static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
DES_cblock *deskey = (DES_cblock *)key;
DES_set_key_unchecked(deskey,ctx->cipher_data);
return 1;
}
/* 3des cbc for SSH-1 has no suitable EVP construct and requires
* a custom key setup
*/
static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
DES_cblock *keys = key;
DES_set_odd_parity(&keys[0]);
DES_set_odd_parity(&keys[1]);
DES_set_odd_parity(&keys[2]);
cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule));
if (cipher->des3_key == NULL){
return SSH_ERROR;
}
DES_set_key_unchecked(&keys[0], &cipher->des3_key->keys[0]);
DES_set_key_unchecked(&keys[1], &cipher->des3_key->keys[1]);
DES_set_key_unchecked(&keys[2], &cipher->des3_key->keys[2]);
memcpy(cipher->des3_key->ivs.v, IV, 24);
return SSH_OK;
}
int osDesSetkey(DES_key_schedule *dinst, char *key, size_t keyLength,
int forEencrypt)
{
DES_cblock cblock;
memmove(&cblock, key, 8);
DES_set_key_unchecked(&cblock, dinst);
return 0;
}
crypto_error_t crypto_create_context(bytestring_t *ctx,
crypto_alg_t alg_type,
const bytestring_t *key_bin)
{
DES_key_schedule ks;
bytestring_clear(ctx);
bytestring_pushback(ctx,ALG_TYPE(alg_type));
bytestring_pushback(ctx,PAD_TYPE(alg_type)>>8);
switch (ALG_TYPE(alg_type))
{
case CRYPTO_ALG_DES_ECB:
case CRYPTO_ALG_DES_CBC:
if (key_bin==NULL || bytestring_get_size(key_bin)!=8 || key_bin->width!=8)
return CRYPTO_ERROR_BAD_KEY_FORMAT;
DES_set_key_unchecked((const_DES_cblock *)key_bin->data,&ks);
bytestring_append_data(ctx,DES_KS_SIZE,(unsigned char *)&ks);
break;
case CRYPTO_ALG_DES2_EDE_ECB:
case CRYPTO_ALG_DES2_EDE_CBC:
case CRYPTO_ALG_ISO9797_M3:
if (key_bin==NULL || bytestring_get_size(key_bin)!=16 || key_bin->width!=8)
return CRYPTO_ERROR_BAD_KEY_FORMAT;
DES_set_key_unchecked((const_DES_cblock *)key_bin->data,&ks);
bytestring_append_data(ctx,DES_KS_SIZE,(unsigned char *)&ks);
DES_set_key_unchecked((const_DES_cblock *)(key_bin->data+8),&ks);
bytestring_append_data(ctx,DES_KS_SIZE,(unsigned char *)&ks);
break;
case CRYPTO_ALG_SHA1:
/* nothing else to do */
break;
default:
return CRYPTO_ERROR_UNKNOWN_KEY_TYPE;
}
return CRYPTO_OK;
}
void
cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_LENGTH],
unsigned char *src,
unsigned char *dst)
{
DES_key_schedule sched;
DES_set_key_unchecked((DES_cblock*)key, &sched);
DES_ecb_encrypt((DES_cblock *)src, (DES_cblock *)dst, &sched, DES_ENCRYPT);
}
static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
if(!cipher->key){
if (alloc_key(cipher) < 0) {
return -1;
}
DES_set_odd_parity(key);
DES_set_key_unchecked(key,cipher->key);
}
cipher->IV=IV;
return 0;
}
static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
DES_cblock *deskey = (DES_cblock *)key;
DES_set_key_unchecked(deskey,&data(ctx)->ks);
memcpy(&data(ctx)->inw[0],&key[8],8);
memcpy(&data(ctx)->outw[0],&key[16],8);
return 1;
}
static int
des_cbc_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
DES_key_schedule *k = ctx->cipher_data;
DES_cblock deskey;
memcpy(&deskey, key, sizeof(deskey));
DES_set_key_unchecked(&deskey, k);
return 1;
}
/* return 0 if key parity is odd (correct),
* return -1 if key parity error,
* return -2 if illegal weak key.
* return -3 if illegal parameter.
*/
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
{
if(key == NULL || schedule == NULL)
return (-3);
if (!DES_check_key_parity(key))
return(-1);
if (DES_is_weak_key(key))
return(-2);
DES_set_key_unchecked(key, schedule);
return 0;
}
void hitron_crypt(FILE *out, FILE *in, int enc)
{
size_t i, n = -1;
DES_cblock buffer[BUFFER_SIZE];
DES_key_schedule schedule;
DES_set_key_unchecked(&hitron_key, &schedule);
while((n = fread((void *)&buffer, sizeof(DES_cblock), BUFFER_SIZE, in)) > 0) {
for(i = 0; i < n; i++) {
DES_ecb_encrypt(&buffer[i], &buffer[i], &schedule, enc);
}
fwrite((void *)&buffer, sizeof(DES_cblock), n, out);
}
}
GByteArray*
gq_hash_lmhash(gchar const* data, gsize len)
{
unsigned int i;
char hex[2];
char plain[15];
DES_key_schedule schedule;
GByteArray *gb = NULL;
DES_cblock ckey1, ckey2;
DES_cblock bin1, bin2;
memset(plain, 0, sizeof(plain));
for (i = 0 ; i < len && i < 14 ; i++) {
plain[i] = toupper(data[i]);
}
lm_make_key(plain, &ckey1);
DES_set_key_unchecked(&ckey1, &schedule);
DES_ecb_encrypt((DES_cblock*)lmhash_key, &bin1, &schedule, DES_ENCRYPT);
lm_make_key(plain + 7, &ckey2);
DES_set_key_unchecked(&ckey2, &schedule);
DES_ecb_encrypt((DES_cblock*)lmhash_key, &bin2, &schedule, DES_ENCRYPT);
gb = g_byte_array_new();
for(i = 0 ; i < sizeof(bin1) ; i++) {
hex[0] = hexdigit[bin1[i] / 16];
hex[1] = hexdigit[bin1[i] % 16];
g_byte_array_append(gb, (guchar*)hex, 2);
}
for(i = 0 ; i < sizeof(bin2) ; i++) {
hex[0] = hexdigit[bin2[i] / 16];
hex[1] = hexdigit[bin2[i] % 16];
g_byte_array_append(gb, (guchar*)hex, 2);
}
return gb;
}
static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
{
register DES_LONG tin0, tin1;
register DES_LONG ttin0, ttin1;
DES_LONG d[2], dd[2];
DES_key_schedule k;
unsigned char *p;
size_t i;
for (i = 0; i < len; i += 8) {
c2l(in, tin0);
d[0] = dd[0] = tin0;
c2l(in, tin1);
d[1] = dd[1] = tin1;
c->h[0] = (c->h[0] & 0x9f) | 0x40;
c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
DES_set_odd_parity(&c->h);
DES_set_key_unchecked(&c->h, &k);
DES_encrypt1(d, &k, 1);
DES_set_odd_parity(&c->hh);
DES_set_key_unchecked(&c->hh, &k);
DES_encrypt1(dd, &k, 1);
ttin0 = tin0 ^ dd[0];
ttin1 = tin1 ^ dd[1];
tin0 ^= d[0];
tin1 ^= d[1];
p = c->h;
l2c(tin0, p);
l2c(ttin1, p);
p = c->hh;
l2c(ttin0, p);
l2c(tin1, p);
}
}
int mdes_cbc_decrypt(unsigned char key[8], unsigned char* src, unsigned char* des, int src_len) {
DES_cblock dkey;
memcpy(&dkey, key, sizeof(DES_cblock));
DES_key_schedule key_schedule;
DES_set_key_unchecked(&dkey, &key_schedule);
DES_cblock ivec;
memcpy(&ivec, iv, sizeof(ivec));
DES_ncbc_encrypt(src, des, src_len, &key_schedule, &ivec, 0);
unsigned char padding = des[src_len - 1];
des[src_len - padding] = 0;
return src_len - padding;
}
static int
des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
struct des_ede3_cbc *k = ctx->cipher_data;
DES_cblock deskey;
memcpy(&deskey, key, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[0]);
memcpy(&deskey, key + 8, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[1]);
memcpy(&deskey, key + 16, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[2]);
return 1;
}
static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
DES_cblock *deskey = (DES_cblock *)key;
#ifdef PL_OPENSSL
memset(pl_get_key(ctx->plengine), 0, /*FIXME*/ 32);
memcpy(pl_get_key(ctx->plengine), key, ctx->key_len);
memset(pl_get_iv(ctx->plengine), 0, /* FIXME */16);
memcpy(pl_get_iv(ctx->plengine), iv, ctx->cipher->iv_len);
#endif
DES_set_key_unchecked(deskey,ctx->cipher_data);
return 1;
}
int
sm_cwa_get_mac(struct sc_context *ctx, unsigned char *key, DES_cblock *icv,
unsigned char *in, int in_len, DES_cblock *out, int force_padding)
{
DES_cblock kk, k2;
DES_key_schedule ks,ks2;
unsigned char padding[8] = {0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
unsigned char *buf;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "sm_cwa_get_mac() data length %i", in_len);
buf = malloc(in_len + 8);
if (!buf)
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
sc_log(ctx, "sm_cwa_get_mac() in_data(%i) %s", in_len, sc_dump_hex(in, in_len));
memcpy(buf, in, in_len);
memcpy(buf + in_len, padding, 8);
if (force_padding)
in_len = ((in_len + 8) / 8) * 8;
else
in_len = ((in_len + 7) / 8) * 8;
sc_log(ctx, "sm_cwa_get_mac() data to MAC(%i) %s", in_len, sc_dump_hex(buf, in_len));
sc_log(ctx, "sm_cwa_get_mac() ICV %s", sc_dump_hex((unsigned char *)icv, 8));
memcpy(&kk, key, 8);
memcpy(&k2, key + 8, 8);
DES_set_key_unchecked(&kk,&ks);
DES_set_key_unchecked(&k2,&ks2);
DES_cbc_cksum_3des_emv96(buf, out, in_len ,&ks, &ks2, icv);
free(buf);
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}
int _des_crypt(char *buf, int len, struct desparams *desp)
{
DES_key_schedule ks;
int enc;
DES_set_key_unchecked(&desp->des_key, &ks);
enc = (desp->des_dir == ENCRYPT) ? DES_ENCRYPT : DES_DECRYPT;
if (desp->des_mode == CBC)
DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
(DES_cblock *)desp->UDES.UDES_buf, &ks, enc);
else {
DES_ncbc_encrypt(desp->UDES.UDES_buf, desp->UDES.UDES_buf,
len, &ks, &desp->des_ivec, enc);
}
return (1);
}
static void
ecb_test(char key[8], char in[8], char out[8])
{
unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8];
DES_key_schedule s;
memcpy(k, key, 8);
memcpy(indata, in, 8);
memcpy(ansdata, out, 8);
DES_set_odd_parity(&k);
DES_set_key_unchecked(&k, &s);
DES_ecb_encrypt(&indata, &outdata, &s, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "des: encrypt");
DES_ecb_encrypt(&outdata, &outdata2, &s, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "des: decrypt");
}
void EncryptDecryptUtil::Des_Cbc_Decrypt(char* srcBytes, uint32 srcLen, char* destBytes, const char* encryptKey)
{
DES_key_schedule schedule;
DES_set_key_unchecked((const_DES_cblock*)encryptKey, &schedule);
unsigned char padChar = '\0';
uint32 alignLen = (srcLen / 8 + (srcLen % 8 ? 1 : 0)) * 8;
memset(srcBytes + srcLen, padChar, 8 - srcLen % 8);
uint32 count = srcLen / 8;
uint32 idx = 0;
for (idx = 0; idx < count; idx++)
{
DES_ncbc_encrypt((const unsigned char*)(srcBytes + 8 * idx), (unsigned char*)(destBytes + 8 * idx), 8, &schedule, &sIVec, DES_DECRYPT);
}
memcpy(srcBytes + 8 * idx, destBytes + 8 * idx, 8 - srcLen % 8);
}
NOEXPORT void crypt_DES(DES_cblock dst, const_DES_cblock src, DES_cblock hash) {
DES_cblock key;
DES_key_schedule sched;
/* convert key from 56 to 64 bits */
key[0]=hash[0];
key[1]=((hash[0]&1)<<7)|(hash[1]>>1);
key[2]=((hash[1]&3)<<6)|(hash[2]>>2);
key[3]=((hash[2]&7)<<5)|(hash[3]>>3);
key[4]=((hash[3]&15)<<4)|(hash[4]>>4);
key[5]=((hash[4]&31)<<3)|(hash[5]>>5);
key[6]=((hash[5]&63)<<2)|(hash[6]>>6);
key[7]=((hash[6]&127)<<1);
DES_set_odd_parity(&key);
/* encrypt */
DES_set_key_unchecked(&key, &sched);
DES_ecb_encrypt((const_DES_cblock *)src,
(DES_cblock *)dst, &sched, DES_ENCRYPT);
}
static void
cbc_test(char key1[8], char iv[8], char in[24], char out[24])
{
unsigned char k1[8],
indata[24], outdata[24], outdata2[24], ansdata[24];
DES_key_schedule s1;
DES_cblock ivdata;
memcpy(k1, key1, 8);
memcpy(ivdata, iv, 8);
memcpy(indata, in, 24);
memcpy(ansdata, out, 24);
DES_set_odd_parity(&k1);
DES_set_key_unchecked(&k1, &s1);
DES_cbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "cbc: encrypt");
DES_cbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "cbc: decrypt");
}
static void
cbc_cksum(char key1[8], char iv[8], char *in, size_t len,
uint32_t ret, char out[8])
{
unsigned char k1[8], indata[24], ansdata[8];
DES_key_schedule s1;
DES_cblock ivdata, outdata;
uint32_t r;
memcpy(k1, key1, 8);
memcpy(ivdata, iv, 8);
memcpy(indata, in, len);
memcpy(ansdata, out, 8);
DES_set_odd_parity(&k1);
DES_set_key_unchecked(&k1, &s1);
r = DES_cbc_cksum(indata, &outdata, len, &s1, &ivdata);
if (ret != r)
errx(1, "cbc_cksum: cksum error");
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "cbc_cksum: checksum");
}
void DES_string_to_key(const char *str, DES_cblock *key)
{
DES_key_schedule ks;
int i,length;
register unsigned char j;
TINYCLR_SSL_MEMSET(key,0,8);
length=TINYCLR_SSL_STRLEN(str);
#ifdef OLD_STR_TO_KEY
for (i=0; i<length; i++)
(*key)[i%8]^=(str[i]<<1);
#else /* MIT COMPATIBLE */
for (i=0; i<length; i++)
{
j=str[i];
if ((i%16) < 8)
(*key)[i%8]^=(j<<1);
else
{
/* Reverse the bit order 05/05/92 eay */
j=((j<<4)&0xf0)|((j>>4)&0x0f);
j=((j<<2)&0xcc)|((j>>2)&0x33);
j=((j<<1)&0xaa)|((j>>1)&0x55);
(*key)[7-(i%8)]^=j;
}
}
#endif
DES_set_odd_parity(key);
#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
DES_set_key(key,&ks);
#else
DES_set_key_unchecked(key,&ks);
#endif
DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
OPENSSL_cleanse(&ks,sizeof(ks));
DES_set_odd_parity(key);
}
static void
do_getticket (krb5_context context,
krb5_kdc_configuration *config,
struct rx_header *hdr,
krb5_storage *sp,
struct sockaddr_in *addr,
const char *from,
krb5_data *reply)
{
krb5_error_code ret;
int kvno;
char *auth_domain = NULL;
krb5_data aticket;
char *name = NULL;
char *instance = NULL;
krb5_data times;
int32_t max_seq_len;
hdb_entry_ex *server_entry = NULL;
hdb_entry_ex *client_entry = NULL;
hdb_entry_ex *krbtgt_entry = NULL;
Key *kkey = NULL;
Key *skey = NULL;
DES_cblock key;
DES_key_schedule schedule;
