diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-02-24 23:07:21 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-02-24 23:07:21 +0000 |
| commit | 7f273ea36338c2f166dbd1b966857595cc834fd9 (patch) | |
| tree | 44ea231c96fa1e455dd8108f57bc667ddd244c1c | |
| parent | 36bd2c11fa82bf660b2afb557336df2c64aa1349 (diff) | |
add skipjack support back
| -rw-r--r-- | sys/netinet/ip_esp_new.c | 37 | ||||
| -rw-r--r-- | sys/netinet/ip_ipsp.h | 5 |
2 files changed, 40 insertions, 2 deletions
diff --git a/sys/netinet/ip_esp_new.c b/sys/netinet/ip_esp_new.c index 26026302756..9d5795f55ef 100644 --- a/sys/netinet/ip_esp_new.c +++ b/sys/netinet/ip_esp_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_new.c,v 1.34 1999/02/24 22:33:02 angelos Exp $ */ +/* $OpenBSD: ip_esp_new.c,v 1.35 1999/02/24 23:07:19 deraadt Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -83,10 +83,12 @@ static void des1_encrypt(struct tdb *, u_int8_t *); static void des3_encrypt(struct tdb *, u_int8_t *); static void blf_encrypt(struct tdb *, u_int8_t *); static void cast5_encrypt(struct tdb *, u_int8_t *); +static void skipjack_encrypt(struct tdb *, u_int8_t *); static void des1_decrypt(struct tdb *, u_int8_t *); static void des3_decrypt(struct tdb *, u_int8_t *); static void blf_decrypt(struct tdb *, u_int8_t *); static void cast5_decrypt(struct tdb *, u_int8_t *); +static void skipjack_decrypt(struct tdb *, u_int8_t *); struct auth_hash esp_new_hash[] = { { SADB_AALG_MD5HMAC96, "HMAC-MD5-96", @@ -136,6 +138,12 @@ struct enc_xform esp_new_xform[] = { 5, 16, 8, cast5_encrypt, cast5_decrypt + }, + { SADB_EALG_X_SKIPJACK, "Skipjack", + ESP_SKIPJACK_BLKS, ESP_SKIPJACK_IVS, + 10, 10, 8, + skipjack_encrypt, + skipjack_decrypt } }; @@ -189,6 +197,18 @@ cast5_decrypt(struct tdb *tdb, u_int8_t *blk) cast_decrypt((cast_key *) tdb->tdb_key, blk, blk); } +static void +skipjack_encrypt(struct tdb *tdb, u_int8_t *blk) +{ + skipjack_forwards(blk, blk, (u_int8_t **) tdb->tdb_key); +} + +static void +skipjack_decrypt(struct tdb *tdb, u_int8_t *blk) +{ + skipjack_backwards(blk, blk, (u_int8_t **) tdb->tdb_key); +} + /* * esp_new_attach() is called from the transformation initialization code. */ @@ -307,6 +327,13 @@ esp_new_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) cast_setkey((cast_key *) tdbp->tdb_key, ii->ii_enckey, ii->ii_enckeylen); break; + + case SADB_EALG_X_SKIPJACK: + MALLOC(tdbp->tdb_key, u_int8_t *, 10 * sizeof(u_int8_t *), + M_XDATA, M_WAITOK); + bzero(tdbp->tdb_key, 10 * sizeof(u_int8_t *)); + subkey_table_gen(ii->ii_enckey, (u_int8_t **) tdbp->tdb_key); + break; } if (thash) @@ -339,6 +366,14 @@ esp_new_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) int esp_new_zeroize(struct tdb *tdbp) { + if (tdbp->tdb_encalgxform && tdbp->tdb_encalgxform->type == SADB_EALG_X_SKIPJACK) + { + int k; + + for (k = 0; k < 10; k++) + FREE(((u_int8_t **)tdbp->tdb_key)[k], M_XDATA); + } + if (tdbp->tdb_key) { FREE(tdbp->tdb_key, M_XDATA); diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index ab34c6c6796..d3b57a54b74 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.24 1999/02/24 22:33:06 angelos Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.25 1999/02/24 23:07:20 deraadt Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -42,6 +42,7 @@ #include <netinet/ip_rmd160.h> #include <netinet/ip_blf.h> #include <netinet/ip_cast.h> +#include <netinet/ip_skipjack.h> #include <sys/socket.h> /* HMAC key sizes */ @@ -54,6 +55,7 @@ #define ESP_3DES_IVS 8 #define ESP_BLF_IVS 8 #define ESP_CAST_IVS 8 +#define ESP_SKIPJACK_IVS 8 #define ESP_MAX_IVS 8 /* Keep updated */ /* Block sizes -- it is assumed that they're powers of 2 */ @@ -61,6 +63,7 @@ #define ESP_3DES_BLKS 8 #define ESP_BLF_BLKS 8 #define ESP_CAST_BLKS 8 +#define ESP_SKIPJACK_BLKS 8 #define ESP_MAX_BLKS 8 /* Keep updated */ #define HMAC_BLOCK_LEN 64 |