randombit/botan | Build 25457312714 | source/src/lib/block/serpent/serpent.cpp | Coveralls

23

void Serpent::encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const {

28,710✔

24

   using namespace Botan::Serpent_F;

28,710✔

26

   assert_key_material_set();

28,710✔

29

   if(CPUID::has(CPUID::Feature::AVX512)) {

22,416✔

40

   if(CPUID::has(CPUID::Feature::AVX2)) {

22,416✔

41

      while(blocks >= 8) {

18,469✔

42

         avx2_encrypt_8(in, out);

3,812✔

43

         in += 8 * BLOCK_SIZE;

3,812✔

44

         out += 8 * BLOCK_SIZE;

3,812✔

45

         blocks -= 8;

3,812✔

51

   if(CPUID::has(CPUID::Feature::SIMD_4X32)) {

44,832✔

52

      while(blocks >= 4) {

29,018✔

53

         simd_encrypt_4(in, out);

6,602✔

54

         in += 4 * BLOCK_SIZE;

6,602✔

55

         out += 4 * BLOCK_SIZE;

6,602✔

56

         blocks -= 4;

6,602✔

61

   const Key_Inserter key_xor(m_round_key.data());

22,416✔

63

   for(size_t i = 0; i < blocks; ++i) {

42,339✔

64

      uint32_t B0 = 0;

19,923✔

65

      uint32_t B1 = 0;

19,923✔

66

      uint32_t B2 = 0;

19,923✔

67

      uint32_t B3 = 0;

19,923✔

68

      load_le(in + 16 * i, B0, B1, B2, B3);

19,923✔

70

      key_xor(0, B0, B1, B2, B3);

19,923✔

71

      SBoxE0(B0, B1, B2, B3);

19,923✔

72

      transform(B0, B1, B2, B3);

19,923✔

73

      key_xor(1, B0, B1, B2, B3);

19,923✔

74

      SBoxE1(B0, B1, B2, B3);

19,923✔

75

      transform(B0, B1, B2, B3);

19,923✔

76

      key_xor(2, B0, B1, B2, B3);

19,923✔

77

      SBoxE2(B0, B1, B2, B3);

19,923✔

78

      transform(B0, B1, B2, B3);

19,923✔

79

      key_xor(3, B0, B1, B2, B3);

19,923✔

80

      SBoxE3(B0, B1, B2, B3);

19,923✔

81

      transform(B0, B1, B2, B3);

19,923✔

82

      key_xor(4, B0, B1, B2, B3);

19,923✔

83

      SBoxE4(B0, B1, B2, B3);

19,923✔

84

      transform(B0, B1, B2, B3);

19,923✔

85

      key_xor(5, B0, B1, B2, B3);

19,923✔

86

      SBoxE5(B0, B1, B2, B3);

19,923✔

87

      transform(B0, B1, B2, B3);

19,923✔

88

      key_xor(6, B0, B1, B2, B3);

19,923✔

89

      SBoxE6(B0, B1, B2, B3);

19,923✔

90

      transform(B0, B1, B2, B3);

19,923✔

91

      key_xor(7, B0, B1, B2, B3);

19,923✔

92

      SBoxE7(B0, B1, B2, B3);

19,923✔

93

      transform(B0, B1, B2, B3);

19,923✔

94

      key_xor(8, B0, B1, B2, B3);

19,923✔

95

      SBoxE0(B0, B1, B2, B3);

19,923✔

96

      transform(B0, B1, B2, B3);

19,923✔

97

      key_xor(9, B0, B1, B2, B3);

19,923✔

98

      SBoxE1(B0, B1, B2, B3);

19,923✔

99

      transform(B0, B1, B2, B3);

19,923✔

100

      key_xor(10, B0, B1, B2, B3);

19,923✔

101

      SBoxE2(B0, B1, B2, B3);

19,923✔

102

      transform(B0, B1, B2, B3);

19,923✔

103

      key_xor(11, B0, B1, B2, B3);

19,923✔

104

      SBoxE3(B0, B1, B2, B3);

19,923✔

105

      transform(B0, B1, B2, B3);

19,923✔

106

      key_xor(12, B0, B1, B2, B3);

19,923✔

107

      SBoxE4(B0, B1, B2, B3);

19,923✔

108

      transform(B0, B1, B2, B3);

19,923✔

109

      key_xor(13, B0, B1, B2, B3);

19,923✔

110

      SBoxE5(B0, B1, B2, B3);

19,923✔

111

      transform(B0, B1, B2, B3);

19,923✔

112

      key_xor(14, B0, B1, B2, B3);

19,923✔

113

      SBoxE6(B0, B1, B2, B3);

19,923✔

114

      transform(B0, B1, B2, B3);

19,923✔

115

      key_xor(15, B0, B1, B2, B3);

19,923✔

116

      SBoxE7(B0, B1, B2, B3);

19,923✔

117

      transform(B0, B1, B2, B3);

19,923✔

118

      key_xor(16, B0, B1, B2, B3);

19,923✔

119

      SBoxE0(B0, B1, B2, B3);

19,923✔

120

      transform(B0, B1, B2, B3);

19,923✔

121

      key_xor(17, B0, B1, B2, B3);

19,923✔

122

      SBoxE1(B0, B1, B2, B3);

19,923✔

123

      transform(B0, B1, B2, B3);

19,923✔

124

      key_xor(18, B0, B1, B2, B3);

19,923✔

125

      SBoxE2(B0, B1, B2, B3);

19,923✔

126

      transform(B0, B1, B2, B3);

19,923✔

127

      key_xor(19, B0, B1, B2, B3);

19,923✔

128

      SBoxE3(B0, B1, B2, B3);

19,923✔

129

      transform(B0, B1, B2, B3);

19,923✔

130

      key_xor(20, B0, B1, B2, B3);

19,923✔

131

      SBoxE4(B0, B1, B2, B3);

19,923✔

132

      transform(B0, B1, B2, B3);

19,923✔

133

      key_xor(21, B0, B1, B2, B3);

19,923✔

134

      SBoxE5(B0, B1, B2, B3);

19,923✔

135

      transform(B0, B1, B2, B3);

19,923✔

136

      key_xor(22, B0, B1, B2, B3);

19,923✔

137

      SBoxE6(B0, B1, B2, B3);

19,923✔

138

      transform(B0, B1, B2, B3);

19,923✔

139

      key_xor(23, B0, B1, B2, B3);

19,923✔

140

      SBoxE7(B0, B1, B2, B3);

19,923✔

141

      transform(B0, B1, B2, B3);

19,923✔

142

      key_xor(24, B0, B1, B2, B3);

19,923✔

143

      SBoxE0(B0, B1, B2, B3);

19,923✔

144

      transform(B0, B1, B2, B3);

19,923✔

145

      key_xor(25, B0, B1, B2, B3);

19,923✔

146

      SBoxE1(B0, B1, B2, B3);

19,923✔

147

      transform(B0, B1, B2, B3);

19,923✔

148

      key_xor(26, B0, B1, B2, B3);

19,923✔

149

      SBoxE2(B0, B1, B2, B3);

19,923✔

150

      transform(B0, B1, B2, B3);

19,923✔

151

      key_xor(27, B0, B1, B2, B3);

19,923✔

152

      SBoxE3(B0, B1, B2, B3);

19,923✔

153

      transform(B0, B1, B2, B3);

19,923✔

154

      key_xor(28, B0, B1, B2, B3);

19,923✔

155

      SBoxE4(B0, B1, B2, B3);

19,923✔

156

      transform(B0, B1, B2, B3);

19,923✔

157

      key_xor(29, B0, B1, B2, B3);

19,923✔

158

      SBoxE5(B0, B1, B2, B3);

19,923✔

159

      transform(B0, B1, B2, B3);

19,923✔

160

      key_xor(30, B0, B1, B2, B3);

19,923✔

161

      SBoxE6(B0, B1, B2, B3);

19,923✔

162

      transform(B0, B1, B2, B3);

19,923✔

163

      key_xor(31, B0, B1, B2, B3);

19,923✔

164

      SBoxE7(B0, B1, B2, B3);

19,923✔

165

      key_xor(32, B0, B1, B2, B3);

19,923✔

167

      store_le(out + 16 * i, B0, B1, B2, B3);

19,923✔

169

22,416✔

174

void Serpent::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const {

18,737✔

175

   using namespace Botan::Serpent_F;

18,737✔

177

   assert_key_material_set();

18,737✔

180

   if(CPUID::has(CPUID::Feature::AVX512)) {

12,455✔

191

   if(CPUID::has(CPUID::Feature::AVX2)) {

12,455✔

192

      while(blocks >= 8) {

8,969✔

193

         avx2_decrypt_8(in, out);

702✔

194

         in += 8 * BLOCK_SIZE;

702✔

195

         out += 8 * BLOCK_SIZE;

702✔

196

         blocks -= 8;

702✔

202

   if(CPUID::has(CPUID::Feature::SIMD_4X32)) {

12,455✔

203

      while(blocks >= 4) {

13,149✔

204

         simd_decrypt_4(in, out);

694✔

205

         in += 4 * BLOCK_SIZE;

694✔

206

         out += 4 * BLOCK_SIZE;

694✔

207

         blocks -= 4;

694✔

212

   const Key_Inserter key_xor(m_round_key.data());

12,455✔

214

   for(size_t i = 0; i < blocks; ++i) {

25,449✔

215

      uint32_t B0 = 0;

12,994✔

216

      uint32_t B1 = 0;

12,994✔

217

      uint32_t B2 = 0;

12,994✔

218

      uint32_t B3 = 0;

12,994✔

219

      load_le(in + 16 * i, B0, B1, B2, B3);

12,994✔

221

      key_xor(32, B0, B1, B2, B3);

12,994✔

222

      SBoxD7(B0, B1, B2, B3);

12,994✔

223

      key_xor(31, B0, B1, B2, B3);

12,994✔

224

      i_transform(B0, B1, B2, B3);

12,994✔

225

      SBoxD6(B0, B1, B2, B3);

12,994✔

226

      key_xor(30, B0, B1, B2, B3);

12,994✔

227

      i_transform(B0, B1, B2, B3);

12,994✔

228

      SBoxD5(B0, B1, B2, B3);

12,994✔

229

      key_xor(29, B0, B1, B2, B3);

12,994✔

230

      i_transform(B0, B1, B2, B3);

12,994✔

231

      SBoxD4(B0, B1, B2, B3);

12,994✔

232

      key_xor(28, B0, B1, B2, B3);

12,994✔

233

      i_transform(B0, B1, B2, B3);

12,994✔

234

      SBoxD3(B0, B1, B2, B3);

12,994✔

235

      key_xor(27, B0, B1, B2, B3);

12,994✔

236

      i_transform(B0, B1, B2, B3);

12,994✔

237

      SBoxD2(B0, B1, B2, B3);

12,994✔

238

      key_xor(26, B0, B1, B2, B3);

