~mdw / userv-utils / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright notices.
[userv-utils] / ipif / mech-blowfish.c
1 /*
2 * Blowfish mechanism for udp tunnel
3 *
4 * arguments: key size in bits (must be multiple of 8)
5 *
6 * key values: 8 byte random IV and n byte random key
7 *
8 * encoding: do CBC encryption overwriting message
9 * encoding for MAC: do CBC and prepend last ciphertext block
10 */
11 /*
12 * Copyright (C) 2000 Ian Jackson
13 *
14 * This is free software; you can redistribute it and/or modify it
15 * under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
18 *
19 * This program is distributed in the hope that it will be useful, but
20 * WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 * General Public License for more details.
23 *
24 * You should have received a copy of the GNU General Public License
25 * along with userv-utils; if not, write to the Free Software
26 * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 */
28
29 #include "forwarder.h"
30 #include "blowfish.h"
31
32 struct mechdata {
33 unsigned char iv[BLOWFISH_BLOCKBYTES];
34 struct blowfish_cbc_state cbc;
35 };
36
37 static void mds_blowfish(struct mechdata **md_r) {
38 struct mechdata *md;
39 unsigned long keysize;
40 unsigned char key[BLOWFISH_MAXKEYBYTES];
41
42 XMALLOC(md);
43
44 keysize= getarg_ulong();
45 arg_assert(!(keysize & 7));
46 keysize >>= 3;
47 arg_assert(keysize > 0 && keysize <= BLOWFISH_MAXKEYBYTES);
48
49 random_key(md->iv,sizeof(md->iv));
50 random_key(key,keysize);
51
52 blowfish_loadkey(&md->cbc.ek, key,keysize);
53 *md_r= md;
54 }
55
56 static void mes_blowfish(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) {
57 mds_blowfish(md_r);
58 }
59
60 static void mds_bfmac(struct mechdata **md_r) {
61 mds_blowfish(md_r);
62 }
63
64 static void mes_bfmac(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) {
65 mds_blowfish(md_r);
66 *maxprefix_io += BLOWFISH_BLOCKBYTES;
67 }
68
69 #define MSGSIZE_OUT \
70 msgsize= buf->size; \
71 arg_assert(!(msgsize & (BLOWFISH_BLOCKBYTES-1)));
72
73 #define MSGSIZE_IN \
74 msgsize= buf->size; \
75 if (msgsize & (BLOWFISH_BLOCKBYTES-1)) return "not multiple of block size"
76
77 #define FOREACH_BLOCK(func,inptr,outptr) \
78 { \
79 unsigned char *ptr; \
80 blowfish_cbc_setiv(&md->cbc, md->iv); \
81 for (ptr= buf->start; \
82 ptr < buf->start + msgsize; \
83 ptr += BLOWFISH_BLOCKBYTES) { \
84 func(&md->cbc,inptr,outptr); \
85 } \
86 }
87
88 static void menc_blowfish(struct mechdata *md, struct buffer *buf) {
89 unsigned long msgsize;
90 MSGSIZE_OUT;
91 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,ptr);
92 }
93
94 static const char *mdec_blowfish(struct mechdata *md, struct buffer *buf) {
95 unsigned long msgsize;
96 MSGSIZE_IN;
97 FOREACH_BLOCK(blowfish_cbc_decrypt,ptr,ptr);
98 return 0;
99 }
100
101 static void menc_bfmac(struct mechdata *md, struct buffer *buf) {
102 unsigned long msgsize;
103 unsigned char outblock[BLOWFISH_BLOCKBYTES];
104
105 MSGSIZE_OUT;
106 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock);
107 memcpy(buf_prepend(buf,BLOWFISH_BLOCKBYTES), outblock, BLOWFISH_BLOCKBYTES);
108 }
109
110 static const char *mdec_bfmac(struct mechdata *md, struct buffer *buf) {
111 unsigned long msgsize;
112 unsigned char outblock[BLOWFISH_BLOCKBYTES];
113 unsigned char *checkblock;
114
115 BUF_UNPREPEND(checkblock,buf,BLOWFISH_BLOCKBYTES);
116 MSGSIZE_IN;
117 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock);
118 if (memcmp(checkblock,outblock,BLOWFISH_BLOCKBYTES)) return "verify failed";
119 return 0;
120 }
121
122 const struct mechanism mechlist_blowfish[]= {
123 STANDARD_MECHANISM("blowfish-cbcmac", bfmac)
124 STANDARD_MECHANISM("blowfish-cbc", blowfish)
125 { 0 }
126 };
Userv utilities (local modifications)