From af5758449bedc01cb2abfbea26466f7452d309bd Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 16 Dec 2025 09:12:09 -0900 Subject: [PATCH 01/22] Use native builtins instead of libraries for math/string (#1) * Use native string builtins instead of library * Use native math builtins instead of library --- lockbox/cipher/des.lua | 5 ++--- lockbox/digest/md2.lua | 3 +-- lockbox/digest/md4.lua | 6 ++---- lockbox/digest/md5.lua | 6 ++---- lockbox/digest/ripemd128.lua | 6 ++---- lockbox/digest/ripemd160.lua | 6 ++---- lockbox/digest/sha1.lua | 6 ++---- lockbox/digest/sha2_224.lua | 6 ++---- lockbox/digest/sha2_256.lua | 6 ++---- lockbox/kdf/pbkdf2.lua | 3 +-- lockbox/util/array.lua | 17 ++++++++--------- lockbox/util/base64.lua | 3 +-- lockbox/util/stream.lua | 15 +++++++-------- 13 files changed, 34 insertions(+), 54 deletions(-) diff --git a/lockbox/cipher/des.lua b/lockbox/cipher/des.lua index 5863f81..7a8f8ea 100644 --- a/lockbox/cipher/des.lua +++ b/lockbox/cipher/des.lua @@ -3,7 +3,6 @@ require("lockbox").insecure(); local Array = require("lockbox.util.array"); local Bit = require("lockbox.util.bit"); -local Math = require("math"); local AND = Bit.band; @@ -146,8 +145,8 @@ local packBytes = function(bits) local bytes = {} for k, _ in pairs(bits) do - local index = Math.floor((k - 1) / 8) + 1; - local shift = 7 - Math.fmod((k - 1), 8); + local index = math.floor((k - 1) / 8) + 1; + local shift = 7 - math.fmod((k - 1), 8); local bit = bits[k]; local byte = bytes[index]; diff --git a/lockbox/digest/md2.lua b/lockbox/digest/md2.lua index 71a5ee8..d0f6b61 100644 --- a/lockbox/digest/md2.lua +++ b/lockbox/digest/md2.lua @@ -1,7 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); local Queue = require("lockbox.util.queue"); local SUBST = { @@ -123,7 +122,7 @@ local MD2 = function() end public.asHex = function() - return String.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + return string.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", X[ 0], X[ 1], X[ 2], X[ 3], X[ 4], X[ 5], X[ 6], X[ 7], X[ 8], X[ 9], X[10], X[11], X[12], X[13], X[14], X[15]); end diff --git a/lockbox/digest/md4.lua b/lockbox/digest/md4.lua index 0ab3479..bc32588 100644 --- a/lockbox/digest/md4.lua +++ b/lockbox/digest/md4.lua @@ -1,8 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local AND = Bit.band; @@ -32,7 +30,7 @@ local word2bytes = function(word) end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(Math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -194,7 +192,7 @@ local MD4 = function() local b8, b9, b10, b11 = word2bytes(C); local b12, b13, b14, b15 = word2bytes(D); - return String.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + return string.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15); end diff --git a/lockbox/digest/md5.lua b/lockbox/digest/md5.lua index 6ce1df2..6264b84 100644 --- a/lockbox/digest/md5.lua +++ b/lockbox/digest/md5.lua @@ -1,8 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local SHIFT = { @@ -56,7 +54,7 @@ local word2bytes = function(word) end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(Math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -178,7 +176,7 @@ local MD5 = function() local b8, b9, b10, b11 = word2bytes(C); local b12, b13, b14, b15 = word2bytes(D); - return String.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + return string.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15); end diff --git a/lockbox/digest/ripemd128.lua b/lockbox/digest/ripemd128.lua index ebc3e41..38a1fb1 100644 --- a/lockbox/digest/ripemd128.lua +++ b/lockbox/digest/ripemd128.lua @@ -1,8 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local AND = Bit.band; @@ -32,7 +30,7 @@ local word2bytes = function(word) end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(Math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -330,7 +328,7 @@ local RIPEMD128 = function() local fmt = "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"; - return String.format(fmt, + return string.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15); end diff --git a/lockbox/digest/ripemd160.lua b/lockbox/digest/ripemd160.lua index 5b42d73..2ea5dcb 100644 --- a/lockbox/digest/ripemd160.lua +++ b/lockbox/digest/ripemd160.lua @@ -1,8 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local AND = Bit.band; @@ -32,7 +30,7 @@ local word2bytes = function(word) end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(Math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -381,7 +379,7 @@ local RIPEMD160 = function() local fmt = "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"; - return String.format(fmt, + return string.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19); end diff --git a/lockbox/digest/sha1.lua b/lockbox/digest/sha1.lua index 3e429e8..5a6e2e8 100644 --- a/lockbox/digest/sha1.lua +++ b/lockbox/digest/sha1.lua @@ -1,8 +1,6 @@ require("lockbox").insecure(); local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local AND = Bit.band; @@ -32,7 +30,7 @@ end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(Math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -163,7 +161,7 @@ local SHA1 = function() local b12, b13, b14, b15 = word2bytes(h3); local b16, b17, b18, b19 = word2bytes(h4); - return String.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + return string.format("%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19); end diff --git a/lockbox/digest/sha2_224.lua b/lockbox/digest/sha2_224.lua index 3897c26..6ee7245 100644 --- a/lockbox/digest/sha2_224.lua +++ b/lockbox/digest/sha2_224.lua @@ -1,6 +1,4 @@ local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local CONSTANTS = { @@ -44,7 +42,7 @@ end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(Math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -188,7 +186,7 @@ local SHA2_224 = function() local b20, b21, b22, b23 = word2bytes(h5); local b24, b25, b26, b27 = word2bytes(h6); - return String.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15 + return string.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15 , b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27); end diff --git a/lockbox/digest/sha2_256.lua b/lockbox/digest/sha2_256.lua index 4cd2f35..74136d7 100644 --- a/lockbox/digest/sha2_256.lua +++ b/lockbox/digest/sha2_256.lua @@ -1,6 +1,4 @@ local Bit = require("lockbox.util.bit"); -local String = require("string"); -local Math = require("math"); local Queue = require("lockbox.util.queue"); local CONSTANTS = { @@ -44,7 +42,7 @@ end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(Math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -191,7 +189,7 @@ local SHA2_256 = function() local b24, b25, b26, b27 = word2bytes(h6); local b28, b29, b30, b31 = word2bytes(h7); - return String.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15 + return string.format(fmt, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15 , b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27, b28, b29, b30, b31); end diff --git a/lockbox/kdf/pbkdf2.lua b/lockbox/kdf/pbkdf2.lua index e13e57d..c9e4388 100644 --- a/lockbox/kdf/pbkdf2.lua +++ b/lockbox/kdf/pbkdf2.lua @@ -1,7 +1,6 @@ local Bit = require("lockbox.util.bit"); local Array = require("lockbox.util.array"); local Stream = require("lockbox.util.stream"); -local Math = require("math"); local AND = Bit.band; local RSHIFT = Bit.rshift; @@ -86,7 +85,7 @@ local PBKDF2 = function() end public.finish = function() - local blocks = Math.ceil(dKeyLen / blockLen); + local blocks = math.ceil(dKeyLen / blockLen); dKey = {}; diff --git a/lockbox/util/array.lua b/lockbox/util/array.lua index 899419d..61ed06e 100644 --- a/lockbox/util/array.lua +++ b/lockbox/util/array.lua @@ -1,5 +1,4 @@ -local String = require("string"); local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); @@ -15,11 +14,11 @@ Array.fromString = function(string) local bytes = {}; local i = 1; - local byte = String.byte(string, i); + local byte = string.byte(string, i); while byte ~= nil do bytes[i] = byte; i = i + 1; - byte = String.byte(string, i); + byte = string.byte(string, i); end return bytes; @@ -32,7 +31,7 @@ Array.toString = function(bytes) local byte = bytes[i]; while byte ~= nil do - chars[i] = String.char(byte); + chars[i] = string.char(byte); i = i + 1; byte = bytes[i]; end @@ -89,15 +88,15 @@ end local fromHexTable = {}; for i = 0, 255 do - fromHexTable[String.format("%02X", i)] = i; - fromHexTable[String.format("%02x", i)] = i; + fromHexTable[string.format("%02X", i)] = i; + fromHexTable[string.format("%02x", i)] = i; end Array.fromHex = function(hex) local array = {}; - for i = 1, String.len(hex) / 2 do - local h = String.sub(hex, i * 2 - 1, i * 2); + for i = 1, string.len(hex) / 2 do + local h = string.sub(hex, i * 2 - 1, i * 2); array[i] = fromHexTable[h]; end @@ -107,7 +106,7 @@ end local toHexTable = {}; for i = 0, 255 do - toHexTable[i] = String.format("%02X", i); + toHexTable[i] = string.format("%02X", i); end Array.toHex = function(array) diff --git a/lockbox/util/base64.lua b/lockbox/util/base64.lua index 6f1743d..f1e4724 100644 --- a/lockbox/util/base64.lua +++ b/lockbox/util/base64.lua @@ -1,4 +1,3 @@ -local String = require("string"); local Bit = require("lockbox.util.bit"); local Stream = require("lockbox.util.stream"); @@ -81,7 +80,7 @@ Base64.toStream = function(base64) local yield = coroutine.yield; - for c in String.gmatch(base64, ".") do + for c in string.gmatch(base64, ".") do if (c == "=") then bits = RSHIFT(bits, 2); bitCount = bitCount - 2; else diff --git a/lockbox/util/stream.lua b/lockbox/util/stream.lua index f81a18c..a198d87 100644 --- a/lockbox/util/stream.lua +++ b/lockbox/util/stream.lua @@ -1,5 +1,4 @@ local Queue = require("lockbox.util.queue"); -local String = require("string"); local Stream = {}; @@ -8,7 +7,7 @@ Stream.fromString = function(string) local i = 0; return function() i = i + 1; - return String.byte(string, i); + return string.byte(string, i); end end @@ -19,7 +18,7 @@ Stream.toString = function(stream) local byte = stream(); while byte ~= nil do - array[i] = String.char(byte); + array[i] = string.char(byte); i = i + 1; byte = stream(); end @@ -60,15 +59,15 @@ end local fromHexTable = {}; for i = 0, 255 do - fromHexTable[String.format("%02X", i)] = i; - fromHexTable[String.format("%02x", i)] = i; + fromHexTable[string.format("%02X", i)] = i; + fromHexTable[string.format("%02x", i)] = i; end Stream.fromHex = function(hex) local queue = Queue(); - for i = 1, String.len(hex) / 2 do - local h = String.sub(hex, i * 2 - 1, i * 2); + for i = 1, string.len(hex) / 2 do + local h = string.sub(hex, i * 2 - 1, i * 2); queue.push(fromHexTable[h]); end @@ -79,7 +78,7 @@ end local toHexTable = {}; for i = 0, 255 do - toHexTable[i] = String.format("%02X", i); + toHexTable[i] = string.format("%02X", i); end Stream.toHex = function(stream) From e013041d4a2b178cc60d914cbb9383594969f8ed Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:45:15 -0900 Subject: [PATCH 02/22] Convert AES 128 to native bitwise operations --- lockbox/cipher/aes128.lua | 72 +++++++++++++++++++-------------------- 1 file changed, 35 insertions(+), 37 deletions(-) diff --git a/lockbox/cipher/aes128.lua b/lockbox/cipher/aes128.lua index 61cafe6..b5ac279 100644 --- a/lockbox/cipher/aes128.lua +++ b/lockbox/cipher/aes128.lua @@ -1,7 +1,5 @@ local Array = require("lockbox.util.array"); -local Bit = require("lockbox.util.bit"); -local XOR = Bit.bxor; local SBOX = { [0] = 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, @@ -137,88 +135,88 @@ local mixCol = function(i, mix) b = GMUL(i[ 2], mix[ 2]); c = GMUL(i[ 3], mix[ 3]); d = GMUL(i[ 4], mix[ 4]); - out[ 1] = XOR(XOR(a, b), XOR(c, d)); + out[ 1] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 5]); b = GMUL(i[ 2], mix[ 6]); c = GMUL(i[ 3], mix[ 7]); d = GMUL(i[ 4], mix[ 8]); - out[ 2] = XOR(XOR(a, b), XOR(c, d)); + out[ 2] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 9]); b = GMUL(i[ 2], mix[10]); c = GMUL(i[ 3], mix[11]); d = GMUL(i[ 4], mix[12]); - out[ 3] = XOR(XOR(a, b), XOR(c, d)); + out[ 3] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[13]); b = GMUL(i[ 2], mix[14]); c = GMUL(i[ 3], mix[15]); d = GMUL(i[ 4], mix[16]); - out[ 4] = XOR(XOR(a, b), XOR(c, d)); + out[ 4] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 1]); b = GMUL(i[ 6], mix[ 2]); c = GMUL(i[ 7], mix[ 3]); d = GMUL(i[ 8], mix[ 4]); - out[ 5] = XOR(XOR(a, b), XOR(c, d)); + out[ 5] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 5]); b = GMUL(i[ 6], mix[ 6]); c = GMUL(i[ 7], mix[ 7]); d = GMUL(i[ 8], mix[ 8]); - out[ 6] = XOR(XOR(a, b), XOR(c, d)); + out[ 6] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 9]); b = GMUL(i[ 6], mix[10]); c = GMUL(i[ 7], mix[11]); d = GMUL(i[ 8], mix[12]); - out[ 7] = XOR(XOR(a, b), XOR(c, d)); + out[ 7] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[13]); b = GMUL(i[ 6], mix[14]); c = GMUL(i[ 7], mix[15]); d = GMUL(i[ 8], mix[16]); - out[ 8] = XOR(XOR(a, b), XOR(c, d)); + out[ 8] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 1]); b = GMUL(i[10], mix[ 2]); c = GMUL(i[11], mix[ 3]); d = GMUL(i[12], mix[ 4]); - out[ 9] = XOR(XOR(a, b), XOR(c, d)); + out[ 9] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 5]); b = GMUL(i[10], mix[ 6]); c = GMUL(i[11], mix[ 7]); d = GMUL(i[12], mix[ 8]); - out[10] = XOR(XOR(a, b), XOR(c, d)); + out[10] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 9]); b = GMUL(i[10], mix[10]); c = GMUL(i[11], mix[11]); d = GMUL(i[12], mix[12]); - out[11] = XOR(XOR(a, b), XOR(c, d)); + out[11] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[13]); b = GMUL(i[10], mix[14]); c = GMUL(i[11], mix[15]); d = GMUL(i[12], mix[16]); - out[12] = XOR(XOR(a, b), XOR(c, d)); + out[12] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 1]); b = GMUL(i[14], mix[ 2]); c = GMUL(i[15], mix[ 3]); d = GMUL(i[16], mix[ 4]); - out[13] = XOR(XOR(a, b), XOR(c, d)); + out[13] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 5]); b = GMUL(i[14], mix[ 6]); c = GMUL(i[15], mix[ 7]); d = GMUL(i[16], mix[ 8]); - out[14] = XOR(XOR(a, b), XOR(c, d)); + out[14] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 9]); b = GMUL(i[14], mix[10]); c = GMUL(i[15], mix[11]); d = GMUL(i[16], mix[12]); - out[15] = XOR(XOR(a, b), XOR(c, d)); + out[15] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[13]); b = GMUL(i[14], mix[14]); c = GMUL(i[15], mix[15]); d = GMUL(i[16], mix[16]); - out[16] = XOR(XOR(a, b), XOR(c, d)); + out[16] = ((a ~ b) ~ (c ~ d)); return out; end @@ -226,25 +224,25 @@ end local keyRound = function(key, round) local out = {}; - out[ 1] = XOR(key[ 1], XOR(SBOX[key[14]], RCON[round])); - out[ 2] = XOR(key[ 2], SBOX[key[15]]); - out[ 3] = XOR(key[ 3], SBOX[key[16]]); - out[ 4] = XOR(key[ 4], SBOX[key[13]]); - - out[ 5] = XOR(out[ 1], key[ 5]); - out[ 6] = XOR(out[ 2], key[ 6]); - out[ 7] = XOR(out[ 3], key[ 7]); - out[ 8] = XOR(out[ 4], key[ 8]); - - out[ 9] = XOR(out[ 5], key[ 9]); - out[10] = XOR(out[ 6], key[10]); - out[11] = XOR(out[ 7], key[11]); - out[12] = XOR(out[ 8], key[12]); - - out[13] = XOR(out[ 9], key[13]); - out[14] = XOR(out[10], key[14]); - out[15] = XOR(out[11], key[15]); - out[16] = XOR(out[12], key[16]); + out[ 1] = (key[ 1] ~ (SBOX[key[14]] ~ RCON[round])); + out[ 2] = (key[ 2] ~ SBOX[key[15]]); + out[ 3] = (key[ 3] ~ SBOX[key[16]]); + out[ 4] = (key[ 4] ~ SBOX[key[13]]); + + out[ 5] = (out[ 1] ~ key[ 5]); + out[ 6] = (out[ 2] ~ key[ 6]); + out[ 7] = (out[ 3] ~ key[ 7]); + out[ 8] = (out[ 4] ~ key[ 8]); + + out[ 9] = (out[ 5] ~ key[ 9]); + out[10] = (out[ 6] ~ key[10]); + out[11] = (out[ 7] ~ key[11]); + out[12] = (out[ 8] ~ key[12]); + + out[13] = (out[ 9] ~ key[13]); + out[14] = (out[10] ~ key[14]); + out[15] = (out[11] ~ key[15]); + out[16] = (out[12] ~ key[16]); return out; end From 47f691f8831535ab387ba6c6f5606ee52805180e Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:45:42 -0900 Subject: [PATCH 03/22] Convert AES 192 to native bitwise operations --- lockbox/cipher/aes192.lua | 92 +++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 47 deletions(-) diff --git a/lockbox/cipher/aes192.lua b/lockbox/cipher/aes192.lua index e51313b..de55709 100644 --- a/lockbox/cipher/aes192.lua +++ b/lockbox/cipher/aes192.lua @@ -1,8 +1,6 @@ local Array = require("lockbox.util.array"); -local Bit = require("lockbox.util.bit"); -local XOR = Bit.bxor; local SBOX = { [0] = 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, @@ -138,88 +136,88 @@ local mixCol = function(i, mix) b = GMUL(i[ 2], mix[ 2]); c = GMUL(i[ 3], mix[ 3]); d = GMUL(i[ 4], mix[ 4]); - out[ 1] = XOR(XOR(a, b), XOR(c, d)); + out[ 1] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 5]); b = GMUL(i[ 2], mix[ 6]); c = GMUL(i[ 3], mix[ 7]); d = GMUL(i[ 4], mix[ 8]); - out[ 2] = XOR(XOR(a, b), XOR(c, d)); + out[ 2] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 9]); b = GMUL(i[ 2], mix[10]); c = GMUL(i[ 3], mix[11]); d = GMUL(i[ 4], mix[12]); - out[ 3] = XOR(XOR(a, b), XOR(c, d)); + out[ 3] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[13]); b = GMUL(i[ 2], mix[14]); c = GMUL(i[ 3], mix[15]); d = GMUL(i[ 4], mix[16]); - out[ 4] = XOR(XOR(a, b), XOR(c, d)); + out[ 4] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 1]); b = GMUL(i[ 6], mix[ 2]); c = GMUL(i[ 7], mix[ 3]); d = GMUL(i[ 8], mix[ 4]); - out[ 5] = XOR(XOR(a, b), XOR(c, d)); + out[ 5] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 5]); b = GMUL(i[ 6], mix[ 6]); c = GMUL(i[ 7], mix[ 7]); d = GMUL(i[ 8], mix[ 8]); - out[ 6] = XOR(XOR(a, b), XOR(c, d)); + out[ 6] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 9]); b = GMUL(i[ 6], mix[10]); c = GMUL(i[ 7], mix[11]); d = GMUL(i[ 8], mix[12]); - out[ 7] = XOR(XOR(a, b), XOR(c, d)); + out[ 7] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[13]); b = GMUL(i[ 6], mix[14]); c = GMUL(i[ 7], mix[15]); d = GMUL(i[ 8], mix[16]); - out[ 8] = XOR(XOR(a, b), XOR(c, d)); + out[ 8] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 1]); b = GMUL(i[10], mix[ 2]); c = GMUL(i[11], mix[ 3]); d = GMUL(i[12], mix[ 4]); - out[ 9] = XOR(XOR(a, b), XOR(c, d)); + out[ 9] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 5]); b = GMUL(i[10], mix[ 6]); c = GMUL(i[11], mix[ 7]); d = GMUL(i[12], mix[ 8]); - out[10] = XOR(XOR(a, b), XOR(c, d)); + out[10] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 9]); b = GMUL(i[10], mix[10]); c = GMUL(i[11], mix[11]); d = GMUL(i[12], mix[12]); - out[11] = XOR(XOR(a, b), XOR(c, d)); + out[11] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[13]); b = GMUL(i[10], mix[14]); c = GMUL(i[11], mix[15]); d = GMUL(i[12], mix[16]); - out[12] = XOR(XOR(a, b), XOR(c, d)); + out[12] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 1]); b = GMUL(i[14], mix[ 2]); c = GMUL(i[15], mix[ 3]); d = GMUL(i[16], mix[ 4]); - out[13] = XOR(XOR(a, b), XOR(c, d)); + out[13] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 5]); b = GMUL(i[14], mix[ 6]); c = GMUL(i[15], mix[ 7]); d = GMUL(i[16], mix[ 8]); - out[14] = XOR(XOR(a, b), XOR(c, d)); + out[14] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 9]); b = GMUL(i[14], mix[10]); c = GMUL(i[15], mix[11]); d = GMUL(i[16], mix[12]); - out[15] = XOR(XOR(a, b), XOR(c, d)); + out[15] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[13]); b = GMUL(i[14], mix[14]); c = GMUL(i[15], mix[15]); d = GMUL(i[16], mix[16]); - out[16] = XOR(XOR(a, b), XOR(c, d)); + out[16] = ((a ~ b) ~ (c ~ d)); return out; end @@ -228,35 +226,35 @@ local keyRound = function(key, round) local i = (round - 1) * 24; local out = key; - out[25 + i] = XOR(key[ 1 + i], XOR(SBOX[key[22 + i]], RCON[round])); - out[26 + i] = XOR(key[ 2 + i], SBOX[key[23 + i]]); - out[27 + i] = XOR(key[ 3 + i], SBOX[key[24 + i]]); - out[28 + i] = XOR(key[ 4 + i], SBOX[key[21 + i]]); - - out[29 + i] = XOR(out[25 + i], key[ 5 + i]); - out[30 + i] = XOR(out[26 + i], key[ 6 + i]); - out[31 + i] = XOR(out[27 + i], key[ 7 + i]); - out[32 + i] = XOR(out[28 + i], key[ 8 + i]); - - out[33 + i] = XOR(out[29 + i], key[ 9 + i]); - out[34 + i] = XOR(out[30 + i], key[10 + i]); - out[35 + i] = XOR(out[31 + i], key[11 + i]); - out[36 + i] = XOR(out[32 + i], key[12 + i]); - - out[37 + i] = XOR(out[33 + i], key[13 + i]); - out[38 + i] = XOR(out[34 + i], key[14 + i]); - out[39 + i] = XOR(out[35 + i], key[15 + i]); - out[40 + i] = XOR(out[36 + i], key[16 + i]); - - out[41 + i] = XOR(out[37 + i], key[17 + i]); - out[42 + i] = XOR(out[38 + i], key[18 + i]); - out[43 + i] = XOR(out[39 + i], key[19 + i]); - out[44 + i] = XOR(out[40 + i], key[20 + i]); - - out[45 + i] = XOR(out[41 + i], key[21 + i]); - out[46 + i] = XOR(out[42 + i], key[22 + i]); - out[47 + i] = XOR(out[43 + i], key[23 + i]); - out[48 + i] = XOR(out[44 + i], key[24 + i]); + out[25 + i] = (key[ 1 + i] ~ (SBOX[key[22 + i]] ~ RCON[round])); + out[26 + i] = (key[ 2 + i] ~ SBOX[key[23 + i]]); + out[27 + i] = (key[ 3 + i] ~ SBOX[key[24 + i]]); + out[28 + i] = (key[ 4 + i] ~ SBOX[key[21 + i]]); + + out[29 + i] = (out[25 + i] ~ key[ 5 + i]); + out[30 + i] = (out[26 + i] ~ key[ 6 + i]); + out[31 + i] = (out[27 + i] ~ key[ 7 + i]); + out[32 + i] = (out[28 + i] ~ key[ 8 + i]); + + out[33 + i] = (out[29 + i] ~ key[ 9 + i]); + out[34 + i] = (out[30 + i] ~ key[10 + i]); + out[35 + i] = (out[31 + i] ~ key[11 + i]); + out[36 + i] = (out[32 + i] ~ key[12 + i]); + + out[37 + i] = (out[33 + i] ~ key[13 + i]); + out[38 + i] = (out[34 + i] ~ key[14 + i]); + out[39 + i] = (out[35 + i] ~ key[15 + i]); + out[40 + i] = (out[36 + i] ~ key[16 + i]); + + out[41 + i] = (out[37 + i] ~ key[17 + i]); + out[42 + i] = (out[38 + i] ~ key[18 + i]); + out[43 + i] = (out[39 + i] ~ key[19 + i]); + out[44 + i] = (out[40 + i] ~ key[20 + i]); + + out[45 + i] = (out[41 + i] ~ key[21 + i]); + out[46 + i] = (out[42 + i] ~ key[22 + i]); + out[47 + i] = (out[43 + i] ~ key[23 + i]); + out[48 + i] = (out[44 + i] ~ key[24 + i]); return out; end From 9edf3c7eb6c01361c214d9afdcdff791915f41ee Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:45:58 -0900 Subject: [PATCH 04/22] Convert AES 256 to native bitwise operations --- lockbox/cipher/aes256.lua | 114 +++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 58 deletions(-) diff --git a/lockbox/cipher/aes256.lua b/lockbox/cipher/aes256.lua index 2d97f44..71ce358 100644 --- a/lockbox/cipher/aes256.lua +++ b/lockbox/cipher/aes256.lua @@ -1,7 +1,5 @@ local Array = require("lockbox.util.array"); -local Bit = require("lockbox.util.bit"); -local XOR = Bit.bxor; local SBOX = { [0] = 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, @@ -137,88 +135,88 @@ local mixCol = function(i, mix) b = GMUL(i[ 2], mix[ 2]); c = GMUL(i[ 3], mix[ 3]); d = GMUL(i[ 4], mix[ 4]); - out[ 1] = XOR(XOR(a, b), XOR(c, d)); + out[ 1] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 5]); b = GMUL(i[ 2], mix[ 6]); c = GMUL(i[ 3], mix[ 7]); d = GMUL(i[ 4], mix[ 8]); - out[ 2] = XOR(XOR(a, b), XOR(c, d)); + out[ 2] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[ 9]); b = GMUL(i[ 2], mix[10]); c = GMUL(i[ 3], mix[11]); d = GMUL(i[ 4], mix[12]); - out[ 3] = XOR(XOR(a, b), XOR(c, d)); + out[ 3] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 1], mix[13]); b = GMUL(i[ 2], mix[14]); c = GMUL(i[ 3], mix[15]); d = GMUL(i[ 4], mix[16]); - out[ 4] = XOR(XOR(a, b), XOR(c, d)); + out[ 4] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 1]); b = GMUL(i[ 6], mix[ 2]); c = GMUL(i[ 7], mix[ 3]); d = GMUL(i[ 8], mix[ 4]); - out[ 5] = XOR(XOR(a, b), XOR(c, d)); + out[ 5] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 5]); b = GMUL(i[ 6], mix[ 6]); c = GMUL(i[ 7], mix[ 7]); d = GMUL(i[ 8], mix[ 8]); - out[ 6] = XOR(XOR(a, b), XOR(c, d)); + out[ 6] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[ 9]); b = GMUL(i[ 6], mix[10]); c = GMUL(i[ 7], mix[11]); d = GMUL(i[ 8], mix[12]); - out[ 7] = XOR(XOR(a, b), XOR(c, d)); + out[ 7] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 5], mix[13]); b = GMUL(i[ 6], mix[14]); c = GMUL(i[ 7], mix[15]); d = GMUL(i[ 8], mix[16]); - out[ 8] = XOR(XOR(a, b), XOR(c, d)); + out[ 8] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 1]); b = GMUL(i[10], mix[ 2]); c = GMUL(i[11], mix[ 3]); d = GMUL(i[12], mix[ 4]); - out[ 9] = XOR(XOR(a, b), XOR(c, d)); + out[ 9] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 5]); b = GMUL(i[10], mix[ 6]); c = GMUL(i[11], mix[ 7]); d = GMUL(i[12], mix[ 8]); - out[10] = XOR(XOR(a, b), XOR(c, d)); + out[10] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[ 9]); b = GMUL(i[10], mix[10]); c = GMUL(i[11], mix[11]); d = GMUL(i[12], mix[12]); - out[11] = XOR(XOR(a, b), XOR(c, d)); + out[11] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[ 9], mix[13]); b = GMUL(i[10], mix[14]); c = GMUL(i[11], mix[15]); d = GMUL(i[12], mix[16]); - out[12] = XOR(XOR(a, b), XOR(c, d)); + out[12] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 1]); b = GMUL(i[14], mix[ 2]); c = GMUL(i[15], mix[ 3]); d = GMUL(i[16], mix[ 4]); - out[13] = XOR(XOR(a, b), XOR(c, d)); + out[13] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 5]); b = GMUL(i[14], mix[ 6]); c = GMUL(i[15], mix[ 7]); d = GMUL(i[16], mix[ 8]); - out[14] = XOR(XOR(a, b), XOR(c, d)); + out[14] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[ 9]); b = GMUL(i[14], mix[10]); c = GMUL(i[15], mix[11]); d = GMUL(i[16], mix[12]); - out[15] = XOR(XOR(a, b), XOR(c, d)); + out[15] = ((a ~ b) ~ (c ~ d)); a = GMUL(i[13], mix[13]); b = GMUL(i[14], mix[14]); c = GMUL(i[15], mix[15]); d = GMUL(i[16], mix[16]); - out[16] = XOR(XOR(a, b), XOR(c, d)); + out[16] = ((a ~ b) ~ (c ~ d)); return out; end @@ -227,46 +225,46 @@ local keyRound = function(key, round) local i = (round - 1) * 32; local out = key; - out[33 + i] = XOR(key[ 1 + i], XOR(SBOX[key[30 + i]], RCON[round])); - out[34 + i] = XOR(key[ 2 + i], SBOX[key[31 + i]]); - out[35 + i] = XOR(key[ 3 + i], SBOX[key[32 + i]]); - out[36 + i] = XOR(key[ 4 + i], SBOX[key[29 + i]]); - - out[37 + i] = XOR(out[33 + i], key[ 5 + i]); - out[38 + i] = XOR(out[34 + i], key[ 6 + i]); - out[39 + i] = XOR(out[35 + i], key[ 7 + i]); - out[40 + i] = XOR(out[36 + i], key[ 8 + i]); - - out[41 + i] = XOR(out[37 + i], key[ 9 + i]); - out[42 + i] = XOR(out[38 + i], key[10 + i]); - out[43 + i] = XOR(out[39 + i], key[11 + i]); - out[44 + i] = XOR(out[40 + i], key[12 + i]); - - out[45 + i] = XOR(out[41 + i], key[13 + i]); - out[46 + i] = XOR(out[42 + i], key[14 + i]); - out[47 + i] = XOR(out[43 + i], key[15 + i]); - out[48 + i] = XOR(out[44 + i], key[16 + i]); - - - out[49 + i] = XOR(SBOX[out[45 + i]], key[17 + i]); - out[50 + i] = XOR(SBOX[out[46 + i]], key[18 + i]); - out[51 + i] = XOR(SBOX[out[47 + i]], key[19 + i]); - out[52 + i] = XOR(SBOX[out[48 + i]], key[20 + i]); - - out[53 + i] = XOR(out[49 + i], key[21 + i]); - out[54 + i] = XOR(out[50 + i], key[22 + i]); - out[55 + i] = XOR(out[51 + i], key[23 + i]); - out[56 + i] = XOR(out[52 + i], key[24 + i]); - - out[57 + i] = XOR(out[53 + i], key[25 + i]); - out[58 + i] = XOR(out[54 + i], key[26 + i]); - out[59 + i] = XOR(out[55 + i], key[27 + i]); - out[60 + i] = XOR(out[56 + i], key[28 + i]); - - out[61 + i] = XOR(out[57 + i], key[29 + i]); - out[62 + i] = XOR(out[58 + i], key[30 + i]); - out[63 + i] = XOR(out[59 + i], key[31 + i]); - out[64 + i] = XOR(out[60 + i], key[32 + i]); + out[33 + i] = (key[ 1 + i] ~ (SBOX[key[30 + i]] ~ RCON[round])); + out[34 + i] = (key[ 2 + i] ~ SBOX[key[31 + i]]); + out[35 + i] = (key[ 3 + i] ~ SBOX[key[32 + i]]); + out[36 + i] = (key[ 4 + i] ~ SBOX[key[29 + i]]); + + out[37 + i] = (out[33 + i] ~ key[ 5 + i]); + out[38 + i] = (out[34 + i] ~ key[ 6 + i]); + out[39 + i] = (out[35 + i] ~ key[ 7 + i]); + out[40 + i] = (out[36 + i] ~ key[ 8 + i]); + + out[41 + i] = (out[37 + i] ~ key[ 9 + i]); + out[42 + i] = (out[38 + i] ~ key[10 + i]); + out[43 + i] = (out[39 + i] ~ key[11 + i]); + out[44 + i] = (out[40 + i] ~ key[12 + i]); + + out[45 + i] = (out[41 + i] ~ key[13 + i]); + out[46 + i] = (out[42 + i] ~ key[14 + i]); + out[47 + i] = (out[43 + i] ~ key[15 + i]); + out[48 + i] = (out[44 + i] ~ key[16 + i]); + + + out[49 + i] = (SBOX[out[45 + i]] ~ key[17 + i]); + out[50 + i] = (SBOX[out[46 + i]] ~ key[18 + i]); + out[51 + i] = (SBOX[out[47 + i]] ~ key[19 + i]); + out[52 + i] = (SBOX[out[48 + i]] ~ key[20 + i]); + + out[53 + i] = (out[49 + i] ~ key[21 + i]); + out[54 + i] = (out[50 + i] ~ key[22 + i]); + out[55 + i] = (out[51 + i] ~ key[23 + i]); + out[56 + i] = (out[52 + i] ~ key[24 + i]); + + out[57 + i] = (out[53 + i] ~ key[25 + i]); + out[58 + i] = (out[54 + i] ~ key[26 + i]); + out[59 + i] = (out[55 + i] ~ key[27 + i]); + out[60 + i] = (out[56 + i] ~ key[28 + i]); + + out[61 + i] = (out[57 + i] ~ key[29 + i]); + out[62 + i] = (out[58 + i] ~ key[30 + i]); + out[63 + i] = (out[59 + i] ~ key[31 + i]); + out[64 + i] = (out[60 + i] ~ key[32 + i]); return out; end From f30fcde22ee9a14cec4e40a3d74bbfdd83b05635 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:46:39 -0900 Subject: [PATCH 05/22] Convert DES to native bitwise operations --- lockbox/cipher/des.lua | 256 ++++++++++++++++++++--------------------- 1 file changed, 125 insertions(+), 131 deletions(-) diff --git a/lockbox/cipher/des.lua b/lockbox/cipher/des.lua index 7a8f8ea..5d751ec 100644 --- a/lockbox/cipher/des.lua +++ b/lockbox/cipher/des.lua @@ -2,14 +2,9 @@ require("lockbox").insecure(); local Array = require("lockbox.util.array"); -local Bit = require("lockbox.util.bit"); -local AND = Bit.band; -local OR = Bit.bor; -local XOR = Bit.bxor; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; + local IN_P = { 58, 50, 42, 34, 26, 18, 10, 2, @@ -128,14 +123,14 @@ local unpackBytes = function(bytes) local bits = {}; for _, b in pairs(bytes) do - table.insert(bits, RSHIFT(AND(b, 0x80), 7)); - table.insert(bits, RSHIFT(AND(b, 0x40), 6)); - table.insert(bits, RSHIFT(AND(b, 0x20), 5)); - table.insert(bits, RSHIFT(AND(b, 0x10), 4)); - table.insert(bits, RSHIFT(AND(b, 0x08), 3)); - table.insert(bits, RSHIFT(AND(b, 0x04), 2)); - table.insert(bits, RSHIFT(AND(b, 0x02), 1)); - table.insert(bits, AND(b, 0x01) ); + table.insert(bits, ((b & 0x80) >> 7)); + table.insert(bits, ((b & 0x40) >> 6)); + table.insert(bits, ((b & 0x20) >> 5)); + table.insert(bits, ((b & 0x10) >> 4)); + table.insert(bits, ((b & 0x08) >> 3)); + table.insert(bits, ((b & 0x04) >> 2)); + table.insert(bits, ((b & 0x02) >> 1)); + table.insert(bits, (b & 0x01) ); end return bits; @@ -145,14 +140,14 @@ local packBytes = function(bits) local bytes = {} for k, _ in pairs(bits) do - local index = math.floor((k - 1) / 8) + 1; - local shift = 7 - math.fmod((k - 1), 8); + local index = ((k - 1) // 8) + 1; + local shift = 7 - ((k - 1) % 8); local bit = bits[k]; local byte = bytes[index]; if not byte then byte = 0x00; end - byte = OR(byte, LSHIFT(bit, shift)); + byte = (byte | (bit << shift)); bytes[index] = byte; end @@ -164,129 +159,129 @@ local mix = function(LR, key) local ER = permute(LR, EBIT); for k, _ in pairs(ER) do - ER[k] = XOR(ER[k], key[k]); + ER[k] = (ER[k] ~ key[k]); end local FRK = {}; local S = 0x00; - S = OR(S, ER[1]); S = LSHIFT(S, 1); - S = OR(S, ER[6]); S = LSHIFT(S, 1); - S = OR(S, ER[2]); S = LSHIFT(S, 1); - S = OR(S, ER[3]); S = LSHIFT(S, 1); - S = OR(S, ER[4]); S = LSHIFT(S, 1); - S = OR(S, ER[5]); S = S + 1; + S = (S | ER[1]); S = (S << 1); + S = (S | ER[6]); S = (S << 1); + S = (S | ER[2]); S = (S << 1); + S = (S | ER[3]); S = (S << 1); + S = (S | ER[4]); S = (S << 1); + S = (S | ER[5]); S = S + 1; S = SBOX1[S]; - FRK[1] = RSHIFT(AND(S, 0x08), 3); - FRK[2] = RSHIFT(AND(S, 0x04), 2); - FRK[3] = RSHIFT(AND(S, 0x02), 1); - FRK[4] = AND(S, 0x01); + FRK[1] = ((S & 0x08) >> 3); + FRK[2] = ((S & 0x04) >> 2); + FRK[3] = ((S & 0x02) >> 1); + FRK[4] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 6]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 6]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 6]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 6]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 6]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 6]); S = S + 1; + S = (S | ER[1 + 6]); S = (S << 1); + S = (S | ER[6 + 6]); S = (S << 1); + S = (S | ER[2 + 6]); S = (S << 1); + S = (S | ER[3 + 6]); S = (S << 1); + S = (S | ER[4 + 6]); S = (S << 1); + S = (S | ER[5 + 6]); S = S + 1; S = SBOX2[S]; - FRK[5] = RSHIFT(AND(S, 0x08), 3); - FRK[6] = RSHIFT(AND(S, 0x04), 2); - FRK[7] = RSHIFT(AND(S, 0x02), 1); - FRK[8] = AND(S, 0x01); + FRK[5] = ((S & 0x08) >> 3); + FRK[6] = ((S & 0x04) >> 2); + FRK[7] = ((S & 0x02) >> 1); + FRK[8] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 12]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 12]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 12]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 12]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 12]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 12]); S = S + 1; + S = (S | ER[1 + 12]); S = (S << 1); + S = (S | ER[6 + 12]); S = (S << 1); + S = (S | ER[2 + 12]); S = (S << 1); + S = (S | ER[3 + 12]); S = (S << 1); + S = (S | ER[4 + 12]); S = (S << 1); + S = (S | ER[5 + 12]); S = S + 1; S = SBOX3[S]; - FRK[9] = RSHIFT(AND(S, 0x08), 3); - FRK[10] = RSHIFT(AND(S, 0x04), 2); - FRK[11] = RSHIFT(AND(S, 0x02), 1); - FRK[12] = AND(S, 0x01); + FRK[9] = ((S & 0x08) >> 3); + FRK[10] = ((S & 0x04) >> 2); + FRK[11] = ((S & 0x02) >> 1); + FRK[12] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 18]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 18]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 18]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 18]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 18]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 18]); S = S + 1; + S = (S | ER[1 + 18]); S = (S << 1); + S = (S | ER[6 + 18]); S = (S << 1); + S = (S | ER[2 + 18]); S = (S << 1); + S = (S | ER[3 + 18]); S = (S << 1); + S = (S | ER[4 + 18]); S = (S << 1); + S = (S | ER[5 + 18]); S = S + 1; S = SBOX4[S]; - FRK[13] = RSHIFT(AND(S, 0x08), 3); - FRK[14] = RSHIFT(AND(S, 0x04), 2); - FRK[15] = RSHIFT(AND(S, 0x02), 1); - FRK[16] = AND(S, 0x01); + FRK[13] = ((S & 0x08) >> 3); + FRK[14] = ((S & 0x04) >> 2); + FRK[15] = ((S & 0x02) >> 1); + FRK[16] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 24]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 24]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 24]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 24]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 24]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 24]); S = S + 1; + S = (S | ER[1 + 24]); S = (S << 1); + S = (S | ER[6 + 24]); S = (S << 1); + S = (S | ER[2 + 24]); S = (S << 1); + S = (S | ER[3 + 24]); S = (S << 1); + S = (S | ER[4 + 24]); S = (S << 1); + S = (S | ER[5 + 24]); S = S + 1; S = SBOX5[S]; - FRK[17] = RSHIFT(AND(S, 0x08), 3); - FRK[18] = RSHIFT(AND(S, 0x04), 2); - FRK[19] = RSHIFT(AND(S, 0x02), 1); - FRK[20] = AND(S, 0x01); + FRK[17] = ((S & 0x08) >> 3); + FRK[18] = ((S & 0x04) >> 2); + FRK[19] = ((S & 0x02) >> 1); + FRK[20] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 30]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 30]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 30]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 30]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 30]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 30]); S = S + 1; + S = (S | ER[1 + 30]); S = (S << 1); + S = (S | ER[6 + 30]); S = (S << 1); + S = (S | ER[2 + 30]); S = (S << 1); + S = (S | ER[3 + 30]); S = (S << 1); + S = (S | ER[4 + 30]); S = (S << 1); + S = (S | ER[5 + 30]); S = S + 1; S = SBOX6[S]; - FRK[21] = RSHIFT(AND(S, 0x08), 3); - FRK[22] = RSHIFT(AND(S, 0x04), 2); - FRK[23] = RSHIFT(AND(S, 0x02), 1); - FRK[24] = AND(S, 0x01); + FRK[21] = ((S & 0x08) >> 3); + FRK[22] = ((S & 0x04) >> 2); + FRK[23] = ((S & 0x02) >> 1); + FRK[24] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 36]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 36]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 36]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 36]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 36]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 36]); S = S + 1; + S = (S | ER[1 + 36]); S = (S << 1); + S = (S | ER[6 + 36]); S = (S << 1); + S = (S | ER[2 + 36]); S = (S << 1); + S = (S | ER[3 + 36]); S = (S << 1); + S = (S | ER[4 + 36]); S = (S << 1); + S = (S | ER[5 + 36]); S = S + 1; S = SBOX7[S]; - FRK[25] = RSHIFT(AND(S, 0x08), 3); - FRK[26] = RSHIFT(AND(S, 0x04), 2); - FRK[27] = RSHIFT(AND(S, 0x02), 1); - FRK[28] = AND(S, 0x01); + FRK[25] = ((S & 0x08) >> 3); + FRK[26] = ((S & 0x04) >> 2); + FRK[27] = ((S & 0x02) >> 1); + FRK[28] = (S & 0x01); S = 0x00; - S = OR(S, ER[1 + 42]); S = LSHIFT(S, 1); - S = OR(S, ER[6 + 42]); S = LSHIFT(S, 1); - S = OR(S, ER[2 + 42]); S = LSHIFT(S, 1); - S = OR(S, ER[3 + 42]); S = LSHIFT(S, 1); - S = OR(S, ER[4 + 42]); S = LSHIFT(S, 1); - S = OR(S, ER[5 + 42]); S = S + 1; + S = (S | ER[1 + 42]); S = (S << 1); + S = (S | ER[6 + 42]); S = (S << 1); + S = (S | ER[2 + 42]); S = (S << 1); + S = (S | ER[3 + 42]); S = (S << 1); + S = (S | ER[4 + 42]); S = (S << 1); + S = (S | ER[5 + 42]); S = S + 1; S = SBOX8[S]; - FRK[29] = RSHIFT(AND(S, 0x08), 3); - FRK[30] = RSHIFT(AND(S, 0x04), 2); - FRK[31] = RSHIFT(AND(S, 0x02), 1); - FRK[32] = AND(S, 0x01); + FRK[29] = ((S & 0x08) >> 3); + FRK[30] = ((S & 0x04) >> 2); + FRK[31] = ((S & 0x02) >> 1); + FRK[32] = (S & 0x01); FRK = permute(FRK, ROUND_P); @@ -302,7 +297,6 @@ DES.encrypt = function(keyBlock, inputBlock) local LR = unpackBytes(inputBlock); local keyBits = unpackBytes(keyBlock); - local CD = permute(keyBits, PC1); --key schedule @@ -328,67 +322,67 @@ DES.encrypt = function(keyBlock, inputBlock) --rounds local frk = mix(LR, KEY1); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY2); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY3); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY4); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY5); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY6); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY7); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY8); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY9); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY10); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY11); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY12); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY13); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY14); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY15); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY16); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end --output permutation LR = permute(LR, OUT_P); @@ -429,67 +423,67 @@ DES.decrypt = function(keyBlock, inputBlock) --rounds local frk = mix(LR, KEY16); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY15); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY14); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY13); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY12); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY11); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY10); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY9); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY8); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY7); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY6); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY5); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY4); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY3); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY2); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end LR = permute(LR, LR_SWAP); frk = mix(LR, KEY1); - for k, _ in pairs(frk) do LR[k] = XOR(LR[k], frk[k]); end + for k, _ in pairs(frk) do LR[k] = (LR[k] ~ frk[k]); end --output permutation LR = permute(LR, OUT_P); From 5324969fdfd8369074cff46fe2c63f164830dbb0 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:46:56 -0900 Subject: [PATCH 06/22] Convert TEA to native bitwise operations --- lockbox/cipher/tea.lua | 54 +++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 29 deletions(-) diff --git a/lockbox/cipher/tea.lua b/lockbox/cipher/tea.lua index ae7602b..52425c5 100644 --- a/lockbox/cipher/tea.lua +++ b/lockbox/cipher/tea.lua @@ -1,31 +1,27 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); -local AND = Bit.band; -local OR = Bit.bor; -local XOR = Bit.bxor; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; + + --NOTE: TEA is endian-dependent! --The spec does not seem to specify which to use. --It looks like most implementations use big-endian local bytes2word = function(b0, b1, b2, b3) - local i = b0; i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b3); + local i = b0; i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b3); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end @@ -47,17 +43,17 @@ TEA.encrypt = function(key, data) for _ = 1, 32 do local temp; - sum = AND(sum + delta, 0xFFFFFFFF); + sum = (sum + delta & 0xFFFFFFFF); temp = z + sum; - temp = XOR(temp, LSHIFT(z, 4) + k0); - temp = XOR(temp, RSHIFT(z, 5) + k1); - y = AND(y + temp, 0xFFFFFFFF); + temp = (temp ~ (z << 4) + k0); + temp = (temp ~ (z >> 5) + k1); + y = (y + temp & 0xFFFFFFFF); temp = y + sum; - temp = XOR(temp, LSHIFT(y, 4) + k2); - temp = XOR(temp, RSHIFT(y, 5) + k3); - z = AND( z + temp, 0xFFFFFFFF); + temp = (temp ~ (y << 4) + k2); + temp = (temp ~ (y >> 5) + k3); + z = (z + temp & 0xFFFFFFFF); end local out = {}; @@ -73,7 +69,7 @@ TEA.decrypt = function(key, data) local z = bytes2word(data[5], data[6], data[7], data[8]); local delta = 0x9e3779b9; - local sum = 0xc6ef3720; --AND(delta*32,0xFFFFFFFF); + local sum = 0xc6ef3720; --(delta*32 & 0xFFFFFFFF); local k0 = bytes2word(key[ 1], key[ 2], key[ 3], key[ 4]); local k1 = bytes2word(key[ 5], key[ 6], key[ 7], key[ 8]); @@ -84,16 +80,16 @@ TEA.decrypt = function(key, data) local temp; temp = y + sum; - temp = XOR(temp, LSHIFT(y, 4) + k2); - temp = XOR(temp, RSHIFT(y, 5) + k3); - z = AND(z + 0x100000000 - temp, 0xFFFFFFFF); + temp = (temp ~ (y << 4) + k2); + temp = (temp ~ (y >> 5) + k3); + z = (z + 0x100000000 - temp & 0xFFFFFFFF); temp = z + sum; - temp = XOR(temp, LSHIFT(z, 4) + k0); - temp = XOR(temp, RSHIFT(z, 5) + k1); - y = AND(y + 0x100000000 - temp, 0xFFFFFFFF); + temp = (temp ~ (z << 4) + k0); + temp = (temp ~ (z >> 5) + k1); + y = (y + 0x100000000 - temp & 0xFFFFFFFF); - sum = AND(sum + 0x100000000 - delta, 0xFFFFFFFF); + sum = (sum + 0x100000000 - delta & 0xFFFFFFFF); end local out = {}; From 1b1b40de851ca78cc60cd2703a40635285a43115 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:47:11 -0900 Subject: [PATCH 07/22] Convert XTEA to native bitwise operations --- lockbox/cipher/xtea.lua | 54 +++++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 29 deletions(-) diff --git a/lockbox/cipher/xtea.lua b/lockbox/cipher/xtea.lua index 7532453..ecf31ea 100644 --- a/lockbox/cipher/xtea.lua +++ b/lockbox/cipher/xtea.lua @@ -1,31 +1,27 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); -local AND = Bit.band; -local OR = Bit.bor; -local XOR = Bit.bxor; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; + + --NOTE: XTEA is endian-dependent! --The spec does not seem to specify which to use. --It looks like most implementations use big-endian local bytes2word = function(b0, b1, b2, b3) - local i = b0; i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b3); + local i = b0; i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b3); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end @@ -48,15 +44,15 @@ XTEA.encrypt = function(key, data) for _ = 1, 32 do local temp; - temp = XOR(LSHIFT(z, 4), RSHIFT(z, 5)) + z - temp = XOR(temp, sum + k[ AND(sum, 0x3) ]) - y = AND(y + temp, 0xFFFFFFFF); + temp = ((z << 4) ~ (z >> 5)) + z + temp = (temp ~ sum + k[ (sum & 0x3) ]) + y = (y + temp & 0xFFFFFFFF); - sum = AND(sum + delta, 0xFFFFFFFF); + sum = (sum + delta & 0xFFFFFFFF); - temp = XOR(LSHIFT(y, 4), RSHIFT(y, 5)) + y - temp = XOR(temp, sum + k[ AND(RSHIFT(sum, 11), 0x3) ]) - z = AND( z + temp, 0xFFFFFFFF); + temp = ((y << 4) ~ (y >> 5)) + y + temp = (temp ~ sum + k[ ((sum >> 11) & 0x3) ]) + z = (z + temp & 0xFFFFFFFF); end local out = {}; @@ -72,7 +68,7 @@ XTEA.decrypt = function(key, data) local z = bytes2word(data[5], data[6], data[7], data[8]); local delta = 0x9e3779b9; - local sum = 0xc6ef3720; --AND(delta*32,0xFFFFFFFF); + local sum = 0xc6ef3720; --(delta*32 & 0xFFFFFFFF); local k0 = bytes2word(key[ 1], key[ 2], key[ 3], key[ 4]); local k1 = bytes2word(key[ 5], key[ 6], key[ 7], key[ 8]); @@ -83,15 +79,15 @@ XTEA.decrypt = function(key, data) for _ = 1, 32 do local temp; - temp = XOR(LSHIFT(y, 4), RSHIFT(y, 5)) + y - temp = XOR(temp, sum + k[ AND(RSHIFT(sum, 11), 0x3) ]) - z = AND(z + 0x100000000 - temp, 0xFFFFFFFF); + temp = ((y << 4) ~ (y >> 5)) + y + temp = (temp ~ sum + k[ ((sum >> 11) & 0x3) ]) + z = (z + 0x100000000 - temp & 0xFFFFFFFF); - sum = AND(sum + 0x100000000 - delta, 0xFFFFFFFF); + sum = (sum + 0x100000000 - delta & 0xFFFFFFFF); - temp = XOR(LSHIFT(z, 4), RSHIFT(z, 5)) + z - temp = XOR(temp, sum + k[ AND(sum, 0x3) ]) - y = AND(y + 0x100000000 - temp, 0xFFFFFFFF); + temp = ((z << 4) ~ (z >> 5)) + z + temp = (temp ~ sum + k[ (sum & 0x3) ]) + y = (y + 0x100000000 - temp & 0xFFFFFFFF); end From 6c922d89a9cd576a78f6ae101d09172164cc8623 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:47:27 -0900 Subject: [PATCH 08/22] Convert CTR to native bitwise operations --- lockbox/cipher/mode/ctr.lua | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/lockbox/cipher/mode/ctr.lua b/lockbox/cipher/mode/ctr.lua index bcf0187..e7f982c 100644 --- a/lockbox/cipher/mode/ctr.lua +++ b/lockbox/cipher/mode/ctr.lua @@ -2,9 +2,7 @@ local Array = require("lockbox.util.array"); local Stream = require("lockbox.util.stream"); local Queue = require("lockbox.util.queue"); -local Bit = require("lockbox.util.bit"); -local AND = Bit.band; local CTR = {}; @@ -44,35 +42,35 @@ CTR.Cipher = function() local updateIV = function() iv[16] = iv[16] + 1; if iv[16] <= 0xFF then return; end - iv[16] = AND(iv[16], 0xFF); + iv[16] = (iv[16] & 0xFF); iv[15] = iv[15] + 1; if iv[15] <= 0xFF then return; end - iv[15] = AND(iv[15], 0xFF); + iv[15] = (iv[15] & 0xFF); iv[14] = iv[14] + 1; if iv[14] <= 0xFF then return; end - iv[14] = AND(iv[14], 0xFF); + iv[14] = (iv[14] & 0xFF); iv[13] = iv[13] + 1; if iv[13] <= 0xFF then return; end - iv[13] = AND(iv[13], 0xFF); + iv[13] = (iv[13] & 0xFF); iv[12] = iv[12] + 1; if iv[12] <= 0xFF then return; end - iv[12] = AND(iv[12], 0xFF); + iv[12] = (iv[12] & 0xFF); iv[11] = iv[11] + 1; if iv[11] <= 0xFF then return; end - iv[11] = AND(iv[11], 0xFF); + iv[11] = (iv[11] & 0xFF); iv[10] = iv[10] + 1; if iv[10] <= 0xFF then return; end - iv[10] = AND(iv[10], 0xFF); + iv[10] = (iv[10] & 0xFF); iv[9] = iv[9] + 1; if iv[9] <= 0xFF then return; end - iv[9] = AND(iv[9], 0xFF); + iv[9] = (iv[9] & 0xFF); return; end @@ -165,35 +163,35 @@ CTR.Decipher = function() local updateIV = function() iv[16] = iv[16] + 1; if iv[16] <= 0xFF then return; end - iv[16] = AND(iv[16], 0xFF); + iv[16] = (iv[16] & 0xFF); iv[15] = iv[15] + 1; if iv[15] <= 0xFF then return; end - iv[15] = AND(iv[15], 0xFF); + iv[15] = (iv[15] & 0xFF); iv[14] = iv[14] + 1; if iv[14] <= 0xFF then return; end - iv[14] = AND(iv[14], 0xFF); + iv[14] = (iv[14] & 0xFF); iv[13] = iv[13] + 1; if iv[13] <= 0xFF then return; end - iv[13] = AND(iv[13], 0xFF); + iv[13] = (iv[13] & 0xFF); iv[12] = iv[12] + 1; if iv[12] <= 0xFF then return; end - iv[12] = AND(iv[12], 0xFF); + iv[12] = (iv[12] & 0xFF); iv[11] = iv[11] + 1; if iv[11] <= 0xFF then return; end - iv[11] = AND(iv[11], 0xFF); + iv[11] = (iv[11] & 0xFF); iv[10] = iv[10] + 1; if iv[10] <= 0xFF then return; end - iv[10] = AND(iv[10], 0xFF); + iv[10] = (iv[10] & 0xFF); iv[9] = iv[9] + 1; if iv[9] <= 0xFF then return; end - iv[9] = AND(iv[9], 0xFF); + iv[9] = (iv[9] & 0xFF); return; end From a2df92e7ee72d4c8bbb91b12c4efc05d1de155cd Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:47:40 -0900 Subject: [PATCH 09/22] Convert MD2 to native bitwise operations --- lockbox/digest/md2.lua | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lockbox/digest/md2.lua b/lockbox/digest/md2.lua index d0f6b61..f8a0c72 100644 --- a/lockbox/digest/md2.lua +++ b/lockbox/digest/md2.lua @@ -1,6 +1,5 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); local SUBST = { @@ -21,7 +20,6 @@ local SUBST = { 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A, 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 }; -local XOR = Bit.bxor; local MD2 = function() @@ -48,7 +46,7 @@ local MD2 = function() for i = 0, 15 do X[i + 16] = block[i]; - X[i + 32] = XOR(X[i], block[i]); --mix + X[i + 32] = (X[i] ~ block[i]); --mix end local t; @@ -57,7 +55,7 @@ local MD2 = function() t = 0; for i = 0, 17 do for j = 0, 47 do - X[j] = XOR(X[j], SUBST[t + 1]); + X[j] = (X[j] ~ SUBST[t + 1]); t = X[j]; end t = (t + i) % 256; @@ -66,7 +64,7 @@ local MD2 = function() --update checksum t = C[15]; for i = 0, 15 do - C[i] = XOR(C[i], SUBST[XOR(block[i], t) + 1]); + C[i] = (C[i] ~ SUBST[(block[i] ~ t) + 1]); t = C[i]; end From 150483f0d58e8806046f11d802e977f6b6aa1fe1 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:48:00 -0900 Subject: [PATCH 10/22] Convert MD4 to native bitwise operations --- lockbox/digest/md4.lua | 47 +++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/lockbox/digest/md4.lua b/lockbox/digest/md4.lua index bc32588..4ebc15b 100644 --- a/lockbox/digest/md4.lua +++ b/lockbox/digest/md4.lua @@ -1,43 +1,42 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local LROT = Bit.lrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local LROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return ((l << r) & 0xffffffff) | (l >> (32 - r)) +end + + --MD4 is little-endian local bytes2word = function(b0, b1, b2, b3) - local i = b3; i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b0); + local i = b3; i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b0); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b0 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b3 = AND(word, 0xFF); + b0 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b3 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(i // 0x100000000); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end -local F = function(x, y, z) return OR(AND(x, y), AND(NOT(x), z)); end -local G = function(x, y, z) return OR(AND(x, y), OR(AND(x, z), AND(y, z))); end -local H = function(x, y, z) return XOR(x, XOR(y, z)); end +local F = function(x, y, z) return ((x & y) | ((~x) & z)); end +local G = function(x, y, z) return ((x & y) | ((x & z) | (y & z))); end +local H = function(x, y, z) return (x ~ (y ~ z)); end local MD4 = function() @@ -125,10 +124,10 @@ local MD4 = function() b = LROT(b + H(c, d, a) + X[15] + 0x6ED9EBA1, 15); - A = AND(A + a, 0xFFFFFFFF); - B = AND(B + b, 0xFFFFFFFF); - C = AND(C + c, 0xFFFFFFFF); - D = AND(D + d, 0xFFFFFFFF); + A = (A + a & 0xFFFFFFFF); + B = (B + b & 0xFFFFFFFF); + C = (C + c & 0xFFFFFFFF); + D = (D + d & 0xFFFFFFFF); end public.init = function() From c83241be6b660bea45d94cb2b71b518bff1c52d3 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:48:19 -0900 Subject: [PATCH 11/22] Convert MD5 to native bitwise operations --- lockbox/digest/md5.lua | 49 +++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/lockbox/digest/md5.lua b/lockbox/digest/md5.lua index 6264b84..85d5fc4 100644 --- a/lockbox/digest/md5.lua +++ b/lockbox/digest/md5.lua @@ -1,6 +1,5 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); local SHIFT = { @@ -27,42 +26,42 @@ local CONSTANTS = { 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391}; -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local LROT = Bit.lrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local LROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return ((l << r) & 0xffffffff) | (l >> (32 - r)) +end + + --MD5 is little-endian local bytes2word = function(b0, b1, b2, b3) - local i = b3; i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b0); + local i = b3; i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b0); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b0 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b3 = AND(word, 0xFF); + b0 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b3 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(i // 0x100000000); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end -local F = function(x, y, z) return OR(AND(x, y), AND(NOT(x), z)); end -local G = function(x, y, z) return OR(AND(x, z), AND(y, NOT(z))); end -local H = function(x, y, z) return XOR(x, XOR(y, z)); end -local I = function(x, y, z) return XOR(y, OR(x, NOT(z))); end +local F = function(x, y, z) return ((x & y) | ((~x) & z)); end +local G = function(x, y, z) return ((x & z) | (y & (~z))); end +local H = function(x, y, z) return (x ~ (y ~ z)); end +local I = function(x, y, z) return (y ~ (x | (~z))); end local MD5 = function() @@ -109,10 +108,10 @@ local MD5 = function() a = temp; end - A = AND(A + a, 0xFFFFFFFF); - B = AND(B + b, 0xFFFFFFFF); - C = AND(C + c, 0xFFFFFFFF); - D = AND(D + d, 0xFFFFFFFF); + A = (A + a & 0xFFFFFFFF); + B = (B + b & 0xFFFFFFFF); + C = (C + c & 0xFFFFFFFF); + D = (D + d & 0xFFFFFFFF); end public.init = function() From 3f08e3df56179201cdd8bce7f4d5174cea5f7e5f Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:48:44 -0900 Subject: [PATCH 12/22] Convert RIPEMD 128 to native bitwise operations --- lockbox/digest/ripemd128.lua | 65 ++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 33 deletions(-) diff --git a/lockbox/digest/ripemd128.lua b/lockbox/digest/ripemd128.lua index 38a1fb1..2a40c5c 100644 --- a/lockbox/digest/ripemd128.lua +++ b/lockbox/digest/ripemd128.lua @@ -1,70 +1,69 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local LROT = Bit.lrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local LROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return ((l << r) & 0xffffffff) | (l >> (32 - r)) +end + + --RIPEMD128 is little-endian local bytes2word = function(b0, b1, b2, b3) - local i = b3; i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b0); + local i = b3; i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b0); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b0 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b3 = AND(word, 0xFF); + b0 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b3 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(i // 0x100000000); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end -local F = function(x, y, z) return XOR(x, XOR(y, z)); end -local G = function(x, y, z) return OR(AND(x, y), AND(NOT(x), z)); end -local H = function(x, y, z) return XOR(OR(x, NOT(y)), z); end -local I = function(x, y, z) return OR(AND(x, z), AND(y, NOT(z))); end +local F = function(x, y, z) return (x ~ (y ~ z)); end +local G = function(x, y, z) return ((x & y) | ((~x) & z)); end +local H = function(x, y, z) return ((x | (~y)) ~ z); end +local I = function(x, y, z) return ((x & z) | (y & (~z))); end local FF = function(a, b, c, d, x, s) a = a + F(b, c, d) + x; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local GG = function(a, b, c, d, x, s) a = a + G(b, c, d) + x + 0x5a827999; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local HH = function(a, b, c, d, x, s) a = a + H(b, c, d) + x + 0x6ed9eba1; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local II = function(a, b, c, d, x, s) a = a + I(b, c, d) + x + 0x8f1bbcdc; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end @@ -72,28 +71,28 @@ end local FFF = function(a, b, c, d, x, s) a = a + F(b, c, d) + x; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local GGG = function(a, b, c, d, x, s) a = a + G(b, c, d) + x + 0x6d703ef3; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local HHH = function(a, b, c, d, x, s) a = a + H(b, c, d) + x + 0x5c4dd124; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local III = function(a, b, c, d, x, s) a = a + I(b, c, d) + x + 0x50a28be6; a = LROT(a, s); - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end @@ -255,10 +254,10 @@ local RIPEMD128 = function() bbb = FFF(bbb, ccc, ddd, aaa, X[14], 8); - A, B, C, D = AND(B + cc + ddd, 0xFFFFFFFF), - AND(C + dd + aaa, 0xFFFFFFFF), - AND(D + aa + bbb, 0xFFFFFFFF), - AND(A + bb + ccc, 0xFFFFFFFF); + A, B, C, D = (B + cc + ddd & 0xFFFFFFFF), + (C + dd + aaa & 0xFFFFFFFF), + (D + aa + bbb & 0xFFFFFFFF), + (A + bb + ccc & 0xFFFFFFFF); end From 5ca50a451ccb10053ec87d64385d2f1b573b042e Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:48:55 -0900 Subject: [PATCH 13/22] Convert RIPEMD 160 to native bitwise operations --- lockbox/digest/ripemd160.lua | 73 ++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 37 deletions(-) diff --git a/lockbox/digest/ripemd160.lua b/lockbox/digest/ripemd160.lua index 2ea5dcb..52d85dc 100644 --- a/lockbox/digest/ripemd160.lua +++ b/lockbox/digest/ripemd160.lua @@ -1,113 +1,112 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local LROT = Bit.lrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local LROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return ((l << r) & 0xffffffff) | (l >> (32 - r)) +end + + --RIPEMD160 is little-endian local bytes2word = function(b0, b1, b2, b3) - local i = b3; i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b0); + local i = b3; i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b0); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b0 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b3 = AND(word, 0xFF); + b0 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b3 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) - local b4, b5, b6, b7 = word2bytes(math.floor(i / 0x100000000)); + local b4, b5, b6, b7 = word2bytes(i // 0x100000000); local b0, b1, b2, b3 = word2bytes(i); return b0, b1, b2, b3, b4, b5, b6, b7; end -local F = function(x, y, z) return XOR(x, XOR(y, z)); end -local G = function(x, y, z) return OR(AND(x, y), AND(NOT(x), z)); end -local H = function(x, y, z) return XOR(OR(x, NOT(y)), z); end -local I = function(x, y, z) return OR(AND(x, z), AND(y, NOT(z))); end -local J = function(x, y, z) return XOR(x, OR(y, NOT(z))); end +local F = function(x, y, z) return (x ~ (y ~ z)); end +local G = function(x, y, z) return ((x & y) | ((~x) & z)); end +local H = function(x, y, z) return ((x | (~y)) ~ z); end +local I = function(x, y, z) return ((x & z) | (y & (~z))); end +local J = function(x, y, z) return (x ~ (y | (~z))); end local FF = function(a, b, c, d, e, x, s) a = a + F(b, c, d) + x; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local GG = function(a, b, c, d, e, x, s) a = a + G(b, c, d) + x + 0x5a827999; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local HH = function(a, b, c, d, e, x, s) a = a + H(b, c, d) + x + 0x6ed9eba1; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local II = function(a, b, c, d, e, x, s) a = a + I(b, c, d) + x + 0x8f1bbcdc; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local JJ = function(a, b, c, d, e, x, s) a = a + J(b, c, d) + x + 0xa953fd4e; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local FFF = function(a, b, c, d, e, x, s) a = a + F(b, c, d) + x; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local GGG = function(a, b, c, d, e, x, s) a = a + G(b, c, d) + x + 0x7a6d76e9; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local HHH = function(a, b, c, d, e, x, s) a = a + H(b, c, d) + x + 0x6d703ef3; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local III = function(a, b, c, d, e, x, s) a = a + I(b, c, d) + x + 0x5c4dd124; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end local JJJ = function(a, b, c, d, e, x, s) a = a + J(b, c, d) + x + 0x50a28be6; a = LROT(a, s) + e; - a = AND(a, 0xFFFFFFFF); + a = (a & 0xFFFFFFFF); return a; end @@ -303,11 +302,11 @@ local RIPEMD160 = function() ccc, eee = FFF(ccc, ddd, eee, aaa, bbb, X[ 9] , 11), LROT(eee, 10); bbb, ddd = FFF(bbb, ccc, ddd, eee, aaa, X[11] , 11), LROT(ddd, 10); - A, B, C, D, E = AND(B + cc + ddd, 0xFFFFFFFF), - AND(C + dd + eee, 0xFFFFFFFF), - AND(D + ee + aaa, 0xFFFFFFFF), - AND(E + aa + bbb, 0xFFFFFFFF), - AND(A + bb + ccc, 0xFFFFFFFF); + A, B, C, D, E = (B + cc + ddd & 0xFFFFFFFF), + (C + dd + eee & 0xFFFFFFFF), + (D + ee + aaa & 0xFFFFFFFF), + (E + aa + bbb & 0xFFFFFFFF), + (A + bb + ccc & 0xFFFFFFFF); end From a55224d801de60da4d86f462446b8ac2a37b84c3 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:49:14 -0900 Subject: [PATCH 14/22] Convert SHA1 to native bitwise operations --- lockbox/digest/sha1.lua | 52 ++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/lockbox/digest/sha1.lua b/lockbox/digest/sha1.lua index 5a6e2e8..a6ef5ac 100644 --- a/lockbox/digest/sha1.lua +++ b/lockbox/digest/sha1.lua @@ -1,43 +1,43 @@ require("lockbox").insecure(); -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); -local AND = Bit.band; -local OR = Bit.bor; -local XOR = Bit.bxor; -local LROT = Bit.lrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local LROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return ((l << r) & 0xffffffff) | (l >> (32 - r)) +end + + --SHA1 is big-endian local bytes2word = function(b0, b1, b2, b3) - local i = b0; i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b3); + local i = b0; i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b3); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(i // 0x100000000); return b0, b1, b2, b3, b4, b5, b6, b7; end -local F = function(x, y, z) return XOR(z, AND(x, XOR(y, z))); end -local G = function(x, y, z) return XOR(x, XOR(y, z)); end -local H = function(x, y, z) return OR(AND(x, OR(y, z)), AND(y, z)); end -local I = function(x, y, z) return XOR(x, XOR(y, z)); end +local F = function(x, y, z) return (z ~ (x & (y ~ z))); end +local G = function(x, y, z) return (x ~ (y ~ z)); end +local H = function(x, y, z) return ((x & (y | z)) | (y & z)); end +local I = function(x, y, z) return (x ~ (y ~ z)); end local SHA1 = function() @@ -66,7 +66,7 @@ local SHA1 = function() end for i = 16, 79 do - w[i] = LROT((XOR(XOR(w[i - 3], w[i - 8]), XOR(w[i - 14], w[i - 16]))), 1); + w[i] = LROT((((w[i - 3] ~ w[i - 8]) ~ (w[i - 14] ~ w[i - 16]))), 1); end for i = 0, 79 do @@ -91,11 +91,11 @@ local SHA1 = function() a = temp; end - h0 = AND(h0 + a, 0xFFFFFFFF); - h1 = AND(h1 + b, 0xFFFFFFFF); - h2 = AND(h2 + c, 0xFFFFFFFF); - h3 = AND(h3 + d, 0xFFFFFFFF); - h4 = AND(h4 + e, 0xFFFFFFFF); + h0 = (h0 + a & 0xFFFFFFFF); + h1 = (h1 + b & 0xFFFFFFFF); + h2 = (h2 + c & 0xFFFFFFFF); + h3 = (h3 + d & 0xFFFFFFFF); + h4 = (h4 + e & 0xFFFFFFFF); end public.init = function() From 2066d269b6411964127c21eeecc3da45788b3386 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:49:29 -0900 Subject: [PATCH 15/22] Convert SHA2 224 to native bitwise operations --- lockbox/digest/sha2_224.lua | 63 ++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/lockbox/digest/sha2_224.lua b/lockbox/digest/sha2_224.lua index 6ee7245..f59da3c 100644 --- a/lockbox/digest/sha2_224.lua +++ b/lockbox/digest/sha2_224.lua @@ -1,4 +1,3 @@ -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); local CONSTANTS = { @@ -14,35 +13,35 @@ local CONSTANTS = { local fmt = "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" .. "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local RROT = Bit.rrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local RROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return (l >> r) | (0xffffffff & (l << (32 - r))) +end + + --SHA2 is big-endian local bytes2word = function(b0, b1, b2, b3) - local i = b0; i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b3); + local i = b0; i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b3); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(i // 0x100000000); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -81,17 +80,17 @@ local SHA2_224 = function() end for i = 16, 63 do - local s0 = XOR(RROT(w[i - 15], 7), XOR(RROT(w[i - 15], 18), RSHIFT(w[i - 15], 3))); - local s1 = XOR(RROT(w[i - 2], 17), XOR(RROT(w[i - 2], 19), RSHIFT(w[i - 2], 10))); - w[i] = AND(w[i - 16] + s0 + w[i - 7] + s1, 0xFFFFFFFF); + local s0 = (RROT(w[i - 15], 7) ~ (RROT(w[i - 15], 18) ~ (w[i - 15] >> 3))); + local s1 = (RROT(w[i - 2], 17) ~ (RROT(w[i - 2], 19) ~ (w[i - 2] >> 10))); + w[i] = (w[i - 16] + s0 + w[i - 7] + s1 & 0xFFFFFFFF); end for i = 0, 63 do - local s1 = XOR(RROT(e, 6), XOR(RROT(e, 11), RROT(e, 25))); - local ch = XOR(AND(e, f), AND(NOT(e), g)); + local s1 = (RROT(e, 6) ~ (RROT(e, 11) ~ RROT(e, 25))); + local ch = ((e & f) ~ ((~e) & g)); local temp1 = h + s1 + ch + CONSTANTS[i + 1] + w[i]; - local s0 = XOR(RROT(a, 2), XOR(RROT(a, 13), RROT(a, 22))); - local maj = XOR(AND(a, b), XOR(AND(a, c), AND(b, c))); + local s0 = (RROT(a, 2) ~ (RROT(a, 13) ~ RROT(a, 22))); + local maj = ((a & b) ~ ((a & c) ~ (b & c))); local temp2 = s0 + maj; h = g; @@ -104,14 +103,14 @@ local SHA2_224 = function() a = temp1 + temp2; end - h0 = AND(h0 + a, 0xFFFFFFFF); - h1 = AND(h1 + b, 0xFFFFFFFF); - h2 = AND(h2 + c, 0xFFFFFFFF); - h3 = AND(h3 + d, 0xFFFFFFFF); - h4 = AND(h4 + e, 0xFFFFFFFF); - h5 = AND(h5 + f, 0xFFFFFFFF); - h6 = AND(h6 + g, 0xFFFFFFFF); - h7 = AND(h7 + h, 0xFFFFFFFF); + h0 = (h0 + a & 0xFFFFFFFF); + h1 = (h1 + b & 0xFFFFFFFF); + h2 = (h2 + c & 0xFFFFFFFF); + h3 = (h3 + d & 0xFFFFFFFF); + h4 = (h4 + e & 0xFFFFFFFF); + h5 = (h5 + f & 0xFFFFFFFF); + h6 = (h6 + g & 0xFFFFFFFF); + h7 = (h7 + h & 0xFFFFFFFF); end public.init = function() From 2d5686a17a597e32853e96f6f97844145c51f447 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:49:45 -0900 Subject: [PATCH 16/22] Convert SHA2 256 to native bitwise operations --- lockbox/digest/sha2_256.lua | 63 ++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/lockbox/digest/sha2_256.lua b/lockbox/digest/sha2_256.lua index 74136d7..a550e10 100644 --- a/lockbox/digest/sha2_256.lua +++ b/lockbox/digest/sha2_256.lua @@ -1,4 +1,3 @@ -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); local CONSTANTS = { @@ -14,35 +13,35 @@ local CONSTANTS = { local fmt = "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" .. "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local XOR = Bit.bxor; -local RROT = Bit.rrotate; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; +local RROT = function(l, r) + l = l & 0xffffffff + r = r & 0x1f + return (l >> r) | (0xffffffff & (l << (32 - r))) +end + + --SHA2 is big-endian local bytes2word = function(b0, b1, b2, b3) - local i = b0; i = LSHIFT(i, 8); - i = OR(i, b1); i = LSHIFT(i, 8); - i = OR(i, b2); i = LSHIFT(i, 8); - i = OR(i, b3); + local i = b0; i = (i << 8); + i = (i | b1); i = (i << 8); + i = (i | b2); i = (i << 8); + i = (i | b3); return i; end local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end local dword2bytes = function(i) local b4, b5, b6, b7 = word2bytes(i); - local b0, b1, b2, b3 = word2bytes(math.floor(i / 0x100000000)); + local b0, b1, b2, b3 = word2bytes(i // 0x100000000); return b0, b1, b2, b3, b4, b5, b6, b7; end @@ -81,17 +80,17 @@ local SHA2_256 = function() end for i = 16, 63 do - local s0 = XOR(RROT(w[i - 15], 7), XOR(RROT(w[i - 15], 18), RSHIFT(w[i - 15], 3))); - local s1 = XOR(RROT(w[i - 2], 17), XOR(RROT(w[i - 2], 19), RSHIFT(w[i - 2], 10))); - w[i] = AND(w[i - 16] + s0 + w[i - 7] + s1, 0xFFFFFFFF); + local s0 = (RROT(w[i - 15], 7) ~ (RROT(w[i - 15], 18) ~ (w[i - 15] >> 3))); + local s1 = (RROT(w[i - 2], 17) ~ (RROT(w[i - 2], 19) ~ (w[i - 2] >> 10))); + w[i] = (w[i - 16] + s0 + w[i - 7] + s1 & 0xFFFFFFFF); end for i = 0, 63 do - local s1 = XOR(RROT(e, 6), XOR(RROT(e, 11), RROT(e, 25))); - local ch = XOR(AND(e, f), AND(NOT(e), g)); + local s1 = (RROT(e, 6) ~ (RROT(e, 11) ~ RROT(e, 25))); + local ch = ((e & f) ~ ((~e) & g)); local temp1 = h + s1 + ch + CONSTANTS[i + 1] + w[i]; - local s0 = XOR(RROT(a, 