59 lines
2.4 KiB
JavaScript
59 lines
2.4 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.skinnyEncrypt = exports.tweakeyEncode = void 0;
|
|
const constants_1 = require("./constants");
|
|
/**
|
|
* Create a tweakey based on the specified domain separation, nonce, key and current counter state.
|
|
* @param counter The counter.
|
|
* @param domainSeparation The domain separation.
|
|
* @param nonce The nonce.
|
|
* @param key The encryption key.
|
|
* @returns The tweakey.
|
|
*/
|
|
function tweakeyEncode(counter, domainSeparation, nonce, key) {
|
|
return counter.concat([domainSeparation ^ constants_1.MEMBER_MASK], Array(8).fill(0), nonce, key);
|
|
}
|
|
exports.tweakeyEncode = tweakeyEncode;
|
|
/**
|
|
* Perform a round of SKINNY-188/384+ encryption.
|
|
* @param plaintext The plaintext to encrypt.
|
|
* @param tweakey The tweakey to use for encryption.
|
|
* @returns The ciphertext.
|
|
*/
|
|
function skinnyEncrypt(plaintext, tweakey) {
|
|
const tk = Array(constants_1.NB_ROUNDS + 1).fill(Array(constants_1.TWEAK_LENGTH).fill(0));
|
|
tk[0] = [...Array(constants_1.TWEAK_LENGTH).keys()].map(i => tweakey[i]);
|
|
for (let i = 0; i < constants_1.NB_ROUNDS - 1; i++) {
|
|
tk[i + 1] = [...tk[i]];
|
|
for (let j = 0; j < constants_1.TWEAK_LENGTH; j++) {
|
|
tk[i + 1][j] = tk[i][j - j % 16 + constants_1.PT[j % 16]];
|
|
}
|
|
for (let j = 0; j < 8; j++) {
|
|
tk[i + 1][j + 16] = constants_1.LFSR_8_TK2[tk[i + 1][j + 16]];
|
|
tk[i + 1][j + 32] = constants_1.LFSR_8_TK3[tk[i + 1][j + 32]];
|
|
}
|
|
}
|
|
let s = [...Array(16).keys()].map(i => plaintext[i]);
|
|
for (let i = 0; i < constants_1.NB_ROUNDS; i++) {
|
|
for (let j = 0; j < 16; j++) {
|
|
s[j] = constants_1.S8[s[j]];
|
|
}
|
|
s[0] ^= (constants_1.C[i] & 0xf);
|
|
s[4] ^= (constants_1.C[i] >> 4) & 0xf;
|
|
s[8] ^= 0x2;
|
|
for (let j = 0; j < 8; j++) {
|
|
s[j] ^= tk[i][j] ^ tk[i][j + 16] ^ tk[i][j + 32];
|
|
}
|
|
s = [s[0], s[1], s[2], s[3], s[7], s[4], s[5], s[6], s[10], s[11], s[8], s[9], s[13], s[14], s[15], s[12]];
|
|
for (let j = 0; j < 4; j++) {
|
|
const tmp = [...s];
|
|
s[j] = tmp[j] ^ tmp[8 + j] ^ tmp[12 + j];
|
|
s[4 + j] = tmp[j];
|
|
s[8 + j] = tmp[4 + j] ^ tmp[8 + j];
|
|
s[12 + j] = tmp[0 + j] ^ tmp[8 + j];
|
|
}
|
|
}
|
|
return [...Array(16).keys()].map(i => s[i]);
|
|
}
|
|
exports.skinnyEncrypt = skinnyEncrypt;
|
|
//# sourceMappingURL=skinny-128-384-plus.js.map
|