kuznyechik 0.9.0

Kuznyechik (GOST R 34.12-2015) block cipher
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

use crate::{
    Block, Key,
    consts::{P, P_INV},
    utils::{KEYGEN, l_step},
};
use cipher::{
    BlockCipherDecBackend, BlockCipherEncBackend, BlockSizeUser, InOut, ParBlocksSizeUser, consts,
};

pub(super) type RoundKeys = [Block; 10];

#[inline(always)]
fn x(a: &mut Block, b: &Block) {
    for i in 0..16 {
        a[i] ^= b[i];
    }
}

#[inline(always)]
fn lsx(block: &mut Block, key: &Block) {
    x(block, key);
    // s
    for i in 0..16 {
        block[i] = P[block[i] as usize];
    }
    // l
    for i in 0..16 {
        block.0 = l_step(block.0, i);
    }
}

#[inline(always)]
fn lsx_inv(block: &mut Block, key: &Block) {
    x(block, key);
    // l_inv
    for i in 0..16 {
        block.0 = l_step(block.0, 15 - i);
    }
    // s_inv
    for i in 0..16 {
        block[15 - i] = P_INV[block[15 - i] as usize];
    }
}

fn get_c(n: usize) -> Block {
    KEYGEN[n].0.into()
}

fn f(k1: &mut Block, k2: &mut Block, n: usize) {
    for i in 0..4 {
        let mut k1_cpy = *k1;
        lsx(&mut k1_cpy, &get_c(8 * n + 2 * i));
        x(k2, &k1_cpy);

        let mut k2_cpy = *k2;
        lsx(&mut k2_cpy, &get_c(8 * n + 2 * i + 1));
        x(k1, &k2_cpy);
    }
}

pub(super) fn expand(key: &Key) -> RoundKeys {
    let mut keys = RoundKeys::default();

    let mut k1 = Block::default();
    let mut k2 = Block::default();

    k1.copy_from_slice(&key[..16]);
    k2.copy_from_slice(&key[16..]);

    keys[0] = k1;
    keys[1] = k2;

    for i in 1..5 {
        f(&mut k1, &mut k2, i - 1);
        keys[2 * i] = k1;
        keys[2 * i + 1] = k2;
    }
    keys
}

pub(crate) struct EncBackend<'a>(pub(crate) &'a RoundKeys);

impl BlockSizeUser for EncBackend<'_> {
    type BlockSize = consts::U16;
}

impl ParBlocksSizeUser for EncBackend<'_> {
    type ParBlocksSize = consts::U1;
}

impl BlockCipherEncBackend for EncBackend<'_> {
    #[inline]
    fn encrypt_block(&self, mut block: InOut<'_, '_, Block>) {
        let mut b = *block.get_in();
        for i in 0..9 {
            lsx(&mut b, &self.0[i]);
        }
        x(&mut b, &self.0[9]);
        *block.get_out() = b;
    }
}

pub(crate) struct DecBackend<'a>(pub(crate) &'a RoundKeys);

impl BlockSizeUser for DecBackend<'_> {
    type BlockSize = consts::U16;
}

impl ParBlocksSizeUser for DecBackend<'_> {
    type ParBlocksSize = consts::U1;
}

impl BlockCipherDecBackend for DecBackend<'_> {
    #[inline]
    fn decrypt_block(&self, mut block: InOut<'_, '_, Block>) {
        let mut b = *block.get_in();
        for i in 0..9 {
            lsx_inv(&mut b, &self.0[9 - i]);
        }
        x(&mut b, &self.0[0]);
        *block.get_out() = b;
    }
}