1 /* $Id: twofish.h,v 2.0 2002/08/11 22:32:25 fknobbe Exp $
2  *
3  *
4  * Copyright (C) 1997-2000 The Cryptix Foundation Limited.
5  * Copyright (C) 2000 Farm9.
6  * Copyright (C) 2001 Frank Knobbe.
7  * All rights reserved.
8  *
9  * For Cryptix code:
10  * Use, modification, copying and distribution of this software is subject
11  * the terms and conditions of the Cryptix General Licence. You should have
12  * received a copy of the Cryptix General Licence along with this library;
13  * if not, you can download a copy from http://www.cryptix.org/ .
14  *
15  * For Farm9:
16  * ---  jojo@farm9.com, August 2000, converted from Java to C++, added CBC mode and
17  *      ciphertext stealing technique, added AsciiTwofish class for easy encryption
18  *      decryption of text strings
19  *
20  * Frank Knobbe <frank@knobbe.us>:
21  * ---  April 2001, converted from C++ to C, prefixed global variables
22  *      with TwoFish, substituted some defines, changed functions to make use of
23  *      variables supplied in a struct, modified and added routines for modular calls.
24  *      Cleaned up the code so that defines are used instead of fixed 16's and 32's.
25  *      Created two general purpose crypt routines for one block and multiple block
26  *      encryption using Joh's CBC code.
27  *		Added crypt routines that use a header (with a magic and data length).
28  *		(Basically a major rewrite).
29  *
30  *      Note: Routines labeled _TwoFish are private and should not be used
31  *      (or with extreme caution).
32  *
33  */
34 
35 #ifndef __TWOFISH_LIBRARY_HEADER__
36 #define __TWOFISH_LIBRARY_HEADER__
37 
38 #ifndef FALSE
39 #define FALSE	0
40 #endif
41 #ifndef TRUE
42 #define TRUE	!FALSE
43 #endif
44 #ifndef bool
45 #define bool	int
46 #endif
47 
48 #ifdef WIN32
49 #include "win32/n2n_win32.h"
50 #endif
51 
52 #ifndef _MSC_VER
53 /* Not shipped with Visual Studio (as stated by the stdint.h wikipedia page) */
54 #include <stdint.h> /* defines uintN_t types */
55 #endif
56 
57 #ifdef __sun__ /* Should be HAVE_SYS_TYPES */
58 /* The following are redefinitions if sys/types.h has been included too.*/
59 typedef uint32_t uint32_t;
60 typedef uint8_t  uint8_t;
61 #endif /* #ifdef __sun__ */
62 
63 /* Constants */
64 
65 #define TwoFish_DEFAULT_PW		"SnortHas2FishEncryptionRoutines!" /* default password (not more than 32 chars) */
66 #define TwoFish_DEFAULT_PW_LEN		32
67 #define TwoFish_MAGIC			"TwoFish"			/* to indentify a successful decryption */
68 
69 enum
70 {	TwoFish_KEY_SIZE = 256,                         /* Valid values: 64, 128, 192, 256 */
71 							/* User 256, other key sizes have not been tested. */
72 							/* (But should work. I substitutes as much as */
73 							/* I could with this define.) */
74 	TwoFish_ROUNDS = 16,
75 	TwoFish_BLOCK_SIZE = 16,			/* bytes in a data-block */
76 	TwoFish_KEY_LENGTH = TwoFish_KEY_SIZE/8,	/* 32= 256-bit key */
77 	TwoFish_TOTAL_SUBKEYS = 4+4+2*TwoFish_ROUNDS,
78 	TwoFish_MAGIC_LEN = TwoFish_BLOCK_SIZE-8,
79 	TwoFish_SK_BUMP = 0x01010101,
80 	TwoFish_SK_ROTL = 9,
81 	TwoFish_P_00 = 1,
82 	TwoFish_P_01 = 0,
83 	TwoFish_P_02 = 0,
84 	TwoFish_P_03 = TwoFish_P_01 ^ 1,
85 	TwoFish_P_04 = 1,
86 	TwoFish_P_10 = 0,
87 	TwoFish_P_11 = 0,
88 	TwoFish_P_12 = 1,
89 	TwoFish_P_13 = TwoFish_P_11 ^ 1,
90 	TwoFish_P_14 = 0,
91 	TwoFish_P_20 = 1,
92 	TwoFish_P_21 = 1,
93 	TwoFish_P_22 = 0,
94 	TwoFish_P_23 = TwoFish_P_21 ^ 1,
95 	TwoFish_P_24 = 0,
96 	TwoFish_P_30 = 0,
97 	TwoFish_P_31 = 1,
98 	TwoFish_P_32 = 1,
99 	TwoFish_P_33 = TwoFish_P_31 ^ 1,
100 	TwoFish_P_34 = 1,
101 	TwoFish_GF256_FDBK =   0x169,
102 	TwoFish_GF256_FDBK_2 = 0x169 / 2,
103 	TwoFish_GF256_FDBK_4 = 0x169 / 4,
104 	TwoFish_RS_GF_FDBK = 0x14D,		/* field generator */
105 	TwoFish_MDS_GF_FDBK = 0x169		/* primitive polynomial for GF(256) */
106 };
107 
108 
109 /* Global data structure for callers */
110 
111 typedef struct
112 {
113     uint32_t sBox[4 * 256];                    /* Key dependent S-box */
114     uint32_t subKeys[TwoFish_TOTAL_SUBKEYS];   /* Subkeys  */
115     uint8_t key[TwoFish_KEY_LENGTH];           /* Encryption Key */
116     uint8_t *output;                           /* Pointer to output buffer */
117     uint8_t qBlockPlain[TwoFish_BLOCK_SIZE];   /* Used by CBC */
118     uint8_t qBlockCrypt[TwoFish_BLOCK_SIZE];
119     uint8_t prevCipher[TwoFish_BLOCK_SIZE];
120     struct                                      /* Header for crypt functions. Has to be at least one block long. */
121     {   uint32_t salt;                         /* Random salt in first block (will salt the rest through CBC) */
122         uint8_t length[4];                     /* The amount of data following the header */
123         uint8_t magic[TwoFish_MAGIC_LEN];      /* Magic to identify successful decryption  */
124     }   header;
125     bool qBlockDefined;
126     bool dontflush;
127 }       TWOFISH;
128 
129 /**** Public Functions ****/
130 
131 /*	TwoFish Initialization
132  *
133  *	This routine generates a global data structure for use with TwoFish,
134  *	initializes important values (such as subkeys, sBoxes), generates subkeys
135  *	and precomputes the MDS matrix if not already done.
136  *
137  *	Input:	User supplied password (will be appended by default password of 'SnortHas2FishEncryptionRoutines!')
138  *
139  *  Output:	Pointer to TWOFISH structure. This data structure contains key dependent data.
140  *			This pointer is used with all other crypt functions.
141  */
142 TWOFISH *TwoFishInit(const uint8_t *userkey, uint32_t keysize );
143 
144 
145 /*	TwoFish Destroy
146  *
147  *	Nothing else but a free...
148  *
149  *	Input:	Pointer to the TwoFish structure.
150  *
151  */
152 void TwoFishDestroy(TWOFISH *tfdata);
153 
154 
155 /*	TwoFish Alloc
156  *
157  *	Allocates enough memory for the output buffer as required.
158  *
159  *	Input:	Length of the plaintext.
160  *			Boolean flag for BinHex Output.
161  *			Pointer to the TwoFish structure.
162  *
163  *	Output:	Returns a pointer to the memory allocated.
164  */
165 void *TwoFishAlloc(uint32_t len,bool binhex,bool decrypt,TWOFISH *tfdata);
166 
167 
168 /*	TwoFish Free
169  *
170  *	Free's the allocated buffer.
171  *
172  *	Input:	Pointer to the TwoFish structure
173  *
174  *	Output:	(none)
175  */
176 void TwoFishFree(TWOFISH *tfdata);
177 
178 
179 /*	TwoFish Set Output
180  *
181  *	If you want to allocate the output buffer yourself,
182  *	then you can set it with this function.
183  *
184  *	Input:	Pointer to your output buffer
185  *			Pointer to the TwoFish structure
186  *
187  *	Output:	(none)
188  */
189 void TwoFishSetOutput(uint8_t *outp,TWOFISH *tfdata);
190 
191 
192 /*	TwoFish Raw Encryption
193  *
194  *	Does not use header, but does use CBC (if more than one block has to be encrypted).
195  *
196  *	Input:	Pointer to the buffer of the plaintext to be encrypted.
197  *			Pointer to the buffer receiving the ciphertext.
198  *			The length of the plaintext buffer.
199  *			The TwoFish structure.
200  *
201  *	Output:	The amount of bytes encrypted if successful, otherwise 0.
202  */
203 uint32_t TwoFishEncryptRaw(uint8_t *in,uint8_t *out,uint32_t len,TWOFISH *tfdata);
204 
205 /*	TwoFish Raw Decryption
206  *
207  *	Does not use header, but does use CBC (if more than one block has to be decrypted).
208  *
209  *	Input:	Pointer to the buffer of the ciphertext to be decrypted.
210  *			Pointer to the buffer receiving the plaintext.
211  *			The length of the ciphertext buffer (at least one cipher block).
212  *			The TwoFish structure.
213  *
214  *	Output:	The amount of bytes decrypted if successful, otherwise 0.
