diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-28 14:43:36 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-28 14:43:36 +0000 |
| commit | ba917f6f40f567ab13d325271ce182f112393681 (patch) | |
| tree | ff02cd602822369616ed1b6f74392b7265a037d5 /sbin | |
| parent | b300592d218ec0e85df79884a4d7d7653ce7e3a9 (diff) | |
support AES in phase 1, too. switch to OpenSSL EVP interface;
with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/isakmpd/Makefile | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/TO-DO | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/conf.c | 6 | ||||
| -rw-r--r-- | sbin/isakmpd/crypto.c | 209 | ||||
| -rw-r--r-- | sbin/isakmpd/crypto.h | 75 | ||||
| -rw-r--r-- | sbin/isakmpd/isakmpd.conf.5 | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/regress/crypto/Makefile | 5 | ||||
| -rw-r--r-- | sbin/isakmpd/regress/crypto/cryptotest.c | 4 |
8 files changed, 100 insertions, 215 deletions
diff --git a/sbin/isakmpd/Makefile b/sbin/isakmpd/Makefile index d6bfd2d06ae..eaae2825d05 100644 --- a/sbin/isakmpd/Makefile +++ b/sbin/isakmpd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.49 2003/06/03 14:28:16 ho Exp $ +# $OpenBSD: Makefile,v 1.50 2003/08/28 14:43:35 markus Exp $ # $EOM: Makefile,v 1.78 2000/10/15 21:33:42 niklas Exp $ # @@ -45,9 +45,11 @@ OS= openbsd #OS= bsdi # Compile-time configuration of otherwise optional features -#FEATURES= tripledes des blowfish cast policy x509 ec aggressive debug gmp +#FEATURES= tripledes des blowfish cast aes +#FEATURES+= policy x509 ec aggressive debug gmp #FEATURES+= rawkey isakmp_cfg dnssec privsep -FEATURES= tripledes des blowfish cast policy x509 ec aggressive debug +FEATURES= tripledes des blowfish cast aes +FEATURES+= policy x509 ec aggressive debug FEATURES+= rawkey isakmp_cfg .PATH: ${.CURDIR}/sysdep/${OS} diff --git a/sbin/isakmpd/TO-DO b/sbin/isakmpd/TO-DO index b4ea0f08258..7e397e4135b 100644 --- a/sbin/isakmpd/TO-DO +++ b/sbin/isakmpd/TO-DO @@ -1,4 +1,4 @@ -$OpenBSD: TO-DO,v 1.25 2001/08/23 23:01:29 angelos Exp $ +$OpenBSD: TO-DO,v 1.26 2003/08/28 14:43:35 markus Exp $ $EOM: TO-DO,v 1.45 2000/04/07 22:47:38 niklas Exp $ This file mixes small nitpicks with large projects to be done. @@ -138,7 +138,7 @@ This file mixes small nitpicks with large projects to be done. * IPv6 [done] -* AES in phase 1 +* AES in phase 1 [done] * x509_certreq_validate needs implementing. diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c index 9c59c628ae6..84d63b54aec 100644 --- a/sbin/isakmpd/conf.c +++ b/sbin/isakmpd/conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.c,v 1.57 2003/07/25 08:31:16 markus Exp $ */ +/* $OpenBSD: conf.c,v 1.58 2003/08/28 14:43:35 markus Exp $ */ /* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $ */ /* @@ -390,7 +390,7 @@ conf_load_defaults (int tr) char *mm_auth[] = { "PRE_SHARED", "DSS", "RSA_SIG", 0 }; char *mm_hash[] = { "MD5", "SHA", 0 }; char *mm_enc[] = { "DES_CBC", "BLOWFISH_CBC", "3DES_CBC", - "CAST_CBC", 0 }; + "CAST_CBC", "AES_CBC", 0 }; char *dh_group[] = { "MODP_768", "MODP_1024", "MODP_1536", 0 }; char *qm_enc[] = { "DES", "3DES", "CAST", "BLOWFISH", "AES", 0 }; char *qm_hash[] = { "HMAC_MD5", "HMAC_SHA", "HMAC_RIPEMD", @@ -399,7 +399,7 @@ conf_load_defaults (int tr) /* Abbreviations to make