (num << 28 | num >> 4);
num3 ^= (uint)wKey[i * 4 + 2];
num4 = DesEngine.SP7[(int)((UIntPtr)(num3 & 63u))];
num4 |= DesEngine.SP5[(int)((UIntPtr)(num3 >> 8 & 63u))];
num4 |= DesEngine.SP3[(int)((UIntPtr)(num3 >> 16 & 63u))];
num4 |= DesEngine.SP1[(int)((UIntPtr)(num3 >> 24 & 63u))];
num3 = (num ^ (uint)wKey[i * 4 + 3]);
num4 |= DesEngine.SP8[(int)((UIntPtr)(num3 & 63u))];
num4 |= DesEngine.SP6[(int)((UIntPtr)(num3 >> 8 & 63u))];
num4 |= DesEngine.SP4[(int)((UIntPtr)(num3 >> 16 & 63u))];
num4 |= DesEngine.SP2[(int)((UIntPtr)(num3 >> 24 & 63u))];
num2 ^= num4;
}
num2 = (num2 << 31 | num2 >> 1);
num3 = ((num ^ num2) & 2863311530u);
num ^= num3;
num2 ^= num3;
num = (num << 31 | num >> 1);
num3 = ((num >> 8 ^ num2) & 16711935u);
num2 ^= num3;
num ^= num3 << 8;
num3 = ((num >> 2 ^ num2) & 858993459u);
num2 ^= num3;
num ^= num3 << 2;
num3 = ((num2 >> 16 ^ num) & 65535u);
num ^= num3;
num2 ^= num3 << 16;
num3 = ((num2 >> 4 ^ num) & 252645135u);
num ^= num3;
num2 ^= num3 << 4;
Pack.UInt32_To_BE(num2, outBytes, outOff);
Pack.UInt32_To_BE(num, outBytes, outOff + 4);
}
/**
* Decrypt one block of ciphertext.
*
* @param input the array containing the input data.
* @param inOff offset into the in array the data starts at.
* @param output the array the output data will be copied into.
* @param outOff the offset into the out array the output will start at.
*/
protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
X3 = wKey[131] ^ (int)Pack.BE_To_UInt32(input, inOff);
X2 = wKey[130] ^ (int)Pack.BE_To_UInt32(input, inOff + 4);
X1 = wKey[129] ^ (int)Pack.BE_To_UInt32(input, inOff + 8);
X0 = wKey[128] ^ (int)Pack.BE_To_UInt32(input, inOff + 12);
Ib7(X0, X1, X2, X3);
X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
InverseLT(); Ib6(X0, X1, X2, X3);
X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
InverseLT(); Ib5(X0, X1, X2, X3);
X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
InverseLT(); Ib4(X0, X1, X2, X3);
X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
InverseLT(); Ib3(X0, X1, X2, X3);
X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
InverseLT(); Ib2(X0, X1, X2, X3);
X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
InverseLT(); Ib1(X0, X1, X2, X3);
X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
InverseLT(); Ib0(X0, X1, X2, X3);
X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
InverseLT(); Ib7(X0, X1, X2, X3);
X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
InverseLT(); Ib6(X0, X1, X2, X3);
X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
InverseLT(); Ib5(X0, X1, X2, X3);
X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
InverseLT(); Ib4(X0, X1, X2, X3);
X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
InverseLT(); Ib3(X0, X1, X2, X3);
X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
InverseLT(); Ib2(X0, X1, X2, X3);
X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
InverseLT(); Ib1(X0, X1, X2, X3);
X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
InverseLT(); Ib0(X0, X1, X2, X3);
X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
InverseLT(); Ib7(X0, X1, X2, X3);
X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
InverseLT(); Ib6(X0, X1, X2, X3);
X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
InverseLT(); Ib5(X0, X1, X2, X3);
X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
InverseLT(); Ib4(X0, X1, X2, X3);
X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
InverseLT(); Ib3(X0, X1, X2, X3);
X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
