luajitos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

Twofish-256-GCM.h (2922B)

      1 /*
      2  * Twofish-256-GCM Implementation
      3  *
      4  * Twofish is a 128-bit block cipher designed by Bruce Schneier
      5  * Supports 128, 192, and 256-bit keys
      6  * This implementation uses 256-bit keys with GCM mode for AEAD
      7  */
      8 
      9 #ifndef TWOFISH_256_GCM_H
     10 #define TWOFISH_256_GCM_H
     11 
     12 #include <stdint.h>
     13 #include <stddef.h>
     14 #include <string.h>
     15 #include <immintrin.h>
     16 #include <wmmintrin.h>
     17 
     18 #ifdef __cplusplus
     19 extern "C" {
     20 #endif
     21 
     22 /* Twofish constants */
     23 #define TWOFISH_BLOCK_SIZE 16
     24 #define TWOFISH_KEY_SIZE 32
     25 #define TWOFISH_ROUNDS 16
     26 #define TWOFISH_SUBKEYS (2 * TWOFISH_ROUNDS + 8)
     27 
     28 /* Twofish key schedule */
     29 typedef struct {
     30     uint32_t K[40];      /* Subkeys */
     31     uint32_t S[4][256];  /* S-boxes */
     32 } twofish_key_schedule;
     33 
     34 /* Twofish-GCM context */
     35 typedef struct {
     36     twofish_key_schedule key_schedule;
     37     __m128i H;              /* Hash subkey for GCM */
     38     __m128i H_powers[8];    /* Precomputed powers of H */
     39 } twofish256_gcm_context;
     40 
     41 /**
     42  * Initialize Twofish-256-GCM context
     43  *
     44  * @param ctx Context to initialize
     45  * @param key 256-bit (32 byte) encryption key
     46  * @return 0 on success, -1 on error
     47  */
     48 int twofish256_gcm_init(twofish256_gcm_context *ctx, const uint8_t *key);
     49 
     50 /**
     51  * Encrypt with Twofish-256-GCM
     52  *
     53  * @param ctx Initialized context
     54  * @param iv Initialization vector (12 bytes recommended)
     55  * @param iv_len Length of IV
     56  * @param aad Additional authenticated data (can be NULL)
     57  * @param aad_len Length of AAD
     58  * @param plaintext Plaintext to encrypt
     59  * @param pt_len Plaintext length
     60  * @param ciphertext Output buffer (same size as plaintext)
     61  * @param tag Authentication tag output (16 bytes)
     62  * @param tag_len Tag length (must be 16)
     63  * @return 0 on success, -1 on error
     64  */
     65 int twofish256_gcm_encrypt(
     66     twofish256_gcm_context *ctx,
     67     const uint8_t *iv, size_t iv_len,
     68     const uint8_t *aad, size_t aad_len,
     69     const uint8_t *plaintext, size_t pt_len,
     70     uint8_t *ciphertext,
     71     uint8_t *tag, size_t tag_len
     72 );
     73 
     74 /**
     75  * Decrypt with Twofish-256-GCM
     76  *
     77  * @param ctx Initialized context
     78  * @param iv Initialization vector (12 bytes recommended)
     79  * @param iv_len Length of IV
     80  * @param aad Additional authenticated data (can be NULL)
     81  * @param aad_len Length of AAD
     82  * @param ciphertext Ciphertext to decrypt
     83  * @param ct_len Ciphertext length
     84  * @param tag Authentication tag to verify (16 bytes)
     85  * @param tag_len Tag length (must be 16)
     86  * @param plaintext Output buffer (same size as ciphertext)
     87  * @return 0 on success, -1 on authentication failure or error
     88  */
     89 int twofish256_gcm_decrypt(
     90     twofish256_gcm_context *ctx,
     91     const uint8_t *iv, size_t iv_len,
     92     const uint8_t *aad, size_t aad_len,
     93     const uint8_t *ciphertext, size_t ct_len,
     94     const uint8_t *tag, size_t tag_len,
     95     uint8_t *plaintext
     96 );
     97 
     98 /**
     99  * Clean up context (zeros sensitive data)
    100  */
    101 void twofish256_gcm_cleanup(twofish256_gcm_context *ctx);
    102 
    103 #ifdef __cplusplus
    104 }
    105 #endif
    106 
    107 #endif /* TWOFISH_256_GCM_H */