Mercurial > projects > dcrypt
annotate dcrypt/crypto/ciphers/RC6.d @ 1:483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
author | Thomas Dixon <reikon@reikon.us> |
---|---|
date | Tue, 12 Aug 2008 05:48:06 -0400 |
parents | 0e08791a1418 |
children | 71aae178f89a |
rev | line source |
---|---|
0 | 1 /** |
2 * This file is part of the dcrypt project. | |
3 * | |
4 * It should be noted that this algorithm is very similar to RC5. | |
5 * Currently there are no plans to implement RC5, but should that change | |
6 * in the future, it may be wise to rewrite both RC5 and RC6 to use some | |
7 * kind of template or base class. | |
8 * | |
9 * Copyright: Copyright (C) dcrypt contributors 2008. All rights reserved. | |
10 * License: MIT | |
11 * Authors: Thomas Dixon | |
12 */ | |
13 | |
14 module dcrypt.crypto.ciphers.RC6; | |
15 | |
16 import dcrypt.misc.Util; | |
17 import dcrypt.crypto.BlockCipher; | |
18 | |
19 /** | |
20 * Implementation of the RC6-32/20/b cipher designed by | |
21 * Ron Rivest et al. of RSA Security. | |
22 * | |
23 * Note: This algorithm is patented and trademarked. | |
24 */ | |
25 class RC6 : BlockCipher { | |
1
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
26 private { |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
27 const uint ROUNDS = 20, |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
28 BLOCK_SIZE = 16, |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
29 // Magic constants for a 32 bit word size |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
30 P = 0xb7e15163, |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
31 Q = 0x9e3779b9; |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
32 uint[] S; |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
33 ubyte[] workingKey; |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
34 bool initialized, |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
35 encrypt; |
483e4467b5f6
Added Blowfish with test vectors. Minor cleanup of other cipher classes (should probably clean more). Continued work on high-level cipher API (didn't get very far).
Thomas Dixon <reikon@reikon.us>
parents:
0
diff
changeset
|
36 } |
0 | 37 |
38 char[] name() { | |
39 return "RC6"; | |
40 } | |
41 | |
42 uint blockSize() { | |
43 return BLOCK_SIZE; | |
44 } | |
45 | |
46 void init(bool encrypt, CipherParameters params) { | |
47 SymmetricKey keyParams = cast(SymmetricKey)params; | |
48 if (!keyParams) | |
49 throw new InvalidParameterError( | |
50 name()~": Invalid parameter passed to init"); | |
51 this.encrypt = encrypt; | |
52 | |
53 uint len = keyParams.key.length; | |
54 if (len != 16 && len != 24 && len != 32) | |
55 throw new InvalidKeyError( | |
56 name()~": Invalid key length (requires 16/24/32 bytes)"); | |
57 | |
58 S = new uint[2*ROUNDS+4]; | |
59 | |
60 workingKey = keyParams.key; | |
61 setup(workingKey); | |
62 | |
63 initialized = true; | |
64 } | |
65 | |
66 uint processBlock(void[] input_, uint inOff, void[] output_, uint outOff) { | |
67 if (!initialized) | |
68 throw new NotInitializedError(name()~": Cipher not initialized"); | |
69 | |
70 ubyte[] input = cast(ubyte[]) input_; | |
71 ubyte[] output = cast(ubyte[]) output_; | |
72 | |
73 if ((inOff + BLOCK_SIZE) > input.length) | |
74 throw new ShortBufferError(name()~": Input buffer too short"); | |
75 | |
76 if ((outOff + BLOCK_SIZE) > output.length) | |
77 throw new ShortBufferError(name()~": Output buffer too short"); | |
78 | |
79 uint A = Util.ubytesToUintLittle(input, inOff), | |
80 B = Util.ubytesToUintLittle(input, inOff+4), | |
81 C = Util.ubytesToUintLittle(input, inOff+8), | |
82 D = Util.ubytesToUintLittle(input, inOff+12), | |
83 t, | |
84 u; | |
85 | |
86 if (encrypt) { | |
87 B += S[0]; | |
88 D += S[1]; | |
89 for (int i = 1; i <= ROUNDS; i++) { | |
90 t = Util.rotateLeft(B*((B<<1)+1), 5); | |
91 u = Util.rotateLeft(D*((D<<1)+1), 5); | |
92 A = Util.rotateLeft(A^t, u) + S[i<<1]; | |
93 C = Util.rotateLeft(C^u, t) + S[(i<<1)+1]; | |
94 t = A; | |
95 A = B; | |
96 B = C; | |
97 C = D; | |
98 D = t; | |
99 } | |
100 A += S[2*ROUNDS+2]; | |
101 C += S[2*ROUNDS+3]; | |
102 } else { | |
103 C -= S[2*ROUNDS+3]; | |
104 A -= S[2*ROUNDS+2]; | |
105 for (int i = ROUNDS; i >= 1; i--) { | |
106 t = D; | |
107 D = C; | |
108 C = B; | |
109 B = A; | |
110 A = t; | |
111 u = Util.rotateLeft(D*((D<<1)+1), 5); | |
112 t = Util.rotateLeft(B*((B<<1)+1), 5); | |
113 C = Util.rotateRight(C-S[(i<<1)+1], t) ^ u; | |
114 A = Util.rotateRight(A-S[i<<1], u) ^ t; | |
115 } | |
116 D -= S[1]; | |
117 B -= S[0]; | |
118 } | |
119 | |
120 Util.uintToUbytesLittle(A, output, outOff); | |
121 Util.uintToUbytesLittle(B, output, outOff+4); | |
122 Util.uintToUbytesLittle(C, output, outOff+8); | |
123 Util.uintToUbytesLittle(D, output, outOff+12); | |
124 | |
125 return BLOCK_SIZE; | |
126 } | |
127 | |
128 void reset() { | |
129 setup(workingKey); | |
130 } | |
131 | |
132 void setup(ubyte[] key) { | |
133 uint c = key.length/4; | |
134 uint[] L = new uint[c]; | |
135 for (int i = 0, j = 0; i < c; i++, j+=4) | |
136 L[i] = Util.ubytesToUintLittle(key, j); | |
137 S[0] = P; | |
138 for (int i = 1; i <= 2*ROUNDS+3; i++) | |
139 S[i] = S[i-1] + Q; | |
140 uint A, B, i, j, v = 3*(2*ROUNDS+4); // Relying on ints initializing to 0 | |
141 for (int s = 1; s <= v; s++) { | |
142 A = S[i] = Util.rotateLeft(S[i]+A+B, 3); | |
143 B = L[j] = Util.rotateLeft(L[j]+A+B, A+B); | |
144 i = (i + 1) % (2*ROUNDS+4); | |
145 j = (j + 1) % c; | |
146 } | |
147 } | |
148 | |
149 /** Some RC6 test vectors from the spec. */ | |
150 version (UnitTest) { | |
151 unittest { | |
152 static const char[][] test_keys = [ | |
153 "00000000000000000000000000000000", | |
154 | |
155 "0123456789abcdef0112233445566778", | |
156 | |
157 "00000000000000000000000000000000"~ | |
158 "0000000000000000", | |
159 | |
160 "0123456789abcdef0112233445566778"~ | |
161 "899aabbccddeeff0", | |
162 | |
163 "00000000000000000000000000000000"~ | |
164 "00000000000000000000000000000000", | |
165 | |
166 "0123456789abcdef0112233445566778"~ | |
167 "899aabbccddeeff01032547698badcfe" | |
168 ]; | |
169 | |
170 static const char[][] test_plaintexts = [ | |
171 "00000000000000000000000000000000", | |
172 "02132435465768798a9bacbdcedfe0f1", | |
173 "00000000000000000000000000000000", | |
174 "02132435465768798a9bacbdcedfe0f1", | |
175 "00000000000000000000000000000000", | |
176 "02132435465768798a9bacbdcedfe0f1" | |
177 ]; | |
178 | |
179 static const char[][] test_ciphertexts = [ | |
180 "8fc3a53656b1f778c129df4e9848a41e", | |
181 "524e192f4715c6231f51f6367ea43f18", | |
182 "6cd61bcb190b30384e8a3f168690ae82", | |
183 "688329d019e505041e52e92af95291d4", | |
184 "8f5fbd0510d15fa893fa3fda6e857ec2", | |
185 "c8241816f0d7e48920ad16a1674e5d48" | |
186 ]; | |
187 | |
188 RC6 t = new RC6(); | |
189 foreach (uint i, char[] test_key; test_keys) { | |
190 ubyte[] buffer = new ubyte[t.blockSize]; | |
191 char[] result; | |
192 SymmetricKey key = new SymmetricKey(Util.hexToUbytes(test_key)); | |
193 | |
194 // Encryption | |
195 t.init(true, key); | |
196 t.processBlock(Util.hexToUbytes(test_plaintexts[i]), 0, buffer, 0); | |
197 result = Util.ubytesToHex(buffer); | |
198 assert(result == test_ciphertexts[i], | |
199 t.name()~": ("~result~") != ("~test_ciphertexts[i]~")"); | |
200 | |
201 // Decryption | |
202 t.init(false, key); | |
203 t.processBlock(Util.hexToUbytes(test_ciphertexts[i]), 0, buffer, 0); | |
204 result = Util.ubytesToHex(buffer); | |
205 assert(result == test_plaintexts[i], | |
206 t.name()~": ("~result~") != ("~test_ciphertexts[i]~")"); | |
207 } | |
208 } | |
209 } | |
210 } |