13 static inline unsigned int Mod(
unsigned int c)
15 static const unsigned int modulus = 0x14d;
16 unsigned int c2 = (c<<1) ^ ((c & 0x80) ? modulus : 0);
17 unsigned int c1 = c2 ^ (c>>1) ^ ((c & 1) ? (modulus>>1) : 0);
18 return c | (c1 << 8) | (c2 << 16) | (c1 << 24);
23 static word32 ReedSolomon(word32 high, word32 low)
25 for (
unsigned int i=0; i<8; i++)
27 high = Mod(high>>24) ^ (high<<8) ^ (low>>24);
33 inline word32 Twofish::Base::h0(word32 x,
const word32 *key,
unsigned int kLen)
35 x = x | (x<<8) | (x<<16) | (x<<24);
38 #define Q(a, b, c, d, t) q[a][GETBYTE(t,0)] ^ (q[b][GETBYTE(t,1)] << 8) ^ (q[c][GETBYTE(t,2)] << 16) ^ (q[d][GETBYTE(t,3)] << 24) 39 case 4: x = Q(1, 0, 0, 1, x) ^ key[6];
41 case 3: x = Q(1, 1, 0, 0, x) ^ key[4];
43 case 2: x = Q(0, 1, 0, 1, x) ^ key[2];
44 x = Q(0, 0, 1, 1, x) ^ key[0];
49 inline word32 Twofish::Base::h(word32 x,
const word32 *key,
unsigned int kLen)
52 return mds[0][GETBYTE(x,0)] ^ mds[1][GETBYTE(x,1)] ^ mds[2][GETBYTE(x,2)] ^ mds[3][GETBYTE(x,3)];
55 void Twofish::Base::UncheckedSetKey(
const byte *userKey,
unsigned int keylength,
const NameValuePairs &)
57 AssertValidKeyLength(keylength);
59 unsigned int len = (keylength <= 16 ? 2 : (keylength <= 24 ? 3 : 4));
66 word32 a = h(i, key, len);
67 word32 b = rotlConstant<8>(h(i + 1, key + 1, len));
69 m_k[i + 1] = rotlConstant<9>(a + 2 * b);
74 svec[2*(len-i-1)] = ReedSolomon(key[2*i+1], key[2*i]);
77 word32 t = h0(i, svec, len);
78 m_s[0*256+i] = mds[0][GETBYTE(t, 0)];
79 m_s[1*256+i] = mds[1][GETBYTE(t, 1)];
80 m_s[2*256+i] = mds[2][GETBYTE(t, 2)];
81 m_s[3*256+i] = mds[3][GETBYTE(t, 3)];
85 #define G1(x) (m_s[0*256+GETBYTE(x,0)] ^ m_s[1*256+GETBYTE(x,1)] ^ m_s[2*256+GETBYTE(x,2)] ^ m_s[3*256+GETBYTE(x,3)]) 86 #define G2(x) (m_s[0*256+GETBYTE(x,3)] ^ m_s[1*256+GETBYTE(x,0)] ^ m_s[2*256+GETBYTE(x,1)] ^ m_s[3*256+GETBYTE(x,2)]) 88 #define ENCROUND(n, a, b, c, d) \ 89 x = G1 (a); y = G2 (b); \ 90 x += y; y += x + k[2 * (n) + 1]; \ 91 (c) ^= x + k[2 * (n)]; \ 92 (c) = rotrConstant<1>(c); \ 93 (d) = rotlConstant<1>(d) ^ y 96 ENCROUND (2 * (n), a, b, c, d); \ 97 ENCROUND (2 * (n) + 1, c, d, a, b) 99 #define DECROUND(n, a, b, c, d) \ 100 x = G1 (a); y = G2 (b); \ 102 (d) ^= y + k[2 * (n) + 1]; \ 103 (d) = rotrConstant<1>(d); \ 104 (c) = rotlConstant<1>(c); \ 105 (c) ^= (x + k[2 * (n)]) 107 #define DECCYCLE(n) \ 108 DECROUND (2 * (n) + 1, c, d, a, b); \ 109 DECROUND (2 * (n), a, b, c, d) 113 void Twofish::Enc::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock, byte *outBlock)
const 115 word32 x, y, a, b, c, d;
117 Block::Get(inBlock)(a)(b)(c)(d);
124 const word32 *k = m_k+8;
142 void Twofish::Dec::ProcessAndXorBlock(
const byte *inBlock,
const byte *xorBlock, byte *outBlock)
const 144 word32 x, y, a, b, c, d;
146 Block::Get(inBlock)(c)(d)(a)(b);
153 const word32 *k = m_k+8;
Utility functions for the Crypto++ library.
Access a block of memory.
byte order is little-endian
Classes for the Twofish block cipher.
Classes and functions for secure memory allocations.
Access a block of memory.
Crypto++ library namespace.
Interface for retrieving values given their names.