On Tue, Dec 23, 2014 at 11:08:09PM +0530, supraja reddy wrote: > Hello , > > I have attached the patch to the basic implementation of camellia block > cipher. Please let me know if there are any bugs to be fixed or if any > further optimization needed.
[...]
> +static void LROT(uint64_t *K, int x)
> +{
> + uint64_t d[2];
> + if (x)
> + return;
> + d[0] = (K[0] << x | K[1] >> (64 - x));
> + d[1] = (K[1] << x | K[0] >> (64 - x));
> + K[0] = d[0];
> + K[1] = d[1];
this looks wrong
after the if(x) return, x would be always 0
> +}
> +
> +static void swap(uint64_t *k1, uint64_t *k2)
> +{
> + uint64_t temp;
> + temp = *k1;
> + *k1 = *k2;
> + *k2 = temp;
> +}
FFSWAP
[...]
> +static uint64_t F(uint64_t f_in, uint64_t K)
> +{
> + uint32_t Zl, Zr;
> + uint64_t x;
> + Zl = (f_in >> 32) ^ (K >> 32);
> + Zr = (f_in & MASK32) ^ (K & MASK32);
> + Zl = ((SBOX1[(Zl >> 24) & MASK8] << 24) | (SBOX2[(Zl >> 16) & MASK8] <<
> 16) |(SBOX3[(Zl >> 8) & MASK8] << 8) |(SBOX4[Zl & MASK8]));
> + Zr = ((SBOX2[(Zr >> 24) & MASK8] << 24) | (SBOX3[(Zr >> 16) & MASK8] <<
> 16) |(SBOX4[(Zr >> 8) & MASK8] << 8) |(SBOX1[Zr & MASK8]));
the << 24 are undefined behavior here, as the SBOX1/2 get automatically
extended to signed int before the shift
Its probably not a real issue but for correctness they should be cast
to unsigned or something else
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Avoid a single point of failure, be that a person or equipment.
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
