/* * cook_key_expand.c * Using key space of 144 bits cook_key_expand will expand to 256 bits * if non printable caracters are sent to cook_key_expand() please ommit zeroes for more security * rduarte@ciencias.unam.mx */ #include "newlocaldefs.h" void cook_key_expand (hsl_ctx *c,unsigned char *key) { #ifdef DEBUG int i; if(key == 0x0) { fprintf(stderr,"WARNING: Received is a null pointer\n"); exit(-1); } #endif #ifdef DEBUG printf("Given bytes\n"); for(i = 0 ; i < 18;i++) printf("0x%02x ",key[i]); #endif /* * Expanding key to 144 bits , expanding nbytes | n = 144bits/(keylenbytes*8bits) * and eliminating concurrences and equal bytes */ padding((unsigned short *)key); #ifdef DEBUG printf("\n"); printf("Padded bytes\n"); for(i = 0 ; i < 18;i++) printf("0x%02x ",key[i]); printf("\n"); #endif /* expanding 144 bits to 256 bits */ c->s = ((((key[0] + ~key[15])*0xff) << 22) + ((key[2] << 10) ^ (key[17] * key[4] * key[5]))) + ((key[12] * key[7])<< 12); c->t = ((((key[2] + key[13])*0xff) << 26) + ((~key[4] << 16) ^ (~key[13] * key[6] * key[7]))) + ((key[16] * key[1])<< 8); c->u = ((((key[4] + key[11])*0xff) << 20) + ((key[6] << 12) ^ (~key[15] * key[0] * key[1]))) + ((key[10] * key[3])<< 12); c->v = ((((key[6] + key[9])*0xff) << 24) + ((~key[8] << 8) ^ (key[11] * key[2] * key[11]))) + ((key[2] * key[11])<< 12); c->w = ((((~key[10] + key[7])*0xff) << 16) + ((~key[10] << 16) ^ (~key[9] * key[8] * key[9]))) + ((key[14] * key[3])<< 8); c->x = ((((~key[8] + key[5])*0xff) << 20) + ((key[12] << 12) ^ (~key[7] * ~key[12] * key[2]))) + ((key[2] * key[9])<< 4); c->y = ((((~key[12] + key[3])*0xff) << 24) + ((key[16] << 8) ^ (key[5] * key[10] * key[15]))) + ((key[0] * key[15])<< 8); c->z = ((((~key[14] + key[1])*0xff) << 16) + ((key[14] << 16) ^ (key[3] * ~key[14] * key[13]))) + ((key[6] * key[13])<< 12); /* xored parallel assignment */ c->s ^= c->z; c->t ^= c->y; c->u ^= c->x; c->v ^= c->w; /* reverse assignment */ c->z ^= c->s; c->y ^= c->t; c->x ^= c->u; c->w ^= c->v; /* Getting extra 16 bits for future usage */ c->halfin8[0] = ((((key[0]+key[1])^key[2])+((key[3]+key[4]+key[5])^(key[6]+key[7]))))%0xff; c->halfin8[1] = ((((key[8]+key[9])^key[10])+((key[11]+key[12]+key[13])^((key[14]^key[15])*(key[16]+key[17])))))%0xff; /* Adding bits using rotations if sequence of key is weak */ c->s += ((c->halfin8[0]^c->halfin8[1])&0xff); c->t += ((c->halfin8[1]^c->halfin8[0]*2)&0xff); c->u += ((c->halfin8[0]+c->halfin8[1])&0xff); c->v += ((c->halfin8[1]+(c->halfin8[0]+c->halfin8[1]))&0xff); c->w += ((c->halfin8[0]^(c->halfin8[1]+c->halfin8[0]))&0xff); c->x += ((c->halfin8[1]^(c->halfin8[1]^c->halfin8[0]))&0xff); c->y += ((c->halfin8[0]&c->halfin8[1])&0xff); c->z += ~((c->halfin8[1]^c->halfin8[0])&0xff); } /* * Using logical OR to evade zeroes * evaluating the next value of key vector with the sum of current value and next value mod 9 (mod because key[9] * does not exists) * OR j+i that are the cicles (using sum to evade ceros in case of j|i = 0 multiplicated by 255 * all mod 0xffff , to evade a overflow and just allocate in 16 bit space * eduardo.ruiz@hypersec.co.uk */ void padding(unsigned short *key) { unsigned int i,j=9; for(i = 0 ; i < 9 ; i++ ) { key[(i+1)%9] |= ((key[i]+(key[(i+1)%9]+(j+i)))*0xff)%0xffff; j--; } }