Mercurial > dropbear

comparison libtomcrypt/src/ciphers/twofish/twofish.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children 1ff2a1034c52
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 9
12 /** 10 /**
13 @file twofish.c 11 @file twofish.c
14 Implementation of Twofish by Tom St Denis 12 Implementation of Twofish by Tom St Denis
33 &twofish_ecb_encrypt, 31 &twofish_ecb_encrypt,
34 &twofish_ecb_decrypt, 32 &twofish_ecb_decrypt,
35 &twofish_test, 33 &twofish_test,
36 &twofish_done, 34 &twofish_done,
37 &twofish_keysize, 35 &twofish_keysize,
38 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL 36 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
39 }; 37 };
40 38
41 /* the two polynomials */ 39 /* the two polynomials */
42 #define MDS_POLY 0x169 40 #define MDS_POLY 0x169
43 #define RS_POLY 0x14D 41 #define RS_POLY 0x14D
44
45 /* The 4x4 MDS Linear Transform */
46 #if 0
47 static const unsigned char MDS[4][4] = {
48 { 0x01, 0xEF, 0x5B, 0x5B },
49 { 0x5B, 0xEF, 0xEF, 0x01 },
50 { 0xEF, 0x5B, 0x01, 0xEF },
51 { 0xEF, 0x01, 0xEF, 0x5B }
52 };
53 #endif
54 42
55 /* The 4x8 RS Linear Transform */ 43 /* The 4x8 RS Linear Transform */
56 static const unsigned char RS[4][8] = { 44 static const unsigned char RS[4][8] = {
57 { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E }, 45 { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E },
58 { 0xA4, 0x56, 0x82, 0xF3, 0X1E, 0XC6, 0X68, 0XE5 }, 46 { 0xA4, 0x56, 0x82, 0xF3, 0X1E, 0XC6, 0X68, 0XE5 },
59 { 0X02, 0XA1, 0XFC, 0XC1, 0X47, 0XAE, 0X3D, 0X19 }, 47 { 0X02, 0XA1, 0XFC, 0XC1, 0X47, 0XAE, 0X3D, 0X19 },
60 { 0XA4, 0X55, 0X87, 0X5A, 0X58, 0XDB, 0X9E, 0X03 } 48 { 0XA4, 0X55, 0X87, 0X5A, 0X58, 0XDB, 0X9E, 0X03 }
61 }; 49 };
62 50
51 #ifdef LTC_TWOFISH_SMALL
63 /* sbox usage orderings */ 52 /* sbox usage orderings */
64 static const unsigned char qord[4][5] = { 53 static const unsigned char qord[4][5] = {
65 { 1, 1, 0, 0, 1 }, 54 { 1, 1, 0, 0, 1 },
66 { 0, 1, 1, 0, 0 }, 55 { 0, 1, 1, 0, 0 },
67 { 0, 0, 0, 1, 1 }, 56 { 0, 0, 0, 1, 1 },
68 { 1, 0, 1, 1, 0 } 57 { 1, 0, 1, 1, 0 }
69 }; 58 };
59 #endif /* LTC_TWOFISH_SMALL */
70 60
71 #ifdef LTC_TWOFISH_TABLES 61 #ifdef LTC_TWOFISH_TABLES
72 62
63 #define __LTC_TWOFISH_TAB_C__
73 #include "twofish_tab.c" 64 #include "twofish_tab.c"
74 65
75 #define sbox(i, x) ((ulong32)SBOX[i][(x)&255]) 66 #define sbox(i, x) ((ulong32)SBOX[i][(x)&255])
76 67
77 #else 68 #else
257 case 4: 248 case 4:
258 y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (6 + offset) + 0]); 249 y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (6 + offset) + 0]);
259 y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]); 250 y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]);
260 y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]); 251 y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]);
261 y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]); 252 y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]);
253 /* FALLTHROUGH */
262 case 3: 254 case 3:
263 y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]); 255 y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]);
264 y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]); 256 y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]);
265 y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]); 257 y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]);
266 y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]); 258 y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]);
259 /* FALLTHROUGH */
267 case 2: 260 case 2:
268 y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0])); 261 y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
269 y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1])); 262 y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
270 y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2])); 263 y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
271 y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3])); 264 y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
265 /* FALLTHROUGH */
272 } 266 }
273 mds_mult(y, out); 267 mds_mult(y, out);
274 } 268 }
275 269
276 #ifndef LTC_TWOFISH_SMALL 270 #ifndef LTC_TWOFISH_SMALL
661 if ((err = twofish_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { 655 if ((err = twofish_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) {
662 return err; 656 return err;
663 } 657 }
664 twofish_ecb_encrypt(tests[i].pt, tmp[0], &key); 658 twofish_ecb_encrypt(tests[i].pt, tmp[0], &key);
665 twofish_ecb_decrypt(tmp[0], tmp[1], &key); 659 twofish_ecb_decrypt(tmp[0], tmp[1], &key);
666 if (XMEMCMP(tmp[0], tests[i].ct, 16) != 0 || XMEMCMP(tmp[1], tests[i].pt, 16) != 0) { 660 if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "Twofish Encrypt", i) != 0 ||
667 #if 0 661 compare_testvector(tmp[1], 16, tests[i].pt, 16, "Twofish Decrypt", i) != 0) {
668 printf("Twofish failed test %d, %d, %d\n", i, XMEMCMP(tmp[0], tests[i].ct, 16), XMEMCMP(tmp[1], tests[i].pt, 16));
669 #endif
670 return CRYPT_FAIL_TESTVECTOR; 662 return CRYPT_FAIL_TESTVECTOR;
671 } 663 }
672 /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ 664 /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
673 for (y = 0; y < 16; y++) tmp[0][y] = 0; 665 for (y = 0; y < 16; y++) tmp[0][y] = 0;
674 for (y = 0; y < 1000; y++) twofish_ecb_encrypt(tmp[0], tmp[0], &key); 666 for (y = 0; y < 1000; y++) twofish_ecb_encrypt(tmp[0], tmp[0], &key);
682 /** Terminate the context 674 /** Terminate the context
683 @param skey The scheduled key 675 @param skey The scheduled key
684 */ 676 */
685 void twofish_done(symmetric_key *skey) 677 void twofish_done(symmetric_key *skey)
686 { 678 {
687 (void)skey; 679 LTC_UNUSED_PARAM(skey);
688 } 680 }
689 681
690 /** 682 /**
691 Gets suitable key size 683 Gets suitable key size
692 @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. 684 @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable.
712 #endif 704 #endif
713 705
714 706
715 707
716 708
717 /* $Source$ */ 709 /* ref: $Format:%D$ */
718 /* $Revision$ */ 710 /* git commit: $Format:%H$ */
719 /* $Date$ */ 711 /* commit time: $Format:%ai$ */