mirror of
https://github.com/ntop/n2n.git
synced 2024-09-20 00:51:10 +02:00
twofish transform code clean-up ammendment
This commit is contained in:
parent
b3d4f21c91
commit
052144285a
|
@ -53,6 +53,7 @@ THE SOFTWARE.
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
#include "portable_endian.h"
|
||||||
|
|
||||||
|
|
||||||
#define TF_BLOCK_SIZE 16
|
#define TF_BLOCK_SIZE 16
|
||||||
|
@ -78,5 +79,7 @@ int tf_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
|
||||||
|
|
||||||
int tf_init (const unsigned char *key, size_t key_size, tf_context_t **ctx);
|
int tf_init (const unsigned char *key, size_t key_size, tf_context_t **ctx);
|
||||||
|
|
||||||
|
int tf_deinit (tf_context_t *ctx);
|
||||||
|
|
||||||
|
|
||||||
#endif // TF_H
|
#endif // TF_H
|
||||||
|
|
10
src/tf.c
10
src/tf.c
|
@ -48,7 +48,7 @@ THE SOFTWARE.
|
||||||
|
|
||||||
|
|
||||||
#include "tf.h"
|
#include "tf.h"
|
||||||
#include "portable_endian.h"
|
|
||||||
|
|
||||||
const uint8_t RS[4][8] = { { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E, },
|
const uint8_t RS[4][8] = { { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E, },
|
||||||
{ 0xA4, 0x56, 0x82, 0xF3, 0x1E, 0xC6, 0x68, 0xE5, },
|
{ 0xA4, 0x56, 0x82, 0xF3, 0x1E, 0xC6, 0x68, 0xE5, },
|
||||||
|
@ -503,3 +503,11 @@ int tf_init (const unsigned char *key, size_t key_size, tf_context_t **ctx) {
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int tf_deinit (tf_context_t *ctx) {
|
||||||
|
|
||||||
|
if (ctx) free (ctx);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
|
@ -40,7 +40,7 @@ typedef struct transop_tf {
|
||||||
static int transop_deinit_tf(n2n_trans_op_t *arg) {
|
static int transop_deinit_tf(n2n_trans_op_t *arg) {
|
||||||
transop_tf_t *priv = (transop_tf_t *)arg->priv;
|
transop_tf_t *priv = (transop_tf_t *)arg->priv;
|
||||||
|
|
||||||
if(priv->ctx) free(priv->ctx);
|
if(priv->ctx) tf_deinit(priv->ctx);
|
||||||
|
|
||||||
if(priv) free(priv);
|
if(priv) free(priv);
|
||||||
|
|
||||||
|
@ -81,12 +81,8 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
|
||||||
traceEvent(TRACE_DEBUG, "transop_encode_tf %lu bytes plaintext", in_len);
|
traceEvent(TRACE_DEBUG, "transop_encode_tf %lu bytes plaintext", in_len);
|
||||||
|
|
||||||
// full block sized random value (128 bit)
|
// full block sized random value (128 bit)
|
||||||
// !!! replace with 2 calls to encode_uint64(...) as as available
|
encode_uint64(assembly, &idx, n2n_rand());
|
||||||
// !!! which is still under consideration in pull request 'revAes'
|
encode_uint64(assembly, &idx, n2n_rand());
|
||||||
encode_uint32(assembly, &idx, n2n_rand());
|
|
||||||
encode_uint32(assembly, &idx, n2n_rand());
|
|
||||||
encode_uint32(assembly, &idx, n2n_rand());
|
|
||||||
encode_uint32(assembly, &idx, n2n_rand());
|
|
||||||
|
|
||||||
// adjust for maybe differently chosen TF_PREAMBLE_SIZE
|
// adjust for maybe differently chosen TF_PREAMBLE_SIZE
|
||||||
idx = TF_PREAMBLE_SIZE;
|
idx = TF_PREAMBLE_SIZE;
|
||||||
|
@ -159,7 +155,7 @@ static int transop_decode_tf(n2n_trans_op_t * arg,
|
||||||
tf_cbc_decrypt(assembly, assembly, in_len + TF_BLOCK_SIZE - rest, tf_null_iv, priv->ctx);
|
tf_cbc_decrypt(assembly, assembly, in_len + TF_BLOCK_SIZE - rest, tf_null_iv, priv->ctx);
|
||||||
|
|
||||||
// check for expected zero padding and give a warning otherwise
|
// check for expected zero padding and give a warning otherwise
|
||||||
if (memcmp(assembly + in_len, tf_null_iv, TF_BLOCK_SIZE - rest)) {
|
if(memcmp(assembly + in_len, tf_null_iv, TF_BLOCK_SIZE - rest)) {
|
||||||
traceEvent(TRACE_WARNING, "transop_decode_tf payload decryption failed with unexpected cipher text stealing padding");
|
traceEvent(TRACE_WARNING, "transop_decode_tf payload decryption failed with unexpected cipher text stealing padding");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -191,7 +187,7 @@ static int setup_tf_key(transop_tf_t *priv, const uint8_t *password, ssize_t pas
|
||||||
key_size = 32; // 256 bit
|
key_size = 32; // 256 bit
|
||||||
|
|
||||||
// setup the key and have corresponding context created
|
// setup the key and have corresponding context created
|
||||||
if (tf_init (key, key_size * 8, &(priv->ctx))) {
|
if(tf_init(key, key_size * 8, &(priv->ctx))) {
|
||||||
traceEvent(TRACE_ERROR, "setup_tf_key %u-bit key setup unsuccessful",
|
traceEvent(TRACE_ERROR, "setup_tf_key %u-bit key setup unsuccessful",
|
||||||
key_size * 8);
|
key_size * 8);
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -210,6 +206,7 @@ static void transop_tick_tf(n2n_trans_op_t * arg, time_t now) { ; }
|
||||||
|
|
||||||
// Twofish initialization function
|
// Twofish initialization function
|
||||||
int n2n_transop_tf_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
|
int n2n_transop_tf_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
|
||||||
|
|
||||||
transop_tf_t *priv;
|
transop_tf_t *priv;
|
||||||
const u_char *encrypt_key = (const u_char *)conf->encrypt_key;
|
const u_char *encrypt_key = (const u_char *)conf->encrypt_key;
|
||||||
size_t encrypt_key_len = strlen(conf->encrypt_key);
|
size_t encrypt_key_len = strlen(conf->encrypt_key);
|
||||||
|
@ -225,10 +222,10 @@ int n2n_transop_tf_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
|
||||||
priv = (transop_tf_t*) calloc(1, sizeof(transop_tf_t));
|
priv = (transop_tf_t*) calloc(1, sizeof(transop_tf_t));
|
||||||
if(!priv) {
|
if(!priv) {
|
||||||
traceEvent(TRACE_ERROR, "n2n_transop_tf_cbc_init cannot allocate transop_tf_t memory");
|
traceEvent(TRACE_ERROR, "n2n_transop_tf_cbc_init cannot allocate transop_tf_t memory");
|
||||||
return(-1);
|
return -1;
|
||||||
}
|
}
|
||||||
ttt->priv = priv;
|
ttt->priv = priv;
|
||||||
|
|
||||||
// setup the cipher and key
|
// setup the cipher and key
|
||||||
return(setup_tf_key(priv, encrypt_key, encrypt_key_len));
|
return setup_tf_key(priv, encrypt_key, encrypt_key_len);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user