source: trunk/src/sh_srp.c@ 584

Last change on this file since 584 was 583, checked in by katerina, 2 months ago

Fix for ticket #471 (autoreconf throws warnings/errors).

File size: 17.3 KB
Line 
1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 1999, 2000 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20#include "config_xor.h"
21
22#include <stdio.h>
23#include <stdlib.h>
24#include <string.h>
25
26
27#include "samhain.h"
28
29#ifdef USE_SRP_PROTOCOL
30
31/* dont modify this, unless you know what you do
32 */
33#define SRP_GENERATOR_1024 "2"
34#define SRP_MODULUS_1024_1 \
35_("f488fd584e49dbcd20b49de49107366b336c380d451d0f7c88b31c7c5b2d8ef6")
36#define SRP_MODULUS_1024_2 \
37_("f3c923c043f0a55b188d8ebb558cb85d38d334fd7c175743a31d186cde33212c")
38#define SRP_MODULUS_1024_3 \
39_("b52aff3ce1b1294018118d7c84a70a72d686c40319c807297aca950cd9969fab")
40#define SRP_MODULUS_1024_4 \
41_("d00a509b0246d3083d66a45d419f9c7cbd894b221926baaba25ec355e92f78c7")
42
43
44#if (defined (SH_WITH_CLIENT) || defined (SH_WITH_SERVER))
45
46#include "sh_tiger.h"
47#include "sh_mem.h"
48#include "sh_utils.h"
49#include "sh_srp.h"
50
51#if !defined(HAVE_LIBGMP) || !defined(HAVE_GMP_H)
52#include "bignum.h"
53#else
54
55#include <gmp.h>
56
57#define BIG_OK 0
58#define bigerr_t int
59int big_errno = BIG_OK;
60
61#define bignum MP_INT
62
63static
64int big_create (bignum * a)
65{
66 mpz_init(a);
67 return 0;
68}
69
70static
71int big_zerop (bignum * a)
72{
73 mpz_t b;
74 int i;
75 mpz_init_set_str(b, "0", 10);
76 i = mpz_cmp(a, b);
77 mpz_clear(b);
78 if (i)
79 return 0;
80 else
81 return 1;
82}
83
84static
85int big_trunc (bignum * a, bignum * b, bignum * q, bignum *r)
86{
87 mpz_tdiv_qr(q, r, a, b);
88 return 0;
89}
90
91static
92int big_exptmod (bignum * a, bignum * b, bignum * c, bignum *d)
93{
94 mpz_powm(d, a, b, c);
95 return 0;
96}
97
98char * get_str_internal = NULL;
99int siz_str_internal = 0;
100
101static
102char * big_string (bignum * a, int base)
103{
104 char * str = NULL;
105 int size;
106 int i;
107 str = mpz_get_str (str, base, a);
108
109 if (get_str_internal == NULL)
110 {
111 get_str_internal = calloc(1,512); /* only once */
112 if (get_str_internal)
113 {
114 siz_str_internal = 512;
115 }
116 else
117 {
118 if (str != NULL)
119 free(str);
120 return 0;
121 }
122 get_str_internal[0] = '\0';
123 }
124
125 if (str != NULL)
126 {
127 size = strlen(str) + 1;
128 if (size > siz_str_internal)
129 {
130 char * ptr = realloc (get_str_internal, size);
131 if (ptr)
132 get_str_internal = ptr;
133 else
134 {
135 /* "If realloc() fails, the original block is left untouched;
136 * it is not freed or moved." */
137 /* cppcheck-suppress doubleFree */
138 free(get_str_internal);
139 get_str_internal = NULL;
140 }
141 }
142 if (get_str_internal == NULL)
143 {
144 free(str);
145 return NULL;
146 }
147 siz_str_internal = size;
148 sl_strlcpy (get_str_internal, str, siz_str_internal);
