Provided by: libtwofish-dev_0.3-4_amd64 
NAME
libtwofish - Cryptographic library using the twofish algorithm.
DESCRIPTION
libtwofish is a small library to encrypt and decrypt data using the Twofish cryptographic
algorithm.
FUNCTIONS
void Twofish_initialise(void);
Initialise the Twofish crypto engine.
This function must be called before any other function in the Twofish implementation is
called upon. The call needs only be made once in each application program.
Apart from initialising the engine, the call also performs a self test.
void Twofish_prepare_key(Twofish_Byte key[], int key_len, Twofish_key *xkey);
Convert a cipher key to the internal form used for encryption and decryption.
The cipher key is an array of bytes. The type Twofish_Byte is internally defined to a type
suitable for your platform.
Any key must be converted to the internal representation xkey as a Twofish_key structure
before it can be used. The encryption and decryption functions only work with the internal
form. The conversion to internal form need only be done once for each key value.
Be sure to wipe all key storage, including the Twofish_key structure, once you are done
with the key data. A simple call
memset(xkey, 0, sizeof(Twofish_key));
will do just fine.
Unlike most implementations, the present one allows any key size from zero bytes to 32
bytes. According to the Twofish specifications, irregular key sizes are handled by padding
the key with zeroes at the end until the key size is 16, 24, or 32 bytes, whichever comes
first. Note that each key of irregular size is equivalent to exactly one key of 16, 24, or
32 bytes.
The key length argument key_len must be in the proper range. If key_len is not in the
range 0,...,32, this routine attempts to generate a fatal error (depending on the code
environment), and at best (or worst) returns without having done anything.
void Twofish_encrypt(Twofish_key *xkey, Twofish_Byte plain[16], Twofish_Byte crypto[16]);
Encrypt a single block of data.
This function encrypts a single block of 16 bytes of data. If you want to encrypt a larger
or variable-length message, you will have to use a cipher mode, such as CBC or CTR. These
are outside the scope of this implementation.
The xkey structure is not modified by this routine, and can be used for further encryption
and decryption operations.
void Twofish_decrypt(Twofish_key *xkey, Twofish_Byte crypto[16], Twofish_Byte plain[16]);
Decrypt a single block of data.
This function decrypts a single block of 16 bytes of data. If you want to decrypt a larger
or variable-length message, you will have to use a cipher mode, such as CBC or CTR. These
are outside the scope of this implementation.
The xkey structure is not modified by this routine, and can be used for further encryption
and decryption operations.
EXAMPLE
/*
* catwo.c
*
* A simple-minded encryptor and decryptor application.
*
* Usage: catwo {[-e] | -d} key-string < infile > outfile
*
* The switch "-d" calls for decryption, whereas the optional
* switch "-e" entails encryption.
*
* The argument "key-string" is required to contain at least
* two characters, and will be truncated at 32 characters.
* The program reads from STDIN and writes to STDOUT.
*
* Of technical reasons, the encrypted output will be increased
* to a size of the nearest multiple of 16. Likewise, any decrypted
* output will be padded with NUL until the same size condition holds.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <twofish.h>
#define MIN_KEYLEN 2
int main(int argc, char * argv[]) {
size_t keylen;
int shift = 1, encrypt = 1;
Twofish_Byte key[32];
Twofish_key xkey;
Twofish_Byte inblock[16], outblock[16];
memset(key, 0, sizeof(key));
if (argc < 2)
return 1; /* No key is possible. */
if (strcmp(argv[1], "-d") == 0)
encrypt = 0;
else if (strcmp(argv[1], "-e") != 0)
shift = 0;
if (argc - shift < 2)
return 1; /* No key is possible. */
keylen = strlen(argv[1 + shift]);
if (keylen < MIN_KEYLEN) {
fprintf(stderr, "Key material too short.\n");
return 1;
}
if (keylen > sizeof(key))
keylen = sizeof(key);
Twofish_initialise();
strncpy((char *) key, argv[1 + shift], sizeof(key));
memset(inblock, 0, sizeof(inblock));
Twofish_prepare_key(key, keylen, &xkey);
while (read(STDIN_FILENO, inblock, sizeof(inblock)) > 0) {
if (encrypt)
Twofish_encrypt(&xkey, inblock, outblock);
else
Twofish_decrypt(&xkey, inblock, outblock);
write(STDOUT_FILENO, outblock, sizeof(outblock));
memset(inblock, 0, sizeof(inblock));
}
return 0;
}
AUTHOR
This text was written by Mats Erik Andersson for the Debian GNU/Linux system, but may be
used by others. It is mainly collected from the source header file twofish.h. Permission
is granted to copy, distribute and/or modify this document under the same terms as
libtwofish itself.
COPYRIGHT
Copyright © 2010 Mats Erik Andersson