4 * arguments: key size in bits (must be multiple of 8)
6 * key values: 8 byte random IV and n byte random key
8 * encoding: do CBC encryption overwriting message
9 * encoding for MAC: do CBC and prepend last ciphertext block
12 #include "forwarder.h"
16 struct blowfish_cbc_state cbc;
19 static void mds_blowfish(struct mechdata **md_r) {
21 unsigned long keysize;
22 unsigned char iv[BLOWFISH_BLOCKBYTES];
23 unsigned char key[BLOWFISH_MAXKEYBYTES];
27 keysize= getarg_ulong();
28 arg_assert(!(keysize & 7));
30 arg_assert(keysize > 0 && keysize <= BLOWFISH_MAXKEYBYTES);
32 random_key(iv,sizeof(iv));
33 random_key(key,keysize);
35 blowfish_loadkey(&md->cbc.ek, key,keysize);
36 blowfish_cbc_setiv(&md->cbc, iv);
41 static void mes_blowfish(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) {
45 static void mds_bfmac(struct mechdata **md_r) {
49 static void mes_bfmac(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_io) {
51 *maxprefix_io += BLOWFISH_BLOCKBYTES;
56 arg_assert(!(msgsize & (BLOWFISH_BLOCKBYTES-1)));
60 if (msgsize & (BLOWFISH_BLOCKBYTES-1)) return "not multiple of block size"
62 #define FOREACH_BLOCK(func,inptr,outptr) \
65 for (ptr= buf->start; \
66 ptr < buf->start + msgsize; \
67 ptr += BLOWFISH_BLOCKBYTES) { \
68 func(&md->cbc,inptr,outptr); \
72 static void menc_blowfish(struct mechdata *md, struct buffer *buf) {
73 unsigned long msgsize;
75 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,ptr);
78 static const char *mdec_blowfish(struct mechdata *md, struct buffer *buf) {
79 unsigned long msgsize;
81 FOREACH_BLOCK(blowfish_cbc_decrypt,ptr,ptr);
85 static void menc_bfmac(struct mechdata *md, struct buffer *buf) {
86 unsigned long msgsize;
87 unsigned char outblock[BLOWFISH_BLOCKBYTES];
90 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock);
91 memcpy(buf_prepend(buf,BLOWFISH_BLOCKBYTES), outblock, BLOWFISH_BLOCKBYTES);
94 static const char *mdec_bfmac(struct mechdata *md, struct buffer *buf) {
95 unsigned long msgsize;
96 unsigned char outblock[BLOWFISH_BLOCKBYTES];
97 unsigned char *checkblock;
99 BUF_UNPREPEND(checkblock,buf,BLOWFISH_BLOCKBYTES);
101 FOREACH_BLOCK(blowfish_cbc_encrypt,ptr,outblock);
102 if (memcmp(checkblock,outblock,BLOWFISH_BLOCKBYTES)) return "verify failed";
106 const struct mechanism mechlist_blowfish[]= {
107 STANDARD_MECHANISM("blowfish-cbcmac", bfmac)
108 STANDARD_MECHANISM("blowfish-cbc", blowfish)