[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] [HVM] Implement password authentication of VNC connections.



# HG changeset patch
# User kfraser@xxxxxxxxxxxxxxxxxxxxx
# Node ID 02506a7443155611d6bbf03e49fbf193e96d24db
# Parent  328606e0705f0341bebda14cdd17962e463868e8
[HVM] Implement password authentication of VNC connections.

The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
(However, password came to describe plain text)

The difference is follows.
- protocol_authtype() without the necessity was deleted.
- The check on the protocol version was added.
- And, some small modification.

Signed-off-by: Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx>
---
 tools/examples/xend-config.sxp    |    4 
 tools/examples/xmexample.hvm      |    5 
 tools/examples/xmexample.vti      |    5 
 tools/ioemu/Makefile.target       |    4 
 tools/ioemu/d3des.c               |  434 ++++++++++++++++++++++++++++++++++++++
 tools/ioemu/d3des.h               |   51 ++++
 tools/ioemu/vl.c                  |    8 
 tools/ioemu/vl.h                  |    4 
 tools/ioemu/vnc.c                 |  112 +++++++++
 tools/ioemu/xenstore.c            |   51 ++++
 tools/python/xen/xend/XendRoot.py |    6 
 tools/python/xen/xend/image.py    |   28 ++
 tools/python/xen/xm/create.py     |    5 
 13 files changed, 711 insertions(+), 6 deletions(-)

diff -r 328606e0705f -r 02506a744315 tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp    Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/examples/xend-config.sxp    Fri Oct 20 09:50:09 2006 +0100
@@ -135,3 +135,7 @@
 # to 127.0.0.1  To restore old 'listen everywhere' behaviour
 # set this to 0.0.0.0
 #(vnc-listen '127.0.0.1')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
diff -r 328606e0705f -r 02506a744315 tools/examples/xmexample.hvm
--- a/tools/examples/xmexample.hvm      Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/examples/xmexample.hvm      Fri Oct 20 09:50:09 2006 +0100
@@ -150,6 +150,11 @@ vnc=1
 #vncconsole=0
 
 #----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
 # no graphics, use serial port
 #nographic=0
 
diff -r 328606e0705f -r 02506a744315 tools/examples/xmexample.vti
--- a/tools/examples/xmexample.vti      Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/examples/xmexample.vti      Fri Oct 20 09:50:09 2006 +0100
@@ -95,6 +95,11 @@ vnc=0
 #vncconsole=0
 
 #----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
 # no graphics, use serial port
 #nographic=0
 
diff -r 328606e0705f -r 02506a744315 tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target       Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/ioemu/Makefile.target       Fri Oct 20 09:50:09 2006 +0100
@@ -406,6 +406,7 @@ VL_OBJS+=sdl.o
 VL_OBJS+=sdl.o
 endif
 VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
 ifdef CONFIG_COCOA
 VL_OBJS+=cocoa.o
 COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -464,6 +465,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h
        $(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<
 
 vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
+       $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
+d3des.o: d3des.c d3des.h
        $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
 
 sdlaudio.o: sdlaudio.c
diff -r 328606e0705f -r 02506a744315 tools/ioemu/vl.c
--- a/tools/ioemu/vl.c  Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/ioemu/vl.c  Fri Oct 20 09:50:09 2006 +0100
@@ -170,6 +170,9 @@ time_t timeoffset = 0;
 
 char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
 extern int domid;
+
+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
 
 /***********************************************************/
 /* x86 ISA bus support */
@@ -5911,6 +5914,7 @@ int main(int argc, char **argv)
     vncunused = 0;
     kernel_filename = NULL;
     kernel_cmdline = "";
+    *vncpasswd = '\0';
 #ifndef CONFIG_DM
 #ifdef TARGET_PPC
     cdrom_index = 1;
@@ -6559,6 +6563,10 @@ int main(int argc, char **argv)
 
     init_ioports();
 
+    /* read vncpasswd from xenstore */
+    if (0 > xenstore_read_vncpasswd(domid))
+        exit(1);
+
     /* terminal init */
     if (nographic) {
         dumb_display_init(ds);
diff -r 328606e0705f -r 02506a744315 tools/ioemu/vl.h
--- a/tools/ioemu/vl.h  Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/ioemu/vl.h  Fri Oct 20 09:50:09 2006 +0100
@@ -1211,6 +1211,7 @@ void xenstore_process_event(void *opaque
 void xenstore_process_event(void *opaque);
 void xenstore_check_new_media_present(int timeout);
 void xenstore_write_vncport(int vnc_display);
+int xenstore_read_vncpasswd(int domid);
 
 /* xen_platform.c */
 void pci_xen_platform_init(PCIBus *bus);
@@ -1222,4 +1223,7 @@ extern char domain_name[];
 
 void destroy_hvm_domain(void);
 
+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
 #endif /* VL_H */
diff -r 328606e0705f -r 02506a744315 tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/ioemu/vnc.c Fri Oct 20 09:50:09 2006 +0100
@@ -44,6 +44,7 @@
 
 #include "vnc_keysym.h"
 #include "keymaps.c"
+#include "d3des.h"
 
 #define XK_MISCELLANY
 #define XK_LATIN1
@@ -137,6 +138,9 @@ static void vnc_update_client(void *opaq
 static void vnc_update_client(void *opaque);
 static void vnc_client_read(void *opaque);
 static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h);
+static int make_challenge(char *random, int size);
+static void set_seed(unsigned int *seedp);
+static void get_random(int len, unsigned char *buf);
 
 #if 0
 static inline void vnc_set_bit(uint32_t *d, int k)
@@ -1208,23 +1212,92 @@ static int protocol_client_init(VncState
     return 0;
 }
 
+static int protocol_response(VncState *vs, char *client_response, size_t len)
+{
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
+    unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+    unsigned char key[8];
+    int passwdlen, i, j;
+
+    memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+    /* Calculate the sent challenge */
+    passwdlen = strlen(vncpasswd);
+    for (i=0; i<8; i++)
+       key[i] = i<passwdlen ? vncpasswd[i] : 0;
+    deskey(key, EN0);
+    for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+       des(cryptchallenge+j, cryptchallenge+j);
+
+    /* Check the actual response */
+    if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+       /* password error */
+       vnc_write_u32(vs, 1);
+       vnc_write_u32(vs, 22);
+       vnc_write(vs, "Authentication failure", 22);
+       vnc_flush(vs);
+       fprintf(stderr, "VNC Password error.\n");
+       vnc_client_error(vs);
+       return 0;
+    }
+
+    vnc_write_u32(vs, 0);
+    vnc_flush(vs);
+
+    vnc_read_when(vs, protocol_client_init, 1);
+
+    return 0;
+}
+
 static int protocol_version(VncState *vs, char *version, size_t len)
 {
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
     char local[13];
-    int maj, min;
+    int  support, maj, min;
 
     memcpy(local, version, 12);
     local[12] = 0;
 
+    /* protocol version check */
     if (sscanf(local, "RFB %03d.%03d\n", &maj, &min) != 2) {
+       fprintf(stderr, "Protocol version error.\n");
        vnc_client_error(vs);
        return 0;
     }
 
-    vnc_write_u32(vs, 1); /* None */
-    vnc_flush(vs);
-
-    vnc_read_when(vs, protocol_client_init, 1);
+
+    support = 0;
+    if (maj = 3) {
+       if (min == 3 || min ==4) {
+           support = 1;
+       }
+    }
+
+    if (! support) {
+       fprintf(stderr, "Client uses unsupported protocol version %d.%d.\n",
+               maj, min);
+       vnc_client_error(vs);
+       return 0;
+    }
+
+    if (*vncpasswd == '\0') {
+       /* AuthType is None */
+       vnc_write_u32(vs, 1);
+       vnc_flush(vs);
+       vnc_read_when(vs, protocol_client_init, 1);
+    } else {
+       /* AuthType is VncAuth */
+       vnc_write_u32(vs, 2);
+
+       /* Challenge-Responce authentication */
+       /* Send Challenge */
+       make_challenge(challenge, AUTHCHALLENGESIZE);
+       vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+       vnc_flush(vs);
+       vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+    }
 
     return 0;
 }
@@ -1342,3 +1415,32 @@ int vnc_start_viewer(int port)
        return pid;
     }
 }
+
+unsigned int seed;
+
+static int make_challenge(char *random, int size)
+{
+ 
+    set_seed(&seed);
+    get_random(size, random);
+
+    return 0;
+}
+
+static void set_seed(unsigned int *seedp)
+{
+    *seedp += (unsigned int)(time(NULL)+getpid()+getpid()*987654+rand());
+    srand(*seedp);
+
+    return;
+}
+
+static void get_random(int len, unsigned char *buf)
+{
+    int i;
+
+    for (i=0; i<len; i++)
+       buf[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
+
+    return;
+}
diff -r 328606e0705f -r 02506a744315 tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c    Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/ioemu/xenstore.c    Fri Oct 20 09:50:09 2006 +0100
@@ -213,3 +213,54 @@ void xenstore_write_vncport(int display)
     free(portstr);
     free(buf);
 }
+
+int xenstore_read_vncpasswd(int domid)
+{
+    extern char vncpasswd[64];
+    char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
+    unsigned int i, len, rc = 0;
+
+    if (xsh == NULL) {
+       return -1;
+    }
+
+    path = xs_get_domain_path(xsh, domid);
+    if (path == NULL) {
+       fprintf(logfile, "xs_get_domain_path() error. domid %d.\n", domid);
+       return -1;
+    }
+
+    pasprintf(&buf, "%s/vm", path);
+    uuid = xs_read(xsh, XBT_NULL, buf, &len);
+    if (uuid == NULL) {
+       fprintf(logfile, "xs_read(): uuid get error. %s.\n", buf);
+       free(path);
+       return -1;
+    }
+
+    pasprintf(&buf, "%s/vncpasswd", uuid);
+    passwd = xs_read(xsh, XBT_NULL, buf, &len);
+    if (passwd == NULL) {
+       fprintf(logfile, "xs_read(): vncpasswd get error. %s.\n", buf);
+       free(uuid);
+       free(path);
+       return rc;
+    }
+
+    for (i=0; i<len && i<63; i++) {
+       vncpasswd[i] = passwd[i];
+       passwd[i] = '\0';
+    }
+    vncpasswd[len] = '\0';
+    pasprintf(&buf, "%s/vncpasswd", uuid);
+    if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
+       fprintf(logfile, "xs_write() vncpasswd failed.\n");
+       rc = -1;
+    }
+
+    free(passwd);
+    free(uuid);
+    free(path);
+
+    return rc;
+}
diff -r 328606e0705f -r 02506a744315 tools/python/xen/xend/XendRoot.py
--- a/tools/python/xen/xend/XendRoot.py Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/python/xen/xend/XendRoot.py Fri Oct 20 09:50:09 2006 +0100
@@ -96,6 +96,8 @@ class XendRoot:
     dom0_min_mem_default = '0'
 
     dom0_vcpus_default = '0'
+
+    vncpasswd_default = None
 
     """Default interface to listen for VNC connections on"""
     xend_vnc_listen_default = '127.0.0.1'
@@ -279,6 +281,10 @@ class XendRoot:
     def get_vnclisten_address(self):
         return self.get_config_value('vnc-listen', 
self.xend_vnc_listen_default)
 
+    def get_vncpasswd_default(self):
+        return self.get_config_value('vncpasswd',
+                                     self.vncpasswd_default)
+
 def instance():
     """Get an instance of XendRoot.
     Use this instead of the constructor.
diff -r 328606e0705f -r 02506a744315 tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py    Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/python/xen/xend/image.py    Fri Oct 20 09:50:09 2006 +0100
@@ -354,23 +354,49 @@ class HVMImageHandler(ImageHandler):
         sdl = sxp.child_value(config, 'sdl')
         ret = []
         nographic = sxp.child_value(config, 'nographic')
+
+        # get password from VM config (if password omitted, None)
+        vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
+
         if nographic:
             ret.append('-nographic')
+            # remove password
+            if vncpasswd_vmconfig:
+                config.remove(['vncpasswd', vncpasswd_vmconfig])
             return ret
+
         if vnc:
             vncdisplay = sxp.child_value(config, 'vncdisplay',
                                          int(self.vm.getDomid()))
+
             vncunused = sxp.child_value(config, 'vncunused')
             if vncunused:
                 ret += ['-vncunused']
             else:
                 ret += ['-vnc', '%d' % vncdisplay]
+
             ret += ['-k', 'en-us']
+
             vnclisten = sxp.child_value(config, 'vnclisten')
             if not(vnclisten):
-                vnclisten = 
xen.xend.XendRoot.instance().get_vnclisten_address()
+                vnclisten = (xen.xend.XendRoot.instance().
+                             get_vnclisten_address())
             if vnclisten:
                 ret += ['-vnclisten', vnclisten]
+
+            vncpasswd = vncpasswd_vmconfig
+            if vncpasswd is None:
+                vncpasswd = (xen.xend.XendRoot.instance().
+                             get_vncpasswd_default())
+                if vncpasswd is None:
+                    raise VmError('vncpasswd is not set up in ' +
+                                  'VMconfig and xend-config.')
+            if vncpasswd != '':
+                self.vm.storeVm("vncpasswd", vncpasswd)
+
+        # remove password
+        config.remove(['vncpasswd', vncpasswd_vmconfig])
+
         return ret
 
     def createDeviceModel(self):
diff -r 328606e0705f -r 02506a744315 tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py     Fri Oct 20 09:32:16 2006 +0100
+++ b/tools/python/xen/xm/create.py     Fri Oct 20 09:50:09 2006 +0100
@@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short='
 gopts.opt('console_autoconnect', short='c',
           fn=set_true, default=0,
           use="Connect to the console after the domain is created.")
+
+gopts.var('vncpasswd', val='NAME',
+          fn=set_value, default=None,
+          use="Password for VNC console on HVM domain.")
 
 gopts.var('vncviewer', val='no|yes',
           fn=set_bool, default=None,
@@ -643,6 +647,7 @@ def configure_hvm(config_image, vals):
     for a in args:
         if (vals.__dict__[a]):
             config_image.append([a, vals.__dict__[a]])
+    config_image.append(['vncpasswd', vals.vncpasswd])
 
 def run_bootloader(vals, config_image):
     if not os.access(vals.bootloader, os.X_OK):
diff -r 328606e0705f -r 02506a744315 tools/ioemu/d3des.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.c       Fri Oct 20 09:50:09 2006 +0100
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.  Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code;  Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8]       = {
+       01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+       0x800000L,      0x400000L,      0x200000L,      0x100000L,
+       0x80000L,       0x40000L,       0x20000L,       0x10000L,
+       0x8000L,        0x4000L,        0x2000L,        0x1000L,
+       0x800L,         0x400L,         0x200L,         0x100L,
+       0x80L,          0x40L,          0x20L,          0x10L,
+       0x8L,           0x4L,           0x2L,           0x1L    };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+       56, 48, 40, 32, 24, 16,  8,      0, 57, 49, 41, 33, 25, 17,
+        9,  1, 58, 50, 42, 34, 26,     18, 10,  2, 59, 51, 43, 35,
+       62, 54, 46, 38, 30, 22, 14,      6, 61, 53, 45, 37, 29, 21,
+       13,  5, 60, 52, 44, 36, 28,     20, 12,  4, 27, 19, 11,  3 };
+
+static unsigned char totrot[16] = {
+       1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+       13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+       22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+       40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+       43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf)  /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+       register int i, j, l, m, n;
+       unsigned char pc1m[56], pcr[56];
+       unsigned long kn[32];
+
+       for ( j = 0; j < 56; j++ ) {
+               l = pc1[j];
+               m = l & 07;
+               pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+               }
+       for( i = 0; i < 16; i++ ) {
+               if( edf == DE1 ) m = (15 - i) << 1;
+               else m = i << 1;
+               n = m + 1;
+               kn[m] = kn[n] = 0L;
+               for( j = 0; j < 28; j++ ) {
+                       l = j + totrot[i];
+                       if( l < 28 ) pcr[j] = pc1m[l];
+                       else pcr[j] = pc1m[l - 28];
+                       }
+               for( j = 28; j < 56; j++ ) {
+                   l = j + totrot[i];
+                   if( l < 56 ) pcr[j] = pc1m[l];
+                   else pcr[j] = pc1m[l - 28];
+                   }
+               for( j = 0; j < 24; j++ ) {
+                       if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+                       if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+                       }
+               }
+       cookey(kn);
+       return;
+       }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+       register unsigned long *cook, *raw0;
+       unsigned long dough[32];
+       register int i;
+
+       cook = dough;
+       for( i = 0; i < 16; i++, raw1++ ) {
+               raw0 = raw1++;
+               *cook    = (*raw0 & 0x00fc0000L) << 6;
+               *cook   |= (*raw0 & 0x00000fc0L) << 10;
+               *cook   |= (*raw1 & 0x00fc0000L) >> 10;
+               *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+               *cook    = (*raw0 & 0x0003f000L) << 12;
+               *cook   |= (*raw0 & 0x0000003fL) << 16;
+               *cook   |= (*raw1 & 0x0003f000L) >> 4;
+               *cook++ |= (*raw1 & 0x0000003fL);
+               }
+       usekey(dough);
+       return;
+       }
+
+void cpkey(into)
+register unsigned long *into;
+{
+       register unsigned long *from, *endp;
+
+       from = KnL, endp = &KnL[32];
+       while( from < endp ) *into++ = *from++;
+       return;
+       }
+
+void usekey(from)
+register unsigned long *from;
+{
+       register unsigned long *to, *endp;
+
+       to = KnL, endp = &KnL[32];
+       while( to < endp ) *to++ = *from++;
+       return;
+       }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+       unsigned long work[2];
+
+       scrunch(inblock, work);
+       desfunc(work, KnL);
+       unscrun(work, outblock);
+       return;
+       }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+       *into    = (*outof++ & 0xffL) << 24;
+       *into   |= (*outof++ & 0xffL) << 16;
+       *into   |= (*outof++ & 0xffL) << 8;
+       *into++ |= (*outof++ & 0xffL);
+       *into    = (*outof++ & 0xffL) << 24;
+       *into   |= (*outof++ & 0xffL) << 16;
+       *into   |= (*outof++ & 0xffL) << 8;
+       *into   |= (*outof   & 0xffL);
+       return;
+       }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+       *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+       *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+       *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+       *into++ = (unsigned char)(*outof++       & 0xffL);
+       *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+       *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+       *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+       *into   =  (unsigned char)(*outof        & 0xffL);
+       return;
+       }
+
+static unsigned long SP1[64] = {
+       0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+       0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+       0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+       0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+       0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+       0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+       0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+       0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+       0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+       0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+       0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+       0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+       0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+       0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+       0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+       0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+       0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+       0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+       0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+       0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+       0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+       0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+       0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+       0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+       0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+       0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+       0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+       0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+       0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+       0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+       0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+       0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+       0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+       0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+       0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+       0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+       0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+       0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+       0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+       0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+       0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+       0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+       0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+       0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+       0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+       0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+       0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+       0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+       0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+       0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+       0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+       0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+       0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+       0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+       0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+       0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+       0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+       0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+       0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+       0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+       0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+       0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+       0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+       0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+       0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+       0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+       0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+       0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+       0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+       0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+       0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+       0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+       0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+       0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+       0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+       0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+       0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+       0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+       0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+       0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+       0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+       0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+       0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+       0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+       0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+       0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+       0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+       0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+       0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+       0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+       0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+       0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+       0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+       0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+       0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+       0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+       0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+       0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+       0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+       0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+       0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+       0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+       0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+       0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+       0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+       0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+       0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+       0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+       0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+       0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+       0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+       0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+       0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+       0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+       0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+       0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+       0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+       0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+       0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+       0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+       0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+       0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+       0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+       0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+       0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+       0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+       0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+       0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+       register unsigned long fval, work, right, leftt;
+       register int round;
+
+       leftt = block[0];
+       right = block[1];
+       work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+       right ^= work;
+       leftt ^= (work << 4);
+       work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+       right ^= work;
+       leftt ^= (work << 16);
+       work = ((right >> 2) ^ leftt) & 0x33333333L;
+       leftt ^= work;
+       right ^= (work << 2);
+       work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+       leftt ^= work;
+       right ^= (work << 8);
+       right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+       work = (leftt ^ right) & 0xaaaaaaaaL;
+       leftt ^= work;
+       right ^= work;
+       leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+       for( round = 0; round < 8; round++ ) {
+               work  = (right << 28) | (right >> 4);
+               work ^= *keys++;
+               fval  = SP7[ work                & 0x3fL];
+               fval |= SP5[(work >>  8) & 0x3fL];
+               fval |= SP3[(work >> 16) & 0x3fL];
+               fval |= SP1[(work >> 24) & 0x3fL];
+               work  = right ^ *keys++;
+               fval |= SP8[ work                & 0x3fL];
+               fval |= SP6[(work >>  8) & 0x3fL];
+               fval |= SP4[(work >> 16) & 0x3fL];
+               fval |= SP2[(work >> 24) & 0x3fL];
+               leftt ^= fval;
+               work  = (leftt << 28) | (leftt >> 4);
+               work ^= *keys++;
+               fval  = SP7[ work                & 0x3fL];
+               fval |= SP5[(work >>  8) & 0x3fL];
+               fval |= SP3[(work >> 16) & 0x3fL];
+               fval |= SP1[(work >> 24) & 0x3fL];
+               work  = leftt ^ *keys++;
+               fval |= SP8[ work                & 0x3fL];
+               fval |= SP6[(work >>  8) & 0x3fL];
+               fval |= SP4[(work >> 16) & 0x3fL];
+               fval |= SP2[(work >> 24) & 0x3fL];
+               right ^= fval;
+               }
+
+       right = (right << 31) | (right >> 1);
+       work = (leftt ^ right) & 0xaaaaaaaaL;
+       leftt ^= work;
+       right ^= work;
+       leftt = (leftt << 31) | (leftt >> 1);
+       work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+       right ^= work;
+       leftt ^= (work << 8);
+       work = ((leftt >> 2) ^ right) & 0x33333333L;
+       right ^= work;
+       leftt ^= (work << 2);
+       work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+       leftt ^= work;
+       right ^= (work << 16);
+       work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+       leftt ^= work;
+       right ^= (work << 4);
+       *block++ = right;
+       *block = leftt;
+       return;
+       }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -r 328606e0705f -r 02506a744315 tools/ioemu/d3des.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.h       Fri Oct 20 09:50:09 2006 +0100
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ *     Headers and defines for d3des.c
+ *     Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ *     (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0    0       /* MODE == encrypt */
+#define DE1    1       /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/*                   hexkey[8]     MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/*                 cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/*                cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/*                 from[8]           to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'.  They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.