diff options
Diffstat (limited to 'cipher.c')
| -rw-r--r-- | cipher.c | 67 |
1 files changed, 31 insertions, 36 deletions
| @@ -35,7 +35,7 @@ | |||
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include "includes.h" | 37 | #include "includes.h" |
| 38 | RCSID("$OpenBSD: cipher.c,v 1.39 2000/12/06 23:05:42 markus Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.40 2000/12/09 13:41:52 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include "ssh.h" | 40 | #include "ssh.h" |
| 41 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
| @@ -285,45 +285,40 @@ cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) | |||
| 285 | /* RIJNDAEL */ | 285 | /* RIJNDAEL */ |
| 286 | 286 | ||
| 287 | #define RIJNDAEL_BLOCKSIZE 16 | 287 | #define RIJNDAEL_BLOCKSIZE 16 |
| 288 | |||
| 289 | void | 288 | void |
| 290 | rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen) | 289 | rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen) |
| 291 | { | 290 | { |
| 292 | if (rijndael_makekey(&cc->u.rijndael.enc, RIJNDAEL_ENCRYPT, | 291 | rijndael_set_key(&cc->u.rijndael.enc, (u4byte *)key, 8*keylen, 1); |
| 293 | 8*keylen, (char *)key) == -1) | 292 | rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0); |
| 294 | fatal("rijndael_setkey: RIJNDAEL_ENCRYPT"); | ||
| 295 | if (rijndael_makekey(&cc->u.rijndael.dec, RIJNDAEL_DECRYPT, | ||
| 296 | 8*keylen, (char *)key) == -1) | ||
| 297 | fatal("rijndael_setkey: RIJNDAEL_DECRYPT"); | ||
| 298 | } | 293 | } |
| 299 | void | 294 | void |
| 300 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) | 295 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) |
| 301 | { | 296 | { |
| 302 | if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE) | 297 | if (iv == NULL) |
| 303 | fatal("bad/no IV for %s.", cc->cipher->name); | 298 | fatal("no IV for %s.", cc->cipher->name); |
| 304 | memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); | 299 | memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); |
| 305 | } | 300 | } |
| 306 | |||
| 307 | void | 301 | void |
| 308 | rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, | 302 | rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, |
| 309 | u_int len) | 303 | u_int len) |
| 310 | { | 304 | { |
| 311 | rijndael_key *ctx = &cc->u.rijndael.enc; | 305 | rijndael_ctx *ctx = &cc->u.rijndael.enc; |
| 312 | u_char *iv = cc->u.rijndael.iv; | 306 | u4byte *iv = cc->u.rijndael.iv; |
| 313 | u_char in[RIJNDAEL_BLOCKSIZE]; | 307 | u4byte in[4]; |
| 314 | u_char *cprev, *cnow, *plain; | 308 | u4byte *cprev, *cnow, *plain; |
| 315 | int i, j, blocks = len / RIJNDAEL_BLOCKSIZE; | 309 | int i, blocks = len / RIJNDAEL_BLOCKSIZE; |
| 316 | if (len == 0) | 310 | if (len == 0) |
| 317 | return; | 311 | return; |
| 318 | if (len % RIJNDAEL_BLOCKSIZE) | 312 | if (len % RIJNDAEL_BLOCKSIZE) |
