From 210a2ccfdf485f22f5655b486019408c134e8fb7 Mon Sep 17 00:00:00 2001 From: Sylvain Rochet Date: Sat, 18 Apr 2015 18:51:45 +0200 Subject: [PATCH] PPP, MSCHAP, MPPE: shared identical mppe_sha1_pad* between MSCHAP and MPPE --- src/include/netif/ppp/mppe.h | 16 ++++++++++++++++ src/netif/ppp/chap_ms.c | 22 +++++++--------------- src/netif/ppp/mppe.c | 18 ++---------------- 3 files changed, 25 insertions(+), 31 deletions(-) diff --git a/src/include/netif/ppp/mppe.h b/src/include/netif/ppp/mppe.h index 44cfae78..2b9c4d4f 100644 --- a/src/include/netif/ppp/mppe.h +++ b/src/include/netif/ppp/mppe.h @@ -132,6 +132,22 @@ opts |= MPPE_OPT_UNKNOWN; \ } while (/* CONSTCOND */ 0) +/* Shared MPPE padding between MSCHAP and MPPE */ +#define SHA1_PAD_SIZE 40 + +static const u8_t mppe_sha1_pad1[SHA1_PAD_SIZE] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; +static const u8_t mppe_sha1_pad2[SHA1_PAD_SIZE] = { + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 +}; + /* * State for an MPPE (de)compressor. */ diff --git a/src/netif/ppp/chap_ms.c b/src/netif/ppp/chap_ms.c index 33ce8311..b1b5958f 100644 --- a/src/netif/ppp/chap_ms.c +++ b/src/netif/ppp/chap_ms.c @@ -93,6 +93,9 @@ #include "netif/ppp/chap_ms.h" #include "netif/ppp/pppcrypt.h" #include "netif/ppp/magic.h" +#if MPPE_SUPPORT +#include "netif/ppp/mppe.h" /* For mppe_sha1_pad* */ +#endif /* MPPE_SUPPORT */ #if LWIP_INCLUDED_POLARSSL_MD4 #include "netif/ppp/polarssl/md4.h" @@ -758,17 +761,6 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S u_char MasterKey[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */ u_char Digest[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */ - u_char SHApad1[40] = - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; - u_char SHApad2[40] = - { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }; - /* "This is the MPPE Master Key" */ u_char Magic1[27] = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, @@ -815,9 +807,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S s = Magic2; sha1_starts(&sha1Context); sha1_update(&sha1Context, MasterKey, 16); - sha1_update(&sha1Context, SHApad1, sizeof(SHApad1)); + sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE); sha1_update(&sha1Context, s, 84); - sha1_update(&sha1Context, SHApad2, sizeof(SHApad2)); + sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE); sha1_finish(&sha1Context, Digest); MEMCPY(pcb->mppe_send_key, Digest, MPPE_MAX_KEY_LEN); @@ -831,9 +823,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S s = Magic3; sha1_starts(&sha1Context); sha1_update(&sha1Context, MasterKey, 16); - sha1_update(&sha1Context, SHApad1, sizeof(SHApad1)); + sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE); sha1_update(&sha1Context, s, 84); - sha1_update(&sha1Context, SHApad2, sizeof(SHApad2)); + sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE); sha1_finish(&sha1Context, Digest); MEMCPY(pcb->mppe_recv_key, Digest, MPPE_MAX_KEY_LEN); diff --git a/src/netif/ppp/mppe.c b/src/netif/ppp/mppe.c index 71826e13..d5a283bf 100644 --- a/src/netif/ppp/mppe.c +++ b/src/netif/ppp/mppe.c @@ -48,7 +48,6 @@ #endif #define SHA1_SIGNATURE_SIZE 20 -#define SHA1_PAD_SIZE 40 /* ppp_mppe_state.bits definitions */ #define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */ @@ -66,19 +65,6 @@ #define MPPE_OVHD 2 /* MPPE overhead/packet */ #define SANITY_MAX 1600 /* Max bogon factor we will tolerate */ -static const u8_t sha1_pad1[SHA1_PAD_SIZE] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -}; -static const u8_t sha1_pad2[SHA1_PAD_SIZE] = { - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 -}; - /* * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3. * Well, not what's written there, but rather what they meant. @@ -94,9 +80,9 @@ static void mppe_rekey(ppp_mppe_state * state, int initial_key) */ sha1_starts(&sha1); sha1_update(&sha1, state->master_key, state->keylen); - sha1_update(&sha1, (unsigned char *)sha1_pad1, SHA1_PAD_SIZE); + sha1_update(&sha1, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE); sha1_update(&sha1, state->session_key, state->keylen); - sha1_update(&sha1, (unsigned char *)sha1_pad2, SHA1_PAD_SIZE); + sha1_update(&sha1, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE); sha1_finish(&sha1, sha1_digest); MEMCPY(state->session_key, sha1_digest, state->keylen);