line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
=head1 NAME |
2
|
|
|
|
|
|
|
|
3
|
|
|
|
|
|
|
Crypt::Twofish2 - Crypt::CBC compliant Twofish encryption module |
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
=head1 SYNOPSIS |
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
use Crypt::Twofish2; |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
# keysize() is 32, but 24 and 16 are also possible |
10
|
|
|
|
|
|
|
# blocksize() is 16 |
11
|
|
|
|
|
|
|
|
12
|
|
|
|
|
|
|
$cipher = new Crypt::Twofish2 "a" x 32, Crypt::Twofish2::MODE_CBC; |
13
|
|
|
|
|
|
|
|
14
|
|
|
|
|
|
|
$crypted = $cipher->encrypt($plaintext); |
15
|
|
|
|
|
|
|
# - OR - |
16
|
|
|
|
|
|
|
$plaintext = $cipher->decrypt($crypted); |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
=head1 DESCRIPTION |
19
|
|
|
|
|
|
|
|
20
|
|
|
|
|
|
|
This module implements the twofish cipher in a less braindamaged (read: |
21
|
|
|
|
|
|
|
slow and ugly) way than the existing C module. |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
Although it is C compliant you usually gain nothing by using |
24
|
|
|
|
|
|
|
that module (except generality, which is often a good thing), since |
25
|
|
|
|
|
|
|
C can work in either ECB or CBC mode itself. |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
=over 4 |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
=cut |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
package Crypt::Twofish2; |
32
|
|
|
|
|
|
|
|
33
|
1
|
|
|
1
|
|
559
|
use XSLoader; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
63
|
|
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
$VERSION = '1.03'; |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
XSLoader::load __PACKAGE__, $VERSION; |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
=item keysize |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
Returns the keysize, which is 32 (bytes). The Twofish2 cipher actually |
42
|
|
|
|
|
|
|
supports keylengths of 16, 24 or 32 bytes, but there is no way to |
43
|
|
|
|
|
|
|
communicate this to C. |
44
|
|
|
|
|
|
|
|
45
|
|
|
|
|
|
|
=item blocksize |
46
|
|
|
|
|
|
|
|
47
|
|
|
|
|
|
|
The blocksize for Twofish2 is 16 bytes (128 bits), which is somewhat |
48
|
|
|
|
|
|
|
unique. It is also the reason I need this module myself ;) |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
=item $cipher = new $key [, $mode] |
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
Create a new C cipher object with the given key (which |
53
|
|
|
|
|
|
|
must be 128, 192 or 256 bits long). The additional C<$mode> argument is |
54
|
|
|
|
|
|
|
the encryption mode, either C (electronic cookbook mode, the |
55
|
|
|
|
|
|
|
default), C (cipher block chaining, the same that C |
56
|
|
|
|
|
|
|
does) or C (1-bit cipher feedback mode). |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
ECB mode is very insecure (read a book on cryptography if you don't know |
59
|
|
|
|
|
|
|
why!), so you should probably use CBC mode. CFB1 mode is not tested and is |
60
|
|
|
|
|
|
|
most probably broken, so do not try to use it. |
61
|
|
|
|
|
|
|
|
62
|
|
|
|
|
|
|
In ECB mode you can use the same cipher object to encrypt and decrypt |
63
|
|
|
|
|
|
|
data. However, every change of "direction" causes an internal reordering |
64
|
|
|
|
|
|
|
of key data, which is quite slow, so if you want ECB mode and |
65
|
|
|
|
|
|
|
encryption/decryption at the same time you should create two seperate |
66
|
|
|
|
|
|
|
C objects with the same key. |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
In CBC mode you have to use seperate objects for encryption/decryption in |
69
|
|
|
|
|
|
|
any case. |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
The C-constants are not exported by this module, so you must |
72
|
|
|
|
|
|
|
specify them as C etc. (sorry for that). |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
=item $cipher->encrypt($data) |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
Encrypt data. The size of C<$data> must be a multiple of C (16 |
77
|
|
|
|
|
|
|
bytes), otherwise this function will croak. Apart from that, it can be of |
78
|
|
|
|
|
|
|
(almost) any length. |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
=item $cipher->decrypt($data) |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
The pendant to C in that it Icrypts data again. |
83
|
|
|
|
|
|
|
|
84
|
|
|
|
|
|
|
=back |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
=head1 SEE ALSO |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
L, L. |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
=head1 BUGS |
91
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
Should EXPORT or EXPORT_OK the MODE constants. |
93
|
|
|
|
|
|
|
|
94
|
|
|
|
|
|
|
There should be a way to access initial IV contents :( |
95
|
|
|
|
|
|
|
|
96
|
|
|
|
|
|
|
Although I tried to make the original twofish code portable, I can't say |
97
|
|
|
|
|
|
|
how much I did succeed. The code tries to be portable itself, and I hope |
98
|
|
|
|
|
|
|
I got the endianness issues right. The code is also copyright Counterpane |
99
|
|
|
|
|
|
|
Systems, no license accompanied it, so using it might actually be illegal |
100
|
|
|
|
|
|
|
;) |
101
|
|
|
|
|
|
|
|
102
|
|
|
|
|
|
|
I also cannot guarantee for security, but the module is used quite a bit, |
103
|
|
|
|
|
|
|
so there are no obvious bugs left. |
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
=head1 AUTHOR |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
Marc Lehmann |
108
|
|
|
|
|
|
|
http://home.schmorp.de/ |
109
|
|
|
|
|
|
|
|
110
|
|
|
|
|
|
|
The actual twofish encryption is written in horribly microsoft'ish looking |
111
|
|
|
|
|
|
|
almost ansi-c by Doug Whiting. |
112
|
|
|
|
|
|
|
|
113
|
|
|
|
|
|
|
=cut |
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
1; |
116
|
|
|
|
|
|
|
|