Provided by: libtwofish-dev_0.3-5_amd64 bug

NAME

       libtwofish - Cryptographic library using the twofish algorithm.

DESCRIPTION

       libtwofish is a small library to encrypt and decrypt data using the Twofish cryptographic
       algorithm.

FUNCTIONS

       void Twofish_initialise(void);

       Initialise the Twofish crypto engine.

       This function must be called before any other function in the Twofish implementation is
       called upon. The call needs only be made once in each application program.

       Apart from initialising the engine, the call also performs a self test.

       void Twofish_prepare_key(Twofish_Byte key[], int key_len, Twofish_key *xkey);

       Convert a cipher key to the internal form used for encryption and decryption.

       The cipher key is an array of bytes. The type Twofish_Byte is internally defined to a type
       suitable for your platform.

       Any key must be converted to the internal representation xkey as a Twofish_key structure
       before it can be used. The encryption and decryption functions only work with the internal
       form. The conversion to internal form need only be done once for each key value.

       Be sure to wipe all key storage, including the Twofish_key structure, once you are done
       with the key data. A simple call

           memset(xkey, 0, sizeof(Twofish_key));

       will do just fine.

       Unlike most implementations, the present one allows any key size from zero bytes to 32
       bytes. According to the Twofish specifications, irregular key sizes are handled by padding
       the key with zeroes at the end until the key size is 16, 24, or 32 bytes, whichever comes
       first. Note that each key of irregular size is equivalent to exactly one key of 16, 24, or
       32 bytes.

       The key length argument key_len must be in the proper range. If key_len is not in the
       range 0,...,32, this routine attempts to generate a fatal error (depending on the code
       environment), and at best (or worst) returns without having done anything.

       void Twofish_encrypt(Twofish_key *xkey, Twofish_Byte plain[16], Twofish_Byte crypto[16]);

       Encrypt a single block of data.

       This function encrypts a single block of 16 bytes of data. If you want to encrypt a larger
       or variable-length message, you will have to use a cipher mode, such as CBC or CTR. These
       are outside the scope of this implementation.

       The xkey structure is not modified by this routine, and can be used for further encryption
       and decryption operations.

       void Twofish_decrypt(Twofish_key *xkey, Twofish_Byte crypto[16], Twofish_Byte plain[16]);

       Decrypt a single block of data.

       This function decrypts a single block of 16 bytes of data. If you want to decrypt a larger
       or variable-length message, you will have to use a cipher mode, such as CBC or CTR. These
       are outside the scope of this implementation.

       The xkey structure is not modified by this routine, and can be used for further encryption
       and decryption operations.

EXAMPLE

           /*
           * catwo.c
           *
           * A simple-minded encryptor and decryptor application.
           *
           * Usage:  catwo {[-e] | -d} key-string  < infile  > outfile
           *
           * The switch "-d" calls for decryption, whereas the optional
           * switch "-e" entails encryption.
           *
           * The argument "key-string" is required to contain at least
           * two characters, and will be truncated at 32 characters.
           * The program reads from STDIN and writes to STDOUT.
           *
           * Of technical reasons, the encrypted output will be increased
           * to a size of the nearest multiple of 16. Likewise, any decrypted
           * output will be padded with NUL until the same size condition holds.
           */

           #include <stdio.h>
           #include <string.h>
           #include <stdlib.h>
           #include <unistd.h>

           #include <twofish.h>

           #define MIN_KEYLEN 2

           int main(int argc, char * argv[]) {
                size_t keylen;
                int shift = 1, encrypt = 1;
                Twofish_Byte key[32];
                Twofish_key xkey;
                Twofish_Byte inblock[16], outblock[16];

                memset(key, 0, sizeof(key));

                if (argc < 2)
                     return 1; /* No key is possible.  */

                if (strcmp(argv[1], "-d") == 0)
                     encrypt = 0;
                else if (strcmp(argv[1], "-e") != 0)
                     shift = 0;

                if (argc - shift < 2)
                     return 1; /* No key is possible.  */

                keylen = strlen(argv[1 + shift]);

                if (keylen < MIN_KEYLEN) {
                     fprintf(stderr, "Key material too short.\n");
                     return 1;
                }

                if (keylen > sizeof(key))
                     keylen = sizeof(key);

                Twofish_initialise();

                strncpy((char *) key, argv[1 + shift], sizeof(key));

                memset(inblock, 0, sizeof(inblock));

                Twofish_prepare_key(key, keylen, &xkey);

                while (read(STDIN_FILENO, inblock, sizeof(inblock)) > 0) {
                     if (encrypt)
                          Twofish_encrypt(&xkey, inblock, outblock);
                     else
                          Twofish_decrypt(&xkey, inblock, outblock);

                     write(STDOUT_FILENO, outblock, sizeof(outblock));

                     memset(inblock, 0, sizeof(inblock));
                }

                return 0;
           }

AUTHOR

       This text was written by Mats Erik Andersson for the Debian GNU/Linux system, but may be
       used by others. It is mainly collected from the source header file twofish.h. Permission
       is granted to copy, distribute and/or modify this document under the same terms as
       libtwofish itself.

COPYRIGHT

       Copyright © 2010 Mats Erik Andersson