InverseLT(); Ib2(X0, X1, X2, X3);
X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
InverseLT(); Ib1(X0, X1, X2, X3);
X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
InverseLT(); Ib0(X0, X1, X2, X3);
X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
InverseLT(); Ib7(X0, X1, X2, X3);
X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
InverseLT(); Ib6(X0, X1, X2, X3);
X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
InverseLT(); Ib5(X0, X1, X2, X3);
X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
InverseLT(); Ib4(X0, X1, X2, X3);
X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
InverseLT(); Ib3(X0, X1, X2, X3);
X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
InverseLT(); Ib2(X0, X1, X2, X3);
X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
InverseLT(); Ib1(X0, X1, X2, X3);
X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
InverseLT(); Ib0(X0, X1, X2, X3);
Pack.UInt32_To_BE((uint)(X3 ^ wKey[3]), output, outOff);
Pack.UInt32_To_BE((uint)(X2 ^ wKey[2]), output, outOff + 4);
Pack.UInt32_To_BE((uint)(X1 ^ wKey[1]), output, outOff + 8);
Pack.UInt32_To_BE((uint)(X0 ^ wKey[0]), output, outOff + 12);
}
private int EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
uint a0 = Pack.BE_To_UInt32(input, inOff);
uint a1 = Pack.BE_To_UInt32(input, inOff + 4);
uint a2 = Pack.BE_To_UInt32(input, inOff + 8);
uint a3 = Pack.BE_To_UInt32(input, inOff + 12);
uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3];
int round = 0;
for (;;)
{
a0 ^= RoundConstants[round];
// theta(a, k);
{
uint t02 = a0 ^ a2;
t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24);
a0 ^= k0;
a1 ^= k1;
a2 ^= k2;
a3 ^= k3;
uint t13 = a1 ^ a3;
t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24);
a0 ^= t13;
a1 ^= t02;
a2 ^= t13;
a3 ^= t02;
}
if (++round > Size)
{
break;
}
// pi1(a);
{
a1 = Integers.RotateLeft(a1, 1);
a2 = Integers.RotateLeft(a2, 5);
a3 = Integers.RotateLeft(a3, 2);
}
// gamma(a);
{
uint t = a3;
a1 ^= a3 | a2;
a3 = a0 ^ (a2 & ~a1);
a2 = t ^ ~a1 ^ a2 ^ a3;
a1 ^= a3 | a2;
a0 = t ^ (a2 & a1);
}
// pi2(a);
{
a1 = Integers.RotateLeft(a1, 31);
a2 = Integers.RotateLeft(a2, 27);
a3 = Integers.RotateLeft(a3, 30);
}
}
Pack.UInt32_To_BE(a0, output, outOff);
Pack.UInt32_To_BE(a1, output, outOff + 4);
Pack.UInt32_To_BE(a2, output, outOff + 8);
Pack.UInt32_To_BE(a3, output, outOff + 12);
return(Size);
}
private int DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
uint a0 = Pack.BE_To_UInt32(input, inOff);
uint a1 = Pack.BE_To_UInt32(input, inOff + 4);
uint a2 = Pack.BE_To_UInt32(input, inOff + 8);
uint a3 = Pack.BE_To_UInt32(input, inOff + 12);
uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3];
int round = Size;
uint t;
for (;;)
{
// theta(a, k);
{
t = a0 ^ a2;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a1 ^= t;
a3 ^= t;
a0 ^= k0;
a1 ^= k1;
a2 ^= k2;
a3 ^= k3;
t = a1 ^ a3;
t ^= Integers.RotateLeft(t, 8) ^ Integers.RotateLeft(t, 24);
a0 ^= t;
a2 ^= t;
}
a0 ^= RoundConstants[round];
if (--round < 0)
{
break;
}
// pi1(a);
{
a1 = Integers.RotateLeft(a1, 1);
a2 = Integers.RotateLeft(a2, 5);
a3 = Integers.RotateLeft(a3, 2);
}
// gamma(a);
{
a1 ^= ~a3 & ~a2;
a0 ^= a2 & a1;
t = a3; a3 = a0; a0 = t;
a2 ^= a0 ^ a1 ^ a3;
a1 ^= ~a3 & ~a2;
a0 ^= a2 & a1;
}
// pi2(a);
{
a1 = Integers.RotateLeft(a1, 31);
a2 = Integers.RotateLeft(a2, 27);
a3 = Integers.RotateLeft(a3, 30);
}
}
Pack.UInt32_To_BE(a0, output, outOff);
Pack.UInt32_To_BE(a1, output, outOff + 4);
Pack.UInt32_To_BE(a2, output, outOff + 8);
Pack.UInt32_To_BE(a3, output, outOff + 12);
return(Size);
}
internal static ulong BE_To_UInt64(byte[] bs)
{
return((ulong)Pack.BE_To_UInt32(bs) << 32 | (ulong)Pack.BE_To_UInt32(bs, 4));
}
internal static void AsUints(byte[] bs, uint[] output)
{
Pack.BE_To_UInt32(bs, 0, output);
}
protected override int[] MakeWorkingKey(byte[] key)
{
//IL_004a: Unknown result type (might be due to invalid IL or missing references)
int[] array = new int[16];
int num = 0;
int num2 = 0;
for (num = key.Length - 4; num > 0; num -= 4)
{
array[num2++] = (int)Pack.BE_To_UInt32(key, num);
}
if (num == 0)
{
array[num2++] = (int)Pack.BE_To_UInt32(key, 0);
if (num2 < 8)
{
array[num2] = 1;
}
int num3 = 132;
int[] array2 = new int[num3];
for (int i = 8; i < 16; i++)
{
array[i] = SerpentEngineBase.RotateLeft(array[i - 8] ^ array[i - 5] ^ array[i - 3] ^ array[i - 1] ^ -1640531527 ^ (i - 8), 11);
}
global::System.Array.Copy((global::System.Array)array, 8, (global::System.Array)array2, 0, 8);
for (int j = 8; j < num3; j++)
{
array2[j] = SerpentEngineBase.RotateLeft(array2[j - 8] ^ array2[j - 5] ^ array2[j - 3] ^ array2[j - 1] ^ -1640531527 ^ j, 11);
}
Sb3(array2[0], array2[1], array2[2], array2[3]);
array2[0] = X0;
array2[1] = X1;
array2[2] = X2;
array2[3] = X3;
Sb2(array2[4], array2[5], array2[6], array2[7]);
array2[4] = X0;
array2[5] = X1;
array2[6] = X2;
array2[7] = X3;
Sb1(array2[8], array2[9], array2[10], array2[11]);
array2[8] = X0;
array2[9] = X1;
array2[10] = X2;
array2[11] = X3;
Sb0(array2[12], array2[13], array2[14], array2[15]);
array2[12] = X0;
array2[13] = X1;
array2[14] = X2;
array2[15] = X3;
Sb7(array2[16], array2[17], array2[18], array2[19]);
array2[16] = X0;
array2[17] = X1;
array2[18] = X2;
array2[19] = X3;
Sb6(array2[20], array2[21], array2[22], array2[23]);
array2[20] = X0;
array2[21] = X1;
array2[22] = X2;
array2[23] = X3;
Sb5(array2[24], array2[25], array2[26], array2[27]);
array2[24] = X0;
array2[25] = X1;
array2[26] = X2;
array2[27] = X3;
Sb4(array2[28], array2[29], array2[30], array2[31]);
array2[28] = X0;
array2[29] = X1;
array2[30] = X2;
array2[31] = X3;
Sb3(array2[32], array2[33], array2[34], array2[35]);
array2[32] = X0;
array2[33] = X1;
array2[34] = X2;
array2[35] = X3;
Sb2(array2[36], array2[37], array2[38], array2[39]);
array2[36] = X0;
array2[37] = X1;
array2[38] = X2;
array2[39] = X3;
Sb1(array2[40], array2[41], array2[42], array2[43]);
array2[40] = X0;
array2[41] = X1;
array2[42] = X2;
array2[43] = X3;
Sb0(array2[44], array2[45], array2[46], array2[47]);
array2[44] = X0;
array2[45] = X1;
array2[46] = X2;
array2[47] = X3;
Sb7(array2[48], array2[49], array2[50], array2[51]);
array2[48] = X0;
array2[49] = X1;
array2[50] = X2;
array2[51] = X3;
Sb6(array2[52], array2[53], array2[54], array2[55]);
array2[52] = X0;
array2[53] = X1;
array2[54] = X2;
array2[55] = X3;
Sb5(array2[56], array2[57], array2[58], array2[59]);
array2[56] = X0;
array2[57] = X1;
array2[58] = X2;
array2[59] = X3;
Sb4(array2[60], array2[61], array2[62], array2[63]);
array2[60] = X0;
array2[61] = X1;
array2[62] = X2;
array2[63] = X3;
Sb3(array2[64], array2[65], array2[66], array2[67]);
array2[64] = X0;
array2[65] = X1;
array2[66] = X2;
array2[67] = X3;
Sb2(array2[68], array2[69], array2[70], array2[71]);
array2[68] = X0;
array2[69] = X1;
array2[70] = X2;
array2[71] = X3;
Sb1(array2[72], array2[73], array2[74], array2[75]);
array2[72] = X0;
array2[73] = X1;
array2[74] = X2;
array2[75] = X3;
Sb0(array2[76], array2[77], array2[78], array2[79]);
