- remove some more jpake remnants.
- try to fix umac; probably still broken on hosts that require strict alignment, but it is still a start.
This commit is contained in:
parent
983a58da7f
commit
343a8bbd30
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: auth.h,v 1.8 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: auth.h,v 1.9 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: auth.h,v 1.78 2014/07/03 11:16:55 djm Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -62,7 +62,6 @@ struct Authctxt {
|
|||
char *style;
|
||||
void *kbdintctxt;
|
||||
char *info; /* Extra info for next auth_log */
|
||||
void *jpake_ctx;
|
||||
#ifdef BSD_AUTH
|
||||
auth_session_t *as;
|
||||
#endif
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: compat.c,v 1.85 2014/04/20 02:49:32 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
|
||||
|
@ -25,7 +25,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $");
|
||||
__RCSID("$NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
|
@ -179,6 +179,7 @@ compat_datafellows(const char *version)
|
|||
if (match_pattern_list(version, check[i].pat,
|
||||
strlen(check[i].pat), 0) == 1) {
|
||||
datafellows = check[i].bugs;
|
||||
/* Check to see if the remote side is OpenSSH and not HPN */
|
||||
if(strstr(version,"OpenSSH") != NULL)
|
||||
{
|
||||
if (strstr(version,"hpn") == NULL)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: mac.c,v 1.30 2014/04/30 19:07:48 naddy Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2001 Markus Friedl. All rights reserved.
|
||||
|
@ -25,7 +25,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $");
|
||||
__RCSID("$NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <openssl/hmac.h>
|
||||
|
@ -153,14 +153,12 @@ mac_init(Mac *mac)
|
|||
ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0)
|
||||
return -1;
|
||||
return 0;
|
||||
#ifdef UMAC_HAS_BEEN_UNBROKEN
|
||||
case SSH_UMAC:
|
||||
mac->umac_ctx = umac_new(mac->key);
|
||||
return 0;
|
||||
case SSH_UMAC128:
|
||||
mac->umac_ctx = umac128_new(mac->key);
|
||||
return 0;
|
||||
#endif
|
||||
default:
|
||||
return -1;
|
||||
}
|
||||
|
@ -174,9 +172,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
|
|||
u_int64_t for_align;
|
||||
} u;
|
||||
u_char b[4];
|
||||
#ifdef UMAC_HAS_BEEN_UNBROKEN
|
||||
u_char nonce[8];
|
||||
#endif
|
||||
|
||||
if (mac->mac_len > sizeof(u))
|
||||
fatal("mac_compute: mac too long %u %zu",
|
||||
|
@ -192,7 +188,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
|
|||
ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
|
||||
fatal("ssh_hmac failed");
|
||||
break;
|
||||
#ifdef UMAC_HAS_BEEN_UNBROKEN
|
||||
case SSH_UMAC:
|
||||
put_u64(nonce, seqno);
|
||||
umac_update(mac->umac_ctx, data, datalen);
|
||||
|
@ -203,7 +198,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
|
|||
umac128_update(mac->umac_ctx, data, datalen);
|
||||
umac128_final(mac->umac_ctx, u.m, nonce);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
fatal("mac_compute: unknown MAC type");
|
||||
}
|
||||
|
@ -213,16 +207,13 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
|
|||
void
|
||||
mac_clear(Mac *mac)
|
||||
{
|
||||
#ifdef UMAC_HAS_BEEN_UNBROKEN
|
||||
if (mac->type == SSH_UMAC) {
|
||||
if (mac->umac_ctx != NULL)
|
||||
umac_delete(mac->umac_ctx);
|
||||
} else if (mac->type == SSH_UMAC128) {
|
||||
if (mac->umac_ctx != NULL)
|
||||
umac128_delete(mac->umac_ctx);
|
||||
} else
|
||||
#endif
|
||||
if (mac->hmac_ctx != NULL)
|
||||
} else if (mac->hmac_ctx != NULL)
|
||||
ssh_hmac_free(mac->hmac_ctx);
|
||||
mac->hmac_ctx = NULL;
|
||||
mac->umac_ctx = NULL;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: monitor_wrap.c,v 1.9 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: monitor_wrap.c,v 1.10 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: monitor_wrap.c,v 1.80 2014/04/29 18:01:49 markus Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
|
@ -27,7 +27,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: monitor_wrap.c,v 1.9 2014/10/19 16:30:58 christos Exp $");
|
||||
__RCSID("$NetBSD: monitor_wrap.c,v 1.10 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
#include <sys/uio.h>
|
||||
#include <sys/queue.h>
|
||||
|
@ -1268,168 +1268,6 @@ mm_ssh_gssapi_userok(char *user)
|
|||
}
|
||||
#endif /* GSSAPI */
|
||||
|
||||
#ifdef JPAKE
|
||||
void
|
||||
mm_auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s,
|
||||
char **hash_scheme, char **salt)
|
||||
{
|
||||
Buffer m;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
mm_request_send(pmonitor->m_recvfd,
|
||||
MONITOR_REQ_JPAKE_GET_PWDATA, &m);
|
||||
|
||||
debug3("%s: waiting for MONITOR_ANS_JPAKE_GET_PWDATA", __func__);
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_JPAKE_GET_PWDATA, &m);
|
||||
|
||||
*hash_scheme = buffer_get_string(&m, NULL);
|
||||
*salt = buffer_get_string(&m, NULL);
|
||||
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
void
|
||||
mm_jpake_step1(struct modp_group *grp,
|
||||
u_char **id, u_int *id_len,
|
||||
BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2,
|
||||
u_char **priv1_proof, u_int *priv1_proof_len,
|
||||
u_char **priv2_proof, u_int *priv2_proof_len)
|
||||
{
|
||||
Buffer m;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
mm_request_send(pmonitor->m_recvfd,
|
||||
MONITOR_REQ_JPAKE_STEP1, &m);
|
||||
|
||||
debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP1", __func__);
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_JPAKE_STEP1, &m);
|
||||
|
||||
if ((*priv1 = BN_new()) == NULL ||
|
||||
(*priv2 = BN_new()) == NULL ||
|
||||
(*g_priv1 = BN_new()) == NULL ||
|
||||
(*g_priv2 = BN_new()) == NULL)
|
||||
fatal("%s: BN_new", __func__);
|
||||
|
||||
*id = buffer_get_string(&m, id_len);
|
||||
/* priv1 and priv2 are, well, private */
|
||||
buffer_get_bignum2(&m, *g_priv1);
|
||||
buffer_get_bignum2(&m, *g_priv2);
|
||||
*priv1_proof = buffer_get_string(&m, priv1_proof_len);
|
||||
*priv2_proof = buffer_get_string(&m, priv2_proof_len);
|
||||
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
void
|
||||
mm_jpake_step2(struct modp_group *grp, BIGNUM *s,
|
||||
BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2,
|
||||
const u_char *theirid, u_int theirid_len,
|
||||
const u_char *myid, u_int myid_len,
|
||||
const u_char *theirpub1_proof, u_int theirpub1_proof_len,
|
||||
const u_char *theirpub2_proof, u_int theirpub2_proof_len,
|
||||
BIGNUM **newpub,
|
||||
u_char **newpub_exponent_proof, u_int *newpub_exponent_proof_len)
|
||||
{
|
||||
Buffer m;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
/* monitor already has all bignums except theirpub1, theirpub2 */
|
||||
buffer_put_bignum2(&m, theirpub1);
|
||||
buffer_put_bignum2(&m, theirpub2);
|
||||
/* monitor already knows our id */
|
||||
buffer_put_string(&m, theirid, theirid_len);
|
||||
buffer_put_string(&m, theirpub1_proof, theirpub1_proof_len);
|
||||
buffer_put_string(&m, theirpub2_proof, theirpub2_proof_len);
|
||||
|
||||
mm_request_send(pmonitor->m_recvfd,
|
||||
MONITOR_REQ_JPAKE_STEP2, &m);
|
||||
|
||||
debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP2", __func__);
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_JPAKE_STEP2, &m);
|
||||
|
||||
if ((*newpub = BN_new()) == NULL)
|
||||
fatal("%s: BN_new", __func__);
|
||||
|
||||
buffer_get_bignum2(&m, *newpub);
|
||||
*newpub_exponent_proof = buffer_get_string(&m,
|
||||
newpub_exponent_proof_len);
|
||||
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
void
|
||||
mm_jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val,
|
||||
BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2,
|
||||
BIGNUM *theirpub1, BIGNUM *theirpub2,
|
||||
const u_char *my_id, u_int my_id_len,
|
||||
const u_char *their_id, u_int their_id_len,
|
||||
const u_char *sess_id, u_int sess_id_len,
|
||||
const u_char *theirpriv2_s_proof, u_int theirpriv2_s_proof_len,
|
||||
BIGNUM **k,
|
||||
u_char **confirm_hash, u_int *confirm_hash_len)
|
||||
{
|
||||
Buffer m;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
/* monitor already has all bignums except step2_val */
|
||||
buffer_put_bignum2(&m, step2_val);
|
||||
/* monitor already knows all the ids */
|
||||
buffer_put_string(&m, theirpriv2_s_proof, theirpriv2_s_proof_len);
|
||||
|
||||
mm_request_send(pmonitor->m_recvfd,
|
||||
MONITOR_REQ_JPAKE_KEY_CONFIRM, &m);
|
||||
|
||||
debug3("%s: waiting for MONITOR_ANS_JPAKE_KEY_CONFIRM", __func__);
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_JPAKE_KEY_CONFIRM, &m);
|
||||
|
||||
/* 'k' is sensitive and stays in the monitor */
|
||||
*confirm_hash = buffer_get_string(&m, confirm_hash_len);
|
||||
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
int
|
||||
mm_jpake_check_confirm(const BIGNUM *k,
|
||||
const u_char *peer_id, u_int peer_id_len,
|
||||
const u_char *sess_id, u_int sess_id_len,
|
||||
const u_char *peer_confirm_hash, u_int peer_confirm_hash_len)
|
||||
{
|
||||
Buffer m;
|
||||
int success = 0;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
/* k is dummy in slave, ignored */
|
||||
/* monitor knows all the ids */
|
||||
buffer_put_string(&m, peer_confirm_hash, peer_confirm_hash_len);
|
||||
mm_request_send(pmonitor->m_recvfd,
|
||||
MONITOR_REQ_JPAKE_CHECK_CONFIRM, &m);
|
||||
|
||||
debug3("%s: waiting for MONITOR_ANS_JPAKE_CHECK_CONFIRM", __func__);
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_JPAKE_CHECK_CONFIRM, &m);
|
||||
|
||||
success = buffer_get_int(&m);
|
||||
buffer_free(&m);
|
||||
|
||||
debug3("%s: success = %d", __func__, success);
|
||||
return success;
|
||||
}
|
||||
#endif /* JPAKE */
|
||||
|
||||
#ifdef KRB4
|
||||
int
|
||||
mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: monitor_wrap.h,v 1.6 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: monitor_wrap.h,v 1.7 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: monitor_wrap.h,v 1.24 2014/01/29 06:18:35 djm Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -97,25 +97,6 @@ int mm_bsdauth_respond(void *, u_int, char **);
|
|||
int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
|
||||
int mm_skey_respond(void *, u_int, char **);
|
||||
|
||||
/* jpake */
|
||||
struct modp_group;
|
||||
void mm_auth2_jpake_get_pwdata(struct Authctxt *, BIGNUM **, char **, char **);
|
||||
void mm_jpake_step1(struct modp_group *, u_char **, u_int *,
|
||||
BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **,
|
||||
u_char **, u_int *, u_char **, u_int *);
|
||||
void mm_jpake_step2(struct modp_group *, BIGNUM *,
|
||||
BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
|
||||
const u_char *, u_int, const u_char *, u_int,
|
||||
const u_char *, u_int, const u_char *, u_int,
|
||||
BIGNUM **, u_char **, u_int *);
|
||||
void mm_jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *,
|
||||
BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
|
||||
const u_char *, u_int, const u_char *, u_int,
|
||||
const u_char *, u_int, const u_char *, u_int,
|
||||
BIGNUM **, u_char **, u_int *);
|
||||
int mm_jpake_check_confirm(const BIGNUM *,
|
||||
const u_char *, u_int, const u_char *, u_int, const u_char *, u_int);
|
||||
|
||||
/* auth_krb */
|
||||
#ifdef KRB4
|
||||
int mm_auth_krb4(struct Authctxt *, void *, char **, void *);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: packet.c,v 1.13 2014/10/19 16:30:58 christos Exp $ */
|
||||
/* $NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: packet.c,v 1.198 2014/07/15 15:54:14 millert Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: packet.c,v 1.13 2014/10/19 16:30:58 christos Exp $");
|
||||
__RCSID("$NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
#include <sys/queue.h>
|
||||
#include <sys/socket.h>
|
||||
|
@ -944,6 +944,7 @@ packet_send2_wrapped(void)
|
|||
len, padlen, aadlen));
|
||||
|
||||
/* compute MAC over seqnr and packet(length fields, payload, padding) */
|
||||
debug("mac %p, %d %d\n", mac, mac? mac->enabled : -1, mac ? mac->etm : -1);
|
||||
if (mac && mac->enabled && !mac->etm) {
|
||||
macbuf = mac_compute(mac, active_state->p_send.seqnr,
|
||||
buffer_ptr(&active_state->outgoing_packet), len);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: sshconnect2.c,v 1.16 2014/10/19 16:30:59 christos Exp $ */
|
||||
/* $NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
|
@ -26,7 +26,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: sshconnect2.c,v 1.16 2014/10/19 16:30:59 christos Exp $");
|
||||
__RCSID("$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/wait.h>
|
||||
|
@ -306,9 +306,6 @@ int userauth_passwd(Authctxt *);
|
|||
int userauth_kbdint(Authctxt *);
|
||||
int userauth_hostbased(Authctxt *);
|
||||
int userauth_kerberos(Authctxt *);
|
||||
int userauth_jpake(Authctxt *);
|
||||
|
||||
void userauth_jpake_cleanup(Authctxt *);
|
||||
|
||||
#ifdef GSSAPI
|
||||
int userauth_gssapi(Authctxt *authctxt);
|
||||
|
@ -1614,79 +1611,6 @@ userauth_hostbased(Authctxt *authctxt)
|
|||
return 1;
|
||||
}
|
||||
|
||||
#ifdef JPAKE
|
||||
int
|
||||
userauth_jpake(Authctxt *authctxt)
|
||||
{
|
||||
struct jpake_ctx *pctx;
|
||||
u_char *x1_proof, *x2_proof;
|
||||
u_int x1_proof_len, x2_proof_len;
|
||||
static int attempt = 0; /* XXX share with userauth_password's? */
|
||||
|
||||
if (attempt++ >= options.number_of_password_prompts)
|
||||
return 0;
|
||||
if (attempt != 1)
|
||||
error("Permission denied, please try again.");
|
||||
|
||||
if (authctxt->methoddata != NULL)
|
||||
fatal("%s: authctxt->methoddata already set (%p)",
|
||||
__func__, authctxt->methoddata);
|
||||
|
||||
authctxt->methoddata = pctx = jpake_new();
|
||||
|
||||
/*
|
||||
* Send request immediately, to get the protocol going while
|
||||
* we do the initial computations.
|
||||
*/
|
||||
packet_start(SSH2_MSG_USERAUTH_REQUEST);
|
||||
packet_put_cstring(authctxt->server_user);
|
||||
packet_put_cstring(authctxt->service);
|
||||
packet_put_cstring(authctxt->method->name);
|
||||
packet_send();
|
||||
packet_write_wait();
|
||||
|
||||
jpake_step1(pctx->grp,
|
||||
&pctx->client_id, &pctx->client_id_len,
|
||||
&pctx->x1, &pctx->x2, &pctx->g_x1, &pctx->g_x2,
|
||||
&x1_proof, &x1_proof_len,
|
||||
&x2_proof, &x2_proof_len);
|
||||
|
||||
JPAKE_DEBUG_CTX((pctx, "step 1 sending in %s", __func__));
|
||||
|
||||
packet_start(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP1);
|
||||
packet_put_string(pctx->client_id, pctx->client_id_len);
|
||||
packet_put_bignum2(pctx->g_x1);
|
||||
packet_put_bignum2(pctx->g_x2);
|
||||
packet_put_string(x1_proof, x1_proof_len);
|
||||
packet_put_string(x2_proof, x2_proof_len);
|
||||
packet_send();
|
||||
|
||||
bzero(x1_proof, x1_proof_len);
|
||||
bzero(x2_proof, x2_proof_len);
|
||||
free(x1_proof);
|
||||
free(x2_proof);
|
||||
|
||||
/* Expect step 1 packet from peer */
|
||||
dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1,
|
||||
input_userauth_jpake_server_step1);
|
||||
dispatch_set(SSH2_MSG_USERAUTH_SUCCESS,
|
||||
&input_userauth_success_unexpected);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
void
|
||||
userauth_jpake_cleanup(Authctxt *authctxt)
|
||||
{
|
||||
debug3("%s: clean up", __func__);
|
||||
if (authctxt->methoddata != NULL) {
|
||||
jpake_free(authctxt->methoddata);
|
||||
authctxt->methoddata = NULL;
|
||||
}
|
||||
dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
|
||||
}
|
||||
#endif /* JPAKE */
|
||||
|
||||
#if KRB5
|
||||
static int
|
||||
ssh_krb5_helper(krb5_data *ap)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: umac.c,v 1.5 2014/10/19 16:30:59 christos Exp $ */
|
||||
/* $NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $ */
|
||||
/* $OpenBSD: umac.c,v 1.11 2014/07/22 07:13:42 guenther Exp $ */
|
||||
/* -----------------------------------------------------------------------
|
||||
*
|
||||
|
@ -53,7 +53,9 @@
|
|||
/* --- User Switches ---------------------------------------------------- */
|
||||
/* ---------------------------------------------------------------------- */
|
||||
|
||||
#ifndef UMAC_OUTPUT_LEN
|
||||
#define UMAC_OUTPUT_LEN 8 /* Alowable: 4, 8, 12, 16 */
|
||||
#endif
|
||||
/* #define FORCE_C_ONLY 1 ANSI C and 64-bit integers req'd */
|
||||
/* #define AES_IMPLEMENTAION 1 1 = OpenSSL, 2 = Barreto, 3 = Gladman */
|
||||
/* #define SSE2 0 Is SSE2 is available? */
|
||||
|
@ -65,13 +67,14 @@
|
|||
/* ---------------------------------------------------------------------- */
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: umac.c,v 1.5 2014/10/19 16:30:59 christos Exp $");
|
||||
__RCSID("$NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $");
|
||||
#include <sys/types.h>
|
||||
#include <endian.h>
|
||||
#include <sys/endian.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <stddef.h>
|
||||
#include <time.h>
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "umac.h"
|
||||
|
@ -124,17 +127,6 @@ typedef unsigned int UWORD; /* Register */
|
|||
|
||||
#define MUL64(a,b) ((UINT64)((UINT64)(UINT32)(a) * (UINT64)(UINT32)(b)))
|
||||
|
||||
#if defined(__NetBSD__)
|
||||
#include <sys/endian.h>
|
||||
#define LOAD_UINT32_LITTLE(ptr) le32toh(*ptr)
|
||||
#define STORE_UINT32_BIG(ptr,x) (*(UINT32 *)(ptr) = htobe32(x))
|
||||
#define LOAD_UINT32_REVERSED(p) (bswap32(*(UINT32 *)(p)))
|
||||
#define STORE_UINT32_REVERSED(p,v) (*(UINT32 *)(p) = bswap32(v))
|
||||
#else /* !NetBSD */
|
||||
|
||||
/* ---------------------------------------------------------------------- */
|
||||
/* --- Endian Conversion --- Forcing assembly on some platforms */
|
||||
|
||||
/* ---------------------------------------------------------------------- */
|
||||
/* --- Endian Conversion --- Forcing assembly on some platforms */
|
||||
/* ---------------------------------------------------------------------- */
|
||||
|
@ -150,7 +142,6 @@ typedef unsigned int UWORD; /* Register */
|
|||
#define LOAD_UINT32_REVERSED(p) get_u32_le(p)
|
||||
#define STORE_UINT32_REVERSED(p,v) put_u32_le(p,v)
|
||||
#endif
|
||||
#endif /*!NetBSD*/
|
||||
|
||||
#define LOAD_UINT32_LITTLE(p) (get_u32_le(p))
|
||||
#define STORE_UINT32_BIG(p,v) put_u32(p, v)
|
||||
|
@ -238,6 +229,26 @@ static void pdf_init(pdf_ctx *pc, aes_int_key prf_key)
|
|||
aes_encryption(pc->nonce, pc->cache, pc->prf_key);
|
||||
}
|
||||
|
||||
static inline void
|
||||
xor64(uint8_t *dp, int di, uint8_t *sp, int si)
|
||||
{
|
||||
uint64_t dst, src;
|
||||
memcpy(&dst, dp + sizeof(dst) * di, sizeof(dst));
|
||||
memcpy(&src, sp + sizeof(src) * si, sizeof(src));
|
||||
dst ^= src;
|
||||
