From 6a3068af6a1237302e6baa59d64a65b4e2cf45e3 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Fri, 9 Apr 2004 07:48:22 +0000 Subject: [PATCH] md4-md5-20040408 Integration of Heimdal MD4/MD5 code ==================== This delta was composed from multiple commits as part of the CVS->Git migration. The checkin message with each commit was inconsistent. The following are the additional commit messages. ==================== Integration of Heimdal's MD4/MD5 code ==================== Integrate Heimdal's MD4/MD5 code ==================== Integrate Heimdal's MD4/MD5 code ==================== Integrate Heimdal's md4/md5 code ==================== Integration of Heimdal's MD4/MD5 code --- src/libafsrpc/Makefile.in | 8 + src/libafsrpc/NTMakefile | 2 +- src/rxkad/Makefile.in | 11 +- src/rxkad/NTMakefile | 6 + src/rxkad/hash.h | 71 ++++++++ src/rxkad/md4.c | 289 +++++++++++++++++++++++++++++++++ src/rxkad/md4.h | 54 +++++++ src/rxkad/md5.c | 313 ++++++++++++++++++++++++++++++++++++ src/rxkad/md5.h | 54 +++++++ src/rxkad/ticket5.c | 40 ++++- src/shlibafsrpc/Makefile.in | 8 + src/shlibafsrpc/NTMakefile | 4 + 12 files changed, 854 insertions(+), 6 deletions(-) create mode 100644 src/rxkad/hash.h create mode 100644 src/rxkad/md4.c create mode 100644 src/rxkad/md4.h create mode 100644 src/rxkad/md5.c create mode 100644 src/rxkad/md5.h diff --git a/src/libafsrpc/Makefile.in b/src/libafsrpc/Makefile.in index a81148ea8..435b106cf 100644 --- a/src/libafsrpc/Makefile.in +++ b/src/libafsrpc/Makefile.in @@ -87,6 +87,8 @@ RXKADOBJS =\ ticket.o \ ticket5.o \ crc.o \ + md4.o \ + md5.o \ fcrypt.o \ crypt_conn.o @@ -194,6 +196,12 @@ ticket5.o: ${RXKAD}/ticket5.c crc.o: ${RXKAD}/crc.c ${CCRULE} ${RXKAD}/crc.c +md4.o: ${RXKAD}/md4.c + ${CCRULE} ${RXKAD}/md4.c + +md5.o: ${RXKAD}/md5.c + ${CCRULE} ${RXKAD}/md5.c + fcrypt.o: ${TOP_OBJDIR}/src/rxkad/fcrypt.c ${CCRULE} ${TOP_OBJDIR}/src/rxkad/fcrypt.c diff --git a/src/libafsrpc/NTMakefile b/src/libafsrpc/NTMakefile index 0c071f00f..32ec9c070 100644 --- a/src/libafsrpc/NTMakefile +++ b/src/libafsrpc/NTMakefile @@ -36,7 +36,7 @@ RXOBJS = $(OUT)\rx_event.obj $(OUT)\rx_user.obj $(OUT)\rx_pthread.obj $(OUT)\rx. RXSTATBJS = $(OUT)\rxstat.obj $(OUT)\rxstat.ss.obj $(OUT)\rxstat.xdr.obj $(OUT)\rxstat.cs.obj LIBRXKAD_OBJS = $(OUT)\rxkad_client.obj $(OUT)\rxkad_server.obj $(OUT)\rxkad_common.obj $(OUT)\ticket.obj \ - $(OUT)\ticket5.obj $(OUT)\crc.obj $(OUT)\AFS_component_version_number.obj + $(OUT)\ticket5.obj $(OUT)\crc.obj $(OUT)\md4.obj $(OUT)\md5.obj $(OUT)\AFS_component_version_number.obj LIBRXKAD_REGOBJS = $(OUT)\fcrypt.obj $(OUT)\crypt_conn.obj diff --git a/src/rxkad/Makefile.in b/src/rxkad/Makefile.in index 057b7a773..0c2a5959a 100644 --- a/src/rxkad/Makefile.in +++ b/src/rxkad/Makefile.in @@ -12,10 +12,12 @@ include @TOP_OBJDIR@/src/config/Makefile.config INCLS=${TOP_INCDIR}/rx/rx.h ${TOP_INCDIR}/rx/xdr.h \ ${TOP_INCDIR}/rx/fcrypt.h \ - rxkad.h rxkad_prototypes.h fcrypt.h v5gen.h + rxkad.h rxkad_prototypes.h fcrypt.h v5gen.h \ + hash.h md4.h md5.h OBJS=rxkad_client.o rxkad_server.o rxkad_common.o rxkad_errs.o \ - fcrypt.o crypt_conn.o ticket.o ticket5.o crc.o + fcrypt.o crypt_conn.o ticket.o ticket5.o crc.o \ + md4.o md5.o fc_test_OBJS=fc_test.o @@ -83,6 +85,10 @@ ticket5.o: ticket5.c v5gen.c v5der.c v5gen-rewrite.h ${INCLS} crc.o: crc.c ${INCLS} +md4.o: md4.c ${INCLS} + +md5.o: md5.c ${INCLS} + fcrypt.o: fcrypt.c fcrypt.h sboxes.h rxkad.h rxkad_prototypes.h ${CC} ${CFLAGS} -c fcrypt.c @@ -108,7 +114,6 @@ clean: test: cd test; $(MAKE) - # These sources are kept in a separate directory so that we can use an # ACL to comply with source export restrictions. diff --git a/src/rxkad/NTMakefile b/src/rxkad/NTMakefile index a61b745e1..27f858ec8 100644 --- a/src/rxkad/NTMakefile +++ b/src/rxkad/NTMakefile @@ -15,6 +15,10 @@ INCFILES =\ $(INCFILEDIR)\rxkad_prototypes.h \ $(INCFILEDIR)\fcrypt.h \ $(INCFILEDIR)\asn1_err.h \ + $(INCFILEDIR)\v5gen.h \ + $(INCFILEDIR)\hash.h\ + $(INCFILEDIR)\md4.h \ + $(INCFILEDIR)\md5.h \ $(INCFILEDIR)\rxkad.h # build afsrxkad.lib @@ -28,6 +32,8 @@ LIBOBJS =\ $(OUT)\fcrypt.obj \ $(OUT)\ticket5.obj \ $(OUT)\crc.obj \ + $(OUT)\md4.obj \ + $(OUT)\md5.obj \ $(OUT)\crypt_conn.obj $(LIBOBJS): diff --git a/src/rxkad/hash.h b/src/rxkad/hash.h new file mode 100644 index 000000000..ade01ff1c --- /dev/null +++ b/src/rxkad/hash.h @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* $Id$ */ + +/* stuff in common between md4, md5, and sha1 */ + +#ifndef __hash_h__ +#define __hash_h__ + +#include +#include + +#ifndef min +#define min(a,b) (((a)>(b))?(b):(a)) +#endif + +/* Vector Crays doesn't have a good 32-bit type, or more precisely, + int32_t as defined by isn't 32 bits, and we don't + want to depend in being able to redefine this type. To cope with + this we have to clamp the result in some places to [0,2^32); no + need to do this on other machines. Did I say this was a mess? + */ + +#ifdef _CRAY +#define CRAYFIX(X) ((X) & 0xffffffff) +#else +#define CRAYFIX(X) (X) +#endif + +#if !defined(inline) && !defined(__GNUC__) +#define inline +#endif + +static inline afs_uint32 +cshift (afs_uint32 x, unsigned int n) +{ + x = CRAYFIX(x); + return CRAYFIX((x << n) | (x >> (32 - n))); +} + +#endif /* __hash_h__ */ diff --git a/src/rxkad/md4.c b/src/rxkad/md4.c new file mode 100644 index 000000000..5b479647c --- /dev/null +++ b/src/rxkad/md4.c @@ -0,0 +1,289 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#if defined(UKERNEL) +#include "../afs/param.h" +#else +#include +#endif + +#if defined(UKERNEL) +#include "../afs/sysincludes.h" +#include "../afs/afsincludes.h" +#include "../afs/stds.h" +#include "../rx/xdr.h" +#include "../rx/rx.h" +#include "../des/des.h" +#include "../afs/lifetimes.h" +#include "../afs/rxkad.h" +#else /* defined(UKERNEL) */ +#include +#include +#ifdef AFS_NT40_ENV +#include +#else +#include +#endif +#ifdef HAVE_STRING_H +#include +#else +#ifdef HAVE_STRINGS_H +#include +#endif +#endif +#include +#include +#include +#include "lifetimes.h" +#include "rxkad.h" +#endif /* defined(UKERNEL) */ + +RCSID("$Id$"); + +#undef WORDS_BIGENDIAN +#ifdef AFSBIG_ENDIAN +#define WORDS_BIGENDIAN 1 +#endif + +#include "md4.h" +#include "hash.h" + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define X data + +void +MD4_Init (struct md4 *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + D = 0x10325476; + C = 0x98badcfe; + B = 0xefcdab89; + A = 0x67452301; +} + +#define F(x,y,z) CRAYFIX((x & y) | (~x & z)) +#define G(x,y,z) ((x & y) | (x & z) | (y & z)) +#define H(x,y,z) (x ^ y ^ z) + +#define DOIT(a,b,c,d,k,s,i,OP) \ +a = cshift(a + OP(b,c,d) + X[k] + i, s) + +#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F) +#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G) +#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H) + +static inline void +calc (struct md4 *m, afs_uint32 *data) +{ + afs_uint32 AA, BB, CC, DD; + + AA = A; + BB = B; + CC = C; + DD = D; + + /* Round 1 */ + + DO1(A,B,C,D,0,3,0); + DO1(D,A,B,C,1,7,0); + DO1(C,D,A,B,2,11,0); + DO1(B,C,D,A,3,19,0); + + DO1(A,B,C,D,4,3,0); + DO1(D,A,B,C,5,7,0); + DO1(C,D,A,B,6,11,0); + DO1(B,C,D,A,7,19,0); + + DO1(A,B,C,D,8,3,0); + DO1(D,A,B,C,9,7,0); + DO1(C,D,A,B,10,11,0); + DO1(B,C,D,A,11,19,0); + + DO1(A,B,C,D,12,3,0); + DO1(D,A,B,C,13,7,0); + DO1(C,D,A,B,14,11,0); + DO1(B,C,D,A,15,19,0); + + /* Round 2 */ + + DO2(A,B,C,D,0,3,0x5A827999); + DO2(D,A,B,C,4,5,0x5A827999); + DO2(C,D,A,B,8,9,0x5A827999); + DO2(B,C,D,A,12,13,0x5A827999); + + DO2(A,B,C,D,1,3,0x5A827999); + DO2(D,A,B,C,5,5,0x5A827999); + DO2(C,D,A,B,9,9,0x5A827999); + DO2(B,C,D,A,13,13,0x5A827999); + + DO2(A,B,C,D,2,3,0x5A827999); + DO2(D,A,B,C,6,5,0x5A827999); + DO2(C,D,A,B,10,9,0x5A827999); + DO2(B,C,D,A,14,13,0x5A827999); + + DO2(A,B,C,D,3,3,0x5A827999); + DO2(D,A,B,C,7,5,0x5A827999); + DO2(C,D,A,B,11,9,0x5A827999); + DO2(B,C,D,A,15,13,0x5A827999); + + /* Round 3 */ + + DO3(A,B,C,D,0,3,0x6ED9EBA1); + DO3(D,A,B,C,8,9,0x6ED9EBA1); + DO3(C,D,A,B,4,11,0x6ED9EBA1); + DO3(B,C,D,A,12,15,0x6ED9EBA1); + + DO3(A,B,C,D,2,3,0x6ED9EBA1); + DO3(D,A,B,C,10,9,0x6ED9EBA1); + DO3(C,D,A,B,6,11,0x6ED9EBA1); + DO3(B,C,D,A,14,15,0x6ED9EBA1); + + DO3(A,B,C,D,1,3,0x6ED9EBA1); + DO3(D,A,B,C,9,9,0x6ED9EBA1); + DO3(C,D,A,B,5,11,0x6ED9EBA1); + DO3(B,C,D,A,13,15,0x6ED9EBA1); + + DO3(A,B,C,D,3,3,0x6ED9EBA1); + DO3(D,A,B,C,11,9,0x6ED9EBA1); + DO3(C,D,A,B,7,11,0x6ED9EBA1); + DO3(B,C,D,A,15,15,0x6ED9EBA1); + + A += AA; + B += BB; + C += CC; + D += DD; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if defined(WORDS_BIGENDIAN) +static inline afs_uint32 +swap_afs_uint32 (afs_uint32 t) +{ + afs_uint32 temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +MD4_Update (struct md4 *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0) { + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64) { +#if defined(WORDS_BIGENDIAN) + int i; + afs_uint32 current[16]; + struct x32 *u = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_afs_uint32(u[i].a); + current[2*i+1] = swap_afs_uint32(u[i].b); + } + calc(m, current); +#else + calc(m, (afs_uint32*)m->save); +#endif + offset = 0; + } + } +} + +void +MD4_Final (void *res, struct md4 *m) +{ + static unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+0] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+1] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+2] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+3] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+4] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+5] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+6] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+7] = (m->sz[1] >> 24) & 0xff; + MD4_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char *)res; + + for (i = 0; i < 4; ++i) { + r[4*i] = m->counter[i] & 0xFF; + r[4*i+1] = (m->counter[i] >> 8) & 0xFF; + r[4*i+2] = (m->counter[i] >> 16) & 0xFF; + r[4*i+3] = (m->counter[i] >> 24) & 0xFF; + } + } +#if 0 + { + int i; + afs_uint32 *r = (afs_uint32 *)res; + + for (i = 0; i < 4; ++i) + r[i] = swap_afs_uint32 (m->counter[i]); + } +#endif +} diff --git a/src/rxkad/md4.h b/src/rxkad/md4.h new file mode 100644 index 000000000..710eb4876 --- /dev/null +++ b/src/rxkad/md4.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_BITYPES_H +#include +#endif + +struct md4 { + unsigned int sz[2]; + afs_uint32 counter[4]; + unsigned char save[64]; +}; + +typedef struct md4 MD4_CTX; + +void MD4_Init (struct md4 *m); +void MD4_Update (struct md4 *m, const void *p, size_t len); +void MD4_Final (void *res, struct md4 *m); diff --git a/src/rxkad/md5.c b/src/rxkad/md5.c new file mode 100644 index 000000000..59190120e --- /dev/null +++ b/src/rxkad/md5.c @@ -0,0 +1,313 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#if defined(UKERNEL) +#include "../afs/param.h" +#else +#include +#endif + +#if defined(UKERNEL) +#include "../afs/sysincludes.h" +#include "../afs/afsincludes.h" +#include "../afs/stds.h" +#include "../rx/xdr.h" +#include "../rx/rx.h" +#include "../des/des.h" +#include "../afs/lifetimes.h" +#include "../afs/rxkad.h" +#else /* defined(UKERNEL) */ +#include +#include +#ifdef AFS_NT40_ENV +#include +#else +#include +#endif +#ifdef HAVE_STRING_H +#include +#else +#ifdef HAVE_STRINGS_H +#include +#endif +#endif +#include +#include +#include +#include "lifetimes.h" +#include "rxkad.h" +#endif /* defined(UKERNEL) */ + +RCSID("$Id$"); + +#undef WORDS_BIGENDIAN +#ifdef AFSBIG_ENDIAN +#define WORDS_BIGENDIAN 1 +#endif + +#include "md5.h" +#include "hash.h" + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define X data + +void +MD5_Init (struct md5 *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + D = 0x10325476; + C = 0x98badcfe; + B = 0xefcdab89; + A = 0x67452301; +} + +#define F(x,y,z) CRAYFIX((x & y) | (~x & z)) +#define G(x,y,z) CRAYFIX((x & z) | (y & ~z)) +#define H(x,y,z) (x ^ y ^ z) +#define I(x,y,z) CRAYFIX(y ^ (x | ~z)) + +#define DOIT(a,b,c,d,k,s,i,OP) \ +a = b + cshift(a + OP(b,c,d) + X[k] + (i), s) + +#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F) +#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G) +#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H) +#define DO4(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,I) + +static inline void +calc (struct md5 *m, afs_uint32 *data) +{ + afs_uint32 AA, BB, CC, DD; + + AA = A; + BB = B; + CC = C; + DD = D; + + /* Round 1 */ + + DO1(A,B,C,D,0,7,0xd76aa478); + DO1(D,A,B,C,1,12,0xe8c7b756); + DO1(C,D,A,B,2,17,0x242070db); + DO1(B,C,D,A,3,22,0xc1bdceee); + + DO1(A,B,C,D,4,7,0xf57c0faf); + DO1(D,A,B,C,5,12,0x4787c62a); + DO1(C,D,A,B,6,17,0xa8304613); + DO1(B,C,D,A,7,22,0xfd469501); + + DO1(A,B,C,D,8,7,0x698098d8); + DO1(D,A,B,C,9,12,0x8b44f7af); + DO1(C,D,A,B,10,17,0xffff5bb1); + DO1(B,C,D,A,11,22,0x895cd7be); + + DO1(A,B,C,D,12,7,0x6b901122); + DO1(D,A,B,C,13,12,0xfd987193); + DO1(C,D,A,B,14,17,0xa679438e); + DO1(B,C,D,A,15,22,0x49b40821); + + /* Round 2 */ + + DO2(A,B,C,D,1,5,0xf61e2562); + DO2(D,A,B,C,6,9,0xc040b340); + DO2(C,D,A,B,11,14,0x265e5a51); + DO2(B,C,D,A,0,20,0xe9b6c7aa); + + DO2(A,B,C,D,5,5,0xd62f105d); + DO2(D,A,B,C,10,9,0x2441453); + DO2(C,D,A,B,15,14,0xd8a1e681); + DO2(B,C,D,A,4,20,0xe7d3fbc8); + + DO2(A,B,C,D,9,5,0x21e1cde6); + DO2(D,A,B,C,14,9,0xc33707d6); + DO2(C,D,A,B,3,14,0xf4d50d87); + DO2(B,C,D,A,8,20,0x455a14ed); + + DO2(A,B,C,D,13,5,0xa9e3e905); + DO2(D,A,B,C,2,9,0xfcefa3f8); + DO2(C,D,A,B,7,14,0x676f02d9); + DO2(B,C,D,A,12,20,0x8d2a4c8a); + + /* Round 3 */ + + DO3(A,B,C,D,5,4,0xfffa3942); + DO3(D,A,B,C,8,11,0x8771f681); + DO3(C,D,A,B,11,16,0x6d9d6122); + DO3(B,C,D,A,14,23,0xfde5380c); + + DO3(A,B,C,D,1,4,0xa4beea44); + DO3(D,A,B,C,4,11,0x4bdecfa9); + DO3(C,D,A,B,7,16,0xf6bb4b60); + DO3(B,C,D,A,10,23,0xbebfbc70); + + DO3(A,B,C,D,13,4,0x289b7ec6); + DO3(D,A,B,C,0,11,0xeaa127fa); + DO3(C,D,A,B,3,16,0xd4ef3085); + DO3(B,C,D,A,6,23,0x4881d05); + + DO3(A,B,C,D,9,4,0xd9d4d039); + DO3(D,A,B,C,12,11,0xe6db99e5); + DO3(C,D,A,B,15,16,0x1fa27cf8); + DO3(B,C,D,A,2,23,0xc4ac5665); + + /* Round 4 */ + + DO4(A,B,C,D,0,6,0xf4292244); + DO4(D,A,B,C,7,10,0x432aff97); + DO4(C,D,A,B,14,15,0xab9423a7); + DO4(B,C,D,A,5,21,0xfc93a039); + + DO4(A,B,C,D,12,6,0x655b59c3); + DO4(D,A,B,C,3,10,0x8f0ccc92); + DO4(C,D,A,B,10,15,0xffeff47d); + DO4(B,C,D,A,1,21,0x85845dd1); + + DO4(A,B,C,D,8,6,0x6fa87e4f); + DO4(D,A,B,C,15,10,0xfe2ce6e0); + DO4(C,D,A,B,6,15,0xa3014314); + DO4(B,C,D,A,13,21,0x4e0811a1); + + DO4(A,B,C,D,4,6,0xf7537e82); + DO4(D,A,B,C,11,10,0xbd3af235); + DO4(C,D,A,B,2,15,0x2ad7d2bb); + DO4(B,C,D,A,9,21,0xeb86d391); + + A += AA; + B += BB; + C += CC; + D += DD; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if defined(WORDS_BIGENDIAN) +static inline afs_uint32 +swap_afs_uint32 (afs_uint32 t) +{ + afs_uint32 temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +MD5_Update (struct md5 *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0){ + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64){ +#if defined(WORDS_BIGENDIAN) + int i; + afs_uint32 current[16]; + struct x32 *u = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_afs_uint32(u[i].a); + current[2*i+1] = swap_afs_uint32(u[i].b); + } + calc(m, current); +#else + calc(m, (afs_uint32*)m->save); +#endif + offset = 0; + } + } +} + +void +MD5_Final (void *res, struct md5 *m) +{ + static unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+0] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+1] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+2] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+3] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+4] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+5] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+6] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+7] = (m->sz[1] >> 24) & 0xff; + MD5_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char *)res; + + for (i = 0; i < 4; ++i) { + r[4*i] = m->counter[i] & 0xFF; + r[4*i+1] = (m->counter[i] >> 8) & 0xFF; + r[4*i+2] = (m->counter[i] >> 16) & 0xFF; + r[4*i+3] = (m->counter[i] >> 24) & 0xFF; + } + } +#if 0 + { + int i; + afs_uint32 *r = (afs_uint32 *)res; + + for (i = 0; i < 4; ++i) + r[i] = swap_afs_uint32 (m->counter[i]); + } +#endif +} diff --git a/src/rxkad/md5.h b/src/rxkad/md5.h new file mode 100644 index 000000000..359714b09 --- /dev/null +++ b/src/rxkad/md5.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_BITYPES_H +#include +#endif + +struct md5 { + unsigned int sz[2]; + afs_uint32 counter[4]; + unsigned char save[64]; +}; + +typedef struct md5 MD5_CTX; + +void MD5_Init (struct md5 *m); +void MD5_Update (struct md5 *m, const void *p, size_t len); +void MD5_Final (void *res, struct md5 *m); /* afs_uint32 res[4] */ diff --git a/src/rxkad/ticket5.c b/src/rxkad/ticket5.c index 9c22d208a..013a107be 100644 --- a/src/rxkad/ticket5.c +++ b/src/rxkad/ticket5.c @@ -101,6 +101,8 @@ RCSID #include "v5gen.h" #include "v5der.c" #include "v5gen.c" +#include "md4.h" +#include "md5.h" /* * Principal conversion Taken from src/lib/krb5/krb/conv_princ from MIT Kerberos. If you @@ -383,6 +385,40 @@ tkt_DecodeTicket5(char *ticket, afs_int32 ticket_len, } +static int +verify_checksum_md4(void *data, size_t len, + void *cksum, size_t cksumsz, + struct ktc_encryptionKey *key) +{ + MD4_CTX md4; + unsigned char tmp[16]; + + MD4_Init(&md4); + MD4_Update(&md4, data, len); + MD4_Final (tmp, &md4); + + if (memcmp(tmp, cksum, cksumsz) != 0) + return 1; + return 0; +} + +static int +verify_checksum_md5(void *data, size_t len, + void *cksum, size_t cksumsz, + struct ktc_encryptionKey *key) +{ + MD5_CTX md5; + unsigned char tmp[16]; + + MD5_Init(&md5); + MD5_Update(&md5, data, len); + MD5_Final (tmp, &md5); + + if (memcmp(tmp, cksum, cksumsz) != 0) + return 1; + return 0; +} + static int verify_checksum_crc(void *data, size_t len, void *cksum, size_t cksumsz, struct ktc_encryptionKey *key) @@ -430,12 +466,12 @@ krb5_des_decrypt(struct ktc_encryptionKey *key, int etype, void *in, case ETYPE_DES_CBC_MD4: memset(&ivec, 0, sizeof(ivec)); cksumsz = 16; - /* FIXME: cksum_func = verify_checksum_md4 */ ; + cksum_func = verify_checksum_md4; break; case ETYPE_DES_CBC_MD5: memset(&ivec, 0, sizeof(ivec)); cksumsz = 16; - /* FIXME: cksum_func = verify_checksum_md5 */ ; + cksum_func = verify_checksum_md5; break; default: abort(); diff --git a/src/shlibafsrpc/Makefile.in b/src/shlibafsrpc/Makefile.in index cbe5107a6..2c4b5504e 100644 --- a/src/shlibafsrpc/Makefile.in +++ b/src/shlibafsrpc/Makefile.in @@ -90,6 +90,8 @@ RXKADOBJS =\ ticket.o \ ticket5.o \ crc.o \ + md4.o \ + md5.o \ fcrypt.o \ crypt_conn.o @@ -201,6 +203,12 @@ ticket5.o: ${RXKAD}/ticket5.c crc.o: ${RXKAD}/crc.c ${CCRULE} +md4.o: ${RXKAD}/md4.c + ${CCRULE} + +md5.o: ${RXKAD}/md5.c + ${CCRULE} + fcrypt.o: ${RXKAD}/fcrypt.c ${CCRULE} diff --git a/src/shlibafsrpc/NTMakefile b/src/shlibafsrpc/NTMakefile index a89937e53..3fc15fa23 100644 --- a/src/shlibafsrpc/NTMakefile +++ b/src/shlibafsrpc/NTMakefile @@ -60,6 +60,10 @@ LIBRXKAD_OBJS = $(OUT)\rxkad_client.obj \ $(OUT)\rxkad_server.obj \ $(OUT)\rxkad_common.obj \ $(OUT)\ticket.obj \ + $(OUT)\ticket5.obj \ + $(OUT)\crc.obj \ + $(OUT)\md4.obj \ + $(OUT)\md5.obj \ $(OUT)\AFS_component_version_number.obj LIBRXKAD_REGOBJS = $(OUT)\fcrypt.obj \ -- 2.39.5