Commit c21827da authored by Niels Möller's avatar Niels Möller

*** empty log message ***

Rev: ChangeLog:1.241
Rev: doc/TODO:1.89
Rev: src/algorithms.c:1.15
Rev: src/atoms.in:1.20
Rev: src/blowfish.c:1.7
Rev: src/crypto.h:1.20
Rev: src/rijndael.c:1.2
Rev: src/serpent.c:1.2
Rev: src/symmetric/arcfour.c:1.4
parent bee28816
2000-09-11 Niels Mller <nisse@cuckoo.localdomain>
* src/symmetric/rijndael.c: Use static const for all lookup
tables.
* src/parse.c (parse_bignum): Fixed off-by-one error when sanity
checking string length.
* src/symmetric/serpent.c: Replaced the AES "All rights reserved"
copyright blurb with the vanilla GPL blurb, after confirming with
the authors that the code really is GPL:ed.
* src/symmetric/serpentsboxes.h: Likewise.
* src/symmetric/serpentsboxes.h: Replaced unsigned long with
UINT32.
* src/symmetric/serpent.c (serpent_setup): Don't use array syntax
for function argument types.
2000-09-10 Niels Mller <nisse@cuckoo.localdomain>
* doc/lsh.texinfo (Algorithm options): Updated the default
algorithm list.
2000-09-05 Rafael R. Sevilla <dido@pacific.net.ph>
* src/symmetric/rijndael.c, src/symmetric/include/rijndael.h: New.
......
......@@ -234,3 +234,11 @@ and sexp_get_un().
There are dsa-specific details in many places, lsh.c
server_publickey.c, server_authorization.c, server_keyexchange.c. Try
to write more generic functions that can deal with both dsa and rsa.
Review the default algorithm preference list in
algorithms.c:default_crypto_algorithms(). Perhaps make the list more
conservative, and add a "pseudo-algorithm" all to include all
supported algorithms in the list?
Use static objects for crypto algorithms with fixed key sizes and
other parameters.
......@@ -248,7 +248,9 @@ lookup_hash(struct alist *algorithms, const char *name,
}
}
struct int_list *default_crypto_algorithms(void)
/* FIXME: Review the default list. */
struct int_list *
default_crypto_algorithms(void)
{
return make_int_list(7
#if WITH_IDEA
......@@ -265,12 +267,14 @@ struct int_list *default_crypto_algorithms(void)
ATOM_TWOFISH_CBC, ATOM_ARCFOUR, -1);
}
struct int_list *default_mac_algorithms(void)
struct int_list *
default_mac_algorithms(void)
{
return make_int_list(2, ATOM_HMAC_SHA1, ATOM_HMAC_MD5, -1);
}
struct int_list *default_compression_algorithms(void)
struct int_list *
default_compression_algorithms(void)
{
#if WITH_ZLIB
return make_int_list(2, ATOM_NONE, ATOM_ZLIB, -1);
......
......@@ -11,8 +11,8 @@ zlib
3des-cbc REQUIRED three-key 3DES in CBC mode
blowfish-cbc RECOMMENDED Blowfish in CBC mode
twofish-cbc RECOMMENDED TwoFish cipher in CBC mode
rijndael-cbc RECOMMENDED Rijndael cipher in CBC mode
serpent-cbc RECOMMENDED Serpent cipher in CBC mode
rijndael-cbc EXPERIMENTAL Rijndael cipher in CBC mode
serpent-cbc EXPERIMENTAL Serpent cipher in CBC mode
arcfour OPTIONAL the ARCFOUR stream cipher
idea-cbc OPTIONAL IDEA in CBC mode
cast128-cbc OPTIONAL CAST-128 in CBC mode
......