149 for (i = 0; i < (size-1); ++i)
150 if (get_str_internal[i] >= 'a' && get_str_internal[i] <= 'f' )
151 get_str_internal[i] = get_str_internal[i] - 'a' + 'A';
152 free (str);
153 }
154 return get_str_internal;
155}
156
157static
158int big_add(bignum * a, bignum * b, bignum * c)
159{
160 mpz_add(c, a, b);
161 return 0;
162}
163
164static
165int big_sub(bignum * a, bignum * b, bignum * c)
166{
167 mpz_sub(c, a, b);
168 return 0;
169}
170
171static
172int big_mul(bignum * a, bignum * b, bignum * c)
173{
174 mpz_mul(c, a, b);
175 return 0;
176}
177
178static
179int big_greaterp(bignum * a, bignum * b)
180{
181 return mpz_cmp(a, b) > 0;
182}
183
184static
185int big_set_big(bignum * a, bignum * b)
186{
187 mpz_set(b, a);
188 return 0;
189}
190
191
192static
193int big_set_string(const char * str, int base, bignum * a)
194{
195 mpz_set_str (a, str, base);
196 return 0;
197}
198
199
200#define big_init_pkg() 0
201#define big_release_pkg()
202#define big_destroy mpz_clear
203
204/* #if defined(HAVE_LIBGMP)
205 */
206#endif
207
208#undef FIL__
209#define FIL__ _("sh_srp.c")
210
211typedef struct sh_srp_struc {
212 char x[KEY_LEN+1];
213 bignum a;
214 bignum p;
215 bignum g;
216} sh_srp_t;
217
218static sh_srp_t sh_srp;
219
220void sh_srp_x (char * salt, char * password)
221{
222
223 char *combi;
224 size_t len, l2;
225 register int i;
226 unsigned char * dez = NULL;
227 char hashbuf[KEYBUF_SIZE];
228
229 SL_ENTER(_("sh_srp_x"));
230
231 /* patch by Andreas Piesk
232 */
233 if (password == NULL)
234 dez = (unsigned char *) &(skey->pw[0]);
235 else
236 dez = (unsigned char *) password;
237
238 for (i = 0; i < PW_LEN; ++i)
239 {
240 skey->vernam[i] = (char)(*dez);
241 ++dez;
242 }
243 skey->vernam[PW_LEN] = '\0';
244
245 (void) sl_strlcpy (skey->vernam,
246 sh_tiger_hash(skey->vernam, TIGER_DATA, PW_LEN,
247 hashbuf, sizeof(hashbuf)),
248 KEY_LEN);
249 skey->vernam[KEY_LEN] = '\0';
250
251 len = sl_strlen(salt) + 1;
252 l2 = sl_strlen(skey->vernam);
253 if (sl_ok_adds(len, l2))
254 len += l2;
255
256 /* H(s,P)
257 */
258 combi = SH_ALLOC(len);
259 (void) sl_strlcpy (combi, salt, len);
260 (void) sl_strlcat (combi, skey->vernam, len);
261 (void) sl_strlcpy (sh_srp.x,
262 sh_tiger_hash(combi, TIGER_DATA,
263 (unsigned long) sl_strlen(combi),
264 hashbuf, sizeof(hashbuf)),
265 KEY_LEN+1);
266 SH_FREE (combi);
267
268 SL_RET0(_("sh_srp_x"));
269}
270
271char * sh_srp_M (char * x1, char * x2, char * x3, char * hash, size_t size)
272{
273 char *combi;
274 size_t len, l2, l3;
275
276 SL_ENTER(_("sh_srp_M"));
277
278 ASSERT_RET((x1 != NULL && x2 != NULL && x3 !=NULL),
279 _("x1 != NULL && x2 != NULL && x3 !=NULL"), NULL);
280
281 len = sl_strlen(x1) + 1;
282 l2 = sl_strlen(x2);
283 l3 = sl_strlen(x3);
284
285 if (sl_ok_adds(len, l2))
286 len += l2;
287 if (sl_ok_adds(len, l3))
288 len += l3;
289
290 /* H(x1,x2,x3)
291 */
292 combi = SH_ALLOC(len);
293 (void) sl_strlcpy (combi, x1, len);
294 (void) sl_strlcat (combi, x2, len);
295 (void) sl_strlcat (combi, x3, len);
296 (void) sh_tiger_hash(combi, TIGER_DATA, (unsigned long) (len-1),
297 hash, size);
298 SH_FREE (combi);
299
300 SL_RETURN(hash, _("sh_srp_M"));
301}
302
303
304void sh_srp_exit()
305{
306 SL_ENTER(_("sh_srp_exit"));
307 big_destroy(&sh_srp.g);
308 big_destroy(&sh_srp.p);
309 big_destroy(&sh_srp.a);
310
311 big_release_pkg();
312
313 big_errno = BIG_OK;
314 SL_RET0(_("sh_srp_exit"));
315}
316
317
318int sh_srp_init()
319{
320 bigerr_t res;
321 char modulus[80*4];
322
323 SL_ENTER(_("sh_srp_init"));
324
325 big_errno = BIG_OK;
326
327 res = big_init_pkg();
328
329 if (res == BIG_OK)
330 {
331 res = big_create(&sh_srp.p);
332 if (res == BIG_OK)
333 res = big_create(&sh_srp.g);
334 if (res == BIG_OK)
335 res = big_create(&sh_srp.a);
336 if (res == BIG_OK)
337 {
338 (void) sl_strlcpy(modulus, SRP_MODULUS_1024_1, sizeof(modulus));
339 (void) sl_strlcat(modulus, SRP_MODULUS_1024_2, sizeof(modulus));
340 (void) sl_strlcat(modulus, SRP_MODULUS_1024_3, sizeof(modulus));
341 (void) sl_strlcat(modulus, SRP_MODULUS_1024_4, sizeof(modulus));
342 }
343 if (res == BIG_OK)
344 res = big_set_string (modulus, 16, &sh_srp.p);
345 if (res == BIG_OK)
346 res = big_set_string (SRP_GENERATOR_1024, 16, &sh_srp.g);
347 if (res == BIG_OK)
348 {
349 SL_RETURN (0, _("sh_srp_init"));
350 }
351 else
352 sh_srp_exit();
353 }
354 SL_RETURN ((-1), _("sh_srp_init"));
355}
356
357
358int sh_srp_make_a ()
359{
360 UINT32 randl[6];
361 int i;
362 int res;
363 char hash[KEY_LEN+1];
364 char hashbuf[KEYBUF_SIZE];
365
366 SL_ENTER(_("sh_srp_make_a"));
367
368 for (i = 0; i < 6; ++i)
369 randl[i] = (UINT32) taus_get ();
370
371 (void) sl_strlcpy (hash,
372 sh_tiger_hash((char *)&randl[0], TIGER_DATA,
373 (unsigned long) 6*sizeof(UINT32),
374 hashbuf, sizeof(hashbuf)),
375 KEY_LEN+1);
376
377 hash[KEY_LEN] = '\0';
378
379 res = big_set_string (hash, 16, &sh_srp.a);
380 if (res == BIG_OK)
381 {
382 SL_RETURN((0), _("sh_srp_make_a"));
383 }
384 else
385 {
386 SL_RETURN((-1), _("sh_srp_make_a"));
387 }
388}
389
390/* return 0 if AB is NOT zero
391 */
392int sh_srp_check_zero (char * AB_str)
393{
394 bignum AB, q, r;
395 bigerr_t res;
396 int val;
397
398 SL_ENTER(_("sh_srp_check_zero"));
399
400 ASSERT_RET((AB_str != NULL), _("AB_str != NULL"), (-1));
401
402 res = big_create(&AB);
403 if (res == BIG_OK)
404 res = big_create(&q);
405 if (res == BIG_OK)
406 res = big_create(&r);
407
408 if (res == BIG_OK)
409 res = big_set_string (AB_str, 16, &AB);
410 if (res == BIG_OK)
411 res = big_trunc(&AB, &sh_srp.p, &q, &r); /* is last one the remainder ? */
412
413 if (res != BIG_OK) val = (-1);
414 else if (0 != big_zerop(&AB) ) val = (-1); /* 0 != (sign == 0) */
415 else if (0 != big_zerop(&r) ) val = (-1); /* 0 != (sign == 0) */
416 else val = 0;
417
418 big_destroy(&AB);
419 big_destroy(&q);
420 big_destroy(&r);
421
422 SL_RETURN((val), _("sh_srp_check_zero"));
423}
424
425#if defined(SH_WITH_CLIENT) || defined(SH_WITH_SERVER)
426
427
428char * sh_srp_A ()
429{
430 bignum A;
431 char *str;
432 char *combi;
433 bigerr_t res;
434
435 SL_ENTER(_("sh_srp_A"));
436
437 res = big_create(&A);
438
439 if (res == BIG_OK)
440 res = big_exptmod (&sh_srp.g, &sh_srp.a, &sh_srp.p, &A);
441
442 if (res == BIG_OK)
443 str = big_string (&A, 16);
444 else
445 str = NULL;
446
447 if (str != NULL)
448 combi = sh_util_strdup(str);
449 else
450 combi = NULL;
451
452 big_destroy(&A);
453 SL_RETURN(combi, _("sh_srp_A"));
454}
455
456/* #ifdef SH_WITH_CLIENT */
457#endif
458
459#ifdef SH_WITH_SERVER
460
461char * sh_srp_B (char * verifier)
462{
463 bignum B, v, t, dummy;
464 char *str;
465 char *combi;
466 bigerr_t res;
467
468 SL_ENTER(_("sh_srp_B"));
469
470 ASSERT_RET((verifier != NULL), _("verifier != NULL"), (NULL));
471
472 res = big_create(&dummy);
473
474 if (res == BIG_OK)
475 res = big_create(&t);
476 if (res == BIG_OK)
477 res = big_create(&v);
478 if (res == BIG_OK)
479 res = big_create(&B);
480
481 if (res == BIG_OK)
482 res = big_exptmod (&sh_srp.g, &sh_srp.a, &sh_srp.p, &t);
483
484 if (res == BIG_OK)
485 big_set_string (verifier, 16, &v);
486
487 if (res == BIG_OK)
488 res = big_add (&t, &v, &dummy);
489
490 if (res == BIG_OK)
491 {
492 if ( big_greaterp(&dummy, &sh_srp.p) )
493 res = big_sub(&dummy, &sh_srp.p, &B);
494 else
495 res = big_set_big(&dummy, &B);
496 }
497
498 if (res == BIG_OK)
499 str = big_string (&B, 16);
500 else
501 str = NULL;
502
503 if (str != NULL)
504 combi = sh_util_strdup(str);
505 else
506 combi = NULL;
507
508 big_destroy(&B);
509 big_destroy(&v);
510 big_destroy(&t);
511 big_destroy(&dummy);
512
513 SL_RETURN(combi, _("sh_srp_B"));
514}
515/* #ifdef SH_WITH_SERVER */
516#endif
517
518
519#if defined(SH_WITH_CLIENT) || defined(SH_WITH_SERVER)
520
521char * sh_srp_S_c (char * u_str, char * B_str)
522{
523 bignum u, B, x, t, base, z1, z2;
524 char *str;
525 char *combi;
526 bigerr_t res;
527
528 SL_ENTER(_("sh_srp_S_c"));
529
530 ASSERT_RET((u_str != NULL && B_str != NULL),
531 _("u_str != NULL && B_str != NULL"), (NULL));
532
533 big_errno = BIG_OK;
534
535 res = big_create(&z2);
536 if (res == BIG_OK)
537 res = big_create(&z1);
538 if (res == BIG_OK)
539 res = big_create(&base);
540 if (res == BIG_OK)
541 res = big_create(&t);
542 if (res == BIG_OK)
543 res = big_create(&x);
544 if (res == BIG_OK)
545 res = big_create(&B);
546 if (res == BIG_OK)
547 res = big_create(&u);
548
549 if (res == BIG_OK)
550 res = big_set_string (B_str, 16, &B);
551 if (res == BIG_OK)
552 res = big_set_string (sh_srp.x, 16, &x);
553 if (res == BIG_OK)
554 res = big_set_string (u_str, 16, &u);
555
556 /* the base (B - g^x)
557 */
558 if (res == BIG_OK)
559 res = big_exptmod (&sh_srp.g, &x, &sh_srp.p, &t);
560
561 if (res == BIG_OK)
562 {
563 if ( big_greaterp(&B, &t) != 0)
564 {
565 res = big_sub(&B, &t, &base);
566 }
567 else
568 {