DES_cblock session;
time_t max_life;
int8_t life;
time_t start_time, end_time;
char server_name[256];
char client_name[256];
struct _krb5_krb_auth_data ad;
krb5_data_zero (&aticket);
krb5_data_zero (×);
memset(&ad, 0, sizeof(ad));
unparse_getticket_args (sp, &kvno, &auth_domain, &aticket,
&name, &instance, ×, &max_seq_len);
if (times.length < 8) {
make_error_reply (hdr, KABADREQUEST, reply);
goto out;
}
snprintf (server_name, sizeof(server_name),
"%s.%s@%s", name, instance, config->v4_realm);
ret = _kdc_db_fetch4 (context, config, name, instance,
config->v4_realm, HDB_F_GET_SERVER, &server_entry);
if (ret) {
kdc_log(context, config, 0, "Server not found in database: %s: %s",
server_name, krb5_get_err_text(context, ret));
make_error_reply (hdr, KANOENT, reply);
goto out;
}
ret = _kdc_db_fetch4 (context, config, "krbtgt",
config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry);
if (ret) {
kdc_log(context, config, 0,
"Server not found in database: %s.%s@%s: %s",
"krbtgt", config->v4_realm, config->v4_realm,
krb5_get_err_text(context, ret));
make_error_reply (hdr, KANOENT, reply);
goto out;
}
/* find a DES key */
ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey);
if(ret){
kdc_log(context, config, 0, "no suitable DES key for krbtgt");
make_error_reply (hdr, KANOKEYS, reply);
goto out;
}
/* find a DES key */
ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
if(ret){
kdc_log(context, config, 0, "no suitable DES key for server");
make_error_reply (hdr, KANOKEYS, reply);
goto out;
}
/* decrypt the incoming ticket */
memcpy (&key, kkey->key.keyvalue.data, sizeof(key));
/* unpack the ticket */
{
char *sname = NULL;
char *sinstance = NULL;
ret = _krb5_krb_decomp_ticket(context, &aticket, &kkey->key,
config->v4_realm, &sname,
&sinstance, &ad);
if (ret) {
const char *msg = krb5_get_error_message(context, ret);
kdc_log(context, config, 0,
"kaserver: decomp failed for %s.%s with %s %d",
msg, sname, sinstance, ret);
krb5_free_error_message(context, msg);
make_error_reply (hdr, KABADTICKET, reply);
goto out;
}
if (strcmp (sname, "krbtgt") != 0
|| strcmp (sinstance, config->v4_realm) != 0) {
kdc_log(context, config, 0, "no TGT: %s.%s for %s.%s@%s",
sname, sinstance,
ad.pname, ad.pinst, ad.prealm);
make_error_reply (hdr, KABADTICKET, reply);
free(sname);
free(sinstance);
goto out;
}
free(sname);
free(sinstance);
if (kdc_time > _krb5_krb_life_to_time(ad.time_sec, ad.life)) {
kdc_log(context, config, 0, "TGT expired: %s.%s@%s",
ad.pname, ad.pinst, ad.prealm);
make_error_reply (hdr, KABADTICKET, reply);
goto out;
}
}
snprintf (client_name, sizeof(client_name),
"%s.%s@%s", ad.pname, ad.pinst, ad.prealm);
kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s",
client_name, from, server_name);
ret = _kdc_db_fetch4 (context, config,
ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT,
&client_entry);
if(ret && ret != HDB_ERR_NOENTRY) {
kdc_log(context, config, 0,
"Client not found in database: (krb4) %s: %s",
client_name, krb5_get_err_text(context, ret));
make_error_reply (hdr, KANOENT, reply);
goto out;
}
if (client_entry == NULL && strcmp(ad.prealm, config->v4_realm) == 0) {
kdc_log(context, config, 0,
"Local client not found in database: (krb4) "
"%s", client_name);
make_error_reply (hdr, KANOENT, reply);
goto out;
}
ret = kdc_check_flags (context, config,
client_entry, client_name,
server_entry, server_name,
FALSE);
if (ret) {
make_error_reply (hdr, KAPWEXPIRED, reply);
goto out;
}
/* decrypt the times */
memcpy(&session, ad.session.keyvalue.data, sizeof(session));
DES_set_key_unchecked (&session, &schedule);
DES_ecb_encrypt (times.data,
times.data,
&schedule,
DES_DECRYPT);
memset (&schedule, 0, sizeof(schedule));
memset (&session, 0, sizeof(session));
/* and extract them */
{
krb5_storage *tsp;
int32_t tmp;
tsp = krb5_storage_from_mem (times.data, times.length);
krb5_ret_int32 (tsp, &tmp);
start_time = tmp;
krb5_ret_int32 (tsp, &tmp);
end_time = tmp;
krb5_storage_free (tsp);
}
/* life */
max_life = end_time - kdc_time;
/* end_time - kdc_time can sometimes be non-positive due to slight
time skew between client and server. Let's make sure it is postive */
if(max_life < 1)
max_life = 1;
if (krbtgt_entry->entry.max_life)
max_life = min(max_life, *krbtgt_entry->entry.max_life);
if (server_entry->entry.max_life)
max_life = min(max_life, *server_entry->entry.max_life);
/* if this is a cross realm request, the client_entry will likely
be NULL */
if (client_entry && client_entry->entry.max_life)
max_life = min(max_life, *client_entry->entry.max_life);
life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life);
