/src/cryptopp/salsa.h

Source (jump to first uncovered line)
// salsa.h - originally written and placed in the public domain by Wei Dai

/// \file salsa.h
/// \brief Classes for Salsa and Salsa20 stream ciphers

#ifndef CRYPTOPP_SALSA_H
#define CRYPTOPP_SALSA_H

#include "strciphr.h"
#include "secblock.h"

// Clang 3.3 integrated assembler crash on Linux. Clang 3.4 due to compiler
// error with .intel_syntax, http://llvm.org/bugs/show_bug.cgi?id=24232
#if CRYPTOPP_BOOL_X32 || defined(CRYPTOPP_DISABLE_MIXED_ASM)
# define CRYPTOPP_DISABLE_SALSA_ASM 1
#endif

NAMESPACE_BEGIN(CryptoPP)

/// \brief Salsa20 core transform
/// \param data the data to transform
/// \param rounds the number of rounds
/// \details Several algorithms, like CryptoBox and Scrypt, require access to
///  the core Salsa20 transform. The current Crypto++ implementation does not
///  lend itself to disgorging the Salsa20 cipher from the Salsa20 core transform.
///  Instead Salsa20_Core is provided with customary accelerations.
void Salsa20_Core(word32* data, unsigned int rounds);

/// \brief Salsa20 stream cipher information
/// \since Crypto++ 5.4
struct Salsa20_Info : public VariableKeyLength<32, 16, 32, 16, SimpleKeyingInterface::UNIQUE_IV, 8>
{
  static std::string StaticAlgorithmName() {return "Salsa20";}
};

/// \brief Salsa20 stream cipher operation
/// \since Crypto++ 5.4
class CRYPTOPP_NO_VTABLE Salsa20_Policy : public AdditiveCipherConcretePolicy<word32, 16>
{
protected:
  Salsa20_Policy() : m_rounds(ROUNDS) {}
  void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
  void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount);
  void CipherResynchronize(byte *keystreamBuffer, const byte *IV, size_t length);
  bool CipherIsRandomAccess() const {return true;}
  void SeekToIteration(lword iterationCount);

#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
  unsigned int GetAlignment() const;
  unsigned int GetOptimalBlockSize() const;
#endif

  std::string AlgorithmProvider() const;

  CRYPTOPP_CONSTANT(ROUNDS = 20);  // Default rounds
  FixedSizeAlignedSecBlock<word32, 16> m_state;
  int m_rounds;
};

/// \brief Salsa20 stream cipher
/// \details Salsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
/// \sa <A HREF="https://cr.yp.to/snuffle/salsafamily-20071225.pdf">The Salsa20
///  family of stream ciphers (20071225)</A>,
///  <A HREF="https://cr.yp.to/snuffle.html">Snuffle 2005: the Salsa20 encryption
///  function</A> and <A HREF="https://www.cryptopp.com/wiki/Salsa20">Salsa20</A>
/// \since Crypto++ 5.4
struct Salsa20 : public Salsa20_Info, public SymmetricCipherDocumentation
{
  typedef SymmetricCipherFinal<ConcretePolicyHolder<Salsa20_Policy, AdditiveCipherTemplate<> >, Salsa20_Info> Encryption;
  typedef Encryption Decryption;
};

/// \brief XSalsa20 stream cipher information
/// \since Crypto++ 5.4
struct XSalsa20_Info : public FixedKeyLength<32, SimpleKeyingInterface::UNIQUE_IV, 24>
{
  static std::string StaticAlgorithmName() {return "XSalsa20";}
};

/// \brief XSalsa20 stream cipher operation
/// \since Crypto++ 5.4
class CRYPTOPP_NO_VTABLE XSalsa20_Policy : public Salsa20_Policy
{
public:
  void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
  void CipherResynchronize(byte *keystreamBuffer, const byte *IV, size_t length);

protected:
  FixedSizeSecBlock<word32, 8> m_key;
};

/// \brief XSalsa20 stream cipher
/// \details XSalsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
/// \sa <a href="http://www.cryptolounge.org/wiki/XSalsa20">XSalsa20</a>
/// \since Crypto++ 5.4
struct XSalsa20 : public XSalsa20_Info, public SymmetricCipherDocumentation
{
  typedef SymmetricCipherFinal<ConcretePolicyHolder<XSalsa20_Policy, AdditiveCipherTemplate<> >, XSalsa20_Info> Encryption;
  typedef Encryption Decryption;
};

NAMESPACE_END

#endif

Coverage Report

Created: 2024-11-21 07:03

Line	Count	Source (jump to first uncovered line)
1		// salsa.h - originally written and placed in the public domain by Wei Dai
2
3		/// \file salsa.h
4		/// \brief Classes for Salsa and Salsa20 stream ciphers
5
6		#ifndef CRYPTOPP_SALSA_H
7		#define CRYPTOPP_SALSA_H
8
9		#include "strciphr.h"
10		#include "secblock.h"
11
12		// Clang 3.3 integrated assembler crash on Linux. Clang 3.4 due to compiler
13		// error with .intel_syntax, http://llvm.org/bugs/show_bug.cgi?id=24232
14		#if CRYPTOPP_BOOL_X32 \|\| defined(CRYPTOPP_DISABLE_MIXED_ASM)
15		# define CRYPTOPP_DISABLE_SALSA_ASM 1
16		#endif
17
18		NAMESPACE_BEGIN(CryptoPP)
19
20		/// \brief Salsa20 core transform
21		/// \param data the data to transform
22		/// \param rounds the number of rounds
23		/// \details Several algorithms, like CryptoBox and Scrypt, require access to
24		/// the core Salsa20 transform. The current Crypto++ implementation does not
25		/// lend itself to disgorging the Salsa20 cipher from the Salsa20 core transform.
26		/// Instead Salsa20_Core is provided with customary accelerations.
27		void Salsa20_Core(word32* data, unsigned int rounds);
28
29		/// \brief Salsa20 stream cipher information
30		/// \since Crypto++ 5.4
31		struct Salsa20_Info : public VariableKeyLength<32, 16, 32, 16, SimpleKeyingInterface::UNIQUE_IV, 8>
32		{
33	0	static std::string StaticAlgorithmName() {return "Salsa20";}
34		};
35
36		/// \brief Salsa20 stream cipher operation
37		/// \since Crypto++ 5.4
38		class CRYPTOPP_NO_VTABLE Salsa20_Policy : public AdditiveCipherConcretePolicy<word32, 16>
39		{
40		protected:
41	0	Salsa20_Policy() : m_rounds(ROUNDS) {}
42		void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
43		void OperateKeystream(KeystreamOperation operation, byte output, const byte input, size_t iterationCount);
44		void CipherResynchronize(byte keystreamBuffer, const byte IV, size_t length);
45	0	bool CipherIsRandomAccess() const {return true;}
46		void SeekToIteration(lword iterationCount);
47
48		#if (CRYPTOPP_BOOL_X86 \|\| CRYPTOPP_BOOL_X32 \|\| CRYPTOPP_BOOL_X64)
49		unsigned int GetAlignment() const;
50		unsigned int GetOptimalBlockSize() const;
51		#endif
52
53		std::string AlgorithmProvider() const;
54
55		CRYPTOPP_CONSTANT(ROUNDS = 20); // Default rounds
56		FixedSizeAlignedSecBlock<word32, 16> m_state;
57		int m_rounds;
58		};
59
60		/// \brief Salsa20 stream cipher
61		/// \details Salsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
62		/// \sa <A HREF="https://cr.yp.to/snuffle/salsafamily-20071225.pdf">The Salsa20
63		/// family of stream ciphers (20071225)</A>,
64		/// <A HREF="https://cr.yp.to/snuffle.html">Snuffle 2005: the Salsa20 encryption
65		/// function</A> and <A HREF="https://www.cryptopp.com/wiki/Salsa20">Salsa20</A>
66		/// \since Crypto++ 5.4
67		struct Salsa20 : public Salsa20_Info, public SymmetricCipherDocumentation
68		{
69		typedef SymmetricCipherFinal<ConcretePolicyHolder<Salsa20_Policy, AdditiveCipherTemplate<> >, Salsa20_Info> Encryption;
70		typedef Encryption Decryption;
71		};
72
73		/// \brief XSalsa20 stream cipher information
74		/// \since Crypto++ 5.4
75		struct XSalsa20_Info : public FixedKeyLength<32, SimpleKeyingInterface::UNIQUE_IV, 24>
76		{
77	0	static std::string StaticAlgorithmName() {return "XSalsa20";}
78		};
79
80		/// \brief XSalsa20 stream cipher operation
81		/// \since Crypto++ 5.4
82		class CRYPTOPP_NO_VTABLE XSalsa20_Policy : public Salsa20_Policy
83		{
84		public:
85		void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
86		void CipherResynchronize(byte keystreamBuffer, const byte IV, size_t length);
87
88		protected:
89		FixedSizeSecBlock<word32, 8> m_key;
90		};
91
92		/// \brief XSalsa20 stream cipher
93		/// \details XSalsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
94		/// \sa <a href="http://www.cryptolounge.org/wiki/XSalsa20">XSalsa20</a>
95		/// \since Crypto++ 5.4
96		struct XSalsa20 : public XSalsa20_Info, public SymmetricCipherDocumentation
97		{
98		typedef SymmetricCipherFinal<ConcretePolicyHolder<XSalsa20_Policy, AdditiveCipherTemplate<> >, XSalsa20_Info> Encryption;
99		typedef Encryption Decryption;
100		};
101
102		NAMESPACE_END
103
104		#endif