[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH][Take 3] VNC authentification



Hi,

This is take 3 on VNC authentification.

The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
The difference is follows.
- Correction corresponding to plain VNC password
  base64 decode and DES decrypt was not used.
- /dev/random was not used.
  Perhaps, in the source code that I had seen, standard C 'random()'
  was used with Win32.
  However, exhausted entropy pool is certainly no good.

Thanks all.


Signed-off-by: Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx>

Best regards,
Watanabe


-----
diff -r f426f6e646eb tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp    Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xend-config.sxp    Tue Oct 03 23:32:54 2006 +0900
@@ -130,3 +130,7 @@
 
 # The tool used for initiating virtual TPM migration
 #(external-migration-tool '')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
diff -r f426f6e646eb tools/examples/xmexample.hvm
--- a/tools/examples/xmexample.hvm      Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xmexample.hvm      Tue Oct 03 23:33:23 2006 +0900
@@ -145,6 +145,11 @@ vnc=1
 #vncconsole=0
 
 #----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
 # no graphics, use serial port
 #nographic=0
 
diff -r f426f6e646eb tools/examples/xmexample.vti
--- a/tools/examples/xmexample.vti      Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xmexample.vti      Tue Oct 03 23:33:38 2006 +0900
@@ -95,6 +95,11 @@ vnc=0
 #vncconsole=0
 
 #----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
 # no graphics, use serial port
 #nographic=0
 
diff -r f426f6e646eb tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target       Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/Makefile.target       Tue Oct 03 23:34:09 2006 +0900
@@ -398,6 +398,7 @@ VL_OBJS+=sdl.o
 VL_OBJS+=sdl.o
 endif
 VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
 ifdef CONFIG_COCOA
 VL_OBJS+=cocoa.o
 COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -456,6 +457,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h
        $(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<
 
 vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
+       $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
+d3des.o: d3des.c d3des.h
        $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
 
 sdlaudio.o: sdlaudio.c
diff -r f426f6e646eb tools/ioemu/vl.c
--- a/tools/ioemu/vl.c  Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vl.c  Tue Oct 03 23:35:01 2006 +0900
@@ -169,6 +169,9 @@ time_t timeoffset = 0;
 
 char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
 extern int domid;
+
+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
 
 /***********************************************************/
 /* x86 ISA bus support */
@@ -5901,6 +5904,7 @@ int main(int argc, char **argv)
     vncunused = 0;
     kernel_filename = NULL;
     kernel_cmdline = "";
+    *vncpasswd = '\0';
 #ifndef CONFIG_DM
 #ifdef TARGET_PPC
     cdrom_index = 1;
@@ -6544,6 +6548,10 @@ int main(int argc, char **argv)
 
     init_ioports();
 
+    /* read vncpasswd from xenstore */
+    if (0 > xenstore_read_vncpasswd(domid))
+        exit(1);
+
     /* terminal init */
     if (nographic) {
         dumb_display_init(ds);
diff -r f426f6e646eb tools/ioemu/vl.h
--- a/tools/ioemu/vl.h  Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vl.h  Tue Oct 03 23:35:17 2006 +0900
@@ -1209,6 +1209,7 @@ void xenstore_process_event(void *opaque
 void xenstore_process_event(void *opaque);
 void xenstore_check_new_media_present(int timeout);
 void xenstore_write_vncport(int vnc_display);
+int xenstore_read_vncpasswd(int domid);
 
 /* xen_platform.c */
 void pci_xen_platform_init(PCIBus *bus);
@@ -1220,4 +1221,7 @@ extern char domain_name[];
 
 void destroy_hvm_domain(void);
 
+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
 #endif /* VL_H */
diff -r f426f6e646eb tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vnc.c Tue Oct 03 23:36:20 2006 +0900
@@ -44,6 +44,7 @@
 
 #include "vnc_keysym.h"
 #include "keymaps.c"
+#include "d3des.h"
 
 #define XK_MISCELLANY
 #define XK_LATIN1
@@ -137,6 +138,10 @@ static void vnc_update_client(void *opaq
 static void vnc_update_client(void *opaque);
 static void vnc_client_read(void *opaque);
 static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h);
+static int vnc_auth(VncState *vs);
+static int make_challenge(char *random, int size);
+static void set_seed(unsigned int *seedp);
+static void get_random(int len, unsigned char *buf);
 