array2[76] = X0;
array2[77] = X1;
array2[78] = X2;
array2[79] = X3;
Sb7(array2[80], array2[81], array2[82], array2[83]);
array2[80] = X0;
array2[81] = X1;
array2[82] = X2;
array2[83] = X3;
Sb6(array2[84], array2[85], array2[86], array2[87]);
array2[84] = X0;
array2[85] = X1;
array2[86] = X2;
array2[87] = X3;
Sb5(array2[88], array2[89], array2[90], array2[91]);
array2[88] = X0;
array2[89] = X1;
array2[90] = X2;
array2[91] = X3;
Sb4(array2[92], array2[93], array2[94], array2[95]);
array2[92] = X0;
array2[93] = X1;
array2[94] = X2;
array2[95] = X3;
Sb3(array2[96], array2[97], array2[98], array2[99]);
array2[96] = X0;
array2[97] = X1;
array2[98] = X2;
array2[99] = X3;
Sb2(array2[100], array2[101], array2[102], array2[103]);
array2[100] = X0;
array2[101] = X1;
array2[102] = X2;
array2[103] = X3;
Sb1(array2[104], array2[105], array2[106], array2[107]);
array2[104] = X0;
array2[105] = X1;
array2[106] = X2;
array2[107] = X3;
Sb0(array2[108], array2[109], array2[110], array2[111]);
array2[108] = X0;
array2[109] = X1;
array2[110] = X2;
array2[111] = X3;
Sb7(array2[112], array2[113], array2[114], array2[115]);
array2[112] = X0;
array2[113] = X1;
array2[114] = X2;
array2[115] = X3;
Sb6(array2[116], array2[117], array2[118], array2[119]);
array2[116] = X0;
array2[117] = X1;
array2[118] = X2;
array2[119] = X3;
Sb5(array2[120], array2[121], array2[122], array2[123]);
array2[120] = X0;
array2[121] = X1;
array2[122] = X2;
array2[123] = X3;
Sb4(array2[124], array2[125], array2[126], array2[127]);
array2[124] = X0;
array2[125] = X1;
array2[126] = X2;
array2[127] = X3;
Sb3(array2[128], array2[129], array2[130], array2[131]);
array2[128] = X0;
array2[129] = X1;
array2[130] = X2;
array2[131] = X3;
return array2;
}
throw new ArgumentException("key must be a multiple of 4 bytes");
}
public virtual int NextInt()
{
byte[] bytes = new byte[4];
NextBytes(bytes);
return((int)Pack.BE_To_UInt32(bytes));
}
protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
X3 = (int)Pack.BE_To_UInt32(input, inOff);
X2 = (int)Pack.BE_To_UInt32(input, inOff + 4);
X1 = (int)Pack.BE_To_UInt32(input, inOff + 8);
X0 = (int)Pack.BE_To_UInt32(input, inOff + 12);
Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3);
LT();
Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3);
LT();
Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3);
LT();
Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3);
LT();
Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3);
LT();
Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3);
LT();
Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3);
LT();
Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3);
LT();
Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3);
LT();
Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3);
LT();
Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3);
LT();
Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3);
LT();
Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3);
LT();
Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3);
LT();
Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3);
LT();
Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3);
LT();
Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3);
LT();
Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3);
LT();
Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3);
LT();
Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3);
LT();
Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3);
LT();
Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3);
LT();
Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3);
LT();
Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3);
LT();
Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3);
LT();
Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3);
LT();
Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3);
LT();
Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3);
LT();
Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3);
LT();
Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3);
LT();
Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3);
LT();
Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
Pack.UInt32_To_BE((uint)(wKey[131] ^ X3), output, outOff);
Pack.UInt32_To_BE((uint)(wKey[130] ^ X2), output, outOff + 4);
Pack.UInt32_To_BE((uint)(wKey[129] ^ X1), output, outOff + 8);
Pack.UInt32_To_BE((uint)(wKey[128] ^ X0), output, outOff + 12);
}
public override byte[] Unwrap(
byte[] input,
int inOff,
int inLen)
{
if (forWrapping)
{
throw new InvalidOperationException("not set for unwrapping");
}
int n = inLen / 8;
if ((n * 8) != inLen)
{
throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes");
}
byte[] a = new byte[iv.Length + 4];
byte[] b = new byte[inLen - a.Length];
if (n == 2)
{
byte[] buf = new byte[engine.GetBlockSize()];
engine.Init(!wrapCipherMode, param);
engine.ProcessBlock(input, inOff, buf, 0);
Array.Copy(buf, 0, a, 0, a.Length);
Array.Copy(buf, a.Length, b, 0, b.Length);
}
else
{
Array.Copy(input, inOff, a, 0, a.Length);
Array.Copy(input, inOff + a.Length, b, 0, inLen - a.Length);
invW(n, b, a);
}
byte[] recIv = new byte[iv.Length];
Array.Copy(a, 0, recIv, 0, recIv.Length);
int pLen = (int)Pack.BE_To_UInt32(a, 4);
int padLen = 8 * (n - 1) - pLen;
if (!Arrays.ConstantTimeAreEqual(recIv, iv))
{
throw new InvalidCipherTextException("checksum failed");
}
if (padLen < 0 || padLen > 7)
{
throw new InvalidCipherTextException("unwrap data has incorrect padding length");
}
byte[] block = new byte[pLen];
Array.Copy(b, 0, block, 0, pLen);
bool failed = false;
for (int i = 1; i <= padLen; i++)
{
if (b[b.Length - i] != 0)
{
failed = true;
}
}
if (failed)
{
throw new InvalidCipherTextException("unwrap data has incorrect padding");
}
return(block);
}
internal static void DesFunc(int[] wKey, byte[] input, int inOff, byte[] outBytes, int outOff)
{
uint n = Pack.BE_To_UInt32(input, inOff);
uint num2 = Pack.BE_To_UInt32(input, inOff + 4);
uint num3 = ((n >> 4) ^ num2) & 0xf0f0f0f;
num2 ^= num3;
n ^= num3 << 4;
num3 = ((n >> 0x10) ^ num2) & 0xffff;
num2 ^= num3;
n ^= num3 << 0x10;
num3 = ((num2 >> 2) ^ n) & 0x33333333;
n ^= num3;
num2 ^= num3 << 2;
num3 = ((num2 >> 8) ^ n) & 0xff00ff;
n ^= num3;
num2 ^= num3 << 8;
num2 = (num2 << 1) | (num2 >> 0x1f);
num3 = (n ^ num2) & 0xaaaaaaaa;
n ^= num3;
num2 ^= num3;
n = (n << 1) | (n >> 0x1f);
for (int i = 0; i < 8; i++)
{
num3 = (num2 << 0x1c) | (num2 >> 4);
num3 ^= (uint)wKey[i * 4];
uint num5 = SP7[(int)((IntPtr)(num3 & 0x3f))];
num5 |= SP5[(int)((IntPtr)((num3 >> 8) & 0x3f))];
num5 |= SP3[(int)((IntPtr)((num3 >> 0x10) & 0x3f))];
num5 |= SP1[(int)((IntPtr)((num3 >> 0x18) & 0x3f))];
num3 = num2 ^ ((uint)wKey[(i * 4) + 1]);
num5 |= SP8[(int)((IntPtr)(num3 & 0x3f))];
num5 |= SP6[(int)((IntPtr)((num3 >> 8) & 0x3f))];
num5 |= SP4[(int)((IntPtr)((num3 >> 0x10) & 0x3f))];
num5 |= SP2[(int)((IntPtr)((num3 >> 0x18) & 0x3f))];
n ^= num5;
num3 = (n << 0x1c) | (n >> 4);
num3 ^= (uint)wKey[(i * 4) + 2];
num5 = SP7[(int)((IntPtr)(num3 & 0x3f))];
num5 |= SP5[(int)((IntPtr)((num3 >> 8) & 0x3f))];
num5 |= SP3[(int)((IntPtr)((num3 >> 0x10) & 0x3f))];
num5 |= SP1[(int)((IntPtr)((num3 >> 0x18) & 0x3f))];
num3 = n ^ ((uint)wKey[(i * 4) + 3]);
num5 |= SP8[(int)((IntPtr)(num3 & 0x3f))];
num5 |= SP6[(int)((IntPtr)((num3 >> 8) & 0x3f))];
num5 |= SP4[(int)((IntPtr)((num3 >> 0x10) & 0x3f))];
num5 |= SP2[(int)((IntPtr)((num3 >> 0x18) & 0x3f))];
num2 ^= num5;
}
num2 = (num2 << 0x1f) | (num2 >> 1);
num3 = (n ^ num2) & 0xaaaaaaaa;
n ^= num3;
num2 ^= num3;
n = (n << 0x1f) | (n >> 1);
num3 = ((n >> 8) ^ num2) & 0xff00ff;
num2 ^= num3;
n ^= num3 << 8;
num3 = ((n >> 2) ^ num2) & 0x33333333;
num2 ^= num3;
n ^= num3 << 2;
num3 = ((num2 >> 0x10) ^ n) & 0xffff;
n ^= num3;
num2 ^= num3 << 0x10;
num3 = ((num2 >> 4) ^ n) & 0xf0f0f0f;
n ^= num3;
num2 ^= num3 << 4;
Pack.UInt32_To_BE(num2, outBytes, outOff);
Pack.UInt32_To_BE(n, outBytes, outOff + 4);
}
internal static uint[] AsUints(byte[] bs)
{
uint[] array = new uint[4];
Pack.BE_To_UInt32(bs, 0, array);
return(array);
}
internal static ulong BE_To_UInt64(byte[] bs, int off)
{
return((ulong)Pack.BE_To_UInt32(bs, off) << 32 | (ulong)Pack.BE_To_UInt32(bs, off + 4));
}
internal static uint[] AsUints(byte[] bs)
{
uint[] output = new uint[4];
Pack.BE_To_UInt32(bs, 0, output);
return(output);
}
internal static void DesFunc(int[] wKey, byte[] input, int inOff, byte[] outBytes, int outOff)
{
uint num = Pack.BE_To_UInt32(input, inOff);
uint num2 = Pack.BE_To_UInt32(input, inOff + 4);
uint num3 = ((num >> 4) ^ num2) & 0xF0F0F0F;
num2 ^= num3;
num ^= num3 << 4;
num3 = (((num >> 16) ^ num2) & 0xFFFF);
num2 ^= num3;
num ^= num3 << 16;
num3 = (((num2 >> 2) ^ num) & 0x33333333);
num ^= num3;
num2 ^= num3 << 2;
num3 = (((num2 >> 8) ^ num) & 0xFF00FF);
num ^= num3;
num2 ^= num3 << 8;
num2 = ((num2 << 1) | (num2 >> 31));
num3 = (uint)((int)(num ^ num2) & -1431655766);
num ^= num3;
num2 ^= num3;
num = ((num << 1) | (num >> 31));
for (int i = 0; i < 8; i++)
{
num3 = ((num2 << 28) | (num2 >> 4));
num3 = (uint)((int)num3 ^ wKey[i * 4]);
uint num4 = SP7[num3 & 0x3F];
num4 |= SP5[(num3 >> 8) & 0x3F];
num4 |= SP3[(num3 >> 16) & 0x3F];
num4 |= SP1[(num3 >> 24) & 0x3F];
num3 = (uint)((int)num2 ^ wKey[i * 4 + 1]);
num4 |= SP8[num3 & 0x3F];
num4 |= SP6[(num3 >> 8) & 0x3F];
num4 |= SP4[(num3 >> 16) & 0x3F];
num4 |= SP2[(num3 >> 24) & 0x3F];
num ^= num4;
num3 = ((num << 28) | (num >> 4));
num3 = (uint)((int)num3 ^ wKey[i * 4 + 2]);
num4 = SP7[num3 & 0x3F];
num4 |= SP5[(num3 >> 8) & 0x3F];
num4 |= SP3[(num3 >> 16) & 0x3F];
num4 |= SP1[(num3 >> 24) & 0x3F];
num3 = (uint)((int)num ^ wKey[i * 4 + 3]);
num4 |= SP8[num3 & 0x3F];
num4 |= SP6[(num3 >> 8) & 0x3F];
num4 |= SP4[(num3 >> 16) & 0x3F];
num4 |= SP2[(num3 >> 24) & 0x3F];
num2 ^= num4;
}
num2 = ((num2 << 31) | (num2 >> 1));
num3 = (uint)((int)(num ^ num2) & -1431655766);
num ^= num3;
num2 ^= num3;
num = ((num << 31) | (num >> 1));
num3 = (((num >> 8) ^ num2) & 0xFF00FF);
num2 ^= num3;
num ^= num3 << 8;
num3 = (((num >> 2) ^ num2) & 0x33333333);
num2 ^= num3;
num ^= num3 << 2;
num3 = (((num2 >> 16) ^ num) & 0xFFFF);
num ^= num3;
num2 ^= num3 << 16;
num3 = (((num2 >> 4) ^ num) & 0xF0F0F0F);
num ^= num3;
num2 ^= num3 << 4;
Pack.UInt32_To_BE(num2, outBytes, outOff);
Pack.UInt32_To_BE(num, outBytes, outOff + 4);
}
//==================================
// Private Implementation
//==================================
/*
* Creates the subkeys using the same nomenclature
* as described in RFC2612.
*
* See section 2.4
*/
internal override void SetKey(
byte[] key)
{
uint Cm = 0x5a827999;
uint Mm = 0x6ed9eba1;
int Cr = 19;
int Mr = 17;
/*
* Determine the key size here, if required
*
* if keysize < 256 bytes, pad with 0
*
* Typical key sizes => 128, 160, 192, 224, 256
*/
for (int i = 0; i < 24; i++)
{
for (int j = 0; j < 8; j++)
{
_Tm[i * 8 + j] = Cm;
Cm += Mm; //mod 2^32;
_Tr[i * 8 + j] = Cr;
Cr = (Cr + Mr) & 0x1f; // mod 32
}
}
byte[] tmpKey = new byte[64];
key.CopyTo(tmpKey, 0);
// now create ABCDEFGH
for (int i = 0; i < 8; i++)
{
_workingKey[i] = Pack.BE_To_UInt32(tmpKey, i * 4);
}
// Generate the key schedule
for (int i = 0; i < 12; i++)
{
// KAPPA <- W2i(KAPPA)
int i2 = i * 2 * 8;
_workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]);
_workingKey[5] ^= F2(_workingKey[6], _Tm[i2 + 1], _Tr[i2 + 1]);
_workingKey[4] ^= F3(_workingKey[5], _Tm[i2 + 2], _Tr[i2 + 2]);
_workingKey[3] ^= F1(_workingKey[4], _Tm[i2 + 3], _Tr[i2 + 3]);
_workingKey[2] ^= F2(_workingKey[3], _Tm[i2 + 4], _Tr[i2 + 4]);
_workingKey[1] ^= F3(_workingKey[2], _Tm[i2 + 5], _Tr[i2 + 5]);
_workingKey[0] ^= F1(_workingKey[1], _Tm[i2 + 6], _Tr[i2 + 6]);
_workingKey[7] ^= F2(_workingKey[0], _Tm[i2 + 7], _Tr[i2 + 7]);
// KAPPA <- W2i+1(KAPPA)
i2 = (i * 2 + 1) * 8;
_workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]);
_workingKey[5] ^= F2(_workingKey[6], _Tm[i2 + 1], _Tr[i2 + 1]);
_workingKey[4] ^= F3(_workingKey[5], _Tm[i2 + 2], _Tr[i2 + 2]);
_workingKey[3] ^= F1(_workingKey[4], _Tm[i2 + 3], _Tr[i2 + 3]);
_workingKey[2] ^= F2(_workingKey[3], _Tm[i2 + 4], _Tr[i2 + 4]);
_workingKey[1] ^= F3(_workingKey[2], _Tm[i2 + 5], _Tr[i2 + 5]);
_workingKey[0] ^= F1(_workingKey[1], _Tm[i2 + 6], _Tr[i2 + 6]);
_workingKey[7] ^= F2(_workingKey[0], _Tm[i2 + 7], _Tr[i2 + 7]);
// Kr_(i) <- KAPPA
_Kr[i * 4] = (int)(_workingKey[0] & 0x1f);
_Kr[i * 4 + 1] = (int)(_workingKey[2] & 0x1f);
_Kr[i * 4 + 2] = (int)(_workingKey[4] & 0x1f);
_Kr[i * 4 + 3] = (int)(_workingKey[6] & 0x1f);
// Km_(i) <- KAPPA
_Km[i * 4] = _workingKey[7];
_Km[i * 4 + 1] = _workingKey[5];
_Km[i * 4 + 2] = _workingKey[3];
_Km[i * 4 + 3] = _workingKey[1];
}
}
internal static uint[] AsUints(byte[] bs)
{
uint[] ns = new uint[4];
Pack.BE_To_UInt32(bs, 0, ns);
return(ns);
}