2), XOR(RROT(a, 13), RROT(a, 22))); - local maj = XOR(AND(a, b), XOR(AND(a, c), AND(b, c))); + local s0 = (RROT(a, 2) ~ (RROT(a, 13) ~ RROT(a, 22))); + local maj = ((a & b) ~ ((a & c) ~ (b & c))); local temp2 = s0 + maj; h = g; @@ -104,14 +103,14 @@ local SHA2_256 = function() a = temp1 + temp2; end - h0 = AND(h0 + a, 0xFFFFFFFF); - h1 = AND(h1 + b, 0xFFFFFFFF); - h2 = AND(h2 + c, 0xFFFFFFFF); - h3 = AND(h3 + d, 0xFFFFFFFF); - h4 = AND(h4 + e, 0xFFFFFFFF); - h5 = AND(h5 + f, 0xFFFFFFFF); - h6 = AND(h6 + g, 0xFFFFFFFF); - h7 = AND(h7 + h, 0xFFFFFFFF); + h0 = (h0 + a & 0xFFFFFFFF); + h1 = (h1 + b & 0xFFFFFFFF); + h2 = (h2 + c & 0xFFFFFFFF); + h3 = (h3 + d & 0xFFFFFFFF); + h4 = (h4 + e & 0xFFFFFFFF); + h5 = (h5 + f & 0xFFFFFFFF); + h6 = (h6 + g & 0xFFFFFFFF); + h7 = (h7 + h & 0xFFFFFFFF); end public.init = function() From b5f45568bb1d7eceddd42da60fcade90861916fd Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:50:14 -0900 Subject: [PATCH 17/22] Convert HKDF to native bitwise operations --- lockbox/kdf/hkdf.lua | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lockbox/kdf/hkdf.lua b/lockbox/kdf/hkdf.lua index 48584ce..34b5523 100644 --- a/lockbox/kdf/hkdf.lua +++ b/lockbox/kdf/hkdf.lua @@ -29,7 +29,9 @@ local HKDF = function() end local expand = function(prk) - local iterations = math.ceil(outputLen / hashLen); + -- Native integer ceiling division: (a + b - 1) // b + -- See: https://stackoverflow.com/a/2745086 + local iterations = (outputLen + hashLen - 1) // hashLen; local mixin = {}; local results = {}; local remainingBytes = outputLen; From a4fccd6ca6ac63ea5f74cfc84511e28d9afe61b4 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:50:35 -0900 Subject: [PATCH 18/22] Convert PBKDF2 to native bitwise operations --- lockbox/kdf/pbkdf2.lua | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/lockbox/kdf/pbkdf2.lua b/lockbox/kdf/pbkdf2.lua index c9e4388..eb03e3c 100644 --- a/lockbox/kdf/pbkdf2.lua +++ b/lockbox/kdf/pbkdf2.lua @@ -1,16 +1,14 @@ -local Bit = require("lockbox.util.bit"); local Array = require("lockbox.util.array"); local Stream = require("lockbox.util.stream"); -local AND = Bit.band; -local RSHIFT = Bit.rshift; + local word2bytes = function(word) local b0, b1, b2, b3; - b3 = AND(word, 0xFF); word = RSHIFT(word, 8); - b2 = AND(word, 0xFF); word = RSHIFT(word, 8); - b1 = AND(word, 0xFF); word = RSHIFT(word, 8); - b0 = AND(word, 0xFF); + b3 = (word & 0xFF); word = (word >> 8); + b2 = (word & 0xFF); word = (word >> 8); + b1 = (word & 0xFF); word = (word >> 8); + b0 = (word & 0xFF); return b0, b1, b2, b3; end @@ -85,7 +83,9 @@ local PBKDF2 = function() end public.finish = function() - local blocks = math.ceil(dKeyLen / blockLen); + -- Native integer ceiling division: (a + b - 1) // b + -- See: https://stackoverflow.com/a/2745086 + local blocks = (dKeyLen + blockLen - 1) // blockLen; dKey = {}; From 1029697680ce1d158bb6474edd64969e4d152a4b Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:50:46 -0900 Subject: [PATCH 19/22] Convert HMAC to native bitwise operations --- lockbox/mac/hmac.lua | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lockbox/mac/hmac.lua b/lockbox/mac/hmac.lua index 1810f85..be12491 100644 --- a/lockbox/mac/hmac.lua +++ b/lockbox/mac/hmac.lua @@ -1,8 +1,6 @@ -local Bit = require("lockbox.util.bit"); local Stream = require("lockbox.util.stream"); local Array = require("lockbox.util.array"); -local XOR = Bit.bxor; local HMAC = function() @@ -42,8 +40,8 @@ local HMAC = function() for i = 1, blockSize do local byte = keyStream(); if byte == nil then byte = 0x00; end - outerPadding[i] = XOR(0x5C, byte); - innerPadding[i] = XOR(0x36, byte); + outerPadding[i] = (0x5C ~ byte); + innerPadding[i] = (0x36 ~ byte); end return public; From 8820831a6f021e8ee3c3d76338d8aaba93a16fe4 Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:51:06 -0900 Subject: [PATCH 20/22] Convert Array to native bitwise operations --- lockbox/util/array.lua | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lockbox/util/array.lua b/lockbox/util/array.lua index 61ed06e..43b8372 100644 --- a/lockbox/util/array.lua +++ b/lockbox/util/array.lua @@ -1,9 +1,6 @@ -local Bit = require("lockbox.util.bit"); local Queue = require("lockbox.util.queue"); -local XOR = Bit.bxor; - local Array = {}; Array.size = function(array) @@ -163,7 +160,7 @@ Array.XOR = function(a, b) local x = {}; for k, v in pairs(a) do - x[k] = XOR(v, b[k]); + x[k] = (v ~ b[k]); end return x; From 2640e285fdf2710c6cd5e9d71e09470fff369a8d Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:51:45 -0900 Subject: [PATCH 21/22] Convert Base64 to native bitwise operations --- lockbox/util/base64.lua | 29 ++++++++++------------------- 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/lockbox/util/base64.lua b/lockbox/util/base64.lua index f1e4724..5fa0a4a 100644 --- a/lockbox/util/base64.lua +++ b/lockbox/util/base64.lua @@ -1,14 +1,5 @@ -local Bit = require("lockbox.util.bit"); - local Stream = require("lockbox.util.stream"); -local AND = Bit.band; -local OR = Bit.bor; -local NOT = Bit.bnot; -local LSHIFT = Bit.lshift; -local RSHIFT = Bit.rshift; - - local SYMBOLS = { [0]="A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", @@ -32,23 +23,23 @@ Base64.fromStream = function(stream) local byte = stream(); while byte ~= nil do - bits = OR(LSHIFT(bits, 8), byte); + bits = ((bits << 8) | byte); bitCount = bitCount + 8; while bitCount >= 6 do bitCount = bitCount - 6; - local temp = RSHIFT(bits, bitCount); + local temp = (bits >> bitCount); table.insert(base64, LOOKUP[temp]); - bits = AND(bits, NOT(LSHIFT(0xFFFFFFFF, bitCount))); + bits = (bits & (~(0xFFFFFFFF << bitCount))); end byte = stream(); end if (bitCount == 4) then - bits = LSHIFT(bits, 2); + bits = (bits << 2); table.insert(base64, LOOKUP[bits]); table.insert(base64, "="); elseif (bitCount == 2) then - bits = LSHIFT(bits, 4); + bits = (bits << 4); table.insert(base64, LOOKUP[bits]); table.insert(base64, "=="); end @@ -82,16 +73,16 @@ Base64.toStream = function(base64) for c in string.gmatch(base64, ".") do if (c == "=") then - bits = RSHIFT(bits, 2); bitCount = bitCount - 2; + bits = (bits >> 2); bitCount = bitCount - 2; else - bits = LSHIFT(bits, 6); bitCount = bitCount + 6; - bits = OR(bits, LOOKUP[c]); + bits = (bits << 6); bitCount = bitCount + 6; + bits = (bits | LOOKUP[c]); end while(bitCount >= 8) do bitCount = bitCount - 8; - local byte = RSHIFT(bits, bitCount); - bits = AND(bits, NOT(LSHIFT(0xFFFFFFFF, bitCount))); + local byte = (bits >> bitCount); + bits = (bits & (~(0xFFFFFFFF << bitCount))); yield(byte); end end From a52bb61f48eebd9e903856741f123665e4cebecf Mon Sep 17 00:00:00 2001 From: Jason Tipton Date: Mon, 26 Jan 2026 10:52:58 -0900 Subject: [PATCH 22/22] Remove lockbox.util.bit in favor of native bitwise ops --- README.md | 1 - lockbox/util/bit.lua | 44 ------------------------------ rockspecs/lockbox-0.1.0-0.rockspec | 1 - rockspecs/lockbox-scm-0.rockspec | 1 - 4 files changed, 47 deletions(-) delete mode 100644 lockbox/util/bit.lua diff --git a/README.md b/README.md index be7f633..f75f8af 100644 --- a/README.md +++ b/README.md @@ -98,7 +98,6 @@ Several weak or broken primitives are implemented in this library, for research * `lockbox.padding.zero` * `lockbox.util.base64` * `lockbox.util.array` - * `lockbox.util.bit` * `lockbox.util.queue` * `lockbox.util.stream` diff --git a/lockbox/util/bit.lua b/lockbox/util/bit.lua deleted file mode 100644 index 3c4028a..0000000 --- a/lockbox/util/bit.lua +++ /dev/null @@ -1,44 +0,0 @@ -local ok, e -ok = nil -if not ok then - ok, e = pcall(require, "bit") -- the LuaJIT one ? -end -if not ok then - ok, e = pcall(require, "bit32") -- Lua 5.2 -end -if not ok then - ok, e = pcall(require, "bit.numberlua") -- for Lua 5.1, https://github.com/tst2005/lua-bit-numberlua/ -end -if not ok then - error("no bitwise support found", 2) -end -assert(type(e) == "table", "invalid bit module") - --- Workaround to support Lua 5.2 bit32 API with the LuaJIT bit one -if e.rol and not e.lrotate then - e.lrotate = e.rol -end -if e.ror and not e.rrotate then - e.rrotate = e.ror -end - --- Workaround to support incomplete bit operations set -if not e.ror and not e.rrotate then - local ror = function(b, n) - return e.bor(e.rshift(b, n), e.lshift(b, 32 - n)) - end - - e.ror = ror - e.rrotate = ror -end - -if not e.rol and not e.lrotate then - local rol = function(b, n) - return e.bor(e.lshift(b, n), e.rshift(b, 32 - n)) - end - - e.rol = rol - e.lrotate = rol -end - -return e diff --git a/rockspecs/lockbox-0.1.0-0.rockspec b/rockspecs/lockbox-0.1.0-0.rockspec index ae59591..b02c0a9 100644 --- a/rockspecs/lockbox-0.1.0-0.rockspec +++ b/rockspecs/lockbox-0.1.0-0.rockspec @@ -37,7 +37,6 @@ build = { ['lockbox.util.base64'] = 'lockbox/util/base64.lua', ['lockbox.util.array'] = 'lockbox/util/array.lua', ['lockbox.util.queue'] = 'lockbox/util/queue.lua', - ['lockbox.util.bit'] = 'lockbox/util/bit.lua', ['lockbox.util.stream'] = 'lockbox/util/stream.lua', ['lockbox.cipher.mode.pcbc'] = 'lockbox/cipher/mode/pcbc.lua', ['lockbox.cipher.mode.ctr'] = 'lockbox/cipher/mode/ctr.lua', diff --git a/rockspecs/lockbox-scm-0.rockspec b/rockspecs/lockbox-scm-0.rockspec index 97e1da8..a3c8f3c 100644 --- a/rockspecs/lockbox-scm-0.rockspec +++ b/rockspecs/lockbox-scm-0.rockspec @@ -37,7 +37,6 @@ build = { ['lockbox.util.base64'] = 'lockbox/util/base64.lua', ['lockbox.util.array'] = 'lockbox/util/array.lua', ['lockbox.util.queue'] = 'lockbox/util/queue.lua', - ['lockbox.util.bit'] = 'lockbox/util/bit.lua', ['lockbox.util.stream'] = 'lockbox/util/stream.lua', ['lockbox.cipher.mode.pcbc'] = 'lockbox/cipher/mode/pcbc.lua', ['lockbox.cipher.mode.ctr'] = 'lockbox/cipher/mode/ctr.lua',