/**
* @ingroup SnmpParser
* @brief SNMPv3 암호화된 PDU 를 복호화한다.
* @param pszPacket 암호화된 PDU
* @param iPacketLen 암호화된 PDU 길이
* @param pszPassWord private 비밀번호
* @param pszEngineId SNMPv3 engine ID
* @param iEngineIdLen SNMPv3 engine ID 길이
* @param pszPrivParam msgPrivacyParameter
* @param iPrivParamLen msgPrivacyParameter 길이
* @param strPlain 평문 PDU 저장 변수
* @returns 성공하면 true 를 리턴하고 실패하면 false 를 리턴한다.
*/
bool SnmpDecrypt( const char * pszPacket, int iPacketLen, const char * pszPassWord, const char * pszEngineId, int iEngineIdLen
, const char * pszPrivParam, int iPrivParamLen, std::string & strPlain )
{
uint8_t szKey[16], szAuthKey[16], szIv[8];
strPlain.clear();
if( SnmpMakeKey( pszPassWord, szKey ) == false ) return false;
if( SnmpMakeAuthKey( szKey, (const uint8_t *)pszEngineId, iEngineIdLen, szAuthKey ) == false ) return false;
char * pszPlain = (char *)malloc( iPacketLen );
if( pszPlain == NULL ) return false;
for( int i = 0; i < 8; ++i )
{
szIv[i] = pszPrivParam[i] ^ szAuthKey[8+i];
}
DES_key_schedule sttKeySchedule;
DES_cblock sttBlock;
memcpy( sttBlock, szAuthKey, sizeof(sttBlock) );
DES_key_sched( &sttBlock, &sttKeySchedule );
DES_cbc_encrypt( (uint8_t *)pszPacket, (uint8_t *)pszPlain, iPacketLen, &sttKeySchedule, (DES_cblock *)szIv, DES_DECRYPT );
strPlain.append( pszPlain, iPacketLen );
free( pszPlain );
return true;
}
static int crypt_all(int *pcount, struct db_salt *salt)
{
int count = *pcount;
int index = 0;
#ifdef _OPENMP
#pragma omp parallel for
for (index = 0; index < count; index++)
#endif
{
int i;
DES_cblock des_key;
DES_key_schedule schedule;
DES_cblock ivec;
unsigned char encrypted_challenge[16] = { 0 };
/* process key */
for(i = 0; i < strlen((const char*)saved_key[index]); i++)
des_key[i] = bit_flip[ARCH_INDEX(saved_key[index][i])];
memset(ivec, 0, 8);
DES_set_key_unchecked(&des_key, &schedule);
/* do encryption */
DES_cbc_encrypt(cur_salt->challenge, &encrypted_challenge[0], 8, &schedule, &ivec, DES_ENCRYPT);
if(memcmp(encrypted_challenge, cur_salt->response, 8) == 0) {
DES_cbc_encrypt(&cur_salt->challenge[8], &encrypted_challenge[8], 8, &schedule, &ivec, DES_ENCRYPT);
if(memcmp(encrypted_challenge, cur_salt->response, 16) == 0)
memcpy((unsigned char*)crypt_out[index], encrypted_challenge, 16);
}
}
return count;
}
static void crypt_all(int count)
{
int index = 0;
#ifdef _OPENMP
#pragma omp parallel for
for (index = 0; index < count; index++)
#endif
{
DES_cblock des_key;
DES_key_schedule schedule;
DES_cblock ivec;
int i;
/* process key */
for(i = 0; saved_key[index][i]; i++)
des_key[i] = a2e_precomputed[ARCH_INDEX(saved_key[index][i])];
/* replace missing characters in userid by (EBCDIC space (0x40) XOR 0x55) << 1 */
while(i < 8)
des_key[i++] = 0x2a;
DES_set_key_unchecked(&des_key, &schedule);
/* do encryption */
memset(ivec, 0, 8);
DES_cbc_encrypt(cur_salt->userid, (unsigned char*)crypt_out[index], 8, &schedule, &ivec, DES_ENCRYPT);
}
}
static int
des_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
unsigned int size)
{
DES_key_schedule *k = ctx->cipher_data;
DES_cbc_encrypt(in, out, size,
k, (DES_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
static void
cbc_test(char key1[8], char iv[8], char in[24], char out[24])
{
unsigned char k1[8],
indata[24], outdata[24], outdata2[24], ansdata[24];
DES_key_schedule s1;
