X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=sshblowf.c;h=8a106cbe94a89b693104fa525aea107db80f11a1;hb=a063e522970946bf7d5dc052079d7773c0dee76d;hp=a264c3c542dd7ae2f67b7e6ad56178c0d5d98634;hpb=2e761fefaf3b883a39aa599e9af342245d1f6453;p=PuTTY.git diff --git a/sshblowf.c b/sshblowf.c index a264c3c5..8a106cbe 100644 --- a/sshblowf.c +++ b/sshblowf.c @@ -16,6 +16,27 @@ typedef struct { /* * The Blowfish init data: hex digits of the fractional part of pi. * (ie pi as a hex fraction is 3.243F6A8885A308D3...) + * + * If you have Simon Tatham's 'spigot' exact real calculator + * available, or any other method of generating 8336 fractional hex + * digits of pi on standard output, you can regenerate these tables + * exactly as below using the following Perl script (adjusting the + * first line or two if your pi-generator is not spigot). + +open my $spig, "spigot -n -B16 -d8336 pi |"; +read $spig, $ignore, 2; # throw away the leading "3." +for my $name ("parray", "sbox0".."sbox3") { + print "static const word32 ${name}[] = {\n"; + my $len = $name eq "parray" ? 18 : 256; + for my $i (1..$len) { + read $spig, $word, 8; + printf "%s0x%s,", ($i%6==1 ? " " : " "), uc $word; + print "\n" if ($i == $len || $i%6 == 0); + } + print "};\n\n"; +} +close $spig; + */ static const word32 parray[] = { 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0, @@ -389,7 +410,6 @@ static void blowfish_msb_decrypt_cbc(unsigned char *blk, int len, ctx->iv1 = iv1; } -#ifdef ENABLE_BLOWFISH_SSH2_CTR static void blowfish_msb_sdctr(unsigned char *blk, int len, BlowfishContext * ctx) { @@ -406,8 +426,8 @@ static void blowfish_msb_sdctr(unsigned char *blk, int len, PUT_32BIT_MSB_FIRST(blk, tmp ^ b[0]); tmp = GET_32BIT_MSB_FIRST(blk + 4); PUT_32BIT_MSB_FIRST(blk + 4, tmp ^ b[1]); - if ((iv0 = (iv0 + 1) & 0xffffffff) == 0) - iv1 = (iv1 + 1) & 0xffffffff; + if ((iv1 = (iv1 + 1) & 0xffffffff) == 0) + iv0 = (iv0 + 1) & 0xffffffff; blk += 8; len -= 8; } @@ -415,7 +435,6 @@ static void blowfish_msb_sdctr(unsigned char *blk, int len, ctx->iv0 = iv0; ctx->iv1 = iv1; } -#endif static void blowfish_setkey(BlowfishContext * ctx, const unsigned char *key, short keybytes) @@ -502,13 +521,11 @@ static void blowfish_key(void *handle, unsigned char *key) blowfish_setkey(ctx, key, 16); } -#ifdef ENABLE_BLOWFISH_SSH2_CTR static void blowfish256_key(void *handle, unsigned char *key) { BlowfishContext *ctx = (BlowfishContext *)handle; blowfish_setkey(ctx, key, 32); } -#endif static void blowfish_iv(void *handle, unsigned char *key) { @@ -554,14 +571,12 @@ static void blowfish_ssh2_decrypt_blk(void *handle, unsigned char *blk, blowfish_msb_decrypt_cbc(blk, len, ctx); } -#ifdef ENABLE_BLOWFISH_SSH2_CTR static void blowfish_ssh2_sdctr(void *handle, unsigned char *blk, int len) { BlowfishContext *ctx = (BlowfishContext *)handle; blowfish_msb_sdctr(blk, len, ctx); } -#endif const struct ssh_cipher ssh_blowfish_ssh1 = { blowfish_ssh1_make_context, blowfish_free_context, blowfish_sesskey, @@ -573,28 +588,18 @@ static const struct ssh2_cipher ssh_blowfish_ssh2 = { blowfish_make_context, blowfish_free_context, blowfish_iv, blowfish_key, blowfish_ssh2_encrypt_blk, blowfish_ssh2_decrypt_blk, "blowfish-cbc", - 8, 128, "Blowfish-128 CBC" + 8, 128, SSH_CIPHER_IS_CBC, "Blowfish-128 CBC" }; -#ifdef ENABLE_BLOWFISH_SSH2_CTR static const struct ssh2_cipher ssh_blowfish_ssh2_ctr = { blowfish_make_context, blowfish_free_context, blowfish_iv, blowfish256_key, blowfish_ssh2_sdctr, blowfish_ssh2_sdctr, "blowfish-ctr", - 8, 256, "Blowfish-256 SDCTR" + 8, 256, 0, "Blowfish-256 SDCTR" }; -#endif -/* - * "blowfish-ctr" is disabled because it hasn't had any interoperability - * testing, which is in turn because I couldn't find another implementation - * to test against. Once it's been tested, it can be enabled in standard - * builds. - */ static const struct ssh2_cipher *const blowfish_list[] = { -#ifdef ENABLE_BLOWFISH_SSH2_CTR &ssh_blowfish_ssh2_ctr, -#endif &ssh_blowfish_ssh2 };