From 3d00ddf2968711d071b537b27c3ec208b584cbdc Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Fri, 15 Nov 2013 21:52:45 +0100 Subject: Allow using blowfish from OpenSSL on systems where it's available anyways --- cmake/config.cmake | 1 + cmake/deps.cmake | 11 ++ src/CMakeLists.txt | 6 +- src/crypto/cipher/blowfish_ctr/CMakeLists.txt | 1 + .../cipher/blowfish_ctr/openssl/CMakeLists.txt | 7 ++ .../cipher/blowfish_ctr/openssl/blowfish_ctr.c | 113 +++++++++++++++++++++ 6 files changed, 136 insertions(+), 3 deletions(-) create mode 100644 src/crypto/cipher/blowfish_ctr/openssl/CMakeLists.txt create mode 100644 src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c diff --git a/cmake/config.cmake b/cmake/config.cmake index cc5ca01..110ad1a 100644 --- a/cmake/config.cmake +++ b/cmake/config.cmake @@ -18,6 +18,7 @@ endif() set(WITH_CAPABILITIES ${LINUX} CACHE BOOL "Include support for POSIX capabilities") set(USE_LIBSODIUM FALSE CACHE BOOL "Use libsodium instead of NaCl") +set(USE_OPENSSL FALSE CACHE BOOL "Use OpenSSL") set(WITH_CMDLINE_USER TRUE CACHE BOOL "Include support for setting user/group related options on the command line") set(WITH_CMDLINE_LOGGING TRUE CACHE BOOL "Include support for setting logging related options on the command line") diff --git a/cmake/deps.cmake b/cmake/deps.cmake index c3936af..76f5296 100644 --- a/cmake/deps.cmake +++ b/cmake/deps.cmake @@ -42,6 +42,17 @@ endif(USE_LIBSODIUM) set_property(GLOBAL PROPERTY NACL_REQUIRED FALSE) +if(USE_OPENSSL) + pkg_check_modules(OPENSSL_CRYPTO REQUIRED libcrypto) +else(USE_OPENSSL) + set(OPENSSL_CRYPTO_INCLUDE_DIRS "") + set(OPENSSL_CRYPTO_CFLAGS_OTHER "") + set(OPENSSL_CRYPTO_LIBRARY_DIRS "") + set(OPENSSL_CRYPTO_LIBRARIES "") + set(OPENSSL_CRYPTO_LDFLAGS_OTHER "") +endif(USE_OPENSSL) + + if(WITH_CAPABILITIES) find_package(CAP REQUIRED) else(WITH_CAPABILITIES) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index a8ac194..da20721 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,8 +1,8 @@ set_directory_properties(PROPERTIES COMPILE_DEFINITIONS _GNU_SOURCE) -set(FASTD_CFLAGS "-Wall -pthread ${UECC_CFLAGS_OTHER} ${NACL_CFLAGS_OTHER}") +set(FASTD_CFLAGS "-Wall -pthread ${UECC_CFLAGS_OTHER} ${NACL_CFLAGS_OTHER} ${OPENSSL_CRYPTO_CFLAGS_OTHER}") include_directories(${FASTD_SOURCE_DIR} ${FASTD_BINARY_DIR}/src) -link_directories(${UECC_LIBRARY_DIRS} ${NACL_LIBRARY_DIRS}) +link_directories(${UECC_LIBRARY_DIRS} ${NACL_LIBRARY_DIRS} ${OPENSSL_CRYPTO_LIBRARY_DIRS}) include(generate_version) @@ -38,7 +38,7 @@ add_executable(fastd ${BISON_fastd_config_parse_OUTPUTS} ) set_property(TARGET fastd PROPERTY COMPILE_FLAGS "${FASTD_CFLAGS}") -set_property(TARGET fastd PROPERTY LINK_FLAGS "-pthread ${UECC_LDFLAGS_OTHER} ${NACL_LDFLAGS_OTHER}") +set_property(TARGET fastd PROPERTY LINK_FLAGS "-pthread ${UECC_LDFLAGS_OTHER} ${NACL_LDFLAGS_OTHER} ${OPENSSL_CRYPTO_LDFLAGS_OTHER}") set_property(TARGET fastd APPEND PROPERTY INCLUDE_DIRECTORIES ${CAP_INCLUDE_DIR} ${NACL_INCLUDE_DIRS}) target_link_libraries(fastd protocols methods ciphers macs ${RT_LIBRARY} ${CAP_LIBRARY} ${UECC_LIBRARIES} ${NACL_LIBRARIES}) diff --git a/src/crypto/cipher/blowfish_ctr/CMakeLists.txt b/src/crypto/cipher/blowfish_ctr/CMakeLists.txt index 56d283f..39a8d28 100644 --- a/src/crypto/cipher/blowfish_ctr/CMakeLists.txt +++ b/src/crypto/cipher/blowfish_ctr/CMakeLists.txt @@ -1,2 +1,3 @@ fastd_cipher(blowfish-ctr) +add_subdirectory(openssl) add_subdirectory(builtin) diff --git a/src/crypto/cipher/blowfish_ctr/openssl/CMakeLists.txt b/src/crypto/cipher/blowfish_ctr/openssl/CMakeLists.txt new file mode 100644 index 0000000..76bce41 --- /dev/null +++ b/src/crypto/cipher/blowfish_ctr/openssl/CMakeLists.txt @@ -0,0 +1,7 @@ +if(USE_OPENSSL) + fastd_cipher_impl(blowfish-ctr openssl + blowfish_ctr.c + ) + fastd_cipher_impl_include_directories(blowfish-ctr openssl ${OPENSSL_INCLUDE_DIRS}) + fastd_cipher_impl_link_libraries(blowfish-ctr openssl ${OPENSSL_CRYPTO_LIBRARIES}) +endif(USE_OPENSSL) diff --git a/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c new file mode 100644 index 0000000..1eafb97 --- /dev/null +++ b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c @@ -0,0 +1,113 @@ +/* + Copyright (c) 2012-2013, Matthias Schiffer + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + + +#include "../../../../fastd.h" + +#include + + +struct fastd_cipher_state { + BF_KEY key; +}; + + +static fastd_cipher_context_t* blowfish_ctr_initialize(fastd_context_t *ctx UNUSED) { + return NULL; +} + +static size_t blowfish_ctr_key_length(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED) { + return 56; +} + +static inline void bf_ntohl(uint32_t *v, size_t len) { + size_t i; + for (i = 0; i < len; i++) + v[i] = ntohl(v[i]); +} + +static inline void bf_htonl(uint32_t *v, size_t len) { + size_t i; + for (i = 0; i < len; i++) + v[i] = htonl(v[i]); +} +static fastd_cipher_state_t* blowfish_ctr_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) { + fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t)); + BF_set_key(&state->key, 56, (const unsigned char*)key); + + return state; +} + +static size_t blowfish_ctr_iv_length(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state UNUSED) { + return 8; +} + +static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { + uint32_t ctr[2]; + + fastd_block128_t block; + uint32_t* block4 = (uint32_t*)█ + + memcpy(ctr, iv, sizeof(ctr)); + bf_ntohl(ctr, 2); + + size_t i; + for(i = 0; i < len; i += 16) { + memcpy(block4, ctr, sizeof(ctr)); + BF_encrypt((BF_LONG*)block4, &state->key); + ctr[1]++; + + memcpy(block4+2, ctr, sizeof(ctr)); + BF_encrypt((BF_LONG*)block4+2, &state->key); + ctr[1]++; + + bf_htonl(block4, 4); + xor(out++, in++, &block); + } + + return true; +} + +static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { + free(state); +} + +static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) { +} + +const fastd_cipher_t fastd_cipher_blowfish_ctr_openssl = { + .name = "openssl", + + .initialize = blowfish_ctr_initialize, + + .key_length = blowfish_ctr_key_length, + .init_state = blowfish_ctr_init_state, + + .iv_length = blowfish_ctr_iv_length, + .crypt = blowfish_ctr_crypt, + + .free_state = blowfish_ctr_free_state, + .free = blowfish_ctr_free, +}; -- cgit v1.2.3