141 lines
4.6 KiB
C
141 lines
4.6 KiB
C
/*
|
|
ncpsign.c
|
|
Copyright (C) 1997 Arne de Bruijn <arne@knoware.nl>
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
Revision history:
|
|
|
|
0.00 1997 Arne de Bruijn <arne@knoware.nl>
|
|
Initial revision.
|
|
|
|
*/
|
|
|
|
#include "config.h"
|
|
|
|
#ifdef SIGNATURES
|
|
|
|
#include <string.h>
|
|
#include "ncpsign.h"
|
|
#include "ncplib_i.h"
|
|
|
|
#define rol32(i,c) (((((i)&0xffffffff)<<c)&0xffffffff)| \
|
|
(((i)&0xffffffff)>>(32-c)))
|
|
/* i386: 32-bit, little endian, handles mis-alignment */
|
|
#ifdef __i386__
|
|
#define GET_LE32(p) (*(const int *)(p))
|
|
#define PUT_LE32(p,v) { *(int *)(p)=v; }
|
|
#else
|
|
#define GET_LE32(p) DVAL_LH(p,0)
|
|
#define PUT_LE32(p,v) DSET_LH(p,0,v)
|
|
#endif
|
|
|
|
#define min(a,b) ((a)<(b)?(a):(b))
|
|
|
|
static void nwsign(const unsigned char r_data1[16], unsigned char r_data2[64], unsigned char outdata[16]) {
|
|
int i;
|
|
unsigned int w0,w1,w2,w3;
|
|
static int rbit[4]={0, 2, 1, 3};
|
|
#ifdef __i386__
|
|
unsigned int *data2=(unsigned int *)r_data2;
|
|
#else
|
|
unsigned int data2[16];
|
|
for (i=0;i<16;i++)
|
|
data2[i]=GET_LE32(r_data2+(i<<2));
|
|
#endif
|
|
w0=GET_LE32(r_data1);
|
|
w1=GET_LE32(r_data1+4);
|
|
w2=GET_LE32(r_data1+8);
|
|
w3=GET_LE32(r_data1+12);
|
|
for (i=0;i<16;i+=4) {
|
|
w0=rol32(w0 + ((w1 & w2) | ((~w1) & w3)) + data2[i+0],3);
|
|
w3=rol32(w3 + ((w0 & w1) | ((~w0) & w2)) + data2[i+1],7);
|
|
w2=rol32(w2 + ((w3 & w0) | ((~w3) & w1)) + data2[i+2],11);
|
|
w1=rol32(w1 + ((w2 & w3) | ((~w2) & w0)) + data2[i+3],19);
|
|
}
|
|
for (i=0;i<4;i++) {
|
|
w0=rol32(w0 + (((w2 | w3) & w1) | (w2 & w3)) + 0x5a827999 + data2[i+0],3);
|
|
w3=rol32(w3 + (((w1 | w2) & w0) | (w1 & w2)) + 0x5a827999 + data2[i+4],5);
|
|
w2=rol32(w2 + (((w0 | w1) & w3) | (w0 & w1)) + 0x5a827999 + data2[i+8],9);
|
|
w1=rol32(w1 + (((w3 | w0) & w2) | (w3 & w0)) + 0x5a827999 + data2[i+12],13);
|
|
}
|
|
for (i=0;i<4;i++) {
|
|
w0=rol32(w0 + ((w1 ^ w2) ^ w3) + 0x6ed9eba1 + data2[rbit[i]+0],3);
|
|
w3=rol32(w3 + ((w0 ^ w1) ^ w2) + 0x6ed9eba1 + data2[rbit[i]+8],9);
|
|
w2=rol32(w2 + ((w3 ^ w0) ^ w1) + 0x6ed9eba1 + data2[rbit[i]+4],11);
|
|
w1=rol32(w1 + ((w2 ^ w3) ^ w0) + 0x6ed9eba1 + data2[rbit[i]+12],15);
|
|
}
|
|
PUT_LE32(outdata,(w0+GET_LE32(r_data1)) & 0xffffffff);
|
|
PUT_LE32(outdata+4,(w1+GET_LE32(r_data1+4)) & 0xffffffff);
|
|
PUT_LE32(outdata+8,(w2+GET_LE32(r_data1+8)) & 0xffffffff);
|
|
PUT_LE32(outdata+12,(w3+GET_LE32(r_data1+12)) & 0xffffffff);
|
|
}
|
|
|
|
/*
|
|
* Initialize packet signatures
|
|
* The first 16 bytes of logindata are the shuffled password,
|
|
* the last 8 bytes the encryption key as received from the server.
|
|
*/
|
|
void sign_init(const unsigned char *logindata, unsigned char *sign_root) {
|
|
static const unsigned char initlast[16] =
|
|
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
|
|
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
|
|
static const unsigned char initdata[] = "Authorized NetWare Client";
|
|
unsigned char msg[64];
|
|
unsigned char hash[16];
|
|
|
|
memcpy(msg, logindata, 24);
|
|
memcpy(msg + 24, initdata, 25);
|
|
memset(msg + 24 + 25, 0, 64 - 24 - 25);
|
|
nwsign(initlast, msg, hash);
|
|
memcpy(sign_root, hash, 8);
|
|
}
|
|
|
|
/*
|
|
* Make a signature for the current packet and add it at the end of the
|
|
* packet.
|
|
*/
|
|
void __sign_packet(struct ncp_conn *conn, const void* packet, size_t size, u_int32_t totalsize, void *signbuff) {
|
|
unsigned char data[64];
|
|
|
|
memcpy(data, conn->sign_data.sign_root, 8);
|
|
*(u_int32_t*)(data + 8) = totalsize;
|
|
if (size < 52) {
|
|
memcpy(data+12, packet, size);
|
|
memset(data+12+size, 0, 52-size);
|
|
} else {
|
|
memcpy(data+12, packet, 52);
|
|
}
|
|
nwsign(conn->sign_data.sign_last, data, conn->sign_data.sign_last);
|
|
memcpy(signbuff, conn->sign_data.sign_last, 8);
|
|
}
|
|
|
|
int sign_verify_reply(struct ncp_conn *conn, const void* packet, size_t size, u_int32_t totalsize, const void *signbuff) {
|
|
unsigned char data[64];
|
|
unsigned char hash[16];
|
|
|
|
memcpy(data, conn->sign_data.sign_root, 8);
|
|
*(u_int32_t*)(data + 8) = totalsize;
|
|
if (size < 52) {
|
|
memcpy(data+12, packet, size);
|
|
memset(data+12+size, 0, 52-size);
|
|
} else {
|
|
memcpy(data+12, packet, 52);
|
|
}
|
|
nwsign(conn->sign_data.sign_last, data, hash);
|
|
return memcmp(signbuff, hash, 8);
|
|
}
|
|
#endif
|