Commit db90293e authored by Rafael Sevilla's avatar Rafael Sevilla Committed by Niels Möller

Merged serpent and rijndael patches by Rafael R. Sevilla

<dido@pacific.net.ph>.

Rev: AUTHORS:1.9
Rev: ChangeLog:1.240
Rev: src/Makefile.am.in:1.86
Rev: src/algorithms.c:1.14
Rev: src/atoms.in:1.19
Rev: src/crypto.h:1.19
Rev: src/rijndael.c:1.1
Rev: src/serpent.c:1.1
parent b97307ca
......@@ -26,9 +26,14 @@ released under the LPGL.
MD5 implementation by Colin Plumb, somewhat hacked by Andrew Kuchling.
Released into the public domain.
RIJNDAEL implementation by Rafael Sevilla. Released under the LGPL.
SHA implementation by Peter Gutmann, somewhat hacked by Andrew
Kuchling. Released into the public domain.
SERPENT implementation by Ross Anderson, Eli Biham, and Lars Knudsen,
somewhat hacked by Rafael Sevilla. Released under the GPL.
TCPUTILS networking code by Thomas Bellman. Released into the public
domain.
......
2000-09-05 Rafael R. Sevilla <dido@pacific.net.ph>
* src/symmetric/rijndael.c, src/symmetric/include/rijndael.h: New.
LGPLed Rijndael implementation by me.
* src/rijndael.c: New. Adds support for Rijndael.
* src/symmetric/serpent.c, src/symmetric/serpentsboxes.h,
src/symmetric/include/serpent.h: New. LGPLed Serpent implementation
by Ross Anderson, Eli Biham, and Lars Knudsen.
* src/serpent.c: New. Adds support for Serpent.
* src/symmetric/Makefile.am.in, src/atoms_in, src/Makefile.am.in,
src/algorithms.c, src/crypto.h: updated for Rijndael and Serpent.
000-09-10 Niels Mller <nisse@cuckoo.localdomain>
* FAQ: Added a question on anonymous cvs access.
2000-09-04 Niels Mller <nisse@cuckoo.localdomain>
* doc/lsh.texinfo: Updated references to lsh-keygen and
......
......@@ -60,7 +60,7 @@ liblsh_a_SOURCES = abstract_io.c abstract_crypto.c abstract_compress.c \
randomness.c \
read_base64.c read_data.c read_file.c read_line.c read_packet.c \
reaper.c resource.c \
rsa.c rsa_keygen.c \
rijndael.c rsa.c rsa_keygen.c serpent.c \
server.c server_authorization.c server_keyexchange.c \
server_password.c server_publickey.c \
server_pty.c server_session.c server_userauth.c \
......
......@@ -46,7 +46,7 @@ many_algorithms(unsigned n, ...)
va_list args;
struct alist *a
= make_alist(7
= make_alist(9
#if WITH_IDEA
+1
#endif
......@@ -57,6 +57,8 @@ many_algorithms(unsigned n, ...)
