Commit 906b2e76 authored by Adam Langley's avatar Adam Langley

crypto/des: cleanups

R=rsc
CC=golang-dev
https://golang.org/cl/4315050
parent 2db1769d
......@@ -35,6 +35,7 @@ DIRS=\
crypto/blowfish\
crypto/cast5\
crypto/cipher\
crypto/des\
crypto/dsa\
crypto/ecdsa\
crypto/elliptic\
......
// Copyright 2010 The Go Authors. All rights reserved.
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package des
// Encrypt one block from src into dst, using the subkeys.
func encryptBlock(subkeys [16]uint64, dst, src []byte) {
// perform initial permutation
permutedSrc := permuteBlock(src, initialPermutation[0:])
import (
"encoding/binary"
)
// split into left and right halves
left := uint32(permutedSrc >> 32)
right := uint32(permutedSrc)
func cryptBlock(subkeys []uint64, dst, src []byte, decrypt bool) {
b := binary.BigEndian.Uint64(src)
b = permuteBlock(b, initialPermutation[:])
left, right := uint32(b>>32), uint32(b)
// process left and right with feistel function
var subkey uint64
for i := 0; i < 16; i++ {
previousRight := right
right = left ^ feistel(right, subkeys[i])
left = previousRight
if decrypt {
subkey = subkeys[15-i]
} else {
subkey = subkeys[i]
}
left, right = right, left^feistel(right, subkey)
}
// switch left & right and perform final permutation
preOutput := (uint64(right) << 32) | uint64(left)
final := uint64ToBytes(permuteBlock(uint64ToBytes(preOutput), finalPermutation[0:]))
binary.BigEndian.PutUint64(dst, permuteBlock(preOutput, finalPermutation[:]))
}
// copy bytes to destination
copy(dst, final)
// Encrypt one block from src into dst, using the subkeys.
func encryptBlock(subkeys []uint64, dst, src []byte) {
cryptBlock(subkeys, dst, src, false)
}
// Decrypt one block from src into dst, using the subkeys.
func decryptBlock(subkeys [16]uint64, dst, src []byte) {
// perform initial permutation
permutedSrc := permuteBlock(src, initialPermutation[0:])
// split into left and right halves
left := uint32(permutedSrc >> 32)
right := uint32(permutedSrc)
// process left and right with feistel function
for i := 0; i < 16; i++ {
previousRight := right
// decryption reverses order of subkeys
right = left ^ feistel(right, subkeys[15-i])
left = previousRight
}
// switch left & right and perform final permutation
preOutput := (uint64(right) << 32) | uint64(left)
final := uint64ToBytes(permuteBlock(uint64ToBytes(preOutput), finalPermutation[0:]))
// copy bytes to destination
copy(dst, final)
func decryptBlock(subkeys []uint64, dst, src []byte) {
cryptBlock(subkeys, dst, src, true)
}
// DES Feistel function
func feistel(right uint32, key uint64) (result uint32) {
rightExpanded := permuteBlock(uint32ToBytes(right), expansionFunction[:])
xorResult := key ^ rightExpanded
sBoxLocations := key ^ permuteBlock(uint64(right), expansionFunction[:])
var sBoxResult uint32
for i := uint8(0); i < 8; i++ {
sBoxCoordValue := uint8((xorResult << (16 + (6 * i))) >> 58)
// determine the proper S-box row and column from the 6-bits of
// sBoxCoordValue row is determined by 1st and 6th bit
row := (sBoxCoordValue & 0x1) | ((sBoxCoordValue & 0x20) >> 4)
sBoxLocation := uint8(sBoxLocations>>42) & 0x3f
sBoxLocations <<= 6
// row determined by 1st and 6th bit
row := (sBoxLocation & 0x1) | ((sBoxLocation & 0x20) >> 4)
// column is middle four bits
column := (sBoxCoordValue << 3) >> 4
column := (sBoxLocation >> 1) & 0xf
sBoxResult |= uint32(sBoxes[i][row][column]) << (4 * (7 - i))
