mirror of
https://github.com/ntop/n2n.git
synced 2024-09-20 00:51:10 +02:00
Merge pull request #357 from Logan007/tfKeyHandling
simplified twofish's key handling
This commit is contained in:
commit
074004a650
|
@ -62,7 +62,6 @@ typedef uint8_t uint8_t;
|
|||
|
||||
/* Constants */
|
||||
|
||||
#define TwoFish_DEFAULT_PW "SnortHas2FishEncryptionRoutines!" /* default password (not more than 32 chars) */
|
||||
#define TwoFish_DEFAULT_PW_LEN 32
|
||||
#define TwoFish_MAGIC "TwoFish" /* to indentify a successful decryption */
|
||||
|
||||
|
@ -133,13 +132,13 @@ typedef struct
|
|||
* This routine generates a global data structure for use with TwoFish,
|
||||
* initializes important values (such as subkeys, sBoxes), generates subkeys
|
||||
* and precomputes the MDS matrix if not already done.
|
||||
*
|
||||
* Input: User supplied password (will be appended by default password of 'SnortHas2FishEncryptionRoutines!')
|
||||
*
|
||||
* Output: Pointer to TWOFISH structure. This data structure contains key dependent data.
|
||||
* Input: User supplied key of correct length (TwoFish_KEY_LENGTH, 256 bits = 32 bytes by default)
|
||||
*
|
||||
* Output: Pointer to TWOFISH structure. This data structure contains key dependent data.
|
||||
* This pointer is used with all other crypt functions.
|
||||
*/
|
||||
TWOFISH *TwoFishInit(const uint8_t *userkey, uint32_t keysize );
|
||||
TWOFISH *TwoFishInit(const uint8_t *userkey);
|
||||
|
||||
|
||||
/* TwoFish Destroy
|
||||
|
|
|
@ -180,6 +180,7 @@ int n2n_transop_twofish_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
|
|||
transop_tf_t *priv;
|
||||
const u_char *encrypt_key = (const u_char *)conf->encrypt_key;
|
||||
size_t encrypt_key_len = strlen(conf->encrypt_key);
|
||||
uint8_t key_hash[32];
|
||||
|
||||
memset(ttt, 0, sizeof(*ttt));
|
||||
ttt->transform_id = N2N_TRANSFORM_ID_TWOFISH;
|
||||
|
@ -197,8 +198,9 @@ int n2n_transop_twofish_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
|
|||
ttt->priv = priv;
|
||||
|
||||
/* This is a preshared key setup. Both Tx and Rx are using the same security association. */
|
||||
priv->enc_tf = TwoFishInit(encrypt_key, encrypt_key_len);
|
||||
priv->dec_tf = TwoFishInit(encrypt_key, encrypt_key_len);
|
||||
pearson_hash_256 (key_hash, encrypt_key, encrypt_key_len);
|
||||
priv->enc_tf = TwoFishInit(key_hash);
|
||||
priv->dec_tf = TwoFishInit(key_hash);
|
||||
|
||||
if((!priv->enc_tf) || (!priv->dec_tf)) {
|
||||
if(priv->enc_tf) TwoFishDestroy(priv->enc_tf);
|
||||
|
|
|
@ -123,39 +123,19 @@ uint8_t TwoFish__b(uint32_t x,int n)
|
|||
* initializes important values (such as subkeys, sBoxes), generates subkeys
|
||||
* and precomputes the MDS matrix if not already done.
|
||||
*
|
||||
* Input: User supplied password (will be appended by default password of 'SnortHas2FishEncryptionRoutines!')
|
||||
* Input: User supplied key of correct length (TwoFish_KEY_LENGTH, 256 bits = 32 bytes by default)
|
||||
*
|
||||
* Output: Pointer to TWOFISH structure. This data structure contains key dependent data.
|
||||
* This pointer is used with all other crypt functions.
|
||||
*/
|
||||
|
||||
TWOFISH *TwoFishInit(const uint8_t *userkey, uint32_t keysize)
|
||||
TWOFISH *TwoFishInit(const uint8_t *userkey)
|
||||
{ TWOFISH *tfdata;
|
||||
int i,x,m;
|
||||
uint8_t tkey[TwoFish_KEY_LENGTH+40];
|
||||
|
||||
memset( tkey, 0, TwoFish_KEY_LENGTH+40 );
|
||||
tfdata=(TWOFISH *)malloc(sizeof(TWOFISH)); /* allocate the TwoFish structure */
|
||||
if(tfdata!=NULL)
|
||||
{
|
||||
|
||||
/* Changes here prevented a dangerous random key segment for keys of length < TwoFish_KEY_LENGTH */
|
||||
if(keysize > 0)
|
||||
{
|
||||
memcpy( tkey, userkey, keysize ); /* The rest will be zeros */
|
||||
}
|
||||
else
|
||||
{
|
||||
memcpy( tkey, TwoFish_DEFAULT_PW, TwoFish_DEFAULT_PW_LEN ); /* if no key defined, use default password */
|
||||
}
|
||||
|
||||
/* This loop is awful - surely a loop on memcpy() would be clearer and more efficient */
|
||||
for(i=0,x=0,m=keysize;i<TwoFish_KEY_LENGTH;i++) /* copy into data structure */
|
||||
{
|
||||
tfdata->key[i]=tkey[x++]; /* fill the whole keyspace with repeating key. */
|
||||
if(x==m)
|
||||
x=0;
|
||||
}
|
||||
memcpy(tfdata->key, userkey, TwoFish_KEY_LENGTH);
|
||||
|
||||
if(!TwoFish_MDSready)
|
||||
_TwoFish_PrecomputeMDSmatrix(); /* "Wake Up, Neo" */
|
||||
|
@ -966,9 +946,16 @@ int main(int argc, char* argv[])
|
|||
char outbuf[4096];
|
||||
char * outp = outbuf;
|
||||
|
||||
uint8_t key[] = { 0xfc, 0x77, 0x1a, 0xda, 0xaa };
|
||||
TWOFISH *tfa = TwoFishInit( key, 5 );
|
||||
TWOFISH *tfb = TwoFishInit( key, 5 );
|
||||
uint8_t key[] = { 0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77, 0x1a, 0xda, 0xaa,
|
||||
0xfc, 0x77 };
|
||||
|
||||
TWOFISH *tfa = TwoFishInit( key );
|
||||
TWOFISH *tfb = TwoFishInit( key );
|
||||
|
||||
uint8_t out[2048], out2[2048];
|
||||
uint8_t in[TEST_DATA_SIZE];
|
||||
|
|
Loading…
Reference in New Issue
Block a user