Module Name: src
Committed By: agc
Date: Thu Nov 4 06:45:28 UTC 2010
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/lib: crypto.h misc.c netpgp.c
openssl_crypto.c packet-show.c packet.h symmetric.c version.h
Log Message:
Update to version 3.99.13:
+ add ability in netpgpkeys(1) to specify the cipher (symmetric algorithm)
as specified in RFC 5581
+ add the camellia cipher implementation from openssl
To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c
cvs rdiff -u -r1.78 -r1.79 \
src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
cvs rdiff -u -r1.29 -r1.30 \
src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c
cvs rdiff -u -r1.26 -r1.27 \
src/crypto/external/bsd/netpgp/dist/src/lib/packet.h
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c
cvs rdiff -u -r1.42 -r1.43 \
src/crypto/external/bsd/netpgp/dist/src/lib/version.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.22 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.23
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.22 Thu Nov 4 01:18:34 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h Thu Nov 4 06:45:28 2010
@@ -132,6 +132,7 @@
int __ops_elgamal_private_decrypt(uint8_t *, const uint8_t *, size_t,
const __ops_elgamal_seckey_t *, const __ops_elgamal_pubkey_t *);
+__ops_symm_alg_t __ops_str_to_cipher(const char *);
unsigned __ops_block_size(__ops_symm_alg_t);
unsigned __ops_key_size(__ops_symm_alg_t);
@@ -199,7 +200,8 @@
/* Keys */
__ops_key_t *__ops_rsa_new_selfsign_key(const int,
- const unsigned long, uint8_t *, const char *);
+ const unsigned long, uint8_t *, const char *,
+ const char *);
int __ops_dsa_size(const __ops_dsa_pubkey_t *);
DSA_SIG *__ops_dsa_sign(uint8_t *, unsigned,
Index: src/crypto/external/bsd/netpgp/dist/src/lib/misc.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.36 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.37
--- src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.36 Sun Aug 15 16:36:24 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/misc.c Thu Nov 4 06:45:28 2010
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: misc.c,v 1.36 2010/08/15 16:36:24 agc Exp $");
+__RCSID("$NetBSD: misc.c,v 1.37 2010/11/04 06:45:28 agc Exp $");
#endif
#include <sys/types.h>
@@ -793,6 +793,37 @@
}
}
+/* structure to map string to cipher def */
+typedef struct str2cipher_t {
+ const char *s; /* cipher name */
+ __ops_symm_alg_t i; /* cipher def */
+} str2cipher_t;
+
+static str2cipher_t str2cipher[] = {
+ { "cast5", OPS_SA_CAST5 },
+ { "idea", OPS_SA_IDEA },
+ { "aes128", OPS_SA_AES_128 },
+ { "aes256", OPS_SA_AES_256 },
+ { "camellia128", OPS_SA_CAMELLIA_128 },
+ { "camellia256", OPS_SA_CAMELLIA_256 },
+ { "tripledes", OPS_SA_TRIPLEDES },
+ { NULL, 0 }
+};
+
+/* convert from a string to a cipher definition */
+__ops_symm_alg_t
+__ops_str_to_cipher(const char *cipher)
+{
+ str2cipher_t *sp;
+
+ for (sp = str2cipher ; cipher && sp->s ; sp++) {
+ if (netpgp_strcasecmp(cipher, sp->s) == 0) {
+ return sp->i;
+ }
+ }
+ return OPS_SA_DEFAULT_CIPHER;
+}
+
void
__ops_random(void *dest, size_t length)
{
Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.78 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.79
--- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.78 Sun Oct 31 19:45:53 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Thu Nov 4 06:45:28 2010
@@ -34,7 +34,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.78 2010/10/31 19:45:53 stacktic Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.79 2010/11/04 06:45:28 agc Exp $");
#endif
#include <sys/types.h>
@@ -1108,10 +1108,13 @@
if (id) {
(void) snprintf(newid, sizeof(newid), "%s", id);
} else {
- (void) snprintf(newid, sizeof(newid), "RSA %d-bit key <%...@localhost>", numbits, getenv("LOGNAME"));
+ (void) snprintf(newid, sizeof(newid),
+ "RSA %d-bit key <%...@localhost>", numbits, getenv("LOGNAME"));
}
uid = (uint8_t *)newid;
- key = __ops_rsa_new_selfsign_key(numbits, 65537UL, uid, netpgp_getvar(netpgp, "hash"));
+ key = __ops_rsa_new_selfsign_key(numbits, 65537UL, uid,
+ netpgp_getvar(netpgp, "hash"),
+ netpgp_getvar(netpgp, "cipher"));
if (key == NULL) {
(void) fprintf(io->errs, "Cannot generate key\n");
return 0;
Index: src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.29 src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.30
--- src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.29 Wed Sep 8 03:21:22 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c Thu Nov 4 06:45:28 2010
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: openssl_crypto.c,v 1.29 2010/09/08 03:21:22 agc Exp $");
+__RCSID("$NetBSD: openssl_crypto.c,v 1.30 2010/11/04 06:45:28 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_DSA_H
@@ -685,7 +685,8 @@
rsa_generate_keypair(__ops_key_t *keydata,
const int numbits,
const unsigned long e,
- const char *hashalg)
+ const char *hashalg,
+ const char *cipher)
{
__ops_seckey_t *seckey;
RSA *rsa;
@@ -714,10 +715,10 @@
seckey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED;
seckey->s2k_specifier = OPS_S2KS_SALTED;
/* seckey->s2k_specifier=OPS_S2KS_SIMPLE; */
- seckey->alg = OPS_SA_CAST5; /* \todo make param */
if ((seckey->hash_alg = __ops_str_to_hash_alg(hashalg)) == OPS_HASH_UNKNOWN) {
seckey->hash_alg = OPS_HASH_SHA1;
}
+ seckey->alg = __ops_str_to_cipher(cipher);
seckey->octetc = 0;
seckey->checksum = 0;
@@ -796,12 +797,13 @@
__ops_rsa_new_selfsign_key(const int numbits,
const unsigned long e,
uint8_t *userid,
- const char *hashalg)
+ const char *hashalg,
+ const char *cipher)
{
__ops_key_t *keydata;
keydata = __ops_keydata_new();
- if (!rsa_generate_keypair(keydata, numbits, e, hashalg) ||
+ if (!rsa_generate_keypair(keydata, numbits, e, hashalg, cipher) ||
!__ops_add_selfsigned_userid(keydata, userid)) {
__ops_keydata_free(keydata);
return NULL;
Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.17 src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.18
--- src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.17 Sun Aug 15 16:36:24 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c Thu Nov 4 06:45:28 2010
@@ -60,7 +60,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-show.c,v 1.17 2010/08/15 16:36:24 agc Exp $");
+__RCSID("$NetBSD: packet-show.c,v 1.18 2010/11/04 06:45:28 agc Exp $");
#endif
#include <stdlib.h>
@@ -244,6 +244,9 @@
{OPS_SA_AES_192, "AES (192-bit key)"},
{OPS_SA_AES_256, "AES (256-bit key)"},
{OPS_SA_TWOFISH, "Twofish(256-bit key)"},
+ {OPS_SA_CAMELLIA_128, "Camellia (128-bit key)"},
+ {OPS_SA_CAMELLIA_192, "Camellia (192-bit key)"},
+ {OPS_SA_CAMELLIA_256, "Camellia (256-bit key)"},
{0x00, NULL}, /* this is the end-of-array marker */
};
Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.26 src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.27
--- src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.26 Fri Aug 13 18:29:40 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/packet.h Thu Nov 4 06:45:28 2010
@@ -479,9 +479,14 @@
OPS_SA_AES_128 = 7, /* AES with 128-bit key (AES) */
OPS_SA_AES_192 = 8, /* AES with 192-bit key */
OPS_SA_AES_256 = 9, /* AES with 256-bit key */
- OPS_SA_TWOFISH = 10 /* Twofish with 256-bit key (TWOFISH) */
+ OPS_SA_TWOFISH = 10, /* Twofish with 256-bit key (TWOFISH) */
+ OPS_SA_CAMELLIA_128 = 100, /* Camellia with 128-bit key (CAMELLIA) */
+ OPS_SA_CAMELLIA_192 = 101, /* Camellia with 192-bit key */
+ OPS_SA_CAMELLIA_256 = 102 /* Camellia with 256-bit key */
} __ops_symm_alg_t;
+#define OPS_SA_DEFAULT_CIPHER OPS_SA_CAST5
+
/** Hashing Algorithm Numbers.
* OpenPGP assigns a unique Algorithm Number to each algorithm that is
* part of OpenPGP.
