sam.hadow/tetra_crypto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cargo fmt

Browse Source
This commit is contained in:
Sam Hadow
2026-04-28 14:38:29 +02:00
parent db0d148ca1
commit c90c1f2f59
1 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/tea1_attack.rs
+17 -15
View File
@@ -32,9 +32,13 @@ const fn precompute_reorder_lut() -> [u8; 256] {
let mut b: usize = 0; let mut b: usize = 0;
while b < 256 { while b < 256 {
let v = b as u8; let v = b as u8;
table[b] = ((v << 6) & 0x40) | ((v << 1) & 0x20) | ((v << 2) & 0x08) table[b] = ((v << 6) & 0x40)
| ((v >> 3) & 0x14) | ((v >> 2) & 0x01) | ((v >> 5) & 0x02) | ((v << 1) & 0x20)
| ((v << 4) & 0x80); | ((v << 2) & 0x08)
| ((v >> 3) & 0x14)
| ((v >> 2) & 0x01)
| ((v >> 5) & 0x02)
| ((v << 4) & 0x80);
b += 1; b += 1;
} }
table table
@@ -46,7 +50,7 @@ static DERIV_A_LUT: [u8; 65536] = precompute_deriv_lut(&TEA1_LUT_A);
#[allow(long_running_const_eval)] #[allow(long_running_const_eval)]
static DERIV_B_LUT: [u8; 65536] = precompute_deriv_lut(&TEA1_LUT_B); static DERIV_B_LUT: [u8; 65536] = precompute_deriv_lut(&TEA1_LUT_B);
const REORDER_LUT: [u8; 256] = precompute_reorder_lut(); const REORDER_LUT: [u8; 256] = precompute_reorder_lut();
// 5 bytes: 54 + 19*4 = 149 rounds max // 5 bytes: 54 + 19*4 = 149 rounds max
const MAX_ROUNDS: usize = 149; const MAX_ROUNDS: usize = 149;
@@ -56,8 +60,8 @@ fn precompute_sbox_seq(mut key_reg: u32, n_rounds: usize) -> [u8; MAX_ROUNDS] {
let mut seq = [0u8; MAX_ROUNDS]; let mut seq = [0u8; MAX_ROUNDS];
for slot in seq.iter_mut().take(n_rounds) { for slot in seq.iter_mut().take(n_rounds) {
let idx = (((key_reg >> 24) ^ key_reg) & 0xFF) as usize; let idx = (((key_reg >> 24) ^ key_reg) & 0xFF) as usize;
let so = TEA1_SBOX[idx]; let so = TEA1_SBOX[idx];
*slot = so; *slot = so;
key_reg = (key_reg << 8) | (so as u32); key_reg = (key_reg << 8) | (so as u32);
} }
seq seq
@@ -66,19 +70,17 @@ fn precompute_sbox_seq(mut key_reg: u32, n_rounds: usize) -> [u8; MAX_ROUNDS] {
/// Returns true if the candidate key_reg produces the exact known keystream prefix /// Returns true if the candidate key_reg produces the exact known keystream prefix
/// Early aborts on the first mismatch /// Early aborts on the first mismatch
#[inline(always)] #[inline(always)]
pub fn keyreg_matches_prefix( pub fn keyreg_matches_prefix(frame_number: u32, key_reg: u32, known_prefix: &[u8]) -> bool {
frame_number: u32,
key_reg: u32,
known_prefix: &[u8],
) -> bool {
let n = known_prefix.len(); let n = known_prefix.len();
if n == 0 { return true; } if n == 0 {
return true;
}
let total_rounds = 54 + 19 * (n - 1); let total_rounds = 54 + 19 * (n - 1);
let sbox_seq = precompute_sbox_seq(key_reg, total_rounds); let sbox_seq = precompute_sbox_seq(key_reg, total_rounds);
let mut iv_reg = expand_iv(frame_number); let mut iv_reg = expand_iv(frame_number);
let mut round = 0; let mut round = 0;
for (bi, &target) in known_prefix.iter().enumerate() { for (bi, &target) in known_prefix.iter().enumerate() {
let steps = if bi == 0 { 54 } else { 19 }; let steps = if bi == 0 { 54 } else { 19 };
@@ -88,9 +90,9 @@ pub fn keyreg_matches_prefix(
round += 1; round += 1;
// Step 2: derive 3 bytes from current state // Step 2: derive 3 bytes from current state
let deriv_12 = DERIV_A_LUT[((iv_reg >> 8) & 0xFFFF) as usize]; let deriv_12 = DERIV_A_LUT[((iv_reg >> 8) & 0xFFFF) as usize];
let deriv_56 = DERIV_B_LUT[((iv_reg >> 40) & 0xFFFF) as usize]; let deriv_56 = DERIV_B_LUT[((iv_reg >> 40) & 0xFFFF) as usize];
let reord_4 = REORDER_LUT[((iv_reg >> 32) & 0xFF) as usize]; let reord_4 = REORDER_LUT[((iv_reg >> 32) & 0xFF) as usize];
// Step 3: combine // Step 3: combine
let new_byte = deriv_56 ^ (iv_reg >> 56) as u8 ^ reord_4 ^ sbox_out; let new_byte = deriv_56 ^ (iv_reg >> 56) as u8 ^ reord_4 ^ sbox_out;