Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/netpgp/dist/src/lib allow user-specifica...
details: https://anonhg.NetBSD.org/src/rev/08fbb59652a3
branches: trunk
changeset: 758425:08fbb59652a3
user: agc <agc%NetBSD.org@localhost>
date: Thu Nov 04 15:38:45 2010 +0000
description:
allow user-specification of cipher to be used when encrypting packets.
preserve the CAST5 default for now.
at the user level, this is specified using the --cipher=<ciphername>
option.
diffstat:
crypto/external/bsd/netpgp/dist/src/lib/Makefile.in | 21 +---
crypto/external/bsd/netpgp/dist/src/lib/config.h.in | 4 +
crypto/external/bsd/netpgp/dist/src/lib/create.c | 71 +++++++++--------
crypto/external/bsd/netpgp/dist/src/lib/create.h | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/crypto.c | 12 +-
crypto/external/bsd/netpgp/dist/src/lib/crypto.h | 8 +-
crypto/external/bsd/netpgp/dist/src/lib/netpgp.c | 7 +-
crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c | 7 +-
crypto/external/bsd/netpgp/dist/src/lib/readerwriter.h | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/symmetric.c | 6 +-
crypto/external/bsd/netpgp/dist/src/lib/writer.c | 10 +-
crypto/external/bsd/netpgp/dist/src/lib/writer.h | 2 +-
12 files changed, 78 insertions(+), 74 deletions(-)
diffs (truncated from 481 to 300 lines):
diff -r 9d1d2b8f1634 -r 08fbb59652a3 crypto/external/bsd/netpgp/dist/src/lib/Makefile.in
--- a/crypto/external/bsd/netpgp/dist/src/lib/Makefile.in Thu Nov 04 14:08:31 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/Makefile.in Thu Nov 04 15:38:45 2010 +0000
@@ -57,12 +57,12 @@
libnetpgp_la-compress.lo libnetpgp_la-create.lo \
libnetpgp_la-crypto.lo libnetpgp_la-fastctype.lo \
libnetpgp_la-keyring.lo libnetpgp_la-misc.lo \
- libnetpgp_la-mj.lo libnetpgp_la-netpgp.lo \
- libnetpgp_la-openssl_crypto.lo libnetpgp_la-packet-parse.lo \
- libnetpgp_la-packet-print.lo libnetpgp_la-packet-show.lo \
- libnetpgp_la-reader.lo libnetpgp_la-signature.lo \
- libnetpgp_la-ssh2pgp.lo libnetpgp_la-symmetric.lo \
- libnetpgp_la-validate.lo libnetpgp_la-writer.lo
+ libnetpgp_la-netpgp.lo libnetpgp_la-openssl_crypto.lo \
+ libnetpgp_la-packet-parse.lo libnetpgp_la-packet-print.lo \
+ libnetpgp_la-packet-show.lo libnetpgp_la-reader.lo \
+ libnetpgp_la-signature.lo libnetpgp_la-ssh2pgp.lo \
+ libnetpgp_la-symmetric.lo libnetpgp_la-validate.lo \
+ libnetpgp_la-writer.lo
libnetpgp_la_OBJECTS = $(am_libnetpgp_la_OBJECTS)
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/buildaux/depcomp
@@ -213,7 +213,6 @@
fastctype.c \
keyring.c \
misc.c \
- mj.c \
netpgp.c \
openssl_crypto.c \
packet-parse.c \
@@ -322,7 +321,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-fastctype.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-keyring.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-misc.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-mj.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-netpgp.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-openssl_crypto.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libnetpgp_la-packet-parse.Plo@am__quote@
@@ -405,13 +403,6 @@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libnetpgp_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-c -o libnetpgp_la-misc.lo `test -f 'misc.c' || echo '$(srcdir)/'`misc.c
-libnetpgp_la-mj.lo: mj.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libnetpgp_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-MT libnetpgp_la-mj.lo -MD -MP -MF $(DEPDIR)/libnetpgp_la-mj.Tpo -c -o libnetpgp_la-mj.lo `test -f 'mj.c' || echo '$(srcdir)/'`mj.c
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libnetpgp_la-mj.Tpo $(DEPDIR)/libnetpgp_la-mj.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mj.c' object='libnetpgp_la-mj.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libnetpgp_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-c -o libnetpgp_la-mj.lo `test -f 'mj.c' || echo '$(srcdir)/'`mj.c
-