}
return uint32(permuteBlock(uint32ToBytes(sBoxResult), permutationFunction[0:]))
return uint32(permuteBlock(uint64(sBoxResult), permutationFunction[:]))
}
// general purpose function to perform DES block permutations
func permuteBlock(src []byte, permutation []uint8) (block uint64) {
for finalPosition, bitNumber := range permutation {
bitIndex := bitNumber - 1
byteIndex := bitIndex >> 3
bitNumberInByte := bitIndex % 8
bitValue := (src[byteIndex] << bitNumberInByte) >> 7
block |= uint64(bitValue) << uint64((uint8(len(permutation)-1))-uint8(finalPosition))
func permuteBlock(src uint64, permutation []uint8) (block uint64) {
for position, n := range permutation {
bit := (src >> n) & 1
block |= bit << uint((len(permutation)-1)-position)
}
return
}
......@@ -87,18 +70,19 @@ func ksRotate(in uint32) (out []uint32) {
last := in
for i := 0; i < 16; i++ {
// 28-bit circular left shift
part1 := (last << (4 + uint32(ksRotations[i]))) >> 4
part2 := (last << 4) >> (32 - ksRotations[i])
out[i] = part1 | part2
left := (last << (4 + ksRotations[i])) >> 4
right := (last << 4) >> (32 - ksRotations[i])
out[i] = left | right
last = out[i]
}
return
}
// creates 16 56-bit subkeys from the original key
func ksGenerateSubkeys(cipher *DESCipher) {
func (c *Cipher) generateSubkeys(keyBytes []byte) {
// apply PC1 permutation to key
permutedKey := permuteBlock(cipher.key, permutedChoice1[0:])
key := binary.BigEndian.Uint64(keyBytes)
permutedKey := permuteBlock(key, permutedChoice1[:])
// rotate halves of permuted key according to the rotation schedule
leftRotations := ksRotate(uint32(permutedKey >> 28))
......@@ -109,22 +93,6 @@ func ksGenerateSubkeys(cipher *DESCipher) {
// combine halves to form 56-bit input to PC2
pc2Input := uint64(leftRotations[i])<<28 | uint64(rightRotations[i])
// apply PC2 permutation to 7 byte input
cipher.subkeys[i] = permuteBlock(uint64ToBytes(pc2Input)[1:], permutedChoice2[0:])
c.subkeys[i] = permuteBlock(pc2Input, permutedChoice2[:])
}
}
// generates a byte array from uint32 input
func uint32ToBytes(block uint32) []byte {
return []byte{
byte(block >> 24), byte(block >> 16),
byte(block >> 8), byte(block)}
}
// generates a byte array from uint64 input
func uint64ToBytes(block uint64) []byte {
return []byte{
byte(block >> 56), byte(block >> 48),
byte(block >> 40), byte(block >> 32),
byte(block >> 24), byte(block >> 16),
byte(block >> 8), byte(block)}
}
// Copyright 2010 The Go Authors. All rights reserved.
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
......@@ -18,42 +18,37 @@ func (k KeySizeError) String() string {
return "crypto/des: invalid key size " + strconv.Itoa(int(k))
}
// A DESCipher is an instance of DES encryption.
type DESCipher struct {
key []byte
// Cipher is an instance of DES encryption.
type Cipher struct {
subkeys [16]uint64
}
// NewCipher creates and returns a new Cipher.
func NewDESCipher(key []byte) (*DESCipher, os.Error) {
k := len(key)
if k != 8 {
return nil, KeySizeError(k)
func NewCipher(key []byte) (*Cipher, os.Error) {
if len(key) != 8 {
return nil, KeySizeError(len(key))
}
c := &DESCipher{key, [16]uint64{}}
ksGenerateSubkeys(c)
c := new(Cipher)
c.generateSubkeys(key)
return c, nil
}
// BlockSize returns the DES block size, 8 bytes.
func (c *DESCipher) BlockSize() int { return BlockSize }
func (c *Cipher) BlockSize() int { return BlockSize }
// Encrypts the 8-byte buffer src and stores the result in dst.