215  */
216 uint32_t TwoFishDecryptRaw(uint8_t *in,uint8_t *out,uint32_t len,TWOFISH *tfdata);
217 
218 
219 /*	TwoFish Encryption
220  *
221  *	Uses header and CBC. If the output area has not been intialized with TwoFishAlloc,
222  *  this routine will alloc the memory. In addition, it will include a small 'header'
223  *  containing the magic and some salt. That way the decrypt routine can check if the
224  *  packet got decrypted successfully, and return 0 instead of garbage.
225  *
226  *	Input:	Pointer to the buffer of the plaintext to be encrypted.
227  *			Pointer to the pointer to the buffer receiving the ciphertext.
228  *				The pointer either points to user allocated output buffer space, or to NULL, in which case
229  *				this routine will set the pointer to the buffer allocated through the struct.
230  *			The length of the plaintext buffer.
231  *				Can be -1 if the input is a null terminated string, in which case we'll count for you.
232  *			Boolean flag for BinHex Output (if used, output will be twice as large as input).
233  *				Note: BinHex conversion overwrites (converts) input buffer!
234  *			The TwoFish structure.
235  *
236  *	Output:	The amount of bytes encrypted if successful, otherwise 0.
237  */
238 uint32_t TwoFishEncrypt(uint8_t *in,uint8_t **out,signed long len,bool binhex,TWOFISH *tfdata);
239 
240 
241 /*	TwoFish Decryption
242  *
243  *	Uses header and CBC. If the output area has not been intialized with TwoFishAlloc,
244  *  this routine will alloc the memory. In addition, it will check the small 'header'
245  *  containing the magic. If magic does not match we return 0. Otherwise we return the
246  *  amount of bytes decrypted (should be the same as the length in the header).
247  *
248  *	Input:	Pointer to the buffer of the ciphertext to be decrypted.
249  *			Pointer to the pointer to the buffer receiving the plaintext.
250  *				The pointer either points to user allocated output buffer space, or to NULL, in which case
251  *				this routine will set the pointer to the buffer allocated through the struct.
252  *			The length of the ciphertext buffer.
253  *				Can be -1 if the input is a null terminated binhex string, in which case we'll count for you.
254  *			Boolean flag for BinHex Input (if used, plaintext will be half as large as input).
255  *				Note: BinHex conversion overwrites (converts) input buffer!
256  *			The TwoFish structure.
257  *
258  *	Output:	The amount of bytes decrypted if successful, otherwise 0.
259  */
260 uint32_t TwoFishDecrypt(uint8_t *in,uint8_t **out,signed long len,bool binhex,TWOFISH *tfdata);
261 
262 
263 /**** Private Functions ****/
264 
265 uint8_t TwoFish__b(uint32_t x,int n);
266 void _TwoFish_BinHex(uint8_t *buf,uint32_t len,bool bintohex);
267 uint32_t _TwoFish_CryptRawCBC(uint8_t *in,uint8_t *out,uint32_t len,bool decrypt,TWOFISH *tfdata);
268 uint32_t _TwoFish_CryptRaw16(uint8_t *in,uint8_t *out,uint32_t len,bool decrypt,TWOFISH *tfdata);
269 uint32_t _TwoFish_CryptRaw(uint8_t *in,uint8_t *out,uint32_t len,bool decrypt,TWOFISH *tfdata);
270 void _TwoFish_PrecomputeMDSmatrix(void);
271 void _TwoFish_MakeSubKeys(TWOFISH *tfdata);
272 void _TwoFish_qBlockPush(uint8_t *p,uint8_t *c,TWOFISH *tfdata);
273 void _TwoFish_qBlockPop(uint8_t *p,uint8_t *c,TWOFISH *tfdata);
274 void _TwoFish_ResetCBC(TWOFISH *tfdata);
275 void _TwoFish_FlushOutput(uint8_t *b,uint32_t len,TWOFISH *tfdata);
276 void _TwoFish_BlockCrypt(uint8_t *in,uint8_t *out,uint32_t size,int decrypt,TWOFISH *tfdata);
277 void _TwoFish_BlockCrypt16(uint8_t *in,uint8_t *out,bool decrypt,TWOFISH *tfdata);
278 uint32_t _TwoFish_RS_MDS_Encode(uint32_t k0,uint32_t k1);
279 uint32_t _TwoFish_F32(uint32_t k64Cnt,uint32_t x,uint32_t *k32);
280 uint32_t _TwoFish_Fe320(uint32_t *lsBox,uint32_t x);
281 uint32_t _TwoFish_Fe323(uint32_t *lsBox,uint32_t x);
282 uint32_t _TwoFish_Fe32(uint32_t *lsBox,uint32_t x,uint32_t R);
283 
284 
285 #endif
286