Alexandre Lision | ddd731e | 2014-01-31 11:50:08 -0500 | [diff] [blame] | 1 | /*
|
| 2 | * Fast, portable, and easy-to-use Twofish implementation,
|
| 3 | * Version 0.3.
|
| 4 | * Copyright (c) 2002 by Niels Ferguson.
|
| 5 | *
|
| 6 | * See the twofish.c file for the details of the how and why of this code.
|
| 7 | *
|
| 8 | * The author hereby grants a perpetual license to everybody to
|
| 9 | * use this code for any purpose as long as the copyright message is included
|
| 10 | * in the source code of this or any derived work.
|
| 11 | */
|
| 12 |
|
| 13 |
|
| 14 | /*
|
| 15 | * PLATFORM FIXES
|
| 16 | * ==============
|
| 17 | *
|
| 18 | * The following definitions have to be fixed for each particular platform
|
| 19 | * you work on. If you have a multi-platform program, you no doubt have
|
| 20 | * portable definitions that you can substitute here without changing
|
| 21 | * the rest of the code.
|
| 22 | *
|
| 23 | * The defaults provided here should work on most PC compilers.
|
| 24 | */
|
| 25 | #ifndef _TWOFISH_H
|
| 26 | #define _TWOFISH_H
|
| 27 |
|
| 28 | #ifdef __cplusplus
|
| 29 | extern "C"
|
| 30 | {
|
| 31 | #endif
|
| 32 |
|
| 33 |
|
| 34 | /**
|
| 35 | * A Twofish_Byte must be an unsigned 8-bit integer.
|
| 36 | *
|
| 37 | * It must also be the elementary data size of your C platform,
|
| 38 | * i.e. sizeof( Twofish_Byte ) == 1.
|
| 39 | */
|
| 40 | typedef unsigned char Twofish_Byte;
|
| 41 |
|
| 42 | /**
|
| 43 | * A Twofish_UInt32 must be an unsigned integer of at least 32 bits.
|
| 44 | *
|
| 45 | * This type is used only internally in the implementation, so ideally it
|
| 46 | * would not appear in the header file, but it is used inside the
|
| 47 | * Twofish_key structure which means it has to be included here.
|
| 48 | */
|
| 49 | typedef unsigned int Twofish_UInt32;
|
| 50 |
|
| 51 |
|
| 52 | /*
|
| 53 | * END OF PLATFORM FIXES
|
| 54 | * =====================
|
| 55 | *
|
| 56 | * You should not have to touch the rest of this file, but the code
|
| 57 | * in twofish.c has a few things you need to fix too.
|
| 58 | */
|
| 59 |
|
| 60 | /**
|
| 61 | * Return codes
|
| 62 | */
|
| 63 |
|
| 64 | #define SUCCESS 1
|
| 65 | #define ERR_UINT32 -2
|
| 66 | #define ERR_BYTE -3
|
| 67 | #define ERR_GET32 -4
|
| 68 | #define ERR_PUT32 -5
|
| 69 | #define ERR_ROLR -6
|
| 70 | #define ERR_BSWAP -7
|
| 71 | #define ERR_SELECTB -8
|
| 72 | #define ERR_TEST_ENC -9
|
| 73 | #define ERR_TEST_DEC -10
|
| 74 | #define ERR_SEQ_ENC -11
|
| 75 | #define ERR_SEQ_DEC -12
|
| 76 | #define ERR_ODD_KEY -13
|
| 77 | #define ERR_INIT -14
|
| 78 | #define ERR_KEY_LEN -15
|
| 79 | #define ERR_ILL_ARG -16
|
| 80 |
|
| 81 |
|
| 82 | /**
|
| 83 | * Structure that contains a prepared Twofish key.
|
| 84 | *
|
| 85 | * A cipher key is used in two stages. In the first stage it is converted
|
| 86 | * form the original form to an internal representation.
|
| 87 | * This internal form is then used to encrypt and decrypt data.
|
| 88 | * This structure contains the internal form. It is rather large: 4256 bytes
|
| 89 | * on a platform with 32-bit unsigned values.
|
| 90 | *
|
| 91 | * Treat this as an opague structure, and don't try to manipulate the
|
| 92 | * elements in it. I wish I could hide the inside of the structure,
|
| 93 | * but C doesn't allow that.
|
| 94 | */
|
| 95 | typedef
|
| 96 | struct
|
| 97 | {
|
| 98 | Twofish_UInt32 s[4][256]; /* pre-computed S-boxes */
|
| 99 | Twofish_UInt32 K[40]; /* Round key words */
|
| 100 | }
|
| 101 | Twofish_key;
|
| 102 |
|
| 103 |
|
| 104 | /**
|
| 105 | * Initialise and test the Twofish implementation.
|
| 106 | *
|
| 107 | * This function MUST be called before any other function in the
|
| 108 | * Twofish implementation is called.
|
| 109 | * It only needs to be called once.
|
| 110 | *
|
| 111 | * Apart from initialising the implementation it performs a self test.
|
| 112 | * If the Twofish_fatal function is not called, the code passed the test.
