PageRenderTime 55ms CodeModel.GetById 13ms app.highlight 34ms RepoModel.GetById 1ms app.codeStats 0ms

/security/nss/lib/freebl/seed.c

http://github.com/zpao/v8monkey
C | 678 lines | 582 code | 60 blank | 36 comment | 32 complexity | 21fccadab37b24f4a886175ff7b3a89a MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is the SEED code.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * KISA(Korea Information Security Agency).
 18 *
 19 * Portions created by the Initial Developer are Copyright (C) 2008
 20 * the Initial Developer.
 21 * Contributor(s):
 22 *
 23 * Alternatively, the contents of this file may be used under the terms of
 24 * either the GNU General Public License Version 2 or later (the "GPL"), or
 25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 26 * in which case the provisions of the GPL or the LGPL are applicable instead
 27 * of those above. If you wish to allow use of your version of this file only
 28 * under the terms of either the GPL or the LGPL, and not to allow others to
 29 * use your version of this file under the terms of the MPL, indicate your
 30 * decision by deleting the provisions above and replace them with the notice
 31 * and other provisions required by the GPL or the LGPL. If you do not delete
 32 * the provisions above, a recipient may use your version of this file under
 33 * the terms of any one of the MPL, the GPL or the LGPL.
 34 *
 35 * ***** END LICENSE BLOCK ***** */
 36
 37#ifdef FREEBL_NO_DEPEND
 38#include "stubs.h"
 39#endif
 40
 41#include <stdio.h>
 42#include <stdlib.h>
 43#include <string.h>
 44#include <stddef.h>
 45#ifdef WIN32
 46#include <memory.h>
 47#endif
 48
 49#include "seed.h"
 50#include "secerr.h"
 51
 52static const seed_word SS[4][256] = {	
 53    {
 54        0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 
 55        0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
 56        0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 
 57        0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
 58        0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 
 59        0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
 60        0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 
 61        0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
 62        0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 
 63        0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
 64        0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 
 65        0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
 66        0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 
 67        0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
 68        0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 
 69        0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
 70        0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 
 71        0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
 72        0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 
 73        0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
 74        0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 
 75        0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
 76        0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 
 77        0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
 78        0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 
 79        0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
 80        0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 
 81        0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
 82        0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 
 83        0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
 84        0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 
 85        0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
 86        0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 
 87        0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
 88        0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 
 89        0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
 90        0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 
 91        0x36063234, 0x15051114, 0x22022220, 0x38083038,
 92        0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 
 93        0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
 94        0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 
 95        0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
 96        0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 
 97        0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
 98        0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 
 99        0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
100        0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 
101        0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
102        0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 
103        0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
104        0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 
105        0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
106        0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 
107        0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
108        0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 
109        0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
110        0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 
111        0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
112        0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 
113        0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
114        0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 
115        0x22426260, 0x29092128, 0x07070304, 0x33033330,
116        0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 
117        0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
118    },    
119    {
120        0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 
121        0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
122        0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 
123        0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
124        0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 
125        0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
126        0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 
127        0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
128        0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 
129        0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
130        0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 
131        0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
132        0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 
133        0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
134        0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 
135        0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
136        0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 
137        0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
138        0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 
139        0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
140        0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 
141        0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
142        0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 