| 319 | fatal("rijndael_cbc_encrypt: bad len %d", len); | 313 | fatal("rijndael_cbc_encrypt: bad len %d", len); |
| 320 | cnow = dest; | 314 | cnow = (u4byte*) dest; |
| 321 | plain = (u_char *) src; | 315 | plain = (u4byte*) src; |
| 322 | cprev = iv; | 316 | cprev = iv; |
| 323 | for(i = 0; i < blocks; i++, plain+=RIJNDAEL_BLOCKSIZE, | 317 | for(i = 0; i < blocks; i++, plain+=4, cnow+=4) { |
| 324 | cnow+=RIJNDAEL_BLOCKSIZE) { | 318 | in[0] = plain[0] ^ cprev[0]; |
| 325 | for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++) | 319 | in[1] = plain[1] ^ cprev[1]; |
| 326 | in[j] = plain[j] ^ cprev[j]; | 320 | in[2] = plain[2] ^ cprev[2]; |
| 321 | in[3] = plain[3] ^ cprev[3]; | ||
| 327 | rijndael_encrypt(ctx, in, cnow); | 322 | rijndael_encrypt(ctx, in, cnow); |
| 328 | cprev = cnow; | 323 | cprev = cnow; |
| 329 | } | 324 | } |
| @@ -334,25 +329,25 @@ void | |||
| 334 | rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, | 329 | rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, |
| 335 | u_int len) | 330 | u_int len) |
| 336 | { | 331 | { |
| 337 | rijndael_key *ctx = &cc->u.rijndael.dec; | 332 | rijndael_ctx *ctx = &cc->u.rijndael.dec; |
| 338 | u_char *iv = cc->u.rijndael.iv; | 333 | u4byte *iv = cc->u.rijndael.iv; |
| 339 | u_char ivsaved[RIJNDAEL_BLOCKSIZE]; | 334 | u4byte ivsaved[4]; |
| 340 | u_char *cnow = (u_char *) (src+len-RIJNDAEL_BLOCKSIZE); | 335 | u4byte *cnow = (u4byte*) (src+len-RIJNDAEL_BLOCKSIZE); |
| 341 | u_char *plain = dest+len-RIJNDAEL_BLOCKSIZE; | 336 | u4byte *plain = (u4byte*) (dest+len-RIJNDAEL_BLOCKSIZE); |
| 342 | u_char *ivp; | 337 | u4byte *ivp; |
| 343 | int i, j, blocks = len / RIJNDAEL_BLOCKSIZE; | 338 | int i, blocks = len / RIJNDAEL_BLOCKSIZE; |
| 344 | if (len == 0) | 339 | if (len == 0) |
| 345 | return; | 340 | return; |
| 346 | if (len % RIJNDAEL_BLOCKSIZE) | 341 | if (len % RIJNDAEL_BLOCKSIZE) |
| 347 | fatal("rijndael_cbc_decrypt: bad len %d", len); | 342 | fatal("rijndael_cbc_decrypt: bad len %d", len); |
| 348 | memcpy(ivsaved, cnow, RIJNDAEL_BLOCKSIZE); | 343 | memcpy(ivsaved, cnow, RIJNDAEL_BLOCKSIZE); |
| 349 | for(i = blocks; i > 0; i--, cnow-=RIJNDAEL_BLOCKSIZE, | 344 | for(i = blocks; i > 0; i--, cnow-=4, plain-=4) { |
| 350 | plain-=RIJNDAEL_BLOCKSIZE) { | ||
| 351 | rijndael_decrypt(ctx, cnow, plain); | 345 | rijndael_decrypt(ctx, cnow, plain); |
| 352 | //rijndael_decrypt(cnow, plain, ctx->keySched, ctx->ROUNDS); | 346 | ivp = (i == 1) ? iv : cnow-4; |
| 353 | ivp = (i == 1) ? iv : cnow-RIJNDAEL_BLOCKSIZE; | 347 | plain[0] ^= ivp[0]; |
| 354 | for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++) | 348 | plain[1] ^= ivp[1]; |
| 355 | plain[j] ^= ivp[j]; | 349 | plain[2] ^= ivp[2]; |
| 350 | plain[3] ^= ivp[3]; | ||
| 356 | } | 351 | } |
| 357 | memcpy(iv, ivsaved, RIJNDAEL_BLOCKSIZE); | 352 | memcpy(iv, ivsaved, RIJNDAEL_BLOCKSIZE); |
| 358 | } | 353 | } |