......@@ -41,7 +41,8 @@
(ctx . "BLOWFISH_context")))
*/
static void do_blowfish_encrypt(struct crypto_instance *s,
static void
do_blowfish_encrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(blowfish_instance, self, s);
......@@ -50,7 +51,8 @@ static void do_blowfish_encrypt(struct crypto_instance *s,
bf_encrypt_block(&self->ctx, dst, src);
}
static void do_blowfish_decrypt(struct crypto_instance *s,
static void
do_blowfish_decrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(blowfish_instance, self, s);
......@@ -81,7 +83,8 @@ make_blowfish_instance(struct crypto_algorithm *algorithm, int mode,
}
}
struct crypto_algorithm *make_blowfish_algorithm(UINT32 key_size)
struct crypto_algorithm *
make_blowfish_algorithm(UINT32 key_size)
{
NEW(crypto_algorithm, algorithm);
......@@ -96,7 +99,8 @@ struct crypto_algorithm *make_blowfish_algorithm(UINT32 key_size)
return algorithm;
}
struct crypto_algorithm *make_blowfish(void)
struct crypto_algorithm *
make_blowfish(void)
{
return make_blowfish_algorithm(BLOWFISH_KEYSIZE);
}
......@@ -69,4 +69,4 @@ pkcs5_derive_key(struct mac_algorithm *prf,
UINT32 iterations,
UINT32 key_length, UINT8 *key);
#endif
#endif /* LSH_CRYPTO_H_INCLUDED */
......@@ -22,10 +22,12 @@
*/
#include "crypto.h"
#include "rijndael.h"
#include "werror.h"
#include "xalloc.h"
#include "rijndael.h"
#include <assert.h>
#include "rijndael.c.x"
/* Rijndael */
......@@ -38,7 +40,8 @@
(ctx . "RIJNDAEL_context")))
*/
static void do_rijndael_encrypt(struct crypto_instance *s,
static void
do_rijndael_encrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(rijndael_instance, self, s);
......@@ -47,7 +50,8 @@ static void do_rijndael_encrypt(struct crypto_instance *s,
rijndael_encrypt(&self->ctx, src, dst);
}
static void do_rijndael_decrypt(struct crypto_instance *s,
static void
do_rijndael_decrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(rijndael_instance, self, s);
......@@ -67,8 +71,8 @@ make_rijndael_instance(struct crypto_algorithm *algorithm, int mode,
? do_rijndael_encrypt
: do_rijndael_decrypt);
/* We don't have to deal with weak keys - as a second round AES candidate,
Rijndael doesn't have any. */
/* We don't have to deal with weak keys - as a second round AES
* candidate, Rijndael doesn't have any. */
rijndael_setup(&self->ctx, algorithm->key_size, key);
return(&self->super);
......@@ -90,7 +94,8 @@ make_rijndael_algorithm(UINT32 key_size)
return algorithm;
}
struct crypto_algorithm *make_rijndael(void)
struct crypto_algorithm *
make_rijndael(void)
{
return(make_rijndael_algorithm(RIJNDAEL_KEYSIZE));
}
/* serpent.c
*
* $Id$ */
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1999, 2000 Niels Mller, Rafael R. Sevilla
......@@ -19,12 +20,15 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "crypto.h"
#include "serpent.h"
#include "werror.h"
#include "xalloc.h"
#include "serpent.h"
#include <assert.h>
#include "serpent.c.x"
/* Serpent */
......@@ -36,7 +40,8 @@
(ctx . "SERPENT_context")))
*/
static void do_serpent_encrypt(struct crypto_instance *s,
static void
do_serpent_encrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(serpent_instance, self, s);
......@@ -45,7 +50,8 @@ static void do_serpent_encrypt(struct crypto_instance *s,
serpent_encrypt(&self->ctx, src, dst);
}
static void do_serpent_decrypt(struct crypto_instance *s,
static void
do_serpent_decrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(serpent_instance, self, s);
......@@ -65,15 +71,17 @@ make_serpent_instance(struct crypto_algorithm *algorithm, int mode,
? do_serpent_encrypt
: do_serpent_decrypt);
/* We don't have to deal with weak keys - as a second round AES candidate,
Serpent doesn't have any, but it can only use 256 bit keys so we do
an assertion check. */
/* We don't have to deal with weak keys - as a second round AES
* candidate, Serpent doesn't have any, but it can only use 256 bit
* keys so we do an assertion check. */
assert(algorithm->key_size == SERPENT_KEYSIZE);
serpent_setup(&self->ctx, key);
return(&self->super);
}
/* FIXME: This function seems a little redundant, when we don't
* support variable key size for serpent. */
struct crypto_algorithm *
make_serpent_algorithm(UINT32 key_size)
{
......@@ -89,7 +97,8 @@ make_serpent_algorithm(UINT32 key_size)
return algorithm;
}
struct crypto_algorithm *make_serpent(void)
struct crypto_algorithm *
make_serpent(void)
{
return(make_serpent_algorithm(SERPENT_KEYSIZE));
}
......@@ -7,6 +7,25 @@
*
*/
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1998 Niels Mller
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "arcfour.h"
#ifdef RCSID
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment