~mdw
/
secnet
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
comm: Break out common code in comm
[secnet]
/
transform-cbcmac.c
diff --git
a/transform-cbcmac.c
b/transform-cbcmac.c
index
5fb66ba
..
1390ee8
100644
(file)
--- a/
transform-cbcmac.c
+++ b/
transform-cbcmac.c
@@
-114,7
+114,7
@@
static uint32_t transform_forward(void *sst, struct buffer_if *buf,
bother sending the IV - it's the same each time. (If we wanted to send
it we've have to add 16 bytes to each message, not 4, so that the
message stays a multiple of 16 bytes long.) */
bother sending the IV - it's the same each time. (If we wanted to send
it we've have to add 16 bytes to each message, not 4, so that the
message stays a multiple of 16 bytes long.) */
-
memset(iv,0,16
);
+
FILLZERO(iv
);
put_uint32(iv, ti->maciv);
serpentbe_encrypt(&ti->mackey,iv,macacc);
put_uint32(iv, ti->maciv);
serpentbe_encrypt(&ti->mackey,iv,macacc);
@@
-127,11
+127,11
@@
static uint32_t transform_forward(void *sst, struct buffer_if *buf,
serpentbe_encrypt(&ti->mackey,macplain,macacc);
}
serpentbe_encrypt(&ti->mackey,macacc,macacc);
serpentbe_encrypt(&ti->mackey,macplain,macacc);
}
serpentbe_encrypt(&ti->mackey,macacc,macacc);
-
memcpy(buf_append(buf,16)
,macacc,16);
+
BUF_ADD_BYTES(append,buf
,macacc,16);
/* Serpent-CBC. We expand the ID as for CBCMAC, do the encryption,
and prepend the IV before increasing it. */
/* Serpent-CBC. We expand the ID as for CBCMAC, do the encryption,
and prepend the IV before increasing it. */
-
memset(iv,0,16
);
+
FILLZERO(iv
);
put_uint32(iv, ti->cryptiv);
serpentbe_encrypt(&ti->cryptkey,iv,iv);
put_uint32(iv, ti->cryptiv);
serpentbe_encrypt(&ti->cryptkey,iv,iv);
@@
-175,7
+175,7
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
}
/* CBC */
}
/* CBC */
-
memset(iv,0,16
);
+
FILLZERO(iv
);
{
uint32_t ivword = buf_unprepend_uint32(buf);
put_uint32(iv, ivword);
{
uint32_t ivword = buf_unprepend_uint32(buf);
put_uint32(iv, ivword);
@@
-193,12
+193,12
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
serpentbe_decrypt(&ti->cryptkey,n,n);
for (i = 0; i < 16; i++)
n[i] ^= iv[i];
serpentbe_decrypt(&ti->cryptkey,n,n);
for (i = 0; i < 16; i++)
n[i] ^= iv[i];
-
memcpy(iv, pct, 16
);
+
COPY_OBJ(iv, pct
);
}
/* CBCMAC */
macexpected=buf_unappend(buf,16);
}
/* CBCMAC */
macexpected=buf_unappend(buf,16);
-
memset(iv,0,16
);
+
FILLZERO(iv
);
put_uint32(iv, ti->maciv);
serpentbe_encrypt(&ti->mackey,iv,macacc);
put_uint32(iv, ti->maciv);
serpentbe_encrypt(&ti->mackey,iv,macacc);
@@
-261,9
+261,8
@@
static list_t *transform_apply(closure_t *self, struct cloc loc,
st->cl.apply=NULL;
st->cl.interface=&st->ops;
st->ops.st=st;
st->cl.apply=NULL;
st->cl.interface=&st->ops;
st->ops.st=st;
- st->ops.max_start_pad=28; /* 4byte seqnum, 16byte pad, 4byte MACIV,
- 4byte IV */
- st->ops.max_end_pad=16; /* 16byte CBCMAC */
+ update_max_start_pad(&transform_max_start_pad, 28);
+ /* 4byte seqnum, 16byte pad, 4byte MACIV, 4byte IV */
/* We need 256*2 bits for serpent keys, 32 bits for CBC-IV and 32 bits
for CBCMAC-IV, and 32 bits for init sequence number */
/* We need 256*2 bits for serpent keys, 32 bits for CBC-IV and 32 bits
for CBCMAC-IV, and 32 bits for init sequence number */
@@
-279,6
+278,8
@@
static list_t *transform_apply(closure_t *self, struct cloc loc,
st->max_seq_skew=dict_read_number(dict, "max-sequence-skew",
False, "serpent-cbc256", loc, 10);
st->max_seq_skew=dict_read_number(dict, "max-sequence-skew",
False, "serpent-cbc256", loc, 10);
+ SET_CAPAB_TRANSFORMNUM(CAPAB_TRANSFORMNUM_SERPENT256CBC);
+
return new_closure(&st->cl);
}
return new_closure(&st->cl);
}
@@
-343,7
+344,7
@@
void transform_cbcmac_module(dict_t *dict)
buf.base = malloc(4096);
buffer_init(&buf, 2048);
buf.base = malloc(4096);
buffer_init(&buf, 2048);
-
memcpy(buf_append(&buf, sizeof(text))
, text, sizeof(text));
+
BUF_ADD_OBJ(append, buf
, text, sizeof(text));
if (transform_forward(ti, &buf, &errmsg)) {
fatal("transform_forward test: %s", errmsg);
}
if (transform_forward(ti, &buf, &errmsg)) {
fatal("transform_forward test: %s", errmsg);
}