static void StringToKey(char *str, char *cell, /* cell for password */ struct ktc_encryptionKey *key) { DES_key_schedule schedule; DES_cblock temp_key; DES_cblock ivec; char password[BUFSIZ]; int passlen; strncpy(password, str, sizeof(password)); if ((passlen = strlen(password)) < sizeof(password) - 1) strncat(password, cell, sizeof(password) - passlen); if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password); memcpy(&ivec, "kerberos", 8); memcpy(&temp_key, "kerberos", 8); DES_set_odd_parity(&temp_key); DES_key_sched(&temp_key, &schedule); DES_cbc_cksum((DES_cblock *) password, &ivec, passlen, &schedule, &ivec); memcpy(&temp_key, &ivec, 8); DES_set_odd_parity(&temp_key); DES_key_sched(&temp_key, &schedule); DES_cbc_cksum((DES_cblock *)password, ktc_to_cblock(key), passlen, &schedule, &ivec); DES_set_odd_parity(ktc_to_cblock(key)); }
/* * Long passwords, i.e 9 characters or more. */ static void afs_transarc_StringToKey (char *str, char *cell, DES_cblock *key) { DES_key_schedule schedule; DES_cblock temp_key; DES_cblock ivec; char password[512]; int passlen; strncpy (password, str, sizeof(password)); password[sizeof(password)-1] = '\0'; if ((passlen = strlen (password)) < sizeof(password)-1) strncat (password, cell, sizeof(password)-passlen); if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password); memcpy(&ivec, "kerberos", 8); memcpy(&temp_key, "kerberos", 8); des_fixup_key_parity (&temp_key); DES_key_sched (&temp_key, &schedule); DES_cbc_cksum ((unsigned char *)password, &ivec, passlen, &schedule, &ivec); memcpy(&temp_key, &ivec, 8); des_fixup_key_parity (&temp_key); DES_key_sched (&temp_key, &schedule); DES_cbc_cksum ((unsigned char *)password, key, passlen, &schedule, &ivec); des_fixup_key_parity (key); }
static void cbc_cksum(char key1[8], char iv[8], char *in, size_t len, uint32_t ret, char out[8]) { unsigned char k1[8], indata[24], ansdata[8]; DES_key_schedule s1; DES_cblock ivdata, outdata; uint32_t r; memcpy(k1, key1, 8); memcpy(ivdata, iv, 8); memcpy(indata, in, len); memcpy(ansdata, out, 8); DES_set_odd_parity(&k1); DES_set_key_unchecked(&k1, &s1); r = DES_cbc_cksum(indata, &outdata, len, &s1, &ivdata); if (ret != r) errx(1, "cbc_cksum: cksum error"); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "cbc_cksum: checksum"); }
void DES_string_to_key(const char *str, DES_cblock *key) { DES_key_schedule ks; int i,length; register unsigned char j; TINYCLR_SSL_MEMSET(key,0,8); length=TINYCLR_SSL_STRLEN(str); #ifdef OLD_STR_TO_KEY for (i=0; i<length; i++) (*key)[i%8]^=(str[i]<<1); #else /* MIT COMPATIBLE */ for (i=0; i<length; i++) { j=str[i]; if ((i%16) < 8) (*key)[i%8]^=(j<<1); else { /* Reverse the bit order 05/05/92 eay */ j=((j<<4)&0xf0)|((j>>4)&0x0f); j=((j<<2)&0xcc)|((j>>2)&0x33); j=((j<<1)&0xaa)|((j>>1)&0x55); (*key)[7-(i%8)]^=j; } } #endif DES_set_odd_parity(key); #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY if(DES_is_weak_key(key)) (*key)[7] ^= 0xF0; DES_set_key(key,&ks); #else DES_set_key_unchecked(key,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key); }
static OM_uint32 verify_mic_des (OM_uint32 * minor_status, const gsskrb5_ctx context_handle, krb5_context context, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t * qop_state, krb5_keyblock *key, char *type ) { u_char *p; EVP_MD_CTX *md5; u_char hash[16], *seq; DES_key_schedule schedule; EVP_CIPHER_CTX des_ctx; DES_cblock zero; DES_cblock deskey; uint32_t seq_number; OM_uint32 ret; int cmp; p = token_buffer->value; ret = _gsskrb5_verify_header (&p, token_buffer->length, type, GSS_KRB5_MECHANISM); if (ret) return ret; if (memcmp(p, "\x00\x00", 2) != 0) return GSS_S_BAD_SIG; p += 2; if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) return GSS_S_BAD_MIC; p += 4; p += 16; /* verify checksum */ md5 = EVP_MD_CTX_create(); EVP_DigestInit_ex(md5, EVP_md5(), NULL); EVP_DigestUpdate(md5, p - 24, 8); EVP_DigestUpdate(md5, message_buffer->value, message_buffer->length); EVP_DigestFinal_ex(md5, hash, NULL); EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); if (ct_memcmp (p - 8, hash, 8) != 0) { memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } /* verify sequence number */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; EVP_CIPHER_CTX_init(&des_ctx); EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0); EVP_Cipher(&des_ctx, p, p, 8); EVP_CIPHER_CTX_cleanup(&des_ctx); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); seq = p; _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); if (cmp != 0) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return GSS_S_BAD_MIC; } ret = _gssapi_msg_order_check(context_handle->order, seq_number); if (ret) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return ret; } HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return GSS_S_COMPLETE; }
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) { DES_key_schedule ks; int i,length; register unsigned char j; TINYCLR_SSL_MEMSET(key1,0,8); TINYCLR_SSL_MEMSET(key2,0,8); length=TINYCLR_SSL_STRLEN(str); #ifdef OLD_STR_TO_KEY if (length <= 8) { for (i=0; i<length; i++) { (*key2)[i]=(*key1)[i]=(str[i]<<1); } } else { for (i=0; i<length; i++) { if ((i/8)&1) (*key2)[i%8]^=(str[i]<<1); else (*key1)[i%8]^=(str[i]<<1); } } #else /* MIT COMPATIBLE */ for (i=0; i<length; i++) { j=str[i]; if ((i%32) < 16) { if ((i%16) < 8) (*key1)[i%8]^=(j<<1); else (*key2)[i%8]^=(j<<1); } else { j=((j<<4)&0xf0)|((j>>4)&0x0f); j=((j<<2)&0xcc)|((j>>2)&0x33); j=((j<<1)&0xaa)|((j>>1)&0x55); if ((i%16) < 8) (*key1)[7-(i%8)]^=j; else (*key2)[7-(i%8)]^=j; } } if (length <= 8) TINYCLR_SSL_MEMCPY(key2,key1,8); #endif DES_set_odd_parity(key1); DES_set_odd_parity(key2); #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY if(DES_is_weak_key(key1)) (*key1)[7] ^= 0xF0; DES_set_key(key1,&ks); #else DES_set_key_unchecked(key1,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key1,length,&ks,key1); #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY if(DES_is_weak_key(key2)) (*key2)[7] ^= 0xF0; DES_set_key(key2,&ks); #else DES_set_key_unchecked(key2,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key1); DES_set_odd_parity(key2); }
int main(int argc, char *argv[]) { int j, err = 0; unsigned int i; DES_cblock in, out, outin, iv3; DES_key_schedule ks, ks2, ks3; unsigned char cbc_in[40]; unsigned char cbc_out[40]; DES_LONG cs; unsigned char cret[8]; DES_LONG lqret[4]; int num; char *str; printf("Doing ecb\n"); for (i = 0; i < NUM_TESTS; i++) { DES_set_key_unchecked(&key_data[i], &ks); memcpy(in, plain_data[i], 8); memset(out, 0, 8); memset(outin, 0, 8); DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); if (memcmp(out, cipher_data[i], 8) != 0) { printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]), pt(out)); err = 1; } if (memcmp(in, outin, 8) != 0) { printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); err = 1; } } # ifndef LIBDES_LIT printf("Doing ede ecb\n"); for (i = 0; i < (NUM_TESTS - 2); i++) { DES_set_key_unchecked(&key_data[i], &ks); DES_set_key_unchecked(&key_data[i + 1], &ks2); DES_set_key_unchecked(&key_data[i + 2], &ks3); memcpy(in, plain_data[i], 8); memset(out, 0, 8); memset(outin, 0, 8); DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT); DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT); if (memcmp(out, cipher_ecb2[i], 8) != 0) { printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]), pt(out)); err = 1; } if (memcmp(in, outin, 8) != 0) { printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); err = 1; } } # endif printf("Doing cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &iv3, DES_ENCRYPT); if (memcmp(cbc_out, cbc_ok, 32) != 0) { printf("cbc_encrypt encrypt error\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &iv3, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) { printf("cbc_encrypt decrypt error\n"); err = 1; } # ifndef LIBDES_LIT printf("Doing desx cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT); if (memcmp(cbc_out, xcbc_ok, 32) != 0) { printf("des_xcbc_encrypt encrypt error\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { printf("des_xcbc_encrypt decrypt error\n"); err = 1; } # endif printf("Doing ede cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) { printf("Key error %d\n", j); err = 1; } if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); i = strlen((char *)cbc_data) + 1; /* i=((i+7)/8)*8; */ memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); if (memcmp (cbc_out, cbc3_ok, (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) { unsigned int n; printf("des_ede3_cbc_encrypt encrypt error\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_out[n]); printf("\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc3_ok[n]); printf("\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { unsigned int n; printf("DES_ede3_cbc_encrypt decrypt error\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_data[n]); printf("\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_in[n]); printf("\n"); err = 1; } # ifndef LIBDES_LIT printf("Doing pcbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); if (memcmp(cbc_out, pcbc_ok, 32) != 0) { printf("pcbc_encrypt encrypt error\n"); err = 1; } DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { printf("pcbc_encrypt decrypt error\n"); err = 1; } printf("Doing "); printf("cfb8 "); err += cfb_test(8, cfb_cipher8); printf("cfb16 "); err += cfb_test(16, cfb_cipher16); printf("cfb32 "); err += cfb_test(32, cfb_cipher32); printf("cfb48 "); err += cfb_test(48, cfb_cipher48); printf("cfb64 "); err += cfb_test(64, cfb_cipher64); printf("cfb64() "); err += cfb64_test(cfb_cipher64); memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]), 8, 1, &ks, &cfb_tmp, DES_ENCRYPT); if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) { printf("cfb_encrypt small encrypt error\n"); err = 1; } memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]), 8, 1, &ks, &cfb_tmp, DES_DECRYPT); if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { printf("cfb_encrypt small decrypt error\n"); err = 1; } printf("ede_cfb64() "); err += ede_cfb64_test(cfb_cipher64); printf("done\n"); printf("Doing ofb\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ofb_encrypt encrypt error\n"); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2], ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5], ofb_buf1[8 + 6], ofb_buf1[8 + 7]); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0], ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3], ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6], ofb_cipher[8 + 7]); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, &ofb_tmp); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ofb_encrypt decrypt error\n"); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2], ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5], ofb_buf2[8 + 6], ofb_buf2[8 + 7]); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0], plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4], plain[8 + 5], plain[8 + 6], plain[8 + 7]); err = 1; } printf("Doing ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num); } if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ofb64_encrypt encrypt error\n"); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, &num); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ofb64_encrypt decrypt error\n"); err = 1; } printf("Doing ede_ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks, &ks, &ofb_tmp, &num); } if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ede_ofb64_encrypt encrypt error\n"); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, &ofb_tmp, &num); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ede_ofb64_encrypt decrypt error\n"); err = 1; } printf("Doing cbc_cksum\n"); DES_set_key_checked(&cbc_key, &ks); cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, &cbc_iv); if (cs != cbc_cksum_ret) { printf("bad return value (%08lX), should be %08lX\n", (unsigned