projects / u / mdw / catacomb / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add an internal-representation no-op function.
[u/mdw/catacomb] / rc4.c
1 /* -*-c-*-
2 *
3 * $Id: rc4.c,v 1.5 2001/04/03 19:36:36 mdw Exp $
4 *
5 * The alleged RC4 stream cipher
6 *
7 * (c) 1999 Straylight/Edgeware
8 */
9
10 /*----- Licensing notice --------------------------------------------------*
11 *
12 * This file is part of Catacomb.
13 *
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
18 *
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
23 *
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
27 * MA 02111-1307, USA.
28 */
29
30 /*----- Revision history --------------------------------------------------*
31 *
32 * $Log: rc4.c,v $
33 * Revision 1.5 2001/04/03 19:36:36 mdw
34 * Don't use @va_arg@ as an argument to @STORE32@!
35 *
36 * Revision 1.4 2000/06/17 11:55:22 mdw
37 * New key size interface. Allow key material to be combined with an
38 * existing initialized context. Use secure arena for memory allocation.
39 *
40 * Revision 1.3 1999/12/13 15:34:01 mdw
41 * Add support for seeding from a generic pseudorandom source.
42 *
43 * Revision 1.2 1999/12/10 23:27:35 mdw
44 * Generic cipher and RNG interfaces.
45 *
46 * Revision 1.1 1999/09/03 08:41:12 mdw
47 * Initial import.
48 *
49 */
50
51 /*----- Header files ------------------------------------------------------*/
52
53 #include <assert.h>
54 #include <stdarg.h>
55 #include <stdio.h>
56
57 #include <mLib/bits.h>
58 #include <mLib/sub.h>
59
60 #include "arena.h"
61 #include "gcipher.h"
62 #include "grand.h"
63 #include "paranoia.h"
64 #include "rc4.h"
65
66 /*----- Global variables --------------------------------------------------*/
67
68 const octet rc4_keysz[] = { KSZ_RANGE, RC4_KEYSZ, 1, 255, 1 };
69
70 /*----- Main code ---------------------------------------------------------*/
71
72 /* --- @rc4_addkey@ --- *
73 *
74 * Arguments: @rc4_ctx *ctx@ = pointer to context to key
75 * @const void *k@ = pointer to key data to use
76 * @size_t sz@ = size of the key data
77 *
78 * Returns: ---
79 *
80 * Use: Mixes key data with an RC4 context. The RC4 context is not
81 * reset before mixing. This may be used to mix new key
82 * material with an existing RC4 context.
83 */
84
85 void rc4_addkey(rc4_ctx *ctx, const void *k, size_t sz)
86 {
87 unsigned i, j;
88 const octet *p = k, *q = p + sz;
89
90 KSZ_ASSERT(rc4, sz);
91
92 for (i = j = 0; i < 256; i++) {
93 unsigned si = ctx->s[i];
94 j = (j + si + *p++) & 0xff;
95 ctx->s[i] = ctx->s[j];
96 ctx->s[j] = si;
97 if (p == q)
98 p = k;
99 }
100
101 ctx->i = ctx->j = 0;
102 }
103
104 /* --- @rc4_init@ --- *
105 *
106 * Arguments: @rc4_ctx *ctx@ = pointer to context to initialize
107 * @const void *k@ = pointer to key data to use
108 * @size_t sz@ = size of the key data
109 *
110 * Returns: ---
111 *
112 * Use: Initializes an RC4 context ready for use.
113 */
114
115 void rc4_init(rc4_ctx *ctx, const void *k, size_t sz)
116 {
117 unsigned i;
118
119 for (i = 0; i < 256; i++)
120 ctx->s[i] = i;
121 ctx->f = 0;
122 rc4_addkey(ctx, k, sz);
123 }
124
125 /* --- @rc4_encrypt@ --- *
126 *
127 * Arguments: @rc4_ctx *ctx@ = pointer to context to use
128 * @const void *src@ = pointer to the source block
129 * @void *dest@ = pointer to the destination block
130 * @size_t sz@ = size of the block
131 *
132 * Returns: ---
133 *
134 * Use: Encrypts or decrypts a block of data. The destination may
135 * be null to just grind the generator around for a while. It's
136 * recommended that you say `@rc4_encrypt(&ctx, 0, 0, 1024)@'
137 * after initializing a new context, to prevent keystream
138 * guessing attacks. The source may be null to just extract a
139 * big lump of data from the generator.
140 */
141
142 void rc4_encrypt(rc4_ctx *ctx, const void *src, void *dest, size_t sz)
143 {
144 const octet *s = src;
145 octet *d = dest;
146
147 if (!d)
148 RC4_OPEN(ctx, while (sz) { unsigned x; RC4_BYTE(x); sz--; });
149 else if (!s)
150 RC4_OPEN(ctx, while (sz) { RC4_BYTE(*d++); sz--; });
151 else
152 RC4_OPEN(ctx,
153 while (sz) { unsigned x; RC4_BYTE(x); *d++ = *s++ ^ x; sz--; });
154 }
155
156 /*----- Generic cipher interface ------------------------------------------*/
157
158 typedef struct gctx {
159 gcipher c;
160 rc4_ctx rc4;
161 } gctx;
162
163 static const gcipher_ops gops;
164
165 static gcipher *ginit(const void *k, size_t sz)
166 {
167 gctx *g = S_CREATE(gctx);
168 g->c.ops = &gops;
169 rc4_init(&g->rc4, k, sz);
170 return (&g->c);
171 }
172
173 static void gencrypt(gcipher *c, const void *s, void *t, size_t sz)
174 {
175 gctx *g = (gctx *)c;
176 rc4_encrypt(&g->rc4, s, t, sz);
177 }
178
179 static void gdestroy(gcipher *c)
180 {
181 gctx *g = (gctx *)c;
182 BURN(*g);
183 S_DESTROY(g);
184 }
185
186 static const gcipher_ops gops = {
187 &rc4,
188 gencrypt, gencrypt, gdestroy, 0, 0
189 };
190
191 const gccipher rc4 = {
192 "rc4", rc4_keysz, 0,
193 ginit
194 };
195
196 /*----- Generic random number generator interface -------------------------*/
197
198 typedef struct grctx {
199 grand r;
200 rc4_ctx rc4;
201 } grctx;
202
203 static void grdestroy(grand *r)
204 {
205 grctx *g = (grctx *)r;
206 BURN(*g);
207 S_DESTROY(g);
208 }
209
210 static int grmisc(grand *r, unsigned op, ...)
211 {
212 grctx *g = (grctx *)r;
213 va_list ap;
214 int rc = 0;
215 uint32 i;
216 octet buf[4];
217 va_start(ap, op);
218
219 switch (op) {
220 case GRAND_CHECK:
221 switch (va_arg(ap, unsigned)) {
222 case GRAND_CHECK:
223 case GRAND_SEEDINT:
224 case GRAND_SEEDUINT32:
225 case GRAND_SEEDBLOCK:
226 case GRAND_SEEDRAND:
227 rc = 1;
228 break;
229 default:
230 rc = 0;
231 break;
232 }
233 break;
234 case GRAND_SEEDINT:
235 i = va_arg(ap, unsigned);
236 STORE32(buf, i);
237 rc4_addkey(&g->rc4, buf, sizeof(buf));
238 break;
239 case GRAND_SEEDUINT32:
240 i = va_arg(ap, uint32);
241 STORE32(buf, i);
242 rc4_addkey(&g->rc4, buf, sizeof(buf));
243 break;
244 case GRAND_SEEDBLOCK: {
245 const void *p = va_arg(ap, const void *);
246 size_t sz = va_arg(ap, size_t);
247 rc4_addkey(&g->rc4, p, sz);
248 } break;
249 case GRAND_SEEDRAND: {
250 grand *rr = va_arg(ap, grand *);
251 octet buf[16];
252 rr->ops->fill(rr, buf, sizeof(buf));
253 rc4_addkey(&g->rc4, buf, sizeof(buf));
254 } break;
255 default:
256 GRAND_BADOP;
257 break;
258 }
259
260 va_end(ap);
261 return (rc);
262 }
263
264 static octet grbyte(grand *r)
265 {
266 grctx *g = (grctx *)r;
267 octet o;
268 RC4_OPEN(&g->rc4, RC4_BYTE(o););
269 return (o);
270 }
271
272 static uint32 grword(grand *r)
273 {
274 grctx *g = (grctx *)r;
275 octet b[4];
276 int i;
277 RC4_OPEN(&g->rc4,
278 for (i = 0; i < sizeof(b); i++)
279 RC4_BYTE(b[i]););
280 return (LOAD32(b));
281 }
282
283 static void grfill(grand *r, void *p, size_t sz)
284 {
285 grctx *g = (grctx *)r;
286 rc4_encrypt(&g->rc4, 0, p, sz);
287 }
288
289 static const grand_ops grops = {
290 "rc4",
291 GRAND_CRYPTO, 0,
292 grmisc, grdestroy,
293 grword, grbyte, grword, grand_range, grfill
294 };
295
296 /* --- @rc4_rand@ --- *
297 *
298 * Arguments: @const void *k@ = pointer to key material
299 * @size_t sz@ = size of key material
300 *
301 * Returns: Pointer to generic random number generator interface.
302 *
303 * Use: Creates a random number interface wrapper around an
304 * OFB-mode block cipher.
305 */
306
307 grand *rc4_rand(const void *k, size_t sz)
308 {
309 grctx *g = S_CREATE(grctx);
310 g->r.ops = &grops;
311 rc4_init(&g->rc4, k, sz);
312 return (&g->r);
313 }
314
315 /*----- Test rig ----------------------------------------------------------*/
316
317 #ifdef TEST_RIG
318
319 #include <stdio.h>
320 #include <string.h>
321
322 #include <mLib/quis.h>
323 #include <mLib/testrig.h>
324
325 static int v_encrypt(dstr *v)
326 {
327 rc4_ctx ctx;
328 dstr d = DSTR_INIT;
329 int ok = 1;
330
331 rc4_init(&ctx, v[0].buf, v[0].len);
332 dstr_ensure(&d, v[1].len);
333 d.len = v[1].len;
334 rc4_encrypt(&ctx, v[1].buf, d.buf, d.len);
335
336 if (memcmp(v[2].buf, d.buf, d.len) != 0) {
337 ok = 0;
338 printf("\nfail encryption:"
339 "\n\tkey = ");
340 type_hex.dump(&v[0], stdout);
341 printf("\n\tplaintext = "); type_hex.dump(&v[1], stdout);
342 printf("\n\texpected = "); type_hex.dump(&v[2], stdout);
343 printf("\n\tcalculated = "); type_hex.dump(&d, stdout);
344 putchar('\n');
345 }
346
347 return (ok);
348 }
349
350 static int v_generate(dstr *v)
351 {
352 rc4_ctx ctx;
353 dstr d = DSTR_INIT;
354 int ok = 1;
355
356 rc4_init(&ctx, v[0].buf, v[0].len);
357 rc4_encrypt(&ctx, 0, 0, *(int *)v[1].buf);
358 dstr_ensure(&d, v[2].len);
359 d.len = v[2].len;
360 rc4_encrypt(&ctx, 0, d.buf, d.len);
361
362 if (memcmp(v[2].buf, d.buf, d.len) != 0) {
363 ok = 0;
364 printf("\nfail generation:"
365 "\n\tkey = ");
366 type_hex.dump(&v[0], stdout);
367 printf("\n\tskip len = %i", *(int *)v[1].buf);
368 printf("\n\texpected = "); type_hex.dump(&v[2], stdout);
369 printf("\n\tcalculated = "); type_hex.dump(&d, stdout);
370 putchar('\n');
371 }
372
373 return (ok);
374 }
375
376 static test_chunk defs[] = {
377 { "rc4-encrypt", v_encrypt, { &type_hex, &type_hex, &type_hex, 0 } },
378 { "rc4-generate", v_generate, { &type_hex, &type_int, &type_hex, 0 } },
379 { 0, 0, { 0 } }
380 };
381
382 int main(int argc, char *argv[])
383 {
384 test_run(argc, argv, defs, SRCDIR"/tests/rc4");
385 return (0);
386 }
387
388 #endif
389
390 /*----- That's all, folks -------------------------------------------------*/
Catacomb cryptographic library (downstream of http://git.distorted.org.uk/~mdw/catacomb/)