libnetpgp_la-netpgp.lo: netpgp.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libnetpgp_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-MT libnetpgp_la-netpgp.lo -MD -MP -MF $(DEPDIR)/libnetpgp_la-netpgp.Tpo -c -o libnetpgp_la-netpgp.lo `test -f 'netpgp.c' || echo '$(srcdir)/'`netpgp.c
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libnetpgp_la-netpgp.Tpo $(DEPDIR)/libnetpgp_la-netpgp.Plo
diff -r 9d1d2b8f1634 -r 08fbb59652a3 crypto/external/bsd/netpgp/dist/src/lib/config.h.in
--- a/crypto/external/bsd/netpgp/dist/src/lib/config.h.in Thu Nov 04 14:08:31 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/config.h.in Thu Nov 04 15:38:45 2010 +0000
@@ -117,6 +117,10 @@
/* Define to 1 if you have the <zlib.h> header file. */
#undef HAVE_ZLIB_H
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+ */
+#undef LT_OBJDIR
+
/* Name of package */
#undef PACKAGE
diff -r 9d1d2b8f1634 -r 08fbb59652a3 crypto/external/bsd/netpgp/dist/src/lib/create.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/create.c Thu Nov 04 14:08:31 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/create.c Thu Nov 04 15:38:45 2010 +0000
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: create.c,v 1.34 2010/09/01 17:25:57 agc Exp $");
+__RCSID("$NetBSD: create.c,v 1.35 2010/11/04 15:38:45 agc Exp $");
#endif
#include <sys/types.h>
@@ -843,31 +843,23 @@
}
static unsigned
-create_unencoded_m_buf(__ops_pk_sesskey_t *sesskey, uint8_t *m_buf)
+create_unencoded_m_buf(__ops_pk_sesskey_t *sesskey, __ops_crypt_t *cipherinfo, uint8_t *m_buf)
{
- int i;
+ unsigned i;
- /* m_buf is the buffer which will be encoded in PKCS#1 block */
- /* encoding to form the "m" value used in the */
- /* Public Key Encrypted Session Key Packet */
- /*
- * as defined in RFC Section 5.1 "Public-Key Encrypted Session Key
- * Packet"
+ /* m_buf is the buffer which will be encoded in PKCS#1 block
+ * encoding to form the "m" value used in the Public Key
+ * Encrypted Session Key Packet as defined in RFC Section 5.1
+ * "Public-Key Encrypted Session Key Packet"
*/
-
m_buf[0] = sesskey->symm_alg;
-
- if (sesskey->symm_alg != OPS_SA_CAST5) {
- (void) fprintf(stderr, "create_unencoded_m_buf: symm alg\n");
- return 0;
- }
- for (i = 0; i < CAST_KEY_LENGTH; i++) {
+ for (i = 0; i < cipherinfo->keysize ; i++) {
/* XXX - Flexelint - Warning 679: Suspicious Truncation in arithmetic expression combining with pointer */
m_buf[1 + i] = sesskey->key[i];
}
- return (__ops_calc_sesskey_checksum(sesskey,
- m_buf + 1 + CAST_KEY_LENGTH));
+ return __ops_calc_sesskey_checksum(sesskey,
+ m_buf + 1 + cipherinfo->keysize);
}
/**
@@ -940,24 +932,21 @@
\note Currently hard-coded to use RSA
*/
__ops_pk_sesskey_t *
-__ops_create_pk_sesskey(const __ops_key_t *key)
+__ops_create_pk_sesskey(const __ops_key_t *key, const char *ciphername)
{
/*
* Creates a random session key and encrypts it for the given key
*
- * Session Key is for use with a SK algo,
- * can be any, we're hardcoding CAST5 for now
- *
* Encryption used is PK,
* can be any, we're hardcoding RSA for now
*/
-#define SZ_UNENCODED_M_BUF (CAST_KEY_LENGTH + 1 + 2)
-
const __ops_pubkey_t *pubkey;
__ops_pk_sesskey_t *sesskey;
+ __ops_symm_alg_t cipher;
const uint8_t *id;
- uint8_t unencoded_m_buf[SZ_UNENCODED_M_BUF];
+ __ops_crypt_t cipherinfo;
+ uint8_t *unencoded_m_buf;
uint8_t *encoded_m_buf;
size_t sz_encoded_m_buf;
@@ -968,21 +957,34 @@
pubkey = &key->enckey;
id = key->encid;
}
+ /* allocate unencoded_m_buf here */
+ (void) memset(&cipherinfo, 0x0, sizeof(cipherinfo));
+ __ops_crypt_any(&cipherinfo,
+ cipher = __ops_str_to_cipher((ciphername) ? ciphername : "cast5"));
+ unencoded_m_buf = calloc(1, cipherinfo.keysize + 1 + 2);
+ if (unencoded_m_buf == NULL) {
+ (void) fprintf(stderr,
+ "__ops_create_pk_sesskey: can't allocate\n");
+ return NULL;
+ }
sz_encoded_m_buf = BN_num_bytes(pubkey->key.rsa.n);
if ((encoded_m_buf = calloc(1, sz_encoded_m_buf)) == NULL) {
(void) fprintf(stderr,
"__ops_create_pk_sesskey: can't allocate\n");
+ free(unencoded_m_buf);
return NULL;
}
if ((sesskey = calloc(1, sizeof(*sesskey))) == NULL) {
(void) fprintf(stderr,
"__ops_create_pk_sesskey: can't allocate\n");
+ free(unencoded_m_buf);
free(encoded_m_buf);
return NULL;
}
if (key->type != OPS_PTAG_CT_PUBLIC_KEY) {
(void) fprintf(stderr,
"__ops_create_pk_sesskey: bad type\n");
+ free(unencoded_m_buf);
free(encoded_m_buf);
free(sesskey);
return NULL;
@@ -1001,34 +1003,37 @@
default:
(void) fprintf(stderr,
"__ops_create_pk_sesskey: bad pubkey algorithm\n");
+ free(unencoded_m_buf);
free(encoded_m_buf);
free(sesskey);
return NULL;
}
sesskey->alg = pubkey->alg;
- /* \todo allow user to specify other algorithm */
- sesskey->symm_alg = OPS_SA_CAST5;
- __ops_random(sesskey->key, CAST_KEY_LENGTH);
+ sesskey->symm_alg = cipher;
+ __ops_random(sesskey->key, cipherinfo.keysize);
if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "CAST5 sesskey created", sesskey->key, CAST_KEY_LENGTH);
+ hexdump(stderr, "sesskey created", sesskey->key,
+ cipherinfo.keysize + 1 + 2);
}
- if (create_unencoded_m_buf(sesskey, &unencoded_m_buf[0]) == 0) {
+ if (create_unencoded_m_buf(sesskey, &cipherinfo, &unencoded_m_buf[0]) == 0) {
+ free(unencoded_m_buf);
free(encoded_m_buf);
free(sesskey);
return NULL;
}
if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "uuencoded m buf", unencoded_m_buf, SZ_UNENCODED_M_BUF);
+ hexdump(stderr, "uuencoded m buf", unencoded_m_buf, cipherinfo.keysize + 1 + 2);
}
- encode_m_buf(unencoded_m_buf, SZ_UNENCODED_M_BUF, pubkey, encoded_m_buf);
+ encode_m_buf(unencoded_m_buf, cipherinfo.keysize + 1 + 2, pubkey, encoded_m_buf);
/* and encrypt it */
switch (key->key.pubkey.alg) {
case OPS_PKA_RSA:
if (!__ops_rsa_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pubkey,
&sesskey->params)) {
+ free(unencoded_m_buf);
free(encoded_m_buf);
free(sesskey);
return NULL;
@@ -1037,6 +1042,7 @@
case OPS_PKA_DSA:
case OPS_PKA_ELGAMAL:
(void) fprintf(stderr, "DSA/Elgamal encryption not supported yet\n");
+ free(unencoded_m_buf);
free(encoded_m_buf);
free(sesskey);
return NULL;
@@ -1044,6 +1050,7 @@
/* will not get here - for lint only */
break;
}
+ free(unencoded_m_buf);
free(encoded_m_buf);
return sesskey;
}
diff -r 9d1d2b8f1634 -r 08fbb59652a3 crypto/external/bsd/netpgp/dist/src/lib/create.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/create.h Thu Nov 04 14:08:31 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/create.h Thu Nov 04 15:38:45 2010 +0000
@@ -91,7 +91,7 @@
const uint8_t *,
const int,
const __ops_litdata_enum);
-__ops_pk_sesskey_t *__ops_create_pk_sesskey(const __ops_key_t *);
+__ops_pk_sesskey_t *__ops_create_pk_sesskey(const __ops_key_t *, const char *);
unsigned __ops_write_pk_sesskey(__ops_output_t *, __ops_pk_sesskey_t *);
unsigned __ops_write_xfer_pubkey(__ops_output_t *,
const __ops_key_t *, const unsigned);
diff -r 9d1d2b8f1634 -r 08fbb59652a3 crypto/external/bsd/netpgp/dist/src/lib/crypto.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Thu Nov 04 14:08:31 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Thu Nov 04 15:38:45 2010 +0000
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.28 2010/09/08 03:21:22 agc Exp $");
+__RCSID("$NetBSD: crypto.c,v 1.29 2010/11/04 15:38:45 agc Exp $");
#endif
#include <sys/types.h>
@@ -305,7 +305,8 @@
const char *outfile,
const __ops_key_t *key,
const unsigned use_armour,
- const unsigned allow_overwrite)
+ const unsigned allow_overwrite,
+ const char *cipher)
{
__ops_output_t *output;
__ops_memory_t *inmem;
@@ -328,7 +329,7 @@
}
/* Push the encrypted writer */
- if (!__ops_push_enc_se_ip(output, key)) {
+ if (!__ops_push_enc_se_ip(output, key, cipher)) {
__ops_memory_free(inmem);
return 0;
}
@@ -349,7 +350,8 @@
const void *input,
const size_t insize,
const __ops_key_t *pubkey,
- const unsigned use_armour)
+ const unsigned use_armour,
+ const char *cipher)
{
__ops_output_t *output;
__ops_memory_t *outmem;
@@ -369,7 +371,7 @@
}
Home |
Main Index |
Thread Index |
Old Index