[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS shishi/lib
From: |
shishi-commit |
Subject: |
CVS shishi/lib |
Date: |
Sat, 22 Oct 2005 18:24:50 +0200 |
Update of /home/cvs/shishi/lib
In directory dopio:/tmp/cvs-serv17360
Modified Files:
Makefile.am
Added Files:
low-crypto.c
Removed Files:
libgcrypt.c nettle.c
Log Message:
Use low-crypto.c, to interface with gc.
--- /home/cvs/shishi/lib/Makefile.am 2005/10/22 16:01:54 1.77
+++ /home/cvs/shishi/lib/Makefile.am 2005/10/22 16:24:49 1.78
@@ -18,8 +18,7 @@
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301, USA.
-INCLUDES = @LIBTASN1_CFLAGS@ @LIBGCRYPT_CFLAGS@ \
- @LIBGNUTLS_CFLAGS@ \
+INCLUDES = @LIBTASN1_CFLAGS@ @LIBGNUTLS_CFLAGS@ \
-I$(top_srcdir)/gl -I$(top_builddir)/gl
DEFS = @DEFS@ -DLOCALEDIR=\"$(localedir)\" \
@@ -47,7 +46,7 @@
version.c password.c \
utils.c utils.h resolv.c \
kerberos5.asn1 shishi.vers \
- libgcrypt.c
+ low-crypto.c
if NULL
libshishi_la_SOURCES += crypto-null.c
--- /home/cvs/shishi/lib/low-crypto.c 2005/10/22 16:24:50 NONE
+++ /home/cvs/shishi/lib/low-crypto.c 2005/10/22 16:24:50 1.1
/* low-crypto.c --- Shishi crypto wrappers around generic crypto.
* Copyright (C) 2002, 2003, 2004, 2005 Simon Josefsson
*
* This file is part of Shishi.
*
* Shishi is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* Shishi is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Shishi; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
*/
#include "internal.h"
#include "gc.h"
#include <gcrypt.h>
#include "crc.h"
int
_shishi_crypto_init (Shishi * handle)
{
return SHISHI_OK;
}
/**
* shishi_randomize:
* @handle: shishi handle as allocated by shishi_init().
* @strong: 0 iff operation should not block, non-0 for very strong randomness.
* @data: output array to be filled with random data.
* @datalen: size of output array.
*
* Store cryptographically random data of given size in the provided
* buffer.
*
* Return value: Returns %SHISHI_OK iff successful.
**/
int
shishi_randomize (Shishi * handle, int strong, void *data, size_t datalen)
{
Gc_rc rc;
if (strong)
rc = gc_random (data, datalen);
else
rc = gc_pseudo_random (data, datalen);
if (rc != GC_OK)
return SHISHI_FILE_ERROR;
return SHISHI_OK;
}
/**
* shishi_crc:
* @handle: shishi handle as allocated by shishi_init().
* @in: input character array of data to checksum.
* @inlen: length of input character array of data to checksum.
* @out: newly allocated character array with checksum of data.
*
* Compute checksum of data using CRC32 modified according to RFC
* 1510. The @out buffer must be deallocated by the caller.
*
* The modifications compared to standard CRC32 is that no initial and
* final XOR is performed, and that the output is returned in
* LSB-first order.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_crc (Shishi * handle, const char *in, size_t inlen, char *out[4])
{
uint32_t crc = crc32_update_no_xor (0, in, inlen);
*out = xmalloc (4);
(*out)[0] = crc & 0xFF;
(*out)[1] = (crc >> 8) & 0xFF;
(*out)[2] = (crc >> 16) & 0xFF;
(*out)[3] = (crc >> 24) & 0xFF;
return SHISHI_OK;
}
/**
* shishi_md4:
* @handle: shishi handle as allocated by shishi_init().
* @in: input character array of data to hash.
* @inlen: length of input character array of data to hash.
* @out: newly allocated character array with hash of data.
*
* Compute hash of data using MD4. The @out buffer must be
* deallocated by the caller.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_md4 (Shishi * handle,
const char *in, size_t inlen, char *out[16])
{
Gc_rc rc;
*out = xmalloc (GC_MD4_DIGEST_SIZE);
rc = gc_md4 (in, inlen, *out);
if (rc != GC_OK)
return SHISHI_CRYPTO_INTERNAL_ERROR;
return SHISHI_OK;
}
/**
* shishi_md5:
* @handle: shishi handle as allocated by shishi_init().
* @in: input character array of data to hash.
* @inlen: length of input character array of data to hash.
* @out: newly allocated character array with hash of data.
*
* Compute hash of data using MD5. The @out buffer must be
* deallocated by the caller.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_md5 (Shishi * handle,
const char *in, size_t inlen, char *out[16])
{
Gc_rc rc;
*out = xmalloc (GC_MD5_DIGEST_SIZE);
rc = gc_md5 (in, inlen, *out);
if (rc != GC_OK)
return SHISHI_CRYPTO_INTERNAL_ERROR;
return SHISHI_OK;
}
/**
* shishi_hmac_md5:
* @handle: shishi handle as allocated by shishi_init().
* @key: input character array with key to use.
* @keylen: length of input character array with key to use.
* @in: input character array of data to hash.
* @inlen: length of input character array of data to hash.
* @outhash: newly allocated character array with keyed hash of data.
*
* Compute keyed checksum of data using HMAC-MD5. The @outhash buffer
* must be deallocated by the caller.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_hmac_md5 (Shishi * handle,
const char *key, size_t keylen,
const char *in, size_t inlen, char *outhash[16])
{
Gc_rc rc;
*outhash = xmalloc (GC_MD5_DIGEST_SIZE);
rc = gc_hmac_md5 (key, keylen, in, inlen, *outhash);
if (rc != GC_OK)
return SHISHI_CRYPTO_INTERNAL_ERROR;
return SHISHI_OK;
}
/**
* shishi_hmac_sha1:
* @handle: shishi handle as allocated by shishi_init().
* @key: input character array with key to use.
* @keylen: length of input character array with key to use.
* @in: input character array of data to hash.
* @inlen: length of input character array of data to hash.
* @outhash: newly allocated character array with keyed hash of data.
*
* Compute keyed checksum of data using HMAC-SHA1. The @outhash
* buffer must be deallocated by the caller.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_hmac_sha1 (Shishi * handle,
const char *key, size_t keylen,
const char *in, size_t inlen,
char *outhash[20])
{
Gc_rc rc;
*outhash = xmalloc (GC_SHA1_DIGEST_SIZE);
rc = gc_hmac_sha1 (key, keylen, in, inlen, *outhash);
if (rc != GC_OK)
return SHISHI_CRYPTO_INTERNAL_ERROR;
return SHISHI_OK;
}
/**
* shishi_des_cbc_mac:
* @handle: shishi handle as allocated by shishi_init().
* @key: input character array with key to use.
* @iv: input character array with initialization vector to use, can be NULL.
* @in: input character array of data to hash.
* @inlen: length of input character array of data to hash.
* @out: newly allocated character array with keyed hash of data.
*
* Computed keyed checksum of data using DES-CBC-MAC. The @out buffer
* must be deallocated by the caller.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_des_cbc_mac (Shishi * handle,
const char key[8],
const char iv[8],
const char *in, size_t inlen, char *out[8])
{
gcry_cipher_hd_t ch;
gpg_error_t err;
int res = SHISHI_CRYPTO_INTERNAL_ERROR;
err = gcry_cipher_open (&ch, GCRY_CIPHER_DES,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_MAC);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "DES-CBC-MAC not available in libgcrypt");
return SHISHI_CRYPTO_INTERNAL_ERROR;
}
err = gcry_cipher_setkey (ch, key, 8);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "DES setkey failed");
shishi_error_set (handle, gpg_strerror (err));
goto done;
}
err = gcry_cipher_setiv (ch, iv, 8);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "DES setiv failed");
shishi_error_set (handle, gpg_strerror (err));
goto done;
}
*out = xmalloc (8);
err = gcry_cipher_encrypt (ch, *out, 8, in, inlen);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "DES encrypt failed");
shishi_error_set (handle, gpg_strerror (err));
goto done;
}
return SHISHI_OK;
done:
gcry_cipher_close (ch);
return res;
}
static int
libgcrypt_dencrypt (Shishi * handle, int algo, int flags, int mode,
int decryptp,
const char *key, size_t keylen,
const char *iv,
char **ivout, const char *in, size_t inlen, char **out)
{
size_t ivlen = gcry_cipher_get_algo_blklen (algo);
gcry_cipher_hd_t ch;
gpg_error_t err;
err = gcry_cipher_open (&ch, algo, mode, flags);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "Libgcrypt cipher open failed");
shishi_error_set (handle, gpg_strerror (err));
return SHISHI_CRYPTO_INTERNAL_ERROR;
}
err = gcry_cipher_setkey (ch, key, keylen);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "Libgcrypt setkey failed");
shishi_error_set (handle, gpg_strerror (err));
return SHISHI_CRYPTO_INTERNAL_ERROR;
}
err = gcry_cipher_setiv (ch, iv, ivlen);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "Libgcrypt setiv failed");
shishi_error_set (handle, gpg_strerror (err));
return SHISHI_CRYPTO_INTERNAL_ERROR;
}
*out = xmalloc (inlen);
if (decryptp)
err = gcry_cipher_decrypt (ch, (unsigned char *) *out, inlen,
(const unsigned char *) in, inlen);
else
err = gcry_cipher_encrypt (ch, (unsigned char *) *out, inlen,
(const unsigned char *) in, inlen);
if (err != GPG_ERR_NO_ERROR)
{
shishi_error_printf (handle, "Libgcrypt ciphering failed");
shishi_error_set (handle, gpg_strerror (err));
return SHISHI_CRYPTO_INTERNAL_ERROR;
}
if (ivout)
{
size_t ivdiff, ivpos = 0;
*ivout = xmalloc (ivlen);
if (flags & GCRY_CIPHER_CBC_CTS)
{
/* XXX what is the output iv for CBC-CTS mode?
but is this value useful at all for that mode anyway?
Mostly it is DES apps that want the updated iv, so this is ok. */
if (inlen % ivlen)
ivdiff = ivlen + inlen % ivlen;
else
ivdiff = ivlen + ivlen;
if (inlen >= ivdiff)
ivpos = inlen - ivdiff;
}
else
ivpos = inlen - ivlen;
if (decryptp)
memcpy (*ivout, in + ivpos, inlen >= ivlen ? ivlen : inlen);
else
memcpy (*ivout, *out + ivpos, inlen >= ivlen ? ivlen : inlen);
}
gcry_cipher_close (ch);
return SHISHI_OK;
}
/* BEGIN: Taken from Nettle arcfour.h and arcfour.c */
struct arcfour_ctx
{
uint8_t S[256];
uint8_t i;
uint8_t j;
};
#define SWAP(a,b) do { int _t = a; a = b; b = _t; } while(0)
static void
arcfour_set_key (struct arcfour_ctx *ctx,
unsigned length, const uint8_t * key)
{
unsigned i, j, k;
/* Initialize context */
for (i = 0; i < 256; i++)
ctx->S[i] = i;
for (i = j = k = 0; i < 256; i++)
{
j += ctx->S[i] + key[k];
j &= 0xff;
SWAP (ctx->S[i], ctx->S[j]);
/* Repeat key as needed */
k = (k + 1) % length;
}
ctx->i = ctx->j = 0;
}
static void
arcfour_crypt (struct arcfour_ctx *ctx,
unsigned length, uint8_t * dst, const uint8_t * src)
{
register uint8_t i, j;
i = ctx->i;
j = ctx->j;
while (length--)
{
i++;
i &= 0xff;
j += ctx->S[i];
j &= 0xff;
SWAP (ctx->S[i], ctx->S[j]);
*dst++ = *src++ ^ ctx->S[(ctx->S[i] + ctx->S[j]) & 0xff];
}
ctx->i = i;
ctx->j = j;
[137 lines skipped]