Index: src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.12 src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.13
--- src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.12 Thu Nov 4 01:18:34 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c Thu Nov 4 06:45:28 2010
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: symmetric.c,v 1.12 2010/11/04 01:18:34 agc Exp $");
+__RCSID("$NetBSD: symmetric.c,v 1.13 2010/11/04 06:45:28 agc Exp $");
#endif
#include "crypto.h"
@@ -78,6 +78,8 @@
#include <openssl/des.h>
#endif
+#include <openssl/camellia.h>
+
#include "crypto.h"
#include "netpgpdefs.h"
@@ -482,32 +484,153 @@
TRAILER
};
+/* Camellia with 128-bit key (CAMELLIA) */
+
+#define KEYBITS_CAMELLIA128 128
+
+static int
+camellia128_init(__ops_crypt_t *crypt)
+{
+ if (crypt->encrypt_key) {
+ free(crypt->encrypt_key);
+ }
+ if ((crypt->encrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+ (void) fprintf(stderr, "camellia128_init: alloc failure\n");
+ return 0;
+ }
+ if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->encrypt_key)) {
+ fprintf(stderr, "camellia128_init: Error setting encrypt_key\n");
+ }
+ if (crypt->decrypt_key) {
+ free(crypt->decrypt_key);
+ }
+ if ((crypt->decrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+ (void) fprintf(stderr, "camellia128_init: alloc failure\n");
+ return 0;
+ }
+ if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->decrypt_key)) {
+ fprintf(stderr, "camellia128_init: Error setting decrypt_key\n");
+ }
+ return 1;
+}
+
+static void
+camellia_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
+{
+ Camellia_encrypt(in, out, crypt->encrypt_key);
+}
+
+static void
+camellia_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
+{
+ Camellia_decrypt(in, out, crypt->decrypt_key);
+}
+
+static void
+camellia_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
+{
+ Camellia_cfb128_encrypt(in, out, (unsigned)count,
+ crypt->encrypt_key, crypt->iv, &crypt->num,
+ CAMELLIA_ENCRYPT);
+}
+
+static void
+camellia_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
+{
+ Camellia_cfb128_encrypt(in, out, (unsigned)count,
+ crypt->encrypt_key, crypt->iv, &crypt->num,
+ CAMELLIA_DECRYPT);
+}
+
+static const __ops_crypt_t camellia128 =
+{
+ OPS_SA_CAMELLIA_128,
+ CAMELLIA_BLOCK_SIZE,
+ KEYBITS_CAMELLIA128 / 8,
+ std_set_iv,
+ std_set_key,
+ camellia128_init,
+ std_resync,
+ camellia_block_encrypt,
+ camellia_block_decrypt,
+ camellia_cfb_encrypt,
+ camellia_cfb_decrypt,
+ std_finish,
+ TRAILER
+};
+
+/* Camellia with 256-bit key (CAMELLIA) */
+
+#define KEYBITS_CAMELLIA256 256
+
+static int
+camellia256_init(__ops_crypt_t *crypt)
+{
+ if (crypt->encrypt_key) {
+ free(crypt->encrypt_key);
+ }
+ if ((crypt->encrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+ (void) fprintf(stderr, "camellia256_init: alloc failure\n");
+ return 0;
+ }
+ if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA256, crypt->encrypt_key)) {
+ fprintf(stderr, "camellia256_init: Error setting encrypt_key\n");
+ }
+ if (crypt->decrypt_key) {
+ free(crypt->decrypt_key);
+ }
+ if ((crypt->decrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
+ (void) fprintf(stderr, "camellia256_init: alloc failure\n");
+ return 0;
+ }
+ if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA256, crypt->decrypt_key)) {
+ fprintf(stderr, "camellia256_init: Error setting decrypt_key\n");
+ }
+ return 1;
+}
+
+static const __ops_crypt_t camellia256 =
+{
+ OPS_SA_CAMELLIA_256,
+ CAMELLIA_BLOCK_SIZE,
+ KEYBITS_CAMELLIA256 / 8,
+ std_set_iv,
+ std_set_key,
+ camellia256_init,
+ std_resync,
+ camellia_block_encrypt,
+ camellia_block_decrypt,
+ camellia_cfb_encrypt,
+ camellia_cfb_decrypt,
+ std_finish,
+ TRAILER
+};
+
+
static const __ops_crypt_t *
get_proto(__ops_symm_alg_t alg)
{
switch (alg) {
case OPS_SA_CAST5:
return &cast5;
-
#ifndef OPENSSL_NO_IDEA
case OPS_SA_IDEA:
return &idea;
#endif /* OPENSSL_NO_IDEA */
-
case OPS_SA_AES_128:
return &aes128;
-
case OPS_SA_AES_256:
return &aes256;
-
+ case OPS_SA_CAMELLIA_128:
+ return &camellia128;
+ case OPS_SA_CAMELLIA_256:
+ return &camellia256;
case OPS_SA_TRIPLEDES:
return &tripledes;
-
default:
(void) fprintf(stderr, "Unknown algorithm: %d (%s)\n",
alg, __ops_show_symm_alg(alg));
}
-
return NULL;
}
Index: src/crypto/external/bsd/netpgp/dist/src/lib/version.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.42 src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.43
--- src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.42 Wed Sep 8 03:21:22 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/version.h Thu Nov 4 06:45:28 2010
@@ -58,7 +58,7 @@
#endif
/* development versions have .99 suffix */
-#define NETPGP_BASE_VERSION "3.99.12"
+#define NETPGP_BASE_VERSION "3.99.13"
#define NETPGP_VERSION_CAT(a, b) "NetPGP portable " a "/[" b "]"
#define NETPGP_VERSION_STRING \