12,994✔

239

      i_transform(B0, B1, B2, B3);

12,994✔

240

      SBoxD1(B0, B1, B2, B3);

12,994✔

241

      key_xor(25, B0, B1, B2, B3);

12,994✔

242

      i_transform(B0, B1, B2, B3);

12,994✔

243

      SBoxD0(B0, B1, B2, B3);

12,994✔

244

      key_xor(24, B0, B1, B2, B3);

12,994✔

245

      i_transform(B0, B1, B2, B3);

12,994✔

246

      SBoxD7(B0, B1, B2, B3);

12,994✔

247

      key_xor(23, B0, B1, B2, B3);

12,994✔

248

      i_transform(B0, B1, B2, B3);

12,994✔

249

      SBoxD6(B0, B1, B2, B3);

12,994✔

250

      key_xor(22, B0, B1, B2, B3);

12,994✔

251

      i_transform(B0, B1, B2, B3);

12,994✔

252

      SBoxD5(B0, B1, B2, B3);

12,994✔

253

      key_xor(21, B0, B1, B2, B3);

12,994✔

254

      i_transform(B0, B1, B2, B3);

12,994✔

255

      SBoxD4(B0, B1, B2, B3);

12,994✔

256

      key_xor(20, B0, B1, B2, B3);

12,994✔

257

      i_transform(B0, B1, B2, B3);

12,994✔

258

      SBoxD3(B0, B1, B2, B3);

12,994✔

259

      key_xor(19, B0, B1, B2, B3);

12,994✔

260

      i_transform(B0, B1, B2, B3);

12,994✔

261

      SBoxD2(B0, B1, B2, B3);

12,994✔

262

      key_xor(18, B0, B1, B2, B3);

12,994✔

263

      i_transform(B0, B1, B2, B3);

12,994✔

264

      SBoxD1(B0, B1, B2, B3);

12,994✔

265

      key_xor(17, B0, B1, B2, B3);

12,994✔

266

      i_transform(B0, B1, B2, B3);

12,994✔

267

      SBoxD0(B0, B1, B2, B3);

12,994✔

268

      key_xor(16, B0, B1, B2, B3);

12,994✔

269

      i_transform(B0, B1, B2, B3);

12,994✔

270

      SBoxD7(B0, B1, B2, B3);

12,994✔

271

      key_xor(15, B0, B1, B2, B3);

12,994✔

272

      i_transform(B0, B1, B2, B3);

12,994✔

273

      SBoxD6(B0, B1, B2, B3);

12,994✔

274

      key_xor(14, B0, B1, B2, B3);

12,994✔

275

      i_transform(B0, B1, B2, B3);

12,994✔

276

      SBoxD5(B0, B1, B2, B3);

12,994✔

277

      key_xor(13, B0, B1, B2, B3);

12,994✔

278

      i_transform(B0, B1, B2, B3);

12,994✔

279

      SBoxD4(B0, B1, B2, B3);

12,994✔

280

      key_xor(12, B0, B1, B2, B3);

12,994✔

281

      i_transform(B0, B1, B2, B3);

12,994✔

282

      SBoxD3(B0, B1, B2, B3);

12,994✔

283

      key_xor(11, B0, B1, B2, B3);

12,994✔

284

      i_transform(B0, B1, B2, B3);

12,994✔

285

      SBoxD2(B0, B1, B2, B3);

12,994✔

286

      key_xor(10, B0, B1, B2, B3);

12,994✔

287

      i_transform(B0, B1, B2, B3);

12,994✔

288

      SBoxD1(B0, B1, B2, B3);

12,994✔

289

      key_xor(9, B0, B1, B2, B3);

12,994✔

290

      i_transform(B0, B1, B2, B3);

12,994✔

291

      SBoxD0(B0, B1, B2, B3);

12,994✔

292

      key_xor(8, B0, B1, B2, B3);

12,994✔

293

      i_transform(B0, B1, B2, B3);

12,994✔

294

      SBoxD7(B0, B1, B2, B3);

12,994✔

295

      key_xor(7, B0, B1, B2, B3);

12,994✔

296

      i_transform(B0, B1, B2, B3);

12,994✔

297

      SBoxD6(B0, B1, B2, B3);

12,994✔

298

      key_xor(6, B0, B1, B2, B3);

12,994✔

299

      i_transform(B0, B1, B2, B3);

12,994✔

300

      SBoxD5(B0, B1, B2, B3);

12,994✔

301

      key_xor(5, B0, B1, B2, B3);

12,994✔

302

      i_transform(B0, B1, B2, B3);

12,994✔

303

      SBoxD4(B0, B1, B2, B3);

12,994✔

304

      key_xor(4, B0, B1, B2, B3);

12,994✔

305

      i_transform(B0, B1, B2, B3);

12,994✔

306

      SBoxD3(B0, B1, B2, B3);

12,994✔

307

      key_xor(3, B0, B1, B2, B3);

12,994✔

308

      i_transform(B0, B1, B2, B3);

12,994✔

309

      SBoxD2(B0, B1, B2, B3);

12,994✔

310

      key_xor(2, B0, B1, B2, B3);

12,994✔

311

      i_transform(B0, B1, B2, B3);

12,994✔

312

      SBoxD1(B0, B1, B2, B3);

12,994✔

313

      key_xor(1, B0, B1, B2, B3);

12,994✔

314

      i_transform(B0, B1, B2, B3);

12,994✔

315

      SBoxD0(B0, B1, B2, B3);

12,994✔

316

      key_xor(0, B0, B1, B2, B3);

