#! /usr/local/bin/perl
#serpent http://www.cl.cam.ac.uk/~rja14/serpent.html

my $PHI = 0x9E3779B9;#(sqrt(5) - 1) * 2**31
my @Sbox = (
[ 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12],
[15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4],
[ 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2],
[ 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14],
[ 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13],
[15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1],
[ 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0],
[ 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6]
);
#sub encode($$);
#sub decode($$);

my $buff;
my(%FORM,$k,$v);
read STDIN,$buff,$ENV{CONTENT_LENGTH};
for(split '&',$buff){
	($k,$v) = m|^([^=]+)=(.*)|;
	$v =~tr|+| |;
	$v = unescape(\$v);
	$FORM{$k} = $v;
}
print "Content-type: text/html; charset=Shift-JIS\n\n";
my $ret;
if($FORM{m} ne ''){
	my $key = makekey($FORM{k});
	my($str,$len,$t1,$t2,$t3);
	if($FORM{m} eq 'encode'){
		$str = $FORM{s};
		$str =~s|\x0d\x0a?|\x0a|sg;
		$len = length $str;
		if($FORM{t} eq 'ecb'){
			for($i = 0;$i < $len;$i += 16){
				$ret .= encode(substr($str,$i,16),$key);
			}
		}elsif($FORM{t} eq 'cbc'){
			$t1 = join '',map{chr rand 256}0..15;
			$ret .= $t1;
			for($i = 0;$i < $len;$i += 16){
				$t2 = substr $str,$i,16;
				$t2 ^= $t1;
				$t2 = encode($t2,$key);
				$ret .= $t2;
				$t1 = $t2;
			}
		}elsif($FORM{t} eq 'cfb'){
			$t1 = join '',map{chr rand 256}0..15;
			$ret .= $t1;
			for($i = 0;$i < $len;$i += 16){
				$t2 = encode(substr($str,$i,16),$key);
				$t2 ^= $t1;
				$ret .= $t2;
				$t1 = $t2;
			}
		}
		$ret =~s|(.)|unpack "H2",$1|seg;
		$ret =~s|(.{64})|$1\x0a|g;
	}elsif($FORM{m} eq 'decode'){
		$str = $FORM{s};
		$str =~tr|\x0a\x0d||d;
		$str =~s|([a-f\d]{2})|pack "H2",$1|ieg;
		$len = length $str;
		if($FORM{t} eq 'ecb'){
			for($i = 0;$i < $len;$i += 16){
				$ret .= decode(substr($str,$i,16),$key);
			}
		}elsif($FORM{t} eq 'cbc'){
			$t1 = substr $str,$i,16;
			for($i = 16;$i < $len;$i += 16){
				$t2 = substr $str,$i,16;
				$t3 = decode($t2,$key);
				$t3 ^= $t1;
				$ret .= $t3;
				$t1 = $t2;
			}
		}elsif($FORM{t} eq 'cfb'){
			$t1 = substr $str,$i,16;
			for($i = 16;$i < $len;$i += 16){
				$t2 = substr $str,$i,16;
				$t3 = $t2 ^ $t1;
				$ret .= decode($t3,$key);
				$t1 = $t2;
			}
		}
	}
}

print <<HTML;
<html>
<head>
<meta http-equiv="Content-type" content="text/html; charset=Shift_JIS">
<meta http-equiv="Cache-Control" content="no-cache">
</head>
<body>
<form method="POST" action="serpent.cgi">
<textarea name="s" rows="20" cols="80">$ret</textarea><br>
<select name="t">
<option value="ecb" selected>ECB
<option value="cbc">CBC
<option value="cfb">CFB
</select>
<select name="m">
<option value="encode" selected>暗号化
<option value="decode">復号化
</select>
キー<input type="text" name="k" size="12">
<input type=submit value="　実行　"><input type=reset value="取消">
</form>
</body>
</html>
HTML
exit;

