mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-10-05 22:29:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

PPP, MSCHAP, MPPE: shared identical mppe_sha1_pad* between MSCHAP and MPPE

Browse Source
This commit is contained in:
Sylvain Rochet 2015-04-18 18:51:45 +02:00
parent 3862aad2f7
commit 210a2ccfdf
3 changed files with 25 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/include/netif/ppp/mppe.h
View File

@ -132,6 +132,22 @@
opts |= MPPE_OPT_UNKNOWN; \
} while (/* CONSTCOND */ 0)
/* Shared MPPE padding between MSCHAP and MPPE */
#define SHA1_PAD_SIZE 40
static const u8_t mppe_sha1_pad1[SHA1_PAD_SIZE] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
static const u8_t mppe_sha1_pad2[SHA1_PAD_SIZE] = {
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2
};
/*
* State for an MPPE (de)compressor.
*/

22
src/netif/ppp/chap_ms.c
View File

@ -93,6 +93,9 @@
#include "netif/ppp/chap_ms.h"
#include "netif/ppp/pppcrypt.h"
#include "netif/ppp/magic.h"
#if MPPE_SUPPORT
#include "netif/ppp/mppe.h" /* For mppe_sha1_pad* */
#endif /* MPPE_SUPPORT */
#if LWIP_INCLUDED_POLARSSL_MD4
#include "netif/ppp/polarssl/md4.h"
@ -758,17 +761,6 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
u_char MasterKey[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
u_char Digest[SHA1_SIGNATURE_SIZE]; /* >= MPPE_MAX_KEY_LEN */
u_char SHApad1[40] =
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
u_char SHApad2[40] =
{ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 };
/* "This is the MPPE Master Key" */
u_char Magic1[27] =
{ 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
@ -815,9 +807,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
s = Magic2;
sha1_starts(&sha1Context);
sha1_update(&sha1Context, MasterKey, 16);
sha1_update(&sha1Context, SHApad1, sizeof(SHApad1));
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
sha1_update(&sha1Context, s, 84);
sha1_update(&sha1Context, SHApad2, sizeof(SHApad2));
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
sha1_finish(&sha1Context, Digest);
MEMCPY(pcb->mppe_send_key, Digest, MPPE_MAX_KEY_LEN);
@ -831,9 +823,9 @@ static void mppe_set_keys2(ppp_pcb *pcb, u_char PasswordHashHash[MD4_SIGNATURE_S
s = Magic3;
sha1_starts(&sha1Context);
sha1_update(&sha1Context, MasterKey, 16);
sha1_update(&sha1Context, SHApad1, sizeof(SHApad1));
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
sha1_update(&sha1Context, s, 84);
sha1_update(&sha1Context, SHApad2, sizeof(SHApad2));
sha1_update(&sha1Context, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
sha1_finish(&sha1Context, Digest);
MEMCPY(pcb->mppe_recv_key, Digest, MPPE_MAX_KEY_LEN);

18
src/netif/ppp/mppe.c
View File

@ -48,7 +48,6 @@
#endif
#define SHA1_SIGNATURE_SIZE 20
#define SHA1_PAD_SIZE 40
/* ppp_mppe_state.bits definitions */
#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */
@ -66,19 +65,6 @@
#define MPPE_OVHD 2 /* MPPE overhead/packet */
#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */
static const u8_t sha1_pad1[SHA1_PAD_SIZE] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
static const u8_t sha1_pad2[SHA1_PAD_SIZE] = {
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2
};
/*
* Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
* Well, not what's written there, but rather what they meant.
@ -94,9 +80,9 @@ static void mppe_rekey(ppp_mppe_state * state, int initial_key)
*/
sha1_starts(&sha1);
sha1_update(&sha1, state->master_key, state->keylen);
sha1_update(&sha1, (unsigned char *)sha1_pad1, SHA1_PAD_SIZE);
sha1_update(&sha1, (unsigned char *)mppe_sha1_pad1, SHA1_PAD_SIZE);
sha1_update(&sha1, state->session_key, state->keylen);
sha1_update(&sha1, (unsigned char *)sha1_pad2, SHA1_PAD_SIZE);
sha1_update(&sha1, (unsigned char *)mppe_sha1_pad2, SHA1_PAD_SIZE);
sha1_finish(&sha1, sha1_digest);
MEMCPY(state->session_key, sha1_digest, state->keylen);