From f1c75cf6ef7e9f9de1ec7fd798df941b972ec71c Mon Sep 17 00:00:00 2001 From: Erik de Jong Date: Mon, 13 Feb 2017 19:31:26 +0100 Subject: Rewrite dissectors to use Libgcrypt functions. As discussed on the mailinglist, rewriting dissectors to use Libgcrypt functions as Libgcrypt will be mandatory after change 20030. Removal of following functions: - crypt_md4 - crypt_rc4* - aes_cmac_encrypt_* - md5_* - sha1_* - sha256_* Further candidates: - aes_* - rijndael_* - ... Added functions: - ws_hmac_buffer Added const macros: - HASH_MD5_LENGTH - HASH_SHA1_LENGTH Changes on epan/crypt/* verified with captures from https://wiki.wireshark.org/HowToDecrypt802.11 Changes on packet-snmp.c and packet-radius.c verified with captures from https://wiki.wireshark.org/SampleCapture Changes on packet-tacacs.c verified with capture from http://ccie-in-3-months.blogspot.nl/2009/04/decoding-login-credentials-regardless.html Change-Id: Iea6ba2bf207cf0f1bf2117068fb1abcfeaafaa46 Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html Reviewed-on: https://code.wireshark.org/review/20095 Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu --- wsutil/CMakeLists.txt | 6 +- wsutil/Makefile.am | 11 +- wsutil/md4.c | 185 -------------------- wsutil/md4.h | 29 ---- wsutil/md5.c | 373 ----------------------------------------- wsutil/md5.h | 97 ----------- wsutil/rc4.c | 112 ------------- wsutil/rc4.h | 42 ----- wsutil/sha1.c | 456 -------------------------------------------------- wsutil/sha1.h | 69 -------- wsutil/sha2.c | 281 ------------------------------- wsutil/sha2.h | 75 --------- wsutil/wsgcrypt.c | 57 +++++++ wsutil/wsgcrypt.h | 11 ++ 14 files changed, 70 insertions(+), 1734 deletions(-) delete mode 100644 wsutil/md4.c delete mode 100644 wsutil/md4.h delete mode 100644 wsutil/md5.c delete mode 100644 wsutil/md5.h delete mode 100644 wsutil/rc4.c delete mode 100644 wsutil/rc4.h delete mode 100644 wsutil/sha1.c delete mode 100644 wsutil/sha1.h delete mode 100644 wsutil/sha2.c delete mode 100644 wsutil/sha2.h create mode 100644 wsutil/wsgcrypt.c (limited to 'wsutil') diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt index 8e0125b0fa..e915e915e5 100644 --- a/wsutil/CMakeLists.txt +++ b/wsutil/CMakeLists.txt @@ -50,27 +50,23 @@ set(WSUTIL_COMMON_FILES inet_addr.c interface.c jsmn.c - md4.c - md5.c mpeg-audio.c nstime.c cpu_info.c os_version_info.c plugins.c privileges.c - sha1.c - sha2.c sober128.c strnatcmp.c str_util.c strtoi.c - rc4.c report_err.c tempfile.c time_util.c type_util.c unicode-utils.c ws_mempbrk.c + wsgcrypt.c wsjsmn.c ) diff --git a/wsutil/Makefile.am b/wsutil/Makefile.am index eba80f941a..e01840f81d 100644 --- a/wsutil/Makefile.am +++ b/wsutil/Makefile.am @@ -69,8 +69,6 @@ libwsutil_nonrepl_INCLUDES = \ inet_ipv6.h \ interface.h \ jsmn.h \ - md4.h \ - md5.h \ mpeg-audio.h \ nstime.h \ os_version_info.h \ @@ -78,10 +76,7 @@ libwsutil_nonrepl_INCLUDES = \ plugins.h \ privileges.h \ processes.h \ - rc4.h \ report_err.h \ - sha1.h \ - sha2.h \ sign_ext.h \ sober128.h \ socket.h \ @@ -147,17 +142,12 @@ libwsutil_la_SOURCES = \ inet_addr.c \ interface.c \ jsmn.c \ - md4.c \ - md5.c \ mpeg-audio.c \ nstime.c \ os_version_info.c \ plugins.c \ privileges.c \ - rc4.c \ report_err.c \ - sha1.c \ - sha2.c \ sober128.c \ str_util.c \ strtoi.c \ @@ -167,6 +157,7 @@ libwsutil_la_SOURCES = \ type_util.c \ unicode-utils.c \ ws_mempbrk.c \ + wsgcrypt.c \ wsjsmn.c if HAVE_OS_X_FRAMEWORKS diff --git a/wsutil/md4.c b/wsutil/md4.c deleted file mode 100644 index f4a3d88119..0000000000 --- a/wsutil/md4.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - Unix SMB/CIFS implementation. - a implementation of MD4 designed for use in the SMB authentication protocol - Copyright (C) Andrew Tridgell 1997-1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "config.h" - -#include -#include - -#include "md4.h" - -/* NOTE: This code makes no attempt to be fast! - - It assumes that a int is at least 32 bits long -*/ - -static guint32 A, B, C, D; - -static guint32 F(guint32 X, guint32 Y, guint32 Z) -{ - return (X&Y) | ((~X)&Z); -} - -static guint32 G(guint32 X, guint32 Y, guint32 Z) -{ - return (X&Y) | (X&Z) | (Y&Z); -} - -static guint32 H(guint32 X, guint32 Y, guint32 Z) -{ - return X^Y^Z; -} - -static guint32 lshift(guint32 x, int s) -{ - x &= 0xFFFFFFFF; - return ((x<>(32-s)); -} - -#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s) -#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (guint32)0x5A827999,s) -#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (guint32)0x6ED9EBA1,s) - -/* this applies md4 to 64 byte chunks */ -static void mdfour64(guint32 *M) -{ - int j; - guint32 AA, BB, CC, DD; - guint32 X[16]; - - for (j=0;j<16;j++) - X[j] = M[j]; - - AA = A; BB = B; CC = C; DD = D; - - ROUND1(A,B,C,D, 0, 3); ROUND1(D,A,B,C, 1, 7); - ROUND1(C,D,A,B, 2, 11); ROUND1(B,C,D,A, 3, 19); - ROUND1(A,B,C,D, 4, 3); ROUND1(D,A,B,C, 5, 7); - ROUND1(C,D,A,B, 6, 11); ROUND1(B,C,D,A, 7, 19); - ROUND1(A,B,C,D, 8, 3); ROUND1(D,A,B,C, 9, 7); - ROUND1(C,D,A,B, 10, 11); ROUND1(B,C,D,A, 11, 19); - ROUND1(A,B,C,D, 12, 3); ROUND1(D,A,B,C, 13, 7); - ROUND1(C,D,A,B, 14, 11); ROUND1(B,C,D,A, 15, 19); - - ROUND2(A,B,C,D, 0, 3); ROUND2(D,A,B,C, 4, 5); - ROUND2(C,D,A,B, 8, 9); ROUND2(B,C,D,A, 12, 13); - ROUND2(A,B,C,D, 1, 3); ROUND2(D,A,B,C, 5, 5); - ROUND2(C,D,A,B, 9, 9); ROUND2(B,C,D,A, 13, 13); - ROUND2(A,B,C,D, 2, 3); ROUND2(D,A,B,C, 6, 5); - ROUND2(C,D,A,B, 10, 9); ROUND2(B,C,D,A, 14, 13); - ROUND2(A,B,C,D, 3, 3); ROUND2(D,A,B,C, 7, 5); - ROUND2(C,D,A,B, 11, 9); ROUND2(B,C,D,A, 15, 13); - - ROUND3(A,B,C,D, 0, 3); ROUND3(D,A,B,C, 8, 9); - ROUND3(C,D,A,B, 4, 11); ROUND3(B,C,D,A, 12, 15); - ROUND3(A,B,C,D, 2, 3); ROUND3(D,A,B,C, 10, 9); - ROUND3(C,D,A,B, 6, 11); ROUND3(B,C,D,A, 14, 15); - ROUND3(A,B,C,D, 1, 3); ROUND3(D,A,B,C, 9, 9); - ROUND3(C,D,A,B, 5, 11); ROUND3(B,C,D,A, 13, 15); - ROUND3(A,B,C,D, 3, 3); ROUND3(D,A,B,C, 11, 9); - ROUND3(C,D,A,B, 7, 11); ROUND3(B,C,D,A, 15, 15); - - A += AA; B += BB; C += CC; D += DD; - - A &= 0xFFFFFFFF; B &= 0xFFFFFFFF; - C &= 0xFFFFFFFF; D &= 0xFFFFFFFF; - - for (j=0;j<16;j++) - X[j] = 0; -} - -static void copy64(guint32 *M, const unsigned char *in) -{ - int i; - - for (i=0;i<16;i++) - M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) | - (in[i*4+1]<<8) | (in[i*4+0]<<0); -} - -static void copy4(unsigned char *out, guint32 x) -{ - out[0] = x&0xFF; - out[1] = (x>>8)&0xFF; - out[2] = (x>>16)&0xFF; - out[3] = (x>>24)&0xFF; -} - -/* produce a md4 message digest from data of length n bytes */ -void crypt_md4(unsigned char *out, const unsigned char *in, size_t n) -{ - unsigned char buf[128]; - guint32 M[16]; - guint32 b = (guint32)(n * 8); - int i; - - A = 0x67452301; - B = 0xefcdab89; - C = 0x98badcfe; - D = 0x10325476; - - while (n > 64) { - copy64(M, in); - mdfour64(M); - in += 64; - n -= 64; - } - - for (i=0;i<128;i++) - buf[i] = 0; - memcpy(buf, in, n); - buf[n] = 0x80; - - if (n <= 55) { - copy4(buf+56, b); - copy64(M, buf); - mdfour64(M); - } else { - copy4(buf+120, b); - copy64(M, buf); - mdfour64(M); - copy64(M, buf+64); - mdfour64(M); - } - - for (i=0;i<128;i++) - buf[i] = 0; - copy64(M, buf); - - copy4(out, A); - copy4(out+4, B); - copy4(out+8, C); - copy4(out+12, D); - - A = B = C = D = 0; -} - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local variables: - * c-basic-offset: 8 - * tab-width: 8 - * indent-tabs-mode: t - * End: - * - * vi: set shiftwidth=8 tabstop=8 noexpandtab: - * :indentSize=8:tabSize=8:noTabs=false: - */ diff --git a/wsutil/md4.h b/wsutil/md4.h deleted file mode 100644 index c93a8c15e0..0000000000 --- a/wsutil/md4.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - Unix SMB/CIFS implementation. - a implementation of MD4 designed for use in the SMB authentication protocol - Copyright (C) Andrew Tridgell 1997-1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#ifndef _MD4_H -#define _MD4_H - -#include "ws_symbol_export.h" - -WS_DLL_PUBLIC -void crypt_md4(unsigned char *out, const unsigned char *in, size_t n); - -#endif diff --git a/wsutil/md5.c b/wsutil/md5.c deleted file mode 100644 index 55dcd4c0cd..0000000000 --- a/wsutil/md5.c +++ /dev/null @@ -1,373 +0,0 @@ -/* - * Copyright (C) 2003-2006 Benny Prijono - * Copyright (C) 2012 C Elston, Katalix Systems Ltd - * - * Wireshark - Network traffic analyzer - * By Gerald Combs - * Copyright 1998 Gerald Combs - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * 2012-08-21 - C Elston - Split md5_hmac function to allow incremental usage. - * - */ - - -#include "config.h" - -#include - -#include "pint.h" -#include "md5.h" -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - */ - -#if WORDS_BIGENDIAN == 1 -#define HIGHFIRST 1 -#endif - -#ifndef HIGHFIRST -#define byteReverse(buf, len) /* Nothing */ -#else -/* - * Note: this code is harmless on little-endian machines. - */ -static void byteReverse(guint32 *buf, unsigned int longs) -{ - guint32 t; - do { - t = pletoh32(buf); - *buf = t; - buf++; - } while (--longs); -} -#endif - -static void MD5Transform(guint32 buf[4], guint32 const in[16]); - - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void md5_init(md5_state_t *ctx) -{ - ctx->buf[0] = 0x67452301; - ctx->buf[1] = 0xefcdab89; - ctx->buf[2] = 0x98badcfe; - ctx->buf[3] = 0x10325476; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void md5_append( md5_state_t *ctx, const guint8 *buf, size_t len) -{ - guint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = t + ((guint32) len << 3)) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += (guint32) len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - guint8 *p = (guint8 *) ctx->in + t; - - t = 64 - t; - if (len < t) { - memcpy(p, buf, len); - return; - } - memcpy(p, buf, t); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, ctx->in); - buf += t; - len -= t; - } - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy(ctx->in, buf, 64); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy(ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void md5_finish(md5_state_t *ctx, guint8 digest[16]) -{ - guint count; - guint8 *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = (guint8 *) ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count - 8); - } - byteReverse(ctx->in, 14); - - /* Append length in bits and transform */ - ctx->in[14] = ctx->bits[0]; - ctx->in[15] = ctx->bits[1]; - - MD5Transform(ctx->buf, ctx->in); - byteReverse(ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(md5_state_t)); /* In case it's sensitive */ -} - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -static void MD5Transform(guint32 buf[4], guint32 const in[16]) -{ - register guint32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} - -/* from RFC 2104 HMAC Appendix -- Sample Code */ - -void md5_hmac_init(md5_hmac_state_t *hctx, const guint8* key, size_t key_len) -{ - guint8 k_ipad[65]; /* inner padding - * key XORd with ipad */ - guint8 tk[16]; - int i; - - /* if key is longer than 64 bytes reset it to key=MD5(key) */ - if (key_len > 64) { - md5_state_t tctx; - - md5_init(&tctx); - md5_append(&tctx, key, key_len); - md5_finish(&tctx, tk); - - key = tk; - key_len = 16; - } - - /* - * the HMAC_MD5 transform looks like: - * - * MD5(K XOR opad, MD5(K XOR ipad, text)) - * - * where K is an n byte key - * ipad is the byte 0x36 repeated 64 times - * opad is the byte 0x5c repeated 64 times - * and text is the data being protected - */ - - /* start out by storing key in pads */ - memset(k_ipad, 0, sizeof(k_ipad)); - memset(hctx->k_opad, 0, sizeof(hctx->k_opad)); - memcpy(k_ipad, key, key_len); - memcpy(hctx->k_opad, key, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) { - k_ipad[i] ^= 0x36; - hctx->k_opad[i] ^= 0x5c; - } - - /* - * perform inner MD5 - */ - md5_init(&hctx->ctx); /* init context for 1st pass */ - md5_append(&hctx->ctx, k_ipad, 64); /* start with inner pad */ -} - -void md5_hmac_append(md5_hmac_state_t *hctx, const guint8* text, size_t text_len) -{ - md5_append(&hctx->ctx, text, text_len); -} - -void md5_hmac_finish(md5_hmac_state_t *hctx, guint8 digest[16]) -{ - md5_state_t context; - - md5_finish(&hctx->ctx, digest); /* finish up 1st pass */ - - /* - * perform outer MD5 - */ - md5_init(&context); /* init context for 2nd pass */ - md5_append(&context, hctx->k_opad, 64); /* start with outer pad */ - md5_append(&context, digest, 16); /* then results of 1st hash */ - md5_finish(&context, digest); /* finish up 2nd pass */ -} - -void md5_hmac(const guint8* text, size_t text_len, const guint8* key, size_t key_len, guint8 digest[16]) -{ - md5_hmac_state_t hctx; - - md5_hmac_init(&hctx, key, key_len); - md5_hmac_append(&hctx, text, text_len); - md5_hmac_finish(&hctx, digest); -} - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local variables: - * c-basic-offset: 4 - * tab-width: 8 - * indent-tabs-mode: nil - * End: - * - * vi: set shiftwidth=4 tabstop=8 expandtab: - * :indentSize=4:tabSize=8:noTabs=true: - */ diff --git a/wsutil/md5.h b/wsutil/md5.h deleted file mode 100644 index 229b0692d4..0000000000 --- a/wsutil/md5.h +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (C) 2003-2005 Benny Prijono - * Copyright (C) 2012 C Elston, Katalix Systems Ltd - * - * MD5 code from pjlib-util http://www.pjsip.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * 2012-08-21 - C Elston - Split md5_hmac function to allow incremental usage. - * - */ -#ifndef __MD5_H__ /**@todo Should this be _CRYPT_MD5_H__ ?*/ -#define __MD5_H__ - -#include "ws_symbol_export.h" - -/** - * @file md5.h - * @brief MD5 Functions - */ - -/* Don't define this group for Wireshark - * @defgroup PJLIB_UTIL_MD5 MD5 Functions - * @ingroup PJLIB_UTIL - * @{ - */ - -#define md5_byte_t guint8 - -/** MD5 context. */ -typedef struct md5_state_s -{ - guint32 buf[4]; - guint32 bits[2]; - guint32 in[16]; -} md5_state_t; - -/** Initialize the algorithm. - * @param pms MD5 context. - */ -WS_DLL_PUBLIC -void md5_init(md5_state_t *pms); - -/** Append a string to the message. - * @param pms MD5 context. - * @param data Data. - * @param nbytes Length of data. - */ -WS_DLL_PUBLIC -void md5_append( md5_state_t *pms, - const guint8 *data, size_t nbytes); - -/** Finish the message and return the digest. - * @param pms MD5 context. - * @param digest 16 byte digest. - */ -WS_DLL_PUBLIC -void md5_finish(md5_state_t *pms, guint8 digest[16]); - -typedef struct md5_hmac_state_s -{ - md5_state_t ctx; - guint8 k_opad[65]; -} md5_hmac_state_t; - -WS_DLL_PUBLIC -void md5_hmac_init(md5_hmac_state_t *hctx, - const guint8* key, size_t key_len); - -WS_DLL_PUBLIC -void md5_hmac_append(md5_hmac_state_t *hctx, - const guint8* text, size_t text_len); - -WS_DLL_PUBLIC -void md5_hmac_finish(md5_hmac_state_t *hctx, guint8 digest[16]); - -WS_DLL_PUBLIC -void md5_hmac(const guint8* text, size_t text_len, const guint8* key, - size_t key_len, guint8 digest[16]); - -/* - * @} - */ - -#endif /* _CRYPT_MD5_H__ */ diff --git a/wsutil/rc4.c b/wsutil/rc4.c deleted file mode 100644 index 5f91f6ca1a..0000000000 --- a/wsutil/rc4.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - a partial implementation of RC4 designed for use in the - SMB authentication protocol - - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "config.h" - -#include - -#include "rc4.h" - -/* Perform RC4 on a block of data using specified key. "data" is a pointer - to the block to be processed. Output is written to same memory as input, - so caller may need to make a copy before calling this function, since - the input will be overwritten. - - Taken from Samba source code. Modified to allow us to maintain state - between calls to crypt_rc4. -*/ - -void crypt_rc4_init(rc4_state_struct *rc4_state, - const unsigned char *key, int key_len) -{ - int ind; - unsigned char j = 0; - unsigned char *s_box; - - memset(rc4_state, 0, sizeof(rc4_state_struct)); - s_box = rc4_state->s_box; - - for (ind = 0; ind < 256; ind++) - { - s_box[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) - { - unsigned char tc; - - j += (s_box[ind] + key[ind%key_len]); - - tc = s_box[ind]; - s_box[ind] = s_box[j]; - s_box[j] = tc; - } - -} - -void crypt_rc4(rc4_state_struct *rc4_state, unsigned char *data, int data_len) -{ - unsigned char *s_box; - unsigned char index_i; - unsigned char index_j; - int ind; - - /* retrieve current state from the state struct (so we can resume where - we left off) */ - index_i = rc4_state->index_i; - index_j = rc4_state->index_j; - s_box = rc4_state->s_box; - - for( ind = 0; ind < data_len; ind++) - { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += s_box[index_i]; - - tc = s_box[index_i]; - s_box[index_i] = s_box[index_j]; - s_box[index_j] = tc; - - t = s_box[index_i] + s_box[index_j]; - data[ind] = data[ind] ^ s_box[t]; - } - - /* Store the updated state */ - rc4_state->index_i = index_i; - rc4_state->index_j = index_j; -} - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local Variables: - * c-basic-offset: 2 - * tab-width: 8 - * indent-tabs-mode: nil - * End: - * - * ex: set shiftwidth=2 tabstop=8 expandtab: - * :indentSize=2:tabSize=8:noTabs=true: - */ diff --git a/wsutil/rc4.h b/wsutil/rc4.h deleted file mode 100644 index 9f18e6bb00..0000000000 --- a/wsutil/rc4.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - a partial implementation of RC4 designed for use in the - SMB authentication protocol - - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#ifndef __RC4_H__ -#define __RC4_H__ - -#include "ws_symbol_export.h" - -typedef struct _rc4_state_struct { - unsigned char s_box[256]; - unsigned char index_i; - unsigned char index_j; -} rc4_state_struct; - -WS_DLL_PUBLIC -void crypt_rc4_init(rc4_state_struct *rc4_state, - const unsigned char *key, int key_len); - -WS_DLL_PUBLIC -void crypt_rc4(rc4_state_struct *rc4_state, unsigned char *data, int data_len); - -#endif diff --git a/wsutil/sha1.c b/wsutil/sha1.c deleted file mode 100644 index 9b115d56b2..0000000000 --- a/wsutil/sha1.c +++ /dev/null @@ -1,456 +0,0 @@ -/* - * FIPS-180-1 compliant SHA-1 implementation - * - * Copyright (C) 2001-2003 Christophe Devine - * Copyright (C) 2012 Chris Elston, Katalix Systems Ltd - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * Changed to use guint instead of uint 2004 by Anders Broman - * Original code found at http://www.cr0.net:8040/code/crypto/sha1/ - * References: http://www.ietf.org/rfc/rfc3174.txt?number=3174 - * - * 2012-08-21 - C Elston - Split sha1_hmac function to allow incremental usage. - */ - -#include -#include - -#include "sha1.h" - -#define GET_UINT32(n,b,i) \ -{ \ - (n) = ( (guint32) (b)[(i) ] << 24 ) \ - | ( (guint32) (b)[(i) + 1] << 16 ) \ - | ( (guint32) (b)[(i) + 2] << 8 ) \ - | ( (guint32) (b)[(i) + 3] ); \ -} - -#define PUT_UINT32(n,b,i) \ -{ \ - (b)[(i) ] = (guint8) ( (n) >> 24 ); \ - (b)[(i) + 1] = (guint8) ( (n) >> 16 ); \ - (b)[(i) + 2] = (guint8) ( (n) >> 8 ); \ - (b)[(i) + 3] = (guint8) ( (n) ); \ -} - -void sha1_starts( sha1_context *ctx ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - ctx->state[0] = 0x67452301; - ctx->state[1] = 0xEFCDAB89; - ctx->state[2] = 0x98BADCFE; - ctx->state[3] = 0x10325476; - ctx->state[4] = 0xC3D2E1F0; -} - -static void sha1_process( sha1_context *ctx, const guint8 data[64] ) -{ - guint32 temp, W[16], A, B, C, D, E; - - GET_UINT32( W[0], data, 0 ); - GET_UINT32( W[1], data, 4 ); - GET_UINT32( W[2], data, 8 ); - GET_UINT32( W[3], data, 12 ); - GET_UINT32( W[4], data, 16 ); - GET_UINT32( W[5], data, 20 ); - GET_UINT32( W[6], data, 24 ); - GET_UINT32( W[7], data, 28 ); - GET_UINT32( W[8], data, 32 ); - GET_UINT32( W[9], data, 36 ); - GET_UINT32( W[10], data, 40 ); - GET_UINT32( W[11], data, 44 ); - GET_UINT32( W[12], data, 48 ); - GET_UINT32( W[13], data, 52 ); - GET_UINT32( W[14], data, 56 ); - GET_UINT32( W[15], data, 60 ); - -#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) - -#define R(t) \ -( \ - temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ - W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ - ( W[t & 0x0F] = S(temp,1) ) \ -) - -#define P(a,b,c,d,e,x) \ -{ \ - e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ -} - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - -#define F(x,y,z) (z ^ (x & (y ^ z))) -#define K 0x5A827999 - - P( A, B, C, D, E, W[0] ); - P( E, A, B, C, D, W[1] ); - P( D, E, A, B, C, W[2] ); - P( C, D, E, A, B, W[3] ); - P( B, C, D, E, A, W[4] ); - P( A, B, C, D, E, W[5] ); - P( E, A, B, C, D, W[6] ); - P( D, E, A, B, C, W[7] ); - P( C, D, E, A, B, W[8] ); - P( B, C, D, E, A, W[9] ); - P( A, B, C, D, E, W[10] ); - P( E, A, B, C, D, W[11] ); - P( D, E, A, B, C, W[12] ); - P( C, D, E, A, B, W[13] ); - P( B, C, D, E, A, W[14] ); - P( A, B, C, D, E, W[15] ); - P( E, A, B, C, D, R(16) ); - P( D, E, A, B, C, R(17) ); - P( C, D, E, A, B, R(18) ); - P( B, C, D, E, A, R(19) ); - -#undef K -#undef F - -#define F(x,y,z) (x ^ y ^ z) -#define K 0x6ED9EBA1 - - P( A, B, C, D, E, R(20) ); - P( E, A, B, C, D, R(21) ); - P( D, E, A, B, C, R(22) ); - P( C, D, E, A, B, R(23) ); - P( B, C, D, E, A, R(24) ); - P( A, B, C, D, E, R(25) ); - P( E, A, B, C, D, R(26) ); - P( D, E, A, B, C, R(27) ); - P( C, D, E, A, B, R(28) ); - P( B, C, D, E, A, R(29) ); - P( A, B, C, D, E, R(30) ); - P( E, A, B, C, D, R(31) ); - P( D, E, A, B, C, R(32) ); - P( C, D, E, A, B, R(33) ); - P( B, C, D, E, A, R(34) ); - P( A, B, C, D, E, R(35) ); - P( E, A, B, C, D, R(36) ); - P( D, E, A, B, C, R(37) ); - P( C, D, E, A, B, R(38) ); - P( B, C, D, E, A, R(39) ); - -#undef K -#undef F - -#define F(x,y,z) ((x & y) | (z & (x | y))) -#define K 0x8F1BBCDC - - P( A, B, C, D, E, R(40) ); - P( E, A, B, C, D, R(41) ); - P( D, E, A, B, C, R(42) ); - P( C, D, E, A, B, R(43) ); - P( B, C, D, E, A, R(44) ); - P( A, B, C, D, E, R(45) ); - P( E, A, B, C, D, R(46) ); - P( D, E, A, B, C, R(47) ); - P( C, D, E, A, B, R(48) ); - P( B, C, D, E, A, R(49) ); - P( A, B, C, D, E, R(50) ); - P( E, A, B, C, D, R(51) ); - P( D, E, A, B, C, R(52) ); - P( C, D, E, A, B, R(53) ); - P( B, C, D, E, A, R(54) ); - P( A, B, C, D, E, R(55) ); - P( E, A, B, C, D, R(56) ); - P( D, E, A, B, C, R(57) ); - P( C, D, E, A, B, R(58) ); - P( B, C, D, E, A, R(59) ); - -#undef K -#undef F - -#define F(x,y,z) (x ^ y ^ z) -#define K 0xCA62C1D6 - - P( A, B, C, D, E, R(60) ); - P( E, A, B, C, D, R(61) ); - P( D, E, A, B, C, R(62) ); - P( C, D, E, A, B, R(63) ); - P( B, C, D, E, A, R(64) ); - P( A, B, C, D, E, R(65) ); - P( E, A, B, C, D, R(66) ); - P( D, E, A, B, C, R(67) ); - P( C, D, E, A, B, R(68) ); - P( B, C, D, E, A, R(69) ); - P( A, B, C, D, E, R(70) ); - P( E, A, B, C, D, R(71) ); - P( D, E, A, B, C, R(72) ); - P( C, D, E, A, B, R(73) ); - P( B, C, D, E, A, R(74) ); - P( A, B, C, D, E, R(75) ); - P( E, A, B, C, D, R(76) ); - P( D, E, A, B, C, R(77) ); - P( C, D, E, A, B, R(78) ); - P( B, C, D, E, A, R(79) ); - -#undef K -#undef F - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; -} - -void sha1_update( sha1_context *ctx, const guint8 *input, guint32 length ) -{ - guint32 left, fill; - - if( ! length ) return; - - left = ctx->total[0] & 0x3F; - fill = 64 - left; - - ctx->total[0] += length; - ctx->total[0] &= 0xFFFFFFFF; - - if( ctx->total[0] < length ) - ctx->total[1]++; - - if( left && length >= fill ) - { - memcpy( (void *) (ctx->buffer + left), - (const void *) input, fill ); - sha1_process( ctx, ctx->buffer ); - length -= fill; - input += fill; - left = 0; - } - - while( length >= 64 ) - { - sha1_process( ctx, input ); - length -= 64; - input += 64; - } - - if( length ) - { - memcpy( (void *) (ctx->buffer + left), - (const void *) input, length ); - } -} - -static guint8 sha1_padding[64] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -void sha1_finish( sha1_context *ctx, guint8 digest[SHA1_DIGEST_LEN] ) -{ - guint32 last, padn; - guint32 high, low; - guint8 msglen[8]; - - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT32( high, msglen, 0 ); - PUT_UINT32( low, msglen, 4 ); - - last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - - sha1_update( ctx, sha1_padding, padn ); - sha1_update( ctx, msglen, 8 ); - - PUT_UINT32( ctx->state[0], digest, 0 ); - PUT_UINT32( ctx->state[1], digest, 4 ); - PUT_UINT32( ctx->state[2], digest, 8 ); - PUT_UINT32( ctx->state[3], digest, 12 ); - PUT_UINT32( ctx->state[4], digest, 16 ); -} - -void sha1_hmac_starts( sha1_hmac_context *hctx, const guint8 *key, guint32 keylen ) -{ - guint32 i; - guint8 k_ipad[64]; - - memset( k_ipad, 0x36, 64 ); - memset( hctx->k_opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - if( i >= 64 ) break; - - k_ipad[i] ^= key[i]; - hctx->k_opad[i] ^= key[i]; - } - - sha1_starts( &hctx->ctx ); - sha1_update( &hctx->ctx, k_ipad, 64 ); -} - -void sha1_hmac_update( sha1_hmac_context *hctx, const guint8 *buf, guint32 buflen ) -{ - sha1_update( &hctx->ctx, buf, buflen ); -} - -void sha1_hmac_finish( sha1_hmac_context *hctx, guint8 digest[SHA1_DIGEST_LEN] ) -{ - guint8 tmpbuf[SHA1_DIGEST_LEN]; - - sha1_finish( &hctx->ctx, tmpbuf ); - - sha1_starts( &hctx->ctx ); - sha1_update( &hctx->ctx, hctx->k_opad, 64 ); - sha1_update( &hctx->ctx, tmpbuf, SHA1_DIGEST_LEN ); - sha1_finish( &hctx->ctx, digest ); -} - -void sha1_hmac( const guint8 *key, guint32 keylen, const guint8 *buf, guint32 buflen, - guint8 digest[SHA1_DIGEST_LEN] ) -{ - sha1_hmac_context hctx; - - sha1_hmac_starts( &hctx, key, keylen ); - sha1_hmac_update( &hctx, buf, buflen ); - sha1_hmac_finish( &hctx, digest ); -} - -#ifdef TEST - -#include -#include -#include -#include /* ws_debug_printf */ - -/* - * those are the standard FIPS-180-1 test vectors - */ - -static const char *msg[] = -{ - "abc", - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - NULL -}; - -static const char *val[] = -{ - "a9993e364706816aba3e25717850c26c9cd0d89d", - "84983e441c3bd26ebaae4aa1f95129e5e54670f1", - "34aa973cd4c4daa4f61eeb2bdbad27316534016f" -}; - -int main( int argc, char *argv[] ) -{ - FILE *f; - int i, j; - char output[41]; - sha1_context ctx; - unsigned char buf[1000]; - unsigned char sha1sum[SHA1_DIGEST_LEN]; - - if( argc < 2 ) - { - ws_debug_printf( "\n SHA-1 Validation Tests:\n\n" ); - - for( i = 0; i < 3; i++ ) - { - ws_debug_printf( " Test %d ", i + 1 ); - - sha1_starts( &ctx ); - - if( i < 2 ) - { - sha1_update( &ctx, (guint8 *) msg[i], - strlen( msg[i] ) ); - } - else - { - memset( buf, 'a', 1000 ); - - for( j = 0; j < 1000; j++ ) - { - sha1_update( &ctx, (guint8 *) buf, 1000 ); - } - } - - sha1_finish( &ctx, sha1sum ); - - for( j = 0; j < SHA1_DIGEST_LEN; j++ ) - { - g_snprintf( output + j * 2, 41-j*2, "%02x", sha1sum[j] ); - } - - if( memcmp( output, val[i], 40 ) ) - { - ws_debug_printf( "failed!\n" ); - return( 1 ); - } - - ws_debug_printf( "passed.\n" ); - } - - ws_debug_printf( "\n" ); - } - else - { - if( ! ( f = ws_fopen( argv[1], "rb" ) ) ) - { - ws_debug_printf("fopen: %s", g_strerror(errno)); - return( 1 ); - } - - sha1_starts( &ctx ); - - while( ( i = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - { - sha1_update( &ctx, buf, i ); - } - - sha1_finish( &ctx, sha1sum ); - - for( j = 0; j < SHA1_DIGEST_LEN; j++ ) - { - ws_debug_printf( "%02x", sha1sum[j] ); - } - - ws_debug_printf( " %s\n", argv[1] ); - } - - return( 0 ); -} - -#endif - - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local variables: - * c-basic-offset: 4 - * tab-width: 8 - * indent-tabs-mode: nil - * End: - * - * vi: set shiftwidth=4 tabstop=8 expandtab: - * :indentSize=4:tabSize=8:noTabs=true: - */ diff --git a/wsutil/sha1.h b/wsutil/sha1.h deleted file mode 100644 index 52a9842d57..0000000000 --- a/wsutil/sha1.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * FIPS-180-1 compliant SHA-1 implementation - * - * Copyright (C) 2001-2003 Christophe Devine - * Copyright (C) 2012 Chris Elston, Katalix Systems Ltd - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * Changed to use guint instead of uint 2004 by Anders Broman - * Original code found at http://www.cr0.net:8040/code/crypto/sha1/ - * References: http://www.ietf.org/rfc/rfc3174.txt?number=3174 - * - * 2012-08-21 - C Elston - Split sha1_hmac function to allow incremental usage. - */ - -#ifndef _SHA1_H -#define _SHA1_H - -#include "ws_symbol_export.h" - -/* - * Length of a SHA-1 digest, in bytes. 160 bits = 20 bytes. - */ -#define SHA1_DIGEST_LEN 20 - -typedef struct -{ - guint32 total[2]; - guint32 state[5]; - guint8 buffer[64]; -} -sha1_context; - -WS_DLL_PUBLIC -void sha1_starts( sha1_context *ctx ); -WS_DLL_PUBLIC -void sha1_update( sha1_context *ctx, const guint8 *input, guint32 length ); -WS_DLL_PUBLIC -void sha1_finish( sha1_context *ctx, guint8 digest[SHA1_DIGEST_LEN] ); - -typedef struct { - sha1_context ctx; - guint8 k_opad[64]; -} -sha1_hmac_context; - -WS_DLL_PUBLIC -void sha1_hmac_starts( sha1_hmac_context *hctx, const guint8 *key, guint32 keylen ); -WS_DLL_PUBLIC -void sha1_hmac_update( sha1_hmac_context *hctx, const guint8 *buf, guint32 buflen ); -WS_DLL_PUBLIC -void sha1_hmac_finish( sha1_hmac_context *hctx, guint8 digest[SHA1_DIGEST_LEN] ); -WS_DLL_PUBLIC -void sha1_hmac( const guint8 *key, guint32 keylen, const guint8 *buf, guint32 buflen, - guint8 digest[SHA1_DIGEST_LEN] ); - -#endif /* sha1.h */ diff --git a/wsutil/sha2.c b/wsutil/sha2.c deleted file mode 100644 index 2466d7d4f6..0000000000 --- a/wsutil/sha2.c +++ /dev/null @@ -1,281 +0,0 @@ -/* - * FIPS-180-2 compliant SHA-2 implementation (only sha256 so far) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ -#include -#include - -#include "sha2.h" - -/* the K array */ -static const guint32 K[64] = { - 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, - 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL, - 0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, - 0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, - 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL, - 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL, - 0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, - 0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, - 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL, - 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL, - 0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, - 0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, - 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL -}; - - -#define GET_UINT32(n,b,i) \ - { \ - (n) = ( (guint32) (b)[(i) ] << 24 ) \ - | ( (guint32) (b)[(i) + 1] << 16 ) \ - | ( (guint32) (b)[(i) + 2] << 8 ) \ - | ( (guint32) (b)[(i) + 3] ); \ - } - -#define PUT_UINT32(n,b,i) \ - { \ - (b)[(i) ] = (guint8) ( (n) >> 24 ); \ - (b)[(i) + 1] = (guint8) ( (n) >> 16 ); \ - (b)[(i) + 2] = (guint8) ( (n) >> 8 ); \ - (b)[(i) + 3] = (guint8) ( (n) ); \ - } - -/* Initialize the hash state */ -void sha256_starts( sha256_context *ctx ) -{ - ctx->total = 0; - ctx->state[0] = 0x6A09E667UL; - ctx->state[1] = 0xBB67AE85UL; - ctx->state[2] = 0x3C6EF372UL; - ctx->state[3] = 0xA54FF53AUL; - ctx->state[4] = 0x510E527FUL; - ctx->state[5] = 0x9B05688CUL; - ctx->state[6] = 0x1F83D9ABUL; - ctx->state[7] = 0x5BE0CD19UL; -} - -static void sha256_process( sha256_context *ctx, const guint8 *data ) -{ - guint32 i, temp1, temp2, W[64], A, B, C, D, E, F, G, H; - - /* init W */ - GET_UINT32( W[0], data, 0 ); - GET_UINT32( W[1], data, 4 ); - GET_UINT32( W[2], data, 8 ); - GET_UINT32( W[3], data, 12 ); - GET_UINT32( W[4], data, 16 ); - GET_UINT32( W[5], data, 20 ); - GET_UINT32( W[6], data, 24 ); - GET_UINT32( W[7], data, 28 ); - GET_UINT32( W[8], data, 32 ); - GET_UINT32( W[9], data, 36 ); - GET_UINT32( W[10], data, 40 ); - GET_UINT32( W[11], data, 44 ); - GET_UINT32( W[12], data, 48 ); - GET_UINT32( W[13], data, 52 ); - GET_UINT32( W[14], data, 56 ); - GET_UINT32( W[15], data, 60 ); - -#define RR(x,n) ((x << (32 - n)) | ((x & 0xFFFFFFFF) >> n)) -#define S0(x) (RR(x, 7) ^ RR(x, 18) ^ (x >> 3)) -#define S1(x) (RR(x, 17) ^ RR(x, 19) ^ (x >> 10)) - - for (i = 16; i < 64 ; i++) - { - W[i] = W[i - 16] + S0(W[i - 15]) + W[i - 7] + S1(W[i - 2]); - } - - /* Compression */ - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - F = ctx->state[5]; - G = ctx->state[6]; - H = ctx->state[7]; - -#undef S0 -#undef S1 -#define S0(x) (RR(x, 2) ^ RR(x, 13) ^ RR(x, 22)) -#define S1(x) (RR(x, 6) ^ RR(x, 11) ^ RR(x, 25)) -#define CH(x,y,z) (z ^ (x & (y ^ z))) -#define MAJ(x,y,z) (((x | y) & z) | (x & y)) - - for (i = 0; i < 64; ++i) { - temp1 = H + S1(E) + CH(E, F, G) + K[i] + W[i]; - temp2 = S0(A) + MAJ(A, B, C); - H = G; - G = F; - F = E; - E = D + temp1; - D = C; - C = B; - B = A; - A = temp1 + temp2; - - } - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; - ctx->state[5] += F; - ctx->state[6] += G; - ctx->state[7] += H; -} - -void sha256_update( sha256_context *ctx, const guint8 *input, guint32 length ) -{ - guint32 left, fill; - - if( ! length ) return; - - left = (guint32)(ctx->total % SHA256_BLOCK_SIZE); - fill = SHA256_BLOCK_SIZE - left; - - ctx->total += length; - - if( left && length >= fill ) - { - memcpy( (void *) (ctx->buffer + left), - (const void *) input, fill ); - sha256_process( ctx, ctx->buffer ); - length -= fill; - input += fill; - left = 0; - } - - while( length >= SHA256_BLOCK_SIZE ) - { - sha256_process( ctx, input ); - length -= SHA256_BLOCK_SIZE; - input += SHA256_BLOCK_SIZE; - } - - if( length ) - { - memcpy( (void *) (ctx->buffer + left), - (const void *) input, length ); - } -} - -static guint8 sha256_padding[64] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -void sha256_finish( sha256_context *ctx, guint8 digest[SHA256_DIGEST_LEN] ) -{ - guint32 last, padn; - guint64 total_length; - guint8 msglen[8]; - - total_length = ctx->total * 8; - - last = (guint32)(ctx->total % SHA256_BLOCK_SIZE); - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - - PUT_UINT32( total_length >> 32, msglen, 0 ); - PUT_UINT32( total_length, msglen, 4 ); - - sha256_update( ctx, sha256_padding, padn ); - sha256_update( ctx, msglen, 8 ); - - PUT_UINT32( ctx->state[0], digest, 0 ); - PUT_UINT32( ctx->state[1], digest, 4 ); - PUT_UINT32( ctx->state[2], digest, 8 ); - PUT_UINT32( ctx->state[3], digest, 12 ); - PUT_UINT32( ctx->state[4], digest, 16 ); - PUT_UINT32( ctx->state[5], digest, 20 ); - PUT_UINT32( ctx->state[6], digest, 24 ); - PUT_UINT32( ctx->state[7], digest, 28 ); -} - -void sha256_hmac_starts( sha256_hmac_context *hctx, const guint8 *key, guint32 keylen ) -{ - guint32 i; - guint8 k_ipad[SHA256_BLOCK_SIZE]; - guint8 key_compress[SHA256_DIGEST_LEN]; - - memset( k_ipad, 0x36, SHA256_BLOCK_SIZE ); - memset( hctx->k_opad, 0x5C, SHA256_BLOCK_SIZE ); - - if (keylen > SHA256_BLOCK_SIZE) - { - sha256_starts( &hctx->ctx ); - sha256_update( &hctx->ctx, key, keylen ); - sha256_finish( &hctx->ctx, key_compress ); - key = key_compress; - keylen = SHA256_DIGEST_LEN; - } - - for( i = 0; i < keylen; i++ ) - { - k_ipad[i] ^= key[i]; - hctx->k_opad[i] ^= key[i]; - } - - sha256_starts( &hctx->ctx ); - sha256_update( &hctx->ctx, k_ipad, SHA256_BLOCK_SIZE ); -} - -void sha256_hmac_update( sha256_hmac_context *hctx, const guint8 *buf, guint32 buflen ) -{ - sha256_update( &hctx->ctx, buf, buflen ); -} - -void sha256_hmac_finish( sha256_hmac_context *hctx, guint8 digest[SHA256_DIGEST_LEN] ) -{ - guint8 tmpbuf[SHA256_DIGEST_LEN]; - - sha256_finish( &hctx->ctx, tmpbuf ); - - sha256_starts( &hctx->ctx ); - sha256_update( &hctx->ctx, hctx->k_opad, SHA256_BLOCK_SIZE ); - sha256_update( &hctx->ctx, tmpbuf, SHA256_DIGEST_LEN ); - sha256_finish( &hctx->ctx, digest ); -} - -void sha256_hmac( const guint8 *key, guint32 keylen, const guint8 *buf, guint32 buflen, - guint8 digest[SHA256_DIGEST_LEN] ) -{ - sha256_hmac_context hctx; - - sha256_hmac_starts( &hctx, key, keylen ); - sha256_hmac_update( &hctx, buf, buflen ); - sha256_hmac_finish( &hctx, digest ); -} - - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local variables: - * c-basic-offset: 4 - * tab-width: 8 - * indent-tabs-mode: nil - * End: - * - * vi: set shiftwidth=4 tabstop=8 expandtab: - * :indentSize=4:tabSize=8:noTabs=true: - */ diff --git a/wsutil/sha2.h b/wsutil/sha2.h deleted file mode 100644 index baca2233c1..0000000000 --- a/wsutil/sha2.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * FIPS-180-2 compliant SHA-2 implementation (only sha256 so far) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - - */ - -#ifndef _SHA2_H -#define _SHA2_H - -#include "ws_symbol_export.h" - -#define SHA256_DIGEST_LEN 32 -#define SHA256_BLOCK_SIZE 64 - -typedef struct -{ - guint64 total; - guint32 state[8]; - guint8 buffer[SHA256_BLOCK_SIZE]; -} - sha256_context; - -WS_DLL_PUBLIC -void sha256_starts( sha256_context *ctx ); -WS_DLL_PUBLIC -void sha256_update( sha256_context *ctx, const guint8 *input, guint32 length ); -WS_DLL_PUBLIC -void sha256_finish( sha256_context *ctx, guint8 digest[SHA256_DIGEST_LEN] ); - - -typedef struct { - sha256_context ctx; - guint8 k_opad[SHA256_BLOCK_SIZE]; -} - sha256_hmac_context; - -WS_DLL_PUBLIC -void sha256_hmac_starts( sha256_hmac_context *hctx, const guint8 *key, guint32 keylen ); -WS_DLL_PUBLIC -void sha256_hmac_update( sha256_hmac_context *hctx, const guint8 *buf, guint32 buflen ); -WS_DLL_PUBLIC -void sha256_hmac_finish( sha256_hmac_context *hctx, guint8 digest[SHA256_DIGEST_LEN] ); -WS_DLL_PUBLIC -void sha256_hmac( const guint8 *key, guint32 keylen, const guint8 *buf, guint32 buflen, - guint8 digest[SHA256_DIGEST_LEN] ); - - - -#endif /* _SHA2_H */ - -/* - * Editor modelines - http://www.wireshark.org/tools/modelines.html - * - * Local variables: - * c-basic-offset: 4 - * tab-width: 8 - * indent-tabs-mode: nil - * End: - * - * vi: set shiftwidth=4 tabstop=8 expandtab: - * :indentSize=4:tabSize=8:noTabs=true: - */ diff --git a/wsutil/wsgcrypt.c b/wsutil/wsgcrypt.c new file mode 100644 index 0000000000..09753f72a7 --- /dev/null +++ b/wsutil/wsgcrypt.c @@ -0,0 +1,57 @@ +/* wsgcrypt.c + * Helper functions for libgcrypt + * By Erik de Jong + * Copyright 2017 Erik de Jong + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#include "wsgcrypt.h" + +gcry_error_t ws_hmac_buffer(int algo, void *digest, const void *buffer, size_t length, const void *key, size_t keylen) +{ + gcry_md_hd_t hmac_handle; + gcry_error_t result = gcry_md_open(&hmac_handle, algo, GCRY_MD_FLAG_HMAC); + if (result) { + return result; + } + result = gcry_md_setkey(hmac_handle, key, keylen); + if (result) { + gcry_md_close(hmac_handle); + return result; + } + gcry_md_write(hmac_handle, buffer, length); + memcpy(digest, gcry_md_read(hmac_handle, 0), gcry_md_get_algo_dlen(algo)); + gcry_md_close(hmac_handle); + return GPG_ERR_NO_ERROR; +} + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 8 + * tab-width: 8 + * indent-tabs-mode: t + * End: + * + * vi: set shiftwidth=8 tabstop=8 noexpandtab: + * :indentSize=8:tabSize=8:noTabs=false: + */ diff --git a/wsutil/wsgcrypt.h b/wsutil/wsgcrypt.h index d56e456cb2..6a5ef8290e 100644 --- a/wsutil/wsgcrypt.h +++ b/wsutil/wsgcrypt.h @@ -28,6 +28,7 @@ #define __WSGCRYPT_H__ #include +#include "ws_symbol_export.h" DIAG_OFF(deprecated-declarations) @@ -35,4 +36,14 @@ DIAG_OFF(deprecated-declarations) DIAG_ON(deprecated-declarations) +#define HASH_MD5_LENGTH 16 +#define HASH_SHA1_LENGTH 20 + +/* Convenience function to calculate the HMAC from the data in BUFFER + of size LENGTH with key KEY of size KEYLEN using the algorithm ALGO avoiding the creating of a + hash object. The hash is returned in the caller provided buffer + DIGEST which must be large enough to hold the digest of the given + algorithm. */ +WS_DLL_PUBLIC gcry_error_t ws_hmac_buffer(int algo, void *digest, const void *buffer, size_t length, const void *key, size_t keylen); + #endif /* __WSGCRYPT_H__ */ -- cgit v1.2.1