sub makekey($){
	my @key = unpack "L*",$_[0];
	my $limit = int(length($_[0])/4);
	my(@w,$i,$j,$t,$x0,$x1,$x2,$x3,$y0,$y1,$y2,$y3,$z);
	for($i = 0;$i < $limit;$i++){
		$w[$i] = $key[$i];
	}
	$w[$i++] = 1 if $i < 8;
	for($i = 8,$j = 0;$i < 16;$i++){
		$t = $w[$j] ^ $w[$i-5] ^ $w[$i-3] ^ $w[$i-1] ^ $PHI ^ $j++;
		$w[$i] = ($t << 11) | ($t >> 21);
	}
	for($i = 0,$j = 8;$i < 8;){
		$w[$i++] = $w[$j++];
	}
	$limit = 132;
	for(;$i < $limit;$i++){
		$t = $w[$i-8] ^ $w[$i-5] ^ $w[$i-3] ^ $w[$i-1] ^ $PHI ^ $i;
		$w[$i] = ($t << 11) | ($t >> 21);
	}
	for($i = 0;$i < 33;$i++){
		$x0 = $w[4*$i  ];$x1 = $w[4*$i+1];$x2 = $w[4*$i+2];$x3 = $w[4*$i+3];
		$y0 = $y1 = $y2 = $y3 = 0;
		$sb = $Sbox[(35-$i) % 8];
		for($j = 0; $j < 32; $j++){
			$z = ${$sb}[(($x0 >> $j) & 0x01)|((($x1 >> $j) & 0x01) << 1)|((($x2 >> $j) & 0x01) << 2) |((($x3 >> $j) & 0x01) << 3)];
			$y0 |= ( $z       & 0x01) << $j;
			$y1 |= (($z >> 1) & 0x01) << $j;
			$y2 |= (($z >> 2) & 0x01) << $j;
			$y3 |= (($z >> 3) & 0x01) << $j;
		}
		$w[4*$i  ] = $y0;$w[4*$i+1] = $y1;$w[4*$i+2] = $y2;$w[4*$i+3] = $y3;
	}
	\@w;
}

sub encode{
	my($x0,$x1,$x2,$x3) = unpack "L4",pack "a16",$_[0];
	local *K = $_[1];
	my($i,$y0,$y1,$y2,$y3,$t01,$t02,$t03,$t04,$t05,$t06,$t07,$t08,$t09,$t10,$t11);
	my $k = 0;
	sub encodepart($$$$){
		my($x0,$x1,$x2,$x3);
		my($y0,$y1,$y2,$y3) = @_;
		$x0 = ($y0 << 13)|($y0 >> 19);
		$x2 = ($y2 << 3)|($y2 >> 29);
		$x1 = $y1 ^ $x0 ^ $x2;
		$x3 = $y3 ^ $x2 ^ $x0 << 3;
		$x1 = ($x1 << 1)|($x1 >> 31);
		$x3 = ($x3 << 7)|($x3 >> 25);
		$x0 = $x0 ^ $x1 ^ $x3;
		$x2 = $x2 ^ $x3 ^ ($x1 << 7);
		$x0 = ($x0 << 5)|($x0 >> 27);
		$x2 = ($x2 << 22)|($x2 >> 10);
		$x0,$x1,$x2,$x3;
	}
	for($i = 0;$i < 4;$i++){
#1
		($x0,$x1,$x2,$x3)=map{$_^$K[$k++]}($x0,$x1,$x2,$x3);
		$y3  = ($x0 | $x3) ^ ($x1 ^ $x2);
		$t06 = $x0 ^ $x3;
		$t09 = ($x0 ^ $x1) & ($x1 | $x2);
		$y2  = $t09 ^ ($x3  & ($x2 | $y3));
		$y0  = ~ ($t06 ^ (($x1 | $x2) ^ ($t09 & $y2)));
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart($y0,(($x2 ^ $x3) ^ ($y0 ^ ($x1 & $t06))),$y2,$y3);
#2
		$t01 = $x0 | $x3;
		$t02 = $x2 ^ $x3;
		$t05 = $x0 | (~ $x1);
		$y2  = $t02 ^ $t05;