section names a bit shorter. */ char *mm_auth_p[] = { "", "-DSS", "-RSA_SIG", 0 }; - char *mm_enc_p[] = { "DES", "BLF", "3DES", "CAST", 0 }; + char *mm_enc_p[] = { "DES", "BLF", "3DES", "CAST", "AES", 0 }; char *dh_group_p[]= { "-GRP1", "-GRP2", "-GRP5", "", 0 }; char *qm_enc_p[] = { "-DES", "-3DES", "-CAST", "-BLF", "-AES", 0 }; char *qm_hash_p[] = { "-MD5", "-SHA", "-RIPEMD", diff --git a/sbin/isakmpd/crypto.c b/sbin/isakmpd/crypto.c index a7b3690b480..54ce6104919 100644 --- a/sbin/isakmpd/crypto.c +++ b/sbin/isakmpd/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.15 2003/08/06 21:08:06 millert Exp $ */ +/* $OpenBSD: crypto.c,v 1.16 2003/08/28 14:43:35 markus Exp $ */ /* $EOM: crypto.c,v 1.32 2000/03/07 20:08:51 niklas Exp $ */ /* @@ -39,216 +39,151 @@ #include "crypto.h" #include "log.h" +enum cryptoerr evp_init (struct keystate *, u_int8_t *, u_int16_t, + const EVP_CIPHER *); enum cryptoerr des1_init (struct keystate *, u_int8_t *, u_int16_t); enum cryptoerr des3_init (struct keystate *, u_int8_t *, u_int16_t); enum cryptoerr blf_init (struct keystate *, u_int8_t *, u_int16_t); enum cryptoerr cast_init (struct keystate *, u_int8_t *, u_int16_t); -void des1_encrypt (struct keystate *, u_int8_t *, u_int16_t); -void des1_decrypt (struct keystate *, u_int8_t *, u_int16_t); -void des3_encrypt (struct keystate *, u_int8_t *, u_int16_t); -void des3_decrypt (struct keystate *, u_int8_t *, u_int16_t); -void blf_encrypt (struct keystate *, u_int8_t *, u_int16_t); -void blf_decrypt (struct keystate *, u_int8_t *, u_int16_t); -void cast1_encrypt (struct keystate *, u_int8_t *, u_int16_t); -void cast1_decrypt (struct keystate *, u_int8_t *, u_int16_t); +enum cryptoerr aes_init (struct keystate *, u_int8_t *, u_int16_t); +void evp_encrypt (struct keystate *, u_int8_t *, u_int16_t); +void evp_decrypt (struct keystate *, u_int8_t *, u_int16_t); struct crypto_xf transforms[] = { #ifdef USE_DES { DES_CBC, "Data Encryption Standard (CBC-Mode)", 8, 8, BLOCKSIZE, 0, des1_init, - des1_encrypt, des1_decrypt + evp_encrypt, evp_decrypt }, #endif #ifdef USE_TRIPLEDES { TRIPLEDES_CBC, "Triple-DES (CBC-Mode)", 24, 24, BLOCKSIZE, 0, des3_init, - des3_encrypt, des3_decrypt + evp_encrypt, evp_decrypt }, #endif #ifdef USE_BLOWFISH { BLOWFISH_CBC, "Blowfish (CBC-Mode)", 12, 56, BLOCKSIZE, 0, blf_init, - blf_encrypt, blf_decrypt + evp_encrypt, evp_decrypt }, #endif #ifdef USE_CAST { CAST_CBC, "CAST (CBC-Mode)", 12, 16, BLOCKSIZE, 0, cast_init, - cast1_encrypt, cast1_decrypt + evp_encrypt, evp_decrypt }, #endif -}; - -/* Hmm, the function prototypes for des are really dumb */ -#ifdef __OpenBSD__ -#define DC (des_cblock *) -#else -#define DC (void *) +#ifdef USE_AES + { + AES_CBC, "AES (CBC-Mode)", 16, 32, 2*BLOCKSIZE, 0, + aes_init, + evp_encrypt, evp_decrypt + }, #endif +}; +#ifdef USE_DES enum cryptoerr des1_init (struct keystate *ks, u_int8_t *key, u_int16_t len) { - /* des_set_key returns -1 for parity problems, and -2 for weak keys */ - des_set_odd_parity (DC key); - switch (des_set_key (DC key, ks->ks_des[0])) - { - case -2: - return EWEAKKEY; - default: - return EOKAY; - } -} + const EVP_CIPHER *evp; -void -des1_encrypt (struct keystate *ks, u_int8_t *d, u_int16_t len) -{ - des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_ENCRYPT); -} - -void -des1_decrypt (struct keystate *ks, u_int8_t *d, u_int16_t len) -{ - des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_DECRYPT); + evp = EVP_des_cbc(); + return evp_init (ks, key, len, evp); } +#endif #ifdef USE_TRIPLEDES enum cryptoerr des3_init (struct keystate *ks, u_int8_t *key, u_int16_t len) { - des_set_odd_parity (DC key); - des_set_odd_parity (DC (key + 8)); - des_set_odd_parity (DC (key + 16)); - - /* As of the draft Tripe-DES does not check for weak keys */ - des_set_key (DC key, ks->ks_des[0]); - des_set_key (DC (key + 8), ks->ks_des[1]); - des_set_key (DC (key + 16), ks->ks_des[2]); - - return EOKAY; -} - -void -des3_encrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) -{ - u_int8_t iv[MAXBLK]; - - memcpy (iv, ks->riv, ks->xf->blocksize); - des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1], - ks->ks_des[2], DC iv, DES_ENCRYPT); -} - -void -des3_decrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) -{ - u_int8_t iv[MAXBLK]; + const EVP_CIPHER *evp; - memcpy (iv, ks->riv, ks->xf->blocksize); - des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1], - ks->ks_des[2], DC iv, DES_DECRYPT); + evp = EVP_des_ede3_cbc(); + return evp_init (ks, key, len, evp); } -#undef DC -#endif /* USE_TRIPLEDES */ +#endif #ifdef USE_BLOWFISH enum cryptoerr blf_init (struct keystate *ks, u_int8_t *key, u_int16_t len) { - blf_key (&ks->ks_blf, key, len); + const EVP_CIPHER *evp; - return EOKAY; + evp = EVP_bf_cbc(); + return evp_init (ks, key, len, evp); } +#endif -void -blf_encrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) +#ifdef USE_CAST +enum cryptoerr +cast_init (struct keystate *ks, u_int8_t *key, u_int16_t len) { - u_int16_t i, blocksize = ks->xf->blocksize; - u_int8_t *iv = ks->liv; - u_int32_t xl, xr; + const EVP_CIPHER *evp; - memcpy (iv, ks->riv, blocksize); - - for (i = 0; i < len; data += blocksize, i += blocksize) - { - XOR64 (data, iv); - xl = GET_32BIT_BIG (data); - xr = GET_32BIT_BIG (data + 4); - Blowfish_encipher (&ks->ks_blf, &xl, &xr); - SET_32BIT_BIG (data, xl); - SET_32BIT_BIG (data + 4, xr); - SET64 (iv, data); - } + evp = EVP_cast5_cbc(); + return evp_init (ks, key, len, evp); } +#endif -void -blf_decrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) +#ifdef USE_AES +enum cryptoerr +aes_init (struct keystate *ks, u_int8_t *key, u_int16_t len) { - u_int16_t i, blocksize = ks->xf->blocksize; - u_int32_t xl, xr; + const EVP_CIPHER *evp; - data += len - blocksize; - for (i = len - blocksize; i >= blocksize; data -= blocksize, i -= blocksize) + switch (8 * len) { - xl = GET_32BIT_BIG (data); - xr = GET_32BIT_BIG (data + 4); - Blowfish_decipher (&ks->ks_blf, &xl, &xr); - SET_32BIT_BIG (data, xl); - SET_32BIT_BIG (data + 4, xr); - XOR64 (data, data - blocksize); - + case 128: + evp = EVP_aes_128_cbc(); + break; + case 192: + evp = EVP_aes_192_cbc(); + break; + case 256: + evp = EVP_aes_256_cbc(); + break; + default: + return EKEYLEN; } - xl = GET_32BIT_BIG (data); - xr = GET_32BIT_BIG (data + 4); - Blowfish_decipher (&ks->ks_blf, &xl, &xr); - SET_32BIT_BIG (data, xl); - SET_32BIT_BIG (data + 4, xr); - XOR64 (data, ks->riv); + return evp_init (ks, key, len, evp); } -#endif /* USE_BLOWFISH */ +#endif -#ifdef USE_CAST enum cryptoerr -cast_init (struct keystate *ks, u_int8_t *key, u_int16_t len) +evp_init (struct keystate *ks, u_int8_t *key, u_int16_t len, const EVP_CIPHER *evp) { - cast_setkey (&ks->ks_cast, key, len); + EVP_CIPHER_CTX_init(&ks->ks_evpenc); + EVP_CIPHER_CTX_init(&ks->ks_evpdec); + + if (EVP_CIPHER_key_length(evp) != len + && !(EVP_CIPHER_flags(evp) & EVP_CIPH_VARIABLE_LENGTH)) + return EKEYLEN; + if (EVP_CipherInit(&ks->ks_evpenc, evp, key, NULL, 1) <= 0) + return EKEYLEN; + if (EVP_CipherInit(&ks->ks_evpdec, evp, key, NULL, 0) <= 0) + return EKEYLEN; return EOKAY; } void -cast1_encrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) +evp_encrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) { - u_int16_t i, blocksize = ks->xf->blocksize; - u_int8_t *iv = ks->liv; - - memcpy (iv, ks->riv, blocksize); - - for (i = 0; i < len; data += blocksize, i += blocksize) - { - XOR64 (data, iv); - cast_encrypt (&ks->ks_cast, data, data); - SET64 (iv, data); - } + (void) EVP_CipherInit(&ks->ks_evpenc, NULL, NULL, ks->riv, -1); + EVP_Cipher(&ks->ks_evpenc, data, data, len); } void -cast1_decrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) +evp_decrypt (struct keystate *ks, u_int8_t *data, u_int16_t len) { - u_int16_t i, blocksize = ks->xf->blocksize; - - data += len - blocksize; - for (i = len - blocksize; i >= blocksize; data -= blocksize, i -= blocksize) - { - cast_decrypt (&ks->ks_cast, data, data); - XOR64 (data, data - blocksize); - } - cast_decrypt (&ks->ks_cast, data, data); - XOR64 (data, ks->riv); + (void) EVP_CipherInit(&ks->ks_evpdec, NULL, NULL, ks->riv, -1); + EVP_Cipher(&ks->ks_evpdec, data, data, len); } -#endif /* USE_CAST */ struct crypto_xf * crypto_get (enum transform id) diff --git a/sbin/isakmpd/crypto.h b/sbin/isakmpd/crypto.h index 760e8c6cb71..6cce31f19e7 100644 --- a/sbin/isakmpd/crypto.h +++ b/sbin/isakmpd/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.8 2003/06/03 14:28:16 ho Exp $ */ +/* $OpenBSD: crypto.h,v 1.9 2003/08/28 14:43:35 markus Exp $ */ /* $EOM: crypto.h,v 1.12 2000/10/15 21:56:41 niklas Exp $ */ /* @@ -32,56 +32,7 @@ #ifndef _CRYPTO_H_ #define _CRYPTO_H_ -#if defined (__APPLE__) - -#include <openssl/des.h> -#ifdef USE_BLOWFISH -#include <openssl/blowfish.h> -#endif -#ifdef USE_CAST -#include <openssl/cast.h> -#endif - -#else - -#include <des.h> -#ifdef USE_BLOWFISH -#include <blf.h> -#endif -#ifdef USE_CAST -#include <cast.h> -#endif - -#endif /* __APPLE__ */ - -#define USE_32BIT -#if defined (USE_64BIT) - -#define XOR64(x,y) *(u_int64_t *)(x) ^= *(u_int64_t *)(y); -#define SET64(x,y) *(u_int64_t *)(x) = *(u_int64_t *)(y); - -#elif defined (USE_32BIT) - -#define XOR64(x,y) *(u_int32_t *)(x) ^= *(u_int32_t *)(y); \ - *(u_int32_t *)((u_int8_t *)(x) + 4) ^= *(u_int32_t *)((u_int8_t *)(y) + 4); -#define SET64(x,y) *(u_int32_t *)(x) = *(u_int32_t *)(y); \ - *(u_int32_t *)((u_int8_t *)(x) + 4) = *(u_int32_t *)((u_int8_t *)(y) + 4); - -#else - -#define XOR8(x,y,i) (x)[i] ^= (y)[i]; -#define XOR64(x,y) XOR8(x,y,0); XOR8(x,y,1); XOR8(x,y,2); XOR8(x,y,3); \ - XOR8(x,y,4); XOR8(x,y,5); XOR8(x,y,6); XOR8(x,y,7); -#define SET8(x,y,i) (x)[i] = (y)[i]; -#define SET64(x,y) SET8(x,y,0); SET8(x,y,1); SET8(x,y,2); SET8(x,y,3); \ - SET8(x,y,4); SET8(x,y,5); SET8(x,y,6); SET8(x,y,7); - -#endif /* USE_64BIT */ - -#define