create_reply_ticket (context,
hdr, skey,
ad.pname, ad.pinst, ad.prealm,
addr, life, server_entry->entry.kvno,
max_seq_len,
name, instance,
0, "gtkt",
&ad.session, reply);
out:
_krb5_krb_free_auth_data(context, &ad);
if (aticket.length) {
memset (aticket.data, 0, aticket.length);
krb5_data_free (&aticket);
}
if (times.length) {
memset (times.data, 0, times.length);
krb5_data_free (×);
}
if (auth_domain)
free (auth_domain);
if (name)
free (name);
if (instance)
free (instance);
if (krbtgt_entry)
_kdc_free_ent (context, krbtgt_entry);
if (server_entry)
_kdc_free_ent (context, server_entry);
}
static OM_uint32
verify_mic_des
(OM_uint32 * minor_status,
const gsskrb5_ctx context_handle,
krb5_context context,
const gss_buffer_t message_buffer,
const gss_buffer_t token_buffer,
gss_qop_t * qop_state,
krb5_keyblock *key,
char *type
)
{
u_char *p;
EVP_MD_CTX *md5;
u_char hash[16], *seq;
DES_key_schedule schedule;
EVP_CIPHER_CTX des_ctx;
DES_cblock zero;
DES_cblock deskey;
uint32_t seq_number;
OM_uint32 ret;
int cmp;
p = token_buffer->value;
ret = _gsskrb5_verify_header (&p,
token_buffer->length,
type,
GSS_KRB5_MECHANISM);
if (ret)
return ret;
if (memcmp(p, "\x00\x00", 2) != 0)
return GSS_S_BAD_SIG;
p += 2;
if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
return GSS_S_BAD_MIC;
p += 4;
p += 16;
/* verify checksum */
md5 = EVP_MD_CTX_create();
EVP_DigestInit_ex(md5, EVP_md5(), NULL);
EVP_DigestUpdate(md5, p - 24, 8);
EVP_DigestUpdate(md5, message_buffer->value, message_buffer->length);
EVP_DigestFinal_ex(md5, hash, NULL);
EVP_MD_CTX_destroy(md5);
memset (&zero, 0, sizeof(zero));
memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
DES_set_key_unchecked (&deskey, &schedule);
DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
&schedule, &zero);
if (ct_memcmp (p - 8, hash, 8) != 0) {
memset (deskey, 0, sizeof(deskey));
memset (&schedule, 0, sizeof(schedule));
return GSS_S_BAD_MIC;
}
/* verify sequence number */
HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
p -= 16;
EVP_CIPHER_CTX_init(&des_ctx);
EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0);
EVP_Cipher(&des_ctx, p, p, 8);
EVP_CIPHER_CTX_cleanup(&des_ctx);
memset (deskey, 0, sizeof(deskey));
memset (&schedule, 0, sizeof(schedule));
seq = p;
_gsskrb5_decode_om_uint32(seq, &seq_number);
if (context_handle->more_flags & LOCAL)
cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4);
else
cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4);
if (cmp != 0) {
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
return GSS_S_BAD_MIC;
}
ret = _gssapi_msg_order_check(context_handle->order, seq_number);
if (ret) {
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
return ret;
}
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
return GSS_S_COMPLETE;
}
int main(int argc, char **argv)
{
int encrypt_opt = 0;
int decrypt_opt = 0;
int input_opt = 0;
int output_opt = 0;
char *input_filename = NULL;
char *output_filename = NULL;
int input_fd;
int output_fd;
off_t file_len;
char *p;
char buf[sizeof(image_header_t) + 3];
image_header_t *header;
while (1) {
static struct option long_options[] = {
{"encrypt", no_argument, 0, 'e'},
{"decrypt", no_argument, 0, 'd'},
{"input", required_argument, 0, 'i'},
{"output", required_argument, 0, 'o'},
{0, 0, 0, 0 }
};
int option_index = 0;
int c = getopt_long(argc, argv, "dei:o:",
long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 'd':
decrypt_opt++;
if (decrypt_opt > 1) {
fprintf(stderr, "%s: decrypt may only be specified once\n",
argv[0]);
show_usage(argv[0]);
}
break;
case 'e':
encrypt_opt++;
if (encrypt_opt > 1) {
fprintf(stderr, "%s: encrypt may only be specified once\n",
argv[0]);
show_usage(argv[0]);
}
break;
case 'i':
input_opt++;
if (input_opt > 1) {
fprintf(stderr, "%s: only one input file may be specified\n",
argv[0]);
show_usage(argv[0]);
}
if (strcmp("-", optarg) != 0) {
input_filename = optarg;
}
break;
case 'o':
output_opt++;
if (output_opt > 1) {
fprintf(stderr, "%s: only one output file may be specified\n",
argv[0]);
show_usage(argv[0]);
}
if (strcmp("-", optarg) != 0) {
output_filename = optarg;
}
break;
case '?':
exit(-1);
default:
abort();
}
}
if (decrypt_opt && encrypt_opt) {
fprintf(stderr, "%s: decrypt and encrypt may not be used together\n",
argv[0]);
show_usage(argv[0]);
}
if (!decrypt_opt && !encrypt_opt) {
fprintf(stderr, "%s: neither decrypt or encrypt were specified\n",
argv[0]);
show_usage(argv[0]);
}
temp_fd = fileno(tmpfile());
if (temp_fd < 0) {
fprintf(stderr, "Can't create temporary file\n");
exit(EXIT_FAILURE);
}