		$t10 = ($t01 & $t02) ^ ($x1 | ($x3  & ($x0 ^ $x2)));
		$y1  = ($x1 & $x3) ^ ($y2 ^ ($t01 ^ $t10));
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart(($x2 ^ ($t05 & ($t10 | $y1))),$y1,$y2,(~ $t10));
#3
		$t01 = $x0 | $x2;
		$t02 = $x0 ^ $x1;
		$t03 = $x3 ^ $t01;
		$y0  = $t02 ^ $t03;
		$t05 = $x2 ^ $y0;
		$t09 = $t03 ^ ($x1  | $t05);
		$y1  = ($t02 | $t09) ^ ($t01 & ($x1 ^ $t05));
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart($y0,$y1,(($x0 | $x3) ^ ($x1 ^ ($t09 ^ $y1))),(~ $t09));
#4
		$t02 = $x0 | $x3;
		$t05 = $x1 | ($x0  & $x3);
		$t04 = ($x0  ^ $x2) & $t02;
		$t08 = $x2 | ($x0  & $x1);
		$y3  = $t08 ^ ($x1  ^ ($x3 ^ $t04));
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart((($x0 | ($x3 ^ $t04)) ^ ($x1 & ($x3 | $y3))),($t05 ^ $t04),($t08 ^ ($t02 ^ ($x3 & $t05))),$y3);
#5
		$t03 = $x0 ^ ($x1  | $x2);
		$t04 = $x1 ^ $x3;
		$t05 = $x3 | $t03;
		$t06 = $x3 & ($x0  | $x1);
		$y3  = $t03 ^ $t06;
		$t08 = $y3 & $t04;
		$t11 = $x1 & $x2;
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart((~ (($x2 ^ $t06) ^ ($t04 & $t05))),(($x0 & $t05) ^ ($t11 | ($t04 ^ $t08))),(($t11 | $t03) ^ $t08),$y3);
#6
		$t01 = $x1 ^ $x3;
		$t03 = $x0 & $t01;
		$t05 = $t03 ^ ($x2 ^ ($x1 | $x3));
		$y0  = ~ $t05;
		$t07 = $x0 ^ $t01;
		$t08 = $x3 | $y0;
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart($y0,($t07 ^ $t08),(($x1 | $t05) ^ ($t07 | ($x3 ^ $t08))),(($t03 | $y0) ^ ($t01 ^ ($x1 | $t07))));
#7
		$t03 = $x0 ^ $x3;
		$y1  = ~ (($x0 & $x3) ^ ($x1 ^ $x2));
		$t07 = $t03 & ($x1  | $x2);
		$y2  = ~ (($x0 | $x2) ^ ($t07 ^ ($x1 & $y1)));
		($x0,$x1,$x2,$x3) = map{$_^$K[$k++]}encodepart((($x0 ^ $x1) ^ ($y2 ^ ($y1 & $t03))),$y1,$y2,(($x2 ^ ($x1  | $x3)) ^ $t07));
#8
		$t01 = $x0 & $x2;
		$t02 = ~ $x3;
		$t04 = $x1 | $t01;
		$t05 = $x0 & $x1;
		$y3  = ($x0 & $t02) ^ ($x2 ^ $t04);
		$y1  = ($x3 | $t05) ^ ($x0 ^ ($x2 | $y3));
		$y0  = ($x2 ^ $t05) ^ ($t02 | ($t01 ^ $y1));
		$y2  = $x0 ^ (($t04 & $y3) | ($x1 ^ $y1));
		last if $i == 3;
		($x0,$x1,$x2,$x3) = encodepart($y0,$y1,$y2,$y3);
	}
	$y0 ^= $K[$k++];$y1 ^= $K[$k++];$y2 ^= $K[$k++];$y3 ^= $K[$k++];
	pack "L4",$y0,$y1,$y2,$y3;
}