143        0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
144        0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 
145        0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
146        0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 
147        0x20220222, 0x04040400, 0x68284860, 0x70314171,
148        0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 
149        0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
150        0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 
151        0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
152        0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 
153        0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
154        0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 
155        0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
156        0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 
157        0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
158        0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 
159        0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
160        0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 
161        0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
162        0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 
163        0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
164        0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 
165        0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
166        0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 
167        0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
168        0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 
169        0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
170        0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 
171        0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
172        0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 
173        0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
174        0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 
175        0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
176        0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 
177        0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
178        0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 
179        0x30320232, 0x84048480, 0x68294961, 0x90138393,
180        0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 
181        0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
182        0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 
183        0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
184    },    
185    {
186        0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 
187        0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
188        0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 
189        0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
190        0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 
191        0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
192        0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 
193        0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
194        0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 
195        0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
196        0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 
197        0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
198        0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 
199        0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
200        0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 
201        0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
202        0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 
203        0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
204        0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 
205        0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
206        0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 
207        0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
208        0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 
209        0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
210        0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 
211        0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
212        0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 
213        0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
214        0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 
215        0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
216        0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 
217        0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
218        0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 
219        0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
220        0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 
221        0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
222        0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 
223        0x32343606, 0x11141505, 0x22202202, 0x30383808,
224        0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 
225        0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
226        0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 
227        0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
228        0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 
229        0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
230        0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 
231        0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
232        0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 
233        0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
234        0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 
235        0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
236        0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 
237        0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
238        0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 
239        0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
240        0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 
241        0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
242        0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 
243        0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
244        0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 
245        0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
246        0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 
247        0x62602242, 0x21282909, 0x03040707, 0x33303303,
248        0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 
249        0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
250    },    
251    {
252        0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 
253        0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
254        0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 
255        0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
256        0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 
257        0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
258        0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 
259        0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