12,994✔

318

      store_le(out + 16 * i, B0, B1, B2, B3);

12,994✔

320

12,455✔

322

bool Serpent::has_keying_material() const {

69,374✔

323

   return !m_round_key.empty();

69,374✔

329

void Serpent::key_schedule(std::span<const uint8_t> key) {

12,590✔

330

   using namespace Botan::Serpent_F;

12,590✔

332

   const uint32_t PHI = 0x9E3779B9;

12,590✔

334

   secure_vector<uint32_t> W(140);

12,590✔

335

   for(size_t i = 0; i != key.size() / 4; ++i) {

108,152✔

336

      W[i] = load_le<uint32_t>(key.data(), i);

95,562✔

339

   W[key.size() / 4] |= uint32_t(1) << ((key.size() % 4) * 8);

12,590✔

341

   for(size_t i = 8; i != 140; ++i) {

1,674,470✔

342

      const uint32_t wi = W[i - 8] ^ W[i - 5] ^ W[i - 3] ^ W[i - 1] ^ PHI ^ uint32_t(i - 8);

1,661,880✔

343

      W[i] = rotl<11>(wi);

1,661,880✔

346

   SBoxE0(W[20], W[21], W[22], W[23]);

12,590✔

347

   SBoxE0(W[52], W[53], W[54], W[55]);

12,590✔

348

   SBoxE0(W[84], W[85], W[86], W[87]);

12,590✔

349

   SBoxE0(W[116], W[117], W[118], W[119]);

12,590✔

351

   SBoxE1(W[16], W[17], W[18], W[19]);

12,590✔

352

   SBoxE1(W[48], W[49], W[50], W[51]);

12,590✔

353

   SBoxE1(W[80], W[81], W[82], W[83]);

12,590✔

354

   SBoxE1(W[112], W[113], W[114], W[115]);

12,590✔

356

   SBoxE2(W[12], W[13], W[14], W[15]);

12,590✔

357

   SBoxE2(W[44], W[45], W[46], W[47]);

12,590✔

358

   SBoxE2(W[76], W[77], W[78], W[79]);

12,590✔

359

   SBoxE2(W[108], W[109], W[110], W[111]);

12,590✔

361

   SBoxE3(W[8], W[9], W[10], W[11]);

12,590✔

362

   SBoxE3(W[40], W[41], W[42], W[43]);

12,590✔

363

   SBoxE3(W[72], W[73], W[74], W[75]);

12,590✔

364

   SBoxE3(W[104], W[105], W[106], W[107]);

12,590✔

365

   SBoxE3(W[136], W[137], W[138], W[139]);

12,590✔

367

   SBoxE4(W[36], W[37], W[38], W[39]);

12,590✔

368

   SBoxE4(W[68], W[69], W[70], W[71]);

12,590✔

369

   SBoxE4(W[100], W[101], W[102], W[103]);

12,590✔

370

   SBoxE4(W[132], W[133], W[134], W[135]);

12,590✔

372

   SBoxE5(W[32], W[33], W[34], W[35]);

12,590✔

373

   SBoxE5(W[64], W[65], W[66], W[67]);

12,590✔

374

   SBoxE5(W[96], W[97], W[98], W[99]);

12,590✔

375

   SBoxE5(W[128], W[129], W[130], W[131]);

12,590✔

377

   SBoxE6(W[28], W[29], W[30], W[31]);

12,590✔

378

   SBoxE6(W[60], W[61], W[62], W[63]);

12,590✔

379

   SBoxE6(W[92], W[93], W[94], W[95]);

12,590✔

380

   SBoxE6(W[124], W[125], W[126], W[127]);

12,590✔

382

   SBoxE7(W[24], W[25], W[26], W[27]);

12,590✔

383

   SBoxE7(W[56], W[57], W[58], W[59]);

12,590✔

384

   SBoxE7(W[88], W[89], W[90], W[91]);

12,590✔

385

   SBoxE7(W[120], W[121], W[122], W[123]);

12,590✔

387

   m_round_key.assign(W.begin() + 8, W.end());

12,590✔

388

12,590✔

390

void Serpent::clear() {

7,612✔

391

   zap(m_round_key);

7,612✔

392

7,612✔

394

std::string Serpent::provider() const {

3,141✔

396

   if(auto feat = CPUID::check(CPUID::Feature::AVX512)) {

3,141✔

402

   if(auto feat = CPUID::check(CPUID::Feature::AVX2)) {

3,141✔

403

      return *feat;

2,094✔

404

1,047✔

408

   if(auto feat = CPUID::check(CPUID::Feature::SIMD_4X32)) {

2,094✔

409

      return *feat;

4,188✔

410

2,094✔

randombit / botan / 25457312714

Source File
Press 'n' to go to next uncovered line, 'b' for previous

1	/*
2	* Serpent
3	* (C) 1999-2007 Jack Lloyd
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include <botan/internal/serpent.h>
9
10	#include <botan/internal/loadstor.h>
11	#include <botan/internal/rotate.h>
12	#include <botan/internal/serpent_sbox.h>
13
14	#if defined(BOTAN_HAS_CPUID)
15	#include <botan/internal/cpuid.h>
16	#endif
17
18	namespace Botan {
19
20	/*
21	* Serpent Encryption
22	*/
23	void Serpent::encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const {	28,710✔
24	using namespace Botan::Serpent_F;	28,710✔
25
26	assert_key_material_set();	28,710✔
27
28	#if defined(BOTAN_HAS_SERPENT_AVX512)
29	if(CPUID::has(CPUID::Feature::AVX512)) {	22,416✔
30	while(blocks >= 16) {	×
31	avx512_encrypt_16(in, out);	×
32	in += 16 * BLOCK_SIZE;	×
33	out += 16 * BLOCK_SIZE;	×
34	blocks -= 16;	×
35	}
36	}
37	#endif
38
39	#if defined(BOTAN_HAS_SERPENT_AVX2)
40	if(CPUID::has(CPUID::Feature::AVX2)) {	22,416✔
41	while(blocks >= 8) {	18,469✔
42	avx2_encrypt_8(in, out);	3,812✔
43	in += 8 * BLOCK_SIZE;	3,812✔
44	out += 8 * BLOCK_SIZE;	3,812✔
45	blocks -= 8;	3,812✔
46	}
47	}
48	#endif
49
50	#if defined(BOTAN_HAS_SERPENT_SIMD)
51	if(CPUID::has(CPUID::Feature::SIMD_4X32)) {	44,832✔
52	while(blocks >= 4) {	29,018✔
53	simd_encrypt_4(in, out);	6,602✔
54	in += 4 * BLOCK_SIZE;	6,602✔
55	out += 4 * BLOCK_SIZE;	6,602✔
56	blocks -= 4;	6,602✔
57	}
58	}
59	#endif
60
61	const Key_Inserter key_xor(m_round_key.data());	22,416✔
62
63	for(size_t i = 0; i < blocks; ++i) {	42,339✔
64	uint32_t B0 = 0;	19,923✔
65	uint32_t B1 = 0;	19,923✔
66	uint32_t B2 = 0;	19,923✔
67	uint32_t B3 = 0;	19,923✔
68	load_le(in + 16 * i, B0, B1, B2, B3);	19,923✔
69
70	key_xor(0, B0, B1, B2, B3);	19,923✔
71	SBoxE0(B0, B1, B2, B3);	19,923✔
72	transform(B0, B1, B2, B3);	19,923✔
73	key_xor(1, B0, B1, B2, B3);	19,923✔
74	SBoxE1(B0, B1, B2, B3);	19,923✔
75	transform(B0, B1, B2, B3);	19,923✔
76	key_xor(2, B0, B1, B2, B3);	19,923✔
77	SBoxE2(B0, B1, B2, B3);	19,923✔
78	transform(B0, B1, B2, B3);	19,923✔
79	key_xor(3, B0, B1, B2, B3);	19,923✔
80	SBoxE3(B0, B1, B2, B3);	19,923✔
81	transform(B0, B1, B2, B3);	19,923✔
82	key_xor(4, B0, B1, B2, B3);	19,923✔
83	SBoxE4(B0, B1, B2, B3);	19,923✔
84	transform(B0, B1, B2, B3);	19,923✔
85	key_xor(5, B0, B1, B2, B3);	19,923✔
86	SBoxE5(B0, B1, B2, B3);	19,923✔
87	transform(B0, B1, B2, B3);	19,923✔
88	key_xor(6, B0, B1, B2, B3);	19,923✔
89	SBoxE6(B0, B1, B2, B3);	19,923✔
90	transform(B0, B1, B2, B3);	19,923✔
91	key_xor(7, B0, B1, B2, B3);	19,923✔
92	SBoxE7(B0, B1, B2, B3);	19,923✔
93	transform(B0, B1, B2, B3);	19,923✔
94	key_xor(8, B0, B1, B2, B3);	19,923✔
95	SBoxE0(B0, B1, B2, B3);	19,923✔
96	transform(B0, B1, B2, B3);	19,923✔
97	key_xor(9, B0, B1, B2, B3);	19,923✔
98	SBoxE1(B0, B1, B2, B3);	19,923✔
99	transform(B0, B1, B2, B3);	19,923✔
100	key_xor(10, B0, B1, B2, B3);	19,923✔
101	SBoxE2(B0, B1, B2, B3);	19,923✔
102	transform(B0, B1, B2, B3);	19,923✔
103	key_xor(11, B0, B1, B2, B3);	19,923✔
104	SBoxE3(B0, B1, B2, B3);	19,923✔
105	transform(B0, B1, B2, B3);	19,923✔
106	key_xor(12, B0, B1, B2, B3);	19,923✔
107	SBoxE4(B0, B1, B2, B3);	19,923✔
108	transform(B0, B1, B2, B3);	19,923✔
109	key_xor(13, B0, B1, B2, B3);	19,923✔
110	SBoxE5(B0, B1, B2, B3);	19,923✔
111	transform(B0, B1, B2, B3);	19,923✔
112	key_xor(14, B0, B1, B2, B3);	19,923✔
113	SBoxE6(B0, B1, B2, B3);	19,923✔
114	transform(B0, B1, B2, B3);	19,923✔
