/src/botan/src/lib/block/lion/lion.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Lion |
3 | | * (C) 1999-2007,2014 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/lion.h> |
9 | | #include <botan/exceptn.h> |
10 | | |
11 | | namespace Botan { |
12 | | |
13 | | /* |
14 | | * Lion Encryption |
15 | | */ |
16 | | void Lion::encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const |
17 | 0 | { |
18 | 0 | verify_key_set(m_key1.empty() == false); |
19 | 0 |
|
20 | 0 | const size_t LEFT_SIZE = left_size(); |
21 | 0 | const size_t RIGHT_SIZE = right_size(); |
22 | 0 |
|
23 | 0 | secure_vector<uint8_t> buffer_vec(LEFT_SIZE); |
24 | 0 | uint8_t* buffer = buffer_vec.data(); |
25 | 0 |
|
26 | 0 | for(size_t i = 0; i != blocks; ++i) |
27 | 0 | { |
28 | 0 | xor_buf(buffer, in, m_key1.data(), LEFT_SIZE); |
29 | 0 | m_cipher->set_key(buffer, LEFT_SIZE); |
30 | 0 | m_cipher->cipher(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE); |
31 | 0 |
|
32 | 0 | m_hash->update(out + LEFT_SIZE, RIGHT_SIZE); |
33 | 0 | m_hash->final(buffer); |
34 | 0 | xor_buf(out, in, buffer, LEFT_SIZE); |
35 | 0 |
|
36 | 0 | xor_buf(buffer, out, m_key2.data(), LEFT_SIZE); |
37 | 0 | m_cipher->set_key(buffer, LEFT_SIZE); |
38 | 0 | m_cipher->cipher1(out + LEFT_SIZE, RIGHT_SIZE); |
39 | 0 |
|
40 | 0 | in += m_block_size; |
41 | 0 | out += m_block_size; |
42 | 0 | } |
43 | 0 | } |
44 | | |
45 | | /* |
46 | | * Lion Decryption |
47 | | */ |
48 | | void Lion::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const |
49 | 0 | { |
50 | 0 | verify_key_set(m_key1.empty() == false); |
51 | 0 |
|
52 | 0 | const size_t LEFT_SIZE = left_size(); |
53 | 0 | const size_t RIGHT_SIZE = right_size(); |
54 | 0 |
|
55 | 0 | secure_vector<uint8_t> buffer_vec(LEFT_SIZE); |
56 | 0 | uint8_t* buffer = buffer_vec.data(); |
57 | 0 |
|
58 | 0 | for(size_t i = 0; i != blocks; ++i) |
59 | 0 | { |
60 | 0 | xor_buf(buffer, in, m_key2.data(), LEFT_SIZE); |
61 | 0 | m_cipher->set_key(buffer, LEFT_SIZE); |
62 | 0 | m_cipher->cipher(in + LEFT_SIZE, out + LEFT_SIZE, RIGHT_SIZE); |
63 | 0 |
|
64 | 0 | m_hash->update(out + LEFT_SIZE, RIGHT_SIZE); |
65 | 0 | m_hash->final(buffer); |
66 | 0 | xor_buf(out, in, buffer, LEFT_SIZE); |
67 | 0 |
|
68 | 0 | xor_buf(buffer, out, m_key1.data(), LEFT_SIZE); |
69 | 0 | m_cipher->set_key(buffer, LEFT_SIZE); |
70 | 0 | m_cipher->cipher1(out + LEFT_SIZE, RIGHT_SIZE); |
71 | 0 |
|
72 | 0 | in += m_block_size; |
73 | 0 | out += m_block_size; |
74 | 0 | } |
75 | 0 | } |
76 | | |
77 | | /* |
78 | | * Lion Key Schedule |
79 | | */ |
80 | | void Lion::key_schedule(const uint8_t key[], size_t length) |
81 | 0 | { |
82 | 0 | clear(); |
83 | 0 |
|
84 | 0 | const size_t half = length / 2; |
85 | 0 |
|
86 | 0 | m_key1.resize(left_size()); |
87 | 0 | m_key2.resize(left_size()); |
88 | 0 | clear_mem(m_key1.data(), m_key1.size()); |
89 | 0 | clear_mem(m_key2.data(), m_key2.size()); |
90 | 0 | copy_mem(m_key1.data(), key, half); |
91 | 0 | copy_mem(m_key2.data(), key + half, half); |
92 | 0 | } |
93 | | |
94 | | /* |
95 | | * Return the name of this type |
96 | | */ |
97 | | std::string Lion::name() const |
98 | 0 | { |
99 | 0 | return "Lion(" + m_hash->name() + "," + |
100 | 0 | m_cipher->name() + "," + |
101 | 0 | std::to_string(block_size()) + ")"; |
102 | 0 | } |
103 | | |
104 | | /* |
105 | | * Return a clone of this object |
106 | | */ |
107 | | BlockCipher* Lion::clone() const |
108 | 0 | { |
109 | 0 | return new Lion(m_hash->clone(), m_cipher->clone(), block_size()); |
110 | 0 | } |
111 | | |
112 | | /* |
113 | | * Clear memory of sensitive data |
114 | | */ |
115 | | void Lion::clear() |
116 | 0 | { |
117 | 0 | zap(m_key1); |
118 | 0 | zap(m_key2); |
119 | 0 | m_hash->clear(); |
120 | 0 | m_cipher->clear(); |
121 | 0 | } |
122 | | |
123 | | /* |
124 | | * Lion Constructor |
125 | | */ |
126 | | Lion::Lion(HashFunction* hash, StreamCipher* cipher, size_t bs) : |
127 | | m_block_size(std::max<size_t>(2*hash->output_length() + 1, bs)), |
128 | | m_hash(hash), |
129 | | m_cipher(cipher) |
130 | 0 | { |
131 | 0 | if(2*left_size() + 1 > m_block_size) |
132 | 0 | throw Invalid_Argument(name() + ": Chosen block size is too small"); |
133 | 0 | |
134 | 0 | if(!m_cipher->valid_keylength(left_size())) |
135 | 0 | throw Invalid_Argument(name() + ": This stream/hash combo is invalid"); |
136 | 0 | } |
137 | | |
138 | | } |