DES_cblock ivdata;
memcpy(k1, key1, 8);
memcpy(ivdata, iv, 8);
memcpy(indata, in, 24);
memcpy(ansdata, out, 24);
DES_set_odd_parity(&k1);
DES_set_key_unchecked(&k1, &s1);
DES_cbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "cbc: encrypt");
DES_cbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "cbc: decrypt");
}
/* HAS BUGS! DON'T USE - this is only present for use in des.c */
void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock *iv1,
DES_cblock *iv2, int enc)
{
int off=((int)length-1)/8;
long l8=((length+7)/8)*8;
DES_cblock niv1,niv2;
if (enc == DES_ENCRYPT)
{
DES_cbc_encrypt((unsigned char*)input,
(unsigned char*)output,length,&ks1,iv1,enc);
if (length >= sizeof(DES_cblock))
op_memcpy(niv1,output[off],sizeof(DES_cblock));
DES_cbc_encrypt((unsigned char*)output,
(unsigned char*)output,l8,&ks2,iv1,!enc);
DES_cbc_encrypt((unsigned char*)output,
(unsigned char*)output,l8,&ks1,iv2,enc);
if (length >= sizeof(DES_cblock))
op_memcpy(niv2,output[off],sizeof(DES_cblock));
}
else
{
if (length >= sizeof(DES_cblock))
op_memcpy(niv2,input[off],sizeof(DES_cblock));
DES_cbc_encrypt((unsigned char*)input,
(unsigned char*)output,l8,&ks1,iv2,enc);
DES_cbc_encrypt((unsigned char*)output,
(unsigned char*)output,l8,&ks2,iv1,!enc);
if (length >= sizeof(DES_cblock))
op_memcpy(niv1,output[off],sizeof(DES_cblock));
DES_cbc_encrypt((unsigned char*)output,
(unsigned char*)output,length,&ks1,iv1,enc);
}
op_memcpy(*iv1,niv1,sizeof(DES_cblock));
op_memcpy(*iv2,niv2,sizeof(DES_cblock));
}
int DES_enc_write(int fd, const void *_buf, int len,
DES_key_schedule *sched, DES_cblock *iv)
{
#if defined(OPENSSL_NO_POSIX_IO)
return (-1);
#else
# ifdef _LIBC
extern unsigned long time();
extern int write();
# endif
const unsigned char *buf = _buf;
long rnum;
int i, j, k, outnum;
static unsigned char *outbuf = NULL;
unsigned char shortbuf[8];
unsigned char *p;
const unsigned char *cp;
static int start = 1;
if (len < 0)
return -1;
if (outbuf == NULL) {
outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
if (outbuf == NULL)
return (-1);
}
/*
* If we are sending less than 8 bytes, the same char will look the same
* if we don't pad it out with random bytes
*/
if (start) {
start = 0;
}
/* lets recurse if we want to send the data in small chunks */
if (len > MAXWRITE) {
j = 0;
for (i = 0; i < len; i += k) {
k = DES_enc_write(fd, &(buf[i]),
((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
sched, iv);
if (k < 0)
return (k);
else
j += k;
}
return (j);
}
/* write length first */
p = outbuf;
l2n(len, p);
/* pad short strings */
if (len < 8) {
cp = shortbuf;
memcpy(shortbuf, buf, len);
if (RAND_bytes(shortbuf + len, 8 - len) <= 0)
return -1;
rnum = 8;
} else {
cp = buf;
rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
}
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
iv, DES_ENCRYPT);
else
DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
iv, DES_ENCRYPT);
/* output */
outnum = rnum + HDRSIZE;
for (j = 0; j < outnum; j += i) {
/*
* eay 26/08/92 I was not doing writing from where we got up to.
*/
# ifndef _WIN32
i = write(fd, (void *)&(outbuf[j]), outnum - j);
# else
i = _write(fd, (void *)&(outbuf[j]), outnum - j);
# endif
if (i == -1) {
# ifdef EINTR
if (errno == EINTR)
i = 0;
else
# endif
/*
* This is really a bad error - very bad It will stuff-up
* both ends.
