thig_aes.h

Go to the documentation of this file.

/* Includes:
    Standard include files
*/

#include    <stdio.h>
#include    "thig_platform.h"           
/*  Defines:
        Add any additional defines you need
*/

#define     DIR_ENCRYPT     0       
#define     DIR_DECRYPT     1       
#define     MODE_ECB        1       
#define     MODE_CBC        2       
#define     MODE_CFB1       3       
#define     TRUE            1
#define     FALSE           0

#define     BAD_KEY_DIR         -1  
#define     BAD_KEY_MAT         -2  
#define     BAD_KEY_INSTANCE    -3  
#define     BAD_CIPHER_MODE     -4  
#define     BAD_CIPHER_STATE    -5  
/* CHANGE POSSIBLE: inclusion of algorithm specific defines */

#define     MAX_KEY_SIZE        64  
#define     MAX_IV_SIZE         16  
#define     BAD_INPUT_LEN       -6  
#define     BAD_PARAMS          -7  
#define     BAD_IV_MAT          -8  
#define     BAD_ENDIAN          -9  
#define     BAD_ALIGN32         -10 
#define     BLOCK_SIZE          128 
#define     MAX_ROUNDS           16 
#define     ROUNDS_128           16 
#define     ROUNDS_192           16 
#define     ROUNDS_256           16 
#define     MAX_KEY_BITS        256 
#define     MIN_KEY_BITS        128 
#define     VALID_SIG    0x48534946 
#define     MCT_OUTER           400 
#define     MCT_INNER         10000 
#define     REENTRANT             1 
#define     INPUT_WHITEN          0 
#define     OUTPUT_WHITEN       ( INPUT_WHITEN + BLOCK_SIZE/32)
#define     ROUND_SUBKEYS       (OUTPUT_WHITEN + BLOCK_SIZE/32) 
#define     TOTAL_SUBKEYS       (ROUND_SUBKEYS + 2*MAX_ROUNDS)

/* Typedefs:
    Typedef'ed data storage elements. Add any algorithm specific
    parameters at the bottom of the structs as appropriate.
*/

typedef unsigned char BYTE;
typedef unsigned long DWORD;        /* 32-bit unsigned quantity */
typedef DWORD fullSbox[4][256];

typedef struct 
    {
    BYTE direction;                 
#if ALIGN32
    BYTE dummyAlign[3];             
#endif
    int  keyLen;                    
    char keyMaterial[MAX_KEY_SIZE+4];
    DWORD keySig;                   
    int   numRounds;                
    DWORD key32[MAX_KEY_BITS/32];   
    DWORD sboxKeys[MAX_KEY_BITS/64];
    DWORD subKeys[TOTAL_SUBKEYS];   
#if REENTRANT
    fullSbox sBox8x32;              
#if defined(COMPILE_KEY) && defined(USE_ASM)
#undef  VALID_SIG
#define VALID_SIG    0x504D4F43     
    DWORD cSig1;                    
    void *encryptFuncPtr;           
    void *decryptFuncPtr;           
    DWORD codeSize;                 
    DWORD cSig2;                    
    BYTE  compiledCode[5000];       
  #endif
#endif
    } keyInstance;



typedef struct {
    BYTE  mode;                     
#if ALIGN32
    BYTE dummyAlign[3];             
#endif
    BYTE  IV[MAX_IV_SIZE];          
    DWORD cipherSig;                
    DWORD iv32[BLOCK_SIZE/32];      
    } cipherInstance;

int makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial);

int cipherInit(cipherInstance *cipher, BYTE mode, char *IV);

int blockEncrypt(cipherInstance *cipher, keyInstance *key, BYTE *input,
                int inputLen, BYTE *outBuffer);

int blockDecrypt(cipherInstance *cipher, keyInstance *key, BYTE *input,
                int inputLen, BYTE *outBuffer);

int reKey(keyInstance *key);    
#define     TAB_DISABLE         0
#define     TAB_ENABLE          1
#define     TAB_RESET           2
#define     TAB_QUERY           3
#define     TAB_MIN_QUERY       50
int TableOp(int op);


#define     CONST               
#if BLOCK_SIZE == 128           
#define     Copy1(d,s,N)    ((DWORD *)(d))[N] = ((DWORD *)(s))[N]
#define     BlockCopy(d,s)  { Copy1(d,s,0);Copy1(d,s,1);Copy1(d,s,2);Copy1(d,s,3); }
#else
#define     BlockCopy(d,s)  { memcpy(d,s,BLOCK_SIZE/8); }
#endif


#ifdef TEST_2FISH
/*                      ----- EXAMPLES -----

Unfortunately, the AES API is somewhat clumsy, and it is not entirely
obvious how to use the above functions.  In particular, note that
makeKey() takes an ASCII hex nibble key string (e.g., 32 characters
for a 128-bit key), which is rarely the way that keys are internally
represented.  The reKey() function uses instead the keyInstance.key32
array of key bits and is the preferred method.  In fact, makeKey()
initializes some internal keyInstance state, then parse the ASCII
string into the binary key32, and calls reKey().  To initialize the
keyInstance state, use a 'dummy' call to makeKey(); i.e., set the
keyMaterial parameter to NULL.  Then use reKey() for all key changes.
Similarly, cipherInit takes an IV string in ASCII hex, so a dummy setup
call with a null IV string will skip the ASCII parse.  

Note that CFB mode is not well tested nor defined by AES, so using the
Twofish MODE_CFB it not recommended.  If you wish to implement a CFB mode,
build it external to the Twofish code, using the Twofish functions only
in ECB mode.

Below is a sample piece of code showing how the code is typically used
to set up a key, encrypt, and decrypt.  Error checking is somewhat limited
in this example.  Pseudorandom bytes are used for all key and text.

If you compile TWOFISH2.C or TWOFISH.C as a DOS (or Windows Console) app
with this code enabled, the test will be run.  For example, using
Borland C, you would compile using:
  BCC32 -DTEST_2FISH twofish2.c
to run the test on the optimized code, or
  BCC32 -DTEST_2FISH twofish.c
to run the test on the pedagogical code.

*/

#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>

#define MAX_BLK_CNT     1       
int TestTwofish(int mode,int keySize) /* keySize must be 128, 192, or 256 */
    {                           /* return 0 iff test passes */
    keyInstance    ki;          /* key information, including tables */
    cipherInstance ci;          /* keeps mode (ECB, CBC) and IV */
    BYTE  plainText[MAX_BLK_CNT*(BLOCK_SIZE/8)];
    BYTE cipherText[MAX_BLK_CNT*(BLOCK_SIZE/8)];
    BYTE decryptOut[MAX_BLK_CNT*(BLOCK_SIZE/8)];
    BYTE iv[BLOCK_SIZE/8];
    int  i,byteCnt;

    if (makeKey(&ki,DIR_ENCRYPT,keySize,NULL) != TRUE)
        return 1;               /* 'dummy' setup for a 128-bit key */
    if (cipherInit(&ci,mode,NULL) != TRUE)
        return 1;               /* 'dummy' setup for cipher */
    
    for (i=0;i<keySize/32;i++)  /* select key bits */
        ki.key32[i]=0x10003 * rand();
    reKey(&ki);                 /* run the key schedule */

    if (mode != MODE_ECB)       /* set up random iv (if needed)*/
        {
        for (i=0;i<sizeof(iv);i++)
            iv[i]=(BYTE) rand();
        memcpy(ci.iv32,iv,sizeof(ci.iv32)); /* copy the IV to ci */
        }

   /* select number of bytes to encrypt (multiple of block)
    *   e.g., byteCnt = 16, 32, 48, 64 
    */
    byteCnt = (BLOCK_SIZE/8) * (1 + (rand() % MAX_BLK_CNT));

    for (i=0;i<byteCnt;i++)     
        plainText[i]=(BYTE) rand();
    
    /* encrypt the bytes */
    if (blockEncrypt(&ci,&ki, plainText,byteCnt*8,cipherText) != byteCnt*8)
        return 1;

    /* decrypt the bytes */
    if (mode != MODE_ECB)       
        memcpy(ci.iv32,iv,sizeof(ci.iv32));

    if (blockDecrypt(&ci,&ki,cipherText,byteCnt*8,decryptOut) != byteCnt*8)
        return 1;               
    
    /* make sure the decrypt output matches original plaintext */
    if (memcmp(plainText,decryptOut,byteCnt))
        return 1;       

    return 0;                   
    }

void main(void)
    {
    int testCnt,keySize;

    srand((unsigned) time(NULL));   /* randomize */

    for (keySize=128;keySize<=256;keySize+=64)
        for (testCnt=0;testCnt<10;testCnt++)
            {
            if (TestTwofish(MODE_ECB,keySize))
                { printf("ECB Failure at keySize=%d",keySize); return; }
            if (TestTwofish(MODE_CBC,keySize))
                { printf("CBC Failure at keySize=%d",keySize); return; }
            }
    printf("Tests passed");
    }
#endif /* TEST_2FISH */

---