atexit(exit_cleanup);
DES_set_key_unchecked((const_DES_cblock *)DES_KEY, &schedule);
if (input_filename) {
input_fd = open(input_filename, O_RDONLY);
if (input_fd < 0) {
fprintf(stderr, "Can't open %s for reading: %s\n", input_filename,
strerror(errno));
exit(EXIT_FAILURE);
}
copy_file(input_fd, temp_fd);
close(input_fd);
}
else {
copy_file(STDIN_FILENO, temp_fd);
}
file_len = lseek(temp_fd, 0, SEEK_CUR);
if (file_len < 64) {
fprintf(stderr, "Not enough data\n");
exit(EXIT_FAILURE);
}
p = mmap(0, file_len, PROT_READ|PROT_WRITE, MAP_SHARED, temp_fd, 0);
if (p == MAP_FAILED) {
fprintf(stderr, "mmap failed: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
if (encrypt_opt) {
header = (image_header_t *)p;
off_t len = min(file_len,
ntohl(header->ih_size) + sizeof(image_header_t));
if (ntohl(header->ih_magic) != IH_MAGIC) {
fprintf(stderr, "Header magic incorrect: "
"expected 0x%08X, got 0x%08X\n",
IH_MAGIC, ntohl(header->ih_magic));
munmap(p, file_len);
exit(EXIT_FAILURE);
}
encrypt(p, len);
munmap(p, file_len);
if (len != file_len) {
if (ftruncate(temp_fd, len) < 0) {
fprintf(stderr, "ftruncate failed: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
}
}
if (decrypt_opt) {
off_t header_len = min(file_len, sizeof(image_header_t) + 3);
memcpy(buf, p, header_len);
decrypt(buf, header_len);
header = (image_header_t *)buf;
if (ntohl(header->ih_magic) != IH_MAGIC) {
fprintf(stderr, "Header magic incorrect: "
"expected 0x%08X, got 0x%08X\n",
IH_MAGIC, ntohl(header->ih_magic));
exit(EXIT_FAILURE);
}
decrypt(p, file_len);
munmap(p, file_len);
}
lseek(temp_fd, 0, SEEK_SET);
if (output_filename) {
output_fd = creat(output_filename, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
if (output_fd < 0) {
fprintf(stderr, "Can't open %s for writing: %s\n",
output_filename, strerror(errno));
exit(EXIT_FAILURE);
}
copy_file(temp_fd, output_fd);
close(output_fd);
}
else {
copy_file(temp_fd, STDOUT_FILENO);
}
exit(EXIT_SUCCESS);
return 0;
}
static krb5_error_code
create_reply_ticket (krb5_context context,
struct rx_header *hdr,
Key *skey,
char *name, char *instance, char *realm,
struct sockaddr_in *addr,
int life,
int kvno,
int32_t max_seq_len,
const char *sname, const char *sinstance,
uint32_t challenge,
const char *label,
krb5_keyblock *key,
krb5_data *reply)
{
krb5_error_code ret;
krb5_data ticket;
krb5_keyblock session;
krb5_storage *sp;
krb5_data enc_data;
struct rx_header reply_hdr;
char zero[8];
size_t pad;
unsigned fyrtiosjuelva;
/* create the ticket */
krb5_generate_random_keyblock(context, ETYPE_DES_PCBC_NONE, &session);
_krb5_krb_create_ticket(context,
0,
name,
instance,
realm,
addr->sin_addr.s_addr,
&session,
life,
kdc_time,
sname,
sinstance,
&skey->key,
&ticket);
/* create the encrypted part of the reply */
sp = krb5_storage_emem ();
krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva));
fyrtiosjuelva &= 0xffffffff;
krb5_store_int32 (sp, fyrtiosjuelva);
krb5_store_int32 (sp, challenge);
krb5_storage_write (sp, session.keyvalue.data, 8);
krb5_free_keyblock_contents(context, &session);
krb5_store_int32 (sp, kdc_time);
krb5_store_int32 (sp, kdc_time + _krb5_krb_life_to_time (0, life));
krb5_store_int32 (sp, kvno);
krb5_store_int32 (sp, ticket.length);
krb5_store_stringz (sp, name);
krb5_store_stringz (sp, instance);
#if 1 /* XXX - Why shouldn't the realm go here? */
krb5_store_stringz (sp, "");
#else
krb5_store_stringz (sp, realm);
#endif
krb5_store_stringz (sp, sname);
krb5_store_stringz (sp, sinstance);
krb5_storage_write (sp, ticket.data, ticket.length);
krb5_storage_write (sp, label, strlen(label));
/* pad to DES block */
memset (zero, 0, sizeof(zero));
pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8;
krb5_storage_write (sp, zero, pad);
krb5_storage_to_data (sp, &enc_data);
krb5_storage_free (sp);
if (enc_data.length > max_seq_len) {
krb5_data_free (&enc_data);
make_error_reply (hdr, KAANSWERTOOLONG, reply);
return 0;
}
/* encrypt it */
{
DES_key_schedule schedule;
DES_cblock deskey;
memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
DES_set_key_unchecked (&deskey, &schedule);
DES_pcbc_encrypt (enc_data.data,
enc_data.data,
enc_data.length,
&schedule,
&deskey,
DES_ENCRYPT);
memset (&schedule, 0, sizeof(schedule));
memset (&deskey, 0, sizeof(deskey));
}
/* create the reply packet */
init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST);
sp = krb5_storage_emem ();
ret = encode_rx_header (&reply_hdr, sp);
krb5_store_int32 (sp, max_seq_len);
krb5_store_xdr_data (sp, enc_data);
krb5_data_free (&enc_data);
krb5_storage_to_data (sp, reply);
krb5_storage_free (sp);
return 0;
}
static void
do_authenticate (krb5_context context,
krb5_kdc_configuration *config,
struct rx_header *hdr,
krb5_storage *sp,
struct sockaddr_in *addr,
const char *from,
krb5_data *reply)
{
krb5_error_code ret;
char *name = NULL;
char *instance = NULL;
time_t start_time;
time_t end_time;
krb5_data request;
int32_t max_seq_len;
hdb_entry_ex *client_entry = NULL;
hdb_entry_ex *server_entry = NULL;
Key *ckey = NULL;
Key *skey = NULL;
krb5_storage *reply_sp;
time_t max_life;
uint8_t life;
int32_t chal;
char client_name[256];
char server_name[256];
krb5_data_zero (&request);
ret = unparse_auth_args (sp, &name, &instance, &start_time, &end_time,
&request, &max_seq_len);
if (ret != 0 || request.length < 8) {
make_error_reply (hdr, KABADREQUEST, reply);
goto out;
}
snprintf (client_name, sizeof(client_name), "%s.%s@%s",
name, instance, config->v4_realm);
snprintf (server_name, sizeof(server_name), "%s.%s@%s",
"krbtgt", config->v4_realm, config->v4_realm);
kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s",
client_name, from, server_name);
ret = _kdc_db_fetch4 (context, config, name, instance,
config->v4_realm, HDB_F_GET_CLIENT,
&client_entry);
if (ret) {
kdc_log(context, config, 0, "Client not found in database: %s: %s",
client_name, krb5_get_err_text(context, ret));
make_error_reply (hdr, KANOENT, reply);
goto out;
}
ret = _kdc_db_fetch4 (context, config, "krbtgt",
config->v4_realm, config->v4_realm,
HDB_F_GET_KRBTGT, &server_entry);
if (ret) {
kdc_log(context, config, 0, "Server not found in database: %s: %s",
server_name, krb5_get_err_text(context, ret));
make_error_reply (hdr, KANOENT, reply);
goto out;
}
ret = kdc_check_flags (context, config,
client_entry, client_name,
server_entry, server_name,
TRUE);
if (ret) {
make_error_reply (hdr, KAPWEXPIRED, reply);
goto out;
}
/* find a DES key */
ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey);
if(ret){
kdc_log(context, config, 0, "no suitable DES key for client");
make_error_reply (hdr, KANOKEYS, reply);
goto out;
}
/* find a DES key */
ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
if(ret){
kdc_log(context, config, 0, "no suitable DES key for server");
make_error_reply (hdr, KANOKEYS, reply);
goto out;
}
{
DES_cblock key;
DES_key_schedule schedule;
/* try to decode the `request' */
memcpy (&key, ckey->key.keyvalue.data, sizeof(key));
DES_set_key_unchecked (&key, &schedule);
DES_pcbc_encrypt (request.data,
request.data,
request.length,
&schedule,
&key,
DES_DECRYPT);
memset (&schedule, 0, sizeof(schedule));
memset (&key, 0, sizeof(key));
}
/* check for the magic label */
if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) {
kdc_log(context, config, 0, "preauth failed for %s", client_name);
make_error_reply (hdr, KABADREQUEST, reply);
goto out;
}
reply_sp = krb5_storage_from_mem (request.data, 4);
krb5_ret_int32 (reply_sp, &chal);
krb5_storage_free (reply_sp);
if (abs(chal - kdc_time) > context->max_skew) {
make_error_reply (hdr, KACLOCKSKEW, reply);
goto out;
}
/* life */
max_life = end_time - kdc_time;
/* end_time - kdc_time can sometimes be non-positive due to slight
time skew between client and server. Let's make sure it is postive */
if(max_life < 1)
max_life = 1;
if (client_entry->entry.max_life)
max_life = min(max_life, *client_entry->entry.max_life);
if (server_entry->entry.max_life)
max_life = min(max_life, *server_entry->entry.max_life);
life = krb_time_to_life(kdc_time, kdc_time + max_life);
create_reply_ticket (context,
hdr, skey,
name, instance, config->v4_realm,
addr, life, server_entry->entry.kvno,
max_seq_len,
"krbtgt", config->v4_realm,
chal + 1, "tgsT",
&ckey->key, reply);
out:
if (request.length) {
memset (request.data, 0, request.length);
krb5_data_free (&request);
}
if (name)
free (name);
if (instance)
free (instance);
if (client_entry)
_kdc_free_ent (context, client_entry);
if (server_entry)
_kdc_free_ent (context, server_entry);
}
int main(void)
{
int docontinue = 1;
char *data = "abcdefgh"; /* 明文 */
int data_len;
int data_rest;
unsigned char ch;
unsigned char *src = NULL; /* 补齐后的明文 */
unsigned char *dst = NULL; /* 解密后的明文 */
unsigned char *encryption= NULL; /* 解密后的明文 */
int len;
unsigned char tmp[8];
unsigned char in[8];
unsigned char out[8];
char *k = "1234567890abcdefghijklmn"; /* 原始密钥 */
int key_len;
#define LEN_OF_KEY 24
unsigned char key[LEN_OF_KEY]; /* 补齐后的密钥 */
unsigned char block_key[9];
DES_key_schedule ks,ks2,ks3;
/* 构造补齐后的密钥 */
key_len = strlen(k);
memcpy(key, k, key_len);
memset(key + key_len, 0x00, LEN_OF_KEY - key_len);
/* 分析补齐明文所需空间及补齐填充数据 */
data_len = strlen(data);
data_rest = data_len % 8;
len = data_len + (8 - data_rest);
ch = 8 - data_rest;
src = (unsigned char *)malloc(len);
dst = (unsigned char *)malloc(len);
encryption = (unsigned char *)malloc(len);
if (NULL == src || NULL == dst)
{
docontinue = 0;
}
if (docontinue)
{
int count;
int i;
/* 构造补齐后的加密内容 */
memset(src, 0, len);
memcpy(src, data, data_len);
memset(src + data_len, ch, 8 - data_rest);
/* 密钥置换 */
memset(block_key, 0, sizeof(block_key));
memcpy(block_key, key + 0, 8);
DES_set_key_unchecked((const_DES_cblock*)block_key, &ks);
memcpy(block_key, key + 8, 8);
DES_set_key_unchecked((const_DES_cblock*)block_key, &ks2);
memcpy(block_key, key + 16, 8);
DES_set_key_unchecked((const_DES_cblock*)block_key, &ks3);
printf("before encrypt:\n%s\n",data);
/* 循环加密/解密,每8字节一次 */
count = len / 8;
for (i = 0; i < count; i++)
{
memset(tmp, 0, 8);
memset(in, 0, 8);
memset(out, 0, 8);
memcpy(tmp, src + 8 * i, 8);
/* 加密 */
DES_ecb3_encrypt((const_DES_cblock*)tmp, (DES_cblock*)in, &ks, &ks2, &ks3, DES_ENCRYPT);
memcpy(encryption + 8 * i, in, 8);
/* 解密 */
DES_ecb3_encrypt((const_DES_cblock*)in, (DES_cblock*)out, &ks, &ks2, &ks3, DES_DECRYPT);
/* 将解密的内容拷贝到解密后的明文 */
memcpy(dst + 8 * i, out, 8);
}
printf("encryption :\n");
for (i = 0; i < len; i++)
{
printf("0x%.2X ", *(encryption + i));
}
printf("\n%s\n",base64(encryption,len+1));
}
if (NULL != src)
{
free(src);
src = NULL;
}
if (NULL != dst)
{
free(dst);
dst = NULL;
}
return 0;
}
int main(int argc, char **argv)
{
long count;
static unsigned char buf[BUFSIZE];
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
DES_key_schedule sch,sch2,sch3;
double a,b,c,d,e;
#ifndef SIGALRM
long ca,cb,cc,cd,ce;
#endif
#ifndef TIMES
printf("To get the most accurate results, try to run this\n");
printf("program when this computer is idle.\n");
#endif
DES_set_key_unchecked(&key2,&sch2);
DES_set_key_unchecked(&key3,&sch3);
#ifndef SIGALRM
printf("First we calculate the approximate speed ...\n");
DES_set_key_unchecked(&key,&sch);
count=10;
do {
long i;
DES_LONG data[2];
count*=2;
Time_F(START);
for (i=count; i; i--)
DES_encrypt1(data,&sch,DES_ENCRYPT);
d=Time_F(STOP);
} while (d < 3.0);
ca=count;
cb=count*3;
cc=count*3*8/BUFSIZE+1;
cd=count*8/BUFSIZE+1;
ce=count/20+1;
printf("Doing set_key %ld times\n",ca);
#define COND(d) (count != (d))
#define COUNT(d) (d)
#else
#define COND(c) (run)
#define COUNT(d) (count)
signal(SIGALRM,sig_done);
printf("Doing set_key for 10 seconds\n");
alarm(10);
#endif
Time_F(START);
for (count=0,run=1; COND(ca); count++)
DES_set_key_unchecked(&key,&sch);
d=Time_F(STOP);
printf("%ld set_key's in %.2f seconds\n",count,d);
a=((double)COUNT(ca))/d;
#ifdef SIGALRM
printf("Doing DES_encrypt's for 10 seconds\n");
alarm(10);
#else
printf("Doing DES_encrypt %ld times\n",cb);
#endif
Time_F(START);
for (count=0,run=1; COND(cb); count++)
{
DES_LONG data[2];
DES_encrypt1(data,&sch,DES_ENCRYPT);
}
d=Time_F(STOP);
printf("%ld DES_encrypt's in %.2f second\n",count,d);
b=((double)COUNT(cb)*8)/d;
#ifdef SIGALRM
printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
BUFSIZE);
alarm(10);
#else
printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc,
BUFSIZE);
#endif
Time_F(START);
for (count=0,run=1; COND(cc); count++)
DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch,
&key,DES_ENCRYPT);
d=Time_F(STOP);
printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
count,BUFSIZE,d);
c=((double)COUNT(cc)*BUFSIZE)/d;
#ifdef SIGALRM
printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
BUFSIZE);
alarm(10);
#else
printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
BUFSIZE);
#endif
Time_F(START);
for (count=0,run=1; COND(cd); count++)
DES_ede3_cbc_encrypt(buf,buf,BUFSIZE,
&sch,
&sch2,
&sch3,
&key,
DES_ENCRYPT);
d=Time_F(STOP);
printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
count,BUFSIZE,d);
d=((double)COUNT(cd)*BUFSIZE)/d;
#ifdef SIGALRM
printf("Doing crypt for 10 seconds\n");
alarm(10);
#else
printf("Doing crypt %ld times\n",ce);
#endif
Time_F(START);
for (count=0,run=1; COND(ce); count++)
crypt("testing1","ef");
e=Time_F(STOP);
printf("%ld crypts in %.2f second\n",count,e);
e=((double)COUNT(ce))/e;
printf("set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
printf("DES raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
printf("DES cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
printf("DES ede cbc bytes per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
printf("crypt per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
exit(0);
#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
return(0);
#endif
}