/* * pppcrypt.c - PPP/DES linkage for MS-CHAP and EAP SRP-SHA1 * * Extracted from chap_ms.c by James Carlson. * * Copyright (c) 1995 Eric Rosenquist. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The name(s) of the authors of this software must not be used to * endorse or promote products derived from this software without * prior written permission. * * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include <errno.h> #include "pppd.h" #include "pppcrypt.h" #if defined(__ANDROID__) /* This code can use one of three DES libraries. The first, if USE_LIBDES is * defined, are the libdes functions. This interface is still supported by * OpenSSL as backwards compatibility. If USE_CRYPT is defined then the * libcrypt functions are used. Lastly, if USE_OPENSSL is defined the "modern" * OpenSSL interface is used. */ #if defined(USE_CRYPT) #include <crypt.h> #elif defined(USE_OPENSSL) #include <openssl/des.h> #elif defined(USE_LIBDES) #include <des.h> #else #error "Must define one of USE_CRYPT, USE_LIBDES or USE_OPENSSL" #endif #endif static u_char Get7Bits(input, startBit) u_char *input; int startBit; { unsigned int word; word = (unsigned)input[startBit / 8] << 8; word |= (unsigned)input[startBit / 8 + 1]; word >>= 15 - (startBit % 8 + 7); return word & 0xFE; } static void MakeKey(key, des_key) u_char *key; /* IN 56 bit DES key missing parity bits */ u_char *des_key; /* OUT 64 bit DES key with parity bits added */ { des_key[0] = Get7Bits(key, 0); des_key[1] = Get7Bits(key, 7); des_key[2] = Get7Bits(key, 14); des_key[3] = Get7Bits(key, 21); des_key[4] = Get7Bits(key, 28); des_key[5] = Get7Bits(key, 35); des_key[6] = Get7Bits(key, 42); des_key[7] = Get7Bits(key, 49); #if defined(USE_LIBDES) des_set_odd_parity((des_cblock *)des_key); #endif } #if defined(USE_CRYPT) /* * in == 8-byte string (expanded version of the 56-bit key) * out == 64-byte string where each byte is either 1 or 0 * Note that the low-order "bit" is always ignored by by setkey() */ static void Expand(in, out) u_char *in; u_char *out; { int j, c; int i; for (i = 0; i < 64; in++){ c = *in; for (j = 7; j >= 0; j--) *out++ = (c >> j) & 01; i += 8; } } /* The inverse of Expand */ static void Collapse(in, out) u_char *in; u_char *out; { int j; int i; unsigned int c; for (i = 0; i < 64; i += 8, out++) { c = 0; for (j = 7; j >= 0; j--, in++) c |= *in << j; *out = c & 0xff; } } bool DesSetkey(key) u_char *key; { u_char des_key[8]; u_char crypt_key[66]; MakeKey(key, des_key); Expand(des_key, crypt_key); errno = 0; setkey((const char *)crypt_key); if (errno != 0) return (0); return (1); } bool DesEncrypt(clear, cipher) u_char *clear; /* IN 8 octets */ u_char *cipher; /* OUT 8 octets */ { u_char des_input[66]; Expand(clear, des_input); errno = 0; encrypt((char *)des_input, 0); if (errno != 0) return (0); Collapse(des_input, cipher); return (1); } bool DesDecrypt(cipher, clear) u_char *cipher; /* IN 8 octets */ u_char *clear; /* OUT 8 octets */ { u_char des_input[66]; Expand(cipher, des_input); errno = 0; encrypt((char *)des_input, 1); if (errno != 0) return (0); Collapse(des_input, clear); return (1); } #elif defined(USE_OPENSSL) static DES_key_schedule key_schedule; bool DesSetkey(key) u_char *key; { DES_cblock des_key; MakeKey(key, (u_char*) &des_key); DES_set_key(&des_key, &key_schedule); return (1); } bool DesEncrypt(clear, cipher) u_char *clear; /* IN 8 octets */ u_char *cipher; /* OUT 8 octets */ { DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, &key_schedule, 1 /* encrypt */); return (1); } bool DesDecrypt(cipher, clear) u_char *cipher; /* IN 8 octets */ u_char *clear; /* OUT 8 octets */ { DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, &key_schedule, 0 /* decrypt */); return (1); } #elif defined(USE_LIBDES) static des_key_schedule key_schedule; bool DesSetkey(key) u_char *key; { des_cblock des_key; MakeKey(key, des_key); des_set_key(&des_key, key_schedule); return (1); } bool #if defined(__ANDROID__) DesEncrypt(clear, cipher) #else DesEncrypt(clear, key, cipher) #endif u_char *clear; /* IN 8 octets */ u_char *cipher; /* OUT 8 octets */ { des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1); return (1); } bool DesDecrypt(cipher, clear) u_char *cipher; /* IN 8 octets */ u_char *clear; /* OUT 8 octets */ { des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, key_schedule, 0); return (1); } #else #error "Must define one of USE_CRYPT, USE_LIBDES or USE_OPENSSL" #endif /* USE_CRYPT */