?? twofish.c
字號:
/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. * * Tom St Denis, tomstdenis@iahu.ca, http://libtomcrypt.org *//* Implementation of Twofish by Tom St Denis */#include "mycrypt.h"#ifdef TWOFISH/* first TWOFISH_ALL_TABLES must ensure TWOFISH_TABLES is defined */#ifdef TWOFISH_ALL_TABLES#ifndef TWOFISH_TABLES#define TWOFISH_TABLES#endif#endifconst struct _cipher_descriptor twofish_desc ={ "twofish", 7, 16, 32, 16, 16, &twofish_setup, &twofish_ecb_encrypt, &twofish_ecb_decrypt, &twofish_test, &twofish_keysize};/* the two polynomials */#define MDS_POLY 0x169#define RS_POLY 0x14D/* The 4x4 MDS Linear Transform */static const unsigned char MDS[4][4] = { { 0x01, 0xEF, 0x5B, 0x5B }, { 0x5B, 0xEF, 0xEF, 0x01 }, { 0xEF, 0x5B, 0x01, 0xEF }, { 0xEF, 0x01, 0xEF, 0x5B }};/* The 4x8 RS Linear Transform */static const unsigned char RS[4][8] = { { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E }, { 0xA4, 0x56, 0x82, 0xF3, 0X1E, 0XC6, 0X68, 0XE5 }, { 0X02, 0XA1, 0XFC, 0XC1, 0X47, 0XAE, 0X3D, 0X19 }, { 0XA4, 0X55, 0X87, 0X5A, 0X58, 0XDB, 0X9E, 0X03 }};/* sbox usage orderings */static const unsigned char qord[4][5] = { { 1, 1, 0, 0, 1 }, { 0, 1, 1, 0, 0 }, { 0, 0, 0, 1, 1 }, { 1, 0, 1, 1, 0 }};#ifdef TWOFISH_TABLES#include "twofish_tab.c"#define sbox(i, x) ((ulong32)SBOX[i][(x)&255])#else/* The Q-box tables */static const unsigned char qbox[2][4][16] = {{ { 0x8, 0x1, 0x7, 0xD, 0x6, 0xF, 0x3, 0x2, 0x0, 0xB, 0x5, 0x9, 0xE, 0xC, 0xA, 0x4 }, { 0xE, 0XC, 0XB, 0X8, 0X1, 0X2, 0X3, 0X5, 0XF, 0X4, 0XA, 0X6, 0X7, 0X0, 0X9, 0XD }, { 0XB, 0XA, 0X5, 0XE, 0X6, 0XD, 0X9, 0X0, 0XC, 0X8, 0XF, 0X3, 0X2, 0X4, 0X7, 0X1 }, { 0XD, 0X7, 0XF, 0X4, 0X1, 0X2, 0X6, 0XE, 0X9, 0XB, 0X3, 0X0, 0X8, 0X5, 0XC, 0XA }},{ { 0X2, 0X8, 0XB, 0XD, 0XF, 0X7, 0X6, 0XE, 0X3, 0X1, 0X9, 0X4, 0X0, 0XA, 0XC, 0X5 }, { 0X1, 0XE, 0X2, 0XB, 0X4, 0XC, 0X3, 0X7, 0X6, 0XD, 0XA, 0X5, 0XF, 0X9, 0X0, 0X8 }, { 0X4, 0XC, 0X7, 0X5, 0X1, 0X6, 0X9, 0XA, 0X0, 0XE, 0XD, 0X8, 0X2, 0XB, 0X3, 0XF }, { 0xB, 0X9, 0X5, 0X1, 0XC, 0X3, 0XD, 0XE, 0X6, 0X4, 0X7, 0XF, 0X2, 0X0, 0X8, 0XA }}};/* computes S_i[x] */#ifdef CLEAN_STACKstatic ulong32 _sbox(int i, ulong32 x)#elsestatic ulong32 sbox(int i, ulong32 x)#endif{ unsigned char a0,b0,a1,b1,a2,b2,a3,b3,a4,b4,y; /* a0,b0 = [x/16], x mod 16 */ a0 = (unsigned char)((x>>4)&15); b0 = (unsigned char)((x)&15); /* a1 = a0 ^ b0 */ a1 = a0 ^ b0; /* b1 = a0 ^ ROR(b0, 1) ^ 8a0 */ b1 = (a0 ^ ((b0<<3)|(b0>>1)) ^ (a0<<3)) & 15; /* a2,b2 = t0[a1], t1[b1] */ a2 = qbox[i][0][(int)a1]; b2 = qbox[i][1][(int)b1]; /* a3 = a2 ^ b2 */ a3 = a2 ^ b2; /* b3 = a2 ^ ROR(b2, 1) ^ 8a2 */ b3 = (a2 ^ ((b2<<3)|(b2>>1)) ^ (a2<<3)) & 15; /* a4,b4 = t2[a3], t3[b3] */ a4 = qbox[i][2][(int)a3]; b4 = qbox[i][3][(int)b3]; /* y = 16b4 + a4 */ y = (b4 << 4) + a4; /* return result */ return (ulong32)y;}#ifdef CLEAN_STACKstatic ulong32 sbox(int i, ulong32 x){ ulong32 y; y = _sbox(i, x); burn_stack(sizeof(unsigned char) * 11); return y;}#endif /* CLEAN_STACK */#endif /* TWOFISH_TABLES *//* computes ab mod p */static ulong32 gf_mult(ulong32 a, ulong32 b, ulong32 p){ ulong32 result, B[2], P[2]; P[1] = p; B[1] = b; result = P[0] = B[0] = 0; /* unrolled branchless GF multiplier */ result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1); result ^= B[a&1]; return result;}/* computes [y0 y1 y2 y3] = MDS . [x0] */#ifndef TWOFISH_TABLESstatic ulong32 mds_column_mult(unsigned char in, int col){ ulong32 x01, x5B, xEF; x01 = in; x5B = gf_mult(in, 0x5B, MDS_POLY); xEF = gf_mult(in, 0xEF, MDS_POLY); switch (col) { case 0: return (x01 << 0 ) | (x5B << 8 ) | (xEF << 16) | (xEF << 24); case 1: return (xEF << 0 ) | (xEF << 8 ) | (x5B << 16) | (x01 << 24); case 2: return (x5B << 0 ) | (xEF << 8 ) | (x01 << 16) | (xEF << 24); case 3: return (x5B << 0 ) | (x01 << 8 ) | (xEF << 16) | (x5B << 24); } /* avoid warnings, we'd never get here normally but just to calm compiler warnings... */ return 0;}#else /* !TWOFISH_TABLES */#define mds_column_mult(x, i) mds_tab[i][x]#endif /* TWOFISH_TABLES *//* Computes [y0 y1 y2 y3] = MDS . [x0 x1 x2 x3] */static void mds_mult(const unsigned char *in, unsigned char *out){ int x; ulong32 tmp; for (tmp = x = 0; x < 4; x++) { tmp ^= mds_column_mult(in[x], x); } STORE32L(tmp, out);}#ifdef TWOFISH_ALL_TABLES/* computes [y0 y1 y2 y3] = RS . [x0 x1 x2 x3 x4 x5 x6 x7] */static void rs_mult(const unsigned char *in, unsigned char *out){ ulong32 tmp; tmp = rs_tab0[in[0]] ^ rs_tab1[in[1]] ^ rs_tab2[in[2]] ^ rs_tab3[in[3]] ^ rs_tab4[in[4]] ^ rs_tab5[in[5]] ^ rs_tab6[in[6]] ^ rs_tab7[in[7]]; STORE32L(tmp, out);}#else /* !TWOFISH_ALL_TABLES *//* computes [y0 y1 y2 y3] = RS . [x0 x1 x2 x3 x4 x5 x6 x7] */static void rs_mult(const unsigned char *in, unsigned char *out){ int x, y; for (x = 0; x < 4; x++) { out[x] = 0; for (y = 0; y < 8; y++) { out[x] ^= gf_mult(in[y], RS[x][y], RS_POLY); } }}#endif/* computes h(x) */static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M, int k, int offset){ int x; unsigned char y[4]; for (x = 0; x < 4; x++) { y[x] = in[x]; } switch (k) { case 4: y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (6 + offset) + 0]); y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]); y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]); y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]); case 3: y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]); y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]); y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]); y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]); case 2: y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0])); y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1])); y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2])); y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3])); } mds_mult(y, out);}#ifndef TWOFISH_SMALL/* for GCC we don't use pointer aliases */#if defined(__GNUC__) #define S1 key->twofish.S[0] #define S2 key->twofish.S[1] #define S3 key->twofish.S[2] #define S4 key->twofish.S[3]#endif/* the G function */#define g_func(x, dum) (S1[byte(x,0)] ^ S2[byte(x,1)] ^ S3[byte(x,2)] ^ S4[byte(x,3)])#define g1_func(x, dum) (S2[byte(x,0)] ^ S3[byte(x,1)] ^ S4[byte(x,2)] ^ S1[byte(x,3)])#else#ifdef CLEAN_STACKstatic ulong32 _g_func(ulong32 x, symmetric_key *key)#elsestatic ulong32 g_func(ulong32 x, symmetric_key *key)#endif{ unsigned char g, i, y, z; ulong32 res; res = 0; for (y = 0; y < 4; y++) { z = key->twofish.start; /* do unkeyed substitution */ g = sbox(qord[y][z++], (x >> (8*y)) & 255); /* first subkey */ i = 0; /* do key mixing+sbox until z==5 */ while (z != 5) { g = g ^ key->twofish.S[4*i++ + y]; g = sbox(qord[y][z++], g); } /* multiply g by a column of the MDS */ res ^= mds_column_mult(g, y); } return res;}#define g1_func(x, key) g_func(ROL(x, 8), key)#ifdef CLEAN_STACKstatic ulong32 g_func(ulong32 x, symmetric_key *key){ ulong32 y; y = _g_func(x, key); burn_stack(sizeof(unsigned char) * 4 + sizeof(ulong32)); return y;}#endif /* CLEAN_STACK */#endif /* TWOFISH_SMALL */#ifdef CLEAN_STACKstatic int _twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -