Ejemplo n.º 1
1
Archivo: des_R.c Proyecto: kgadek/kpfp
void ecb(FILE* inf, FILE* keyf, DES_key_schedule klucz, int tryb) {
	printf("\n--- dzialania w trybie ECB...\n");
	FILE* outf = fopen("plik.out", "w");
	int i=0;
	DES_cblock in, out;
	if(tryb) {	
		fwrite((void*)&klucz, sizeof(unsigned char), sizeof(DES_key_schedule), keyf);
		while((i=fread(&in, sizeof(unsigned char), 8, inf))==8) {
			DES_ecb_encrypt(&in, &out, &klucz, 1);
			fwrite(&out, sizeof(unsigned char), 8, outf);
		}
		if(i) {
			while(i<8)
				in[i++]='\0';
			DES_ecb_encrypt(&in, &out, &klucz, 1);
			fwrite(&out, sizeof(unsigned char), 8, outf);
		}
	} else {
		fread((void*)&klucz, sizeof(unsigned char), sizeof(DES_key_schedule), keyf);
		while((i=fread(&in, sizeof(unsigned char), 8, inf))==8) {
			DES_ecb_encrypt(&in, &out, &klucz, 0);
			fwrite(&out, sizeof(unsigned char), 8, outf);
		}
		if(i) {
			while(i<8)
				in[i++]='\0';
			DES_ecb_encrypt(&in, &out, &klucz, 0);
			fwrite(&out, sizeof(unsigned char), 8, outf);
		}
	}
	fclose(outf);
}
Ejemplo n.º 2
1
void des::decrypt(char const* key, core::vector<byte> const& in, core::string& out)
{
    DES_cblock key_block;
    DES_key_schedule schedule;
    DES_string_to_key(key, &key_block);
    DES_set_key_checked(&key_block, &schedule);

    char* buf = (char*)malloc(in.size());

    core::vector<byte>::const_iterator iter = in.begin();
    DES_cblock* output = (DES_cblock*)buf;

    DES_cblock input;
    while (iter != in.end())
    {
        usize sz = in.end() - iter;
        if (sz >= 8)
            sz = 8;
        else
            memset(input, 0, sizeof(DES_cblock));
        memcpy(input, &*iter, sz);
        DES_ecb_encrypt(&input, output, &schedule, DES_DECRYPT);
        iter += sz;
        output += 1;
    }

    out = buf;

    free(buf);
}
Ejemplo n.º 3
1
int ofb64_decrypt(int data)
{
	struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1];
	int index;

	if (data == -1) {
		/*
		 * Back up one byte.  It is assumed that we will
		 * never back up more than one byte.  If we do, this
		 * may or may not work.
		 */
		if (stp->str_index)
			--stp->str_index;
		return(0);
	}

	index = stp->str_index++;
	if (index == sizeof(DES_cblock)) {
		DES_cblock b;
		DES_ecb_encrypt(&stp->str_feed,&b,&stp->str_sched, 1);
		memcpy(stp->str_feed, b, sizeof(DES_cblock));
		stp->str_index = 1;	/* Next time will be 1 */
		index = 0;		/* But now use 0 */
	}

	return(data ^ stp->str_feed[index]);
}
Ejemplo n.º 4
0
void openssl_des_crypt()
{
	int size;
	DES_cblock key;
	DES_cblock outputs;
	const_DES_cblock inputs;
	DES_key_schedule schedule;
	unsigned char tmp[16] = "des crypt";

	DES_random_key(&key);
	DES_string_to_key("beike2012", &key);
	DES_set_odd_parity(&key);
	des_check_key_parity(&key);
	DES_set_key_checked(&key, &schedule);
	DES_is_weak_key((const_DES_cblock *)tmp);
	DES_ecb_encrypt((const_DES_cblock *)tmp, &outputs, &schedule, DES_ENCRYPT);
	printf("\nDES_ecb_encrypt(%s) = ", tmp);
	for (size = 0; size < sizeof(outputs); size++)
		printf("%02x", outputs[size]);
	printf("\n");

	DES_ecb_encrypt(&outputs, &inputs, &schedule, DES_DECRYPT);
	printf("DES_ecb_decrypt(");
	for (size = 0; size < sizeof(outputs); size++)
		printf("%02x", outputs[size]);
	printf(") = %s\n", inputs);
}
Ejemplo n.º 5
0
int main(int argc,char **argv)
{
    DES_cblock key;
    /* DES_random_key(&key); */ /* generate a random key */
    DES_string_to_key("pass", &key);

    DES_key_schedule schedule;
    DES_set_key_checked(&key, &schedule);

    const_DES_cblock input = "hehehe";
    DES_cblock output;

    printf("cleartext:%s ", input);
    printf("\r\n ");

    DES_ecb_encrypt(&input, &output, &schedule, DES_ENCRYPT);
    printf("Encrypted! ");

    printf("ciphertext:");
    int i;
    for (i = 0; i < sizeof(input); i++)
        printf("%02x", output[i]);
    printf("\r\n ");

    DES_ecb_encrypt(&output, &input, &schedule, DES_DECRYPT);
    printf("Decrypted! ");
    printf("cleartext:%s ", input);
    printf("\r\n ");

    return 0;
}
Ejemplo n.º 6
0
void cIrdeto2::DES3(unsigned char *data, int mode)
{
  int m1, m2;
  if(mode) { m1=DES_DECRYPT; m2=DES_ENCRYPT; }
  else     { m1=DES_ENCRYPT; m2=DES_DECRYPT; }
  DES_ecb_encrypt((DES_cblock *)data,(DES_cblock *)data,&ks1,m1);
  DES_ecb_encrypt((DES_cblock *)data,(DES_cblock *)data,&ks2,m2);
  DES_ecb_encrypt((DES_cblock *)data,(DES_cblock *)data,&ks1,m1);
}
Ejemplo n.º 7
0
crypto_error_t crypto_mac(bytestring_t *dst,
                          const bytestring_t *ctx,
                          const bytestring_t *src)
{
    unsigned u,v;
    unsigned char tmp[8];
    unsigned char clr[8];
    unsigned char alg;
    crypto_error_t retval;
    bytestring_t *padded_src;
    DES_key_schedule key_schedule;
    DES_key_schedule key_schedule2;

    bytestring_get_element(&alg,ctx,0);

    if (alg==CRYPTO_ALG_ISO9797_M3)
    {
        padded_src = bytestring_new(8);
        retval = crypto_pad(padded_src,ctx,src);
        if (retval!=CRYPTO_OK)
        {
            bytestring_free(padded_src);
            return retval;
        }
        memset(tmp,0,8);

        memcpy(&key_schedule,ctx->data+KS_HEADER_SIZE,DES_KS_SIZE);
        memcpy(&key_schedule2,ctx->data+KS_HEADER_SIZE+DES_KS_SIZE,DES_KS_SIZE);

        for (u=0; u<bytestring_get_size(padded_src)/8; u++)
        {
            for (v=0; v<8; v++) clr[v]=padded_src->data[u*8+v]^tmp[v];
            DES_ecb_encrypt((const_DES_cblock *)clr,
                            (DES_cblock *)tmp,
                            &key_schedule,
                            DES_ENCRYPT);
        }
        memcpy(clr,tmp,8);
        DES_ecb_encrypt((const_DES_cblock *)clr,
                        (DES_cblock *)tmp,
                        &key_schedule2,
                        DES_DECRYPT);
        memcpy(clr,tmp,8);
        DES_ecb_encrypt((const_DES_cblock *)clr,
                        (DES_cblock *)tmp,
                        &key_schedule,
                        DES_ENCRYPT);
        bytestring_assign_data(dst,8,tmp);
        bytestring_free(padded_src);
    }
    else
        return CRYPTO_ERROR_UNKNOWN_ALGORITHM;
    return CRYPTO_OK;
}
Ejemplo n.º 8
0
static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
			  const unsigned char *in, unsigned int inl)
{
	BLOCK_CIPHER_ecb_loop()
		DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
	return 1;
}
Ejemplo n.º 9
0
static void
ecb_test(char key[8], char in[8], char out[8])
{
    unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8];
    DES_key_schedule s;

    memcpy(k, key, 8);
    memcpy(indata, in, 8);
    memcpy(ansdata, out, 8);
    DES_set_odd_parity(&k);
    DES_set_key_unchecked(&k, &s);
    DES_ecb_encrypt(&indata, &outdata, &s, 1);
    if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
	errx(1, "des: encrypt");
    DES_ecb_encrypt(&outdata, &outdata2, &s, 0);
    if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
	errx(1, "des: decrypt");
}
Ejemplo n.º 10
0
/* DES: encrypt and decrypt known plaintext, verify result matches original plaintext
*/
static int FIPS_des_test()
    {
    DES_cblock userkey = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d };
    DES_cblock plaintext = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' };

    DES_key_schedule key;
    DES_cblock ciphertext;
    DES_cblock buf;

    ERR_clear_error();
    if (DES_set_key(&userkey, &key) < 0)
        return 0;
    DES_ecb_encrypt( &plaintext, &ciphertext, &key, 1);
    DES_ecb_encrypt( &ciphertext, &buf, &key, 0);
    if (memcmp(buf, plaintext, sizeof(buf)))
        return 0;
    return 1;
    }
Ejemplo n.º 11
0
static void decrypt(void *p, off_t len)
{
	DES_cblock *pblock;
	int num_blocks;
 
	num_blocks = (len - 3) / 8;
	pblock = (DES_cblock *) (p + 3);
	while (num_blocks--) {
		DES_ecb_encrypt(pblock, pblock, &schedule, DES_DECRYPT);
		pblock++;
	}
 
	num_blocks = len / 8;
	pblock = (DES_cblock *) p;
	while (num_blocks--) {
		DES_ecb_encrypt(pblock, pblock, &schedule, DES_DECRYPT);
		pblock++;
	}
}
Ejemplo n.º 12
0
void des_ecb_crypt(unsigned char* input, unsigned char* output, int encrypt, unsigned char* key) {

    des_key_schedule sched;
    des_set_key((des_cblock *) key, sched);

    DES_ecb_encrypt((const_DES_cblock *)input,
                     (const_DES_cblock *)output,
                     &sched,
                     encrypt);
}
Ejemplo n.º 13
0
void
cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_LENGTH],
    unsigned char *src,
    unsigned char *dst)
{
    DES_key_schedule sched;

    DES_set_key_unchecked((DES_cblock*)key, &sched);
    DES_ecb_encrypt((DES_cblock *)src, (DES_cblock *)dst, &sched, DES_ENCRYPT);
}
Ejemplo n.º 14
0
void
mschap_des_encrypt(u_int8_t *clear, u_int8_t *key, u_int8_t *cipher)
{
	DES_cblock		des_key;
	DES_key_schedule	key_schedule;

	mschap_des_addparity(key, des_key);

	DES_set_key(&des_key, &key_schedule);
	DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
	    &key_schedule, 1);
}
Ejemplo n.º 15
0
GByteArray*
gq_hash_lmhash(gchar const* data, gsize len)
{
     unsigned int i;
     char hex[2];
     char plain[15];
     DES_key_schedule schedule;
     GByteArray *gb = NULL;
     DES_cblock ckey1, ckey2;
     DES_cblock bin1,  bin2;

     memset(plain, 0, sizeof(plain));

     for (i = 0 ; i < len && i < 14 ; i++) {
	  plain[i] = toupper(data[i]);
     }

     lm_make_key(plain, &ckey1);
     DES_set_key_unchecked(&ckey1, &schedule);
     DES_ecb_encrypt((DES_cblock*)lmhash_key, &bin1, &schedule, DES_ENCRYPT);

     lm_make_key(plain + 7, &ckey2);
     DES_set_key_unchecked(&ckey2, &schedule);
     DES_ecb_encrypt((DES_cblock*)lmhash_key, &bin2, &schedule, DES_ENCRYPT);

     gb = g_byte_array_new();

     for(i = 0 ; i < sizeof(bin1) ; i++) {
	  hex[0] = hexdigit[bin1[i] / 16];
	  hex[1] = hexdigit[bin1[i] % 16];
	  g_byte_array_append(gb, (guchar*)hex, 2);
     }
     for(i = 0 ; i < sizeof(bin2) ; i++) {
	  hex[0] = hexdigit[bin2[i] / 16];
	  hex[1] = hexdigit[bin2[i] % 16];
	  g_byte_array_append(gb, (guchar*)hex, 2);
     }
     return gb;
}
Ejemplo n.º 16
0
void hitron_crypt(FILE *out, FILE *in, int enc)
{
	size_t i, n = -1;
	DES_cblock buffer[BUFFER_SIZE];
	DES_key_schedule schedule;
	DES_set_key_unchecked(&hitron_key, &schedule);
	while((n = fread((void *)&buffer, sizeof(DES_cblock), BUFFER_SIZE, in)) > 0) {
		for(i = 0; i < n; i++) {
			DES_ecb_encrypt(&buffer[i], &buffer[i], &schedule, enc);
		}
		fwrite((void *)&buffer, sizeof(DES_cblock), n, out);
	}
}
Ejemplo n.º 17
0
void
tokenchallenge(char *user, char *challenge, int size, char *card_type)
{
	TOKENDB_Rec tr;
	TOKEN_CBlock cb;
	DES_key_schedule ks;
	int r, c;

	r = 1;	/* no reduced input mode by default! */

	if ((tt->modes & TOKEN_RIM) &&
	    tokendb_getrec(user, &tr) == 0 &&
	    (tr.mode & TOKEN_RIM)) {
		c = 0;
		while ((r = tokendb_lockrec(user, &tr, TOKEN_LOCKED)) == 1) {
			if (c++ >= 60)
				break;
			sleep(1);
		}
		tr.flags &= ~TOKEN_LOCKED;
		if (r == 0 && tr.rim[0]) {
			h2cb(tr.secret, &cb);
			DES_fixup_key_parity(&cb.cb);
			DES_key_sched(&cb.cb, &ks);
			DES_ecb_encrypt(&tr.rim, &cb.cb, &ks, DES_ENCRYPT);
			memcpy(tr.rim, cb.cb, 8);
			for (r = 0; r < 8; ++r) {
				if ((tr.rim[r] &= 0xf) > 9)
					tr.rim[r] -= 10;
				tr.rim[r] |= 0x30;
			}
			r = 0;		/* reset it back */
			memcpy(tokennumber.ct, tr.rim, 8);
			tokennumber.ct[8] = 0;
			tokendb_putrec(user, &tr);
		}
	}
	if (r != 0 || tr.rim[0] == '\0') {
		memset(tokennumber.ct, 0, sizeof(tokennumber.ct));
		snprintf(tokennumber.ct, sizeof(tokennumber.ct), "%8.8u",
		    arc4random());
		if (r == 0) {
			memcpy(tr.rim, tokennumber.ct, 8);
			tokendb_putrec(user, &tr);
		}
	}

	snprintf(challenge, size, "%s Challenge \"%s\"\r\n%s Response: ",
	    card_type, tokennumber.ct, card_type);
}
Ejemplo n.º 18
0
static uint64_t feistel_enc(uint32_t a, uint32_t b, uint32_t m, uint8_t *key[], uint32_t round)
{
    uint64_t L, R;
    uint64_t tmp, nval;
    uint64_t mod;
    uint8_t val[8];
    uint8_t res[8];
    int i;
    DES_cblock ckey;
    DES_key_schedule schd;
    
    L = m % a;
    R = (uint64_t)floor((double)m / (double)a);
    
    memset(val, 0, 8 * sizeof(uint8_t));
    for(i = 0; i < round; i ++)
    {
        memcpy(val, &R, 8 * sizeof(uint8_t));

        memset(&ckey, 0, sizeof(DES_cblock));
        memcpy(&ckey, key[i], PERMKEYLENGTH);
        memset(res, 0, 8 * sizeof(char));
        memset(&schd, 0, sizeof(DES_key_schedule));

        DES_set_odd_parity(&ckey);
        DES_set_key_checked(&ckey, &schd);
        DES_ecb_encrypt((const_DES_cblock *)val, (DES_cblock *)res, 
                         &schd, DES_ENCRYPT);

        nval = *((uint64_t *)res);
        
        mod = ((i & 0x1) == 0) ? a : b;
        tmp = ((L % mod)+ (nval % mod)) % mod;

        L = R;
        R = tmp;

        memset(val, 0, 8 * sizeof(uint8_t));
    }

    if((round & 0x1) == 1)
    {
        return a * L + R;
    }
    else
    {
        return a * R + L;
    }

}
Ejemplo n.º 19
0
static int
ossl_des_ecb_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen,
					 uint8 *res)
{
	unsigned	bs = gen_ossl_block_size(c);
	unsigned	i;
	ossldata   *od = c->ptr;

	for (i = 0; i < dlen / bs; i++)
		DES_ecb_encrypt((DES_cblock *) (data + i * bs),
						(DES_cblock *) (res + i * bs),
						&od->u.des.key_schedule, 0);
	return 0;
}
Ejemplo n.º 20
0
static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
                          size_t in_len) {
  if (in_len < ctx->cipher->block_size) {
    return 1;
  }
  in_len -= ctx->cipher->block_size;

  EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
  for (size_t i = 0; i <= in_len; i += ctx->cipher->block_size) {
    DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i),
                    &dat->ks.ks, ctx->encrypt);
  }
  return 1;
}
Ejemplo n.º 21
0
int _des_crypt(char *buf, int len, struct desparams *desp)
{
    DES_key_schedule ks;
    int enc;

    DES_set_key_unchecked(&desp->des_key, &ks);
    enc = (desp->des_dir == ENCRYPT) ? DES_ENCRYPT : DES_DECRYPT;

    if (desp->des_mode == CBC)
        DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
                        (DES_cblock *)desp->UDES.UDES_buf, &ks, enc);
    else {
        DES_ncbc_encrypt(desp->UDES.UDES_buf, desp->UDES.UDES_buf,
                         len, &ks, &desp->des_ivec, enc);
    }
    return (1);
}
Ejemplo n.º 22
0
void ofb64_encrypt(unsigned char *s, int c)
{
	struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1];
	int index;

	index = stp->str_index;
	while (c-- > 0) {
		if (index == sizeof(DES_cblock)) {
			DES_cblock b;
			DES_ecb_encrypt(&stp->str_feed,&b, &stp->str_sched, 1);
			memcpy(stp->str_feed, b, sizeof(DES_cblock));
			index = 0;
		}
		*s++ ^= stp->str_feed[index];
		index++;
	}
	stp->str_index = index;
}
Ejemplo n.º 23
0
void EncryptDecryptUtil::Des_Ecb_Decrypt(char* srcBytes, uint32 srcLen, char* destBytes, const char* encryptKey)
{
	DES_key_schedule schedule;
	DES_set_key_unchecked((const_DES_cblock*)encryptKey, &schedule);

	unsigned char padChar = '\0';
	uint32 alignLen = (srcLen / 8 + (srcLen % 8 ? 1 : 0)) * 8;
	memset(srcBytes + srcLen, padChar, 8 - srcLen % 8);

	uint32 count = srcLen / 8;
	uint32 idx = 0;
	for (idx = 0; idx < count; idx++)
	{
		DES_ecb_encrypt((const_DES_cblock*)(srcBytes + 8 * idx), (DES_cblock*)(destBytes + 8 * idx), &schedule, DES_DECRYPT);
	}

	memcpy(srcBytes + 8 * idx, destBytes + 8 * idx, 8 - srcLen % 8);
}
Ejemplo n.º 24
0
NOEXPORT void crypt_DES(DES_cblock dst, const_DES_cblock src, DES_cblock hash) {
    DES_cblock key;
    DES_key_schedule sched;

    /* convert key from 56 to 64 bits */
    key[0]=hash[0];
    key[1]=((hash[0]&1)<<7)|(hash[1]>>1);
    key[2]=((hash[1]&3)<<6)|(hash[2]>>2);
    key[3]=((hash[2]&7)<<5)|(hash[3]>>3);
    key[4]=((hash[3]&15)<<4)|(hash[4]>>4);
    key[5]=((hash[4]&31)<<3)|(hash[5]>>5);
    key[6]=((hash[5]&63)<<2)|(hash[6]>>6);
    key[7]=((hash[6]&127)<<1);
    DES_set_odd_parity(&key);

    /* encrypt */
    DES_set_key_unchecked(&key, &sched);
    DES_ecb_encrypt((const_DES_cblock *)src,
        (DES_cblock *)dst, &sched, DES_ENCRYPT);
}
Ejemplo n.º 25
0
void cfb64_encrypt(unsigned char *s, int c)
{
	struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1];
	int index;

	index = stp->str_index;
	while (c-- > 0) {
		if (index == sizeof(DES_cblock)) {
			DES_cblock b;
			DES_ecb_encrypt(&stp->str_output, &b,&stp->str_sched, 1);
			memcpy(stp->str_feed, b, sizeof(DES_cblock));
			index = 0;
		}

		/* On encryption, we store (feed ^ data) which is cypher */
		*s = stp->str_output[index] = (stp->str_feed[index] ^ *s);
		s++;
		index++;
	}
	stp->str_index = index;
}
Ejemplo n.º 26
0
NNT_BEGIN_HEADER_C

# include <openssl/des.h>
# include <math.h>

NNT_END_HEADER_C

NNT_BEGIN_CXX

void des::encrypt(char const* key, core::string const& in, core::vector<byte>& out)
{
    DES_cblock key_block;
    DES_key_schedule schedule;
    DES_string_to_key(key, &key_block);
    DES_set_key_checked(&key_block, &schedule);

    usize sz = (usize)ceil((double)in.size() / sizeof(DES_cblock)) * sizeof(DES_cblock);
    out.resize(sz);

    core::string::const_iterator iter = in.begin();
    DES_cblock* output = (DES_cblock*)core::pointer(out);

    DES_cblock input;
    while (iter != in.end())
    {
        usize sz = in.end() - iter;
        if (sz >= 8)
            sz = 8;
        else
            memset(input, 0, sizeof(DES_cblock));
        memcpy(input, &*iter, sz);
        DES_ecb_encrypt(&input, output, &schedule, DES_ENCRYPT);
        iter += sz;
        output += 1;
    }
}
Ejemplo n.º 27
0
int CmdHF14AMfDESAuth(const char *Cmd){
        
    uint8_t blockNo = 0;
    //keyNo=0;
    uint32_t cuid=0;
    uint8_t reply[16];
    //DES_cblock r1_b1;
    uint8_t b1[8]={ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
    uint8_t b2[8]={ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
    DES_cblock nr,  b0, r1, r0;
    
    
    uint8_t key[8]={ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
    //DES_cblock iv={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
    DES_key_schedule ks1;
    DES_cblock key1;

    if (strlen(Cmd)<1) {
        PrintAndLog("Usage:  hf desfire des-auth k <key number>");
        PrintAndLog("        sample: hf desfire des-auth k 0");
        return 0;
    } 
    
    //Change key to user defined one
    
    memcpy(key1,key,8);
    //memcpy(key2,key+8,8);
    DES_set_key((DES_cblock *)key1,&ks1);
    //DES_set_key((DES_cblock *)key2,&ks2);
        
    //Auth1
    UsbCommand c = {CMD_MIFARE_DES_AUTH1, {blockNo}};
    SendCommand(&c);
    UsbCommand resp;
    if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
        uint8_t isOK  = resp.arg[0] & 0xff;
	        cuid  = resp.arg[1];
        uint8_t * data= resp.d.asBytes;

         if (isOK){
             PrintAndLog("enc(nc)/b0:%s", sprint_hex(data+2,8));
             memcpy(b0,data+2,8);
	}
    } else {
        PrintAndLog("Command execute timeout");
    }
       
    //Do crypto magic
    DES_random_key(&nr);
    //b1=dec(nr)
    //r0=dec(b0)
    DES_ecb_encrypt(&nr,&b1,&ks1,0);
    DES_ecb_encrypt(&b0,&r0,&ks1,0);
    //PrintAndLog("b1:%s",sprint_hex(b1, 8));
    PrintAndLog("r0:%s",sprint_hex(r0, 8));
    //r1=rol(r0)
    memcpy(r1,r0,8);
    rol(r1,8);
    PrintAndLog("r1:%s",sprint_hex(r1, 8));
    for(int i=0;i<8;i++){   
      b2[i]=(r1[i] ^ b1[i]);
    }
    DES_ecb_encrypt(&b2,&b2,&ks1,0);
    //PrintAndLog("b1:%s",sprint_hex(b1, 8));
    PrintAndLog("b2:%s",sprint_hex(b2, 8));

    //Auth2
    UsbCommand d = {CMD_MIFARE_DES_AUTH2, {cuid}};
    memcpy(reply,b1,8);
    memcpy(reply+8,b2,8);
    memcpy(d.d.asBytes,reply, 16);
    SendCommand(&d);

    UsbCommand respb;
    if (WaitForResponseTimeout(CMD_ACK,&respb,1500)) {
        uint8_t  isOK  = respb.arg[0] & 0xff;
        uint8_t * data2= respb.d.asBytes;

        if (isOK){
            PrintAndLog("b3:%s", sprint_hex(data2+2, 8));
	}
                 
    } else {
        PrintAndLog("Command execute timeout");
    } 
    return 1;
}
Ejemplo n.º 28
0
static int cardos_sm4h(const unsigned char *in, size_t inlen, unsigned char
	*out, size_t outlen, const unsigned char *key, size_t keylen) {
	/* using a buffer with an APDU, build an SM 4h APDU for cardos */

	int plain_lc;	/* data size in orig APDU */
	unsigned int mac_input_len, enc_input_len;
	unsigned char *mac_input, *enc_input;
	DES_key_schedule ks_a, ks_b;
	DES_cblock des_in,des_out;
	unsigned int i,j;

	if (keylen != 16) {
		printf("key has wrong size, need 16 bytes, got %zd. aborting.\n",
			keylen);
		return 0;
	}

	if (inlen < 4)
		return 0;	/* failed, apdu too short */
	if (inlen <= 5)
		plain_lc = 0;
	if (inlen > 5)
		plain_lc = in[4];
	
	/* 4 + plain_lc plus 0..7 bytes of padding */
	mac_input_len = 4 + plain_lc;
	while (mac_input_len % 8) mac_input_len++;

	mac_input = calloc(1,mac_input_len);
	if (!mac_input) {
		printf("out of memory, aborting\n");
		return 0;
	}
	mac_input[0] = in[1]; 	/* ins */
	mac_input[1] = in[2]; 	/* p1 */
	mac_input[2] = in[3]; 	/* p2 */
	mac_input[3] = plain_lc + 8;
	if (plain_lc)	/* copy data from in APDU */
		memcpy(&mac_input[4],&in[5],plain_lc);
	/* calloc already did the ansi padding: rest is 00 */
	
	/* prepare des key using first 8 bytes of key */
	DES_set_key((const_DES_cblock*) &key[0], &ks_a);
	/* prepare des key using second 8 bytes of key */
	DES_set_key((const_DES_cblock*) &key[8], &ks_b);

	/* first block: XOR with IV and encrypt with key A IV is 8 bytes 00 */
	for (i=0; i < 8; i++) des_in[i] = mac_input[i]^00;
	DES_ecb_encrypt(&des_in, &des_out, &ks_a, 1);

	/* all other blocks: XOR with prev. result and encrypt with key A */
	for (j=1; j < (mac_input_len / 8); j++) {
		for (i=0; i < 8; i++) des_in[i] = mac_input[i+j*8]^des_out[i];
		DES_ecb_encrypt(&des_in, &des_out, &ks_a, 1);
	}

	/* now decrypt with key B and encrypt with key A again */
	/* (a noop if key A and B are the same, e.g. 8 bytes ff */
	for (i=0; i < 8; i++) des_in[i] = des_out[i];
	DES_ecb_encrypt(&des_in, &des_out, &ks_b, 0);
	for (i=0; i < 8; i++) des_in[i] = des_out[i];
	DES_ecb_encrypt(&des_in, &des_out, &ks_a, 1);

	/* now we want to enc:
 	 * orig APDU data plus mac (8 bytes) plus iso padding (1-8 bytes) */
	enc_input_len = plain_lc + 8 + 1;
	while (enc_input_len % 8) enc_input_len++;

	enc_input = calloc(1,enc_input_len);
	if (!enc_input) {
		free(mac_input);
		printf("out of memory, aborting\n");
		return 0;
	}
	if (plain_lc) 
		memcpy(&enc_input[0],&in[5],plain_lc);
	for (i=0; i < 8; i++) enc_input[i+plain_lc] = des_out[i];
	enc_input[plain_lc+8] = 0x80; /* iso padding */
	/* calloc already cleard the remaining bytes to 00 */

	if (outlen < 5 + enc_input_len) {
		free(mac_input);
		free(enc_input);
		printf("output buffer too small, aborting.\n");
		return 0;
	}

	out[0] = in[0];	/* cla */
	out[1] = in[1];	/* ins */
	out[2] = in[2];	/* p1 */
	out[3] = in[3];	/* p2 */
	out[4] = enc_input_len;	/* lc */

	/* encrypt first block */

	/* xor data and IV (8 bytes 00) to get input data */
	for (i=0; i < 8; i++) des_in[i] = enc_input[i] ^ 00;
	
	/* encrypt with des2 (tripple des, but using keys A-B-A) */
	DES_ecb2_encrypt(&des_in, &des_out, &ks_a, &ks_b, 1);

	/* copy encrypted bytes into output */
	for (i=0; i < 8; i++) out[5+i] = des_out[i];

	/* encrypt other blocks (usualy one) */
	for (j=1; j < (enc_input_len / 8); j++) {
		/* xor data and prev. result to get input data */
		for (i=0; i < 8; i++) des_in[i] = enc_input[i+j*8] ^ des_out[i];
	
		/* encrypt with des2 (tripple des, but using keys A-B-A) */
		DES_ecb2_encrypt(&des_in, &des_out, &ks_a, &ks_b, 1);

		/* copy encrypted bytes into output */
		for (i=0; i < 8; i++) out[5+8*j+i] = des_out[i];
	}
	if (verbose)	{
		printf ("Unencrypted APDU:\n");
		util_hex_dump_asc(stdout, in, inlen, -1);
		printf ("Encrypted APDU:\n");
		util_hex_dump_asc(stdout, out, out[4] + 5, -1);
		printf ("\n");
	}
	free(mac_input);
	free(enc_input);
	return 1;
}
Ejemplo n.º 29
0
static void
do_getticket (krb5_context context,
	      krb5_kdc_configuration *config,
	      struct rx_header *hdr,
	      krb5_storage *sp,
	      struct sockaddr_in *addr,
	      const char *from,
	      krb5_data *reply)
{
    krb5_error_code ret;
    int kvno;
    char *auth_domain = NULL;
    krb5_data aticket;
    char *name = NULL;
    char *instance = NULL;
    krb5_data times;
    int32_t max_seq_len;
    hdb_entry_ex *server_entry = NULL;
    hdb_entry_ex *client_entry = NULL;
    hdb_entry_ex *krbtgt_entry = NULL;
    Key *kkey = NULL;
    Key *skey = NULL;
    DES_cblock key;
    DES_key_schedule schedule;
    DES_cblock session;
    time_t max_life;
    int8_t life;
    time_t start_time, end_time;
    char server_name[256];
    char client_name[256];
    struct _krb5_krb_auth_data ad;

    krb5_data_zero (&aticket);
    krb5_data_zero (&times);

    memset(&ad, 0, sizeof(ad));

    unparse_getticket_args (sp, &kvno, &auth_domain, &aticket,
			    &name, &instance, &times, &max_seq_len);
    if (times.length < 8) {
	make_error_reply (hdr, KABADREQUEST, reply);
	goto out;
	
    }

    snprintf (server_name, sizeof(server_name),
	      "%s.%s@%s", name, instance, config->v4_realm);

    ret = _kdc_db_fetch4 (context, config, name, instance,
			  config->v4_realm, HDB_F_GET_SERVER, &server_entry);
    if (ret) {
	kdc_log(context, config, 0, "Server not found in database: %s: %s",
		server_name, krb5_get_err_text(context, ret));
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }

    ret = _kdc_db_fetch4 (context, config, "krbtgt",
		     config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry);
    if (ret) {
	kdc_log(context, config, 0,
		"Server not found in database: %s.%s@%s: %s",
		"krbtgt", config->v4_realm,  config->v4_realm,
		krb5_get_err_text(context, ret));
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }

    /* find a DES key */
    ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey);
    if(ret){
	kdc_log(context, config, 0, "no suitable DES key for krbtgt");
	make_error_reply (hdr, KANOKEYS, reply);
	goto out;
    }

    /* find a DES key */
    ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
    if(ret){
	kdc_log(context, config, 0, "no suitable DES key for server");
	make_error_reply (hdr, KANOKEYS, reply);
	goto out;
    }

    /* decrypt the incoming ticket */
    memcpy (&key, kkey->key.keyvalue.data, sizeof(key));

    /* unpack the ticket */
    {
	char *sname = NULL;
	char *sinstance = NULL;

	ret = _krb5_krb_decomp_ticket(context, &aticket, &kkey->key,
				      config->v4_realm, &sname,
				      &sinstance, &ad);
	if (ret) {
	    const char *msg = krb5_get_error_message(context, ret);
	    kdc_log(context, config, 0,
		    "kaserver: decomp failed for %s.%s with %s %d",
		    msg, sname, sinstance, ret);
	    krb5_free_error_message(context, msg);
	    make_error_reply (hdr, KABADTICKET, reply);
	    goto out;
	}

	if (strcmp (sname, "krbtgt") != 0
	    || strcmp (sinstance, config->v4_realm) != 0) {
	    kdc_log(context, config, 0, "no TGT: %s.%s for %s.%s@%s",
		    sname, sinstance,
		    ad.pname, ad.pinst, ad.prealm);
	    make_error_reply (hdr, KABADTICKET, reply);
	    free(sname);
	    free(sinstance);
	    goto out;
	}
	free(sname);
	free(sinstance);

	if (kdc_time > _krb5_krb_life_to_time(ad.time_sec, ad.life)) {
	    kdc_log(context, config, 0, "TGT expired: %s.%s@%s",
		    ad.pname, ad.pinst, ad.prealm);
	    make_error_reply (hdr, KABADTICKET, reply);
	    goto out;
	}
    }

    snprintf (client_name, sizeof(client_name),
	      "%s.%s@%s", ad.pname, ad.pinst, ad.prealm);

    kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s",
	    client_name, from, server_name);

    ret = _kdc_db_fetch4 (context, config,
			  ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT,
			  &client_entry);
    if(ret && ret != HDB_ERR_NOENTRY) {
	kdc_log(context, config, 0,
		"Client not found in database: (krb4) %s: %s",
		client_name, krb5_get_err_text(context, ret));
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }
    if (client_entry == NULL && strcmp(ad.prealm, config->v4_realm) == 0) {
	kdc_log(context, config, 0,
		"Local client not found in database: (krb4) "
		"%s", client_name);
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }

    ret = kdc_check_flags (context, config,
			   client_entry, client_name,
			   server_entry, server_name,
			   FALSE);
    if (ret) {
	make_error_reply (hdr, KAPWEXPIRED, reply);
	goto out;
    }

    /* decrypt the times */
    memcpy(&session, ad.session.keyvalue.data, sizeof(session));
    DES_set_key_unchecked (&session, &schedule);
    DES_ecb_encrypt (times.data,
		     times.data,
		     &schedule,
		     DES_DECRYPT);
    memset (&schedule, 0, sizeof(schedule));
    memset (&session, 0, sizeof(session));

    /* and extract them */
    {
	krb5_storage *tsp;
	int32_t tmp;

	tsp = krb5_storage_from_mem (times.data, times.length);
	krb5_ret_int32 (tsp, &tmp);
	start_time = tmp;
	krb5_ret_int32 (tsp, &tmp);
	end_time = tmp;
	krb5_storage_free (tsp);
    }

    /* life */
    max_life = end_time - kdc_time;
    /* end_time - kdc_time can sometimes be non-positive due to slight
       time skew between client and server. Let's make sure it is postive */
    if(max_life < 1)
	max_life = 1;
    if (krbtgt_entry->entry.max_life)
	max_life = min(max_life, *krbtgt_entry->entry.max_life);
    if (server_entry->entry.max_life)
	max_life = min(max_life, *server_entry->entry.max_life);
    /* if this is a cross realm request, the client_entry will likely
       be NULL */
    if (client_entry && client_entry->entry.max_life)
	max_life = min(max_life, *client_entry->entry.max_life);

    life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life);

    create_reply_ticket (context,
			 hdr, skey,
			 ad.pname, ad.pinst, ad.prealm,
			 addr, life, server_entry->entry.kvno,
			 max_seq_len,
			 name, instance,
			 0, "gtkt",
			 &ad.session, reply);

 out:
    _krb5_krb_free_auth_data(context, &ad);
    if (aticket.length) {
	memset (aticket.data, 0, aticket.length);
	krb5_data_free (&aticket);
    }
    if (times.length) {
	memset (times.data, 0, times.length);
	krb5_data_free (&times);
    }
    if (auth_domain)
	free (auth_domain);
    if (name)
	free (name);
    if (instance)
	free (instance);
    if (krbtgt_entry)
	_kdc_free_ent (context, krbtgt_entry);
    if (server_entry)
	_kdc_free_ent (context, server_entry);
}
Ejemplo n.º 30
0
int
tokenuserinit(int flags, char *username, unsigned char *usecret, unsigned mode)
{
	TOKENDB_Rec tokenrec;
	TOKEN_CBlock secret;
	TOKEN_CBlock nulls;
	TOKEN_CBlock checksum;
	TOKEN_CBlock checktxt;
	DES_key_schedule key_schedule;

	memset(&secret, 0, sizeof(secret));

	/*
	 * If no user secret passed in, create one
	 */

	if ( (flags & TOKEN_GENSECRET) )
		tokenseed(&secret);
	else
		memcpy(&secret, usecret, sizeof(DES_cblock));

	DES_fixup_key_parity(&secret.cb);

	/*
	 * Check if the db record already exists.  If there's no
	 * force-init flag and it exists, go away. Else,
	 * create the user's db record and put to the db.
	 */


	if (!(flags & TOKEN_FORCEINIT) &&
	    tokendb_getrec(username, &tokenrec) == 0)
		return (1);

	memset(&tokenrec, 0, sizeof(tokenrec));
	strlcpy(tokenrec.uname, username, sizeof(tokenrec.uname));
	cb2h(secret, tokenrec.secret);
	tokenrec.mode = 0;
	tokenrec.flags = TOKEN_ENABLED | TOKEN_USEMODES;
	tokenrec.mode = mode;
	memset(tokenrec.reserved_char1, 0, sizeof(tokenrec.reserved_char1));
	memset(tokenrec.reserved_char2, 0, sizeof(tokenrec.reserved_char2));

	if (tokendb_putrec(username, &tokenrec))
		return (-1);

	/*
	 * Check if the shared secret was generated here. If so, we
	 * need to inform the user about it in order that it can be
	 * programmed into the token. See tokenverify() (above) for
	 * discussion of cipher generation.
	 */

	if (!(flags & TOKEN_GENSECRET)) {
		memset(&secret, 0, sizeof(secret));
		return (0);
	}

	printf("Shared secret for %s\'s token: "
	    "%03o %03o %03o %03o %03o %03o %03o %03o\n",
	    username, secret.cb[0], secret.cb[1], secret.cb[2], secret.cb[3],
	    secret.cb[4], secret.cb[5], secret.cb[6], secret.cb[7]);

	DES_key_sched(&secret.cb, &key_schedule);
	memset(&secret, 0, sizeof(secret));
	memset(&nulls, 0, sizeof(nulls));
	DES_ecb_encrypt(&nulls.cb, &checksum.cb, &key_schedule, DES_ENCRYPT);
	memset(&key_schedule, 0, sizeof(key_schedule));
	HTONL(checksum.ul[0]);
	snprintf(checktxt.ct, sizeof(checktxt.ct), "%8.8x", checksum.ul[0]);
	printf("Hex Checksum: \"%s\"", checktxt.ct);

	h2d(checktxt.ct);
	printf("\tDecimal Checksum: \"%s\"\n", checktxt.ct);

	return (0);
}