115	key_xor(15, B0, B1, B2, B3);	19,923✔
116	SBoxE7(B0, B1, B2, B3);	19,923✔
117	transform(B0, B1, B2, B3);	19,923✔
118	key_xor(16, B0, B1, B2, B3);	19,923✔
119	SBoxE0(B0, B1, B2, B3);	19,923✔
120	transform(B0, B1, B2, B3);	19,923✔
121	key_xor(17, B0, B1, B2, B3);	19,923✔
122	SBoxE1(B0, B1, B2, B3);	19,923✔
123	transform(B0, B1, B2, B3);	19,923✔
124	key_xor(18, B0, B1, B2, B3);	19,923✔
125	SBoxE2(B0, B1, B2, B3);	19,923✔
126	transform(B0, B1, B2, B3);	19,923✔
127	key_xor(19, B0, B1, B2, B3);	19,923✔
128	SBoxE3(B0, B1, B2, B3);	19,923✔
129	transform(B0, B1, B2, B3);	19,923✔
130	key_xor(20, B0, B1, B2, B3);	19,923✔
131	SBoxE4(B0, B1, B2, B3);	19,923✔
132	transform(B0, B1, B2, B3);	19,923✔
133	key_xor(21, B0, B1, B2, B3);	19,923✔
134	SBoxE5(B0, B1, B2, B3);	19,923✔
135	transform(B0, B1, B2, B3);	19,923✔
136	key_xor(22, B0, B1, B2, B3);	19,923✔
137	SBoxE6(B0, B1, B2, B3);	19,923✔
138	transform(B0, B1, B2, B3);	19,923✔
139	key_xor(23, B0, B1, B2, B3);	19,923✔
140	SBoxE7(B0, B1, B2, B3);	19,923✔
141	transform(B0, B1, B2, B3);	19,923✔
142	key_xor(24, B0, B1, B2, B3);	19,923✔
143	SBoxE0(B0, B1, B2, B3);	19,923✔
144	transform(B0, B1, B2, B3);	19,923✔
145	key_xor(25, B0, B1, B2, B3);	19,923✔
146	SBoxE1(B0, B1, B2, B3);	19,923✔
147	transform(B0, B1, B2, B3);	19,923✔
148	key_xor(26, B0, B1, B2, B3);	19,923✔
149	SBoxE2(B0, B1, B2, B3);	19,923✔
150	transform(B0, B1, B2, B3);	19,923✔
151	key_xor(27, B0, B1, B2, B3);	19,923✔
152	SBoxE3(B0, B1, B2, B3);	19,923✔
153	transform(B0, B1, B2, B3);	19,923✔
154	key_xor(28, B0, B1, B2, B3);	19,923✔
155	SBoxE4(B0, B1, B2, B3);	19,923✔
156	transform(B0, B1, B2, B3);	19,923✔
157	key_xor(29, B0, B1, B2, B3);	19,923✔
158	SBoxE5(B0, B1, B2, B3);	19,923✔
159	transform(B0, B1, B2, B3);	19,923✔
160	key_xor(30, B0, B1, B2, B3);	19,923✔
161	SBoxE6(B0, B1, B2, B3);	19,923✔
162	transform(B0, B1, B2, B3);	19,923✔
163	key_xor(31, B0, B1, B2, B3);	19,923✔
164	SBoxE7(B0, B1, B2, B3);	19,923✔
165	key_xor(32, B0, B1, B2, B3);	19,923✔
166
167	store_le(out + 16 * i, B0, B1, B2, B3);	19,923✔
168	}
169	}	22,416✔
170
171	/*
172	* Serpent Decryption
173	*/
174	void Serpent::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const {	18,737✔
175	using namespace Botan::Serpent_F;	18,737✔
176
177	assert_key_material_set();	18,737✔
178
179	#if defined(BOTAN_HAS_SERPENT_AVX512)
180	if(CPUID::has(CPUID::Feature::AVX512)) {	12,455✔
181	while(blocks >= 16) {	×
182	avx512_decrypt_16(in, out);	×
183	in += 16 * BLOCK_SIZE;	×
184	out += 16 * BLOCK_SIZE;	×
185	blocks -= 16;	×
186	}
187	}
188	#endif
189
190	#if defined(BOTAN_HAS_SERPENT_AVX2)
191	if(CPUID::has(CPUID::Feature::AVX2)) {	12,455✔
192	while(blocks >= 8) {	8,969✔
193	avx2_decrypt_8(in, out);	702✔
194	in += 8 * BLOCK_SIZE;	702✔
195	out += 8 * BLOCK_SIZE;	702✔
196	blocks -= 8;	702✔
197	}
198	}
199	#endif
200
201	#if defined(BOTAN_HAS_SERPENT_SIMD)
202	if(CPUID::has(CPUID::Feature::SIMD_4X32)) {	12,455✔
203	while(blocks >= 4) {	13,149✔
204	simd_decrypt_4(in, out);	694✔
205	in += 4 * BLOCK_SIZE;	694✔
206	out += 4 * BLOCK_SIZE;	694✔
207	blocks -= 4;	694✔
208	}
209	}
210	#endif
211
212	const Key_Inserter key_xor(m_round_key.data());	12,455✔
213
214	for(size_t i = 0; i < blocks; ++i) {	25,449✔
215	uint32_t B0 = 0;	12,994✔
216	uint32_t B1 = 0;	12,994✔
217	uint32_t B2 = 0;	12,994✔
218	uint32_t B3 = 0;	12,994✔
219	load_le(in + 16 * i, B0, B1, B2, B3);	12,994✔
220
221	key_xor(32, B0, B1, B2, B3);	12,994✔
222	SBoxD7(B0, B1, B2, B3);	12,994✔
223	key_xor(31, B0, B1, B2, B3);	12,994✔
224	i_transform(B0, B1, B2, B3);	12,994✔
225	SBoxD6(B0, B1, B2, B3);	12,994✔
226	key_xor(30, B0, B1, B2, B3);	12,994✔
227	i_transform(B0, B1, B2, B3);	12,994✔
228	SBoxD5(B0, B1, B2, B3);	12,994✔
229	key_xor(29, B0, B1, B2, B3);	12,994✔
230	i_transform(B0, B1, B2, B3);	12,994✔
231	SBoxD4(B0, B1, B2, B3);	12,994✔
232	key_xor(28, B0, B1, B2, B3);	12,994✔
233	i_transform(B0, B1, B2, B3);	12,994✔
234	SBoxD3(B0, B1, B2, B3);	12,994✔
235	key_xor(27, B0, B1, B2, B3);	12,994✔
236	i_transform(B0, B1, B2, B3);	12,994✔
237	SBoxD2(B0, B1, B2, B3);	12,994✔
238	key_xor(26, B0, B1, B2, B3);	12,994✔
239	i_transform(B0, B1, B2, B3);	12,994✔
240	SBoxD1(B0, B1, B2, B3);	12,994✔
241	key_xor(25, B0, B1, B2, B3);	12,994✔
242	i_transform(B0, B1, B2, B3);	12,994✔
243	SBoxD0(B0, B1, B2, B3);	12,994✔
244	key_xor(24, B0, B1, B2, B3);	12,994✔
245	i_transform(B0, B1, B2, B3);	12,994✔
246	SBoxD7(B0, B1, B2, B3);	12,994✔
247	key_xor(23, B0, B1, B2, B3);	12,994✔
248	i_transform(B0, B1, B2, B3);	12,994✔
249	SBoxD6(B0, B1, B2, B3);	12,994✔
250	key_xor(22, B0, B1, B2, B3);	12,994✔
251	i_transform(B0, B1, B2, B3);	12,994✔
252	SBoxD5(B0, B1, B2, B3);	12,994✔
253	key_xor(21, B0, B1, B2, B3);	12,994✔
254	i_transform(B0, B1, B2, B3);	12,994✔
255	SBoxD4(B0, B1, B2, B3);	12,994✔
256	key_xor(20, B0, B1, B2, B3);	12,994✔
257	i_transform(B0, B1, B2, B3);	12,994✔
258	SBoxD3(B0, B1, B2, B3);	12,994✔
259	key_xor(19, B0, B1, B2, B3);	12,994✔
260	i_transform(B0, B1, B2, B3);	12,994✔
261	SBoxD2(B0, B1, B2, B3);	12,994✔
262	key_xor(18, B0, B1, B2, B3);	12,994✔
263	i_transform(B0, B1, B2, B3);	12,994✔
264	SBoxD1(B0, B1, B2, B3);	12,994✔
265	key_xor(17, B0, B1, B2, B3);	12,994✔
266	i_transform(B0, B1, B2, B3);	12,994✔
267	SBoxD0(B0, B1, B2, B3);	12,994✔
268	key_xor(16, B0, B1, B2, B3);	12,994✔
269	i_transform(B0, B1, B2, B3);	12,994✔
270	SBoxD7(B0, B1, B2, B3);	12,994✔
271	key_xor(15, B0, B1, B2, B3);	12,994✔
272	i_transform(B0, B1, B2, B3);	12,994✔
273	SBoxD6(B0, B1, B2, B3);	12,994✔
274	key_xor(14, B0, B1, B2, B3);	12,994✔
275	i_transform(B0, B1, B2, B3);	12,994✔
276	SBoxD5(B0, B1, B2, B3);	12,994✔
277	key_xor(13, B0, B1, B2, B3);	12,994✔
278	i_transform(B0, B1, B2, B3);	12,994✔
279	SBoxD4(B0, B1, B2, B3);	12,994✔
280	key_xor(12, B0, B1, B2, B3);	12,994✔
281	i_transform(B0, B1, B2, B3);	12,994✔
282	SBoxD3(B0, B1, B2, B3);	12,994✔
283	key_xor(11, B0, B1, B2, B3);	12,994✔
284	i_transform(B0, B1, B2, B3);	12,994✔
285	SBoxD2(B0, B1, B2, B3);	12,994✔
286	key_xor(10, B0, B1, B2, B3);	12,994✔
287	i_transform(B0, B1, B2, B3);	12,994✔
288	SBoxD1(B0, B1, B2, B3);	12,994✔
289	key_xor(9, B0, B1, B2, B3);	12,994✔
290	i_transform(B0, B1, B2, B3);	12,994✔
291	SBoxD0(B0, B1, B2, B3);	12,994✔
292	key_xor(8, B0, B1, B2, B3);	12,994✔
293	i_transform(B0, B1, B2, B3);	12,994✔
294	SBoxD7(B0, B1, B2, B3);	12,994✔
295	key_xor(7, B0, B1, B2, B3);	12,994✔
296	i_transform(B0, B1, B2, B3);	12,994✔
297	SBoxD6(B0, B1, B2, B3);	12,994✔
298	key_xor(6, B0, B1, B2, B3);	12,994✔
299	i_transform(B0, B1, B2, B3);	12,994✔
300	SBoxD5(B0, B1, B2, B3);	12,994✔
301	key_xor(5, B0, B1, B2, B3);	12,994✔
302	i_transform(B0, B1, B2, B3);	12,994✔
303	SBoxD4(B0, B1, B2, B3);	12,994✔
304	key_xor(4, B0, B1, B2, B3);	12,994✔
305	i_transform(B0, B1, B2, B3);	12,994✔
306	SBoxD3(B0, B1, B2, B3);	12,994✔
307	key_xor(3, B0, B1, B2, B3);	12,994✔
308	i_transform(B0, B1, B2, B3);	12,994✔
309	SBoxD2(B0, B1, B2, B3);	12,994✔
310	key_xor(2, B0, B1, B2, B3);	12,994✔
311	i_transform(B0, B1, B2, B3);	12,994✔
312	SBoxD1(B0, B1, B2, B3);	12,994✔
313	key_xor(1, B0, B1, B2, B3);	12,994✔
314	i_transform(B0, B1, B2, B3);	12,994✔
315	SBoxD0(B0, B1, B2, B3);	12,994✔
316	key_xor(0, B0, B1, B2, B3);	12,994✔
317
318	store_le(out + 16 * i, B0, B1, B2, B3);	12,994✔
319	}
320	}	12,455✔
321
322	bool Serpent::has_keying_material() const {	69,374✔
323	return !m_round_key.empty();	69,374✔
324	}
325
326	/*
327	* Serpent Key Schedule
328	*/
329	void Serpent::key_schedule(std::span<const uint8_t> key) {	12,590✔
330	using namespace Botan::Serpent_F;	12,590✔
331
332	const uint32_t PHI = 0x9E3779B9;	12,590✔
333
334	secure_vector<uint32_t> W(140);	12,590✔
335	for(size_t i = 0; i != key.size() / 4; ++i) {	108,152✔
336	W[i] = load_le<uint32_t>(key.data(), i);	95,562✔
337	}
338
339	W[key.size() / 4] \|= uint32_t(1) << ((key.size() % 4) * 8);	12,590✔
340
341	for(size_t i = 8; i != 140; ++i) {	1,674,470✔
342	const uint32_t wi = W[i - 8] ^ W[i - 5] ^ W[i - 3] ^ W[i - 1] ^ PHI ^ uint32_t(i - 8);	1,661,880✔
343	W[i] = rotl<11>(wi);	1,661,880✔
344	}
345
346	SBoxE0(W[20], W[21], W[22], W[23]);	12,590✔
347	SBoxE0(W[52], W[53], W[54], W[55]);	12,590✔
348	SBoxE0(W[84], W[85], W[86], W[87]);	12,590✔
349	SBoxE0(W[116], W[117], W[118], W[119]);	12,590✔
350
351	SBoxE1(W[16], W[17], W[18], W[19]);	12,590✔
352	SBoxE1(W[48], W[49], W[50], W[51]);	12,590✔
353	SBoxE1(W[80], W[81], W[82], W[83]);	12,590✔
354	SBoxE1(W[112], W[113], W[114], W[115]);	12,590✔
355
356	SBoxE2(W[12], W[13], W[14], W[15]);	12,590✔
357	SBoxE2(W[44], W[45], W[46], W[47]);	12,590✔
358	SBoxE2(W[76], W[77], W[78], W[79]);	12,590✔
359	SBoxE2(W[108], W[109], W[110], W[111]);	12,590✔
360
361	SBoxE3(W[8], W[9], W[10], W[11]);	12,590✔
362	SBoxE3(W[40], W[41], W[42], W[43]);	12,590✔
363	SBoxE3(W[72], W[73], W[74], W[75]);	12,590✔
364	SBoxE3(W[104], W[105], W[106], W[107]);	12,590✔
365	SBoxE3(W[136], W[137], W[138], W[139]);	12,590✔
366
367	SBoxE4(W[36], W[37], W[38], W[39]);	12,590✔
368	SBoxE4(W[68], W[69], W[70], W[71]);	12,590✔
369	SBoxE4(W[100], W[101], W[102], W[103]);	12,590✔
370	SBoxE4(W[132], W[133], W[134], W[135]);	12,590✔
371
372	SBoxE5(W[32], W[33], W[34], W[35]);	12,590✔
373	SBoxE5(W[64], W[65], W[66], W[67]);	12,590✔
374	SBoxE5(W[96], W[97], W[98], W[99]);	12,590✔
375	SBoxE5(W[128], W[129], W[130], W[131]);	12,590✔
376
377	SBoxE6(W[28], W[29], W[30], W[31]);	12,590✔
378	SBoxE6(W[60], W[61], W[62], W[63]);	12,590✔
379	SBoxE6(W[92], W[93], W[94], W[95]);	12,590✔
380	SBoxE6(W[124], W[125], W[126], W[127]);	12,590✔
381
382	SBoxE7(W[24], W[25], W[26], W[27]);	12,590✔
383	SBoxE7(W[56], W[57], W[58], W[59]);	12,590✔
384	SBoxE7(W[88], W[89], W[90], W[91]);	12,590✔
385	SBoxE7(W[120], W[121], W[122], W[123]);	12,590✔
386
387	m_round_key.assign(W.begin() + 8, W.end());	12,590✔
388	}	12,590✔
389
390	void Serpent::clear() {	7,612✔
391	zap(m_round_key);	7,612✔
392	}	7,612✔
393
394	std::string Serpent::provider() const {	3,141✔
395	#if defined(BOTAN_HAS_SERPENT_AVX512)
396	if(auto feat = CPUID::check(CPUID::Feature::AVX512)) {	3,141✔
397	return *feat;	×
398	}	×
399	#endif
400
401	#if defined(BOTAN_HAS_SERPENT_AVX2)
402	if(auto feat = CPUID::check(CPUID::Feature::AVX2)) {	3,141✔
403	return *feat;	2,094✔
404	}	1,047✔
405	#endif
406
407	#if defined(BOTAN_HAS_SERPENT_SIMD)
408	if(auto feat = CPUID::check(CPUID::Feature::SIMD_4X32)) {	2,094✔
409	return *feat;	4,188✔
410	}	2,094✔
411	#endif
412
413	return "base";	×
414	}
415
416	} // namespace Botan

randombit / botan / 25457312714

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous