New release

2025-07-02 22:46:30 +02:00 · 1998-09-14 15:49:56 +00:00 · 1998-09-14 15:49:56 +00:00 · c07a88da5d
commit c07a88da5d
parent bae662923c
61 changed files with 378 additions and 167 deletions
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@ -1,3 +1,11 @@
+Mon Sep 14 11:10:55 1998  Werner Koch  (wk@(none))
+
+	* blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.
+
+Mon Sep 14 09:19:25 1998  Werner Koch  (wk@(none))
+
+	* dynload.c (RTLD_NOW): Now defined to 1 if it is undefined.
+
 Mon Sep  7 17:04:33 1998  Werner Koch  (wk@(none))

 	* Makefile.am: Fixes to allow a different build directory
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@ -46,7 +46,7 @@ EXTRA_twofish_SOURCES = twofish.c


 tiger: $(srcdir)/tiger.c
-	$(COMPILE) -shared  -fPIC -o tiger $(srcdir)/tiger.c
+	$(COMPILE) -shared  -fPIC -O1 -o tiger $(srcdir)/tiger.c

 twofish: $(srcdir)/twofish.c
 	$(COMPILE) -shared  -fPIC -o twofish $(srcdir)/twofish.c
--- a/cipher/blowfish.c
+++ b/cipher/blowfish.c
@ -41,7 +41,7 @@
 #define CIPHER_ALGO_BLOWFISH	 4  /* blowfish 128 bit key */
 #define CIPHER_ALGO_BLOWFISH160 42  /* blowfish 160 bit key (not in OpenPGP)*/

-#define FNCCAST_SETKEY(f)  (void(*)(void*, byte*, unsigned))(f)
+#define FNCCAST_SETKEY(f)  (int(*)(void*, byte*, unsigned))(f)
 #define FNCCAST_CRYPT(f)   (void(*)(void*, byte*, byte*))(f)

 #define BLOWFISH_BLOCKSIZE 8
@ -55,7 +55,7 @@ typedef struct {
    u32 p[BLOWFISH_ROUNDS+2];
 } BLOWFISH_context;

-static void bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
+static int  bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
 static void encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
 static void decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );

@ -480,7 +480,7 @@ selftest()



-static void
+static int
 bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
 {
    int i, j;
@ -543,6 +543,19 @@ bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
 	c->s3[i]   = datal;
 	c->s3[i+1] = datar;
    }
+
+
+    /* Check for weak key.  A weak key is a key in which a value in */
+    /* the P-array (here c) occurs more than once per table.	    */
+    for(i=0; i < 255; i++ ) {
+	for( j=i+1; j < 256; j++) {
+	    if( (c->s0[i] == c->s0[j]) || (c->s1[i] == c->s1[j]) ||
+		(c->s2[i] == c->s2[j]) || (c->s3[i] == c->s3[j]) )
+		return G10ERR_WEAK_KEY;
+	}
+    }
+
+    return 0;
 }


@ -555,7 +568,7 @@ bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
 const char *
 blowfish_get_info( int algo, size_t *keylen,
 		   size_t *blocksize, size_t *contextsize,
-		   void (**r_setkey)( void *c, byte *key, unsigned keylen ),
+		   int	(**r_setkey)( void *c, byte *key, unsigned keylen ),
 		   void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		   void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
 		 )
--- a/cipher/blowfish.h
+++ b/cipher/blowfish.h
@ -26,7 +26,7 @@
 const char *
 blowfish_get_info( int algo, size_t *keylen,
 		   size_t *blocksize, size_t *contextsize,
-		   void (**setkey)( void *c, byte *key, unsigned keylen ),
+		   int	(**setkey)( void *c, byte *key, unsigned keylen ),
 		   void (**encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		   void (**decrypt)( void *c, byte *outbuf, byte *inbuf )
 		 );
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@ -47,7 +47,7 @@

 #define CIPHER_ALGO_CAST5	 3

-#define FNCCAST_SETKEY(f)  (void(*)(void*, byte*, unsigned))(f)
+#define FNCCAST_SETKEY(f)  (int(*)(void*, byte*, unsigned))(f)
 #define FNCCAST_CRYPT(f)   (void(*)(void*, byte*, byte*))(f)

 #define CAST5_BLOCKSIZE 8
@ -57,7 +57,7 @@ typedef struct {
    byte Kr[16];
 } CAST5_context;

-static void cast_setkey( CAST5_context *c, byte *key, unsigned keylen );
+static int  cast_setkey( CAST5_context *c, byte *key, unsigned keylen );
 static void encrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
 static void decrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );

@ -549,7 +549,7 @@ key_schedule( u32 *x, u32 *z, u32 *k )
 }


-static void
+static int
 cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
 {
  static int initialized;
@ -582,6 +582,7 @@ cast_setkey( CAST5_context *c, byte *key, unsigned keylen )

  #undef xi
  #undef zi
+    return 0;
 }


@ -594,7 +595,7 @@ cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
 const char *
 cast5_get_info( int algo, size_t *keylen,
 		   size_t *blocksize, size_t *contextsize,
-		   void (**r_setkey)( void *c, byte *key, unsigned keylen ),
+		   int	(**r_setkey)( void *c, byte *key, unsigned keylen ),
 		   void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		   void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
 		 )
--- a/cipher/cast5.h
+++ b/cipher/cast5.h
@ -25,7 +25,7 @@
 const char *
 cast5_get_info( int algo, size_t *keylen,
 		   size_t *blocksize, size_t *contextsize,
-		   void (**setkey)( void *c, byte *key, unsigned keylen ),
+		   int	(**setkey)( void *c, byte *key, unsigned keylen ),
 		   void (**encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		   void (**decrypt)( void *c, byte *outbuf, byte *inbuf )
 		 );
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@ -43,7 +43,7 @@ struct cipher_table_s {
    size_t blocksize;
    size_t keylen;
    size_t contextsize; /* allocate this amount of context */
-    void (*setkey)( void *c, byte *key, unsigned keylen );
+    int  (*setkey)( void *c, byte *key, unsigned keylen );
    void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
    void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
 };
@ -58,15 +58,15 @@ struct cipher_handle_s {
    byte iv[MAX_BLOCKSIZE];	/* (this should be ulong aligned) */
    byte lastiv[MAX_BLOCKSIZE];
    int  unused;  /* in IV */
-    void (*setkey)( void *c, byte *key, unsigned keylen );
+    int  (*setkey)( void *c, byte *key, unsigned keylen );
    void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
    void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
    byte context[1];
 };


-static void
-dummy_setkey( void *c, byte *key, unsigned keylen ) { }
+static int
+dummy_setkey( void *c, byte *key, unsigned keylen ) { return 0; }
 static void
 dummy_encrypt_block( void *c, byte *outbuf, byte *inbuf ) { BUG(); }
 static void
@ -346,10 +346,10 @@ cipher_close( CIPHER_HANDLE c )
 }


-void
+int
 cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen )
 {
-    (*c->setkey)( &c->context, key, keylen );
+    return (*c->setkey)( &c->context, key, keylen );
 }


--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@ -30,6 +30,11 @@
 #include "cipher.h"
 #include "dynload.h"

+
+#ifndef RTLD_NOW
+  #define RTLD_NOW  1
+#endif
+
 typedef struct ext_list {
    struct ext_list *next;
    void *handle; /* handle from dlopen() */
@ -234,7 +239,7 @@ enum_gnupgext_digests( void **enum_context,
 const char *
 enum_gnupgext_ciphers( void **enum_context, int *algo,
 		       size_t *keylen, size_t *blocksize, size_t *contextsize,
-		       void (**setkey)( void *c, byte *key, unsigned keylen ),
+		       int  (**setkey)( void *c, byte *key, unsigned keylen ),
 		       void (**encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		       void (**decrypt)( void *c, byte *outbuf, byte *inbuf )
 		     )
@ -242,7 +247,7 @@ enum_gnupgext_ciphers( void **enum_context, int *algo,
    EXTLIST r;
    ENUMCONTEXT *ctx;
    const char * (*finfo)(int, size_t*, size_t*, size_t*,
-			  void (**)( void *, byte *, unsigned),
+			  int  (**)( void *, byte *, unsigned),
 			  void (**)( void *, byte *, byte *),
 			  void (**)( void *, byte *, byte *));

--- a/cipher/dynload.h
+++ b/cipher/dynload.h
@ -31,7 +31,7 @@ enum_gnupgext_digests( void **enum_context,
 const char *
 enum_gnupgext_ciphers( void **enum_context, int *algo,
 		       size_t *keylen, size_t *blocksize, size_t *contextsize,
-		       void (**setkey)( void *c, byte *key, unsigned keylen ),
+		       int  (**setkey)( void *c, byte *key, unsigned keylen ),
 		       void (**encrypt)( void *c, byte *outbuf, byte *inbuf ),
 		       void (**decrypt)( void *c, byte *outbuf, byte *inbuf )
 		     );
--- a/cipher/twofish.c
+++ b/cipher/twofish.c
@ -29,7 +29,7 @@
 static void selftest(void);

 /* Macros used by the info function. */
-#define FNCCAST_SETKEY(f)  ((void(*)(void*, byte*, unsigned))(f))
+#define FNCCAST_SETKEY(f)  ((int(*)(void*, byte*, unsigned))(f))
 #define FNCCAST_CRYPT(f)   ((void(*)(void*, byte*, byte*))(f))

 /* Structure for an expanded Twofish key.  s contains the key-dependent
@ -443,7 +443,7 @@ static const byte exp_to_poly[492] = {
 /* Perform the key setup.  Note that this works *only* with 128-bit keys,
 * despite the API that makes it look like it might support other sizes. */

-static void
+static int
 twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
 {
   /* Temporaries for CALC_K. */
@ -577,6 +577,8 @@ twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
   CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B);
   CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00);
   CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D);
+
+   return 0;
 }

 /* Macros to compute the g() function in the encryption and decryption
@ -825,7 +827,7 @@ main()
 static const char *
 twofish_get_info (int algo, size_t *keylen,
 		  size_t *blocksize, size_t *contextsize,
-		  void (**r_setkey) (void *c, byte *key, unsigned keylen),
+		  int  (**r_setkey) (void *c, byte *key, unsigned keylen),
 		  void (**r_encrypt) (void *c, byte *outbuf, byte *inbuf),
 		  void (**r_decrypt) (void *c, byte *outbuf, byte *inbuf)
 		 )