569 res = big_add(&B, &sh_srp.p, &z2);
570 if (res == BIG_OK)
571 res = big_sub(&z2, &t, &base);
572 }
573 }
574
575 /* the exponent (a + ux)
576 */
577 if (res == BIG_OK)
578 res = big_mul (&u, &x, &t);
579 if (res == BIG_OK)
580 res = big_trunc(&t, &sh_srp.p, &z1, &z2); /* is last one the remainder ? */
581 if (res == BIG_OK)
582 res = big_add(&sh_srp.a, &z2, &z1);
583 if (res == BIG_OK)
584 {
585 if ( big_greaterp(&z1, &sh_srp.p) != 0)
586 res = big_sub(&z1, &sh_srp.p, &z2);
587 else
588 res = big_set_big(&z1, &z2);
589 }
590
591 if (res == BIG_OK)
592 res = big_exptmod (&base, &z2, &sh_srp.p, &t);
593
594 if (res == BIG_OK)
595 str = big_string (&t, 16);
596 else
597 str = NULL;
598
599 if (str != NULL)
600 combi = sh_util_strdup(str);
601 else
602 combi = NULL;
603
604 big_destroy(&z1);
605 big_destroy(&z2);
606 big_destroy(&base);
607 big_destroy(&t);
608 big_destroy(&x);
609 big_destroy(&B);
610 big_destroy(&u);
611
612 SL_RETURN(combi, _("sh_srp_S_c"));
613}
614
615/* #ifdef SH_WITH_CLIENT */
616#endif
617
618#ifdef SH_WITH_SERVER
619
620
621char * sh_srp_S_s (char * u_str, char * A_str, char * v_str)
622{
623 bignum u, A, v, t, base, z1, z2;
624 char *str;
625 char *combi;
626 bigerr_t res;
627
628 SL_ENTER(_("sh_srp_S_s"));
629
630 ASSERT_RET((u_str != NULL && A_str != NULL && v_str != NULL),
631 _("u_str != NULL && A_str != NULL && v_str != NULL"),
632 (NULL));
633
634 big_errno = BIG_OK;
635
636 res = big_create(&z2);
637 if (res == BIG_OK)
638 res = big_create(&z1);
639 if (res == BIG_OK)
640 res = big_create(&base);
641 if (res == BIG_OK)
642 res = big_create(&t);
643 if (res == BIG_OK)
644 res = big_create(&v);
645 if (res == BIG_OK)
646 res = big_create(&A);
647 if (res == BIG_OK)
648 res = big_create(&u);
649
650 if (res == BIG_OK)
651 res = big_set_string (A_str, 16, &A);
652 if (res == BIG_OK)
653 res = big_set_string (v_str, 16, &v);
654 if (res == BIG_OK)
655 res = big_set_string (u_str, 16, &u);
656
657 /* the base (Av^u)
658 */
659 if (res == BIG_OK)
660 res = big_exptmod (&v, &u, &sh_srp.p, &t);
661 if (res == BIG_OK)
662 res = big_mul (&A, &t, &z1);
663 if (res == BIG_OK)
664 res = big_trunc(&z1, &sh_srp.p, &z2, &base); /* is last the remainder ? */
665
666 if (res == BIG_OK)
667 res = big_exptmod (&base, &sh_srp.a, &sh_srp.p, &t);
668
669 if (res == BIG_OK)
670 str = big_string (&t, 16);
671 else
672 str = NULL;
673
674 if (str != NULL)
675 combi = sh_util_strdup(str);
676 else
677 combi = NULL;
678
679 big_destroy(&z1);
680 big_destroy(&z2);
681 big_destroy(&base);
682 big_destroy(&t);
683 big_destroy(&v);
684 big_destroy(&A);
685 big_destroy(&u);
686
687 SL_RETURN(combi, _("sh_srp_S_s"));
688}
689
690/* #ifdef SH_WITH_SERVER */
691#endif
692
693
694char * sh_srp_verifier (void)
695{
696 bignum x, v;
697 char *combi;
698 char *str;
699 bigerr_t res;
700
701 SL_ENTER(_("sh_srp_verifier"));
702
703 res = big_create(&x);
704 if (res == BIG_OK)
705 res = big_create(&v);
706
707 if (res == BIG_OK)
708 res = big_set_string (sh_srp.x, 16, &x);
709
710 if (res == BIG_OK)
711 res = big_exptmod (&sh_srp.g, &x, &sh_srp.p, &v);
712
713 if (res == BIG_OK)
714 str = big_string (&v, 16);
715 else
716 str = NULL;
717
718 if (str != NULL)
719 combi = sh_util_strdup(str);
720 else
721 combi = NULL;
722
723 big_destroy(&x);
724 big_destroy(&v);
725
726 SL_RETURN(combi, _("sh_srp_verifier"));
727}
728
729
730/* #if (defined (SH_WITH_CLIENT) || defined (SH_WITH_SERVER)) */
731
732#endif
733
734/* #ifdef USE_SRP_PROTOCOL */
735
736#endif
737
738
739#ifdef SH_CUTEST
740#include "CuTest.h"
741
742void Test_srp (CuTest *tc)
743{
744#if defined(USE_SRP_PROTOCOL) && (defined (SH_WITH_CLIENT) || defined (SH_WITH_SERVER))
745
746 int result;
747 char modulus[80*4];
748 bignum a, b, c;
749 bigerr_t res;
750 char *str = NULL;
751
752 res = sh_srp_init();
753 CuAssertTrue(tc, res == 0);
754
755 (void) sl_strlcpy(modulus, SRP_MODULUS_1024_1, sizeof(modulus));
756 (void) sl_strlcat(modulus, SRP_MODULUS_1024_2, sizeof(modulus));
757 (void) sl_strlcat(modulus, SRP_MODULUS_1024_3, sizeof(modulus));
758 (void) sl_strlcat(modulus, SRP_MODULUS_1024_4, sizeof(modulus));
759
760 res = big_create(&a);
761 CuAssertTrue(tc, res == BIG_OK);
762
763 /* Check plain zero
764 */
765 result = sh_srp_check_zero ("0");
766 CuAssertTrue(tc, result != 0);
767
768 res = big_set_string ("0", 16, &a);
769 CuAssertTrue(tc, res == BIG_OK);
770
771 result = sh_srp_check_zero (big_string(&a, 16));
772 CuAssertTrue(tc, result != 0);
773
774 /* Check modulus (equals 0 % M)
775 */
776 result = sh_srp_check_zero (modulus);
777 CuAssertTrue(tc, result != 0);
778
779 res = big_set_string (modulus, 16, &a);
780 CuAssertTrue(tc, res == BIG_OK);
781
782 result = sh_srp_check_zero (big_string(&a, 16));
783 CuAssertTrue(tc, result != 0);
784
785 /* Check non-zero
786 */
787 modulus[0] = 'a';
788
789 result = sh_srp_check_zero (modulus);
790 CuAssertTrue(tc, result == 0);
791
792 res = big_set_string (modulus, 16, &a);
793 CuAssertTrue(tc, res == BIG_OK);
794
795 result = sh_srp_check_zero (big_string(&a, 16));
796 CuAssertTrue(tc, result == 0);
797
798 modulus[0] = 'f';
799
800 /* Check multiple of modulus
801 */
802 res = big_set_string (modulus, 16, &a);
803 CuAssertTrue(tc, res == BIG_OK);
804
805 res = big_create(&b);
806 CuAssertTrue(tc, res == BIG_OK);
807
808 res = big_create(&c);
809 CuAssertTrue(tc, res == BIG_OK);
810
811 res = big_set_string ("deadbeef", 16, &b);
812 CuAssertTrue(tc, res == BIG_OK);
813
814 res = big_mul (&a, &b, &c);
815 CuAssertTrue(tc, res == BIG_OK);
816
817 str = strdup(big_string (&c, 16));
818 CuAssertPtrNotNull(tc, str);
819
820 result = sh_srp_check_zero (str);
821 CuAssertTrue(tc, result != 0);
822
823#else
824 (void) tc; /* fix compiler warning */
825#endif
826 return;
827}
828#endif
829
830
831
Note: See TracBrowser for help on using the repository browser.