260        0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 
261        0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
262        0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 
263        0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
264        0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 
265        0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
266        0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 
267        0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
268        0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 
269        0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
270        0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 
271        0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
272        0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 
273        0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
274        0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 
275        0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
276        0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 
277        0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
278        0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 
279        0x02222022, 0x04000404, 0x48606828, 0x41717031,
280        0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 
281        0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
282        0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 
283        0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
284        0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 
285        0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
286        0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 
287        0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
288        0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 
289        0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
290        0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 
291        0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
292        0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 
293        0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
294        0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 
295        0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
296        0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 
297        0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
298        0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 
299        0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
300        0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 
301        0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
302        0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 
303        0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
304        0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 
305        0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
306        0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 
307        0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
308        0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 
309        0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
310        0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 
311        0x02323032, 0x84808404, 0x49616829, 0x83939013,
312        0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 
313        0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
314        0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 
315        0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
316    }    
317};
318
319/* key schedule constants - golden ratio */
320#define KC0     0x9e3779b9
321#define KC1     0x3c6ef373
322#define KC2     0x78dde6e6
323#define KC3     0xf1bbcdcc
324#define KC4     0xe3779b99
325#define KC5     0xc6ef3733
326#define KC6     0x8dde6e67
327#define KC7     0x1bbcdccf
328#define KC8     0x3779b99e
329#define KC9     0x6ef3733c
330#define KC10    0xdde6e678
331#define KC11    0xbbcdccf1
332#define KC12    0x779b99e3
333#define KC13    0xef3733c6
334#define KC14    0xde6e678d
335#define KC15    0xbcdccf1b
336
337
338void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], 
339                  SEED_KEY_SCHEDULE *ks)
340{
341    seed_word K0, K1, K2, K3;
342    seed_word t0, t1;
343
344    char2word(rawkey   , K0);
345    char2word(rawkey+4 , K1);
346    char2word(rawkey+8 , K2);
347    char2word(rawkey+12, K3);
348
349    t0 = (K0 + K2 - KC0);
350    t1 = (K1 - K3 + KC0);                     
351    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
352    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC1);      
353    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
354    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC2);      
355    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
356    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC3);      
357    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
358    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC4);      
359    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
360    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC5);      
361    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
362    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC6);      
363    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
364    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC7);      
365    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
366    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC8);      
367    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
368    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC9);      
369    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
370    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC10);     
371    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
372    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC11);     
373    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
374    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC12);     
375    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
376    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC13);     
377    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
378    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC14);     
379    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
380    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC15);     
381    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
382}
383
384void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], 
385                  unsigned char d[SEED_BLOCK_SIZE], 
386                  const SEED_KEY_SCHEDULE *ks)
387{
388    seed_word L0, L1, R0, R1;
389    seed_word t0, t1;
390
391    char2word(s,    L0);
392    char2word(s+4,  L1);
393    char2word(s+8,  R0);
394    char2word(s+12, R1);
395    
396    E_SEED(t0, t1, L0, L1, R0, R1, 0);
397    E_SEED(t0, t1, R0, R1, L0, L1, 2);
398    E_SEED(t0, t1, L0, L1, R0, R1, 4);
399    E_SEED(t0, t1, R0, R1, L0, L1, 6);
400    E_SEED(t0, t1, L0, L1, R0, R1, 8);
401    E_SEED(t0, t1, R0, R1, L0, L1, 10);
402    E_SEED(t0, t1, L0, L1, R0, R1, 12);
403    E_SEED(t0, t1, R0, R1, L0, L1, 14);
404    E_SEED(t0, t1, L0, L1, R0, R1, 16);
405    E_SEED(t0, t1, R0, R1, L0, L1, 18);
406    E_SEED(t0, t1, L0, L1, R0, R1, 20);
407    E_SEED(t0, t1, R0, R1, L0, L1, 22);
408    E_SEED(t0, t1, L0, L1, R0, R1, 24);
409    E_SEED(t0, t1, R0, R1, L0, L1, 26);
410    E_SEED(t0, t1, L0, L1, R0, R1, 28);
411    E_SEED(t0, t1, R0, R1, L0, L1, 30);
412
413    word2char(R0, d);
414    word2char(R1, d+4);
415    word2char(L0, d+8);
416    word2char(L1, d+12);
417}
418
419void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], 
420                  unsigned char d[SEED_BLOCK_SIZE], 
421                  const SEED_KEY_SCHEDULE *ks)
422{
423    seed_word L0, L1, R0, R1;
424    seed_word t0, t1;
425
426    char2word(s,    L0);
427    char2word(s+4,  L1);
428    char2word(s+8,  R0);
429    char2word(s+12, R1);
430    
431    E_SEED(t0, t1, L0, L1, R0, R1, 30);
432    E_SEED(t0, t1, R0, R1, L0, L1, 28);
433    E_SEED(t0, t1, L0, L1, R0, R1, 26);
434    E_SEED(t0, t1, R0, R1, L0, L1, 24);
435    E_SEED(t0, t1, L0, L1, R0, R1, 22);
436    E_SEED(t0, t1, R0, R1, L0, L1, 20);
437    E_SEED(t0, t1, L0, L1, R0, R1, 18);
438    E_SEED(t0, t1, R0, R1, L0, L1, 16);
439    E_SEED(t0, t1, L0, L1, R0, R1, 14);
440    E_SEED(t0, t1, R0, R1, L0, L1, 12);
441    E_SEED(t0, t1, L0, L1, R0, R1, 10);
442    E_SEED(t0, t1, R0, R1, L0, L1, 8);
443    E_SEED(t0, t1, L0, L1, R0, R1, 6);
444    E_SEED(t0, t1, R0, R1, L0, L1, 4);
445    E_SEED(t0, t1, L0, L1, R0, R1, 2);
446    E_SEED(t0, t1, R0, R1, L0, L1, 0);
447
448    word2char(R0, d);
449    word2char(R1, d+4);
450    word2char(L0, d+8);
451    word2char(L1, d+12);
452}
453
454void SEED_ecb_encrypt(const unsigned char *in, 
455                      unsigned char *out, 
456                      const SEED_KEY_SCHEDULE *ks, int enc) 
457{
458    if (enc) {
459        SEED_encrypt(in, out, ks);
460    } else {
461        SEED_decrypt(in, out, ks);
462    }
463}
464
465
466void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
467                      size_t len, const SEED_KEY_SCHEDULE *ks,
468                      unsigned char ivec[SEED_BLOCK_SIZE], int enc)
469{
470    size_t n;
471    unsigned char tmp[SEED_BLOCK_SIZE];
472    const unsigned char *iv = ivec;
473
474    if (enc) {
475        while (len >= SEED_BLOCK_SIZE) {
476            for (n = 0; n < SEED_BLOCK_SIZE; ++n)
477                out[n] = in[n] ^ iv[n];
478
479            SEED_encrypt(out, out, ks);
480            iv = out;
481            len -= SEED_BLOCK_SIZE;
482            in  += SEED_BLOCK_SIZE;
483            out += SEED_BLOCK_SIZE;
484        }
485
486        if (len) {
487            for (n = 0; n < len; ++n)
488                out[n] = in[n] ^ iv[n];
489
490            for (n = len; n < SEED_BLOCK_SIZE; ++n)
491                out[n] = iv[n];
492
493            SEED_encrypt(out, out, ks);
494            iv = out;
495        }
496        
497        memcpy(ivec, iv, SEED_BLOCK_SIZE);
498    } else if (in != out) {
499        while (len >= SEED_BLOCK_SIZE) {
500            SEED_decrypt(in, out, ks);
501
502            for (n = 0; n < SEED_BLOCK_SIZE; ++n)
503                out[n] ^= iv[n];
504
505            iv = in;
506            len -= SEED_BLOCK_SIZE;
507            in  += SEED_BLOCK_SIZE;
508            out += SEED_BLOCK_SIZE;
509        }
510        
511        if (len) {
512            SEED_decrypt(in, tmp, ks);
513
514            for (n = 0; n < len; ++n)
515                out[n] = tmp[n] ^ iv[n];
516
517            iv = in;
518        }
519        
520        memcpy(ivec, iv, SEED_BLOCK_SIZE);
521    } else {
522        while (len >= SEED_BLOCK_SIZE) {
523            memcpy(tmp, in, SEED_BLOCK_SIZE);
524            SEED_decrypt(in, out, ks);
525
526            for (n = 0; n < SEED_BLOCK_SIZE; ++n)
527                out[n] ^= ivec[n];
528
529            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
530            len -= SEED_BLOCK_SIZE;
531            in  += SEED_BLOCK_SIZE;
532            out += SEED_BLOCK_SIZE;
533        }
534
535        if (len) {
536            memcpy(tmp, in, SEED_BLOCK_SIZE);
537            SEED_decrypt(tmp, tmp, ks);
538
539            for (n = 0; n < len; ++n)
540                out[n] = tmp[n] ^ ivec[n];
541
542            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
543        }
544    }
545}
546
547SEEDContext *
548SEED_AllocateContext(void)
549{
550    return PORT_ZNew(SEEDContext);
551}
552
553SECStatus   
554SEED_InitContext(SEEDContext *cx, const unsigned char *key, 
555                 unsigned int keylen, const unsigned char *iv, 
556                 int mode, unsigned int encrypt,unsigned int unused)
557{
558    if (!cx) {
559	PORT_SetError(SEC_ERROR_INVALID_ARGS);
560        return SECFailure;
561    }
562
563    switch (mode) {
564    case NSS_SEED:    
565        SEED_set_key(key, &cx->ks);
566        cx->mode = NSS_SEED;
567        cx->encrypt = encrypt;
568        break;
569
570    case NSS_SEED_CBC:
571        memcpy(cx->iv, iv, 16);
572        SEED_set_key(key, &cx->ks);
573        cx->mode = NSS_SEED_CBC;
574        cx->encrypt = encrypt;
575        break;
576
577    default:
578        PORT_SetError(SEC_ERROR_INVALID_ARGS);
579        return SECFailure;
580    }
581
582    return SECSuccess;
583}
584
585SEEDContext *
586SEED_CreateContext(const unsigned char * key, const unsigned char *iv,
587                   int mode, PRBool encrypt)
588{
589    SEEDContext *cx = PORT_ZNew(SEEDContext);
590    SECStatus rv   = SEED_InitContext(cx, key, SEED_KEY_LENGTH, iv, mode, 
591                                      encrypt, 0);
592
593    if (rv != SECSuccess) {
594        PORT_ZFree(cx, sizeof *cx);
595        cx = NULL;
596    }
597
598    return cx;
599}
600
601void
602SEED_DestroyContext(SEEDContext *cx, PRBool freeit)
603{
604    if (cx) {
605        memset(cx, 0, sizeof *cx);
606
607        if (freeit)
608            PORT_Free(cx);
609    }
610}
611
612SECStatus
613SEED_Encrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
614             unsigned int maxOutLen, const unsigned char *in, 
615             unsigned int inLen)
616{
617    if (!cx) {
618        PORT_SetError(SEC_ERROR_INVALID_ARGS);
619        return SECFailure;
620    }
621
622    if (!cx->encrypt) {
623        PORT_SetError(SEC_ERROR_INVALID_ARGS);
624        return SECFailure;
625    }
626
627    switch (cx->mode) {
628    case NSS_SEED:
629        SEED_ecb_encrypt(in, out, &cx->ks, 1);
630        *outLen = inLen;
631        break;
632
633    case NSS_SEED_CBC:
634        SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 1);
635        *outLen = inLen;
636        break;
637
638    default:
639        PORT_SetError(SEC_ERROR_INVALID_ARGS);
640        return SECFailure;
641    }
642
643    return SECSuccess;
644}
645
646SECStatus
647SEED_Decrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
648             unsigned int maxOutLen, const unsigned char *in, 
649             unsigned int inLen)
650{
651    if (!cx) {
652        PORT_SetError(SEC_ERROR_INVALID_ARGS);
653        return SECFailure;
654    }
655
656    if (cx->encrypt) {
657        PORT_SetError(SEC_ERROR_INVALID_ARGS);
658        return SECFailure;
659    }
660
661    switch (cx->mode) {
662    case NSS_SEED:
663        SEED_ecb_encrypt(in, out, &cx->ks, 0);
664        *outLen = inLen;
665        break;
666        
667    case NSS_SEED_CBC:
668        SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 0);
669        *outLen = inLen;
670        break;
671    
672    default:
673        PORT_SetError(SEC_ERROR_INVALID_ARGS);
674        return SECFailure;
675    }
676    
677    return SECSuccess;
678}