/* -*-c-*-
*
- * $Id: crypt.c,v 1.2 1997/08/04 10:24:21 mdw Exp $
+ * $Id: crypt.c,v 1.4 1998/01/12 16:45:55 mdw Exp $
*
* Cryptographic transfer of `become' requests
*
- * (c) 1997 EBI
+ * (c) 1998 EBI
*/
/*----- Licensing notice --------------------------------------------------*
/*----- Revision history --------------------------------------------------*
*
* $Log: crypt.c,v $
+ * Revision 1.4 1998/01/12 16:45:55 mdw
+ * Fix copyright date.
+ *
+ * Revision 1.3 1997/09/26 09:14:58 mdw
+ * Merged blowfish branch into trunk.
+ *
+ * Revision 1.2.2.1 1997/09/26 09:08:02 mdw
+ * Use the Blowfish encryption algorithm instead of IDEA. This is partly
+ * because I prefer Blowfish (without any particularly strong evidence) but
+ * mainly because IDEA is patented and Blowfish isn't.
+ *
* Revision 1.2 1997/08/04 10:24:21 mdw
* Sources placed under CVS control.
*
/* --- Local headers --- */
#include "become.h"
+#include "blowfish.h"
#include "config.h"
#include "crypt.h"
#include "icrypt.h"
-#include "idea.h"
#include "md5.h"
#include "noise.h"
#include "rand.h"
{
icrypt_job j;
- icrypt_init(&j, k, 0);
+ icrypt_init(&j, k, BLOWFISH_KEYSIZE, 0);
rand_encrypt(&j);
burn(j);
}
/* --- Generate the session key and IV --- */
noise_acquire();
- rand_extract(sk, IDEA_KEYSIZE);
- rand_extract(iv, IDEA_BLKSIZE);
+ rand_extract(sk, BLOWFISH_KEYSIZE);
+ rand_extract(iv, BLOWFISH_BLKSIZE);
IF_TRACING(TRACE_CRYPTO,
- traceblk(TRACE_CRYPTO, "crypto: session key:", sk, IDEA_KEYSIZE);
+ traceblk(TRACE_CRYPTO, "crypto: session key:", sk, BLOWFISH_KEYSIZE);
traceblk(TRACE_CRYPTO, "crypto: initialisation vector:",
- iv, IDEA_BLKSIZE);
+ iv, BLOWFISH_BLKSIZE);
);
/* --- Write the seed back --- */
{
/* --- First, build the easy stuff in the block --- */
- buff[crq_cryptType] = cryptType_idea;
+ buff[crq_cryptType] = cryptType_blowfish;
store32(buff + crq_time, t);
store32(buff + crq_pid, pid);
store32(buff + crq_from, rq->from);
/* --- Now generate session keys and things --- */
crypt__sessionKey(file_RANDSEED, k, sk, buff + crq_iv);
- memcpy(buff + crq_session, sk, IDEA_KEYSIZE);
+ memcpy(buff + crq_session, sk, BLOWFISH_KEYSIZE);
/* --- The string causes a few problems --- *
*
* version of this code used @strncpy@ which is even worse!)
*
* I'll fill the block with random (from @rand@(3) -- nothing too
- * elaborate) and then encrypt it using IDEA in CFB mode, using the first
- * few bytes as the key. This should provide a sufficiently unpredictable
- * background for the block.
+ * elaborate) and then encrypt it using Blowfish in CFB mode, using the
+ * first few bytes as the key. This should provide a sufficiently
+ * unpredictable background for the block.
