EES Class Reference

#include <ees.h>

Inheritance diagram for EES:

Inheritance graph
Collaboration diagram for EES:

Collaboration graph

Detailed Description

Implementation of the NIST EES ("Skipjack"), FIPS 185.

EES is an 8-byte block cipher with a key size of 80 bits.

Buffers may be encrypted or decrypted "in place," i.e., in == out is allowed in crypt().

Usage flow:
  EES()         // instantiate a new EES object
  init()        // specify the direction, key, mode and IV (if required)
  setcounter()  // only required in CTR mode
  crypt()       // perform the encrypt or decrypt operation

Recommendations for strict FIPS 140-1 compliance:
  All supported modes of EES are FIPS compliant.

Sample code illustrating the use of this class appears in the Cookbook section Using the Symmetric Ciphers.

References

EES is specified in FIPS 185 and SKIPJACK and KEA Algorithm Specifications. Modes of operation are covered in SP800-38A.


Public Types

 ENCRYPT
 crypt() call performs encryption
 DECRYPT
 crypt() call performs decryption
 ECB = 1
 Electronic Code Book mode.
 CBC = 2
 Cipher Block Chaining mode.
 CFB8
 8-bit Cipher Feedback mode
 CFB32
 32-bit Cipher Feedback mode
 CFB64
 64-bit Cipher Feedback mode
 OFB
 Output Feedback mode.
 CTR
 Counter mode (NIST SP800-38A).
enum  dirs {
  ENCRYPT,
  DECRYPT
}
 Direction flags. More...
enum  modes {
  ECB = 1,
  CBC = 2 ,
  CFB8,
  CFB32,
  CFB64,
  OFB,
  CTR
}
 Modes of operation. More...

Public Member Functions

 ~EES ()
 Destructor. Calls clear().
int init (enum dirs dir, int keybytes, const char *key, enum modes md=ECB, const char *IV=0)
 Initialize algorithm object.
int setcounter (int bytes, const char *counter)
 Set counter for CTR mode.
int crypt (int bytes, const char *inbuf, char *outbuf)
 Encrypt or decrypt a specified buffer.
void clear (void)
 Clear the EES object.


Member Enumeration Documentation

enum dirs

Direction flags.

Enumerator:
ENCRYPT  crypt() call performs encryption
DECRYPT  crypt() call performs decryption

enum modes

Modes of operation.

Enumerator:
ECB  Electronic Code Book mode.
CBC  Cipher Block Chaining mode.
CFB8  8-bit Cipher Feedback mode
CFB32  32-bit Cipher Feedback mode
CFB64  64-bit Cipher Feedback mode
OFB  Output Feedback mode.
CTR  Counter mode (NIST SP800-38A).


Constructor & Destructor Documentation

~EES (  )  [inline]

Destructor. Calls clear().

Remarks:
Modifies: key, iv, str are zeroized.


Member Function Documentation

void clear ( void   ) 

Clear the EES object.

Remarks:
Modifies: rk, iv, ctr are zeroized; algorithm state set to UNINIT.

int crypt ( int  bytes,
const char *  inbuf,
char *  outbuf 
)

Encrypt or decrypt a specified buffer.

Parameters:
bytes length of input and output buffers; must be a multiple of 8 for ECB, CBC, OFB, CFB64, and CTR modes; a multiple of 4 for CFB32; arbitrary for CFB8.
inbuf pointer to input buffer to be encrypted or decrypted
outbuf pointer to output buffer; output and input buffers may coincide.
Returns:
0 (success)
CDK_ERROR_STATE
CDK_INVALID_PTR
CDK_INVALID_DATA_LENGTH
CDK_MODE_UNSUPPORTED
CDK_INVALID_MODE
Remarks:
Modifies: iv; to guard against reuse, ctr is auto-incremented.

int init ( enum dirs  dir,
int  keybytes,
const char *  key,
enum modes  md = ECB,
const char *  IV = 0 
)

Initialize algorithm object.

Parameters:
dir a direction indicator: ENCRYPT or DECRYPT
keybytes the length of key in bytes (must be 10)
key a pointer to a buffer containing the key
md a mode indicator: ECB, CBC, CFB8, CFB32, CFB64, or OFB
IV an 8-byte initialization vector (if required). If dir = ENCRYPT and md = CBC or CFB, the IV should be "unpredictable". If dir = ENCRYPT and md = OFB, the IV should be unique for each session. See NIST Spec. Pub. 800-38a.
Returns:
0 (success)
CDK_ERROR_STATE
CDK_OP_UNSUPPORTED
CDK_INVALID_MODE
CDK_INVALID_KEY_SIZE
CDK_MODE_UNSUPPORTED
CDK_INVALID_BLOCK_SIZE
CDK_INVALID_ROUNDS
CDK_INVALID_KEY_PTR
Remarks:
Modifies: dir, mode, key, iv, ctr (i.e., the EES object is completely initialized).

int setcounter ( int  bytes,
const char *  counter 
)

Set counter for CTR mode.

Parameters:
bytes length of counter in bytes (must be 8).
counter pointer to buffer containing 8-byte counter value.
Returns:
0 (success)
CDK_INVALID_DATA_LENGTH
CDK_INVALID_PTR
Remarks:
Modifies: ctr.


The documentation for this class was generated from the following file:
ISC Cryptographic Development Kit - User's Guide
ISC website
Questions? E-mail ISC technical support
Copyright© 2002-2006 Information Security Corp. All rights reserved.