|
| 113 | * (See the twofish.c file for details on the Twofish_fatal function.)
|
| 114 | *
|
| 115 | * @returns a negative number if an error happend, +1 otherwise
|
| 116 | */
|
| 117 | extern int Twofish_initialise();
|
| 118 |
|
| 119 |
|
| 120 | /**
|
| 121 | * Convert a cipher key to the internal form used for
|
| 122 | * encryption and decryption.
|
| 123 | *
|
| 124 | * The cipher key is an array of bytes; the Twofish_Byte type is
|
| 125 | * defined above to a type suitable on your platform.
|
| 126 | *
|
| 127 | * Any key must be converted to an internal form in the Twofisk_key structure
|
| 128 | * before it can be used.
|
| 129 | * The encryption and decryption functions only work with the internal form.
|
| 130 | * The conversion to internal form need only be done once for each key value.
|
| 131 | *
|
| 132 | * Be sure to wipe all key storage, including the Twofish_key structure,
|
| 133 | * once you are done with the key data.
|
| 134 | * A simple memset( TwofishKey, 0, sizeof( TwofishKey ) ) will do just fine.
|
| 135 | *
|
| 136 | * Unlike most implementations, this one allows any key size from 0 bytes
|
| 137 | * to 32 bytes. According to the Twofish specifications,
|
| 138 | * irregular key sizes are handled by padding the key with zeroes at the end
|
| 139 | * until the key size is 16, 24, or 32 bytes, whichever
|
| 140 | * comes first. Note that each key of irregular size is equivalent to exactly
|
| 141 | * one key of 16, 24, or 32 bytes.
|
| 142 | *
|
| 143 | * WARNING: Short keys have low entropy, and result in low security.
|
| 144 | * Anything less than 8 bytes is utterly insecure. For good security
|
| 145 | * use at least 16 bytes. I prefer to use 32-byte keys to prevent
|
| 146 | * any collision attacks on the key.
|
| 147 | *
|
| 148 | * The key length argument key_len must be in the proper range.
|
| 149 | * If key_len is not in the range 0,...,32 this routine attempts to generate
|
| 150 | * a fatal error (depending on the code environment),
|
| 151 | * and at best (or worst) returns without having done anything.
|
| 152 | *
|
| 153 | * @param key Array of key bytes
|
| 154 | * @param key_len Number of key bytes, must be in the range 0,1,...,32.
|
| 155 | * @para xkey Pointer to an Twofish_key structure that will be filled
|
| 156 | * with the internal form of the cipher key.
|
| 157 | * @returns a negative number if an error happend, +1 otherwise
|
| 158 | */
|
| 159 | extern int Twofish_prepare_key(
|
| 160 | Twofish_Byte key[],
|
| 161 | int key_len,
|
| 162 | Twofish_key * xkey
|
| 163 | );
|
| 164 |
|
| 165 |
|
| 166 | /**
|
| 167 | * Encrypt a single block of data.
|
| 168 | *
|
| 169 | * This function encrypts a single block of 16 bytes of data.
|
| 170 | * If you want to encrypt a larger or variable-length message,
|
| 171 | * you will have to use a cipher mode, such as CBC or CTR.
|
| 172 | * These are outside the scope of this implementation.
|
| 173 | *
|
| 174 | * The xkey structure is not modified by this routine, and can be
|
| 175 | * used for further encryption and decryption operations.
|
| 176 | *
|
| 177 | * @param xkey pointer to Twofish_key, internal form of the key
|
| 178 | * produces by Twofish_prepare_key()
|
| 179 | * @param p Plaintext to be encrypted
|
| 180 | * @param c Place to store the ciphertext
|
| 181 | */
|
| 182 | extern void Twofish_encrypt(
|
| 183 | Twofish_key * xkey,
|
| 184 | Twofish_Byte p[16],
|
| 185 | Twofish_Byte c[16]
|
| 186 | );
|
| 187 |
|
| 188 |
|
| 189 | /**
|
| 190 | * Decrypt a single block of data.
|
| 191 | *
|
| 192 | * This function decrypts a single block of 16 bytes of data.
|
| 193 | * If you want to decrypt a larger or variable-length message,
|
| 194 | * you will have to use a cipher mode, such as CBC or CTR.
|
| 195 | * These are outside the scope of this implementation.
|
| 196 | *
|
| 197 | * The xkey structure is not modified by this routine, and can be
|
| 198 | * used for further encryption and decryption operations.
|
| 199 | *
|
| 200 | * @param xkey pointer to Twofish_key, internal form of the key
|
| 201 | * produces by Twofish_prepare_key()
|
| 202 | * @param c Ciphertext to be decrypted
|
| 203 | * @param p Place to store the plaintext
|
| 204 | */
|
| 205 | extern void Twofish_decrypt(
|
| 206 | Twofish_key * xkey,
|
| 207 | Twofish_Byte c[16],
|
| 208 | Twofish_Byte p[16]
|
| 209 | );
|
| 210 |
|
| 211 | #ifdef __cplusplus
|
| 212 | }
|
| 213 | #endif
|
| 214 | #endif
|