mirror of
https://github.com/lwip-tcpip/lwip.git
synced 2024-10-05 22:29:49 +00:00
PPP, MSCHAP, MPPE: shared identical mppe_sha1_pad* between MSCHAP and MPPE
This commit is contained in:
parent
3862aad2f7
commit
210a2ccfdf
@ -132,6 +132,22 @@
|
|||||||
opts |= MPPE_OPT_UNKNOWN; \
|
opts |= MPPE_OPT_UNKNOWN; \
|
||||||
} while (/* CONSTCOND */ 0)
|
} while (/* CONSTCOND */ 0)
|
||||||
|
|
||||||
|
/* Shared MPPE padding between MSCHAP and MPPE */
|
||||||
|
#define SHA1_PAD_SIZE 40
|
||||||
|
|
||||||
|
static const u8_t mppe_sha1_pad1[SHA1_PAD_SIZE] = {
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
||||||
|
};
|
||||||
|
static const u8_t mppe_sha1_pad2[SHA1_PAD_SIZE] = {
|
||||||
|
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
||||||
|
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
||||||
|
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
||||||
|
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2
|
||||||
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* State for an MPPE (de)compressor.
|
* State for an MPPE (de)compressor.
|
||||||
*/
|
*/
|
||||||
|
@ -93,6 +93,9 @@
|
|||||||
#include "netif/ppp/chap_ms.h"
|
#include "netif/ppp/chap_ms.h"
|
||||||
#include "netif/ppp/pppcrypt.h"
|
#include "netif/ppp/pppcrypt.h"
|
||||||
#include "netif/ppp/magic.h"
|
#include "netif/ppp/magic.h"
|
||||||
|
#if MPPE_SUPPORT
|
||||||
|
#include "netif/ppp/mppe.h" /* For mppe_sha1_pad* */
|
||||||
|
#endif /* MPPE_SUPPORT */
|
||||||
|
|
||||||
#if LWIP_INCLUDED_POLARSSL_MD4
|
#if LWIP_INCLUDED_POLARSSL_MD4
|
||||||
#include "netif/ppp/polarssl/md4.h"
|
#include "netif/ppp/polarssl/md4.h"
|
||||||
@ -758,17 +761,6 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
|
|||||||
u_char MasterKey[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
|
u_char MasterKey[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
|
||||||
u_char Digest[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
|
u_char Digest[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
|
||||||
|
|
||||||
u_char SHApad1[40] =
|
|
||||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
|
|
||||||
u_char SHApad2[40] =
|
|
||||||
{ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 };
|
|
||||||
|
|
||||||
/* "This is the MPPE Master Key" */
|
/* "This is the MPPE Master Key" */
|
||||||
u_char Magic1[27] =
|
u_char Magic1[27] =
|
||||||
{ 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
|
{ 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
|
||||||
@ -815,9 +807,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
|
|||||||
s = Magic2;
|
s = Magic2;
|
||||||
sha1_starts(&sha1Context);
|
sha1_starts(&sha1Context);
|
||||||
sha1_update(&sha1Context, MasterKey, 16);
|
sha1_update(&sha1Context, MasterKey, 16);
|
||||||
sha1_update(&sha1Context, SHApad1, sizeof(SHApad1));
|
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
|
||||||
sha1_update(&sha1Context, s, 84);
|
sha1_update(&sha1Context, s, 84);
|
||||||
sha1_update(&sha1Context, SHApad2, sizeof(SHApad2));
|
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
|
||||||
sha1_finish(&sha1Context, Digest);
|
sha1_finish(&sha1Context, Digest);
|
||||||
|
|
||||||
MEMCPY(pcb->mppe_send_key, Digest, MPPE_MAX_KEY_LEN);
|
MEMCPY(pcb->mppe_send_key, Digest, MPPE_MAX_KEY_LEN);
|
||||||
@ -831,9 +823,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
|
|||||||
s = Magic3;
|
s = Magic3;
|
||||||
sha1_starts(&sha1Context);
|
sha1_starts(&sha1Context);
|
||||||
sha1_update(&sha1Context, MasterKey, 16);
|
sha1_update(&sha1Context, MasterKey, 16);
|
||||||
sha1_update(&sha1Context, SHApad1, sizeof(SHApad1));
|
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
|
||||||
sha1_update(&sha1Context, s, 84);
|
sha1_update(&sha1Context, s, 84);
|
||||||
sha1_update(&sha1Context, SHApad2, sizeof(SHApad2));
|
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
|
||||||
sha1_finish(&sha1Context, Digest);
|
sha1_finish(&sha1Context, Digest);
|
||||||
|
|
||||||
MEMCPY(pcb->mppe_recv_key, Digest, MPPE_MAX_KEY_LEN);
|
MEMCPY(pcb->mppe_recv_key, Digest, MPPE_MAX_KEY_LEN);
|
||||||
|
@ -48,7 +48,6 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define SHA1_SIGNATURE_SIZE 20
|
#define SHA1_SIGNATURE_SIZE 20
|
||||||
#define SHA1_PAD_SIZE 40
|
|
||||||
|
|
||||||
/* ppp_mppe_state.bits definitions */
|
/* ppp_mppe_state.bits definitions */
|
||||||
#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */
|
#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */
|
||||||
@ -66,19 +65,6 @@
|
|||||||
#define MPPE_OVHD 2 /* MPPE overhead/packet */
|
#define MPPE_OVHD 2 /* MPPE overhead/packet */
|
||||||
#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */
|
#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */
|
||||||
|
|
||||||
static const u8_t sha1_pad1[SHA1_PAD_SIZE] = {
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
|
||||||
};
|
|
||||||
static const u8_t sha1_pad2[SHA1_PAD_SIZE] = {
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
|
|
||||||
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2
|
|
||||||
};
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
|
* Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
|
||||||
* Well, not what's written there, but rather what they meant.
|
* Well, not what's written there, but rather what they meant.
|
||||||
@ -94,9 +80,9 @@ static void mppe_rekey(ppp_mppe_state * state, int initial_key)
|
|||||||
*/
|
*/
|
||||||
sha1_starts(&sha1);
|
sha1_starts(&sha1);
|
||||||
sha1_update(&sha1, state->master_key, state->keylen);
|
sha1_update(&sha1, state->master_key, state->keylen);
|
||||||
sha1_update(&sha1, (unsigned char *)sha1_pad1, SHA1_PAD_SIZE);
|
sha1_update(&sha1, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
|
||||||
sha1_update(&sha1, state->session_key, state->keylen);
|
sha1_update(&sha1, state->session_key, state->keylen);
|
||||||
sha1_update(&sha1, (unsigned char *)sha1_pad2, SHA1_PAD_SIZE);
|
sha1_update(&sha1, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
|
||||||
sha1_finish(&sha1, sha1_digest);
|
sha1_finish(&sha1, sha1_digest);
|
||||||
MEMCPY(state->session_key, sha1_digest, state->keylen);
|
MEMCPY(state->session_key, sha1_digest, state->keylen);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user