*/
{
unsigned char *p;
unsigned u;
md5 md;
- unsigned char qk[IDEA_KEYSIZE];
+ unsigned char qk[BLOWFISH_KEYSIZE];
/* --- Initialise the buffer with junk --- */
p = buff + crq_cmd;
md5_init(&md); md5_buffer(&md, p, CMDLEN_MAX); md5_final(&md, qk);
- icrypt_init(&j, qk, 0); icrypt_encrypt(&j, p, p, CMDLEN_MAX);
+ icrypt_init(&j, qk, BLOWFISH_KEYSIZE, 0);
+ icrypt_encrypt(&j, p, p, CMDLEN_MAX);
burn(j); burn(qk); burn(md);
/* --- Copy the string into here --- */
T( traceblk(TRACE_CRYPTO, "crypto: plaintext request:",
buff, crq_size); )
- icrypt_init(&j, k, buff + crq_iv);
- icrypt_encrypt(&j, buff + crq_session, buff + crq_session, IDEA_KEYSIZE);
- icrypt_reset(&j, sk, 0);
+ T( traceblk(TRACE_CRYPTO, "crypto: master key:", k, BLOWFISH_KEYSIZE); )
+ T( traceblk(TRACE_CRYPTO, "crypto: initial iv:",
+ buff + crq_iv, BLOWFISH_BLKSIZE); )
+ T( traceblk(TRACE_CRYPTO, "crypto: session key:",
+ sk, BLOWFISH_KEYSIZE); )
+
+ icrypt_init(&j, k, BLOWFISH_KEYSIZE, buff + crq_iv);
+
+ icrypt_encrypt(&j, buff + crq_session,
+ buff + crq_session, BLOWFISH_KEYSIZE);
+ T( traceblk(TRACE_CRYPTO, "crypto: encrypted session key:",
+ buff + crq_session, BLOWFISH_KEYSIZE); )
+
+ icrypt_reset(&j, sk, BLOWFISH_KEYSIZE, 0);
+
+ T( traceblk(TRACE_CRYPTO, "crypto: partial iv:",
+ j.iv, BLOWFISH_BLKSIZE); )
+
icrypt_encrypt(&j, buff + crq_cipher,
buff + crq_cipher, crq_size - crq_cipher);
burn(j);
{
/* --- Check the encryption format --- */
- if (buff[crq_cryptType] != cryptType_idea)
+ if (buff[crq_cryptType] != cryptType_blowfish)
return (0);
}
T( traceblk(TRACE_CRYPTO, "crypto: ciphertext request:",
buff, crq_size); )
- icrypt_init(&j, k, buff + crq_iv);
- icrypt_decrypt(&j, buff + crq_session, buff + crq_session, IDEA_KEYSIZE);
- memcpy(sk, buff + crq_session, IDEA_KEYSIZE);
- icrypt_reset(&j, sk, 0);
+ T( traceblk(TRACE_CRYPTO, "crypto: master key:", k, BLOWFISH_KEYSIZE); )
+ T( traceblk(TRACE_CRYPTO, "crypto: initial iv:",
+ buff + crq_iv, BLOWFISH_BLKSIZE); )
+
+ icrypt_init(&j, k, BLOWFISH_KEYSIZE, buff + crq_iv);
+ T( traceblk(TRACE_CRYPTO, "crypto: job block:", &j, sizeof(j)); )
+
+ T( traceblk(TRACE_CRYPTO, "crypto: encrypted session key:",
+ buff + crq_session, BLOWFISH_KEYSIZE); )
+ icrypt_decrypt(&j, buff + crq_session,
+ buff + crq_session, BLOWFISH_KEYSIZE);
+ memcpy(sk, buff + crq_session, BLOWFISH_KEYSIZE);
+ T( traceblk(TRACE_CRYPTO, "crypto: session key:",
+ sk, BLOWFISH_KEYSIZE); )
+
+ icrypt_reset(&j, sk, BLOWFISH_KEYSIZE, 0);
+
+ T( traceblk(TRACE_CRYPTO, "crypto: partial iv:",
+ j.iv, BLOWFISH_BLKSIZE); )
+
icrypt_decrypt(&j, buff + crq_cipher,
buff + crq_cipher, crq_size - crq_cipher);
icrypt_saveIV(&j, rpl + crp_iv);
- memset(buff + crq_session, 0, IDEA_KEYSIZE); /* Burn, baby, burn */
- burn(j);
-
T( traceblk(TRACE_CRYPTO, "crypto: plaintext request:",
buff, crq_size); )
+
+ memset(buff + crq_session, 0, BLOWFISH_KEYSIZE); /* Burn, baby, burn */
+ burn(j);
}
{
T( traceblk(TRACE_CRYPTO, "crypto: plaintext reply:", buff, crp_size); )
- icrypt_init(&j, sk, buff + crp_iv);
+ icrypt_init(&j, sk, BLOWFISH_KEYSIZE, buff + crp_iv);
icrypt_encrypt(&j, buff + crp_cipher,
buff + crp_cipher, crp_size - crp_cipher);
burn(j);
T( traceblk(TRACE_CRYPTO, "crypto: ciphertext reply:", buff, crp_size); )
- icrypt_init(&j, sk, buff + crp_iv);
+ icrypt_init(&j, sk, BLOWFISH_KEYSIZE, buff + crp_iv);
icrypt_decrypt(&j, buff + crp_cipher,
buff + crp_cipher, crp_size - crp_cipher);
burn(j);
int main(int argc, char *argv[])
{
unsigned char buff[8];
- unsigned char sk[IDEA_KEYSIZE], k[IDEA_KEYSIZE];
+ unsigned char sk[BLOWFISH_KEYSIZE], k[BLOWFISH_KEYSIZE];
FILE *fp;
ego(argv[0]);