*/
return (-1);
}
}
return (len);
#endif /* OPENSSL_NO_POSIX_IO */
}
int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
DES_cblock *iv)
{
#if defined(OPENSSL_NO_POSIX_IO)
return(0);
#else
/* data to be unencrypted */
int net_num=0;
static unsigned char *net=NULL;
/* extra unencrypted data
* for when a block of 100 comes in but is des_read one byte at
* a time. */
static unsigned char *unnet=NULL;
static int unnet_start=0;
static int unnet_left=0;
static unsigned char *tmpbuf=NULL;
int i;
long num=0,rnum;
unsigned char *p;
if (tmpbuf == NULL)
{
tmpbuf=(unsigned char*)OPENSSL_malloc(BSIZE);
if (tmpbuf == NULL) return(-1);
}
if (net == NULL)
{
net=(unsigned char*)OPENSSL_malloc(BSIZE);
if (net == NULL) return(-1);
}
if (unnet == NULL)
{
unnet=(unsigned char*)OPENSSL_malloc(BSIZE);
if (unnet == NULL) return(-1);
}
/* left over data from last decrypt */
if (unnet_left != 0)
{
if (unnet_left < len)
{
/* we still still need more data but will return
* with the number of bytes we have - should always
* check the return value */
TINYCLR_SSL_MEMCPY(buf,&(unnet[unnet_start]),
unnet_left);
/* eay 26/08/92 I had the next 2 lines
* reversed :-( */
i=unnet_left;
unnet_start=unnet_left=0;
}
else
{
TINYCLR_SSL_MEMCPY(buf,&(unnet[unnet_start]),len);
unnet_start+=len;
unnet_left-=len;
i=len;
}
return(i);
}
/* We need to get more data. */
if (len > MAXWRITE) len=MAXWRITE;
/* first - get the length */
while (net_num < HDRSIZE)
{
#ifndef OPENSSL_SYS_WIN32
i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
#else
i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
#endif
#ifdef EINTR
if ((i == -1) && (errno == EINTR)) continue;
#endif
if (i <= 0) return(0);
net_num+=i;
}
/* we now have at net_num bytes in net */
p=net;
/* num=0; */
n2l(p,num);
/* num should be rounded up to the next group of eight
* we make sure that we have read a multiple of 8 bytes from the net.
*/
if ((num > MAXWRITE) || (num < 0)) /* error */
return(-1);
rnum=(num < 8)?8:((num+7)/8*8);
net_num=0;
while (net_num < rnum)
{
#ifndef OPENSSL_SYS_WIN32
i=read(fd,(void *)&(net[net_num]),rnum-net_num);
#else
i=_read(fd,(void *)&(net[net_num]),rnum-net_num);
#endif
#ifdef EINTR
if ((i == -1) && (errno == EINTR)) continue;
#endif
if (i <= 0) return(0);
net_num+=i;
}
/* Check if there will be data left over. */
if (len < num)
{
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
else
DES_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
TINYCLR_SSL_MEMCPY(buf,unnet,len);
unnet_start=len;
unnet_left=num-len;
/* The following line is done because we return num
* as the number of bytes read. */
num=len;
}
else
{
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
if (len < rnum)
{
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net,tmpbuf,num,sched,iv,
DES_DECRYPT);
else
DES_cbc_encrypt(net,tmpbuf,num,sched,iv,
DES_DECRYPT);
/* eay 26/08/92 fix a bug that returned more
* bytes than you asked for (returned len bytes :-( */
TINYCLR_SSL_MEMCPY(buf,tmpbuf,num);
}
else
{
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net,(unsigned char*)buf,num,sched,iv,
DES_DECRYPT);
else
DES_cbc_encrypt(net,(unsigned char*)buf,num,sched,iv,
DES_DECRYPT);
}
}
return num;
#endif /* OPENSSL_NO_POSIX_IO */
}
int openssl_test()
{
EVP_MD_CTX md_ctx;
testVector a, b, c;
byte hash[SHA_DIGEST_SIZE];
a.input = "1234567890123456789012345678901234567890123456789012345678"
"9012345678901234567890";
a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
"\x7a";
a.inLen = strlen(a.input);
a.outLen = strlen(a.output);
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_md5());
EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
return -71;
b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaa";
b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
"\x53\x99\x5E\x26\xA0";
b.inLen = strlen(b.input);
b.outLen = strlen(b.output);
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha1());
EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
return -72;
if (RAND_bytes(hash, sizeof(hash)) != 1)
return -73;
c.input = "what do ya want for nothing?";
c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
"\x38";
c.inLen = strlen(c.input);
c.outLen = strlen(c.output);
HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
return -74;
{ /* des test */
const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
