// SPDX-License-Identifier: GPL-2.0-or-later /* * Twofish for CryptoAPI * * Originally Twofish for GPG * By Matthew Skala <[email protected]>, July 26, 1998 * 256-bit key length added March 20, 1999 * Some modifications to reduce the text size by Werner Koch, April, 1998 * Ported to the kerneli patch by Marc Mutz <[email protected]> * Ported to CryptoAPI by Colin Slater <[email protected]> * * The original author has disclaimed all copyright interest in this * code and thus put it in the public domain. The subsequent authors * have put this under the GNU General Public License. * * This code is a "clean room" implementation, written from the paper * _Twofish: A 128-Bit Block Cipher_ by Bruce Schneier, John Kelsey, * Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson, available * through http://www.counterpane.com/twofish.html * * For background information on multiplication in finite fields, used for * the matrix operations in the key schedule, see the book _Contemporary * Abstract Algebra_ by Joseph A. Gallian, especially chapter 22 in the * Third Edition. */ #include <linux/unaligned.h> #include <crypto/algapi.h> #include <crypto/twofish.h> #include <linux/module.h> #include <linux/init.h> #include <linux/types.h> #include <linux/errno.h> #include <linux/bitops.h> /* Macros to compute the g() function in the encryption and decryption * rounds. G1 is the straight g() function; G2 includes the 8-bit * rotation for the high 32-bit word. */ #define G1(a) … #define G2(b) … /* Encryption and decryption Feistel rounds. Each one calls the two g() * macros, does the PHT, and performs the XOR and the appropriate bit * rotations. The parameters are the round number (used to select subkeys), * and the four 32-bit chunks of the text. */ #define ENCROUND(n, a, b, c, d) … #define DECROUND(n, a, b, c, d) … /* Encryption and decryption cycles; each one is simply two Feistel rounds * with the 32-bit chunks re-ordered to simulate the "swap" */ #define ENCCYCLE(n) … #define DECCYCLE(n) … /* Macros to convert the input and output bytes into 32-bit words, * and simultaneously perform the whitening step. INPACK packs word * number n into the variable named by x, using whitening subkey number m. * OUTUNPACK unpacks word number n from the variable named by x, using * whitening subkey number m. */ #define INPACK(n, x, m) … #define OUTUNPACK(n, x, m) … /* Encrypt one block. in and out may be the same. */ static void twofish_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { … } /* Decrypt one block. in and out may be the same. */ static void twofish_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { … } static struct crypto_alg alg = …; static int __init twofish_mod_init(void) { … } static void __exit twofish_mod_fini(void) { … } subsys_initcall(twofish_mod_init); module_exit(twofish_mod_fini); MODULE_LICENSE(…) …; MODULE_DESCRIPTION(…) …; MODULE_ALIAS_CRYPTO(…) …; MODULE_ALIAS_CRYPTO(…) …;