diff --git a/src/include/netif/ppp/pppcrypt.h b/src/include/netif/ppp/pppcrypt.h index 7d3982fd..7790fe01 100644 --- a/src/include/netif/ppp/pppcrypt.h +++ b/src/include/netif/ppp/pppcrypt.h @@ -51,31 +51,41 @@ #include "netif/ppp/polarssl/md4.h" #define lwip_md4_context md4_context +#define lwip_md4_init(context) #define lwip_md4_starts md4_starts #define lwip_md4_update md4_update #define lwip_md4_finish md4_finish +#define lwip_md4_free(context) #include "netif/ppp/polarssl/md5.h" #define lwip_md5_context md5_context +#define lwip_md5_init(context) #define lwip_md5_starts md5_starts #define lwip_md5_update md5_update #define lwip_md5_finish md5_finish +#define lwip_md5_free(context) #include "netif/ppp/polarssl/sha1.h" #define lwip_sha1_context sha1_context +#define lwip_sha1_init(context) #define lwip_sha1_starts sha1_starts #define lwip_sha1_update sha1_update #define lwip_sha1_finish sha1_finish +#define lwip_sha1_free(context) #include "netif/ppp/polarssl/des.h" #define lwip_des_context des_context +#define lwip_des_init(context) #define lwip_des_setkey_enc des_setkey_enc #define lwip_des_crypt_ecb des_crypt_ecb +#define lwip_des_free(context) #include "netif/ppp/polarssl/arc4.h" #define lwip_arc4_context arc4_context +#define lwip_arc4_init(context) #define lwip_arc4_setup arc4_setup #define lwip_arc4_crypt arc4_crypt +#define lwip_arc4_free(context) #endif /* !LWIP_USE_EXTERNAL_MBEDTLS */ @@ -85,27 +95,37 @@ #if LWIP_USE_EXTERNAL_MBEDTLS #define lwip_md4_context mbedtls_md4_context +#define lwip_md4_init mbedtls_md4_init #define lwip_md4_starts mbedtls_md4_starts #define lwip_md4_update mbedtls_md4_update #define lwip_md4_finish mbedtls_md4_finish +#define lwip_md4_free mbedtls_md4_free #define lwip_md5_context mbedtls_md5_context +#define lwip_md5_init mbedtls_md5_init #define lwip_md5_starts mbedtls_md5_starts #define lwip_md5_update mbedtls_md5_update #define lwip_md5_finish mbedtls_md5_finish +#define lwip_md5_free mbedtls_md5_free #define lwip_sha1_context mbedtls_sha1_context +#define lwip_sha1_init mbedtls_sha1_init #define lwip_sha1_starts mbedtls_sha1_starts #define lwip_sha1_update mbedtls_sha1_update #define lwip_sha1_finish mbedtls_sha1_finish +#define lwip_sha1_free mbedtls_sha1_free #define lwip_des_context mbedtls_des_context +#define lwip_des_init mbedtls_des_init #define lwip_des_setkey_enc mbedtls_des_setkey_enc #define lwip_des_crypt_ecb mbedtls_des_crypt_ecb +#define lwip_des_free mbedtls_des_free #define lwip_arc4_context mbedtls_arc4_context +#define lwip_arc4_init mbedtls_arc4_init #define lwip_arc4_setup mbedtls_arc4_setup #define lwip_arc4_crypt(context, buffer, length) mbedtls_arc4_crypt(context, length, buffer, buffer) +#define lwip_arc4_free mbedtls_arc4_free #endif /* LWIP_USE_EXTERNAL_MBEDTLS */ diff --git a/src/netif/ppp/chap-md5.c b/src/netif/ppp/chap-md5.c index c7c8acff..88f069f0 100644 --- a/src/netif/ppp/chap-md5.c +++ b/src/netif/ppp/chap-md5.c @@ -73,11 +73,13 @@ static int chap_md5_verify_response(ppp_pcb *pcb, int id, const char *name, response_len = *response++; if (response_len == MD5_HASH_SIZE) { /* Generate hash of ID, secret, challenge */ + lwip_md5_init(&ctx); lwip_md5_starts(&ctx); lwip_md5_update(&ctx, &idbyte, 1); lwip_md5_update(&ctx, secret, secret_len); lwip_md5_update(&ctx, challenge, challenge_len); lwip_md5_finish(&ctx, hash); + lwip_md5_free(&ctx); /* Test if our hash matches the peer's response */ if (memcmp(hash, response, MD5_HASH_SIZE) == 0) { @@ -100,11 +102,13 @@ static void chap_md5_make_response(ppp_pcb *pcb, unsigned char *response, int id LWIP_UNUSED_ARG(private_); LWIP_UNUSED_ARG(pcb); + lwip_md5_init(&ctx); lwip_md5_starts(&ctx); lwip_md5_update(&ctx, &idbyte, 1); lwip_md5_update(&ctx, (const u_char *)secret, secret_len); lwip_md5_update(&ctx, challenge, challenge_len); lwip_md5_finish(&ctx, &response[1]); + lwip_md5_free(&ctx); response[0] = MD5_HASH_SIZE; } diff --git a/src/netif/ppp/chap_ms.c b/src/netif/ppp/chap_ms.c index 82877f8f..5a989c9b 100644 --- a/src/netif/ppp/chap_ms.c +++ b/src/netif/ppp/chap_ms.c @@ -509,16 +509,22 @@ static void ChallengeResponse(const u_char *challenge, #endif pppcrypt_56_to_64_bit_key(ZPasswordHash + 0, des_key); + lwip_des_init(&des); lwip_des_setkey_enc(&des, des_key); lwip_des_crypt_ecb(&des, challenge, response +0); + lwip_des_free(&des); pppcrypt_56_to_64_bit_key(ZPasswordHash + 7, des_key); + lwip_des_init(&des); lwip_des_setkey_enc(&des, des_key); lwip_des_crypt_ecb(&des, challenge, response +8); + lwip_des_free(&des); pppcrypt_56_to_64_bit_key(ZPasswordHash + 14, des_key); + lwip_des_init(&des); lwip_des_setkey_enc(&des, des_key); lwip_des_crypt_ecb(&des, challenge, response +16); + lwip_des_free(&des); #if 0 dbglog("ChallengeResponse - response %.24B", response); @@ -537,11 +543,13 @@ static void ChallengeHash(const u_char PeerChallenge[16], const u_char *rchallen else user = username; + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, PeerChallenge, 16); lwip_sha1_update(&sha1Context, rchallenge, 16); lwip_sha1_update(&sha1Context, (const unsigned char*)user, strlen(user)); lwip_sha1_finish(&sha1Context, sha1Hash); + lwip_sha1_free(&sha1Context); MEMCPY(Challenge, sha1Hash, 8); } @@ -564,9 +572,11 @@ static void ascii2unicode(const char ascii[], int ascii_len, u_char unicode[]) { static void NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) { lwip_md4_context md4Context; + lwip_md4_init(&md4Context); lwip_md4_starts(&md4Context); lwip_md4_update(&md4Context, secret, secret_len); lwip_md4_finish(&md4Context, hash); + lwip_md4_free(&md4Context); } static void ChapMS_NT(const u_char *rchallenge, const char *secret, int secret_len, @@ -613,12 +623,16 @@ static void ChapMS_LANMan(u_char *rchallenge, char *secret, int secret_len, UcasePassword[i] = (u_char)toupper(secret[i]); pppcrypt_56_to_64_bit_key(UcasePassword +0, des_key); + lwip_des_init(&des); lwip_des_setkey_enc(&des, des_key); lwip_des_crypt_ecb(&des, StdText, PasswordHash +0); + lwip_des_free(&des); pppcrypt_56_to_64_bit_key(UcasePassword +7, des_key); + lwip_des_init(&des); lwip_des_setkey_enc(&des, des_key); lwip_des_crypt_ecb(&des, StdText, PasswordHash +8); + lwip_des_free(&des); ChallengeResponse(rchallenge, PasswordHash, &response[MS_CHAP_LANMANRESP]); } @@ -649,19 +663,23 @@ static void GenerateAuthenticatorResponse(const u_char PasswordHashHash[MD4_SIGN u_char Digest[SHA1_SIGNATURE_SIZE]; u_char Challenge[8]; + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, PasswordHashHash, MD4_SIGNATURE_SIZE); lwip_sha1_update(&sha1Context, NTResponse, 24); lwip_sha1_update(&sha1Context, Magic1, sizeof(Magic1)); lwip_sha1_finish(&sha1Context, Digest); + lwip_sha1_free(&sha1Context); ChallengeHash(PeerChallenge, rchallenge, username, Challenge); + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, Digest, sizeof(Digest)); lwip_sha1_update(&sha1Context, Challenge, sizeof(Challenge)); lwip_sha1_update(&sha1Context, Magic2, sizeof(Magic2)); lwip_sha1_finish(&sha1Context, Digest); + lwip_sha1_free(&sha1Context); /* Convert to ASCII hex string. */ for (i = 0; i < LWIP_MAX((MS_AUTH_RESPONSE_LENGTH / 2), (int)sizeof(Digest)); i++) @@ -705,11 +723,13 @@ static void Set_Start_Key(ppp_pcb *pcb, const u_char *rchallenge, const char *se NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, PasswordHashHash, MD4_SIGNATURE_SIZE); lwip_sha1_update(&sha1Context, PasswordHashHash, MD4_SIGNATURE_SIZE); lwip_sha1_update(&sha1Context, rchallenge, 8); lwip_sha1_finish(&sha1Context, Digest); + lwip_sha1_free(&sha1Context); /* Same key in both directions. */ mppe_set_key(pcb, &pcb->mppe_comp, Digest); @@ -765,11 +785,13 @@ static void SetMasterKeys(ppp_pcb *pcb, const char *secret, int secret_len, u_ch NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, PasswordHashHash, MD4_SIGNATURE_SIZE); lwip_sha1_update(&sha1Context, NTResponse, 24); lwip_sha1_update(&sha1Context, Magic1, sizeof(Magic1)); lwip_sha1_finish(&sha1Context, MasterKey); + lwip_sha1_free(&sha1Context); /* * generate send key @@ -778,12 +800,14 @@ static void SetMasterKeys(ppp_pcb *pcb, const char *secret, int secret_len, u_ch s = Magic3; else s = Magic2; + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, MasterKey, 16); lwip_sha1_update(&sha1Context, mppe_sha1_pad1, SHA1_PAD_SIZE); lwip_sha1_update(&sha1Context, s, 84); lwip_sha1_update(&sha1Context, mppe_sha1_pad2, SHA1_PAD_SIZE); lwip_sha1_finish(&sha1Context, Digest); + lwip_sha1_free(&sha1Context); mppe_set_key(pcb, &pcb->mppe_comp, Digest); @@ -794,12 +818,14 @@ static void SetMasterKeys(ppp_pcb *pcb, const char *secret, int secret_len, u_ch s = Magic2; else s = Magic3; + lwip_sha1_init(&sha1Context); lwip_sha1_starts(&sha1Context); lwip_sha1_update(&sha1Context, MasterKey, 16); lwip_sha1_update(&sha1Context, mppe_sha1_pad1, SHA1_PAD_SIZE); lwip_sha1_update(&sha1Context, s, 84); lwip_sha1_update(&sha1Context, mppe_sha1_pad2, SHA1_PAD_SIZE); lwip_sha1_finish(&sha1Context, Digest); + lwip_sha1_free(&sha1Context); mppe_set_key(pcb, &pcb->mppe_decomp, Digest); diff --git a/src/netif/ppp/eap.c b/src/netif/ppp/eap.c index 917d1e4c..5e044786 100644 --- a/src/netif/ppp/eap.c +++ b/src/netif/ppp/eap.c @@ -1443,6 +1443,7 @@ static void eap_request(ppp_pcb *pcb, u_char *inp, int id, int len) { eap_send_nak(pcb, id, EAPT_SRP); break; } + lwip_md5_init(&mdContext); lwip_md5_starts(&mdContext); typenum = id; lwip_md5_update(&mdContext, &typenum, 1); @@ -1450,6 +1451,7 @@ static void eap_request(ppp_pcb *pcb, u_char *inp, int id, int len) { BZERO(secret, sizeof (secret)); lwip_md5_update(&mdContext, inp, vallen); lwip_md5_finish(&mdContext, hash); + lwip_md5_free(&mdContext); eap_chap_response(pcb, id, hash, pcb->eap.es_client.ea_name, pcb->eap.es_client.ea_namelen); break; @@ -1869,12 +1871,14 @@ static void eap_response(ppp_pcb *pcb, u_char *inp, int id, int len) { eap_send_failure(pcb); break; } + lwip_md5_init(&mdContext); lwip_md5_starts(&mdContext); lwip_md5_update(&mdContext, &pcb->eap.es_server.ea_id, 1); lwip_md5_update(&mdContext, (u_char *)secret, secret_len); BZERO(secret, sizeof (secret)); lwip_md5_update(&mdContext, pcb->eap.es_challenge, pcb->eap.es_challen); lwip_md5_finish(&mdContext, hash); + lwip_md5_free(&mdContext); if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) != 0) { eap_send_failure(pcb); break; diff --git a/src/netif/ppp/magic.c b/src/netif/ppp/magic.c index 66bf2276..d0d87c5e 100644 --- a/src/netif/ppp/magic.c +++ b/src/netif/ppp/magic.c @@ -101,6 +101,7 @@ static void magic_churnrand(char *rand_data, u32_t rand_len) { lwip_md5_context md5_ctx; /* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: %u@%P\n", rand_len, rand_data)); */ + lwip_md5_init(&md5_ctx); lwip_md5_starts(&md5_ctx); lwip_md5_update(&md5_ctx, (u_char *)magic_randpool, sizeof(magic_randpool)); if (rand_data) { @@ -122,6 +123,7 @@ static void magic_churnrand(char *rand_data, u32_t rand_len) { lwip_md5_update(&md5_ctx, (u_char *)&sys_data, sizeof(sys_data)); } lwip_md5_finish(&md5_ctx, (u_char *)magic_randpool); + lwip_md5_free(&md5_ctx); /* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: -> 0\n")); */ } @@ -163,10 +165,12 @@ void magic_random_bytes(unsigned char *buf, u32_t buf_len) { u32_t n; while (buf_len > 0) { + lwip_md5_init(&md5_ctx); lwip_md5_starts(&md5_ctx); lwip_md5_update(&md5_ctx, (u_char *)magic_randpool, sizeof(magic_randpool)); lwip_md5_update(&md5_ctx, (u_char *)&magic_randcount, sizeof(magic_randcount)); lwip_md5_finish(&md5_ctx, tmp); + lwip_md5_free(&md5_ctx); magic_randcount++; n = LWIP_MIN(buf_len, MD5_HASH_SIZE); MEMCPY(buf, tmp, n); diff --git a/src/netif/ppp/mppe.c b/src/netif/ppp/mppe.c index 216f587b..331039f8 100644 --- a/src/netif/ppp/mppe.c +++ b/src/netif/ppp/mppe.c @@ -67,17 +67,21 @@ static void mppe_rekey(ppp_mppe_state * state, int initial_key) * Key Derivation, from RFC 3078, RFC 3079. * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. */ + lwip_sha1_init(&sha1_ctx); lwip_sha1_starts(&sha1_ctx); lwip_sha1_update(&sha1_ctx, state->master_key, state->keylen); lwip_sha1_update(&sha1_ctx, mppe_sha1_pad1, SHA1_PAD_SIZE); lwip_sha1_update(&sha1_ctx, state->session_key, state->keylen); lwip_sha1_update(&sha1_ctx, mppe_sha1_pad2, SHA1_PAD_SIZE); lwip_sha1_finish(&sha1_ctx, sha1_digest); + lwip_sha1_free(&sha1_ctx); MEMCPY(state->session_key, sha1_digest, state->keylen); if (!initial_key) { + lwip_arc4_init(&state->arc4); lwip_arc4_setup(&state->arc4, sha1_digest, state->keylen); lwip_arc4_crypt(&state->arc4, state->session_key, state->keylen); + lwip_arc4_free(&state->arc4); } if (state->keylen == 8) { /* See RFC 3078 */ @@ -85,6 +89,7 @@ static void mppe_rekey(ppp_mppe_state * state, int initial_key) state->session_key[1] = 0x26; state->session_key[2] = 0x9e; } + lwip_arc4_init(&state->arc4); lwip_arc4_setup(&state->arc4, state->session_key, state->keylen); } diff --git a/src/netif/ppp/pppol2tp.c b/src/netif/ppp/pppol2tp.c index de36c6fc..1a6c31e2 100644 --- a/src/netif/ppp/pppol2tp.c +++ b/src/netif/ppp/pppol2tp.c @@ -592,12 +592,14 @@ static void pppol2tp_dispatch_control_packet(pppol2tp_pcb *l2tp, u16_t port, str return; } /* Generate hash of ID, secret, challenge */ + lwip_md5_init(&md5_ctx); lwip_md5_starts(&md5_ctx); challenge_id = PPPOL2TP_MESSAGETYPE_SCCCN; lwip_md5_update(&md5_ctx, &challenge_id, 1); lwip_md5_update(&md5_ctx, l2tp->secret, l2tp->secret_len); lwip_md5_update(&md5_ctx, inp, avplen); lwip_md5_finish(&md5_ctx, l2tp->challenge_hash); + lwip_md5_free(&md5_ctx); l2tp->send_challenge = 1; goto skipavp; case PPPOL2TP_AVPTYPE_CHALLENGERESPONSE: @@ -606,12 +608,14 @@ static void pppol2tp_dispatch_control_packet(pppol2tp_pcb *l2tp, u16_t port, str return; } /* Generate hash of ID, secret, challenge */ + lwip_md5_init(&md5_ctx); lwip_md5_starts(&md5_ctx); challenge_id = PPPOL2TP_MESSAGETYPE_SCCRP; lwip_md5_update(&md5_ctx, &challenge_id, 1); lwip_md5_update(&md5_ctx, l2tp->secret, l2tp->secret_len); lwip_md5_update(&md5_ctx, l2tp->secret_rv, sizeof(l2tp->secret_rv)); lwip_md5_finish(&md5_ctx, md5_hash); + lwip_md5_free(&md5_ctx); if ( memcmp(inp, md5_hash, sizeof(md5_hash)) ) { PPPDEBUG(LOG_DEBUG, ("pppol2tp: Received challenge response from peer and secret key do not match\n")); pppol2tp_abort_connect(l2tp);