static void
do_arcfour_random(struct randomness *r, UINT32 length, UINT8 *dst)
{
#if ALLOCA_68K_BUG
ALLOCA_START(alloca_ref);
#endif
CAST(arcfour_random, self, r);
self->staging_count += RANDOM_POLL_FAST(self->super.poller, self->staging_area);
if (self->staging_count > STAGE_THRESHOLD)
{
/* Pour the collected randomness into the pool */
UINT8 *buf = alloca(self->staging_area->hash_size);
verbose("do_arcfour_random: Pouring staging area into pool.\n");
/* Get some data out of the pool, in order to keep any entropy
* there. */
arcfour_stream(&self->pool, self->staging_area->hash_size, buf);
HASH_UPDATE(self->staging_area, self->staging_area->hash_size, buf);
HASH_DIGEST(self->staging_area, buf);
arcfour_set_key(&self->pool, self->staging_area->hash_size, buf);
self->staging_count = 0;
}
arcfour_stream(&self->pool, length, dst);
#if ALLOCA_68K_BUG
ALLOCA_FREE(alloca_ref);
#endif
}
int
main (int argc, char *argv[])
{
arcfour_context ctx;
/* Test vector from Cryptlib via Libgcrypt labeled there: "from the
State/Commerce Department". */
static char key_1[] = { 0x61, 0x8A, 0x63, 0xD2, 0xFB };
static char plaintext_1[] = { 0xDC, 0xEE, 0x4C, 0xF9, 0x2C };
static const char ciphertext_1[] = { 0xF1, 0x38, 0x29, 0xC9, 0xDE };
char scratch[16];
arcfour_setkey (&ctx, key_1, sizeof (key_1));
arcfour_stream (&ctx, plaintext_1, scratch, sizeof (plaintext_1));
if (memcmp (scratch, ciphertext_1, sizeof (ciphertext_1)))
{
size_t i;
printf ("expected:\n");
for (i = 0; i < 5; i++)
printf ("%02x ", scratch[i] & 0xFF);
printf ("\ncomputed:\n");
for (i = 0; i < 5; i++)
printf ("%02x ", ciphertext_1[i] & 0xFF);
printf ("\n");
return 1;
}
/* decrypt */
arcfour_setkey (&ctx, key_1, sizeof (key_1));
arcfour_stream (&ctx, scratch, scratch, sizeof (plaintext_1));
if (memcmp (scratch, plaintext_1, sizeof (plaintext_1)))
{
size_t i;
printf ("expected:\n");
for (i = 0; i < 5; i++)
printf ("%02x ", plaintext_1[i] & 0xFF);
printf ("\ncomputed:\n");
for (i = 0; i < 5; i++)
printf ("%02x ", scratch[i] & 0xFF);
printf ("\n");
return 1;
}
return 0;
}
static void
do_arcfour_random_slow(struct randomness *r, UINT32 length, UINT8 *dst)
{
#if ALLOCA_68K_BUG
ALLOCA_START(alloca_ref);
#endif
CAST(arcfour_random, self, r);
unsigned count = RANDOM_POLL_SLOW(self->super.poller, self->staging_area);
debug("arcfour_random: entropy estimate for initialization: %i bits.\n",
count);
if (count < STAGE_THRESHOLD)
{
const struct exception low_entropy =
STATIC_EXCEPTION(EXC_RANDOMNESS_LOW_ENTROPY,
"Could not get enough entropy from the environment.");
EXCEPTION_RAISE(self->e, &low_entropy);
}
else
self->super.super.quality = 1;
{
/* Initialize the pool. */
UINT8 *buf = alloca(self->staging_area->hash_size);
verbose("do_arcfour_random_slow: Initalizing randomness pool.\n");
HASH_DIGEST(self->staging_area, buf);
arcfour_set_key(&self->pool, self->staging_area->hash_size, buf);
self->staging_count = 0;
}
self->super.super.random = do_arcfour_random;
arcfour_stream(&self->pool, length, dst);
#if ALLOCA_68K_BUG
ALLOCA_FREE(alloca_ref);
#endif
}
Gc_rc
gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data)
{
_gc_cipher_ctx *ctx = handle;
switch (ctx->alg)
{
#ifdef GNULIB_GC_ARCTWO
case GC_ARCTWO40:
switch (ctx->mode)
{
case GC_ECB:
arctwo_decrypt (&ctx->arctwoContext, data, data, len);
break;
case GC_CBC:
for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE,
data += ARCTWO_BLOCK_SIZE)
{
char tmpIV[ARCTWO_BLOCK_SIZE];
size_t i;
memcpy (tmpIV, data, ARCTWO_BLOCK_SIZE);
arctwo_decrypt (&ctx->arctwoContext, data, data,
ARCTWO_BLOCK_SIZE);
for (i = 0; i < ARCTWO_BLOCK_SIZE; i++)
data[i] ^= ctx->arctwoIV[i];
memcpy (ctx->arctwoIV, tmpIV, ARCTWO_BLOCK_SIZE);
}
break;
default:
return GC_INVALID_CIPHER;
}
break;
#endif
#ifdef GNULIB_GC_ARCFOUR
case GC_ARCFOUR128:
case GC_ARCFOUR40:
arcfour_stream (&ctx->arcfourContext, data, data, len);
break;
#endif
#ifdef GNULIB_GC_DES
case GC_DES:
for (; len >= 8; len -= 8, data += 8)
gl_des_ecb_decrypt (&ctx->desContext, data, data);
break;
#endif
#ifdef GNULIB_GC_RIJNDAEL
case GC_AES128:
case GC_AES192:
case GC_AES256:
{
int nblocks;
nblocks = rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey,
data, 8 * len, data);
if (nblocks < 0)
return GC_INVALID_CIPHER;
}
break;
#endif
default:
return GC_INVALID_CIPHER;
}
return GC_OK;
}