sub decode{
	my($x0,$x1,$x2,$x3) = unpack "L4",pack "a16",$_[0];
	local *K = $_[1];
	my($i,$y0,$y1,$y2,$y3,$t01,$t02,$t03,$t04,$t05,$t06,$t07,$t09,$t10,$t13,$t14);
	my $k = 131;
	sub decodepart(@){
		my($x0,$x1,$x2,$x3);
		my($y0,$y1,$y2,$y3) = reverse @_;
		$x2 = ($y2 << 10)| ($y2 >> 22);
		$x0 = ($y0 << 27)| ($y0 >> 5);
		$x2 = $x2 ^ $y3 ^ ($y1 << 7);
		$x0 = $x0 ^ $y1 ^ $y3;
		$x3 = ($y3 << 25)| ($y3 >> 7);
		$x1 = ($y1 << 31)| ($y1 >> 1);
		$x3 = $x3 ^ $x2 ^ $x0 << 3;
		$x1 = $x1 ^ $x0 ^ $x2;
		$x2 = ($x2 << 29)| ($x2 >> 3);
		$x0 = ($x0 << 19)| ($x0 >> 13);
		$x0,$x1,$x2,$x3;
	}
	$x3 ^= $K[$k--];$x2 ^= $K[$k--];$x1 ^= $K[$k--];$x0 ^= $K[$k--];
	for($i = 0;$i < 4;$i++){
#1
		$t01 = $x0 & $x1;
		$t04 = $x3 & ($x0 | $x1);
		$y3  = ($x2 | $t01) ^ $t04;
		$t06 = $x1 ^ $t04;
		$y1  = $x0 ^ ($t06 | (~ ($x3 ^ $y3)));
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}($y3,(($x2 & ($x0 | $x3)) ^ ($t01 | ($x1 ^ $x3))),$y1,(($x2 ^ $t06) ^ ($x3 | $y1))));
#2
		$t01 = $x0 ^ $x2 ;
		$t02 = ~ $x2 ;
		$t05 = $x3 | ($x1 & $t01);
		$t07 = $x0 & ($x1 | $t02);
		$y1  = ($x1 ^ $x3) ^ ($x0 | $t02);
		$y0  = ~ ($t07 ^ $t05);
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}((($x0 ^ $y1) ^ ($t07 ^ ($t01 & $t05))),(($x3 | $t02) ^ ($t01 ^ ($x1 & $y0))),$y1,$y0));
#3
		$t01 = $x0 & $x3 ;
		$t02 = $x2 ^ $t01;
		$y0  = ($x0 ^ $x3) ^ ($x1 & $t02);
		$y1  = ($t01 ^ $y0) ^ ($x1 | ($x0 & $x2));
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}(($t02 ^ ((~ $x1) | ($x0 & $y0))),(($x1 ^ $x3) ^ ($t02 ^ ($y0 | $y1))),$y1,$y0));
#4
		$t01 = $x1 | $x3;
		$t03 = $x0 & $t01;
		$t04 = $x1 ^ ($x2 | $x3);
		$t07 = $x0 & $t04;
		$y1  = ($x2 ^ $x3) ^ $t07;
		$t09 = $y1 | (~ $t03);
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}(($t03 ^ ($x3 ^ $t04)),(($t01 ^ $t09) ^ ($x2 | ($x0 ^ $t07))),$y1,(($x0 ^ $t04) ^ $t09)));
#5
		$t01 = $x2 | $x3;
		$t02 = $x0 | $x3;
		$t03 = $x2 ^ $t02;
		$t05 = $x0 ^ $x3 ;
		$y2  = $t05 ^ (($x1 ^ $t02) & $t03);
		$y0  = ($x1 & $t01) ^ $t03;
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}((($t01 ^ $t05) ^ ($x1 | ($x0 & $y2))),$y2,($x1 ^ (($x0 ^ $t03) & ($y0 | $t05))),$y0));
#6
		$t02 = $x2 ^ $x3 ;
		$y0  = ($x0 ^ $x3) ^ ($x1 | $t02);
		$t06 = $x0 | $x2;
		$t10 = (~ $x3) | ($x0  & $x2);
		$y3  = ($x1 & $t06) ^ $t10;
		$y1  = ($t06 & $t02) ^ ($x1 & ($x3 | $y0));
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}($y3,(($y0 ^ $y1) ^ ($t10 ^ ($x2 & $y3))),$y1,$y0));
#7
		$t01 = $x0 ^ $x1;
		$t03 = $x0 & $x2;
		$t04 = $x2 ^ ($x1 | $x3);
		$t06 = $t01 & ($x0 | $t04);
		$y2  = ~ (($x3 | $t03) ^ $t06);
		$y1  = ($t04 | $t03) ^ ($x3 & ($x1 ^ $t06));
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}(($t01 ^ $t04),$y2,$y1,(($x0 | $y2) ^ ($x2 ^ ($t06 ^ $y1)))));
#8
		$t01 = $x2 ^ $x3 ;
		$t03 = $x1 | $x2;
		$t05 = ($x0 | $x1) ^ $t01;
		$y2  = ~ $t05;
		$y1  = ($t03 & ($x1 ^ $x3)) ^ ($x0 | ($x2 & $t01));
		$t13 = $y1 ^ ($x0 | $t05);
		$t14 = $t03 ^ ($x3 | $y2);
		$y3  = $t14 ^ $t13;
		$y0  = ($x0 ^ $x2) ^ ($t14 | ($t05 & $t13));
		last if $i == 3;
		($x0,$x1,$x2,$x3) = decodepart(map{$_^$K[$k--]}($y3,$y2,$y1,$y0);
	}
	$y3 ^= $K[$k--];$y2 ^= $K[$k--];$y1 ^= $K[$k--];$y0 ^= $K[$k--];
	pack "L4",$y0,$y1,$y2,$y3;
}

sub unescape{
	my $str = ${$_[0]};
	$str =~s|%([a-f\d]{2})|pack 'H2',$1|ieg;
	$str;
}