kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

simplified twofish's key handling

pull/357/head
Logan007 4 years ago
parent
052127734e
commit
ece0c91ef1
3 changed files with 21 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      include/twofish.h
  2. 6
      src/transform_tf.c
  3. 39
      src/twofish.c

5
include/twofish.h
View File

@ -62,7 +62,6 @@ typedef uint8_t uint8_t;
/* Constants */ /* Constants */
#define TwoFish_DEFAULT_PW "SnortHas2FishEncryptionRoutines!" /* default password (not more than 32 chars) */
#define TwoFish_DEFAULT_PW_LEN 32 #define TwoFish_DEFAULT_PW_LEN 32
#define TwoFish_MAGIC "TwoFish" /* to indentify a successful decryption */ #define TwoFish_MAGIC "TwoFish" /* to indentify a successful decryption */
@ -134,12 +133,12 @@ typedef struct
* initializes important values (such as subkeys, sBoxes), generates subkeys * initializes important values (such as subkeys, sBoxes), generates subkeys
* and precomputes the MDS matrix if not already done. * and precomputes the MDS matrix if not already done.
* *
* Input: User supplied password (will be appended by default password of 'SnortHas2FishEncryptionRoutines!') * Input: User supplied key of correct length (TwoFish_KEY_LENGTH, 256 bits = 32 bytes by default)
* *
* Output: Pointer to TWOFISH structure. This data structure contains key dependent data. * Output: Pointer to TWOFISH structure. This data structure contains key dependent data.
* This pointer is used with all other crypt functions. * This pointer is used with all other crypt functions.
*/ */
TWOFISH *TwoFishInit(const uint8_t *userkey, uint32_t keysize ); TWOFISH *TwoFishInit(const uint8_t *userkey);
/* TwoFish Destroy /* TwoFish Destroy

6
src/transform_tf.c
View File

@ -180,6 +180,7 @@ int n2n_transop_twofish_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
transop_tf_t *priv; transop_tf_t *priv;
const u_char *encrypt_key = (const u_char *)conf->encrypt_key; const u_char *encrypt_key = (const u_char *)conf->encrypt_key;
size_t encrypt_key_len = strlen(conf->encrypt_key); size_t encrypt_key_len = strlen(conf->encrypt_key);
uint8_t key_hash[32];
memset(ttt, 0, sizeof(*ttt)); memset(ttt, 0, sizeof(*ttt));
ttt->transform_id = N2N_TRANSFORM_ID_TWOFISH; ttt->transform_id = N2N_TRANSFORM_ID_TWOFISH;
@ -197,8 +198,9 @@ int n2n_transop_twofish_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
ttt->priv = priv; ttt->priv = priv;
/* This is a preshared key setup. Both Tx and Rx are using the same security association. */ /* This is a preshared key setup. Both Tx and Rx are using the same security association. */
priv->enc_tf = TwoFishInit(encrypt_key, encrypt_key_len); pearson_hash_256 (key_hash, encrypt_key, encrypt_key_len);
priv->dec_tf = TwoFishInit(encrypt_key, encrypt_key_len); priv->enc_tf = TwoFishInit(key_hash);
priv->dec_tf = TwoFishInit(key_hash);
if((!priv->enc_tf) || (!priv->dec_tf)) { if((!priv->enc_tf) || (!priv->dec_tf)) {
if(priv->enc_tf) TwoFishDestroy(priv->enc_tf); if(priv->enc_tf) TwoFishDestroy(priv->enc_tf);

39
src/twofish.c
View File

@ -123,39 +123,19 @@ uint8_t TwoFish__b(uint32_t x,int n)
* initializes important values (such as subkeys, sBoxes), generates subkeys * initializes important values (such as subkeys, sBoxes), generates subkeys
* and precomputes the MDS matrix if not already done. * and precomputes the MDS matrix if not already done.
* *
* Input: User supplied password (will be appended by default password of 'SnortHas2FishEncryptionRoutines!') * Input: User supplied key of correct length (TwoFish_KEY_LENGTH, 256 bits = 32 bytes by default)
* *
* Output: Pointer to TWOFISH structure. This data structure contains key dependent data. * Output: Pointer to TWOFISH structure. This data structure contains key dependent data.
* This pointer is used with all other crypt functions. * This pointer is used with all other crypt functions.
*/ */
TWOFISH *TwoFishInit(const uint8_t *userkey, uint32_t keysize) TWOFISH *TwoFishInit(const uint8_t *userkey)
{ TWOFISH *tfdata; { TWOFISH *tfdata;
int i,x,m;
uint8_t tkey[TwoFish_KEY_LENGTH+40];
memset( tkey, 0, TwoFish_KEY_LENGTH+40 );
tfdata=(TWOFISH *)malloc(sizeof(TWOFISH)); /* allocate the TwoFish structure */ tfdata=(TWOFISH *)malloc(sizeof(TWOFISH)); /* allocate the TwoFish structure */
if(tfdata!=NULL) if(tfdata!=NULL)
{ {
memcpy(tfdata->key, userkey, TwoFish_KEY_LENGTH);
/* Changes here prevented a dangerous random key segment for keys of length < TwoFish_KEY_LENGTH */
if(keysize > 0)
{
memcpy( tkey, userkey, keysize ); /* The rest will be zeros */
}
else
{
memcpy( tkey, TwoFish_DEFAULT_PW, TwoFish_DEFAULT_PW_LEN ); /* if no key defined, use default password */
}
/* This loop is awful - surely a loop on memcpy() would be clearer and more efficient */
for(i=0,x=0,m=keysize;i<TwoFish_KEY_LENGTH;i++) /* copy into data structure */
{
tfdata->key[i]=tkey[x++]; /* fill the whole keyspace with repeating key. */
if(x==m)
x=0;
}
if(!TwoFish_MDSready) if(!TwoFish_MDSready)
_TwoFish_PrecomputeMDSmatrix(); /* "Wake Up, Neo" */ _TwoFish_PrecomputeMDSmatrix(); /* "Wake Up, Neo" */
@ -966,9 +946,16 @@ int main(int argc, char* argv[])
char outbuf[4096]; char outbuf[4096];
char * outp = outbuf; char * outp = outbuf;
uint8_t key[] = { 0xfc, 0x77, 0x1a, 0xda, 0xaa }; uint8_t key[] = { 0xfc, 0x77, 0x1a, 0xda, 0xaa,
TWOFISH *tfa = TwoFishInit( key, 5 ); 0xfc, 0x77, 0x1a, 0xda, 0xaa,
TWOFISH *tfb = TwoFishInit( key, 5 ); 0xfc, 0x77, 0x1a, 0xda, 0xaa,
0xfc, 0x77, 0x1a, 0xda, 0xaa,
0xfc, 0x77, 0x1a, 0xda, 0xaa,
0xfc, 0x77, 0x1a, 0xda, 0xaa,
0xfc, 0x77 };
TWOFISH *tfa = TwoFishInit( key );
TWOFISH *tfb = TwoFishInit( key );
uint8_t out[2048], out2[2048]; uint8_t out[2048], out2[2048];
uint8_t in[TEST_DATA_SIZE]; uint8_t in[TEST_DATA_SIZE];

Write Preview
Loading…
Cancel
Save