long)cs, (unsigned long)cbc_cksum_ret); err = 1; } if (memcmp(cret, cbc_cksum_data, 8) != 0) { printf("bad cbc_cksum block returned\n"); err = 1; } printf("Doing quad_cksum\n"); cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, (long)strlen((char *)cbc_data), 2, (DES_cblock *)cbc_iv); if (cs != 0x70d7a63aL) { printf("quad_cksum error, ret %08lx should be 70d7a63a\n", (unsigned long)cs); err = 1; } if (lqret[0] != 0x327eba8dL) { printf("quad_cksum error, out[0] %08lx is not %08lx\n", (unsigned long)lqret[0], 0x327eba8dUL); err = 1; } if (lqret[1] != 0x201a49ccL) { printf("quad_cksum error, out[1] %08lx is not %08lx\n", (unsigned long)lqret[1], 0x201a49ccUL); err = 1; } if (lqret[2] != 0x70d7a63aL) { printf("quad_cksum error, out[2] %08lx is not %08lx\n", (unsigned long)lqret[2], 0x70d7a63aUL); err = 1; } if (lqret[3] != 0x501c2c26L) { printf("quad_cksum error, out[3] %08lx is not %08lx\n", (unsigned long)lqret[3], 0x501c2c26UL); err = 1; } # endif printf("input word alignment test"); for (i = 0; i < 4; i++) { printf(" %d", i); DES_ncbc_encrypt(&(cbc_out[i]), cbc_in, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); } printf("\noutput word alignment test"); for (i = 0; i < 4; i++) { printf(" %d", i); DES_ncbc_encrypt(cbc_out, &(cbc_in[i]), strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); } printf("\n"); printf("fast crypt test "); str = crypt("testing", "ef"); if (strcmp("efGnQx2725bI2", str) != 0) { printf("fast crypt error, %s should be efGnQx2725bI2\n", str); err = 1; } str = crypt("bca76;23", "yA"); if (strcmp("yA1Rp/1hZXIJk", str) != 0) { printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str); err = 1; } printf("\n"); return (err); }
static OM_uint32 unwrap_des (OM_uint32 * minor_status, const gsskrb5_ctx context_handle, const gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int * conf_state, gss_qop_t * qop_state, krb5_keyblock *key ) { u_char *p, *seq; size_t len; MD5_CTX md5; u_char hash[16]; DES_key_schedule schedule; DES_cblock deskey; DES_cblock zero; int i; uint32_t seq_number; size_t padlength; OM_uint32 ret; int cstate; int cmp; p = input_message_buffer->value; ret = _gsskrb5_verify_header (&p, input_message_buffer->length, "\x02\x01", GSS_KRB5_MECHANISM); if (ret) return ret; if (memcmp (p, "\x00\x00", 2) != 0) return GSS_S_BAD_SIG; p += 2; if (memcmp (p, "\x00\x00", 2) == 0) { cstate = 1; } else if (memcmp (p, "\xFF\xFF", 2) == 0) { cstate = 0; } else return GSS_S_BAD_MIC; p += 2; if(conf_state != NULL) *conf_state = cstate; if (memcmp (p, "\xff\xff", 2) != 0) return GSS_S_DEFECTIVE_TOKEN; p += 2; p += 16; len = p - (u_char *)input_message_buffer->value; if(cstate) { /* decrypt data */ memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; DES_set_key (&deskey, &schedule); memset (&zero, 0, sizeof(zero)); DES_cbc_encrypt ((void *)p, (void *)p, input_message_buffer->length - len, &schedule, &zero, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); } /* check pad */ ret = _gssapi_verify_pad(input_message_buffer, input_message_buffer->length - len, &padlength); if (ret) return ret; MD5_Init (&md5); MD5_Update (&md5, p - 24, 8); MD5_Update (&md5, p, input_message_buffer->length - len); MD5_Final (hash, &md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); DES_set_key (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) return GSS_S_BAD_MIC; /* verify sequence number */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; DES_set_key (&deskey, &schedule); DES_cbc_encrypt ((void *)p, (void *)p, 8, &schedule, (DES_cblock *)hash, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); seq = p; _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); else cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); if (cmp != 0) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return GSS_S_BAD_MIC; } ret = _gssapi_msg_order_check(context_handle->order, seq_number); if (ret) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return ret; } HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); /* copy out data */ output_message_buffer->length = input_message_buffer->length - len - padlength - 8; output_message_buffer->value = malloc(output_message_buffer->length); if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) return GSS_S_FAILURE; memcpy (output_message_buffer->value, p + 24, output_message_buffer->length); return GSS_S_COMPLETE; }
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output, long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec) { return DES_cbc_cksum((unsigned char *)input, output, length, (DES_key_schedule *)schedule, ivec); }
static OM_uint32 unwrap_des (OM_uint32 * minor_status, const gsskrb5_ctx context_handle, const gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int * conf_state, gss_qop_t * qop_state, krb5_keyblock *key ) { u_char *p, *seq; size_t len; EVP_MD_CTX *md5; u_char hash[16]; EVP_CIPHER_CTX *des_ctx; DES_key_schedule schedule; DES_cblock deskey; DES_cblock zero; size_t i; uint32_t seq_number; size_t padlength; OM_uint32 ret; int cstate; int cmp; int token_len; if (IS_DCE_STYLE(context_handle)) { token_len = 22 + 8 + 15; /* 45 */ } else { token_len = input_message_buffer->length; } p = input_message_buffer->value; ret = _gsskrb5_verify_header (&p, token_len, "\x02\x01", GSS_KRB5_MECHANISM); if (ret) return ret; if (memcmp (p, "\x00\x00", 2) != 0) return GSS_S_BAD_SIG; p += 2; if (memcmp (p, "\x00\x00", 2) == 0) { cstate = 1; } else if (memcmp (p, "\xFF\xFF", 2) == 0) { cstate = 0; } else return GSS_S_BAD_MIC; p += 2; if(conf_state != NULL) *conf_state = cstate; if (memcmp (p, "\xff\xff", 2) != 0) return GSS_S_DEFECTIVE_TOKEN; p += 2; p += 16; len = p - (u_char *)input_message_buffer->value; if(cstate) { /* decrypt data */ memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); memset (&zero, 0, sizeof(zero)); for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; des_ctx = EVP_CIPHER_CTX_new(); if (des_ctx == NULL) { memset (deskey, 0, sizeof(deskey)); *minor_status = ENOMEM; return GSS_S_FAILURE; } EVP_CipherInit_ex(des_ctx, EVP_des_cbc(), NULL, deskey, zero, 0); EVP_Cipher(des_ctx, p, p, input_message_buffer->length - len); EVP_CIPHER_CTX_free(des_ctx); memset (deskey, 0, sizeof(deskey)); } if (IS_DCE_STYLE(context_handle)) { padlength = 0; } else { /* check pad */ ret = _gssapi_verify_pad(input_message_buffer, input_message_buffer->length - len, &padlength); if (ret) return ret; } md5 = EVP_MD_CTX_create(); EVP_DigestInit_ex(md5, EVP_md5(), NULL); EVP_DigestUpdate(md5, p - 24, 8); EVP_DigestUpdate(md5, p, input_message_buffer->length - len); EVP_DigestFinal_ex(md5, hash, NULL); EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); if (ct_memcmp (p - 8, hash, 8) != 0) { memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } /* verify sequence number */ des_ctx = EVP_CIPHER_CTX_new(); if (des_ctx == NULL) { memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); *minor_status = ENOMEM; return GSS_S_FAILURE; } HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; EVP_CipherInit_ex(des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0); EVP_Cipher(des_ctx, p, p, 8); EVP_CIPHER_CTX_free(des_ctx); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); seq = p; _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); if (cmp != 0) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return GSS_S_BAD_MIC; } ret = _gssapi_msg_order_check(context_handle->order, seq_number); if (ret) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); return ret; } HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); /* copy out data */ output_message_buffer->length = input_message_buffer->length - len - padlength - 8; output_message_buffer->value = malloc(output_message_buffer->length); if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) return GSS_S_FAILURE; memcpy (output_message_buffer->value, p + 24, output_message_buffer->length); return GSS_S_COMPLETE; }