wartheking
/
WaterFlush


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399
							#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
#pragma warning disable
using System;

using Best.HTTP.SecureProtocol.Org.BouncyCastle.Crypto.Parameters;
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Crypto.Utilities;
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Utilities;

namespace Best.HTTP.SecureProtocol.Org.BouncyCastle.Crypto.Engines
{
    /**
    * An RC6 engine.
    */
    public class RC6Engine
		: IBlockCipher
    {
        /*
        * the number of rounds to perform
        */
        private static readonly int _noRounds = 20;

        /*
        * the expanded key array of size 2*(rounds + 1)
        */
        private int [] _S;

        /*
        * our "magic constants" for wordSize 32
        *
        * Pw = Odd((e-2) * 2^wordsize)
        * Qw = Odd((o-2) * 2^wordsize)
        *
        * where e is the base of natural logarithms (2.718281828...)
        * and o is the golden ratio (1.61803398...)
        */
        private static readonly int    P32 = unchecked((int) 0xb7e15163);
        private static readonly int    Q32 = unchecked((int) 0x9e3779b9);

        private static readonly int    LGW = 5;        // log2(32)

        private bool forEncryption;

        /**
        * Create an instance of the RC6 encryption algorithm
        * and set some defaults
        */
        public RC6Engine()
        {
        }

        public virtual string AlgorithmName
        {
            get { return "RC6"; }
        }

        public virtual int GetBlockSize()
        {
            return 16;
        }

        /**
        * initialise a RC5-32 cipher.
        *
        * @param forEncryption whether or not we are for encryption.
        * @param parameters the parameters required to set up the cipher.
        * @exception ArgumentException if the parameters argument is
        * inappropriate.
        */
        public virtual void Init(bool forEncryption, ICipherParameters parameters)
        {
            if (!(parameters is KeyParameter keyParameter))
                throw new ArgumentException("invalid parameter passed to RC6 init - " + Org.BouncyCastle.Utilities.Platform.GetTypeName(parameters));

            this.forEncryption = forEncryption;

			SetKey(keyParameter.GetKey());
        }

        public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff)
        {
			if (_S == null)
				throw new InvalidOperationException("RC6 engine not initialised");

            int blockSize = GetBlockSize();
            Check.DataLength(input, inOff, blockSize, "input buffer too short");
            Check.OutputLength(output, outOff, blockSize, "output buffer too short");

#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER || UNITY_2021_2_OR_NEWER
            return forEncryption
                ? EncryptBlock(input.AsSpan(inOff), output.AsSpan(outOff))
                : DecryptBlock(input.AsSpan(inOff), output.AsSpan(outOff));
#else
            return forEncryption
				? EncryptBlock(input, inOff, output, outOff)
				: DecryptBlock(input, inOff, output, outOff);
#endif
        }

#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER || UNITY_2021_2_OR_NEWER
        public virtual int ProcessBlock(ReadOnlySpan<byte> input, Span<byte> output)
        {
            if (_S == null)
                throw new InvalidOperationException("RC6 engine not initialised");

            int blockSize = GetBlockSize();
            Check.DataLength(input, blockSize, "input buffer too short");
            Check.OutputLength(output, blockSize, "output buffer too short");

            return forEncryption
                ? EncryptBlock(input, output)
                : DecryptBlock(input, output);
        }
#endif

        /**
        * Re-key the cipher.
        *
        * @param inKey the key to be used
        */
        private void SetKey(
            byte[] key)
        {
            //
            // KEY EXPANSION:
            //
            // There are 3 phases to the key expansion.
            //
            // Phase 1:
            //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
            //   c = ceil(b/u), where u = wordSize/8 in little-endian order.
            //   In other words, we fill up L using u consecutive key bytes
            //   of K. Any unfilled byte positions in L are zeroed. In the
            //   case that b = c = 0, set c = 1 and L[0] = 0.
            //
            // compute number of dwords
            int c = (key.Length + 3) / 4;
            if (c == 0)
            {
                c = 1;
            }
            int[]   L = new int[(key.Length + 3) / 4];

            // load all key bytes into array of key dwords
            for (int i = key.Length - 1; i >= 0; i--)
            {
                L[i / 4] = (L[i / 4] << 8) + (key[i] & 0xff);
            }

            //
            // Phase 2:
            //   Key schedule is placed in a array of 2+2*ROUNDS+2 = 44 dwords.
            //   Initialize S to a particular fixed pseudo-random bit pattern
            //   using an arithmetic progression modulo 2^wordsize determined
            //   by the magic numbers, Pw & Qw.
            //
            _S            = new int[2+2*_noRounds+2];

            _S[0] = P32;
            for (int i=1; i < _S.Length; i++)
            {
                _S[i] = (_S[i-1] + Q32);
            }

            //
            // Phase 3:
            //   Mix in the user's secret key in 3 passes over the arrays S & L.
            //   The max of the arrays sizes is used as the loop control
            //
            int iter;

            if (L.Length > _S.Length)
            {
                iter = 3 * L.Length;
            }
            else
            {
                iter = 3 * _S.Length;
            }

            int A = 0;
            int B = 0;
            int ii = 0, jj = 0;

            for (int k = 0; k < iter; k++)
            {
                A = _S[ii] = Integers.RotateLeft(_S[ii] + A + B, 3);
                B =  L[jj] = Integers.RotateLeft( L[jj] + A + B, A + B);
                ii = (ii+1) % _S.Length;
                jj = (jj+1) %  L.Length;
            }
        }

#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER || UNITY_2021_2_OR_NEWER
        private int EncryptBlock(ReadOnlySpan<byte> input, Span<byte> output)
        {
            // load A,B,C and D registers from in.
            int A = (int)Pack.LE_To_UInt32(input);
            int B = (int)Pack.LE_To_UInt32(input[4..]);
            int C = (int)Pack.LE_To_UInt32(input[8..]);
            int D = (int)Pack.LE_To_UInt32(input[12..]);

            // Do pseudo-round #0: pre-whitening of B and D
            B += _S[0];
            D += _S[1];

            // perform round #1,#2 ... #ROUNDS of encryption
            for (int i = 1; i <= _noRounds; i++)
            {
                int t = 0, u = 0;

                t = B * (2 * B + 1);
                t = Integers.RotateLeft(t, 5);

                u = D * (2 * D + 1);
                u = Integers.RotateLeft(u, 5);

                A ^= t;
                A = Integers.RotateLeft(A, u);
                A += _S[2 * i];

                C ^= u;
                C = Integers.RotateLeft(C, t);
                C += _S[2 * i + 1];

                int temp = A;
                A = B;
                B = C;
                C = D;
                D = temp;
            }

            // do pseudo-round #(ROUNDS+1) : post-whitening of A and C
            A += _S[2 * _noRounds + 2];
            C += _S[2 * _noRounds + 3];

            // store A, B, C and D registers to out
            Pack.UInt32_To_LE((uint)A, output);
            Pack.UInt32_To_LE((uint)B, output[4..]);
            Pack.UInt32_To_LE((uint)C, output[8..]);
            Pack.UInt32_To_LE((uint)D, output[12..]);

            return 16;
        }

        private int DecryptBlock(ReadOnlySpan<byte> input, Span<byte> output)
        {
            // load A,B,C and D registers from out.
            int A = (int)Pack.LE_To_UInt32(input);
            int B = (int)Pack.LE_To_UInt32(input[4..]);
            int C = (int)Pack.LE_To_UInt32(input[8..]);
            int D = (int)Pack.LE_To_UInt32(input[12..]);

            // Undo pseudo-round #(ROUNDS+1) : post whitening of A and C
            C -= _S[2 * _noRounds + 3];
            A -= _S[2 * _noRounds + 2];

            // Undo round #ROUNDS, .., #2,#1 of encryption
            for (int i = _noRounds; i >= 1; i--)
            {
                int t = 0, u = 0;

                int temp = D;
                D = C;
                C = B;
                B = A;
                A = temp;

                t = B * (2 * B + 1);
                t = Integers.RotateLeft(t, LGW);

                u = D * (2 * D + 1);
                u = Integers.RotateLeft(u, LGW);

                C -= _S[2 * i + 1];
                C = Integers.RotateRight(C, t);
                C ^= u;

                A -= _S[2 * i];
                A = Integers.RotateRight(A, u);
                A ^= t;
            }

            // Undo pseudo-round #0: pre-whitening of B and D
            D -= _S[1];
            B -= _S[0];

            Pack.UInt32_To_LE((uint)A, output);
            Pack.UInt32_To_LE((uint)B, output[4..]);
            Pack.UInt32_To_LE((uint)C, output[8..]);
            Pack.UInt32_To_LE((uint)D, output[12..]);

            return 16;
        }
#else
        private int EncryptBlock(byte[] input, int inOff, byte[] outBytes, int outOff)
        {
            // load A,B,C and D registers from in.
            int A = (int)Pack.LE_To_UInt32(input, inOff);
            int B = (int)Pack.LE_To_UInt32(input, inOff + 4);
            int C = (int)Pack.LE_To_UInt32(input, inOff + 8);
            int D = (int)Pack.LE_To_UInt32(input, inOff + 12);

            // Do pseudo-round #0: pre-whitening of B and D
            B += _S[0];
            D += _S[1];

            // perform round #1,#2 ... #ROUNDS of encryption
            for (int i = 1; i <= _noRounds; i++)
            {
                int t = 0,u = 0;

                t = B*(2*B+1);
                t = Integers.RotateLeft(t,5);

                u = D*(2*D+1);
                u = Integers.RotateLeft(u,5);

                A ^= t;
                A = Integers.RotateLeft(A,u);
                A += _S[2*i];

                C ^= u;
                C = Integers.RotateLeft(C,t);
                C += _S[2*i+1];

                int temp = A;
                A = B;
                B = C;
                C = D;
                D = temp;
            }

            // do pseudo-round #(ROUNDS+1) : post-whitening of A and C
            A += _S[2*_noRounds+2];
            C += _S[2*_noRounds+3];

            // store A, B, C and D registers to out
            Pack.UInt32_To_LE((uint)A, outBytes, outOff);
            Pack.UInt32_To_LE((uint)B, outBytes, outOff + 4);
            Pack.UInt32_To_LE((uint)C, outBytes, outOff + 8);
            Pack.UInt32_To_LE((uint)D, outBytes, outOff + 12);

            return 16;
        }

        private int DecryptBlock(byte[] input, int inOff, byte[] outBytes, int outOff)
        {
            // load A,B,C and D registers from out.
            int A = (int)Pack.LE_To_UInt32(input, inOff);
            int B = (int)Pack.LE_To_UInt32(input, inOff + 4);
            int C = (int)Pack.LE_To_UInt32(input, inOff + 8);
            int D = (int)Pack.LE_To_UInt32(input, inOff + 12);

            // Undo pseudo-round #(ROUNDS+1) : post whitening of A and C
            C -= _S[2*_noRounds+3];
            A -= _S[2*_noRounds+2];

            // Undo round #ROUNDS, .., #2,#1 of encryption
            for (int i = _noRounds; i >= 1; i--)
            {
                int t=0,u = 0;

                int temp = D;
                D = C;
                C = B;
                B = A;
                A = temp;

                t = B*(2*B+1);
                t = Integers.RotateLeft(t, LGW);

                u = D*(2*D+1);
                u = Integers.RotateLeft(u, LGW);

                C -= _S[2*i+1];
                C = Integers.RotateRight(C,t);
                C ^= u;

                A -= _S[2*i];
                A = Integers.RotateRight(A,u);
                A ^= t;
            }

            // Undo pseudo-round #0: pre-whitening of B and D
            D -= _S[1];
            B -= _S[0];

            Pack.UInt32_To_LE((uint)A, outBytes, outOff);
            Pack.UInt32_To_LE((uint)B, outBytes, outOff + 4);
            Pack.UInt32_To_LE((uint)C, outBytes, outOff + 8);
            Pack.UInt32_To_LE((uint)D, outBytes, outOff + 12);

            return 16;
        }
#endif
    }
}
#pragma warning restore
#endif