 #if 0
 static inline void vnc_set_bit(uint32_t *d, int k)
@@ -1221,7 +1226,47 @@ static int protocol_version(VncState *vs
        return 0;
     }
 
-    vnc_write_u32(vs, 1); /* None */
+    vnc_auth(vs);      /* Challenge-Responce authentication */
+
+    return 0;
+}
+
+static int protocol_authtype(VncState *vs, char *type, size_t len)
+{
+    return 0;
+}
+
+static int protocol_response(VncState *vs, char *client_response, size_t len)
+{
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
+    unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+    unsigned char key[8];
+    int passwdlen, i, j;
+
+    memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+    /* Calculate the sent challenge */
+    passwdlen = strlen(vncpasswd);
+    for (i=0; i<8; i++)
+       key[i] = i<passwdlen ? vncpasswd[i] : 0;
+    deskey(key, EN0);
+    for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+       des(cryptchallenge+j, cryptchallenge+j);
+
+    /* Check the actual response */
+    if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+       /* password error */
+       vnc_write_u32(vs, 1);
+       vnc_write_u32(vs, 22);
+       vnc_write(vs, "Authentication failure", 22);
+       vnc_flush(vs);
+       fprintf(logfile, "VNC Password error.\n");
+       vnc_client_error(vs);
+       return 0;
+    }
+
+    vnc_write_u32(vs, 0);
     vnc_flush(vs);
 
     vnc_read_when(vs, protocol_client_init, 1);
@@ -1344,3 +1389,63 @@ int vnc_start_viewer(int port)
        return pid;
     }
 }
+
+static int vnc_auth(VncState *vs)
+{
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
+
+    if (*vncpasswd == '\0') {
+       /* AuthType is None */
+       vnc_write_u32(vs, 1);
+       vnc_flush(vs);
+       vnc_read_when(vs, protocol_client_init, 1);
+    } else {
+       /* AuthType is VncAuth */
+       vnc_write_u32(vs, 2);
+       vnc_flush(vs);
+
+       /* Read AuthType */
+       vnc_read_when(vs, protocol_authtype, 1);
+
+       /* Send Challenge */
+       make_challenge(challenge, AUTHCHALLENGESIZE);
+       vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+       vnc_flush(vs);
+
+       /* Read Responce */
+       vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+    }
+
+    return 0;
+}
+
+unsigned int seed;
+
+static int make_challenge(char *random, int size)
+{
+ 
+    set_seed(&seed);
+    get_random(size, random);
+
+    return 0;
+}
+
+static void set_seed(unsigned int *seedp)
+{
+    *seedp += (unsigned int)(time(NULL)+getpid()+getpid()*987654+rand());
+    srand(*seedp);
+
+    return;
+}
+
+static void get_random(int len, unsigned char *buf)
+{
+    int i;
+
+    for (i=0; i<len; i++)
+        buf[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
+
+    return;
+}
+
diff -r f426f6e646eb tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c    Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/xenstore.c    Tue Oct 03 23:36:45 2006 +0900
@@ -213,3 +213,60 @@ void xenstore_write_vncport(int display)
     free(portstr);
     free(buf);
 }
+
+int xenstore_read_vncpasswd(int domid)
+{
+    extern char vncpasswd[64];
+    char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
+    unsigned int i, len, rc = 0;
+
+    if (xsh == NULL) {
+       return -1;
+    }
+
+    path = xs_get_domain_path(xsh, domid);
+    if (path == NULL) {
+        fprintf(logfile, "xs_get_domain_path() error\n");
+        return -1;
+    }
+
+    pasprintf(&buf, "%s/vm", path);
+    uuid = xs_read(xsh, XBT_NULL, buf, &len);
+    if (uuid == NULL) {
+        fprintf(logfile, "xs_read(): uuid get error\n");
+       free(path);
+       return -1;
+    }
+
+    pasprintf(&buf, "%s/vncpasswd", uuid);
+    passwd = xs_read(xsh, XBT_NULL, buf, &len);
+    if (passwd == NULL) {
+        free(uuid);
+       free(path);
+       return rc;
+    }
+
+    for (i=0; i<len && i<63; i++) {
+        vncpasswd[i] = passwd[i];
+        passwd[i] = '\0';
+    }
+    vncpasswd[len] = '\0';
+
+    if (pasprintf(&buf, "%s/vncpasswd", uuid) == -1) {
+        fprintf(logfile, "pasprintf() vncpasswd failed\n");
+       goto out2;
+       rc = -1;
+    }
+    if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
+        fprintf(logfile, "xs_write() vncpasswd failed\n");
+       rc = -1;
+    }
+
+
+ out2:
+    free(passwd);
+    free(uuid);
+    free(path);
+
+    return rc;
+}
diff -r f426f6e646eb tools/python/xen/xend/XendRoot.py
--- a/tools/python/xen/xend/XendRoot.py Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xend/XendRoot.py Tue Oct 03 23:38:49 2006 +0900
@@ -95,6 +95,8 @@ class XendRoot:
     dom0_min_mem_default = '0'
 