SET_32BIT_BIG(x,y) (x)[3]= (y); (x)[2]= (y) >> 8; \ - (x)[1] = (y) >> 16; (x)[0]= (y) >> 24; -#define GET_32BIT_BIG(x) (u_int32_t)(x)[3] | ((u_int32_t)(x)[2] << 8) | \ - ((u_int32_t)(x)[1] << 16)| ((u_int32_t)(x)[0] << 24); +#include <openssl/evp.h> /* * This is standard for all block ciphers we use at the moment. @@ -90,7 +41,7 @@ */ #define BLOCKSIZE 8 -#define MAXBLK BLOCKSIZE +#define MAXBLK (2*BLOCKSIZE) struct keystate { struct crypto_xf *xf; /* Back pointer */ @@ -100,20 +51,13 @@ struct keystate { u_int8_t iv[MAXBLK]; /* Next IV to use */ u_int8_t iv2[MAXBLK]; u_int8_t *riv, *liv; - union { - des_key_schedule desks[3]; -#ifdef USE_BLOWFISH - blf_ctx blfks; -#endif -#ifdef USE_CAST - cast_key castks; -#endif - } keydata; + struct { + EVP_CIPHER_CTX enc, dec; + } evp; }; -#define ks_des keydata.desks -#define ks_blf keydata.blfks -#define ks_cast keydata.castks +#define ks_evpenc evp.enc +#define ks_evpdec evp.dec /* * Information about the cryptotransform. @@ -130,7 +74,8 @@ enum transform { BLOWFISH_CBC=3, RC5_R16_B64_CBC=4, /* Licensed, DONT use */ TRIPLEDES_CBC=5, /* This is a SHOULD */ - CAST_CBC=6 + CAST_CBC=6, + AES_CBC=7 }; enum cryptoerr { diff --git a/sbin/isakmpd/isakmpd.conf.5 b/sbin/isakmpd/isakmpd.conf.5 index 4f22cd2d912..a61eaf8fbca 100644 --- a/sbin/isakmpd/isakmpd.conf.5 +++ b/sbin/isakmpd/isakmpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.conf.5,v 1.84 2003/08/09 08:45:58 jmc Exp $ +.\" $OpenBSD: isakmpd.conf.5,v 1.85 2003/08/28 14:43:35 markus Exp $ .\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $ .\" .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -85,7 +85,7 @@ and transforms. .Pp For Main Mode: .Bd -filled -compact -.Ar {DES,BLF,3DES,CAST}-{MD5,SHA}[-GRP{1,2,5}][-{DSS,RSA_SIG}] +.Ar {DES,BLF,3DES,CAST,AES}-{MD5,SHA}[-GRP{1,2,5}][-{DSS,RSA_SIG}] .Ed .Pp For Quick Mode: diff --git a/sbin/isakmpd/regress/crypto/Makefile b/sbin/isakmpd/regress/crypto/Makefile index c4f9548984c..48739dbdc67 100644 --- a/sbin/isakmpd/regress/crypto/Makefile +++ b/sbin/isakmpd/regress/crypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2002/03/05 00:11:08 deraadt Exp $ +# $OpenBSD: Makefile,v 1.10 2003/08/28 14:43:35 markus Exp $ # $EOM: Makefile,v 1.7 2000/03/28 21:22:06 ho Exp $ # Test Crypto: @@ -10,7 +10,8 @@ TOPOBJ!= cd ${TOPSRC}; printf "all:\n\t@pwd\n" |${MAKE} -f- OS!= awk '/^OS=/ { print $$2 }' ${.CURDIR}/../../Makefile .PATH: ${TOPSRC} ${TOPSRC}/sysdep/${OS} ${TOPOBJ} CFLAGS+= -I${TOPSRC} -I${TOPSRC}/sysdep/${OS} -I${TOPOBJ} -Wall \ - -DUSE_TRIPLEDES -DUSE_CAST -DUSE_BLOWFISH -DUSE_DES + -DUSE_TRIPLEDES -DUSE_CAST -DUSE_BLOWFISH -DUSE_DES \ + -DUSE_AES LDADD+= -lcrypto -ldes DPADD+= ${LIBCRYPTO} ${LIBDES} NOMAN= diff --git a/sbin/isakmpd/regress/crypto/cryptotest.c b/sbin/isakmpd/regress/crypto/cryptotest.c index fbdaeae2a4f..6a9940f84f6 100644 --- a/sbin/isakmpd/regress/crypto/cryptotest.c +++ b/sbin/isakmpd/regress/crypto/cryptotest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptotest.c,v 1.8 2003/06/03 14:39:50 ho Exp $ */ +/* $OpenBSD: cryptotest.c,v 1.9 2003/08/28 14:43:35 markus Exp $ */ /* $EOM: cryptotest.c,v 1.5 1998/10/07 16:40:49 niklas Exp $ */ /* @@ -125,6 +125,8 @@ main (void) test_crypto (CAST_CBC); + test_crypto (AES_CBC); + special_test_blf (); return 1; |