| 1 | /* |
| 2 | * Blowfish mechanism for udp tunnel |
| 3 | * |
| 4 | * mechanisms: blowfish-cbc, blowfish-cbcmac |
| 5 | * arguments: key size in bits (must be multiple of 8) |
| 6 | * |
| 7 | * key values: 8 byte random IV and n byte random key |
| 8 | * |
| 9 | * restrictions: plaintext length must be multiple of block size (8 bytes) |
| 10 | * encoding: do CBC encryption overwriting message |
| 11 | * encoding for MAC: do CBC and prepend last ciphertext block |
| 12 | */ |
| 13 | /* |
| 14 | * This file is part of ipif, part of userv-utils |
| 15 | * |
| 16 | * Copyright 1996-2013 Ian Jackson <ijackson@chiark.greenend.org.uk> |
| 17 | * Copyright 1998 David Damerell <damerell@chiark.greenend.org.uk> |
| 18 | * Copyright 1999,2003 |
| 19 | * Chancellor Masters and Scholars of the University of Cambridge |
| 20 | * Copyright 2010 Tony Finch <fanf@dotat.at> |
| 21 | * |
| 22 | * This is free software; you can redistribute it and/or modify it |
| 23 | * under the terms of the GNU General Public License as published by |
| 24 | * the Free Software Foundation; either version 3 of the License, or |
| 25 | * (at your option) any later version. |
| 26 | * |
| 27 | * This program is distributed in the hope that it will be useful, but |
| 28 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
| 29 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 30 | * General Public License for more details. |
| 31 | * |
| 32 | * You should have received a copy of the GNU General Public License |
| 33 | * along with userv-utils; if not, see http://www.gnu.org/licenses/. |
| 34 | */ |
| 35 | |
| 36 | #include "forwarder.h" |
| 37 | #include "blowfish.h" |
| 38 | |
| 39 | struct mechdata { |
| 40 | unsigned char iv[BLOWFISH_BLOCKBYTES]; |
| 41 | struct blowfish_cbc_state cbc; |
| 42 | }; |
| 43 | |
| 44 | static void mds_blowfish(struct mechdata **md_r) { |
| 45 | struct mechdata *md; |
| 46 | unsigned long keysize; |
| 47 | unsigned char key[BLOWFISH_MAXKEYBYTES]; |
| 48 | |
| 49 | XMALLOC(md); |
| 50 | |
| 51 | keysize= getarg_ulong(); |
| 52 | arg_assert(!(keysize & 7)); |
| 53 | keysize >>= 3; |
| 54 | arg_assert(keysize > 0 && keysize <= BLOWFISH_MAXKEYBYTES); |
| 55 | |
| 56 | random_key(md->iv,sizeof(md->iv)); |
| 57 | random_key(key,keysize); |
| 58 | |
| 59 | blowfish_loadkey(&md->cbc.ek, key,keysize); |
| 60 | *md_r= md; |
| 61 | } |
| 62 | |
| 63 | static void mes_blowfish(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) { |
| 64 | mds_blowfish(md_r); |
| 65 | } |
| 66 | |
| 67 | static void mds_bfmac(struct mechdata **md_r) { |
| 68 | mds_blowfish(md_r); |
| 69 | } |
| 70 | |
| 71 | static void mes_bfmac(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) { |
| 72 | mds_blowfish(md_r); |
| 73 | *maxprefix_io += BLOWFISH_BLOCKBYTES; |
| 74 | } |
| 75 | |
| 76 | #define MSGSIZE_OUT \ |
| 77 | msgsize= buf->size; \ |
| 78 | arg_assert(!(msgsize & (BLOWFISH_BLOCKBYTES-1))); |
| 79 | |
| 80 | #define MSGSIZE_IN \ |
| 81 | msgsize= buf->size; \ |
| 82 | if (msgsize & (BLOWFISH_BLOCKBYTES-1)) return "not multiple of block size" |
| 83 | |
| 84 | #define FOREACH_BLOCK(func,inptr,outptr) \ |
| 85 | { \ |
| 86 | unsigned char *ptr; \ |
| 87 | blowfish_cbc_setiv(&md->cbc, md->iv); \ |
| 88 | for (ptr= buf->start; \ |
| 89 | ptr < buf->start + msgsize; \ |
| 90 | ptr += BLOWFISH_BLOCKBYTES) { \ |
| 91 | func(&md->cbc,inptr,outptr); \ |
| 92 | } \ |
| 93 | } |
| 94 | |
| 95 | static void menc_blowfish(struct mechdata *md, struct buffer *buf) { |
| 96 | unsigned long msgsize; |
| 97 | MSGSIZE_OUT; |
| 98 | FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,ptr); |
| 99 | } |
| 100 | |
| 101 | static const char *mdec_blowfish(struct mechdata *md, struct buffer *buf) { |
| 102 | unsigned long msgsize; |
| 103 | MSGSIZE_IN; |
| 104 | FOREACH_BLOCK(blowfish_cbc_decrypt,ptr,ptr); |
| 105 | return 0; |
| 106 | } |
| 107 | |
| 108 | static void menc_bfmac(struct mechdata *md, struct buffer *buf) { |
| 109 | unsigned long msgsize; |
| 110 | unsigned char outblock[BLOWFISH_BLOCKBYTES]; |
| 111 | |
| 112 | MSGSIZE_OUT; |
| 113 | FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock); |
| 114 | memcpy(buf_prepend(buf,BLOWFISH_BLOCKBYTES), outblock, BLOWFISH_BLOCKBYTES); |
| 115 | } |
| 116 | |
| 117 | static const char *mdec_bfmac(struct mechdata *md, struct buffer *buf) { |
| 118 | unsigned long msgsize; |
| 119 | unsigned char outblock[BLOWFISH_BLOCKBYTES]; |
| 120 | unsigned char *checkblock; |
| 121 | |
| 122 | BUF_UNPREPEND(checkblock,buf,BLOWFISH_BLOCKBYTES); |
| 123 | MSGSIZE_IN; |
| 124 | FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock); |
| 125 | if (memcmp(checkblock,outblock,BLOWFISH_BLOCKBYTES)) return "verify failed"; |
| 126 | return 0; |
| 127 | } |
| 128 | |
| 129 | const struct mechanism mechlist_blowfish[]= { |
| 130 | STANDARD_MECHANISM("blowfish-cbcmac", bfmac) |
| 131 | STANDARD_MECHANISM("blowfish-cbc", blowfish) |
| 132 | { 0 } |
| 133 | }; |