// Note that for amounts of data larger than a block,
// it is not safe to just call Encrypt on successive blocks;
// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
func (c *DESCipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys, dst, src) }
func (c *Cipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys[:], dst, src) }
// Decrypts the 8-byte buffer src and stores the result in dst.
func (c *DESCipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys, dst, src) }
func (c *Cipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys[:], dst, src) }
// Reset zeros the key data, so that it will no longer
// appear in the process's memory.
func (c *DESCipher) Reset() {
for i := 0; i < len(c.key); i++ {
c.key[i] = 0
}
func (c *Cipher) Reset() {
for i := 0; i < len(c.subkeys); i++ {
c.subkeys[i] = 0
}
......@@ -61,21 +56,19 @@ func (c *DESCipher) Reset() {
// A TripleDESCipher is an instance of TripleDES encryption.
type TripleDESCipher struct {
key []byte
cipher1, cipher2, cipher3 *DESCipher
cipher1, cipher2, cipher3 Cipher
}
// NewCipher creates and returns a new Cipher.
func NewTripleDESCipher(key []byte) (*TripleDESCipher, os.Error) {
k := len(key)
if k != 24 {
return nil, KeySizeError(k)
if len(key) != 24 {
return nil, KeySizeError(len(key))
}
cipher1, _ := NewDESCipher(key[0:8])
cipher2, _ := NewDESCipher(key[8:16])
cipher3, _ := NewDESCipher(key[16:])
c := &TripleDESCipher{key, cipher1, cipher2, cipher3}
c := new(TripleDESCipher)
c.cipher1.generateSubkeys(key[:8])
c.cipher2.generateSubkeys(key[8:16])
c.cipher3.generateSubkeys(key[16:])
return c, nil
}
......@@ -104,9 +97,6 @@ func (c *TripleDESCipher) Decrypt(dst, src []byte) {
// Reset zeros the key data, so that it will no longer
// appear in the process's memory.
func (c *TripleDESCipher) Reset() {
for i := 0; i < len(c.key); i++ {
c.key[i] = 0
}
c.cipher1.Reset()
c.cipher2.Reset()
c.cipher3.Reset()
......
......@@ -7,132 +7,133 @@
// in U.S. Federal Information Processing Standards Publication 46-3.
package des
// Used to perform an initial permutation of a
// 64-bit input block
var initialPermutation = [64]uint8{
58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7}
// Used to perform an initial permutation of a 64-bit input block.
var initialPermutation = [64]byte{
6, 14, 22, 30, 38, 46, 54, 62,
4, 12, 20, 28, 36, 44, 52, 60,
2, 10, 18, 26, 34, 42, 50, 58,
0, 8, 16, 24, 32, 40, 48, 56,
7, 15, 23, 31, 39, 47, 55, 63,
5, 13, 21, 29, 37, 45, 53, 61,
3, 11, 19, 27, 35, 43, 51, 59,
1, 9, 17, 25, 33, 41, 49, 57,
}
// Used to perform a final permutation of a
// 64-bit preoutput block
// This is the inverse of initialPermutation
var finalPermutation = [64]uint8{
40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25}
// Used to perform a final permutation of a 4-bit preoutput block. This is the
// inverse of initialPermutation
var finalPermutation = [64]byte{
24, 56, 16, 48, 8, 40, 0, 32,
25, 57, 17, 49, 9, 41, 1, 33,
26, 58, 18, 50, 10, 42, 2, 34,
27, 59, 19, 51, 11, 43, 3, 35,
28, 60, 20, 52, 12, 44, 4, 36,
29, 61, 21, 53, 13, 45, 5, 37,
30, 62, 22, 54, 14, 46, 6, 38,
31, 63, 23, 55, 15, 47, 7, 39,
}
// Used to expand an input block of 32 bits,
// producing an output block of 48 bits.
var expansionFunction = [48]uint8{
32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1}
// Used to expand an input block of 32 bits, producing an output block of 48
// bits.
var expansionFunction = [48]byte{
0, 31, 30, 29, 28, 27, 28, 27,
26, 25, 24, 23, 24, 23, 22, 21,
20, 19, 20, 19, 18, 17, 16, 15,
16, 15, 14, 13, 12, 11, 12, 11,
10, 9, 8, 7, 8, 7, 6, 5,
4, 3, 4, 3, 2, 1, 0, 31,
}
// Yields a 32-bit output from a 32-bit input
var permutationFunction = [32]uint8{
16, 7, 20, 21,
29, 12, 28, 17,
1, 15, 23, 26,
5, 18, 31, 10,
2, 8, 24, 14,
32, 27, 3, 9,
19, 13, 30, 6,
22, 11, 4, 25}
var permutationFunction = [32]byte{
16, 25, 12, 11, 3, 20, 4, 15,
31, 17, 9, 6, 27, 14, 1, 22,
30, 24, 8, 18, 0, 5, 29, 23,
13, 19, 2, 26, 10, 21, 28, 7,
}
// Used in the key schedule to select 56 bits
// from a 64-bit input.
var permutedChoice1 = [56]uint8{
// left
57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
// right
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4}
var permutedChoice1 = [56]byte{
7, 15, 23, 31, 39, 47, 55, 63,
6, 14, 22, 30, 38, 46, 54, 62,
5, 13, 21, 29, 37, 45, 53, 61,
4, 12, 20, 28, 1, 9, 17, 25,
33, 41, 49, 57, 2, 10, 18, 26,
34, 42, 50, 58, 3, 11, 19, 27,
35, 43, 51, 59, 36, 44, 52, 60,
}
// Used in the key schedule to produce
// each subkey by selecting 48 bits
// from the 56-bit input
var permutedChoice2 = [48]uint8{
14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32}
// Used in the key schedule to produce each subkey by selecting 48 bits from
// the 56-bit input
var permutedChoice2 = [48]byte{
42, 39, 45, 32, 55, 51, 53, 28,
41, 50, 35, 46, 33, 37, 44, 52,
30, 48, 40, 49, 29, 36, 43, 54,
15, 4, 25, 19, 9, 1, 26, 16,
5, 11, 23, 8, 12, 7, 17, 0,
22, 3, 10, 14, 6, 20, 27, 24,
}
// 8 S-boxes composed of 4 rows and 16 columns
// Used in the DES cipher function
var sBoxes = [8][4][16]uint8{
// S-box 1
{
[16]uint8{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
[16]uint8{0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
[16]uint8{4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
[16]uint8{15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},
{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
{0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
{4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
{15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13},
},
// S-box 2
{
[16]uint8{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
[16]uint8{3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
[16]uint8{0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
[16]uint8{13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},
{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
{3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
{0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
{13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9},
},
// S-box 3
{
[16]uint8{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
[16]uint8{13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
[16]uint8{13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
[16]uint8{1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},
{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
{13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
{13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
{1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12},
},
// S-box 4
{
[16]uint8{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
[16]uint8{13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
[16]uint8{10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
[16]uint8{3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},
{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
{13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
{10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
{3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14},
},
// S-box 5
{
[16]uint8{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
[16]uint8{14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
[16]uint8{4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
[16]uint8{11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},
{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
{14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
{4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
{11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3},
},
// S-box 6
{
[16]uint8{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
[16]uint8{10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
[16]uint8{9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
[16]uint8{4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},
{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
{10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
{9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
{4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13},
},
// S-box 7
{
[16]uint8{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
[16]uint8{13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
[16]uint8{1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
[16]uint8{6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},
{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
{13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
{1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
{6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12},
},
// S-box 8
{
[16]uint8{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
[16]uint8{1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
[16]uint8{7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
[16]uint8{2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}
{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
{1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
{7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
{2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11},
},
}
// Size of left rotation per round in each half of the key schedule
var ksRotations = [16]uint8{1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment