Module Name: src Committed By: christos Date: Mon Oct 20 03:05:13 UTC 2014
Modified Files: src/crypto/external/bsd/openssh/dist: auth.h compat.c mac.c monitor_wrap.c monitor_wrap.h packet.c sshconnect2.c umac.c src/crypto/external/bsd/openssh/lib: Makefile Added Files: src/crypto/external/bsd/openssh/dist: umac128.c Log Message: - remove some more jpake remnants. - try to fix umac; probably still broken on hosts that require strict alignment, but it is still a start. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth.h cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/compat.c cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/mac.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/monitor_wrap.h cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshconnect2.c cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/openssh/dist/umac128.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/openssh/dist/auth.h diff -u src/crypto/external/bsd/openssh/dist/auth.h:1.8 src/crypto/external/bsd/openssh/dist/auth.h:1.9 --- src/crypto/external/bsd/openssh/dist/auth.h:1.8 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/auth.h Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: auth.h,v 1.8 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: auth.h,v 1.9 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: auth.h,v 1.78 2014/07/03 11:16:55 djm Exp $ */ /* @@ -62,7 +62,6 @@ struct Authctxt { char *style; void *kbdintctxt; char *info; /* Extra info for next auth_log */ - void *jpake_ctx; #ifdef BSD_AUTH auth_session_t *as; #endif Index: src/crypto/external/bsd/openssh/dist/compat.c diff -u src/crypto/external/bsd/openssh/dist/compat.c:1.7 src/crypto/external/bsd/openssh/dist/compat.c:1.8 --- src/crypto/external/bsd/openssh/dist/compat.c:1.7 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/compat.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: compat.c,v 1.85 2014/04/20 02:49:32 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $"); +__RCSID("$NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> #include <stdlib.h> @@ -179,6 +179,7 @@ compat_datafellows(const char *version) if (match_pattern_list(version, check[i].pat, strlen(check[i].pat), 0) == 1) { datafellows = check[i].bugs; + /* Check to see if the remote side is OpenSSH and not HPN */ if(strstr(version,"OpenSSH") != NULL) { if (strstr(version,"hpn") == NULL) Index: src/crypto/external/bsd/openssh/dist/mac.c diff -u src/crypto/external/bsd/openssh/dist/mac.c:1.9 src/crypto/external/bsd/openssh/dist/mac.c:1.10 --- src/crypto/external/bsd/openssh/dist/mac.c:1.9 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/mac.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: mac.c,v 1.30 2014/04/30 19:07:48 naddy Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $"); +__RCSID("$NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> #include <openssl/hmac.h> @@ -153,14 +153,12 @@ mac_init(Mac *mac) ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0) return -1; return 0; -#ifdef UMAC_HAS_BEEN_UNBROKEN case SSH_UMAC: mac->umac_ctx = umac_new(mac->key); return 0; case SSH_UMAC128: mac->umac_ctx = umac128_new(mac->key); return 0; -#endif default: return -1; } @@ -174,9 +172,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u u_int64_t for_align; } u; u_char b[4]; -#ifdef UMAC_HAS_BEEN_UNBROKEN u_char nonce[8]; -#endif if (mac->mac_len > sizeof(u)) fatal("mac_compute: mac too long %u %zu", @@ -192,7 +188,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0) fatal("ssh_hmac failed"); break; -#ifdef UMAC_HAS_BEEN_UNBROKEN case SSH_UMAC: put_u64(nonce, seqno); umac_update(mac->umac_ctx, data, datalen); @@ -203,7 +198,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u umac128_update(mac->umac_ctx, data, datalen); umac128_final(mac->umac_ctx, u.m, nonce); break; -#endif default: fatal("mac_compute: unknown MAC type"); } @@ -213,16 +207,13 @@ mac_compute(Mac *mac, u_int32_t seqno, u void mac_clear(Mac *mac) { -#ifdef UMAC_HAS_BEEN_UNBROKEN if (mac->type == SSH_UMAC) { if (mac->umac_ctx != NULL) umac_delete(mac->umac_ctx); } else if (mac->type == SSH_UMAC128) { if (mac->umac_ctx != NULL) umac128_delete(mac->umac_ctx); - } else -#endif - if (mac->hmac_ctx != NULL) + } else if (mac->hmac_ctx != NULL) ssh_hmac_free(mac->hmac_ctx); mac->hmac_ctx = NULL; mac->umac_ctx = NULL; Index: src/crypto/external/bsd/openssh/dist/monitor_wrap.c diff -u src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.9 src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.10 --- src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.9 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/monitor_wrap.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor_wrap.c,v 1.9 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: monitor_wrap.c,v 1.10 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.80 2014/04/29 18:01:49 markus Exp $ */ /* * Copyright 2002 Niels Provos <pro...@citi.umich.edu> @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor_wrap.c,v 1.9 2014/10/19 16:30:58 christos Exp $"); +__RCSID("$NetBSD: monitor_wrap.c,v 1.10 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> #include <sys/uio.h> #include <sys/queue.h> @@ -1268,168 +1268,6 @@ mm_ssh_gssapi_userok(char *user) } #endif /* GSSAPI */ -#ifdef JPAKE -void -mm_auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s, - char **hash_scheme, char **salt) -{ - Buffer m; - - debug3("%s entering", __func__); - - buffer_init(&m); - mm_request_send(pmonitor->m_recvfd, - MONITOR_REQ_JPAKE_GET_PWDATA, &m); - - debug3("%s: waiting for MONITOR_ANS_JPAKE_GET_PWDATA", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_JPAKE_GET_PWDATA, &m); - - *hash_scheme = buffer_get_string(&m, NULL); - *salt = buffer_get_string(&m, NULL); - - buffer_free(&m); -} - -void -mm_jpake_step1(struct modp_group *grp, - u_char **id, u_int *id_len, - BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2, - u_char **priv1_proof, u_int *priv1_proof_len, - u_char **priv2_proof, u_int *priv2_proof_len) -{ - Buffer m; - - debug3("%s entering", __func__); - - buffer_init(&m); - mm_request_send(pmonitor->m_recvfd, - MONITOR_REQ_JPAKE_STEP1, &m); - - debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP1", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_JPAKE_STEP1, &m); - - if ((*priv1 = BN_new()) == NULL || - (*priv2 = BN_new()) == NULL || - (*g_priv1 = BN_new()) == NULL || - (*g_priv2 = BN_new()) == NULL) - fatal("%s: BN_new", __func__); - - *id = buffer_get_string(&m, id_len); - /* priv1 and priv2 are, well, private */ - buffer_get_bignum2(&m, *g_priv1); - buffer_get_bignum2(&m, *g_priv2); - *priv1_proof = buffer_get_string(&m, priv1_proof_len); - *priv2_proof = buffer_get_string(&m, priv2_proof_len); - - buffer_free(&m); -} - -void -mm_jpake_step2(struct modp_group *grp, BIGNUM *s, - BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2, - const u_char *theirid, u_int theirid_len, - const u_char *myid, u_int myid_len, - const u_char *theirpub1_proof, u_int theirpub1_proof_len, - const u_char *theirpub2_proof, u_int theirpub2_proof_len, - BIGNUM **newpub, - u_char **newpub_exponent_proof, u_int *newpub_exponent_proof_len) -{ - Buffer m; - - debug3("%s entering", __func__); - - buffer_init(&m); - /* monitor already has all bignums except theirpub1, theirpub2 */ - buffer_put_bignum2(&m, theirpub1); - buffer_put_bignum2(&m, theirpub2); - /* monitor already knows our id */ - buffer_put_string(&m, theirid, theirid_len); - buffer_put_string(&m, theirpub1_proof, theirpub1_proof_len); - buffer_put_string(&m, theirpub2_proof, theirpub2_proof_len); - - mm_request_send(pmonitor->m_recvfd, - MONITOR_REQ_JPAKE_STEP2, &m); - - debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP2", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_JPAKE_STEP2, &m); - - if ((*newpub = BN_new()) == NULL) - fatal("%s: BN_new", __func__); - - buffer_get_bignum2(&m, *newpub); - *newpub_exponent_proof = buffer_get_string(&m, - newpub_exponent_proof_len); - - buffer_free(&m); -} - -void -mm_jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val, - BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2, - BIGNUM *theirpub1, BIGNUM *theirpub2, - const u_char *my_id, u_int my_id_len, - const u_char *their_id, u_int their_id_len, - const u_char *sess_id, u_int sess_id_len, - const u_char *theirpriv2_s_proof, u_int theirpriv2_s_proof_len, - BIGNUM **k, - u_char **confirm_hash, u_int *confirm_hash_len) -{ - Buffer m; - - debug3("%s entering", __func__); - - buffer_init(&m); - /* monitor already has all bignums except step2_val */ - buffer_put_bignum2(&m, step2_val); - /* monitor already knows all the ids */ - buffer_put_string(&m, theirpriv2_s_proof, theirpriv2_s_proof_len); - - mm_request_send(pmonitor->m_recvfd, - MONITOR_REQ_JPAKE_KEY_CONFIRM, &m); - - debug3("%s: waiting for MONITOR_ANS_JPAKE_KEY_CONFIRM", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_JPAKE_KEY_CONFIRM, &m); - - /* 'k' is sensitive and stays in the monitor */ - *confirm_hash = buffer_get_string(&m, confirm_hash_len); - - buffer_free(&m); -} - -int -mm_jpake_check_confirm(const BIGNUM *k, - const u_char *peer_id, u_int peer_id_len, - const u_char *sess_id, u_int sess_id_len, - const u_char *peer_confirm_hash, u_int peer_confirm_hash_len) -{ - Buffer m; - int success = 0; - - debug3("%s entering", __func__); - - buffer_init(&m); - /* k is dummy in slave, ignored */ - /* monitor knows all the ids */ - buffer_put_string(&m, peer_confirm_hash, peer_confirm_hash_len); - mm_request_send(pmonitor->m_recvfd, - MONITOR_REQ_JPAKE_CHECK_CONFIRM, &m); - - debug3("%s: waiting for MONITOR_ANS_JPAKE_CHECK_CONFIRM", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_JPAKE_CHECK_CONFIRM, &m); - - success = buffer_get_int(&m); - buffer_free(&m); - - debug3("%s: success = %d", __func__, success); - return success; -} -#endif /* JPAKE */ - #ifdef KRB4 int mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply) Index: src/crypto/external/bsd/openssh/dist/monitor_wrap.h diff -u src/crypto/external/bsd/openssh/dist/monitor_wrap.h:1.6 src/crypto/external/bsd/openssh/dist/monitor_wrap.h:1.7 --- src/crypto/external/bsd/openssh/dist/monitor_wrap.h:1.6 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/monitor_wrap.h Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor_wrap.h,v 1.6 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: monitor_wrap.h,v 1.7 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: monitor_wrap.h,v 1.24 2014/01/29 06:18:35 djm Exp $ */ /* @@ -97,25 +97,6 @@ int mm_bsdauth_respond(void *, u_int, ch int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); int mm_skey_respond(void *, u_int, char **); -/* jpake */ -struct modp_group; -void mm_auth2_jpake_get_pwdata(struct Authctxt *, BIGNUM **, char **, char **); -void mm_jpake_step1(struct modp_group *, u_char **, u_int *, - BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **, - u_char **, u_int *, u_char **, u_int *); -void mm_jpake_step2(struct modp_group *, BIGNUM *, - BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, - const u_char *, u_int, const u_char *, u_int, - const u_char *, u_int, const u_char *, u_int, - BIGNUM **, u_char **, u_int *); -void mm_jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *, - BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, - const u_char *, u_int, const u_char *, u_int, - const u_char *, u_int, const u_char *, u_int, - BIGNUM **, u_char **, u_int *); -int mm_jpake_check_confirm(const BIGNUM *, - const u_char *, u_int, const u_char *, u_int, const u_char *, u_int); - /* auth_krb */ #ifdef KRB4 int mm_auth_krb4(struct Authctxt *, void *, char **, void *); Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.13 src/crypto/external/bsd/openssh/dist/packet.c:1.14 --- src/crypto/external/bsd/openssh/dist/packet.c:1.13 Sun Oct 19 12:30:58 2014 +++ src/crypto/external/bsd/openssh/dist/packet.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.13 2014/10/19 16:30:58 christos Exp $ */ +/* $NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: packet.c,v 1.198 2014/07/15 15:54:14 millert Exp $ */ /* * Author: Tatu Ylonen <y...@cs.hut.fi> @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.13 2014/10/19 16:30:58 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> #include <sys/queue.h> #include <sys/socket.h> @@ -944,6 +944,7 @@ packet_send2_wrapped(void) len, padlen, aadlen)); /* compute MAC over seqnr and packet(length fields, payload, padding) */ +debug("mac %p, %d %d\n", mac, mac? mac->enabled : -1, mac ? mac->etm : -1); if (mac && mac->enabled && !mac->etm) { macbuf = mac_compute(mac, active_state->p_send.seqnr, buffer_ptr(&active_state->outgoing_packet), len); Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.16 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.17 --- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.16 Sun Oct 19 12:30:59 2014 +++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect2.c,v 1.16 2014/10/19 16:30:59 christos Exp $ */ +/* $NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect2.c,v 1.16 2014/10/19 16:30:59 christos Exp $"); +__RCSID("$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> #include <sys/socket.h> #include <sys/wait.h> @@ -306,9 +306,6 @@ int userauth_passwd(Authctxt *); int userauth_kbdint(Authctxt *); int userauth_hostbased(Authctxt *); int userauth_kerberos(Authctxt *); -int userauth_jpake(Authctxt *); - -void userauth_jpake_cleanup(Authctxt *); #ifdef GSSAPI int userauth_gssapi(Authctxt *authctxt); @@ -1614,79 +1611,6 @@ userauth_hostbased(Authctxt *authctxt) return 1; } -#ifdef JPAKE -int -userauth_jpake(Authctxt *authctxt) -{ - struct jpake_ctx *pctx; - u_char *x1_proof, *x2_proof; - u_int x1_proof_len, x2_proof_len; - static int attempt = 0; /* XXX share with userauth_password's? */ - - if (attempt++ >= options.number_of_password_prompts) - return 0; - if (attempt != 1) - error("Permission denied, please try again."); - - if (authctxt->methoddata != NULL) - fatal("%s: authctxt->methoddata already set (%p)", - __func__, authctxt->methoddata); - - authctxt->methoddata = pctx = jpake_new(); - - /* - * Send request immediately, to get the protocol going while - * we do the initial computations. - */ - packet_start(SSH2_MSG_USERAUTH_REQUEST); - packet_put_cstring(authctxt->server_user); - packet_put_cstring(authctxt->service); - packet_put_cstring(authctxt->method->name); - packet_send(); - packet_write_wait(); - - jpake_step1(pctx->grp, - &pctx->client_id, &pctx->client_id_len, - &pctx->x1, &pctx->x2, &pctx->g_x1, &pctx->g_x2, - &x1_proof, &x1_proof_len, - &x2_proof, &x2_proof_len); - - JPAKE_DEBUG_CTX((pctx, "step 1 sending in %s", __func__)); - - packet_start(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP1); - packet_put_string(pctx->client_id, pctx->client_id_len); - packet_put_bignum2(pctx->g_x1); - packet_put_bignum2(pctx->g_x2); - packet_put_string(x1_proof, x1_proof_len); - packet_put_string(x2_proof, x2_proof_len); - packet_send(); - - bzero(x1_proof, x1_proof_len); - bzero(x2_proof, x2_proof_len); - free(x1_proof); - free(x2_proof); - - /* Expect step 1 packet from peer */ - dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, - input_userauth_jpake_server_step1); - dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, - &input_userauth_success_unexpected); - - return 1; -} - -void -userauth_jpake_cleanup(Authctxt *authctxt) -{ - debug3("%s: clean up", __func__); - if (authctxt->methoddata != NULL) { - jpake_free(authctxt->methoddata); - authctxt->methoddata = NULL; - } - dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); -} -#endif /* JPAKE */ - #if KRB5 static int ssh_krb5_helper(krb5_data *ap) Index: src/crypto/external/bsd/openssh/dist/umac.c diff -u src/crypto/external/bsd/openssh/dist/umac.c:1.5 src/crypto/external/bsd/openssh/dist/umac.c:1.6 --- src/crypto/external/bsd/openssh/dist/umac.c:1.5 Sun Oct 19 12:30:59 2014 +++ src/crypto/external/bsd/openssh/dist/umac.c Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: umac.c,v 1.5 2014/10/19 16:30:59 christos Exp $ */ +/* $NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $ */ /* $OpenBSD: umac.c,v 1.11 2014/07/22 07:13:42 guenther Exp $ */ /* ----------------------------------------------------------------------- * @@ -53,7 +53,9 @@ /* --- User Switches ---------------------------------------------------- */ /* ---------------------------------------------------------------------- */ +#ifndef UMAC_OUTPUT_LEN #define UMAC_OUTPUT_LEN 8 /* Alowable: 4, 8, 12, 16 */ +#endif /* #define FORCE_C_ONLY 1 ANSI C and 64-bit integers req'd */ /* #define AES_IMPLEMENTAION 1 1 = OpenSSL, 2 = Barreto, 3 = Gladman */ /* #define SSE2 0 Is SSE2 is available? */ @@ -65,13 +67,14 @@ /* ---------------------------------------------------------------------- */ #include "includes.h" -__RCSID("$NetBSD: umac.c,v 1.5 2014/10/19 16:30:59 christos Exp $"); +__RCSID("$NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $"); #include <sys/types.h> -#include <endian.h> +#include <sys/endian.h> #include <string.h> #include <stdio.h> #include <stdlib.h> #include <stddef.h> +#include <time.h> #include "xmalloc.h" #include "umac.h" @@ -124,17 +127,6 @@ typedef unsigned int UWORD; /* Register #define MUL64(a,b) ((UINT64)((UINT64)(UINT32)(a) * (UINT64)(UINT32)(b))) -#if defined(__NetBSD__) -#include <sys/endian.h> -#define LOAD_UINT32_LITTLE(ptr) le32toh(*ptr) -#define STORE_UINT32_BIG(ptr,x) (*(UINT32 *)(ptr) = htobe32(x)) -#define LOAD_UINT32_REVERSED(p) (bswap32(*(UINT32 *)(p))) -#define STORE_UINT32_REVERSED(p,v) (*(UINT32 *)(p) = bswap32(v)) -#else /* !NetBSD */ - - /* ---------------------------------------------------------------------- */ - /* --- Endian Conversion --- Forcing assembly on some platforms */ - /* ---------------------------------------------------------------------- */ /* --- Endian Conversion --- Forcing assembly on some platforms */ /* ---------------------------------------------------------------------- */ @@ -150,7 +142,6 @@ typedef unsigned int UWORD; /* Register #define LOAD_UINT32_REVERSED(p) get_u32_le(p) #define STORE_UINT32_REVERSED(p,v) put_u32_le(p,v) #endif -#endif /*!NetBSD*/ #define LOAD_UINT32_LITTLE(p) (get_u32_le(p)) #define STORE_UINT32_BIG(p,v) put_u32(p, v) @@ -238,6 +229,26 @@ static void pdf_init(pdf_ctx *pc, aes_in aes_encryption(pc->nonce, pc->cache, pc->prf_key); } +static inline void +xor64(uint8_t *dp, int di, uint8_t *sp, int si) +{ + uint64_t dst, src; + memcpy(&dst, dp + sizeof(dst) * di, sizeof(dst)); + memcpy(&src, sp + sizeof(src) * si, sizeof(src)); + dst ^= src; + memcpy(dp + sizeof(dst) * di, &dst, sizeof(dst)); +} + +static inline void +xor32(uint8_t *dp, int di, uint8_t *sp, int si) +{ + uint32_t dst, src; + memcpy(&dst, dp + sizeof(dst) * di, sizeof(dst)); + memcpy(&src, sp + sizeof(src) * si, sizeof(src)); + dst ^= src; + memcpy(dp + sizeof(dst) * di, &dst, sizeof(dst)); +} + static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) { /* 'ndx' indicates that we'll be using the 0th or 1st eight bytes @@ -259,27 +270,27 @@ static void pdf_gen_xor(pdf_ctx *pc, con #if LOW_BIT_MASK != 0 int ndx = nonce[7] & LOW_BIT_MASK; #endif - *(UINT32 *)t.tmp_nonce_lo = ((const UINT32 *)nonce)[1]; + memcpy(t.tmp_nonce_lo, nonce + 4, sizeof(t.tmp_nonce_lo)); t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */ - if ( (((UINT32 *)t.tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) || - (((const UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) ) + if (memcmp(t.tmp_nonce_lo, pc->nonce + 1, sizeof(t.tmp_nonce_lo)) != 0 || + memcmp(nonce, pc->nonce, sizeof(t.tmp_nonce_lo)) != 0) { - ((UINT32 *)pc->nonce)[0] = ((const UINT32 *)nonce)[0]; - ((UINT32 *)pc->nonce)[1] = ((UINT32 *)t.tmp_nonce_lo)[0]; + memcpy(pc->nonce, nonce, sizeof(t.tmp_nonce_lo)); + memcpy(pc->nonce + 4, t.tmp_nonce_lo, sizeof(t.tmp_nonce_lo)); aes_encryption(pc->nonce, pc->cache, pc->prf_key); } #if (UMAC_OUTPUT_LEN == 4) - *((UINT32 *)buf) ^= ((UINT32 *)pc->cache)[ndx]; + xor32(buf, 0, pc->cache, ndx); #elif (UMAC_OUTPUT_LEN == 8) - *((UINT64 *)buf) ^= ((UINT64 *)pc->cache)[ndx]; + xor64(buf, 0, pc->cache, ndx); #elif (UMAC_OUTPUT_LEN == 12) - ((UINT64 *)buf)[0] ^= ((UINT64 *)pc->cache)[0]; - ((UINT32 *)buf)[2] ^= ((UINT32 *)pc->cache)[2]; + xor64(buf, 0, pc->cache, 0); + xor32(buf, 2, pc->cache, 2); #elif (UMAC_OUTPUT_LEN == 16) - ((UINT64 *)buf)[0] ^= ((UINT64 *)pc->cache)[0]; - ((UINT64 *)buf)[1] ^= ((UINT64 *)pc->cache)[1]; + xor64(buf, 0, pc->cache, 0); + xor64(buf, 1, pc->cache, 1); #endif } @@ -554,8 +565,6 @@ static void nh_transform(nh_ctx *hc, con /* ---------------------------------------------------------------------- */ -#if (__LITTLE_ENDIAN__) -#define endian_convert_if_le(x,y,z) endian_convert((x),(y),(z)) static void endian_convert(void *buf, UWORD bpw, UINT32 num_bytes) /* We endian convert the keys on little-endian computers to */ /* compensate for the lack of big-endian memory reads during hashing. */ Index: src/crypto/external/bsd/openssh/lib/Makefile diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.14 src/crypto/external/bsd/openssh/lib/Makefile:1.15 --- src/crypto/external/bsd/openssh/lib/Makefile:1.14 Sun Oct 19 12:30:59 2014 +++ src/crypto/external/bsd/openssh/lib/Makefile Sun Oct 19 23:05:13 2014 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.14 2014/10/19 16:30:59 christos Exp $ +# $NetBSD: Makefile,v 1.15 2014/10/20 03:05:13 christos Exp $ .include <bsd.own.mk> @@ -73,6 +73,8 @@ ssh-ed25519.c \ ssh-pkcs11.c \ ttymodes.c \ uidswap.c \ +umac.c \ +umac128.c \ uuencode.c \ verify.c \ xmalloc.c @@ -99,7 +101,6 @@ SRCS+= digest-libc.c CPPFLAGS+= -DHAVE_BLF_H -SSHDIST= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist CPPFLAGS+= -I${SSHDIST} .PATH: ${SSHDIST} Added files: Index: src/crypto/external/bsd/openssh/dist/umac128.c diff -u /dev/null src/crypto/external/bsd/openssh/dist/umac128.c:1.1 --- /dev/null Sun Oct 19 23:05:13 2014 +++ src/crypto/external/bsd/openssh/dist/umac128.c Sun Oct 19 23:05:13 2014 @@ -0,0 +1,6 @@ +#define UMAC_OUTPUT_LEN 16 +#define umac_new umac128_new +#define umac_update umac128_update +#define umac_final umac128_final +#define umac_delete umac128_delete +#include "umac.c"