byte plain[24];
byte cipher[24];
const_DES_cblock key =
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
};
DES_cblock iv =
{
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
};
DES_key_schedule sched;
const byte verify[] =
{
0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
};
DES_key_sched(&key, &sched);
DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
if (memcmp(plain, vector, sizeof(vector)) != 0)
return -75;
if (memcmp(cipher, verify, sizeof(verify)) != 0)
return -76;
/* test changing iv */
DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
if (memcmp(cipher, verify, sizeof(verify)) != 0)
return -77;
} /* end des test */
return 0;
}
static OM_uint32
unwrap_des
(OM_uint32 * minor_status,
const gsskrb5_ctx context_handle,
const gss_buffer_t input_message_buffer,
gss_buffer_t output_message_buffer,
int * conf_state,
gss_qop_t * qop_state,
krb5_keyblock *key
)
{
u_char *p, *seq;
size_t len;
MD5_CTX md5;
u_char hash[16];
DES_key_schedule schedule;
DES_cblock deskey;
DES_cblock zero;
int i;
uint32_t seq_number;
size_t padlength;
OM_uint32 ret;
int cstate;
int cmp;
p = input_message_buffer->value;
ret = _gsskrb5_verify_header (&p,
input_message_buffer->length,
"\x02\x01",
GSS_KRB5_MECHANISM);
if (ret)
return ret;
if (memcmp (p, "\x00\x00", 2) != 0)
return GSS_S_BAD_SIG;
p += 2;
if (memcmp (p, "\x00\x00", 2) == 0) {
cstate = 1;
} else if (memcmp (p, "\xFF\xFF", 2) == 0) {
cstate = 0;
} else
return GSS_S_BAD_MIC;
p += 2;
if(conf_state != NULL)
*conf_state = cstate;
if (memcmp (p, "\xff\xff", 2) != 0)
return GSS_S_DEFECTIVE_TOKEN;
p += 2;
p += 16;
len = p - (u_char *)input_message_buffer->value;
if(cstate) {
/* decrypt data */
memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
for (i = 0; i < sizeof(deskey); ++i)
deskey[i] ^= 0xf0;
DES_set_key (&deskey, &schedule);
memset (&zero, 0, sizeof(zero));
DES_cbc_encrypt ((void *)p,
(void *)p,
input_message_buffer->length - len,
&schedule,
&zero,
DES_DECRYPT);
memset (deskey, 0, sizeof(deskey));
memset (&schedule, 0, sizeof(schedule));
}
/* check pad */
ret = _gssapi_verify_pad(input_message_buffer,
input_message_buffer->length - len,
&padlength);
if (ret)
return ret;
MD5_Init (&md5);
MD5_Update (&md5, p - 24, 8);
MD5_Update (&md5, p, input_message_buffer->length - len);
MD5_Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
DES_set_key (&deskey, &schedule);
DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
&schedule, &zero);
if (memcmp (p - 8, hash, 8) != 0)
return GSS_S_BAD_MIC;
/* verify sequence number */
HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
p -= 16;
DES_set_key (&deskey, &schedule);
DES_cbc_encrypt ((void *)p, (void *)p, 8,
&schedule, (DES_cblock *)hash, DES_DECRYPT);
memset (deskey, 0, sizeof(deskey));
memset (&schedule, 0, sizeof(schedule));
seq = p;
_gsskrb5_decode_om_uint32(seq, &seq_number);
if (context_handle->more_flags & LOCAL)
cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4);
else
cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4);
if (cmp != 0) {
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
return GSS_S_BAD_MIC;
}
ret = _gssapi_msg_order_check(context_handle->order, seq_number);
if (ret) {
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
return ret;
}
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
/* copy out data */
output_message_buffer->length = input_message_buffer->length
- len - padlength - 8;
output_message_buffer->value = malloc(output_message_buffer->length);
if(output_message_buffer->length != 0 && output_message_buffer->value == NULL)
return GSS_S_FAILURE;
memcpy (output_message_buffer->value,
p + 24,
output_message_buffer->length);
return GSS_S_COMPLETE;
}
void decrypt(const unsigned char *ct, unsigned char *pt, long length){
DES_cbc_encrypt(ct, pt, length, &schedule, &ivdata, 0);
}
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
{
DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
length, (DES_key_schedule *)schedule, ivec, enc);
}
void
des1_decrypt(struct keystate *ks, u_int8_t *d, u_int16_t len)
{
DES_cbc_encrypt((void *)d, (void *)d, len, &ks->ks_des[0], (void *)ks->riv,
DES_DECRYPT);
}
void encrypt(const unsigned char *pt, unsigned char *ct, DES_key_schedule* schedule, long length){
DES_cbc_encrypt(pt, ct, length, schedule, &ivdata, 1);
}