memcpy(dp + sizeof(dst) * di, &dst, sizeof(dst));
|
||||
}
|
||||
|
||||
static inline void
|
||||
xor32(uint8_t *dp, int di, uint8_t *sp, int si)
|
||||
{
|
||||
uint32_t dst, src;
|
||||
memcpy(&dst, dp + sizeof(dst) * di, sizeof(dst));
|
||||
memcpy(&src, sp + sizeof(src) * si, sizeof(src));
|
||||
dst ^= src;
|
||||
memcpy(dp + sizeof(dst) * di, &dst, sizeof(dst));
|
||||
}
|
||||
|
||||
static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
|
||||
{
|
||||
/* 'ndx' indicates that we'll be using the 0th or 1st eight bytes
|
||||
|
@ -259,27 +270,27 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
|
|||
#if LOW_BIT_MASK != 0
|
||||
int ndx = nonce[7] & LOW_BIT_MASK;
|
||||
#endif
|
||||
*(UINT32 *)t.tmp_nonce_lo = ((const UINT32 *)nonce)[1];
|
||||
memcpy(t.tmp_nonce_lo, nonce + 4, sizeof(t.tmp_nonce_lo));
|
||||
t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */
|
||||
|
||||
if ( (((UINT32 *)t.tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) ||
|
||||
(((const UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) )
|
||||
if (memcmp(t.tmp_nonce_lo, pc->nonce + 1, sizeof(t.tmp_nonce_lo)) != 0 ||
|
||||
memcmp(nonce, pc->nonce, sizeof(t.tmp_nonce_lo)) != 0)
|
||||
{
|
||||
((UINT32 *)pc->nonce)[0] = ((const UINT32 *)nonce)[0];
|
||||
((UINT32 *)pc->nonce)[1] = ((UINT32 *)t.tmp_nonce_lo)[0];
|
||||
memcpy(pc->nonce, nonce, sizeof(t.tmp_nonce_lo));
|
||||
memcpy(pc->nonce + 4, t.tmp_nonce_lo, sizeof(t.tmp_nonce_lo));
|
||||
aes_encryption(pc->nonce, pc->cache, pc->prf_key);
|
||||
}
|
||||
|
||||
#if (UMAC_OUTPUT_LEN == 4)
|
||||
*((UINT32 *)buf) ^= ((UINT32 *)pc->cache)[ndx];
|
||||
xor32(buf, 0, pc->cache, ndx);
|
||||
#elif (UMAC_OUTPUT_LEN == 8)
|
||||
*((UINT64 *)buf) ^= ((UINT64 *)pc->cache)[ndx];
|
||||
xor64(buf, 0, pc->cache, ndx);
|
||||
#elif (UMAC_OUTPUT_LEN == 12)
|
||||
((UINT64 *)buf)[0] ^= ((UINT64 *)pc->cache)[0];
|
||||
((UINT32 *)buf)[2] ^= ((UINT32 *)pc->cache)[2];
|
||||
xor64(buf, 0, pc->cache, 0);
|
||||
xor32(buf, 2, pc->cache, 2);
|
||||
#elif (UMAC_OUTPUT_LEN == 16)
|
||||
((UINT64 *)buf)[0] ^= ((UINT64 *)pc->cache)[0];
|
||||
((UINT64 *)buf)[1] ^= ((UINT64 *)pc->cache)[1];
|
||||
xor64(buf, 0, pc->cache, 0);
|
||||
xor64(buf, 1, pc->cache, 1);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
@ -554,8 +565,6 @@ static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes)
|
|||
|
||||
/* ---------------------------------------------------------------------- */
|
||||
|
||||
#if (__LITTLE_ENDIAN__)
|
||||
#define endian_convert_if_le(x,y,z) endian_convert((x),(y),(z))
|
||||
static void endian_convert(void *buf, UWORD bpw, UINT32 num_bytes)
|
||||
/* We endian convert the keys on little-endian computers to */
|
||||
/* compensate for the lack of big-endian memory reads during hashing. */
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
#define UMAC_OUTPUT_LEN 16
|
||||
#define umac_new umac128_new
|
||||
#define umac_update umac128_update
|
||||
#define umac_final umac128_final
|
||||
#define umac_delete umac128_delete
|
||||
#include "umac.c"
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.14 2014/10/19 16:30:59 christos Exp $
|
||||
# $NetBSD: Makefile,v 1.15 2014/10/20 03:05:13 christos Exp $
|
||||
|
||||
.include <bsd.own.mk>
|
||||
|
||||
|
@ -73,6 +73,8 @@ ssh-ed25519.c \
|
|||
ssh-pkcs11.c \
|
||||
ttymodes.c \
|
||||
uidswap.c \
|
||||
umac.c \
|
||||
umac128.c \
|
||||
uuencode.c \
|
||||
verify.c \
|
||||
xmalloc.c
|
||||
|
@ -99,7 +101,6 @@ SRCS+= digest-libc.c
|
|||
|
||||
CPPFLAGS+= -DHAVE_BLF_H
|
||||
|
||||
SSHDIST= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist
|
||||
CPPFLAGS+= -I${SSHDIST}
|
||||
.PATH: ${SSHDIST}
|
||||
|
||||
|
|
Loading…
Reference in New Issue