[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH][Take 3] VNC authentification
Hi, This is take 3 on VNC authentification. The specification is as mentioned at http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html The difference is follows. - Correction corresponding to plain VNC password base64 decode and DES decrypt was not used. - /dev/random was not used. Perhaps, in the source code that I had seen, standard C 'random()' was used with Win32. However, exhausted entropy pool is certainly no good. Thanks all. Signed-off-by: Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx> Best regards, Watanabe ----- diff -r f426f6e646eb tools/examples/xend-config.sxp --- a/tools/examples/xend-config.sxp Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/examples/xend-config.sxp Tue Oct 03 23:32:54 2006 +0900 @@ -130,3 +130,7 @@ # The tool used for initiating virtual TPM migration #(external-migration-tool '') + +# The default password for VNC console on HVM domain. +# Empty string is no authentication. +(vncpasswd '') diff -r f426f6e646eb tools/examples/xmexample.hvm --- a/tools/examples/xmexample.hvm Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/examples/xmexample.hvm Tue Oct 03 23:33:23 2006 +0900 @@ -145,6 +145,11 @@ vnc=1 #vncconsole=0 #---------------------------------------------------------------------------- +# set password for domain's VNC console +# default is depents on vncpasswd in xend-config.sxp +vncpasswd='' + +#---------------------------------------------------------------------------- # no graphics, use serial port #nographic=0 diff -r f426f6e646eb tools/examples/xmexample.vti --- a/tools/examples/xmexample.vti Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/examples/xmexample.vti Tue Oct 03 23:33:38 2006 +0900 @@ -95,6 +95,11 @@ vnc=0 #vncconsole=0 #---------------------------------------------------------------------------- +# set password for domain's VNC console +# default is depents on vncpasswd in xend-config.sxp +vncpasswd='' + +#---------------------------------------------------------------------------- # no graphics, use serial port #nographic=0 diff -r f426f6e646eb tools/ioemu/Makefile.target --- a/tools/ioemu/Makefile.target Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/ioemu/Makefile.target Tue Oct 03 23:34:09 2006 +0900 @@ -398,6 +398,7 @@ VL_OBJS+=sdl.o VL_OBJS+=sdl.o endif VL_OBJS+=vnc.o +VL_OBJS+=d3des.o ifdef CONFIG_COCOA VL_OBJS+=cocoa.o COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit @@ -456,6 +457,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h $(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $< vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h + $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $< + +d3des.o: d3des.c d3des.h $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $< sdlaudio.o: sdlaudio.c diff -r f426f6e646eb tools/ioemu/vl.c --- a/tools/ioemu/vl.c Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/ioemu/vl.c Tue Oct 03 23:35:01 2006 +0900 @@ -169,6 +169,9 @@ time_t timeoffset = 0; char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'}; extern int domid; + +char vncpasswd[64]; +unsigned char challenge[AUTHCHALLENGESIZE]; /***********************************************************/ /* x86 ISA bus support */ @@ -5901,6 +5904,7 @@ int main(int argc, char **argv) vncunused = 0; kernel_filename = NULL; kernel_cmdline = ""; + *vncpasswd = '\0'; #ifndef CONFIG_DM #ifdef TARGET_PPC cdrom_index = 1; @@ -6544,6 +6548,10 @@ int main(int argc, char **argv) init_ioports(); + /* read vncpasswd from xenstore */ + if (0 > xenstore_read_vncpasswd(domid)) + exit(1); + /* terminal init */ if (nographic) { dumb_display_init(ds); diff -r f426f6e646eb tools/ioemu/vl.h --- a/tools/ioemu/vl.h Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/ioemu/vl.h Tue Oct 03 23:35:17 2006 +0900 @@ -1209,6 +1209,7 @@ void xenstore_process_event(void *opaque void xenstore_process_event(void *opaque); void xenstore_check_new_media_present(int timeout); void xenstore_write_vncport(int vnc_display); +int xenstore_read_vncpasswd(int domid); /* xen_platform.c */ void pci_xen_platform_init(PCIBus *bus); @@ -1220,4 +1221,7 @@ extern char domain_name[]; void destroy_hvm_domain(void); +/* VNC Authentication */ +#define AUTHCHALLENGESIZE 16 + #endif /* VL_H */ diff -r f426f6e646eb tools/ioemu/vnc.c --- a/tools/ioemu/vnc.c Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/ioemu/vnc.c Tue Oct 03 23:36:20 2006 +0900 @@ -44,6 +44,7 @@ #include "vnc_keysym.h" #include "keymaps.c" +#include "d3des.h" #define XK_MISCELLANY #define XK_LATIN1 @@ -137,6 +138,10 @@ static void vnc_update_client(void *opaq static void vnc_update_client(void *opaque); static void vnc_client_read(void *opaque); static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h); +static int vnc_auth(VncState *vs); +static int make_challenge(char *random, int size); +static void set_seed(unsigned int *seedp); +static void get_random(int len, unsigned char *buf); #if 0 static inline void vnc_set_bit(uint32_t *d, int k) @@ -1221,7 +1226,47 @@ static int protocol_version(VncState *vs return 0; } - vnc_write_u32(vs, 1); /* None */ + vnc_auth(vs); /* Challenge-Responce authentication */ + + return 0; +} + +static int protocol_authtype(VncState *vs, char *type, size_t len) +{ + return 0; +} + +static int protocol_response(VncState *vs, char *client_response, size_t len) +{ + extern char vncpasswd[64]; + extern unsigned char challenge[AUTHCHALLENGESIZE]; + unsigned char cryptchallenge[AUTHCHALLENGESIZE]; + unsigned char key[8]; + int passwdlen, i, j; + + memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE); + + /* Calculate the sent challenge */ + passwdlen = strlen(vncpasswd); + for (i=0; i<8; i++) + key[i] = i<passwdlen ? vncpasswd[i] : 0; + deskey(key, EN0); + for (j = 0; j < AUTHCHALLENGESIZE; j += 8) + des(cryptchallenge+j, cryptchallenge+j); + + /* Check the actual response */ + if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) { + /* password error */ + vnc_write_u32(vs, 1); + vnc_write_u32(vs, 22); + vnc_write(vs, "Authentication failure", 22); + vnc_flush(vs); + fprintf(logfile, "VNC Password error.\n"); + vnc_client_error(vs); + return 0; + } + + vnc_write_u32(vs, 0); vnc_flush(vs); vnc_read_when(vs, protocol_client_init, 1); @@ -1344,3 +1389,63 @@ int vnc_start_viewer(int port) return pid; } } + +static int vnc_auth(VncState *vs) +{ + extern char vncpasswd[64]; + extern unsigned char challenge[AUTHCHALLENGESIZE]; + + if (*vncpasswd == '\0') { + /* AuthType is None */ + vnc_write_u32(vs, 1); + vnc_flush(vs); + vnc_read_when(vs, protocol_client_init, 1); + } else { + /* AuthType is VncAuth */ + vnc_write_u32(vs, 2); + vnc_flush(vs); + + /* Read AuthType */ + vnc_read_when(vs, protocol_authtype, 1); + + /* Send Challenge */ + make_challenge(challenge, AUTHCHALLENGESIZE); + vnc_write(vs, challenge, AUTHCHALLENGESIZE); + vnc_flush(vs); + + /* Read Responce */ + vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE); + } + + return 0; +} + +unsigned int seed; + +static int make_challenge(char *random, int size) +{ + + set_seed(&seed); + get_random(size, random); + + return 0; +} + +static void set_seed(unsigned int *seedp) +{ + *seedp += (unsigned int)(time(NULL)+getpid()+getpid()*987654+rand()); + srand(*seedp); + + return; +} + +static void get_random(int len, unsigned char *buf) +{ + int i; + + for (i=0; i<len; i++) + buf[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); + + return; +} + diff -r f426f6e646eb tools/ioemu/xenstore.c --- a/tools/ioemu/xenstore.c Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/ioemu/xenstore.c Tue Oct 03 23:36:45 2006 +0900 @@ -213,3 +213,60 @@ void xenstore_write_vncport(int display) free(portstr); free(buf); } + +int xenstore_read_vncpasswd(int domid) +{ + extern char vncpasswd[64]; + char *buf = NULL, *path, *uuid = NULL, *passwd = NULL; + unsigned int i, len, rc = 0; + + if (xsh == NULL) { + return -1; + } + + path = xs_get_domain_path(xsh, domid); + if (path == NULL) { + fprintf(logfile, "xs_get_domain_path() error\n"); + return -1; + } + + pasprintf(&buf, "%s/vm", path); + uuid = xs_read(xsh, XBT_NULL, buf, &len); + if (uuid == NULL) { + fprintf(logfile, "xs_read(): uuid get error\n"); + free(path); + return -1; + } + + pasprintf(&buf, "%s/vncpasswd", uuid); + passwd = xs_read(xsh, XBT_NULL, buf, &len); + if (passwd == NULL) { + free(uuid); + free(path); + return rc; + } + + for (i=0; i<len && i<63; i++) { + vncpasswd[i] = passwd[i]; + passwd[i] = '\0'; + } + vncpasswd[len] = '\0'; + + if (pasprintf(&buf, "%s/vncpasswd", uuid) == -1) { + fprintf(logfile, "pasprintf() vncpasswd failed\n"); + goto out2; + rc = -1; + } + if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) { + fprintf(logfile, "xs_write() vncpasswd failed\n"); + rc = -1; + } + + + out2: + free(passwd); + free(uuid); + free(path); + + return rc; +} diff -r f426f6e646eb tools/python/xen/xend/XendRoot.py --- a/tools/python/xen/xend/XendRoot.py Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/python/xen/xend/XendRoot.py Tue Oct 03 23:38:49 2006 +0900 @@ -95,6 +95,8 @@ class XendRoot: dom0_min_mem_default = '0' dom0_vcpus_default = '0' + + vncpasswd_default = None components = {} @@ -272,6 +274,10 @@ class XendRoot: def get_console_limit(self): return self.get_config_int('console-limit', 1024) + def get_vncpasswd_default(self): + return self.get_config_value('vncpasswd', + self.vncpasswd_default) + def instance(): """Get an instance of XendRoot. Use this instead of the constructor. diff -r f426f6e646eb tools/python/xen/xend/image.py --- a/tools/python/xen/xend/image.py Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/python/xen/xend/image.py Tue Oct 03 23:47:00 2006 +0900 @@ -349,8 +349,16 @@ class HVMImageHandler(ImageHandler): sdl = sxp.child_value(config, 'sdl') ret = [] nographic = sxp.child_value(config, 'nographic') + + # get password from VM config(if password omitted, None) + vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd') + vncpasswd = vncpasswd_vmconfig + if nographic: ret.append('-nographic') + # remove password + if vncpasswd_vmconfig: + config.remove(['vncpasswd', vncpasswd_vmconfig]) return ret if vnc: vncdisplay = sxp.child_value(config, 'vncdisplay', @@ -359,6 +367,20 @@ class HVMImageHandler(ImageHandler): vncunused = sxp.child_value(config, 'vncunused') if vncunused: ret += ['-vncunused'] + # get password from xend-config(if password omitted, None) + vncpasswd_default = xen.xend.XendRoot.instance().get_vncpasswd_default() + # password check + if vncpasswd is None: + if vncpasswd_default is None: + raise VmError('vncpasswd is not setuped in VMconfig and xend-config.') + else: + vncpasswd = vncpasswd_default + if vncpasswd!='': + self.vm.storeVm("vncpasswd", vncpasswd) + + # remove password + config.remove(['vncpasswd', vncpasswd_vmconfig]) + return ret def createDeviceModel(self): diff -r f426f6e646eb tools/python/xen/xm/create.py --- a/tools/python/xen/xm/create.py Mon Oct 02 18:04:56 2006 +0100 +++ b/tools/python/xen/xm/create.py Tue Oct 03 23:49:11 2006 +0900 @@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short=' gopts.opt('console_autoconnect', short='c', fn=set_true, default=0, use="Connect to the console after the domain is created.") + +gopts.var('vncpasswd', val='NAME', + fn=set_value, default=None, + use="Password for VNC console on HVM domain.") gopts.var('vncviewer', val='no|yes', fn=set_bool, default=None, @@ -638,6 +642,7 @@ def configure_hvm(config_image, vals): for a in args: if (vals.__dict__[a]): config_image.append([a, vals.__dict__[a]]) + config_image.append(['vncpasswd', vals.vncpasswd]) def run_bootloader(vals, config_image): if not os.access(vals.bootloader, os.X_OK): diff -r f426f6e646eb tools/ioemu/d3des.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tools/ioemu/d3des.c Tue Oct 03 23:34:25 2006 +0900 @@ -0,0 +1,434 @@ +/* + * This is D3DES (V5.09) by Richard Outerbridge with the double and + * triple-length support removed for use in VNC. Also the bytebit[] array + * has been reversed so that the most significant bit in each byte of the + * key is ignored, not the least significant. + * + * These changes are: + * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* D3DES (V5.09) - + * + * A portable, public domain, version of the Data Encryption Standard. + * + * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge. + * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation + * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis + * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau, + * for humouring me on. + * + * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. + * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992. + */ + +#include "d3des.h" + +static void scrunch(unsigned char *, unsigned long *); +static void unscrun(unsigned long *, unsigned char *); +static void desfunc(unsigned long *, unsigned long *); +static void cookey(unsigned long *); + +static unsigned long KnL[32] = { 0L }; + +static unsigned short bytebit[8] = { + 01, 02, 04, 010, 020, 040, 0100, 0200 }; + +static unsigned long bigbyte[24] = { + 0x800000L, 0x400000L, 0x200000L, 0x100000L, + 0x80000L, 0x40000L, 0x20000L, 0x10000L, + 0x8000L, 0x4000L, 0x2000L, 0x1000L, + 0x800L, 0x400L, 0x200L, 0x100L, + 0x80L, 0x40L, 0x20L, 0x10L, + 0x8L, 0x4L, 0x2L, 0x1L }; + +/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */ + +static unsigned char pc1[56] = { + 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, + 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, + 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, + 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 }; + +static unsigned char totrot[16] = { + 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 }; + +static unsigned char pc2[48] = { + 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9, + 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1, + 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47, + 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 }; + +void deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */ +unsigned char *key; +int edf; +{ + register int i, j, l, m, n; + unsigned char pc1m[56], pcr[56]; + unsigned long kn[32]; + + for ( j = 0; j < 56; j++ ) { + l = pc1[j]; + m = l & 07; + pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0; + } + for( i = 0; i < 16; i++ ) { + if( edf == DE1 ) m = (15 - i) << 1; + else m = i << 1; + n = m + 1; + kn[m] = kn[n] = 0L; + for( j = 0; j < 28; j++ ) { + l = j + totrot[i]; + if( l < 28 ) pcr[j] = pc1m[l]; + else pcr[j] = pc1m[l - 28]; + } + for( j = 28; j < 56; j++ ) { + l = j + totrot[i]; + if( l < 56 ) pcr[j] = pc1m[l]; + else pcr[j] = pc1m[l - 28]; + } + for( j = 0; j < 24; j++ ) { + if( pcr[pc2[j]] ) kn[m] |= bigbyte[j]; + if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j]; + } + } + cookey(kn); + return; + } + +static void cookey(raw1) +register unsigned long *raw1; +{ + register unsigned long *cook, *raw0; + unsigned long dough[32]; + register int i; + + cook = dough; + for( i = 0; i < 16; i++, raw1++ ) { + raw0 = raw1++; + *cook = (*raw0 & 0x00fc0000L) << 6; + *cook |= (*raw0 & 0x00000fc0L) << 10; + *cook |= (*raw1 & 0x00fc0000L) >> 10; + *cook++ |= (*raw1 & 0x00000fc0L) >> 6; + *cook = (*raw0 & 0x0003f000L) << 12; + *cook |= (*raw0 & 0x0000003fL) << 16; + *cook |= (*raw1 & 0x0003f000L) >> 4; + *cook++ |= (*raw1 & 0x0000003fL); + } + usekey(dough); + return; + } + +void cpkey(into) +register unsigned long *into; +{ + register unsigned long *from, *endp; + + from = KnL, endp = &KnL[32]; + while( from < endp ) *into++ = *from++; + return; + } + +void usekey(from) +register unsigned long *from; +{ + register unsigned long *to, *endp; + + to = KnL, endp = &KnL[32]; + while( to < endp ) *to++ = *from++; + return; + } + +void des(inblock, outblock) +unsigned char *inblock, *outblock; +{ + unsigned long work[2]; + + scrunch(inblock, work); + desfunc(work, KnL); + unscrun(work, outblock); + return; + } + +static void scrunch(outof, into) +register unsigned char *outof; +register unsigned long *into; +{ + *into = (*outof++ & 0xffL) << 24; + *into |= (*outof++ & 0xffL) << 16; + *into |= (*outof++ & 0xffL) << 8; + *into++ |= (*outof++ & 0xffL); + *into = (*outof++ & 0xffL) << 24; + *into |= (*outof++ & 0xffL) << 16; + *into |= (*outof++ & 0xffL) << 8; + *into |= (*outof & 0xffL); + return; + } + +static void unscrun(outof, into) +register unsigned long *outof; +register unsigned char *into; +{ + *into++ = (unsigned char)((*outof >> 24) & 0xffL); + *into++ = (unsigned char)((*outof >> 16) & 0xffL); + *into++ = (unsigned char)((*outof >> 8) & 0xffL); + *into++ = (unsigned char)(*outof++ & 0xffL); + *into++ = (unsigned char)((*outof >> 24) & 0xffL); + *into++ = (unsigned char)((*outof >> 16) & 0xffL); + *into++ = (unsigned char)((*outof >> 8) & 0xffL); + *into = (unsigned char)(*outof & 0xffL); + return; + } + +static unsigned long SP1[64] = { + 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L, + 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L, + 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L, + 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L, + 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L, + 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L, + 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L, + 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L, + 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L, + 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L, + 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L, + 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L, + 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L, + 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L, + 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L, + 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L }; + +static unsigned long SP2[64] = { + 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L, + 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L, + 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L, + 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L, + 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L, + 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L, + 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L, + 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L, + 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L, + 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L, + 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L, + 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L, + 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L, + 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L, + 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L, + 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L }; + +static unsigned long SP3[64] = { + 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L, + 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L, + 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L, + 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L, + 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L, + 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L, + 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L, + 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L, + 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L, + 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L, + 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L, + 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L, + 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L, + 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L, + 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L, + 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L }; + +static unsigned long SP4[64] = { + 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, + 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L, + 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L, + 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L, + 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L, + 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L, + 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L, + 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L, + 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L, + 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L, + 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L, + 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, + 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L, + 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L, + 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L, + 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L }; + +static unsigned long SP5[64] = { + 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L, + 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L, + 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L, + 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L, + 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L, + 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L, + 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L, + 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L, + 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L, + 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L, + 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L, + 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L, + 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L, + 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L, + 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L, + 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L }; + +static unsigned long SP6[64] = { + 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L, + 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L, + 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L, + 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L, + 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L, + 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L, + 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L, + 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L, + 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L, + 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L, + 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L, + 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L, + 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L, + 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L, + 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L, + 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L }; + +static unsigned long SP7[64] = { + 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L, + 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L, + 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L, + 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L, + 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L, + 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L, + 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L, + 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L, + 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L, + 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L, + 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L, + 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L, + 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L, + 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L, + 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L, + 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L }; + +static unsigned long SP8[64] = { + 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L, + 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L, + 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L, + 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L, + 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L, + 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L, + 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L, + 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L, + 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L, + 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L, + 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L, + 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L, + 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L, + 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L, + 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L, + 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L }; + +static void desfunc(block, keys) +register unsigned long *block, *keys; +{ + register unsigned long fval, work, right, leftt; + register int round; + + leftt = block[0]; + right = block[1]; + work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL; + right ^= work; + leftt ^= (work << 4); + work = ((leftt >> 16) ^ right) & 0x0000ffffL; + right ^= work; + leftt ^= (work << 16); + work = ((right >> 2) ^ leftt) & 0x33333333L; + leftt ^= work; + right ^= (work << 2); + work = ((right >> 8) ^ leftt) & 0x00ff00ffL; + leftt ^= work; + right ^= (work << 8); + right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL; + work = (leftt ^ right) & 0xaaaaaaaaL; + leftt ^= work; + right ^= work; + leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL; + + for( round = 0; round < 8; round++ ) { + work = (right << 28) | (right >> 4); + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = right ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + leftt ^= fval; + work = (leftt << 28) | (leftt >> 4); + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = leftt ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + right ^= fval; + } + + right = (right << 31) | (right >> 1); + work = (leftt ^ right) & 0xaaaaaaaaL; + leftt ^= work; + right ^= work; + leftt = (leftt << 31) | (leftt >> 1); + work = ((leftt >> 8) ^ right) & 0x00ff00ffL; + right ^= work; + leftt ^= (work << 8); + work = ((leftt >> 2) ^ right) & 0x33333333L; + right ^= work; + leftt ^= (work << 2); + work = ((right >> 16) ^ leftt) & 0x0000ffffL; + leftt ^= work; + right ^= (work << 16); + work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL; + leftt ^= work; + right ^= (work << 4); + *block++ = right; + *block = leftt; + return; + } + +/* Validation sets: + * + * Single-length key, single-length plaintext - + * Key : 0123 4567 89ab cdef + * Plain : 0123 4567 89ab cde7 + * Cipher : c957 4425 6a5e d31d + * + * Double-length key, single-length plaintext - + * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 + * Plain : 0123 4567 89ab cde7 + * Cipher : 7f1d 0a77 826b 8aff + * + * Double-length key, double-length plaintext - + * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 + * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff + * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7 + * + * Triple-length key, single-length plaintext - + * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567 + * Plain : 0123 4567 89ab cde7 + * Cipher : de0b 7c06 ae5e 0ed5 + * + * Triple-length key, double-length plaintext - + * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567 + * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff + * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5 + * + * d3des V5.0a rwo 9208.07 18:44 Graven Imagery + **********************************************************************/ diff -r f426f6e646eb tools/ioemu/d3des.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tools/ioemu/d3des.h Tue Oct 03 23:34:25 2006 +0900 @@ -0,0 +1,51 @@ +/* + * This is D3DES (V5.09) by Richard Outerbridge with the double and + * triple-length support removed for use in VNC. + * + * These changes are: + * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* d3des.h - + * + * Headers and defines for d3des.c + * Graven Imagery, 1992. + * + * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge + * (GEnie : OUTER; CIS : [71755,204]) + */ + +#define EN0 0 /* MODE == encrypt */ +#define DE1 1 /* MODE == decrypt */ + +extern void deskey(unsigned char *, int); +/* hexkey[8] MODE + * Sets the internal key register according to the hexadecimal + * key contained in the 8 bytes of hexkey, according to the DES, + * for encryption or decryption according to MODE. + */ + +extern void usekey(unsigned long *); +/* cookedkey[32] + * Loads the internal key register with the data in cookedkey. + */ + +extern void cpkey(unsigned long *); +/* cookedkey[32] + * Copies the contents of the internal key register into the storage + * located at &cookedkey[0]. + */ + +extern void des(unsigned char *, unsigned char *); +/* from[8] to[8] + * Encrypts/Decrypts (according to the key currently loaded in the + * internal key register) one block of eight bytes at address 'from' + * into the block at address 'to'. They can be the same. + */ + +/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery + ********************************************************************/ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |