Use the Blowfish encryption algorithm instead of IDEA. This is partly

[become] / src / icrypt.c

/* -*-c-*-
 *
 * $Id: icrypt.c,v 1.2.2.1 1997/09/26 09:08:07 mdw Exp $
 *
 * Higher level encryption functions
 *
 * (c) 1997 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------*
 *
 * This file is part of `become'
 *
 * `Become' is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * `Become' is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with `become'; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------*
 *
 * $Log: icrypt.c,v $
 * Revision 1.2.2.1  1997/09/26 09:08:07  mdw
 * Use the Blowfish encryption algorithm instead of IDEA.  This is partly
 * because I prefer Blowfish (without any particularly strong evidence) but
 * mainly because IDEA is patented and Blowfish isn't.
 *
 * Revision 1.2  1997/08/04 10:24:22  mdw
 * Sources placed under CVS control.
 *
 * Revision 1.1  1997/07/21  13:47:49  mdw
 * Initial revision
 *
 */

/*----- Header files ------------------------------------------------------*/

/* --- ANSI headers --- */

#include <stdio.h>
#include <string.h>
#include <stdlib.h>

/* --- Local headers --- */

#include "blowfish.h"
#include "config.h"
#include "icrypt.h"

/*----- Main code ---------------------------------------------------------*/

/* --- @icrypt_init@ --- *
 *
 * Arguments:	@icrypt_job *j@ = pointer to job context block
 *		@unsigned char *k@ = pointer to key data
 *		@size_t sz@ = size of the key data
 *		@const unsigned char *iv@ = pointer to IV
 *
 * Returns:	---
 *
 * Use:		Primes the context block ready for encryption.
 */

void icrypt_init(icrypt_job *j, unsigned char *k,
		 size_t sz, const unsigned char *iv)
{
  blowfish_setKey(&j->k, k, sz);
  if (iv)
    memcpy(j->iv, iv, BLOWFISH_BLKSIZE);
  else
    memset(j->iv, 0, BLOWFISH_BLKSIZE);
  j->i = 8;
}

/* --- @icrypt_encrypt@ --- *
 *
 * Arguments:	@icrypt_job *j@ = job handle
 *		@const void *src@ = pointer to source buffer
 *		@void *dest@ = pointer to destination buffer
 *		@size_t sz@ = size of buffers to handle
 *
 * Returns:	---
 *
 * Use:		Encrypts data from the source to the destination, using the
 *		key attached to the job handle.
 */

void icrypt_encrypt(icrypt_job *j, const void *src, void *dest, size_t sz)
{
  const unsigned char *s = src;
  unsigned char *d = dest;
  int i;

  /* --- First, use up bytes in the buffer --- */

  while (j->i < BLOWFISH_BLKSIZE && sz > 0) {
    *d++ = j->iv[j->i++] ^= *s++;
    sz--;
  }
  if (!sz) return;

  /* --- Now encrypt larger chunks at a time --- */

  while (sz >= BLOWFISH_BLKSIZE) {

    /* --- Freshen the IV --- */

    blowfish_encrypt(&j->k, j->iv, j->iv);

    /* --- Now encrypt some more bytes --- */

    for (i = 0; i < BLOWFISH_BLKSIZE; i++) {
      *d++ = j->iv[i] ^= *s++;
    }
    sz -= BLOWFISH_BLKSIZE;
  }
  if (!sz) return;

  /* --- Do the tail-end bits --- */

  blowfish_encrypt(&j->k, j->iv, j->iv);
  j->i = 0;
  while (sz) {
    *d++ = j->iv[j->i++] ^= *s++;
    sz--;
  }
}

/* --- @icrypt_decrypt@ --- *
 *
 * Arguments:	@icrypt_job *j@ = job handle
 *		@const void *src@ = pointer to source buffer
 *		@void *dest@ = pointer to destination buffer
 *		@size_t sz@ = size of buffers to handle
 *
 * Returns:	---
 *
 * Use:		Decrypts data from the source to the destination, using
 *		the key attached to the job handle.
 */

void icrypt_decrypt(icrypt_job *j, const void *src, void *dest, size_t sz)
{
  unsigned const char *s = src;
  unsigned char *d = dest;
  int i;
  unsigned char c;

  /* --- First, use up bytes in the buffer --- */

  while (j->i < BLOWFISH_BLKSIZE && sz > 0) {
    c = *s++;
    *d++ = j->iv[j->i] ^ c;
    j->iv[j->i++] = c;
    sz--;
  }
  if (!sz) return;

  /* --- Now encrypt larger chunks at a time --- */

  while (sz >= BLOWFISH_BLKSIZE) {

    /* --- Freshen the IV --- */

    blowfish_encrypt(&j->k, j->iv, j->iv);

    /* --- Now encrypt some more bytes --- */

    for (i = 0; i < BLOWFISH_BLKSIZE; i++) {
      c = *s++;
      *d++ = j->iv[i] ^ c;
      j->iv[i] = c;
    }
    sz -= BLOWFISH_BLKSIZE;
  }
  if (!sz) return;

  /* --- Do the tail-end bits --- */

  blowfish_encrypt(&j->k, j->iv, j->iv);
  j->i = 0;
  while (sz) {
    c = *s++;
    *d++ = j->iv[j->i] ^ c;
    j->iv[j->i++] = c;
    sz--;
  }
}

/* --- @icrypt_reset@ --- *
 *
 * Arguments:	@icrypt_job *j@ = pointer to job context block
 *		@unsigned char *k@ = pointer to key data, or zero for
 *			no change
 *		@size_t sz@ = size of the key in bytes
 *		@const unsigned char *iv@ = pointer to IV, or zero
 *
 * Returns:	---
 *
 * Use:		Alters the context block.  This can be used after recovery
 *		of a session key, for example.
 */

void icrypt_reset(icrypt_job *j, unsigned char *k,
		  size_t sz, const unsigned char *iv)
{
  if (k)
    blowfish_setKey(&j->k, k, sz);
  if (iv)
    memcpy(j->iv, iv, BLOWFISH_BLKSIZE);
  else {
    unsigned char b[BLOWFISH_BLKSIZE];
    int n = j->i, o = BLOWFISH_BLKSIZE - j->i;

    memcpy(b, j->iv, sizeof(b));
    memcpy(j->iv, b + n, o);
    memcpy(j->iv + o, b, n);
  }
  j->i = 8;
}

/* --- @icrypt_saveIV@ --- *
 *
 * Arguments:	@icrypt_job *j@ = pointer to job context block
 *		@unsigned char *iv@ = where to store the IV
 *
 * Returns:	---
 *
 * Use:		Writes out the job's IV after munging it a little.
 */

void icrypt_saveIV(icrypt_job *j, unsigned char *iv)
{
  int n = j->i, o = BLOWFISH_BLKSIZE - j->i;

  memcpy(j->iv, iv + n, o);
  memcpy(j->iv + o, iv, n);
  blowfish_encrypt(&j->k, iv, iv);
}

/*----- Test rig ----------------------------------------------------------*/

#ifdef TEST_RIG

#include <errno.h>
#include <pwd.h>
#include <unistd.h>
#include "crypt.h"
#include "mdwopt.h"
#include "md5.h"
#include "utils.h"

void icrypt(icrypt_job *j,
	    void (*proc)(icrypt_job *j,
			 const void *src,
			 void *dest,
			 size_t sz),
	    FILE *fp)
{
  char buff[71];
  size_t r;

  for (;;) {
    r = fread(buff, 1, sizeof(buff), fp);
    if (!r) break;
    proc(j, buff, buff, r);
    fwrite(buff, 1, r, stdout);
  }
}

int main(int argc, char *argv[])
{
  icrypt_job j;
  md5 md;
  void (*proc)(icrypt_job *j,
	       const void *src,
	       void *dest,
	       size_t sz) = icrypt_encrypt;

  ego(argv[0]);

  for (;;) {
    int i = getopt(argc, argv, "d");
    if (i < 0)
      break;
    if (i == 'd')
      proc = icrypt_decrypt;
  }

  {
    char *pass = getpass("Password: ");
    unsigned char k[BLOWFISH_KEYSIZE];
    md5_init(&md);
    md5_buffer(&md, pass, strlen(pass));
    memset(pass, 0, strlen(pass));
    md5_final(&md, k);

    icrypt_init(&j, k, BLOWFISH_KEYSIZE, 0);
  }

  if (optind >= argc)
    icrypt(&j, proc, stdin);

  while (optind < argc) {
    char *p = argv[optind++];
    if (strcmp(p, "-") == 0)
      icrypt(&j, proc, stdin);
    else {
      FILE *fp = fopen(p, "rb");
      if (!fp)
	die("couldn't open `%s': %s", p, strerror(errno));
      icrypt(&j, proc, fp);
      fclose(fp);
    }
  }

  return (0);
}

#endif    

/*----- That's all, folks -------------------------------------------------*/