Crypto++  8.5
Free C++ class library of cryptographic schemes
salsa.h
Go to the documentation of this file.
1 // salsa.h - originally written and placed in the public domain by Wei Dai
2 
3 /// \file salsa.h
4 /// \brief Classes for Salsa and Salsa20 stream ciphers
5 
6 #ifndef CRYPTOPP_SALSA_H
7 #define CRYPTOPP_SALSA_H
8 
9 #include "strciphr.h"
10 #include "secblock.h"
11 
12 // Clang 3.3 integrated assembler crash on Linux. Clang 3.4 due to compiler
13 // error with .intel_syntax, http://llvm.org/bugs/show_bug.cgi?id=24232
14 #if CRYPTOPP_BOOL_X32 || defined(CRYPTOPP_DISABLE_MIXED_ASM)
15 # define CRYPTOPP_DISABLE_SALSA_ASM 1
16 #endif
17 
18 NAMESPACE_BEGIN(CryptoPP)
19 
20 /// \brief Salsa20 core transform
21 /// \param data the data to transform
22 /// \param rounds the number of rounds
23 /// \details Several algorithms, like CryptoBox and Scrypt, require access to
24 /// the core Salsa20 transform. The current Crypto++ implementation does not
25 /// lend itself to disgorging the Salsa20 cipher from the Salsa20 core transform.
26 /// Instead Salsa20_Core is provided with customary accelerations.
27 void Salsa20_Core(word32* data, unsigned int rounds);
28 
29 /// \brief Salsa20 stream cipher information
30 /// \since Crypto++ 5.4
31 struct Salsa20_Info : public VariableKeyLength<32, 16, 32, 16, SimpleKeyingInterface::UNIQUE_IV, 8>
32 {
33  static std::string StaticAlgorithmName() {return "Salsa20";}
34 };
35 
36 /// \brief Salsa20 stream cipher operation
37 /// \since Crypto++ 5.4
38 class CRYPTOPP_NO_VTABLE Salsa20_Policy : public AdditiveCipherConcretePolicy<word32, 16>
39 {
40 protected:
41  Salsa20_Policy() : m_rounds(ROUNDS) {}
42  void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
43  void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount);
44  void CipherResynchronize(byte *keystreamBuffer, const byte *IV, size_t length);
45  bool CipherIsRandomAccess() const {return true;}
46  void SeekToIteration(lword iterationCount);
47 
48 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
49  unsigned int GetAlignment() const;
50  unsigned int GetOptimalBlockSize() const;
51 #endif
52 
53  std::string AlgorithmProvider() const;
54 
55  CRYPTOPP_CONSTANT(ROUNDS = 20); // Default rounds
57  int m_rounds;
58 };
59 
60 /// \brief Salsa20 stream cipher
61 /// \details Salsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
62 /// \sa <A HREF="https://cr.yp.to/snuffle/salsafamily-20071225.pdf">The Salsa20
63 /// family of stream ciphers (20071225)</A>,
64 /// <A HREF="https://cr.yp.to/snuffle.html">Snuffle 2005: the Salsa20 encryption
65 /// function</A> and <A HREF="https://www.cryptopp.com/wiki/Salsa20">Salsa20</A>
66 /// \since Crypto++ 5.4
68 {
70  typedef Encryption Decryption;
71 };
72 
73 /// \brief XSalsa20 stream cipher information
74 /// \since Crypto++ 5.4
75 struct XSalsa20_Info : public FixedKeyLength<32, SimpleKeyingInterface::UNIQUE_IV, 24>
76 {
77  static std::string StaticAlgorithmName() {return "XSalsa20";}
78 };
79 
80 /// \brief XSalsa20 stream cipher operation
81 /// \since Crypto++ 5.4
82 class CRYPTOPP_NO_VTABLE XSalsa20_Policy : public Salsa20_Policy
83 {
84 public:
85  void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
86  void CipherResynchronize(byte *keystreamBuffer, const byte *IV, size_t length);
87 
88 protected:
90 };
91 
92 /// \brief XSalsa20 stream cipher
93 /// \details XSalsa20 provides a variable number of rounds: 8, 12 or 20. The default number of rounds is 20.
94 /// \sa <a href="http://www.cryptolounge.org/wiki/XSalsa20">XSalsa20</a>
95 /// \since Crypto++ 5.4
97 {
99  typedef Encryption Decryption;
100 };
101 
102 NAMESPACE_END
103 
104 #endif
AdditiveCipherAbstractPolicy::CipherIsRandomAccess
virtual bool CipherIsRandomAccess() const =0
Flag indicating random access.
FixedSizeAlignedSecBlock< word32, 16 >
AdditiveCipherAbstractPolicy::CipherResynchronize
virtual void CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
Resynchronize the cipher.
Definition: strciphr.h:163
SymmetricCipherDocumentation
Provides Encryption and Decryption typedefs used by derived classes to implement a symmetric cipher.
Definition: seckey.h:413
SymmetricCipherFinal
SymmetricCipher implementation.
Definition: strciphr.h:674
AdditiveCipherConcretePolicy
Base class for additive stream ciphers.
Definition: strciphr.h:201
AdditiveCipherAbstractPolicy::CipherSetKey
virtual void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length)=0
Key the cipher.
secblock.h
Classes and functions for secure memory allocations.
word32
unsigned int word32
32-bit unsigned datatype
Definition: config_int.h:62
Salsa20_Info
Salsa20 stream cipher information.
Definition: salsa.h:31
FixedKeyLength
Inherited by keyed algorithms with fixed key length.
Definition: seckey.h:124
KeystreamOperation
KeystreamOperation
Keystream operation flags.
Definition: strciphr.h:88
XSalsa20_Policy
XSalsa20 stream cipher operation.
Definition: salsa.h:82
FixedSizeSecBlock< word32, 8 >
Salsa20_Policy
Salsa20 stream cipher operation.
Definition: salsa.h:38
lword
word64 lword
Large word type.
Definition: config_int.h:158
XSalsa20_Info
XSalsa20 stream cipher information.
Definition: salsa.h:75
CryptoPP
Crypto++ library namespace.
AdditiveCipherAbstractPolicy::SeekToIteration
virtual void SeekToIteration(lword iterationCount)
Seeks to a random position in the stream.
Definition: strciphr.h:174
AdditiveCipherConcretePolicy::GetAlignment
unsigned int GetAlignment() const
Provides data alignment requirements.
Definition: strciphr.h:220
XSalsa20
XSalsa20 stream cipher.
Definition: salsa.h:96
AdditiveCipherConcretePolicy::OperateKeystream
virtual void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)=0
Operates the keystream.
AdditiveCipherAbstractPolicy::GetOptimalBlockSize
virtual unsigned int GetOptimalBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:123
NameValuePairs
Interface for retrieving values given their names.
Definition: cryptlib.h:321
Salsa20_Core
void Salsa20_Core(word32 *data, unsigned int rounds)
Salsa20 core transform.
Definition: salsa.cpp:51
AdditiveCipherAbstractPolicy::AlgorithmProvider
virtual std::string AlgorithmProvider() const
Retrieve the provider of this algorithm.
Definition: strciphr.h:192
strciphr.h
Classes for implementing stream ciphers.
Salsa20
Salsa20 stream cipher.
Definition: salsa.h:67
VariableKeyLength
Inherited by keyed algorithms with variable key length.
Definition: seckey.h:165