diff options
author | Jack Lloyd <[email protected]> | 2018-02-28 13:51:54 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-02-28 15:03:50 -0500 |
commit | d7ee63924da94fe7e46af7012cde971ef7588732 (patch) | |
tree | 4ac666072b75f9f46474e491142e4128c422a50b /src/lib/misc/fpe_fe1/fpe_fe1.h | |
parent | 3870a2a59a9940635a133fbe60ab05c9815a4d1c (diff) |
Optimize FE1 format preserving encryption
Expose the state as the FPE_FE1 class which allows most values
to be precomputed. Approx 6-8 times faster.
Diffstat (limited to 'src/lib/misc/fpe_fe1/fpe_fe1.h')
-rw-r--r-- | src/lib/misc/fpe_fe1/fpe_fe1.h | 52 |
1 files changed, 46 insertions, 6 deletions
diff --git a/src/lib/misc/fpe_fe1/fpe_fe1.h b/src/lib/misc/fpe_fe1/fpe_fe1.h index 7f92f0601..a38231aa6 100644 --- a/src/lib/misc/fpe_fe1/fpe_fe1.h +++ b/src/lib/misc/fpe_fe1/fpe_fe1.h @@ -1,6 +1,6 @@ /* * Format Preserving Encryption (FE1 scheme) -* (C) 2009 Jack Lloyd +* (C) 2009,2018 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -8,11 +8,51 @@ #ifndef BOTAN_FPE_FE1_H_ #define BOTAN_FPE_FE1_H_ +#include <botan/sym_algo.h> #include <botan/bigint.h> -#include <botan/symkey.h> +#include <botan/reducer.h> namespace Botan { +class MessageAuthenticationCode; + +class BOTAN_PUBLIC_API(2,5) FPE_FE1 final : public SymmetricAlgorithm + { + public: + FPE_FE1(const BigInt& n, + size_t rounds = 3, + const std::string& mac_algo = "HMAC(SHA-256)"); + + Key_Length_Specification key_spec() const override; + + std::string name() const; + + void clear(); + + BigInt encrypt(const BigInt& x, const uint8_t tweak[], size_t tweak_len) const; + + BigInt decrypt(const BigInt& x, const uint8_t tweak[], size_t tweak_len) const; + + BigInt encrypt(const BigInt& x, uint64_t tweak) const; + + BigInt decrypt(const BigInt& x, uint64_t tweak) const; + private: + void key_schedule(const uint8_t key[], size_t length) override; + + BigInt F(const BigInt& R, size_t round, + const secure_vector<uint8_t>& tweak, + secure_vector<uint8_t>& tmp) const; + + secure_vector<uint8_t> compute_tweak_mac(const uint8_t tweak[], size_t tweak_len) const; + + std::unique_ptr<MessageAuthenticationCode> m_mac; + std::vector<uint8_t> m_n_bytes; + BigInt m_a; + BigInt m_b; + Modular_Reducer mod_a; + size_t m_rounds; + }; + namespace FPE { /** @@ -27,8 +67,8 @@ namespace FPE { * @param tweak will modify the ciphertext (think of as an IV) */ BigInt BOTAN_PUBLIC_API(2,0) fe1_encrypt(const BigInt& n, const BigInt& X, - const SymmetricKey& key, - const std::vector<uint8_t>& tweak); + const SymmetricKey& key, + const std::vector<uint8_t>& tweak); /** * Decrypt X from and onto the group Z_n using key and tweak @@ -38,8 +78,8 @@ BigInt BOTAN_PUBLIC_API(2,0) fe1_encrypt(const BigInt& n, const BigInt& X, * @param tweak the same tweak used for encryption */ BigInt BOTAN_PUBLIC_API(2,0) fe1_decrypt(const BigInt& n, const BigInt& X, - const SymmetricKey& key, - const std::vector<uint8_t>& tweak); + const SymmetricKey& key, + const std::vector<uint8_t>& tweak); } |