ATOM_ARCFOUR, &crypto_arcfour_algorithm,
ATOM_BLOWFISH_CBC, crypto_cbc(make_blowfish()),
ATOM_TWOFISH_CBC, crypto_cbc(make_twofish()),
ATOM_RIJNDAEL_CBC, crypto_cbc(make_rijndael()),
ATOM_SERPENT_CBC, crypto_cbc(make_serpent()),
ATOM_3DES_CBC, crypto_cbc(make_des3()),
ATOM_CAST128_CBC, crypto_cbc(make_cast()),
#if WITH_IDEA
......@@ -118,6 +120,10 @@ lookup_crypto(struct alist *algorithms, const char *name,
atom = ATOM_BLOWFISH_CBC;
else if (strcmp_list(name, "3des-cbc", "3des", NULL))
atom = ATOM_3DES_CBC;
else if (strcmp_list(name, "rijndael-cbc", "rijndael", NULL))
atom = ATOM_RIJNDAEL_CBC;
else if (strcmp_list(name, "serpent-cbc", "serpent", NULL))
atom = ATOM_SERPENT_CBC;
else if (strcmp_list(name, "idea-cbc", "idea", NULL))
atom = ATOM_IDEA_CBC;
else if (strcmp_list(name, "cast128-cbc", "cast",
......@@ -244,7 +250,7 @@ lookup_hash(struct alist *algorithms, const char *name,
struct int_list *default_crypto_algorithms(void)
{
return make_int_list(5
return make_int_list(7
#if WITH_IDEA
+ 1
#endif
......@@ -254,6 +260,8 @@ struct int_list *default_crypto_algorithms(void)
#endif
ATOM_BLOWFISH_CBC,
ATOM_CAST128_CBC,
ATOM_RIJNDAEL_CBC,
ATOM_SERPENT_CBC,
ATOM_TWOFISH_CBC, ATOM_ARCFOUR, -1);
}
......@@ -330,9 +338,10 @@ list_crypto_algorithms(const struct argp_state *state,
struct alist *algorithms)
{
list_algorithms(state, algorithms,
"Supported crypto algorithms: ", 7,
"Supported crypto algorithms: ", 9,
ATOM_3DES_CBC, ATOM_BLOWFISH_CBC,
ATOM_TWOFISH_CBC, ATOM_ARCFOUR,
ATOM_TWOFISH_CBC, ATOM_RIJNDAEL_CBC, ATOM_SERPENT_CBC,
ATOM_ARCFOUR,
ATOM_IDEA_CBC, ATOM_CAST128_CBC,
ATOM_NONE, -1);
}
......
......@@ -11,6 +11,8 @@ zlib
3des-cbc REQUIRED three-key 3DES in CBC mode
blowfish-cbc RECOMMENDED Blowfish in CBC mode
twofish-cbc RECOMMENDED TwoFish cipher in CBC mode
rijndael-cbc RECOMMENDED Rijndael cipher in CBC mode
serpent-cbc RECOMMENDED Serpent cipher in CBC mode
arcfour OPTIONAL the ARCFOUR stream cipher
idea-cbc OPTIONAL IDEA in CBC mode
cast128-cbc OPTIONAL CAST-128 in CBC mode
......@@ -36,6 +38,12 @@ cast128-cbc OPTIONAL CAST-128 in CBC mode
#twofish-ecb OPTIONAL TwoFish cipher in ECB mode
#twofish-cfb OPTIONAL TwoFish cipher in CFB mode
#twofish-ofb OPTIONAL TwoFish cipher in OFB mode
#rijndael-ecb OPTIONAL Rijndael cipher in ECB mode
#rijndael-cfb OPTIONAL Rijndael cipher in CFB mode
#rijndael-ofb OPTIONAL Rijndael cipher in OFB mode
#serpent-ecb OPTIONAL Serpent cipher in ECB mode
#serpent-cfb OPTIONAL Serpent cipher in CFB mode
#serpent-ofb OPTIONAL Serpent cipher in OFB mode
## Others (I don't know why SSH supports them)
#des-ecb OPTIONAL DES cipher in ECB mode
#des-cfb OPTIONAL DES cipher in CFB mode
......
......@@ -42,6 +42,10 @@ struct crypto_algorithm *make_twofish_algorithm(UINT32 key_size);
struct crypto_algorithm *make_twofish(void);
struct crypto_algorithm *make_blowfish_algorithm(UINT32 key_size);
struct crypto_algorithm *make_blowfish(void);
struct crypto_algorithm *make_rijndael_algorithm(UINT32 key_size);
struct crypto_algorithm *make_rijndael(void);
struct crypto_algorithm *make_serpent_algorithm(UINT32 key_size);
struct crypto_algorithm *make_serpent(void);
struct crypto_algorithm *make_des3(void);
struct crypto_algorithm *make_cast_algorithm(UINT32 key_size);
struct crypto_algorithm *make_cast(void);
......
/* rijndael.c
*
* $Id$ */
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1999, 2000 Niels Mller, Rafael R. Sevilla
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "crypto.h"
#include "werror.h"
#include "xalloc.h"
#include "rijndael.h"
#include <assert.h>
#include "rijndael.c.x"
/* Rijndael */
/* GABA:
(class
(name rijndael_instance)
(super crypto_instance)
(vars
(ctx . "RIJNDAEL_context")))
*/
static void do_rijndael_encrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(rijndael_instance, self, s);
FOR_BLOCKS(length, src, dst, RIJNDAEL_BLOCKSIZE)
rijndael_encrypt(&self->ctx, src, dst);
}
static void do_rijndael_decrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(rijndael_instance, self, s);
FOR_BLOCKS(length, src, dst, RIJNDAEL_BLOCKSIZE)
rijndael_decrypt(&self->ctx, src, dst);
}
static struct crypto_instance *
make_rijndael_instance(struct crypto_algorithm *algorithm, int mode,
const UINT8 *key, const UINT8 *iv UNUSED)
{
NEW(rijndael_instance, self);
self->super.block_size = RIJNDAEL_BLOCKSIZE;
self->super.crypt = ( (mode == CRYPTO_ENCRYPT)
? do_rijndael_encrypt
: do_rijndael_decrypt);
/* We don't have to deal with weak keys - as a second round AES candidate,
Rijndael doesn't have any. */
rijndael_setup(&self->ctx, algorithm->key_size, key);
return(&self->super);
}
struct crypto_algorithm *
make_rijndael_algorithm(UINT32 key_size)
{
NEW(crypto_algorithm, algorithm);
assert(key_size <= RIJNDAEL_MAX_KEYSIZE);
assert(key_size >= RIJNDAEL_MIN_KEYSIZE);
algorithm->block_size = RIJNDAEL_BLOCKSIZE;
algorithm->key_size = key_size;
algorithm->iv_size = 0;
algorithm->make_crypt = make_rijndael_instance;
return algorithm;
}
struct crypto_algorithm *make_rijndael(void)
{
return(make_rijndael_algorithm(RIJNDAEL_KEYSIZE));
}
/* serpent.c
*
* $Id$ */
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1999, 2000 Niels Mller, Rafael R. Sevilla
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "crypto.h"
#include "werror.h"
#include "xalloc.h"
#include "serpent.h"
#include <assert.h>
#include "serpent.c.x"
/* Serpent */
/* GABA:
(class
(name serpent_instance)
(super crypto_instance)
(vars
(ctx . "SERPENT_context")))
*/
static void do_serpent_encrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(serpent_instance, self, s);
FOR_BLOCKS(length, src, dst, SERPENT_BLOCKSIZE)
serpent_encrypt(&self->ctx, src, dst);
}
static void do_serpent_decrypt(struct crypto_instance *s,
UINT32 length, const UINT8 *src, UINT8 *dst)
{
CAST(serpent_instance, self, s);
FOR_BLOCKS(length, src, dst, SERPENT_BLOCKSIZE)
serpent_decrypt(&self->ctx, src, dst);
}
static struct crypto_instance *
make_serpent_instance(struct crypto_algorithm *algorithm, int mode,
const UINT8 *key, const UINT8 *iv UNUSED)
{
NEW(serpent_instance, self);
self->super.block_size = SERPENT_BLOCKSIZE;
self->super.crypt = ( (mode == CRYPTO_ENCRYPT)
? do_serpent_encrypt
: do_serpent_decrypt);
/* We don't have to deal with weak keys - as a second round AES candidate,
Serpent doesn't have any, but it can only use 256 bit keys so we do
an assertion check. */
assert(algorithm->key_size == SERPENT_KEYSIZE);
serpent_setup(&self->ctx, key);
return(&self->super);
}
struct crypto_algorithm *
make_serpent_algorithm(UINT32 key_size)
{
NEW(crypto_algorithm, algorithm);
assert(key_size == SERPENT_KEYSIZE);
algorithm->block_size = SERPENT_BLOCKSIZE;
algorithm->key_size = key_size;
algorithm->iv_size = 0;
algorithm->make_crypt = make_serpent_instance;
return algorithm;
}
struct crypto_algorithm *make_serpent(void)
{
return(make_serpent_algorithm(SERPENT_KEYSIZE));
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment