Index: dist/configure.ac =================================================================== RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/configure.ac,v retrieving revision 1.42 diff -u -p -r1.42 configure.ac --- dist/configure.ac 9 Mar 2014 00:33:50 -0000 1.42 +++ dist/configure.ac 5 Apr 2020 18:27:06 -0000 @@ -60,7 +60,7 @@ AC_CHECK_HEADERS([dmalloc.h direct.h err AC_CHECK_HEADERS([openssl/aes.h openssl/bn.h openssl/camellia.h openssl/cast.h \ openssl/des.h openssl/dsa.h openssl/err.h openssl/idea.h \ openssl/md5.h openssl/rand.h openssl/rsa.h openssl/sha.h \ - openssl/err.h openssl/sha.h]) + openssl/err.h openssl/sha.h openssl/blowfish.h]) AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h sys/param.h \ sys/resource.h sys/uio.h]) Index: dist/src/lib/config.h.in =================================================================== RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in,v retrieving revision 1.17 diff -u -p -r1.17 config.h.in --- dist/src/lib/config.h.in 17 Feb 2014 06:38:07 -0000 1.17 +++ dist/src/lib/config.h.in 5 Apr 2020 18:27:06 -0000 @@ -39,6 +39,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_AES_H +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_BLOWFISH_H + /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_BN_H @@ -120,8 +123,7 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ZLIB_H -/* Define to the sub-directory in which libtool stores uninstalled libraries. - */ +/* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR /* Name of package */ Index: dist/src/lib/misc.c =================================================================== RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/misc.c,v retrieving revision 1.42 diff -u -p -r1.42 misc.c --- dist/src/lib/misc.c 13 Nov 2018 14:52:30 -0000 1.42 +++ dist/src/lib/misc.c 5 Apr 2020 18:27:06 -0000 @@ -816,6 +816,7 @@ static str2cipher_t str2cipher[] = { { "idea", PGP_SA_IDEA }, { "aes128", PGP_SA_AES_128 }, { "aes256", PGP_SA_AES_256 }, + { "blowfish", PGP_SA_BLOWFISH }, { "camellia128", PGP_SA_CAMELLIA_128 }, { "camellia256", PGP_SA_CAMELLIA_256 }, { "tripledes", PGP_SA_TRIPLEDES }, Index: dist/src/lib/symmetric.c =================================================================== RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c,v retrieving revision 1.18 diff -u -p -r1.18 symmetric.c --- dist/src/lib/symmetric.c 7 Nov 2010 08:39:59 -0000 1.18 +++ dist/src/lib/symmetric.c 5 Apr 2020 18:27:06 -0000 @@ -82,6 +82,10 @@ __RCSID("$NetBSD: symmetric.c,v 1.18 201 #include #endif +#ifdef HAVE_OPENSSL_BLOWFISH_H +#include +#endif + #include "crypto.h" #include "netpgpdefs.h" @@ -192,6 +196,81 @@ static pgp_crypt_t cast5 = TRAILER }; +#ifdef HAVE_OPENSSL_BLOWFISH_H + +/* RFC 4880 9.2 Blowfish 128 */ +#define BLOWFISH_KEY_LENGTH 16 + +static int +blowfish_init(pgp_crypt_t *crypt) +{ + if (crypt->encrypt_key) { + free(crypt->encrypt_key); + } + if ((crypt->encrypt_key = calloc(1, sizeof(BF_KEY))) == NULL) { + (void) fprintf(stderr, "blowfish_init: alloc failure\n"); + return 0; + } + if (crypt->keysize != BLOWFISH_KEY_LENGTH) { + (void) fprintf(stderr, "blowfish_init: keysize wrong\n"); + return 0; + } + BF_set_key(crypt->encrypt_key, (int)crypt->keysize, crypt->key); + if ((crypt->decrypt_key = calloc(1, sizeof(BF_KEY))) == NULL) { + (void) fprintf(stderr, "blowfish_init: alloc failure\n"); + return 0; + } + BF_set_key(crypt->decrypt_key, (int)crypt->keysize, crypt->key); + return 1; +} + +static void +blowfish_block_encrypt(pgp_crypt_t *crypt, void *out, const void *in) +{ + BF_ecb_encrypt(in, out, crypt->encrypt_key, BF_ENCRYPT); +} + +static void +blowfish_block_decrypt(pgp_crypt_t *crypt, void *out, const void *in) +{ + BF_ecb_encrypt(in, out, crypt->encrypt_key, BF_DECRYPT); +} + +static void +blowfish_cfb_encrypt(pgp_crypt_t *crypt, void *out, const void *in, size_t count) +{ + BF_cfb64_encrypt(in, out, (long)count, + crypt->encrypt_key, crypt->iv, &crypt->num, + BF_ENCRYPT); +} + +static void +blowfish_cfb_decrypt(pgp_crypt_t *crypt, void *out, const void *in, size_t count) +{ + BF_cfb64_encrypt(in, out, (long)count, + crypt->encrypt_key, crypt->iv, &crypt->num, + BF_DECRYPT); +} + +static pgp_crypt_t blowfish = +{ + PGP_SA_BLOWFISH, + BF_BLOCK, + BLOWFISH_KEY_LENGTH, + std_set_iv, + std_set_key, + blowfish_init, + std_resync, + blowfish_block_encrypt, + blowfish_block_decrypt, + blowfish_cfb_encrypt, + blowfish_cfb_decrypt, + std_finish, + TRAILER +}; + +#endif /* HAVE_OPENSSL_BLOWFISH_H */ + #ifndef OPENSSL_NO_IDEA static int idea_init(pgp_crypt_t *crypt) @@ -633,6 +712,11 @@ get_proto(pgp_symm_alg_t alg) #endif case PGP_SA_TRIPLEDES: return &tripledes; +#if defined HAVE_OPENSSL_BLOWFISH_H + case PGP_SA_BLOWFISH: + return &blowfish; +#endif + default: (void) fprintf(stderr, "Unknown algorithm: %d (%s)\n", alg, pgp_show_symm_alg(alg)); @@ -756,6 +840,9 @@ pgp_is_sa_supported(pgp_symm_alg_t alg) case PGP_SA_AES_128: case PGP_SA_AES_256: case PGP_SA_CAST5: +#if defined(HAVE_OPENSSL_BLOWFISH_H) + case PGP_SA_BLOWFISH: +#endif case PGP_SA_TRIPLEDES: #if defined(HAVE_OPENSSL_CAMELLIA_H) && !defined(OPENSSL_NO_CAMELLIA) case PGP_SA_CAMELLIA_128: