4 * arguments: key size in bits (must be multiple of 8)
6 * key values: 8 byte random IV and n byte random key
8 * encoding: do CBC encryption overwriting message
9 * encoding for MAC: do CBC and prepend last ciphertext block
12 #include "forwarder.h"
16 struct blowfish_cbc_state cbc
;
19 static void mds_blowfish(struct mechdata
**md_r
) {
21 unsigned long keysize
;
22 unsigned char iv
[BLOWFISH_BLOCKBYTES
];
23 unsigned char key
[BLOWFISH_MAXKEYBYTES
];
25 md
= xmalloc(sizeof(md
));
27 keysize
= getarg_ulong();
28 arg_assert(!(keysize
& 7));
30 arg_assert(keysize
> 0 && keysize
<= BLOWFISH_MAXKEYBYTES
);
32 random_key(iv
,sizeof(iv
));
33 random_key(key
,keysize
);
35 blowfish_loadkey(&md
->cbc
.ek
, key
,keysize
);
36 blowfish_cbc_setiv(&md
->cbc
, iv
);
41 static void mes_blowfish(struct mechdata
**md_r
, int *maxprefix_io
, int *maxsuffix_io
) {
45 static void mds_bfmac(struct mechdata
**md_r
) {
49 static void mes_bfmac(struct mechdata
**md_r
, int *maxprefix_io
, int *maxsuffix_io
) {
51 *maxprefix_io
+= BLOWFISH_BLOCKBYTES
;
56 arg_assert(!(msgsize & ~BLOWFISH_BLOCKBYTES));
60 if (msgsize & ~BLOWFISH_BLOCKBYTES) return "not multiple of block size"
62 #define FOREACH_BLOCK(func,inptr,outptr) \
66 while (ptr < buf->start + msgsize) \
67 func(&md->cbc,inptr,outptr); \
70 static void menc_blowfish(struct mechdata
*md
, struct buffer
*buf
) {
71 unsigned long msgsize
;
73 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,ptr
);
76 static const char *mdec_blowfish(struct mechdata
*md
, struct buffer
*buf
) {
77 unsigned long msgsize
;
79 FOREACH_BLOCK(blowfish_cbc_decrypt
,ptr
,ptr
);
83 static void menc_bfmac(struct mechdata
*md
, struct buffer
*buf
) {
84 unsigned long msgsize
;
85 unsigned char outblock
[BLOWFISH_BLOCKBYTES
];
88 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,outblock
);
89 memcpy(buf_prepend(buf
,BLOWFISH_BLOCKBYTES
), outblock
, BLOWFISH_BLOCKBYTES
);
92 static const char *mdec_bfmac(struct mechdata
*md
, struct buffer
*buf
) {
93 unsigned long msgsize
;
94 unsigned char outblock
[BLOWFISH_BLOCKBYTES
];
95 unsigned char *checkblock
;
97 BUF_UNPREPEND(checkblock
,buf
,BLOWFISH_BLOCKBYTES
);
99 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,outblock
);
100 if (memcmp(checkblock
,outblock
,BLOWFISH_BLOCKBYTES
)) return "verify failed";
104 const struct mechanism mechlist_blowfish
[]= {
105 STANDARD_MECHANISM("blowfish-cbcmac", bfmac
)
106 STANDARD_MECHANISM("blowfish-cbc", blowfish
)