Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/netpgp/dist/src/lib Update to version 3....



details:   https://anonhg.NetBSD.org/src/rev/e9e6ba18f5ab
branches:  trunk
changeset: 758402:e9e6ba18f5ab
user:      agc <agc%NetBSD.org@localhost>
date:      Thu Nov 04 06:45:28 2010 +0000

description:
Update to version 3.99.13:

+ add ability in netpgpkeys(1) to specify the cipher (symmetric algorithm)
  as specified in RFC 5581
+ add the camellia cipher implementation from openssl

diffstat:

 crypto/external/bsd/netpgp/dist/src/lib/crypto.h         |    4 +-
 crypto/external/bsd/netpgp/dist/src/lib/misc.c           |   33 +++-
 crypto/external/bsd/netpgp/dist/src/lib/netpgp.c         |    9 +-
 crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c |   12 +-
 crypto/external/bsd/netpgp/dist/src/lib/packet-show.c    |    5 +-
 crypto/external/bsd/netpgp/dist/src/lib/packet.h         |    7 +-
 crypto/external/bsd/netpgp/dist/src/lib/symmetric.c      |  137 ++++++++++++++-
 crypto/external/bsd/netpgp/dist/src/lib/version.h        |    2 +-
 8 files changed, 189 insertions(+), 20 deletions(-)

diffs (truncated from 383 to 300 lines):

diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/crypto.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/crypto.h  Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/crypto.h  Thu Nov 04 06:45:28 2010 +0000
@@ -132,6 +132,7 @@
 int __ops_elgamal_private_decrypt(uint8_t *, const uint8_t *, size_t,
                        const __ops_elgamal_seckey_t *, const __ops_elgamal_pubkey_t *);
 
+__ops_symm_alg_t __ops_str_to_cipher(const char *);
 unsigned __ops_block_size(__ops_symm_alg_t);
 unsigned __ops_key_size(__ops_symm_alg_t);
 
@@ -199,7 +200,8 @@
 
 /* Keys */
 __ops_key_t  *__ops_rsa_new_selfsign_key(const int,
-                       const unsigned long, uint8_t *, const char *);
+                       const unsigned long, uint8_t *, const char *,
+                       const char *);
 
 int __ops_dsa_size(const __ops_dsa_pubkey_t *);
 DSA_SIG *__ops_dsa_sign(uint8_t *, unsigned,
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/misc.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/misc.c    Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/misc.c    Thu Nov 04 06:45:28 2010 +0000
@@ -57,7 +57,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: misc.c,v 1.36 2010/08/15 16:36:24 agc Exp $");
+__RCSID("$NetBSD: misc.c,v 1.37 2010/11/04 06:45:28 agc Exp $");
 #endif
 
 #include <sys/types.h>
@@ -793,6 +793,37 @@
        }
 }
 
+/* structure to map string to cipher def */
+typedef struct str2cipher_t {
+       const char      *s;     /* cipher name */
+       __ops_symm_alg_t i;     /* cipher def */
+} str2cipher_t;
+
+static str2cipher_t    str2cipher[] = {
+       {       "cast5",                OPS_SA_CAST5            },
+       {       "idea",                 OPS_SA_IDEA             },
+       {       "aes128",               OPS_SA_AES_128          },
+       {       "aes256",               OPS_SA_AES_256          },
+       {       "camellia128",          OPS_SA_CAMELLIA_128     },
+       {       "camellia256",          OPS_SA_CAMELLIA_256     },
+       {       "tripledes",            OPS_SA_TRIPLEDES        },
+       {       NULL,                   0                       }
+};
+
+/* convert from a string to a cipher definition */
+__ops_symm_alg_t 
+__ops_str_to_cipher(const char *cipher)
+{
+       str2cipher_t    *sp;
+
+       for (sp = str2cipher ; cipher && sp->s ; sp++) {
+               if (netpgp_strcasecmp(cipher, sp->s) == 0) {
+                       return sp->i;
+               }
+       }
+       return OPS_SA_DEFAULT_CIPHER;
+}
+
 void 
 __ops_random(void *dest, size_t length)
 {
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c  Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c  Thu Nov 04 06:45:28 2010 +0000
@@ -34,7 +34,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.78 2010/10/31 19:45:53 stacktic Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.79 2010/11/04 06:45:28 agc Exp $");
 #endif
 
 #include <sys/types.h>
@@ -1108,10 +1108,13 @@
        if (id) {
                (void) snprintf(newid, sizeof(newid), "%s", id);
        } else {
-               (void) snprintf(newid, sizeof(newid), "RSA %d-bit key <%s@localhost>", numbits, getenv("LOGNAME"));
+               (void) snprintf(newid, sizeof(newid),
+                       "RSA %d-bit key <%s@localhost>", numbits, getenv("LOGNAME"));
        }
        uid = (uint8_t *)newid;
-       key = __ops_rsa_new_selfsign_key(numbits, 65537UL, uid, netpgp_getvar(netpgp, "hash"));
+       key = __ops_rsa_new_selfsign_key(numbits, 65537UL, uid,
+                       netpgp_getvar(netpgp, "hash"),
+                       netpgp_getvar(netpgp, "cipher"));
        if (key == NULL) {
                (void) fprintf(io->errs, "Cannot generate key\n");
                return 0;
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c  Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c  Thu Nov 04 06:45:28 2010 +0000
@@ -57,7 +57,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: openssl_crypto.c,v 1.29 2010/09/08 03:21:22 agc Exp $");
+__RCSID("$NetBSD: openssl_crypto.c,v 1.30 2010/11/04 06:45:28 agc Exp $");
 #endif
 
 #ifdef HAVE_OPENSSL_DSA_H
@@ -685,7 +685,8 @@
 rsa_generate_keypair(__ops_key_t *keydata,
                        const int numbits,
                        const unsigned long e,
-                       const char *hashalg)
+                       const char *hashalg,
+                       const char *cipher)
 {
        __ops_seckey_t *seckey;
        RSA            *rsa;
@@ -714,10 +715,10 @@
        seckey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED;
        seckey->s2k_specifier = OPS_S2KS_SALTED;
        /* seckey->s2k_specifier=OPS_S2KS_SIMPLE; */
-       seckey->alg = OPS_SA_CAST5;     /* \todo make param */
        if ((seckey->hash_alg = __ops_str_to_hash_alg(hashalg)) == OPS_HASH_UNKNOWN) {
                seckey->hash_alg = OPS_HASH_SHA1;
        }
+       seckey->alg = __ops_str_to_cipher(cipher);
        seckey->octetc = 0;
        seckey->checksum = 0;
 
@@ -796,12 +797,13 @@
 __ops_rsa_new_selfsign_key(const int numbits,
                                const unsigned long e,
                                uint8_t *userid,
-                               const char *hashalg)
+                               const char *hashalg,
+                               const char *cipher)
 {
        __ops_key_t  *keydata;
 
        keydata = __ops_keydata_new();
-       if (!rsa_generate_keypair(keydata, numbits, e, hashalg) ||
+       if (!rsa_generate_keypair(keydata, numbits, e, hashalg, cipher) ||
            !__ops_add_selfsigned_userid(keydata, userid)) {
                __ops_keydata_free(keydata);
                return NULL;
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/packet-show.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c     Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c     Thu Nov 04 06:45:28 2010 +0000
@@ -60,7 +60,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-show.c,v 1.17 2010/08/15 16:36:24 agc Exp $");
+__RCSID("$NetBSD: packet-show.c,v 1.18 2010/11/04 06:45:28 agc Exp $");
 #endif
 
 #include <stdlib.h>
@@ -244,6 +244,9 @@
        {OPS_SA_AES_192, "AES (192-bit key)"},
        {OPS_SA_AES_256, "AES (256-bit key)"},
        {OPS_SA_TWOFISH, "Twofish(256-bit key)"},
+       {OPS_SA_CAMELLIA_128, "Camellia (128-bit key)"},
+       {OPS_SA_CAMELLIA_192, "Camellia (192-bit key)"},
+       {OPS_SA_CAMELLIA_256, "Camellia (256-bit key)"},
        {0x00, NULL},           /* this is the end-of-array marker */
 };
 
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/packet.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/packet.h  Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/packet.h  Thu Nov 04 06:45:28 2010 +0000
@@ -479,9 +479,14 @@
        OPS_SA_AES_128 = 7,     /* AES with 128-bit key (AES) */
        OPS_SA_AES_192 = 8,     /* AES with 192-bit key */
        OPS_SA_AES_256 = 9,     /* AES with 256-bit key */
-       OPS_SA_TWOFISH = 10     /* Twofish with 256-bit key (TWOFISH) */
+       OPS_SA_TWOFISH = 10,    /* Twofish with 256-bit key (TWOFISH) */
+       OPS_SA_CAMELLIA_128 = 100,      /* Camellia with 128-bit key (CAMELLIA) */
+       OPS_SA_CAMELLIA_192 = 101,      /* Camellia with 192-bit key */
+       OPS_SA_CAMELLIA_256 = 102       /* Camellia with 256-bit key */
 } __ops_symm_alg_t;
 
+#define OPS_SA_DEFAULT_CIPHER  OPS_SA_CAST5
+
 /** Hashing Algorithm Numbers.
  * OpenPGP assigns a unique Algorithm Number to each algorithm that is
  * part of OpenPGP.
diff -r 886c80e105af -r e9e6ba18f5ab crypto/external/bsd/netpgp/dist/src/lib/symmetric.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c       Thu Nov 04 06:42:22 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c       Thu Nov 04 06:45:28 2010 +0000
@@ -54,7 +54,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: symmetric.c,v 1.12 2010/11/04 01:18:34 agc Exp $");
+__RCSID("$NetBSD: symmetric.c,v 1.13 2010/11/04 06:45:28 agc Exp $");
 #endif
 
 #include "crypto.h"
@@ -78,6 +78,8 @@
 #include <openssl/des.h>
 #endif
 
+#include <openssl/camellia.h>
+
 #include "crypto.h"
 #include "netpgpdefs.h"
 
@@ -482,32 +484,153 @@
        TRAILER
 };
 
+/* Camellia with 128-bit key (CAMELLIA) */
+
+#define KEYBITS_CAMELLIA128 128
+
+static int 
+camellia128_init(__ops_crypt_t *crypt)
+{
+       if (crypt->encrypt_key) {
+               free(crypt->encrypt_key);
+       }
+       if ((crypt->encrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+               (void) fprintf(stderr, "camellia128_init: alloc failure\n");
+               return 0;
+       }
+       if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->encrypt_key)) {
+               fprintf(stderr, "camellia128_init: Error setting encrypt_key\n");
+       }
+       if (crypt->decrypt_key) {
+               free(crypt->decrypt_key);
+       }
+       if ((crypt->decrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+               (void) fprintf(stderr, "camellia128_init: alloc failure\n");
+               return 0;
+       }
+       if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->decrypt_key)) {
+               fprintf(stderr, "camellia128_init: Error setting decrypt_key\n");
+       }
+       return 1;
+}
+
+static void 
+camellia_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
+{
+       Camellia_encrypt(in, out, crypt->encrypt_key);
+}
+
+static void 
+camellia_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
+{
+       Camellia_decrypt(in, out, crypt->decrypt_key);
+}
+
+static void 
+camellia_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
+{
+       Camellia_cfb128_encrypt(in, out, (unsigned)count,
+                          crypt->encrypt_key, crypt->iv, &crypt->num,
+                          CAMELLIA_ENCRYPT);
+}
+
+static void 
+camellia_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
+{
+       Camellia_cfb128_encrypt(in, out, (unsigned)count,
+                          crypt->encrypt_key, crypt->iv, &crypt->num,
+                          CAMELLIA_DECRYPT);
+}
+
+static const __ops_crypt_t camellia128 =
+{
+       OPS_SA_CAMELLIA_128,
+       CAMELLIA_BLOCK_SIZE,
+       KEYBITS_CAMELLIA128 / 8,
+       std_set_iv,
+       std_set_key,
+       camellia128_init,
+       std_resync,
+       camellia_block_encrypt,
+       camellia_block_decrypt,
+       camellia_cfb_encrypt,
+       camellia_cfb_decrypt,
+       std_finish,
+       TRAILER
+};
+
+/* Camellia with 256-bit key (CAMELLIA) */
+
+#define KEYBITS_CAMELLIA256 256
+
+static int 
+camellia256_init(__ops_crypt_t *crypt)
+{
+       if (crypt->encrypt_key) {
+               free(crypt->encrypt_key);
+       }



Home | Main Index | Thread Index | Old Index