crypt_server.c revision 26234
1/* 2 * Copyright (c) 1996 3 * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by Bill Paul. 16 * 4. Neither the name of the author nor the names of any co-contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $Id: crypt_server.c,v 1.15 1996/12/25 19:21:10 wpaul Exp $ 33 */ 34 35#include <stdio.h> 36#include <sys/types.h> 37#include <sys/param.h> 38#include <stdlib.h> 39#include <dirent.h> 40#include <err.h> 41#include <rpc/des_crypt.h> 42#include <rpc/des.h> 43#include <string.h> 44#include <dlfcn.h> 45#include "crypt.h" 46 47#ifndef lint 48static const char rcsid[] = "$Id: crypt_server.c,v 1.15 1996/12/25 19:21:10 wpaul Exp $"; 49#endif 50 51/* 52 * The U.S. government stupidly believes that a) it can keep strong 53 * crypto code a secret and b) that doing so somehow protects national 54 * interests. It's wrong on both counts, but until it listens to reason 55 * we have to make certain compromises so it doesn't have an excuse to 56 * throw us in federal prison. 57 * 58 * Consequently, the core OS ships without DES support, and keyserv 59 * defaults to using RC4 with only a 40 bit key, just like nutscrape. 60 * This breaks compatibility with Secure RPC on other systems, but it 61 * allows Secure RPC to work between FreeBSD systems that don't have the 62 * DES package installed without throwing security totally out the window. 63 * 64 * In order to avoid having to supply two versions of keyserv (one with 65 * DES and one without), we use dlopen() and friends to load libdes.so 66 * into our address space at runtime. We check for the presence of 67 * /usr/lib/libdes.so.3.0 at startup and load it if we find it. If we 68 * can't find it, or the __des_crypt symbol doesn't exist, we fall back 69 * to the RC4 encryption code. The user can specify another path using 70 * the -p flag. 71 */ 72 73 /* rc4.h */ 74typedef struct rc4_key 75{ 76 unsigned char state[256]; 77 unsigned char x; 78 unsigned char y; 79} rc4_key; 80 81static void prepare_key(unsigned char *key_data_ptr,int key_data_len, 82 rc4_key *key); 83static void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key); 84static void swap_byte(unsigned char *a, unsigned char *b); 85 86static void prepare_key(unsigned char *key_data_ptr, int key_data_len, 87 rc4_key *key) 88{ 89 unsigned char index1; 90 unsigned char index2; 91 unsigned char* state; 92 short counter; 93 94 state = &key->state[0]; 95 for(counter = 0; counter < 256; counter++) 96 state[counter] = counter; 97 key->x = 0; 98 key->y = 0; 99 index1 = 0; 100 index2 = 0; 101 for(counter = 0; counter < 256; counter++) 102 { 103 index2 = (key_data_ptr[index1] + state[counter] + 104 index2) % 256; 105 swap_byte(&state[counter], &state[index2]); 106 107 index1 = (index1 + 1) % key_data_len; 108 } 109} 110 111static void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key) 112{ 113 unsigned char x; 114 unsigned char y; 115 unsigned char* state; 116 unsigned char xorIndex; 117 short counter; 118 119 x = key->x; 120 y = key->y; 121 122 state = &key->state[0]; 123 for(counter = 0; counter < buffer_len; counter ++) 124 { 125 x = (x + 1) % 256; 126 y = (state[x] + y) % 256; 127 swap_byte(&state[x], &state[y]); 128 129 xorIndex = (state[x] + state[y]) % 256; 130 131 buffer_ptr[counter] ^= state[xorIndex]; 132 } 133 key->x = x; 134 key->y = y; 135} 136 137static void swap_byte(unsigned char *a, unsigned char *b) 138{ 139 unsigned char swapByte; 140 141 swapByte = *a; 142 *a = *b; 143 *b = swapByte; 144} 145 146/* Dummy _des_crypt function that uses RC4 with a 40 bit key */ 147int _rc4_crypt(buf, len, desp) 148 char *buf; 149 int len; 150 struct desparams *desp; 151{ 152 struct rc4_key rc4k; 153 154 /* 155 * U.S. government anti-crypto weasels take 156 * note: although we are supplied with a 64 bit 157 * key, we're only passing 40 bits to the RC4 158 * encryption code. So there. 159 */ 160 prepare_key(desp->des_key, 5, &rc4k); 161 rc4(buf, len, &rc4k); 162 163 return(DESERR_NOHWDEVICE); 164} 165 166int (*_my_crypt)__P((char *, int, struct desparams *)) = NULL; 167 168static void *dlhandle; 169 170#ifndef _PATH_USRLIB 171#define _PATH_USRLIB "/usr/lib" 172#endif 173 174#ifndef LIBDES 175#define LIBDES "libdes.so.3." 176#endif 177 178void load_des(warn, libpath) 179 int warn; 180 char *libpath; 181{ 182 DIR *dird; 183 struct dirent *dirp; 184 char dlpath[MAXPATHLEN]; 185 int minor = -1; 186 int len; 187 188 if (libpath == NULL) { 189 len = strlen(LIBDES); 190 if ((dird = opendir(_PATH_USRLIB)) == NULL) 191 err(1, "opendir(/usr/lib) failed"); 192 193 while ((dirp = readdir(dird)) != NULL) { 194 /* must have a minor number */ 195 if (strlen(dirp->d_name) <= len) 196 continue; 197 if (!strncmp(dirp->d_name, LIBDES, len)) { 198 if (atoi((dirp->d_name + len + 1)) > minor) { 199 minor = atoi((dirp->d_name + len + 1)); 200 snprintf(dlpath,sizeof(dlpath),"%s/%s", 201 _PATH_USRLIB, dirp->d_name); 202 } 203 } 204 } 205 206 closedir(dird); 207 } else 208 snprintf(dlpath, sizeof(dlpath), "%s", libpath); 209 210 if (dlpath != NULL && (dlhandle = dlopen(dlpath, 0444)) != NULL) 211 _my_crypt = (int (*)())dlsym(dlhandle, "__des_crypt"); 212 213 if (_my_crypt == NULL) { 214 if (dlhandle != NULL) 215 dlclose(dlhandle); 216 _my_crypt = &_rc4_crypt; 217 if (warn) { 218 printf ("DES support disabled -- using RC4 instead.\n"); 219 printf ("Warning: RC4 cipher is not compatible with "); 220 printf ("other Secure RPC implementations.\nInstall "); 221 printf ("the FreeBSD 'des' distribution to enable"); 222 printf (" DES encryption.\n"); 223 } 224 } else { 225 if (warn) { 226 printf ("DES support enabled\n"); 227 printf ("Using %s shared object.\n", dlpath); 228 } 229 } 230 231 return; 232} 233 234desresp * 235des_crypt_1_svc(desargs *argp, struct svc_req *rqstp) 236{ 237 static desresp result; 238 struct desparams dparm; 239 240 if (argp->desbuf.desbuf_len > DES_MAXDATA) { 241 result.stat = DESERR_BADPARAM; 242 return(&result); 243 } 244 245 bcopy(argp->des_key, dparm.des_key, 8); 246 bcopy(argp->des_ivec, dparm.des_ivec, 8); 247 dparm.des_mode = argp->des_mode; 248 dparm.des_dir = argp->des_dir; 249 250#ifdef BROKEN_DES 251 dparm.UDES.UDES_buf = argp->desbuf.desbuf_val; 252#endif 253 result.stat = _my_crypt(argp->desbuf.desbuf_val, 254 argp->desbuf.desbuf_len, 255 &dparm); 256 257 if (result.stat == DESERR_NONE || result.stat == DESERR_NOHWDEVICE) { 258 bcopy(dparm.des_ivec, result.des_ivec, 8); 259 result.desbuf.desbuf_len = argp->desbuf.desbuf_len; 260 result.desbuf.desbuf_val = argp->desbuf.desbuf_val; 261 } 262 263 return (&result); 264} 265