     dom0_vcpus_default = '0'
+
+    vncpasswd_default = None
 
     components = {}
 
@@ -272,6 +274,10 @@ class XendRoot:
     def get_console_limit(self):
         return self.get_config_int('console-limit', 1024)
 
+    def get_vncpasswd_default(self):
+        return self.get_config_value('vncpasswd',
+                                     self.vncpasswd_default)
+
 def instance():
     """Get an instance of XendRoot.
     Use this instead of the constructor.
diff -r f426f6e646eb tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py    Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xend/image.py    Tue Oct 03 23:47:00 2006 +0900
@@ -349,8 +349,16 @@ class HVMImageHandler(ImageHandler):
         sdl = sxp.child_value(config, 'sdl')
         ret = []
         nographic = sxp.child_value(config, 'nographic')
+
+        # get password from VM config(if password omitted, None)
+        vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
+        vncpasswd = vncpasswd_vmconfig
+
         if nographic:
             ret.append('-nographic')
+            # remove password
+            if vncpasswd_vmconfig:
+                config.remove(['vncpasswd', vncpasswd_vmconfig])
             return ret
         if vnc:
             vncdisplay = sxp.child_value(config, 'vncdisplay',
@@ -359,6 +367,20 @@ class HVMImageHandler(ImageHandler):
             vncunused = sxp.child_value(config, 'vncunused')
             if vncunused:
                 ret += ['-vncunused']
+            # get password from xend-config(if password omitted, None)
+            vncpasswd_default = 
xen.xend.XendRoot.instance().get_vncpasswd_default()
+            # password check
+            if vncpasswd is None:
+                if vncpasswd_default is None:
+                    raise VmError('vncpasswd is not setuped in VMconfig and 
xend-config.')
+                else:
+                    vncpasswd = vncpasswd_default
+            if vncpasswd!='':
+                self.vm.storeVm("vncpasswd", vncpasswd)
+
+        # remove password
+        config.remove(['vncpasswd', vncpasswd_vmconfig])
+
         return ret
 
     def createDeviceModel(self):
diff -r f426f6e646eb tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py     Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xm/create.py     Tue Oct 03 23:49:11 2006 +0900
@@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short='
 gopts.opt('console_autoconnect', short='c',
           fn=set_true, default=0,
           use="Connect to the console after the domain is created.")
+
+gopts.var('vncpasswd', val='NAME',
+          fn=set_value, default=None,
+          use="Password for VNC console on HVM domain.")
 
 gopts.var('vncviewer', val='no|yes',
           fn=set_bool, default=None,
@@ -638,6 +642,7 @@ def configure_hvm(config_image, vals):
     for a in args:
         if (vals.__dict__[a]):
             config_image.append([a, vals.__dict__[a]])
+    config_image.append(['vncpasswd', vals.vncpasswd])
 
 def run_bootloader(vals, config_image):
     if not os.access(vals.bootloader, os.X_OK):
diff -r f426f6e646eb tools/ioemu/d3des.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.c       Tue Oct 03 23:34:25 2006 +0900
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.  Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code;  Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8]       = {
+       01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+       0x800000L,      0x400000L,      0x200000L,      0x100000L,
+       0x80000L,       0x40000L,       0x20000L,       0x10000L,
+       0x8000L,        0x4000L,        0x2000L,        0x1000L,
+       0x800L,         0x400L,         0x200L,         0x100L,
+       0x80L,          0x40L,          0x20L,          0x10L,
+       0x8L,           0x4L,           0x2L,           0x1L    };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+       56, 48, 40, 32, 24, 16,  8,      0, 57, 49, 41, 33, 25, 17,
+        9,  1, 58, 50, 42, 34, 26,     18, 10,  2, 59, 51, 43, 35,
+       62, 54, 46, 38, 30, 22, 14,      6, 61, 53, 45, 37, 29, 21,
+       13,  5, 60, 52, 44, 36, 28,     20, 12,  4, 27, 19, 11,  3 };
+
+static unsigned char totrot[16] = {
+       1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+       13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+       22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+       40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+       43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf)  /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+       register int i, j, l, m, n;
+       unsigned char pc1m[56], pcr[56];
+       unsigned long kn[32];
+
+       for ( j = 0; j < 56; j++ ) {
+               l = pc1[j];
+               m = l & 07;
+               pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+               }
+       for( i = 0; i < 16; i++ ) {
+               if( edf == DE1 ) m = (15 - i) << 1;
+               else m = i << 1;
+               n = m + 1;
+               kn[m] = kn[n] = 0L;
+               for( j = 0; j < 28; j++ ) {
+                       l = j + totrot[i];
+                       if( l < 28 ) pcr[j] = pc1m[l];
+                       else pcr[j] = pc1m[l - 28];
+                       }
+               for( j = 28; j < 56; j++ ) {
+                   l = j + totrot[i];
+                   if( l < 56 ) pcr[j] = pc1m[l];
+                   else pcr[j] = pc1m[l - 28];
+                   }
+               for( j = 0; j < 24; j++ ) {
+                       if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+                       if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+                       }
+               }
+       cookey(kn);
+       return;
+       }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+       register unsigned long *cook, *raw0;
+       unsigned long dough[32];
+       register int i;
+
+       cook = dough;
+       for( i = 0; i < 16; i++, raw1++ ) {
+               raw0 = raw1++;
+               *cook    = (*raw0 & 0x00fc0000L) << 6;
+               *cook   |= (*raw0 & 0x00000fc0L) << 10;
+               *cook   |= (*raw1 & 0x00fc0000L) >> 10;
+               *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+               *cook    = (*raw0 & 0x0003f000L) << 12;
+               *cook   |= (*raw0 & 0x0000003fL) << 16;
+               *cook   |= (*raw1 & 0x0003f000L) >> 4;
+               *cook++ |= (*raw1 & 0x0000003fL);
+               }
+       usekey(dough);
+       return;
+       }
+
+void cpkey(into)
+register unsigned long *into;
+{
+       register unsigned long *from, *endp;
+
+       from = KnL, endp = &KnL[32];
+       while( from < endp ) *into++ = *from++;
+       return;
+       }
+
+void usekey(from)
+register unsigned long *from;
+{
+       register unsigned long *to, *endp;
+
+       to = KnL, endp = &KnL[32];
+       while( to < endp ) *to++ = *from++;
+       return;
+       }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+       unsigned long work[2];
+
+       scrunch(inblock, work);
+       desfunc(work, KnL);
+       unscrun(work, outblock);
+       return;
+       }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+       *into    = (*outof++ & 0xffL) << 24;
+       *into   |= (*outof++ & 0xffL) << 16;
+       *into   |= (*outof++ & 0xffL) << 8;
+       *into++ |= (*outof++ & 0xffL);
+       *into    = (*outof++ & 0xffL) << 24;
+       *into   |= (*outof++ & 0xffL) << 16;
+       *into   |= (*outof++ & 0xffL) << 8;
+       *into   |= (*outof   & 0xffL);
+       return;
+       }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+       *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+       *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+       *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+       *into++ = (unsigned char)(*outof++       & 0xffL);
+       *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+       *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+       *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+       *into   =  (unsigned char)(*outof        & 0xffL);
+       return;
+       }
+
+static unsigned long SP1[64] = {
+       0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+       0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+       0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+       0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+       0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+       0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+       0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+       0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+       0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+       0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+       0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+       0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+       0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+       0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+       0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+       0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+       0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+       0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+       0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+       0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+       0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+       0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+       0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+       0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+       0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+       0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+       0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+       0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+       0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+       0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+       0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+       0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+       0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+       0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+       0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+       0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+       0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+       0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+       0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+       0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+       0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+       0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+       0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+       0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+       0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+       0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+       0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+       0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+       0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+       0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+       0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+       0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+       0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+       0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+       0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+       0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+       0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+       0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+       0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+       0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+       0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+       0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+       0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+       0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+       0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+       0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+       0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+       0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+       0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+       0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+       0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+       0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+       0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+       0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+       0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+       0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+       0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+       0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+       0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+       0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+       0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+       0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+       0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+       0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+       0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+       0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+       0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+       0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+       0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+       0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+       0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+       0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+       0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+       0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+       0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+       0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+       0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+       0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+       0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+       0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+       0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+       0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+       0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+       0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+       0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+       0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+       0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+       0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+       0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+       0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+       0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+       0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+       0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+       0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+       0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+       0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+       0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+       0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+       0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+       0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+       0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+       0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+       0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+       0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+       0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+       0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+       0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+       0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+       register unsigned long fval, work, right, leftt;
+       register int round;
+
+       leftt = block[0];
+       right = block[1];
+       work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+       right ^= work;
+       leftt ^= (work << 4);
+       work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+       right ^= work;
+       leftt ^= (work << 16);
+       work = ((right >> 2) ^ leftt) & 0x33333333L;
+       leftt ^= work;
+       right ^= (work << 2);
+       work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+       leftt ^= work;
+       right ^= (work << 8);
+       right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+       work = (leftt ^ right) & 0xaaaaaaaaL;
+       leftt ^= work;
+       right ^= work;
+       leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+       for( round = 0; round < 8; round++ ) {
+               work  = (right << 28) | (right >> 4);
+               work ^= *keys++;
+               fval  = SP7[ work                & 0x3fL];
+               fval |= SP5[(work >>  8) & 0x3fL];
+               fval |= SP3[(work >> 16) & 0x3fL];
+               fval |= SP1[(work >> 24) & 0x3fL];
+               work  = right ^ *keys++;
+               fval |= SP8[ work                & 0x3fL];
+               fval |= SP6[(work >>  8) & 0x3fL];
+               fval |= SP4[(work >> 16) & 0x3fL];
+               fval |= SP2[(work >> 24) & 0x3fL];
+               leftt ^= fval;
+               work  = (leftt << 28) | (leftt >> 4);
+               work ^= *keys++;
+               fval  = SP7[ work                & 0x3fL];
+               fval |= SP5[(work >>  8) & 0x3fL];
+               fval |= SP3[(work >> 16) & 0x3fL];
+               fval |= SP1[(work >> 24) & 0x3fL];
+               work  = leftt ^ *keys++;
+               fval |= SP8[ work                & 0x3fL];
+               fval |= SP6[(work >>  8) & 0x3fL];
+               fval |= SP4[(work >> 16) & 0x3fL];
+               fval |= SP2[(work >> 24) & 0x3fL];
+               right ^= fval;
+               }
+
+       right = (right << 31) | (right >> 1);
+       work = (leftt ^ right) & 0xaaaaaaaaL;
+       leftt ^= work;
+       right ^= work;
+       leftt = (leftt << 31) | (leftt >> 1);
+       work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+       right ^= work;
+       leftt ^= (work << 8);
+       work = ((leftt >> 2) ^ right) & 0x33333333L;
+       right ^= work;
+       leftt ^= (work << 2);
+       work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+       leftt ^= work;
+       right ^= (work << 16);
+       work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+       leftt ^= work;
+       right ^= (work << 4);
+       *block++ = right;
+       *block = leftt;
+       return;
+       }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -r f426f6e646eb tools/ioemu/d3des.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.h       Tue Oct 03 23:34:25 2006 +0900
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ *     Headers and defines for d3des.c
+ *     Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ *     (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0    0       /* MODE == encrypt */
+#define DE1    1       /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/*                   hexkey[8]     MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/*                 cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/*                cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/*                 from[8]           to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'.  They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.