X-Git-Url: https://git.distorted.org.uk/~mdw/userv-utils/blobdiff_plain/1fb3cba0b41ae774f83c11d2a9c23b12b2c87d1a..eccfa510eebbda0703971e3f708c293cfd6471a5:/ipif/mech-blowfish.c

diff --git a/ipif/mech-blowfish.c b/ipif/mech-blowfish.c
index 898abe6..6912222 100644
--- a/ipif/mech-blowfish.c
+++ b/ipif/mech-blowfish.c
@@ -1,40 +1,62 @@
 /*
- * Blowfish
+ * Blowfish mechanism for udp tunnel
  *
+ * mechanisms: blowfish-cbc, blowfish-cbcmac
  * arguments: key size in bits (must be multiple of 8)
  *
  * key values: 8 byte random IV and n byte random key
  *
+ * restrictions: plaintext length must be multiple of block size (8 bytes)
  * encoding:         do CBC encryption overwriting message
  * encoding for MAC: do CBC and prepend last ciphertext block
  */
+/*
+ * This file is part of ipif, part of userv-utils
+ *
+ * Copyright 1996-2013 Ian Jackson <ijackson@chiark.greenend.org.uk>
+ * Copyright 1998 David Damerell <damerell@chiark.greenend.org.uk>
+ * Copyright 1999,2003
+ *    Chancellor Masters and Scholars of the University of Cambridge
+ * Copyright 2010 Tony Finch <fanf@dotat.at>
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with userv-utils; if not, see http://www.gnu.org/licenses/.
+ */
 
-#include "mech.h"
+#include "forwarder.h"
 #include "blowfish.h"
 
 struct mechdata {
+  unsigned char iv[BLOWFISH_BLOCKBYTES];
   struct blowfish_cbc_state cbc;
 };
 
 static void mds_blowfish(struct mechdata **md_r) {
   struct mechdata *md;
   unsigned long keysize;
-  unsigned char iv[BLOWFISH_BLOCKBYTES];
   unsigned char key[BLOWFISH_MAXKEYBYTES];
 
-  md= xmalloc(sizeof(md));
+  XMALLOC(md);
 
   keysize= getarg_ulong();
   arg_assert(!(keysize & 7));
   keysize >>= 3;
   arg_assert(keysize > 0 && keysize <= BLOWFISH_MAXKEYBYTES);
 
-  random_key(iv,sizeof(iv));
+  random_key(md->iv,sizeof(md->iv));
   random_key(key,keysize);
 
   blowfish_loadkey(&md->cbc.ek, key,keysize);
-  blowfish_cbc_setiv(&md->cbc, iv);
-
   *md_r= md;
 }
 
@@ -53,18 +75,21 @@ static void mes_bfmac(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_
 
 #define MSGSIZE_OUT 						      \
   msgsize= buf->size;					              \
-  arg_assert(!(msgsize & ~BLOWFISH_BLOCKBYTES));
+  arg_assert(!(msgsize & (BLOWFISH_BLOCKBYTES-1)));
 
 #define MSGSIZE_IN 						      \
   msgsize= buf->size;			   		              \
-  if (msgsize & ~BLOWFISH_BLOCKBYTES) return "not multiple of block size"
+  if (msgsize & (BLOWFISH_BLOCKBYTES-1)) return "not multiple of block size"
 
 #define FOREACH_BLOCK(func,inptr,outptr)			      \
  {                                                                    \
    unsigned char *ptr;						      \
-   ptr= buf->start;						      \
-   while (ptr < buf->start + msgsize)				      \
+   blowfish_cbc_setiv(&md->cbc, md->iv);                              \
+   for (ptr= buf->start;					      \
+        ptr < buf->start + msgsize;				      \
+	ptr += BLOWFISH_BLOCKBYTES) {                                 \
      func(&md->cbc,inptr,outptr);				      \
+   }                                                                  \
  }
 
 static void menc_blowfish(struct mechdata *md, struct buffer *buf) {