/* taken from ClawsMail passcrypt.c */
static void passcrypt_decrypt(gchar *password, guint len)
{
char des_key[8] = PASSCRYPT_KEY;
des_setparity(des_key);
ecb_crypt(des_key, password, len, DES_DECRYPT);
}
static int ecb_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
struct scatterlist *src, unsigned int nbytes)
{
struct blkcipher_walk walk;
blkcipher_walk_init(&walk, dst, src, nbytes);
return ecb_crypt(desc, &walk, false);
}
static int ecb_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
struct scatterlist *src, unsigned int nbytes)
{
struct blkcipher_walk walk;
blkcipher_walk_init(&walk, dst, src, nbytes);
return ecb_crypt(desc, &walk, blowfish_enc_blk, blowfish_enc_blk_4way);
}
static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
struct aes_ctx *ctx = aes_ctx(tfm);
padlock_reset_key(&ctx->cword.encrypt);
ecb_crypt(in, out, ctx->D, &ctx->cword.decrypt, 1);
padlock_store_cword(&ctx->cword.encrypt);
}
/*
* 3. Validate
*/
static bool
authdes_validate(AUTH *auth, struct opaque_auth *rverf)
{
/* LINTED pointer alignment */
struct ad_private *ad = AUTH_PRIVATE(auth);
struct authdes_verf verf;
int status;
uint32_t *ixdr;
des_block buf;
if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT)
return (false);
/* LINTED pointer alignment */
ixdr = (uint32_t *) rverf->oa_base;
buf.key.high = (uint32_t) *ixdr++;
buf.key.low = (uint32_t) *ixdr++;
verf.adv_int_u = (uint32_t) *ixdr++;
/*
* Decrypt the timestamp
*/
status =
ecb_crypt((char *)&auth->ah_key, (char *)&buf,
(u_int) sizeof(des_block), DES_DECRYPT | DES_HW);
if (DES_FAILED(status)) {
__warnx(TIRPC_DEBUG_FLAG_AUTH,
"authdes_validate: DES decryption failure");
return (false);
}
/*
* xdr the decrypted timestamp
*/
/* LINTED pointer alignment */
ixdr = (uint32_t *) buf.c;
verf.adv_timestamp.tv_sec = IXDR_GET_INT32(ixdr) + 1;
verf.adv_timestamp.tv_usec = IXDR_GET_INT32(ixdr);
/*
* validate
*/
if (bcmp
((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
sizeof(struct timeval)) != 0) {
__warnx(TIRPC_DEBUG_FLAG_AUTH,
"authdes_validate: verifier mismatch");
return (false);
}
/*
* We have a nickname now, let's use it
*/
ad->ad_nickname = verf.adv_nickname;
ad->ad_cred.adc_namekind = ADN_NICKNAME;
return (true);
}
static int ecb_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
struct scatterlist *src, unsigned int nbytes)
{
struct des3_ede_x86_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
struct blkcipher_walk walk;
blkcipher_walk_init(&walk, dst, src, nbytes);
return ecb_crypt(desc, &walk, ctx->dec_expkey);
}
void des_encrypt(const char *key, char *data, int len)
{
char pkey[8];
strncpy(pkey, key, 8);
des_setparity(pkey);
do {
data[len++] = '\x8';
} while (len % 8 != 0);
ecb_crypt(pkey, data, len, DES_ENCRYPT);
}
static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
struct aes_ctx *ctx = aes_ctx(tfm);
int ts_state;
padlock_reset_key(&ctx->cword.encrypt);
ts_state = irq_ts_save();
ecb_crypt(in, out, ctx->E, &ctx->cword.encrypt, 1);
irq_ts_restore(ts_state);
padlock_store_cword(&ctx->cword.encrypt);
}
/*
* 3. Validate
*/
static bool_t
authdes_validate (AUTH *auth, struct opaque_auth *rverf)
{
struct ad_private *ad = AUTH_PRIVATE (auth);
struct authdes_verf verf;
int status;
register uint32_t *ixdr;
if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT)
return FALSE;
ixdr = (uint32_t *) rverf->oa_base;
verf.adv_xtimestamp.key.high = *ixdr++;
verf.adv_xtimestamp.key.low = *ixdr++;
verf.adv_int_u = *ixdr++; /* nickname not XDR'd ! */
/*
* Decrypt the timestamp
*/
status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp,
sizeof (des_block), DES_DECRYPT | DES_HW);
if (DES_FAILED (status))
{
debug ("authdes_validate: DES decryption failure");
return FALSE;
}
/*
* xdr the decrypted timestamp
*/
ixdr = (uint32_t *) verf.adv_xtimestamp.c;
verf.adv_timestamp.tv_sec = IXDR_GET_U_INT32 (ixdr) + 1;
verf.adv_timestamp.tv_usec = IXDR_GET_U_INT32 (ixdr);
/*
* validate
*/
if (memcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp,
sizeof (struct rpc_timeval)) != 0)
{
debug ("authdes_validate: verifier mismatch\n");
return FALSE;
}
/*
* We have a nickname now, let's use it
*/
ad->ad_nickname = verf.adv_nickname;
ad->ad_cred.adc_namekind = ADN_NICKNAME;
return TRUE;
}
/*
* encrypt/decrypt ID (val1) and R (val2)
* return FALSE on failure and TRUE on success
*/
bool_t
__npd_ecb_crypt(
uint32_t *val1,
uint32_t *val2,
des_block *buf,
unsigned int bufsize,
unsigned int mode,
des_block *deskey)
{
int status;
int32_t *ixdr;
if (bufsize > MAX_KEY_CRYPT_LEN)
return (FALSE);
ixdr = (int32_t *)buf;
if (mode == DES_ENCRYPT) {
(void) memset((char *)buf, 0, bufsize);
IXDR_PUT_U_INT32(ixdr, *val1);
IXDR_PUT_U_INT32(ixdr, *val2);
status = ecb_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW);
if (DES_FAILED(status))
return (FALSE);
} else {
status = ecb_crypt((char *)deskey, (char *)buf,
bufsize, mode | DES_HW);
if (DES_FAILED(status))
return (FALSE);
*val1 = IXDR_GET_U_INT32(ixdr);
*val2 = IXDR_GET_U_INT32(ixdr);
}
return (TRUE);
}
static inline void padlock_xcrypt_ecb(const u8 *input, u8 *output, void *key,
void *control_word, u32 count)
{
u32 initial = count & (ecb_fetch_blocks - 1);
if (count < ecb_fetch_blocks) {
ecb_crypt(input, output, key, control_word, count);
return;
}
if (initial)
asm volatile (".byte 0xf3,0x0f,0xa7,0xc8" /* rep xcryptecb */
: "+S"(input), "+D"(output)
: "d"(control_word), "b"(key), "c"(initial));
asm volatile (".byte 0xf3,0x0f,0xa7,0xc8" /* rep xcryptecb */
: "+S"(input), "+D"(output)
: "d"(control_word), "b"(key), "c"(count - initial));
}
/* ARGSUSED */
des_block *
key_gen_1_svc_prog(void *v, struct svc_req *s)
{
struct timeval time;
static des_block keygen;
static des_block key;
gettimeofday(&time, NULL);
keygen.key.high += (time.tv_sec ^ time.tv_usec);
keygen.key.low += (time.tv_sec ^ time.tv_usec);
ecb_crypt((char *)&masterkey, (char *)&keygen, sizeof (keygen),
DES_ENCRYPT | DES_HW);
key = keygen;
des_setparity((char *)&key);
if (debugging) {
fprintf(stderr, "gen() = %08x%08x\n", key.key.high,
key.key.low);
fflush(stderr);
}
return (&key);
}
/*
* 2. Marshal
*/
static bool_t
authdes_marshal(AUTH *auth, XDR *xdrs)
{
/* LINTED pointer alignment */
struct ad_private *ad = AUTH_PRIVATE(auth);
struct authdes_cred *cred = &ad->ad_cred;
struct authdes_verf *verf = &ad->ad_verf;
des_block cryptbuf[2];
des_block ivec;
int status;
int len;
rpc_inline_t *ixdr;
/*
* Figure out the "time", accounting for any time difference
* with the server if necessary.
*/
(void)gettimeofday(&ad->ad_timestamp, NULL);
ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec;
ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec;
while (ad->ad_timestamp.tv_usec >= USEC_PER_SEC) {
ad->ad_timestamp.tv_usec -= USEC_PER_SEC;
ad->ad_timestamp.tv_sec++;
}
/*
* XDR the timestamp and possibly some other things, then
* encrypt them.
*/
ixdr = (rpc_inline_t *)cryptbuf;
IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_sec);
IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_usec);
if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
IXDR_PUT_U_INT32(ixdr, ad->ad_window);
IXDR_PUT_U_INT32(ixdr, ad->ad_window - 1);
ivec.key.high = ivec.key.low = 0;
status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf,
(u_int) 2 * sizeof (des_block),
DES_ENCRYPT | DES_HW, (char *)&ivec);
} else {
status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf,
(u_int) sizeof (des_block),
DES_ENCRYPT | DES_HW);
}
if (DES_FAILED(status)) {
syslog(LOG_ERR, "authdes_marshal: DES encryption failure");
return (FALSE);
}
ad->ad_verf.adv_xtimestamp = cryptbuf[0];
if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high;
ad->ad_verf.adv_winverf = cryptbuf[1].key.low;
} else {
ad->ad_cred.adc_nickname = ad->ad_nickname;
ad->ad_verf.adv_winverf = 0;
}
/*
* Serialize the credential and verifier into opaque
* authentication data.
*/
if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen);
} else {
len = (1 + 1)*BYTES_PER_XDR_UNIT;
}
if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
IXDR_PUT_INT32(ixdr, AUTH_DES);
IXDR_PUT_INT32(ixdr, len);
} else {
ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_cred.oa_flavor));
ATTEMPT(xdr_putint32(xdrs, &len));
}
ATTEMPT(xdr_authdes_cred(xdrs, cred));
len = (2 + 1)*BYTES_PER_XDR_UNIT;
if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
IXDR_PUT_INT32(ixdr, AUTH_DES);
IXDR_PUT_INT32(ixdr, len);
} else {
ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_verf.oa_flavor));
ATTEMPT(xdr_putint32(xdrs, &len));
}
ATTEMPT(xdr_authdes_verf(xdrs, verf));
return (TRUE);
}
/*
* 2. Marshal
*/
static bool_t
authdes_marshal (AUTH *auth, XDR *xdrs)
{
struct ad_private *ad = AUTH_PRIVATE (auth);
struct authdes_cred *cred = &ad->ad_cred;
struct authdes_verf *verf = &ad->ad_verf;
des_block cryptbuf[2];
des_block ivec;
int status;
int len;
register int32_t *ixdr;
struct timeval tval;
/*
* Figure out the "time", accounting for any time difference
* with the server if necessary.
*/
__gettimeofday (&tval, (struct timezone *) NULL);
ad->ad_timestamp.tv_sec = tval.tv_sec + ad->ad_timediff.tv_sec;
ad->ad_timestamp.tv_usec = tval.tv_usec + ad->ad_timediff.tv_usec;
if (ad->ad_timestamp.tv_usec >= MILLION)
{
ad->ad_timestamp.tv_usec -= MILLION;
ad->ad_timestamp.tv_sec += 1;
}
/*
* XDR the timestamp and possibly some other things, then
* encrypt them.
* XXX We have a real Year 2038 problem here.
*/
ixdr = (int32_t *) cryptbuf;
IXDR_PUT_INT32 (ixdr, ad->ad_timestamp.tv_sec);
IXDR_PUT_INT32 (ixdr, ad->ad_timestamp.tv_usec);
if (ad->ad_cred.adc_namekind == ADN_FULLNAME)
{
IXDR_PUT_U_INT32 (ixdr, ad->ad_window);
IXDR_PUT_U_INT32 (ixdr, ad->ad_window - 1);
ivec.key.high = ivec.key.low = 0;
status = cbc_crypt ((char *) &auth->ah_key, (char *) cryptbuf,
2 * sizeof (des_block), DES_ENCRYPT | DES_HW, (char *) &ivec);
}
else
status = ecb_crypt ((char *) &auth->ah_key, (char *) cryptbuf,
sizeof (des_block), DES_ENCRYPT | DES_HW);
if (DES_FAILED (status))
{
debug ("authdes_marshal: DES encryption failure");
return FALSE;
}
ad->ad_verf.adv_xtimestamp = cryptbuf[0];
if (ad->ad_cred.adc_namekind == ADN_FULLNAME)
{
ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high;
ad->ad_verf.adv_winverf = cryptbuf[1].key.low;
}
else
{
ad->ad_cred.adc_nickname = ad->ad_nickname;
ad->ad_verf.adv_winverf = 0;
}
/*
* Serialize the credential and verifier into opaque
* authentication data.
*/
if (ad->ad_cred.adc_namekind == ADN_FULLNAME)
len = ((1 + 1 + 2 + 1) * BYTES_PER_XDR_UNIT + ad->ad_fullnamelen);
else
len = (1 + 1) * BYTES_PER_XDR_UNIT;
if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL)
{
IXDR_PUT_INT32 (ixdr, AUTH_DES);
IXDR_PUT_U_INT32 (ixdr, len);
}
else
{
ATTEMPT (xdr_putint32 (xdrs, &auth->ah_cred.oa_flavor));
ATTEMPT (xdr_putint32 (xdrs, &len));
}
ATTEMPT (xdr_authdes_cred (xdrs, cred));
len = (2 + 1) * BYTES_PER_XDR_UNIT;
if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL)
{
IXDR_PUT_INT32 (ixdr, AUTH_DES);
IXDR_PUT_U_INT32 (ixdr, len);
}
else
{
ATTEMPT (xdr_putint32 (xdrs, &auth->ah_verf.oa_flavor));
ATTEMPT (xdr_putint32 (xdrs, &len));
}
ATTEMPT (xdr_authdes_verf (xdrs, verf));
return TRUE;
}