Mercurial > projects > dcrypt

view dcrypt/crypto/ciphers/XTEA.d @ 23:4589f8c5eb3c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Replaced dcrypt.crypto.Util with dcrypt.misc.Bitwise and dcrypt.misc.ByteConverter. Altered all dependent files to reflect changes.
author Thomas Dixon <reikon@reikon.us>
date Sat, 14 Feb 2009 19:58:20 -0500
parents 5ce3012f1def
children 176c933827a8
line wrap: on
line source

/**
 * This file is part of the dcrypt project.
 *
 * Copyright: Copyright (C) dcrypt contributors 2008. All rights reserved.
 * License:   MIT
 * Authors:   Thomas Dixon
 */

module dcrypt.crypto.ciphers.XTEA;

import dcrypt.misc.ByteConverter;
import dcrypt.crypto.BlockCipher;

/** Implementation of the XTEA cipher designed by
    David Wheeler and Roger Needham. */
class XTEA : BlockCipher {
    private {
        const uint ROUNDS = 32,
                   KEY_SIZE = 16,
                   BLOCK_SIZE = 8,
                   DELTA = 0x9e3779b9;
        uint[] subkeys,
               sum0,
               sum1;
    }
    
    void reset(){}
    
    char[] name() {
        return "XTEA";
    }
    
    uint blockSize() {
        return BLOCK_SIZE;
    }
    
    void init(bool encrypt, CipherParameters params) {
        SymmetricKey keyParams = cast(SymmetricKey)params;
        if (!keyParams)
            throw new InvalidParameterError(
                    name()~": Invalid parameter passed to init");
        _encrypt = encrypt;
                    
        if (keyParams.key.length != KEY_SIZE)
            throw new InvalidKeyError(
                    name()~": Invalid key length (requires 16 bytes)");
        
        subkeys = new uint[4];
        sum0 = new uint[32];
        sum1 = new uint[32];
        
        int i, j;
        for (i = j = 0; i < 4; i++, j+=int.sizeof)
            subkeys[i] = ByteConverter.BigEndian.to!(uint)(keyParams.key[j..j+int.sizeof]);
            
        // Precompute the values of sum + k[] to speed up encryption
        for (i = j = 0; i < ROUNDS; i++) {
            sum0[i] = (j + subkeys[j & 3]);
            j += DELTA;
            sum1[i] = (j + subkeys[j >> 11 & 3]);
        }
        _initialized = true;
    }
    
    uint update(void[] input_, void[] output_) {
        if (!_initialized)
            throw new NotInitializedError(name()~": Cipher not initialized");
            
        ubyte[] input = cast(ubyte[]) input_,
                output = cast(ubyte[]) output_;
                    
        if (input.length < BLOCK_SIZE)
            throw new ShortBufferError(name()~": Input buffer too short");
            
        if (output.length < BLOCK_SIZE)
            throw new ShortBufferError(name()~": Output buffer too short");
        
        uint v0 = ByteConverter.BigEndian.to!(uint)(input[0..4]),
             v1 = ByteConverter.BigEndian.to!(uint)(input[4..8]);
             
        if (_encrypt) {
            for (int i = 0; i < ROUNDS; i++) {
                v0 += ((v1 << 4 ^ v1 >> 5) + v1) ^ sum0[i];
                v1 += ((v0 << 4 ^ v0 >> 5) + v0) ^ sum1[i];
            }
        } else {
            for (int i = ROUNDS-1; i >= 0; i--) {
                v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ sum1[i];
                v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ sum0[i];
            }
        }
        
        output[0..4] = ByteConverter.BigEndian.from!(uint)(v0);
        output[4..8] = ByteConverter.BigEndian.from!(uint)(v1);
        
        return BLOCK_SIZE;
    }
    
    /** Some XTEA test vectors. */
    version (UnitTest) {
        unittest {
            static const char[][] test_keys = [
                "00000000000000000000000000000000",
                "00000000000000000000000000000000",
                "0123456712345678234567893456789a",
                "0123456712345678234567893456789a",
                "00000000000000000000000000000001",
                "01010101010101010101010101010101",
                "0123456789abcdef0123456789abcdef",
                "0123456789abcdef0123456789abcdef",
                "00000000000000000000000000000000",
                "00000000000000000000000000000000"
            ];
                 
            static const char[][] test_plaintexts = [
                "0000000000000000",
                "0102030405060708",
                "0000000000000000",
                "0102030405060708",
                "0000000000000001",
                "0101010101010101",
                "0123456789abcdef",
                "0000000000000000",
                "0123456789abcdef",
                "4141414141414141"
            ];
                
            static const char[][] test_ciphertexts = [
                "dee9d4d8f7131ed9",
                "065c1b8975c6a816",
                "1ff9a0261ac64264",
                "8c67155b2ef91ead",
                "9f25fa5b0f86b758",
                "c2eca7cec9b7f992",
                "27e795e076b2b537",
                "5c8eddc60a95b3e1",
                "7e66c71c88897221",
                "ed23375a821a8c2d"
            ];
                
            XTEA t = new XTEA();
            foreach (uint i, char[] test_key; test_keys) {
                ubyte[] buffer = new ubyte[t.blockSize];
                char[] result;
                SymmetricKey key = new SymmetricKey(ByteConverter.hexDecode(test_key));
                
                // Encryption
                t.init(true, key);
                t.update(ByteConverter.hexDecode(test_plaintexts[i]), buffer);
                result = ByteConverter.hexEncode(buffer);
                assert(result == test_ciphertexts[i],
                        t.name~": ("~result~") != ("~test_ciphertexts[i]~")");
    
                // Decryption
                t.init(false, key);
                t.update(ByteConverter.hexDecode(test_ciphertexts[i]), buffer);
                result = ByteConverter.hexEncode(buffer);
                assert(result == test_plaintexts[i],
                        t.name~": ("~result~") != ("~test_plaintexts[i]~")");
            }
        }
    }
}