You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
555 lines
15 KiB
555 lines
15 KiB
diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c
|
|
--- cyrus-sasl-2.1.27/plugins/digestmd5.c 2021-09-30 17:13:06.573093526 -0400
|
|
+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2021-09-30 17:26:31.818378442 -0400
|
|
@@ -80,6 +80,12 @@
|
|
# endif
|
|
#endif /* WITH_DES */
|
|
|
|
+/* legacy provider with openssl 3.0 */
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
+# include <openssl/provider.h>
|
|
+# include <openssl/crypto.h>
|
|
+#endif
|
|
+
|
|
#ifdef WIN32
|
|
# include <winsock2.h>
|
|
#else /* Unix */
|
|
@@ -170,6 +176,12 @@
|
|
|
|
typedef struct cipher_context cipher_context_t;
|
|
|
|
+typedef struct crypto_context {
|
|
+ void *libctx;
|
|
+ cipher_context_t *enc_ctx;
|
|
+ cipher_context_t *dec_ctx;
|
|
+} crypto_context_t;
|
|
+
|
|
/* cached auth info used for fast reauth */
|
|
typedef struct reauth_entry {
|
|
char *authid;
|
|
@@ -254,12 +266,12 @@
|
|
decode_context_t decode_context;
|
|
|
|
/* if privacy mode is used use these functions for encode and decode */
|
|
+ char *cipher_name;
|
|
cipher_function_t *cipher_enc;
|
|
cipher_function_t *cipher_dec;
|
|
cipher_init_t *cipher_init;
|
|
cipher_free_t *cipher_free;
|
|
- struct cipher_context *cipher_enc_context;
|
|
- struct cipher_context *cipher_dec_context;
|
|
+ crypto_context_t crypto;
|
|
} context_t;
|
|
|
|
struct digest_cipher {
|
|
@@ -888,7 +900,7 @@
|
|
char *output,
|
|
unsigned *outputlen)
|
|
{
|
|
- des_context_t *c = (des_context_t *) text->cipher_dec_context;
|
|
+ des_context_t *c = (des_context_t *) text->crypto.dec_ctx;
|
|
int padding, p;
|
|
|
|
des_ede2_cbc_encrypt((void *) input,
|
|
@@ -925,7 +937,7 @@
|
|
char *output,
|
|
unsigned *outputlen)
|
|
{
|
|
- des_context_t *c = (des_context_t *) text->cipher_enc_context;
|
|
+ des_context_t *c = (des_context_t *) text->crypto.enc_ctx;
|
|
int len;
|
|
int paddinglen;
|
|
|
|
@@ -973,7 +985,7 @@
|
|
return SASL_FAIL;
|
|
memcpy(c->ivec, ((char *) enckey) + 8, 8);
|
|
|
|
- text->cipher_enc_context = (cipher_context_t *) c;
|
|
+ text->crypto.enc_ctx = (cipher_context_t *) c;
|
|
|
|
/* setup dec context */
|
|
c++;
|
|
@@ -987,7 +999,7 @@
|
|
|
|
memcpy(c->ivec, ((char *) deckey) + 8, 8);
|
|
|
|
- text->cipher_dec_context = (cipher_context_t *) c;
|
|
+ text->crypto.dec_ctx = (cipher_context_t *) c;
|
|
|
|
return SASL_OK;
|
|
}
|
|
@@ -1006,7 +1018,7 @@
|
|
char *output,
|
|
unsigned *outputlen)
|
|
{
|
|
- des_context_t *c = (des_context_t *) text->cipher_dec_context;
|
|
+ des_context_t *c = (des_context_t *) text->crypto.dec_ctx;
|
|
int p, padding = 0;
|
|
|
|
des_cbc_encrypt((void *) input,
|
|
@@ -1046,7 +1058,7 @@
|
|
char *output,
|
|
unsigned *outputlen)
|
|
{
|
|
- des_context_t *c = (des_context_t *) text->cipher_enc_context;
|
|
+ des_context_t *c = (des_context_t *) text->crypto.enc_ctx;
|
|
int len;
|
|
int paddinglen;
|
|
|
|
@@ -1093,7 +1105,7 @@
|
|
|
|
memcpy(c->ivec, ((char *) enckey) + 8, 8);
|
|
|
|
- text->cipher_enc_context = (cipher_context_t *) c;
|
|
+ text->crypto.enc_ctx = (cipher_context_t *) c;
|
|
|
|
/* setup dec context */
|
|
c++;
|
|
@@ -1102,60 +1114,143 @@
|
|
|
|
memcpy(c->ivec, ((char *) deckey) + 8, 8);
|
|
|
|
- text->cipher_dec_context = (cipher_context_t *) c;
|
|
+ text->crypto.dec_ctx = (cipher_context_t *) c;
|
|
|
|
return SASL_OK;
|
|
}
|
|
|
|
static void free_des(context_t *text)
|
|
{
|
|
- /* free des contextss. only cipher_enc_context needs to be free'd,
|
|
- since cipher_dec_context was allocated at the same time. */
|
|
- if (text->cipher_enc_context) text->utils->free(text->cipher_enc_context);
|
|
+ /* free des contextss. only enc_ctx needs to be free'd,
|
|
+ since dec_cxt was allocated at the same time. */
|
|
+ if (text->crypto.enc_ctx) {
|
|
+ text->utils->free(text->crypto.enc_ctx);
|
|
+ }
|
|
}
|
|
|
|
#endif /* WITH_DES */
|
|
|
|
#ifdef WITH_RC4
|
|
-#ifdef HAVE_OPENSSL
|
|
#include <openssl/evp.h>
|
|
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
+typedef struct ossl3_library_context {
|
|
+ OSSL_LIB_CTX *libctx;
|
|
+ OSSL_PROVIDER *legacy_provider;
|
|
+ OSSL_PROVIDER *default_provider;
|
|
+} ossl3_context_t;
|
|
+
|
|
+static int init_ossl3_ctx(context_t *text)
|
|
+{
|
|
+ ossl3_context_t *ctx = text->utils->malloc(sizeof(ossl3_context_t));
|
|
+ if (!ctx) return SASL_NOMEM;
|
|
+
|
|
+ ctx->libctx = OSSL_LIB_CTX_new();
|
|
+ if (!ctx->libctx) {
|
|
+ text->utils->free(ctx);
|
|
+ return SASL_FAIL;
|
|
+ }
|
|
+
|
|
+ /* Load both legacy and default provider as both may be needed */
|
|
+ /* if they fail keep going and an error will be raised when we try to
|
|
+ * fetch the cipher later */
|
|
+ ctx->legacy_provider = OSSL_PROVIDER_load(ctx->libctx, "legacy");
|
|
+ ctx->default_provider = OSSL_PROVIDER_load(ctx->libctx, "default");
|
|
+ text->crypto.libctx = (void *)ctx;
|
|
+
|
|
+ return SASL_OK;
|
|
+}
|
|
+
|
|
+static void free_ossl3_ctx(context_t *text)
|
|
+{
|
|
+ ossl3_context_t *ctx;
|
|
+
|
|
+ if (!text->crypto.libctx) return;
|
|
+
|
|
+ ctx = (ossl3_context_t *)text->crypto.libctx;
|
|
+
|
|
+ if (ctx->legacy_provider) OSSL_PROVIDER_unload(ctx->legacy_provider);
|
|
+ if (ctx->default_provider) OSSL_PROVIDER_unload(ctx->default_provider);
|
|
+ if (ctx->libctx) OSSL_LIB_CTX_free(ctx->libctx);
|
|
+
|
|
+ text->utils->free(ctx);
|
|
+ text->crypto.libctx = NULL;
|
|
+}
|
|
+#endif
|
|
+
|
|
static void free_rc4(context_t *text)
|
|
{
|
|
- if (text->cipher_enc_context) {
|
|
- EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->cipher_enc_context);
|
|
- text->cipher_enc_context = NULL;
|
|
- }
|
|
- if (text->cipher_dec_context) {
|
|
- EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->cipher_dec_context);
|
|
- text->cipher_dec_context = NULL;
|
|
+ if (text->crypto.enc_ctx) {
|
|
+ EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->crypto.enc_ctx);
|
|
+ text->crypto.enc_ctx = NULL;
|
|
+ }
|
|
+ if (text->crypto.dec_ctx) {
|
|
+ EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->crypto.dec_ctx);
|
|
+ text->crypto.dec_ctx = NULL;
|
|
}
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
+ free_ossl3_ctx(text);
|
|
+#endif
|
|
}
|
|
|
|
static int init_rc4(context_t *text,
|
|
unsigned char enckey[16],
|
|
unsigned char deckey[16])
|
|
{
|
|
EVP_CIPHER_CTX *ctx;
|
|
int rc;
|
|
|
|
- ctx = EVP_CIPHER_CTX_new();
|
|
- if (ctx == NULL) return SASL_NOMEM;
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
+ EVP_CIPHER *cipher;
|
|
+ ossl3_context_t *ossl3_ctx;
|
|
|
|
- rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);
|
|
- if (rc != 1) return SASL_FAIL;
|
|
+ rc = init_ossl3_ctx(text);
|
|
+ if (rc != SASL_OK) return rc;
|
|
+
|
|
+ ossl3_ctx = (ossl3_context_t *)text->crypto.libctx;
|
|
+ cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", "");
|
|
+#else
|
|
+ const EVP_CIPHER *cipher;
|
|
+ cipher = EVP_rc4();
|
|
+#endif
|
|
|
|
- text->cipher_enc_context = (void *)ctx;
|
|
|
|
ctx = EVP_CIPHER_CTX_new();
|
|
- if (ctx == NULL) return SASL_NOMEM;
|
|
+ if (ctx == NULL) {
|
|
+ rc = SASL_NOMEM;
|
|
+ goto done;
|
|
+ }
|
|
|
|
- rc = EVP_DecryptInit_ex(ctx, EVP_rc4(), NULL, deckey, NULL);
|
|
- if (rc != 1) return SASL_FAIL;
|
|
+ rc = EVP_EncryptInit_ex(ctx, cipher, NULL, enckey, NULL);
|
|
+ if (rc != 1) {
|
|
+ rc = SASL_FAIL;
|
|
+ goto done;
|
|
+ }
|
|
+ text->crypto.enc_ctx = (void *)ctx;
|
|
|
|
- text->cipher_dec_context = (void *)ctx;
|
|
+ ctx = EVP_CIPHER_CTX_new();
|
|
+ if (ctx == NULL) {
|
|
+ rc = SASL_NOMEM;
|
|
+ goto done;
|
|
+ }
|
|
|
|
- return SASL_OK;
|
|
+ rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL);
|
|
+ if (rc != 1) {
|
|
+ rc = SASL_FAIL;
|
|
+ goto done;
|
|
+ }
|
|
+ text->crypto.dec_ctx = (void *)ctx;
|
|
+
|
|
+ rc = SASL_OK;
|
|
+
|
|
+done:
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
+ EVP_CIPHER_free(cipher);
|
|
+#endif
|
|
+ if (rc != SASL_OK) {
|
|
+ free_rc4(text);
|
|
+ }
|
|
+ return rc;
|
|
}
|
|
|
|
static int dec_rc4(context_t *text,
|
|
@@ -1169,14 +1260,14 @@
|
|
int rc;
|
|
|
|
/* decrypt the text part & HMAC */
|
|
- rc = EVP_DecryptUpdate((EVP_CIPHER_CTX *)text->cipher_dec_context,
|
|
+ rc = EVP_DecryptUpdate((EVP_CIPHER_CTX *)text->crypto.dec_ctx,
|
|
(unsigned char *)output, &len,
|
|
(const unsigned char *)input, inputlen);
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
*outputlen = len;
|
|
|
|
- rc = EVP_DecryptFinal_ex((EVP_CIPHER_CTX *)text->cipher_dec_context,
|
|
+ rc = EVP_DecryptFinal_ex((EVP_CIPHER_CTX *)text->crypto.dec_ctx,
|
|
(unsigned char *)output + len, &len);
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
@@ -1198,7 +1289,7 @@
|
|
int len;
|
|
int rc;
|
|
/* encrypt the text part */
|
|
- rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->cipher_enc_context,
|
|
+ rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->crypto.enc_ctx,
|
|
(unsigned char *)output, &len,
|
|
(const unsigned char *)input, inputlen);
|
|
if (rc != 1) return SASL_FAIL;
|
|
@@ -1206,14 +1297,14 @@
|
|
*outputlen = len;
|
|
|
|
/* encrypt the `MAC part */
|
|
- rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->cipher_enc_context,
|
|
+ rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->crypto.enc_ctx,
|
|
(unsigned char *)output + *outputlen, &len,
|
|
digest, 10);
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
*outputlen += len;
|
|
|
|
- rc = EVP_EncryptFinal_ex((EVP_CIPHER_CTX *)text->cipher_enc_context,
|
|
+ rc = EVP_EncryptFinal_ex((EVP_CIPHER_CTX *)text->crypto.enc_ctx,
|
|
(unsigned char *)output + *outputlen, &len);
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
@@ -1221,194 +1312,11 @@
|
|
|
|
return SASL_OK;
|
|
}
|
|
-#else
|
|
-/* quick generic implementation of RC4 */
|
|
-struct rc4_context_s {
|
|
- unsigned char sbox[256];
|
|
- int i, j;
|
|
-};
|
|
-
|
|
-typedef struct rc4_context_s rc4_context_t;
|
|
-
|
|
-static void rc4_init(rc4_context_t *text,
|
|
- const unsigned char *key,
|
|
- unsigned keylen)
|
|
-{
|
|
- int i, j;
|
|
-
|
|
- /* fill in linearly s0=0 s1=1... */
|
|
- for (i=0;i<256;i++)
|
|
- text->sbox[i]=i;
|
|
-
|
|
- j=0;
|
|
- for (i = 0; i < 256; i++) {
|
|
- unsigned char tmp;
|
|
- /* j = (j + Si + Ki) mod 256 */
|
|
- j = (j + text->sbox[i] + key[i % keylen]) % 256;
|
|
-
|
|
- /* swap Si and Sj */
|
|
- tmp = text->sbox[i];
|
|
- text->sbox[i] = text->sbox[j];
|
|
- text->sbox[j] = tmp;
|
|
- }
|
|
-
|
|
- /* counters initialized to 0 */
|
|
- text->i = 0;
|
|
- text->j = 0;
|
|
-}
|
|
-
|
|
-static void rc4_encrypt(rc4_context_t *text,
|
|
- const char *input,
|
|
- char *output,
|
|
- unsigned len)
|
|
-{
|
|
- int tmp;
|
|
- int i = text->i;
|
|
- int j = text->j;
|
|
- int t;
|
|
- int K;
|
|
- const char *input_end = input + len;
|
|
-
|
|
- while (input < input_end) {
|
|
- i = (i + 1) % 256;
|
|
-
|
|
- j = (j + text->sbox[i]) % 256;
|
|
-
|
|
- /* swap Si and Sj */
|
|
- tmp = text->sbox[i];
|
|
- text->sbox[i] = text->sbox[j];
|
|
- text->sbox[j] = tmp;
|
|
-
|
|
- t = (text->sbox[i] + text->sbox[j]) % 256;
|
|
-
|
|
- K = text->sbox[t];
|
|
-
|
|
- /* byte K is Xor'ed with plaintext */
|
|
- *output++ = *input++ ^ K;
|
|
- }
|
|
-
|
|
- text->i = i;
|
|
- text->j = j;
|
|
-}
|
|
-
|
|
-static void rc4_decrypt(rc4_context_t *text,
|
|
- const char *input,
|
|
- char *output,
|
|
- unsigned len)
|
|
-{
|
|
- int tmp;
|
|
- int i = text->i;
|
|
- int j = text->j;
|
|
- int t;
|
|
- int K;
|
|
- const char *input_end = input + len;
|
|
-
|
|
- while (input < input_end) {
|
|
- i = (i + 1) % 256;
|
|
-
|
|
- j = (j + text->sbox[i]) % 256;
|
|
-
|
|
- /* swap Si and Sj */
|
|
- tmp = text->sbox[i];
|
|
- text->sbox[i] = text->sbox[j];
|
|
- text->sbox[j] = tmp;
|
|
-
|
|
- t = (text->sbox[i] + text->sbox[j]) % 256;
|
|
-
|
|
- K = text->sbox[t];
|
|
-
|
|
- /* byte K is Xor'ed with plaintext */
|
|
- *output++ = *input++ ^ K;
|
|
- }
|
|
-
|
|
- text->i = i;
|
|
- text->j = j;
|
|
-}
|
|
-
|
|
-static void free_rc4(context_t *text)
|
|
-{
|
|
- /* free rc4 context structures */
|
|
-
|
|
- if (text->cipher_enc_context) {
|
|
- text->utils->free(text->cipher_enc_context);
|
|
- text->cipher_enc_context = NULL;
|
|
- }
|
|
- if (text->cipher_dec_context) {
|
|
- text->utils->free(text->cipher_dec_context);
|
|
- text->cipher_dec_context = NULL;
|
|
- }
|
|
-}
|
|
-
|
|
-static int init_rc4(context_t *text,
|
|
- unsigned char enckey[16],
|
|
- unsigned char deckey[16])
|
|
-{
|
|
- /* allocate rc4 context structures */
|
|
- text->cipher_enc_context=
|
|
- (cipher_context_t *) text->utils->malloc(sizeof(rc4_context_t));
|
|
- if (text->cipher_enc_context == NULL) return SASL_NOMEM;
|
|
-
|
|
- text->cipher_dec_context=
|
|
- (cipher_context_t *) text->utils->malloc(sizeof(rc4_context_t));
|
|
- if (text->cipher_dec_context == NULL) return SASL_NOMEM;
|
|
-
|
|
- /* initialize them */
|
|
- rc4_init((rc4_context_t *) text->cipher_enc_context,
|
|
- (const unsigned char *) enckey, 16);
|
|
- rc4_init((rc4_context_t *) text->cipher_dec_context,
|
|
- (const unsigned char *) deckey, 16);
|
|
-
|
|
- return SASL_OK;
|
|
-}
|
|
-
|
|
-static int dec_rc4(context_t *text,
|
|
- const char *input,
|
|
- unsigned inputlen,
|
|
- unsigned char digest[16] __attribute__((unused)),
|
|
- char *output,
|
|
- unsigned *outputlen)
|
|
-{
|
|
- /* decrypt the text part & HMAC */
|
|
- rc4_decrypt((rc4_context_t *) text->cipher_dec_context,
|
|
- input, output, inputlen);
|
|
-
|
|
- /* no padding so we just subtract the HMAC to get the text length */
|
|
- *outputlen = inputlen - 10;
|
|
-
|
|
- return SASL_OK;
|
|
-}
|
|
-
|
|
-static int enc_rc4(context_t *text,
|
|
- const char *input,
|
|
- unsigned inputlen,
|
|
- unsigned char digest[16],
|
|
- char *output,
|
|
- unsigned *outputlen)
|
|
-{
|
|
- /* pad is zero */
|
|
- *outputlen = inputlen+10;
|
|
-
|
|
- /* encrypt the text part */
|
|
- rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
|
|
- input,
|
|
- output,
|
|
- inputlen);
|
|
-
|
|
- /* encrypt the HMAC part */
|
|
- rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
|
|
- (const char *) digest,
|
|
- (output)+inputlen, 10);
|
|
-
|
|
- return SASL_OK;
|
|
-}
|
|
-#endif /* HAVE_OPENSSL */
|
|
#endif /* WITH_RC4 */
|
|
|
|
struct digest_cipher available_ciphers[] =
|
|
{
|
|
#ifdef WITH_RC4
|
|
- { "rc4-40", 40, 5, 0x01, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
|
|
- { "rc4-56", 56, 7, 0x02, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
|
|
{ "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
|
|
#endif
|
|
#ifdef WITH_DES
|
|
@@ -2815,6 +2729,7 @@
|
|
}
|
|
|
|
if (cptr->name) {
|
|
+ text->cipher_name = cptr->name;
|
|
text->cipher_enc = cptr->cipher_enc;
|
|
text->cipher_dec = cptr->cipher_dec;
|
|
text->cipher_init = cptr->cipher_init;
|
|
@@ -2958,7 +2873,10 @@
|
|
if (text->cipher_init) {
|
|
if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
|
|
sparams->utils->seterror(sparams->utils->conn, 0,
|
|
- "couldn't init cipher");
|
|
+ "couldn't init cipher '%s'",
|
|
+ text->cipher_name);
|
|
+ result = SASL_FAIL;
|
|
+ goto FreeAllMem;
|
|
}
|
|
}
|
|
}
|
|
@@ -3509,6 +3427,7 @@
|
|
oparams->mech_ssf = ctext->cipher->ssf;
|
|
|
|
nbits = ctext->cipher->n;
|
|
+ text->cipher_name = ctext->cipher->name;
|
|
text->cipher_enc = ctext->cipher->cipher_enc;
|
|
text->cipher_dec = ctext->cipher->cipher_dec;
|
|
text->cipher_free = ctext->cipher->cipher_free;
|
|
@@ -3733,7 +3652,13 @@
|
|
|
|
/* initialize cipher if need be */
|
|
if (text->cipher_init) {
|
|
- text->cipher_init(text, enckey, deckey);
|
|
+ if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
|
|
+ params->utils->seterror(params->utils->conn, 0,
|
|
+ "internal error: failed to init cipher '%s'",
|
|
+ text->cipher_name);
|
|
+ result = SASL_FAIL;
|
|
+ goto FreeAllocatedMem;
|
|
+ }
|
|
}
|
|
}
|
|
|