diff options
Diffstat (limited to 'comm/third_party/libotr/toolkit')
21 files changed, 3864 insertions, 0 deletions
diff --git a/comm/third_party/libotr/toolkit/Makefile.am b/comm/third_party/libotr/toolkit/Makefile.am new file mode 100644 index 0000000000..4c069fb5ce --- /dev/null +++ b/comm/third_party/libotr/toolkit/Makefile.am @@ -0,0 +1,44 @@ +AM_CPPFLAGS = -I$(includedir) -I../src @LIBGCRYPT_CFLAGS@ + +noinst_HEADERS = aes.h ctrmode.h parse.h sesskeys.h readotr.h sha1hmac.h + +bin_PROGRAMS = otr_parse otr_sesskeys otr_mackey otr_readforge \ + otr_modify otr_remac + +COMMON_S = parse.c sha1hmac.c +COMMON_LD = ../src/libotr.la @LIBS@ @LIBGCRYPT_LIBS@ + +otr_parse_SOURCES = otr_parse.c readotr.c $(COMMON_S) +otr_parse_LDADD = $(COMMON_LD) + +otr_sesskeys_SOURCES = otr_sesskeys.c sesskeys.c $(COMMON_S) +otr_sesskeys_LDADD = $(COMMON_LD) + +otr_mackey_SOURCES = otr_mackey.c sesskeys.c $(COMMON_S) +otr_mackey_LDADD = $(COMMON_LD) + +otr_readforge_SOURCES = otr_readforge.c readotr.c sesskeys.c \ + aes.c ctrmode.c $(COMMON_S) +otr_readforge_LDADD = $(COMMON_LD) + +otr_modify_SOURCES = otr_modify.c readotr.c $(COMMON_S) +otr_modify_LDADD = $(COMMON_LD) + +otr_remac_SOURCES = otr_remac.c $(COMMON_S) +otr_remac_LDADD = $(COMMON_LD) + + +man_MANS = otr_toolkit.1 +EXTRA_DIST = otr_toolkit.1 + +MANLINKS = otr_parse.1 otr_sesskeys.1 otr_mackey.1 otr_readforge.1 \ + otr_modify.1 otr_remac.1 + +install-data-local: + -mkdir -p $(DESTDIR)$(man1dir) + (cd $(DESTDIR)$(man1dir) && \ + for f in $(MANLINKS); do ln -sf otr_toolkit.1 $$f; done) + +uninstall-local: + (cd $(DESTDIR)$(man1dir) && \ + for f in $(MANLINKS); do rm -f $$f; done) diff --git a/comm/third_party/libotr/toolkit/Makefile.in b/comm/third_party/libotr/toolkit/Makefile.in new file mode 100644 index 0000000000..deca5003c1 --- /dev/null +++ b/comm/third_party/libotr/toolkit/Makefile.in @@ -0,0 +1,787 @@ +# Makefile.in generated by automake 1.14.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + +VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +bin_PROGRAMS = otr_parse$(EXEEXT) otr_sesskeys$(EXEEXT) \ + otr_mackey$(EXEEXT) otr_readforge$(EXEEXT) otr_modify$(EXEEXT) \ + otr_remac$(EXEEXT) +subdir = toolkit +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/config/depcomp $(noinst_HEADERS) +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/config/libtool.m4 \ + $(top_srcdir)/config/ltoptions.m4 \ + $(top_srcdir)/config/ltsugar.m4 \ + $(top_srcdir)/config/ltversion.m4 \ + $(top_srcdir)/config/lt~obsolete.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" +PROGRAMS = $(bin_PROGRAMS) +am__objects_1 = parse.$(OBJEXT) sha1hmac.$(OBJEXT) +am_otr_mackey_OBJECTS = otr_mackey.$(OBJEXT) sesskeys.$(OBJEXT) \ + $(am__objects_1) +otr_mackey_OBJECTS = $(am_otr_mackey_OBJECTS) +am__DEPENDENCIES_1 = ../src/libotr.la +otr_mackey_DEPENDENCIES = $(am__DEPENDENCIES_1) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +am_otr_modify_OBJECTS = otr_modify.$(OBJEXT) readotr.$(OBJEXT) \ + $(am__objects_1) +otr_modify_OBJECTS = $(am_otr_modify_OBJECTS) +otr_modify_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_otr_parse_OBJECTS = otr_parse.$(OBJEXT) readotr.$(OBJEXT) \ + $(am__objects_1) +otr_parse_OBJECTS = $(am_otr_parse_OBJECTS) +otr_parse_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_otr_readforge_OBJECTS = otr_readforge.$(OBJEXT) readotr.$(OBJEXT) \ + sesskeys.$(OBJEXT) aes.$(OBJEXT) ctrmode.$(OBJEXT) \ + $(am__objects_1) +otr_readforge_OBJECTS = $(am_otr_readforge_OBJECTS) +otr_readforge_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_otr_remac_OBJECTS = otr_remac.$(OBJEXT) $(am__objects_1) +otr_remac_OBJECTS = $(am_otr_remac_OBJECTS) +otr_remac_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_otr_sesskeys_OBJECTS = otr_sesskeys.$(OBJEXT) sesskeys.$(OBJEXT) \ + $(am__objects_1) +otr_sesskeys_OBJECTS = $(am_otr_sesskeys_OBJECTS) +otr_sesskeys_DEPENDENCIES = $(am__DEPENDENCIES_1) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/config/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(otr_mackey_SOURCES) $(otr_modify_SOURCES) \ + $(otr_parse_SOURCES) $(otr_readforge_SOURCES) \ + $(otr_remac_SOURCES) $(otr_sesskeys_SOURCES) +DIST_SOURCES = $(otr_mackey_SOURCES) $(otr_modify_SOURCES) \ + $(otr_parse_SOURCES) $(otr_readforge_SOURCES) \ + $(otr_remac_SOURCES) $(otr_sesskeys_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +man1dir = $(mandir)/man1 +NROFF = nroff +MANS = $(man_MANS) +HEADERS = $(noinst_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBOTR_LIBTOOL_VERSION = @LIBOTR_LIBTOOL_VERSION@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AM_CPPFLAGS = -I$(includedir) -I../src @LIBGCRYPT_CFLAGS@ +noinst_HEADERS = aes.h ctrmode.h parse.h sesskeys.h readotr.h sha1hmac.h +COMMON_S = parse.c sha1hmac.c +COMMON_LD = ../src/libotr.la @LIBS@ @LIBGCRYPT_LIBS@ +otr_parse_SOURCES = otr_parse.c readotr.c $(COMMON_S) +otr_parse_LDADD = $(COMMON_LD) +otr_sesskeys_SOURCES = otr_sesskeys.c sesskeys.c $(COMMON_S) +otr_sesskeys_LDADD = $(COMMON_LD) +otr_mackey_SOURCES = otr_mackey.c sesskeys.c $(COMMON_S) +otr_mackey_LDADD = $(COMMON_LD) +otr_readforge_SOURCES = otr_readforge.c readotr.c sesskeys.c \ + aes.c ctrmode.c $(COMMON_S) + +otr_readforge_LDADD = $(COMMON_LD) +otr_modify_SOURCES = otr_modify.c readotr.c $(COMMON_S) +otr_modify_LDADD = $(COMMON_LD) +otr_remac_SOURCES = otr_remac.c $(COMMON_S) +otr_remac_LDADD = $(COMMON_LD) +man_MANS = otr_toolkit.1 +EXTRA_DIST = otr_toolkit.1 +MANLINKS = otr_parse.1 otr_sesskeys.1 otr_mackey.1 otr_readforge.1 \ + otr_modify.1 otr_remac.1 + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu toolkit/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu toolkit/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ + fi; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p \ + || test -f $$p1 \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' \ + `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +clean-binPROGRAMS: + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +otr_mackey$(EXEEXT): $(otr_mackey_OBJECTS) $(otr_mackey_DEPENDENCIES) $(EXTRA_otr_mackey_DEPENDENCIES) + @rm -f otr_mackey$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_mackey_OBJECTS) $(otr_mackey_LDADD) $(LIBS) + +otr_modify$(EXEEXT): $(otr_modify_OBJECTS) $(otr_modify_DEPENDENCIES) $(EXTRA_otr_modify_DEPENDENCIES) + @rm -f otr_modify$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_modify_OBJECTS) $(otr_modify_LDADD) $(LIBS) + +otr_parse$(EXEEXT): $(otr_parse_OBJECTS) $(otr_parse_DEPENDENCIES) $(EXTRA_otr_parse_DEPENDENCIES) + @rm -f otr_parse$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_parse_OBJECTS) $(otr_parse_LDADD) $(LIBS) + +otr_readforge$(EXEEXT): $(otr_readforge_OBJECTS) $(otr_readforge_DEPENDENCIES) $(EXTRA_otr_readforge_DEPENDENCIES) + @rm -f otr_readforge$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_readforge_OBJECTS) $(otr_readforge_LDADD) $(LIBS) + +otr_remac$(EXEEXT): $(otr_remac_OBJECTS) $(otr_remac_DEPENDENCIES) $(EXTRA_otr_remac_DEPENDENCIES) + @rm -f otr_remac$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_remac_OBJECTS) $(otr_remac_LDADD) $(LIBS) + +otr_sesskeys$(EXEEXT): $(otr_sesskeys_OBJECTS) $(otr_sesskeys_DEPENDENCIES) $(EXTRA_otr_sesskeys_DEPENDENCIES) + @rm -f otr_sesskeys$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(otr_sesskeys_OBJECTS) $(otr_sesskeys_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ctrmode.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_mackey.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_modify.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_parse.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_readforge.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_remac.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otr_sesskeys.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/readotr.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sesskeys.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1hmac.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man1dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.1[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(PROGRAMS) $(MANS) $(HEADERS) +installdirs: + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-data-local install-man + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-binPROGRAMS + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man1 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-binPROGRAMS uninstall-local uninstall-man + +uninstall-man: uninstall-man1 + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean \ + clean-binPROGRAMS clean-generic clean-libtool cscopelist-am \ + ctags ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-data-local install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-man1 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-binPROGRAMS uninstall-local \ + uninstall-man uninstall-man1 + + +install-data-local: + -mkdir -p $(DESTDIR)$(man1dir) + (cd $(DESTDIR)$(man1dir) && \ + for f in $(MANLINKS); do ln -sf otr_toolkit.1 $$f; done) + +uninstall-local: + (cd $(DESTDIR)$(man1dir) && \ + for f in $(MANLINKS); do rm -f $$f; done) + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/comm/third_party/libotr/toolkit/aes.c b/comm/third_party/libotr/toolkit/aes.c new file mode 100644 index 0000000000..1dff0ef89c --- /dev/null +++ b/comm/third_party/libotr/toolkit/aes.c @@ -0,0 +1,866 @@ +/* Retrieved from http://www.cr0.net:8040/code/crypto/aes/aes.c */ + +/* + * FIPS-197 compliant AES implementation + * + * Copyright (C) 2001-2004 Christophe Devine + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include "aes.h" + +/* uncomment the following line to run the test suite */ + +/* #define TEST */ + +/* uncomment the following line to use pre-computed tables */ +/* otherwise the tables will be generated at the first run */ + +/* #define FIXED_TABLES */ + +#ifndef FIXED_TABLES + +/* forward S-box & tables */ + +uint32 FSb[256]; +uint32 FT0[256]; +uint32 FT1[256]; +uint32 FT2[256]; +uint32 FT3[256]; + +/* reverse S-box & tables */ + +uint32 RSb[256]; +uint32 RT0[256]; +uint32 RT1[256]; +uint32 RT2[256]; +uint32 RT3[256]; + +/* round constants */ + +uint32 RCON[10]; + +/* tables generation flag */ + +int do_init = 1; + +/* tables generation routine */ + +#define ROTR8(x) ( ( ( x << 24 ) & 0xFFFFFFFF ) | \ + ( ( x & 0xFFFFFFFF ) >> 8 ) ) + +#define XTIME(x) ( ( x << 1 ) ^ ( ( x & 0x80 ) ? 0x1B : 0x00 ) ) +#define MUL(x,y) ( ( x && y ) ? pow[(log[x] + log[y]) % 255] : 0 ) + +void aes_gen_tables( void ) +{ + int i; + uint8 x, y; + uint8 pow[256]; + uint8 log[256]; + + /* compute pow and log tables over GF(2^8) */ + + for( i = 0, x = 1; i < 256; i++, x ^= XTIME( x ) ) + { + pow[i] = x; + log[x] = i; + } + + /* calculate the round constants */ + + for( i = 0, x = 1; i < 10; i++, x = XTIME( x ) ) + { + RCON[i] = (uint32) x << 24; + } + + /* generate the forward and reverse S-boxes */ + + FSb[0x00] = 0x63; + RSb[0x63] = 0x00; + + for( i = 1; i < 256; i++ ) + { + x = pow[255 - log[i]]; + + y = x; y = ( y << 1 ) | ( y >> 7 ); + x ^= y; y = ( y << 1 ) | ( y >> 7 ); + x ^= y; y = ( y << 1 ) | ( y >> 7 ); + x ^= y; y = ( y << 1 ) | ( y >> 7 ); + x ^= y ^ 0x63; + + FSb[i] = x; + RSb[x] = i; + } + + /* generate the forward and reverse tables */ + + for( i = 0; i < 256; i++ ) + { + x = (unsigned char) FSb[i]; y = XTIME( x ); + + FT0[i] = (uint32) ( x ^ y ) ^ + ( (uint32) x << 8 ) ^ + ( (uint32) x << 16 ) ^ + ( (uint32) y << 24 ); + + FT0[i] &= 0xFFFFFFFF; + + FT1[i] = ROTR8( FT0[i] ); + FT2[i] = ROTR8( FT1[i] ); + FT3[i] = ROTR8( FT2[i] ); + + y = (unsigned char) RSb[i]; + + RT0[i] = ( (uint32) MUL( 0x0B, y ) ) ^ + ( (uint32) MUL( 0x0D, y ) << 8 ) ^ + ( (uint32) MUL( 0x09, y ) << 16 ) ^ + ( (uint32) MUL( 0x0E, y ) << 24 ); + + RT0[i] &= 0xFFFFFFFF; + + RT1[i] = ROTR8( RT0[i] ); + RT2[i] = ROTR8( RT1[i] ); + RT3[i] = ROTR8( RT2[i] ); + } +} + +#else + +/* forward S-box */ + +static const uint32 FSb[256] = +{ + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, + 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, + 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, + 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, + 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, + 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, + 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, + 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, + 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, + 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, + 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, + 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, + 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, + 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, + 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, + 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, + 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 +}; + +/* forward tables */ + +#define FT \ +\ + V(C6,63,63,A5), V(F8,7C,7C,84), V(EE,77,77,99), V(F6,7B,7B,8D), \ + V(FF,F2,F2,0D), V(D6,6B,6B,BD), V(DE,6F,6F,B1), V(91,C5,C5,54), \ + V(60,30,30,50), V(02,01,01,03), V(CE,67,67,A9), V(56,2B,2B,7D), \ + V(E7,FE,FE,19), V(B5,D7,D7,62), V(4D,AB,AB,E6), V(EC,76,76,9A), \ + V(8F,CA,CA,45), V(1F,82,82,9D), V(89,C9,C9,40), V(FA,7D,7D,87), \ + V(EF,FA,FA,15), V(B2,59,59,EB), V(8E,47,47,C9), V(FB,F0,F0,0B), \ + V(41,AD,AD,EC), V(B3,D4,D4,67), V(5F,A2,A2,FD), V(45,AF,AF,EA), \ + V(23,9C,9C,BF), V(53,A4,A4,F7), V(E4,72,72,96), V(9B,C0,C0,5B), \ + V(75,B7,B7,C2), V(E1,FD,FD,1C), V(3D,93,93,AE), V(4C,26,26,6A), \ + V(6C,36,36,5A), V(7E,3F,3F,41), V(F5,F7,F7,02), V(83,CC,CC,4F), \ + V(68,34,34,5C), V(51,A5,A5,F4), V(D1,E5,E5,34), V(F9,F1,F1,08), \ + V(E2,71,71,93), V(AB,D8,D8,73), V(62,31,31,53), V(2A,15,15,3F), \ + V(08,04,04,0C), V(95,C7,C7,52), V(46,23,23,65), V(9D,C3,C3,5E), \ + V(30,18,18,28), V(37,96,96,A1), V(0A,05,05,0F), V(2F,9A,9A,B5), \ + V(0E,07,07,09), V(24,12,12,36), V(1B,80,80,9B), V(DF,E2,E2,3D), \ + V(CD,EB,EB,26), V(4E,27,27,69), V(7F,B2,B2,CD), V(EA,75,75,9F), \ + V(12,09,09,1B), V(1D,83,83,9E), V(58,2C,2C,74), V(34,1A,1A,2E), \ + V(36,1B,1B,2D), V(DC,6E,6E,B2), V(B4,5A,5A,EE), V(5B,A0,A0,FB), \ + V(A4,52,52,F6), V(76,3B,3B,4D), V(B7,D6,D6,61), V(7D,B3,B3,CE), \ + V(52,29,29,7B), V(DD,E3,E3,3E), V(5E,2F,2F,71), V(13,84,84,97), \ + V(A6,53,53,F5), V(B9,D1,D1,68), V(00,00,00,00), V(C1,ED,ED,2C), \ + V(40,20,20,60), V(E3,FC,FC,1F), V(79,B1,B1,C8), V(B6,5B,5B,ED), \ + V(D4,6A,6A,BE), V(8D,CB,CB,46), V(67,BE,BE,D9), V(72,39,39,4B), \ + V(94,4A,4A,DE), V(98,4C,4C,D4), V(B0,58,58,E8), V(85,CF,CF,4A), \ + V(BB,D0,D0,6B), V(C5,EF,EF,2A), V(4F,AA,AA,E5), V(ED,FB,FB,16), \ + V(86,43,43,C5), V(9A,4D,4D,D7), V(66,33,33,55), V(11,85,85,94), \ + V(8A,45,45,CF), V(E9,F9,F9,10), V(04,02,02,06), V(FE,7F,7F,81), \ + V(A0,50,50,F0), V(78,3C,3C,44), V(25,9F,9F,BA), V(4B,A8,A8,E3), \ + V(A2,51,51,F3), V(5D,A3,A3,FE), V(80,40,40,C0), V(05,8F,8F,8A), \ + V(3F,92,92,AD), V(21,9D,9D,BC), V(70,38,38,48), V(F1,F5,F5,04), \ + V(63,BC,BC,DF), V(77,B6,B6,C1), V(AF,DA,DA,75), V(42,21,21,63), \ + V(20,10,10,30), V(E5,FF,FF,1A), V(FD,F3,F3,0E), V(BF,D2,D2,6D), \ + V(81,CD,CD,4C), V(18,0C,0C,14), V(26,13,13,35), V(C3,EC,EC,2F), \ + V(BE,5F,5F,E1), V(35,97,97,A2), V(88,44,44,CC), V(2E,17,17,39), \ + V(93,C4,C4,57), V(55,A7,A7,F2), V(FC,7E,7E,82), V(7A,3D,3D,47), \ + V(C8,64,64,AC), V(BA,5D,5D,E7), V(32,19,19,2B), V(E6,73,73,95), \ + V(C0,60,60,A0), V(19,81,81,98), V(9E,4F,4F,D1), V(A3,DC,DC,7F), \ + V(44,22,22,66), V(54,2A,2A,7E), V(3B,90,90,AB), V(0B,88,88,83), \ + V(8C,46,46,CA), V(C7,EE,EE,29), V(6B,B8,B8,D3), V(28,14,14,3C), \ + V(A7,DE,DE,79), V(BC,5E,5E,E2), V(16,0B,0B,1D), V(AD,DB,DB,76), \ + V(DB,E0,E0,3B), V(64,32,32,56), V(74,3A,3A,4E), V(14,0A,0A,1E), \ + V(92,49,49,DB), V(0C,06,06,0A), V(48,24,24,6C), V(B8,5C,5C,E4), \ + V(9F,C2,C2,5D), V(BD,D3,D3,6E), V(43,AC,AC,EF), V(C4,62,62,A6), \ + V(39,91,91,A8), V(31,95,95,A4), V(D3,E4,E4,37), V(F2,79,79,8B), \ + V(D5,E7,E7,32), V(8B,C8,C8,43), V(6E,37,37,59), V(DA,6D,6D,B7), \ + V(01,8D,8D,8C), V(B1,D5,D5,64), V(9C,4E,4E,D2), V(49,A9,A9,E0), \ + V(D8,6C,6C,B4), V(AC,56,56,FA), V(F3,F4,F4,07), V(CF,EA,EA,25), \ + V(CA,65,65,AF), V(F4,7A,7A,8E), V(47,AE,AE,E9), V(10,08,08,18), \ + V(6F,BA,BA,D5), V(F0,78,78,88), V(4A,25,25,6F), V(5C,2E,2E,72), \ + V(38,1C,1C,24), V(57,A6,A6,F1), V(73,B4,B4,C7), V(97,C6,C6,51), \ + V(CB,E8,E8,23), V(A1,DD,DD,7C), V(E8,74,74,9C), V(3E,1F,1F,21), \ + V(96,4B,4B,DD), V(61,BD,BD,DC), V(0D,8B,8B,86), V(0F,8A,8A,85), \ + V(E0,70,70,90), V(7C,3E,3E,42), V(71,B5,B5,C4), V(CC,66,66,AA), \ + V(90,48,48,D8), V(06,03,03,05), V(F7,F6,F6,01), V(1C,0E,0E,12), \ + V(C2,61,61,A3), V(6A,35,35,5F), V(AE,57,57,F9), V(69,B9,B9,D0), \ + V(17,86,86,91), V(99,C1,C1,58), V(3A,1D,1D,27), V(27,9E,9E,B9), \ + V(D9,E1,E1,38), V(EB,F8,F8,13), V(2B,98,98,B3), V(22,11,11,33), \ + V(D2,69,69,BB), V(A9,D9,D9,70), V(07,8E,8E,89), V(33,94,94,A7), \ + V(2D,9B,9B,B6), V(3C,1E,1E,22), V(15,87,87,92), V(C9,E9,E9,20), \ + V(87,CE,CE,49), V(AA,55,55,FF), V(50,28,28,78), V(A5,DF,DF,7A), \ + V(03,8C,8C,8F), V(59,A1,A1,F8), V(09,89,89,80), V(1A,0D,0D,17), \ + V(65,BF,BF,DA), V(D7,E6,E6,31), V(84,42,42,C6), V(D0,68,68,B8), \ + V(82,41,41,C3), V(29,99,99,B0), V(5A,2D,2D,77), V(1E,0F,0F,11), \ + V(7B,B0,B0,CB), V(A8,54,54,FC), V(6D,BB,BB,D6), V(2C,16,16,3A) + +#define V(a,b,c,d) 0x##a##b##c##d +static const uint32 FT0[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##d##a##b##c +static const uint32 FT1[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##c##d##a##b +static const uint32 FT2[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##b##c##d##a +static const uint32 FT3[256] = { FT }; +#undef V + +#undef FT + +/* reverse S-box */ + +static const uint32 RSb[256] = +{ + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, + 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, + 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, + 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, + 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, + 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, + 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, + 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, + 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, + 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, + 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, + 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, + 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, + 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, + 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, + 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, + 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D +}; + +/* reverse tables */ + +#define RT \ +\ + V(51,F4,A7,50), V(7E,41,65,53), V(1A,17,A4,C3), V(3A,27,5E,96), \ + V(3B,AB,6B,CB), V(1F,9D,45,F1), V(AC,FA,58,AB), V(4B,E3,03,93), \ + V(20,30,FA,55), V(AD,76,6D,F6), V(88,CC,76,91), V(F5,02,4C,25), \ + V(4F,E5,D7,FC), V(C5,2A,CB,D7), V(26,35,44,80), V(B5,62,A3,8F), \ + V(DE,B1,5A,49), V(25,BA,1B,67), V(45,EA,0E,98), V(5D,FE,C0,E1), \ + V(C3,2F,75,02), V(81,4C,F0,12), V(8D,46,97,A3), V(6B,D3,F9,C6), \ + V(03,8F,5F,E7), V(15,92,9C,95), V(BF,6D,7A,EB), V(95,52,59,DA), \ + V(D4,BE,83,2D), V(58,74,21,D3), V(49,E0,69,29), V(8E,C9,C8,44), \ + V(75,C2,89,6A), V(F4,8E,79,78), V(99,58,3E,6B), V(27,B9,71,DD), \ + V(BE,E1,4F,B6), V(F0,88,AD,17), V(C9,20,AC,66), V(7D,CE,3A,B4), \ + V(63,DF,4A,18), V(E5,1A,31,82), V(97,51,33,60), V(62,53,7F,45), \ + V(B1,64,77,E0), V(BB,6B,AE,84), V(FE,81,A0,1C), V(F9,08,2B,94), \ + V(70,48,68,58), V(8F,45,FD,19), V(94,DE,6C,87), V(52,7B,F8,B7), \ + V(AB,73,D3,23), V(72,4B,02,E2), V(E3,1F,8F,57), V(66,55,AB,2A), \ + V(B2,EB,28,07), V(2F,B5,C2,03), V(86,C5,7B,9A), V(D3,37,08,A5), \ + V(30,28,87,F2), V(23,BF,A5,B2), V(02,03,6A,BA), V(ED,16,82,5C), \ + V(8A,CF,1C,2B), V(A7,79,B4,92), V(F3,07,F2,F0), V(4E,69,E2,A1), \ + V(65,DA,F4,CD), V(06,05,BE,D5), V(D1,34,62,1F), V(C4,A6,FE,8A), \ + V(34,2E,53,9D), V(A2,F3,55,A0), V(05,8A,E1,32), V(A4,F6,EB,75), \ + V(0B,83,EC,39), V(40,60,EF,AA), V(5E,71,9F,06), V(BD,6E,10,51), \ + V(3E,21,8A,F9), V(96,DD,06,3D), V(DD,3E,05,AE), V(4D,E6,BD,46), \ + V(91,54,8D,B5), V(71,C4,5D,05), V(04,06,D4,6F), V(60,50,15,FF), \ + V(19,98,FB,24), V(D6,BD,E9,97), V(89,40,43,CC), V(67,D9,9E,77), \ + V(B0,E8,42,BD), V(07,89,8B,88), V(E7,19,5B,38), V(79,C8,EE,DB), \ + V(A1,7C,0A,47), V(7C,42,0F,E9), V(F8,84,1E,C9), V(00,00,00,00), \ + V(09,80,86,83), V(32,2B,ED,48), V(1E,11,70,AC), V(6C,5A,72,4E), \ + V(FD,0E,FF,FB), V(0F,85,38,56), V(3D,AE,D5,1E), V(36,2D,39,27), \ + V(0A,0F,D9,64), V(68,5C,A6,21), V(9B,5B,54,D1), V(24,36,2E,3A), \ + V(0C,0A,67,B1), V(93,57,E7,0F), V(B4,EE,96,D2), V(1B,9B,91,9E), \ + V(80,C0,C5,4F), V(61,DC,20,A2), V(5A,77,4B,69), V(1C,12,1A,16), \ + V(E2,93,BA,0A), V(C0,A0,2A,E5), V(3C,22,E0,43), V(12,1B,17,1D), \ + V(0E,09,0D,0B), V(F2,8B,C7,AD), V(2D,B6,A8,B9), V(14,1E,A9,C8), \ + V(57,F1,19,85), V(AF,75,07,4C), V(EE,99,DD,BB), V(A3,7F,60,FD), \ + V(F7,01,26,9F), V(5C,72,F5,BC), V(44,66,3B,C5), V(5B,FB,7E,34), \ + V(8B,43,29,76), V(CB,23,C6,DC), V(B6,ED,FC,68), V(B8,E4,F1,63), \ + V(D7,31,DC,CA), V(42,63,85,10), V(13,97,22,40), V(84,C6,11,20), \ + V(85,4A,24,7D), V(D2,BB,3D,F8), V(AE,F9,32,11), V(C7,29,A1,6D), \ + V(1D,9E,2F,4B), V(DC,B2,30,F3), V(0D,86,52,EC), V(77,C1,E3,D0), \ + V(2B,B3,16,6C), V(A9,70,B9,99), V(11,94,48,FA), V(47,E9,64,22), \ + V(A8,FC,8C,C4), V(A0,F0,3F,1A), V(56,7D,2C,D8), V(22,33,90,EF), \ + V(87,49,4E,C7), V(D9,38,D1,C1), V(8C,CA,A2,FE), V(98,D4,0B,36), \ + V(A6,F5,81,CF), V(A5,7A,DE,28), V(DA,B7,8E,26), V(3F,AD,BF,A4), \ + V(2C,3A,9D,E4), V(50,78,92,0D), V(6A,5F,CC,9B), V(54,7E,46,62), \ + V(F6,8D,13,C2), V(90,D8,B8,E8), V(2E,39,F7,5E), V(82,C3,AF,F5), \ + V(9F,5D,80,BE), V(69,D0,93,7C), V(6F,D5,2D,A9), V(CF,25,12,B3), \ + V(C8,AC,99,3B), V(10,18,7D,A7), V(E8,9C,63,6E), V(DB,3B,BB,7B), \ + V(CD,26,78,09), V(6E,59,18,F4), V(EC,9A,B7,01), V(83,4F,9A,A8), \ + V(E6,95,6E,65), V(AA,FF,E6,7E), V(21,BC,CF,08), V(EF,15,E8,E6), \ + V(BA,E7,9B,D9), V(4A,6F,36,CE), V(EA,9F,09,D4), V(29,B0,7C,D6), \ + V(31,A4,B2,AF), V(2A,3F,23,31), V(C6,A5,94,30), V(35,A2,66,C0), \ + V(74,4E,BC,37), V(FC,82,CA,A6), V(E0,90,D0,B0), V(33,A7,D8,15), \ + V(F1,04,98,4A), V(41,EC,DA,F7), V(7F,CD,50,0E), V(17,91,F6,2F), \ + V(76,4D,D6,8D), V(43,EF,B0,4D), V(CC,AA,4D,54), V(E4,96,04,DF), \ + V(9E,D1,B5,E3), V(4C,6A,88,1B), V(C1,2C,1F,B8), V(46,65,51,7F), \ + V(9D,5E,EA,04), V(01,8C,35,5D), V(FA,87,74,73), V(FB,0B,41,2E), \ + V(B3,67,1D,5A), V(92,DB,D2,52), V(E9,10,56,33), V(6D,D6,47,13), \ + V(9A,D7,61,8C), V(37,A1,0C,7A), V(59,F8,14,8E), V(EB,13,3C,89), \ + V(CE,A9,27,EE), V(B7,61,C9,35), V(E1,1C,E5,ED), V(7A,47,B1,3C), \ + V(9C,D2,DF,59), V(55,F2,73,3F), V(18,14,CE,79), V(73,C7,37,BF), \ + V(53,F7,CD,EA), V(5F,FD,AA,5B), V(DF,3D,6F,14), V(78,44,DB,86), \ + V(CA,AF,F3,81), V(B9,68,C4,3E), V(38,24,34,2C), V(C2,A3,40,5F), \ + V(16,1D,C3,72), V(BC,E2,25,0C), V(28,3C,49,8B), V(FF,0D,95,41), \ + V(39,A8,01,71), V(08,0C,B3,DE), V(D8,B4,E4,9C), V(64,56,C1,90), \ + V(7B,CB,84,61), V(D5,32,B6,70), V(48,6C,5C,74), V(D0,B8,57,42) + +#define V(a,b,c,d) 0x##a##b##c##d +static const uint32 RT0[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##d##a##b##c +static const uint32 RT1[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##c##d##a##b +static const uint32 RT2[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##b##c##d##a +static const uint32 RT3[256] = { RT }; +#undef V + +#undef RT + +/* round constants */ + +static const uint32 RCON[10] = +{ + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000 +}; + +int do_init = 0; + +void aes_gen_tables( void ) +{ +} + +#endif + +/* platform-independant 32-bit integer manipulation macros */ + +#define GET_UINT32(n,b,i) \ +{ \ + (n) = ( (uint32) (b)[(i) ] << 24 ) \ + | ( (uint32) (b)[(i) + 1] << 16 ) \ + | ( (uint32) (b)[(i) + 2] << 8 ) \ + | ( (uint32) (b)[(i) + 3] ); \ +} + +#define PUT_UINT32(n,b,i) \ +{ \ + (b)[(i) ] = (uint8) ( (n) >> 24 ); \ + (b)[(i) + 1] = (uint8) ( (n) >> 16 ); \ + (b)[(i) + 2] = (uint8) ( (n) >> 8 ); \ + (b)[(i) + 3] = (uint8) ( (n) ); \ +} + +/* decryption key schedule tables */ + +int KT_init = 1; + +uint32 KT0[256]; +uint32 KT1[256]; +uint32 KT2[256]; +uint32 KT3[256]; + +/* AES key scheduling routine */ + +int aes_set_key( aes_context *ctx, uint8 *key, int nbits ) +{ + int i; + uint32 *RK, *SK; + + if( do_init ) + { + aes_gen_tables(); + + do_init = 0; + } + + switch( nbits ) + { + case 128: ctx->nr = 10; break; + case 192: ctx->nr = 12; break; + case 256: ctx->nr = 14; break; + default : return( 1 ); + } + + RK = ctx->erk; + + for( i = 0; i < (nbits >> 5); i++ ) + { + GET_UINT32( RK[i], key, i * 4 ); + } + + /* setup encryption round keys */ + + switch( nbits ) + { + case 128: + + for( i = 0; i < 10; i++, RK += 4 ) + { + RK[4] = RK[0] ^ RCON[i] ^ + ( FSb[ (uint8) ( RK[3] >> 16 ) ] << 24 ) ^ + ( FSb[ (uint8) ( RK[3] >> 8 ) ] << 16 ) ^ + ( FSb[ (uint8) ( RK[3] ) ] << 8 ) ^ + ( FSb[ (uint8) ( RK[3] >> 24 ) ] ); + + RK[5] = RK[1] ^ RK[4]; + RK[6] = RK[2] ^ RK[5]; + RK[7] = RK[3] ^ RK[6]; + } + break; + + case 192: + + for( i = 0; i < 8; i++, RK += 6 ) + { + RK[6] = RK[0] ^ RCON[i] ^ + ( FSb[ (uint8) ( RK[5] >> 16 ) ] << 24 ) ^ + ( FSb[ (uint8) ( RK[5] >> 8 ) ] << 16 ) ^ + ( FSb[ (uint8) ( RK[5] ) ] << 8 ) ^ + ( FSb[ (uint8) ( RK[5] >> 24 ) ] ); + + RK[7] = RK[1] ^ RK[6]; + RK[8] = RK[2] ^ RK[7]; + RK[9] = RK[3] ^ RK[8]; + RK[10] = RK[4] ^ RK[9]; + RK[11] = RK[5] ^ RK[10]; + } + break; + + case 256: + + for( i = 0; i < 7; i++, RK += 8 ) + { + RK[8] = RK[0] ^ RCON[i] ^ + ( FSb[ (uint8) ( RK[7] >> 16 ) ] << 24 ) ^ + ( FSb[ (uint8) ( RK[7] >> 8 ) ] << 16 ) ^ + ( FSb[ (uint8) ( RK[7] ) ] << 8 ) ^ + ( FSb[ (uint8) ( RK[7] >> 24 ) ] ); + + RK[9] = RK[1] ^ RK[8]; + RK[10] = RK[2] ^ RK[9]; + RK[11] = RK[3] ^ RK[10]; + + RK[12] = RK[4] ^ + ( FSb[ (uint8) ( RK[11] >> 24 ) ] << 24 ) ^ + ( FSb[ (uint8) ( RK[11] >> 16 ) ] << 16 ) ^ + ( FSb[ (uint8) ( RK[11] >> 8 ) ] << 8 ) ^ + ( FSb[ (uint8) ( RK[11] ) ] ); + + RK[13] = RK[5] ^ RK[12]; + RK[14] = RK[6] ^ RK[13]; + RK[15] = RK[7] ^ RK[14]; + } + break; + } + + /* setup decryption round keys */ + + if( KT_init ) + { + for( i = 0; i < 256; i++ ) + { + KT0[i] = RT0[ FSb[i] ]; + KT1[i] = RT1[ FSb[i] ]; + KT2[i] = RT2[ FSb[i] ]; + KT3[i] = RT3[ FSb[i] ]; + } + + KT_init = 0; + } + + SK = ctx->drk; + + *SK++ = *RK++; + *SK++ = *RK++; + *SK++ = *RK++; + *SK++ = *RK++; + + for( i = 1; i < ctx->nr; i++ ) + { + RK -= 8; + + *SK++ = KT0[ (uint8) ( *RK >> 24 ) ] ^ + KT1[ (uint8) ( *RK >> 16 ) ] ^ + KT2[ (uint8) ( *RK >> 8 ) ] ^ + KT3[ (uint8) ( *RK ) ]; RK++; + + *SK++ = KT0[ (uint8) ( *RK >> 24 ) ] ^ + KT1[ (uint8) ( *RK >> 16 ) ] ^ + KT2[ (uint8) ( *RK >> 8 ) ] ^ + KT3[ (uint8) ( *RK ) ]; RK++; + + *SK++ = KT0[ (uint8) ( *RK >> 24 ) ] ^ + KT1[ (uint8) ( *RK >> 16 ) ] ^ + KT2[ (uint8) ( *RK >> 8 ) ] ^ + KT3[ (uint8) ( *RK ) ]; RK++; + + *SK++ = KT0[ (uint8) ( *RK >> 24 ) ] ^ + KT1[ (uint8) ( *RK >> 16 ) ] ^ + KT2[ (uint8) ( *RK >> 8 ) ] ^ + KT3[ (uint8) ( *RK ) ]; RK++; + } + + RK -= 8; + + *SK++ = *RK++; + *SK++ = *RK++; + *SK++ = *RK++; + *SK++ = *RK++; + + return( 0 ); +} + +/* AES 128-bit block encryption routine */ + +void aes_encrypt( aes_context *ctx, uint8 input[16], uint8 output[16] ) +{ + uint32 *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; + + RK = ctx->erk; + + GET_UINT32( X0, input, 0 ); X0 ^= RK[0]; + GET_UINT32( X1, input, 4 ); X1 ^= RK[1]; + GET_UINT32( X2, input, 8 ); X2 ^= RK[2]; + GET_UINT32( X3, input, 12 ); X3 ^= RK[3]; + +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +{ \ + RK += 4; \ + \ + X0 = RK[0] ^ FT0[ (uint8) ( Y0 >> 24 ) ] ^ \ + FT1[ (uint8) ( Y1 >> 16 ) ] ^ \ + FT2[ (uint8) ( Y2 >> 8 ) ] ^ \ + FT3[ (uint8) ( Y3 ) ]; \ + \ + X1 = RK[1] ^ FT0[ (uint8) ( Y1 >> 24 ) ] ^ \ + FT1[ (uint8) ( Y2 >> 16 ) ] ^ \ + FT2[ (uint8) ( Y3 >> 8 ) ] ^ \ + FT3[ (uint8) ( Y0 ) ]; \ + \ + X2 = RK[2] ^ FT0[ (uint8) ( Y2 >> 24 ) ] ^ \ + FT1[ (uint8) ( Y3 >> 16 ) ] ^ \ + FT2[ (uint8) ( Y0 >> 8 ) ] ^ \ + FT3[ (uint8) ( Y1 ) ]; \ + \ + X3 = RK[3] ^ FT0[ (uint8) ( Y3 >> 24 ) ] ^ \ + FT1[ (uint8) ( Y0 >> 16 ) ] ^ \ + FT2[ (uint8) ( Y1 >> 8 ) ] ^ \ + FT3[ (uint8) ( Y2 ) ]; \ +} + + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 1 */ + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 2 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 3 */ + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 4 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 5 */ + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 6 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 7 */ + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 8 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 9 */ + + if( ctx->nr > 10 ) + { + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 10 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 11 */ + } + + if( ctx->nr > 12 ) + { + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 12 */ + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 13 */ + } + + /* last round */ + + RK += 4; + + X0 = RK[0] ^ ( FSb[ (uint8) ( Y0 >> 24 ) ] << 24 ) ^ + ( FSb[ (uint8) ( Y1 >> 16 ) ] << 16 ) ^ + ( FSb[ (uint8) ( Y2 >> 8 ) ] << 8 ) ^ + ( FSb[ (uint8) ( Y3 ) ] ); + + X1 = RK[1] ^ ( FSb[ (uint8) ( Y1 >> 24 ) ] << 24 ) ^ + ( FSb[ (uint8) ( Y2 >> 16 ) ] << 16 ) ^ + ( FSb[ (uint8) ( Y3 >> 8 ) ] << 8 ) ^ + ( FSb[ (uint8) ( Y0 ) ] ); + + X2 = RK[2] ^ ( FSb[ (uint8) ( Y2 >> 24 ) ] << 24 ) ^ + ( FSb[ (uint8) ( Y3 >> 16 ) ] << 16 ) ^ + ( FSb[ (uint8) ( Y0 >> 8 ) ] << 8 ) ^ + ( FSb[ (uint8) ( Y1 ) ] ); + + X3 = RK[3] ^ ( FSb[ (uint8) ( Y3 >> 24 ) ] << 24 ) ^ + ( FSb[ (uint8) ( Y0 >> 16 ) ] << 16 ) ^ + ( FSb[ (uint8) ( Y1 >> 8 ) ] << 8 ) ^ + ( FSb[ (uint8) ( Y2 ) ] ); + + PUT_UINT32( X0, output, 0 ); + PUT_UINT32( X1, output, 4 ); + PUT_UINT32( X2, output, 8 ); + PUT_UINT32( X3, output, 12 ); +} + +/* AES 128-bit block decryption routine */ + +void aes_decrypt( aes_context *ctx, uint8 input[16], uint8 output[16] ) +{ + uint32 *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; + + RK = ctx->drk; + + GET_UINT32( X0, input, 0 ); X0 ^= RK[0]; + GET_UINT32( X1, input, 4 ); X1 ^= RK[1]; + GET_UINT32( X2, input, 8 ); X2 ^= RK[2]; + GET_UINT32( X3, input, 12 ); X3 ^= RK[3]; + +#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +{ \ + RK += 4; \ + \ + X0 = RK[0] ^ RT0[ (uint8) ( Y0 >> 24 ) ] ^ \ + RT1[ (uint8) ( Y3 >> 16 ) ] ^ \ + RT2[ (uint8) ( Y2 >> 8 ) ] ^ \ + RT3[ (uint8) ( Y1 ) ]; \ + \ + X1 = RK[1] ^ RT0[ (uint8) ( Y1 >> 24 ) ] ^ \ + RT1[ (uint8) ( Y0 >> 16 ) ] ^ \ + RT2[ (uint8) ( Y3 >> 8 ) ] ^ \ + RT3[ (uint8) ( Y2 ) ]; \ + \ + X2 = RK[2] ^ RT0[ (uint8) ( Y2 >> 24 ) ] ^ \ + RT1[ (uint8) ( Y1 >> 16 ) ] ^ \ + RT2[ (uint8) ( Y0 >> 8 ) ] ^ \ + RT3[ (uint8) ( Y3 ) ]; \ + \ + X3 = RK[3] ^ RT0[ (uint8) ( Y3 >> 24 ) ] ^ \ + RT1[ (uint8) ( Y2 >> 16 ) ] ^ \ + RT2[ (uint8) ( Y1 >> 8 ) ] ^ \ + RT3[ (uint8) ( Y0 ) ]; \ +} + + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 1 */ + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 2 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 3 */ + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 4 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 5 */ + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 6 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 7 */ + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 8 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 9 */ + + if( ctx->nr > 10 ) + { + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 10 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 11 */ + } + + if( ctx->nr > 12 ) + { + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 12 */ + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 13 */ + } + + /* last round */ + + RK += 4; + + X0 = RK[0] ^ ( RSb[ (uint8) ( Y0 >> 24 ) ] << 24 ) ^ + ( RSb[ (uint8) ( Y3 >> 16 ) ] << 16 ) ^ + ( RSb[ (uint8) ( Y2 >> 8 ) ] << 8 ) ^ + ( RSb[ (uint8) ( Y1 ) ] ); + + X1 = RK[1] ^ ( RSb[ (uint8) ( Y1 >> 24 ) ] << 24 ) ^ + ( RSb[ (uint8) ( Y0 >> 16 ) ] << 16 ) ^ + ( RSb[ (uint8) ( Y3 >> 8 ) ] << 8 ) ^ + ( RSb[ (uint8) ( Y2 ) ] ); + + X2 = RK[2] ^ ( RSb[ (uint8) ( Y2 >> 24 ) ] << 24 ) ^ + ( RSb[ (uint8) ( Y1 >> 16 ) ] << 16 ) ^ + ( RSb[ (uint8) ( Y0 >> 8 ) ] << 8 ) ^ + ( RSb[ (uint8) ( Y3 ) ] ); + + X3 = RK[3] ^ ( RSb[ (uint8) ( Y3 >> 24 ) ] << 24 ) ^ + ( RSb[ (uint8) ( Y2 >> 16 ) ] << 16 ) ^ + ( RSb[ (uint8) ( Y1 >> 8 ) ] << 8 ) ^ + ( RSb[ (uint8) ( Y0 ) ] ); + + PUT_UINT32( X0, output, 0 ); + PUT_UINT32( X1, output, 4 ); + PUT_UINT32( X2, output, 8 ); + PUT_UINT32( X3, output, 12 ); +} + +#ifdef TEST + +#include <string.h> +#include <stdio.h> + +/* + * Rijndael Monte Carlo Test: ECB mode + * source: NIST - rijndael-vals.zip + */ + +static unsigned char AES_enc_test[3][16] = +{ + { 0xA0, 0x43, 0x77, 0xAB, 0xE2, 0x59, 0xB0, 0xD0, + 0xB5, 0xBA, 0x2D, 0x40, 0xA5, 0x01, 0x97, 0x1B }, + { 0x4E, 0x46, 0xF8, 0xC5, 0x09, 0x2B, 0x29, 0xE2, + 0x9A, 0x97, 0x1A, 0x0C, 0xD1, 0xF6, 0x10, 0xFB }, + { 0x1F, 0x67, 0x63, 0xDF, 0x80, 0x7A, 0x7E, 0x70, + 0x96, 0x0D, 0x4C, 0xD3, 0x11, 0x8E, 0x60, 0x1A } +}; + +static unsigned char AES_dec_test[3][16] = +{ + { 0xF5, 0xBF, 0x8B, 0x37, 0x13, 0x6F, 0x2E, 0x1F, + 0x6B, 0xEC, 0x6F, 0x57, 0x20, 0x21, 0xE3, 0xBA }, + { 0xF1, 0xA8, 0x1B, 0x68, 0xF6, 0xE5, 0xA6, 0x27, + 0x1A, 0x8C, 0xB2, 0x4E, 0x7D, 0x94, 0x91, 0xEF }, + { 0x4D, 0xE0, 0xC6, 0xDF, 0x7C, 0xB1, 0x69, 0x72, + 0x84, 0x60, 0x4D, 0x60, 0x27, 0x1B, 0xC5, 0x9A } +}; + +int main( void ) +{ + int m, n, i, j; + aes_context ctx; + unsigned char buf[16]; + unsigned char key[32]; + + for( m = 0; m < 2; m++ ) + { + printf( "\n Rijndael Monte Carlo Test (ECB mode) - " ); + + if( m == 0 ) printf( "encryption\n\n" ); + if( m == 1 ) printf( "decryption\n\n" ); + + for( n = 0; n < 3; n++ ) + { + printf( " Test %d, key size = %3d bits: ", + n + 1, 128 + n * 64 ); + + fflush( stdout ); + + memset( buf, 0, 16 ); + memset( key, 0, 16 + n * 8 ); + + for( i = 0; i < 400; i++ ) + { + aes_set_key( &ctx, key, 128 + n * 64 ); + + for( j = 0; j < 9999; j++ ) + { + if( m == 0 ) aes_encrypt( &ctx, buf, buf ); + if( m == 1 ) aes_decrypt( &ctx, buf, buf ); + } + + if( n > 0 ) + { + for( j = 0; j < (n << 3); j++ ) + { + key[j] ^= buf[j + 16 - (n << 3)]; + } + } + + if( m == 0 ) aes_encrypt( &ctx, buf, buf ); + if( m == 1 ) aes_decrypt( &ctx, buf, buf ); + + for( j = 0; j < 16; j++ ) + { + key[j + (n << 3)] ^= buf[j]; + } + } + + if( ( m == 0 && memcmp( buf, AES_enc_test[n], 16 ) != 0 ) || + ( m == 1 && memcmp( buf, AES_dec_test[n], 16 ) != 0 ) ) + { + printf( "failed!\n" ); + return( 1 ); + } + + printf( "passed.\n" ); + } + } + + printf( "\n" ); + + return( 0 ); +} + +#endif + diff --git a/comm/third_party/libotr/toolkit/aes.h b/comm/third_party/libotr/toolkit/aes.h new file mode 100644 index 0000000000..67bd4237a2 --- /dev/null +++ b/comm/third_party/libotr/toolkit/aes.h @@ -0,0 +1,26 @@ +/* Retrieved from http://www.cr0.net:8040/code/crypto/aes/aes.h */ + +#ifndef _AES_H +#define _AES_H + +#ifndef uint8 +#define uint8 unsigned char +#endif + +#ifndef uint32 +#define uint32 unsigned long int +#endif + +typedef struct +{ + uint32 erk[64]; /* encryption round keys */ + uint32 drk[64]; /* decryption round keys */ + int nr; /* number of rounds */ +} +aes_context; + +int aes_set_key( aes_context *ctx, uint8 *key, int nbits ); +void aes_encrypt( aes_context *ctx, uint8 input[16], uint8 output[16] ); +void aes_decrypt( aes_context *ctx, uint8 input[16], uint8 output[16] ); + +#endif /* aes.h */ diff --git a/comm/third_party/libotr/toolkit/ctrmode.c b/comm/third_party/libotr/toolkit/ctrmode.c new file mode 100644 index 0000000000..987f29c20f --- /dev/null +++ b/comm/third_party/libotr/toolkit/ctrmode.c @@ -0,0 +1,60 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdlib.h> +#include <string.h> + +/* toolkit headers */ +#include "aes.h" + +/* Encrypt or decrypt data in AES-CTR mode. (The operations are the + * same.) We roll our own here just to double-check that the calls + * libotr makes to libgcrypt are doing the right thing. */ +void aes_ctr_crypt(unsigned char *out, const unsigned char *in, size_t len, + unsigned char key[16], unsigned char ctrtop[8]) +{ + unsigned char ctr[16], encctr[16]; + aes_context aesc; + + aes_set_key(&aesc, key, 128); + + memmove(ctr, ctrtop, 8); + memset(ctr+8, 0, 8); + + while(len > 0) { + /* How much to do at a time? */ + size_t i; + size_t amt = len; + if (amt > 16) amt = 16; + aes_encrypt(&aesc, ctr, encctr); + for(i=0;i<amt;++i) { + out[i] = in[i] ^ encctr[i]; + } + + /* Increment the counter */ + for (i=16;i>0;--i) { + if (++ctr[i-1] != 0) break; + } + + out += amt; + in += amt; + len -= amt; + } +} diff --git a/comm/third_party/libotr/toolkit/ctrmode.h b/comm/third_party/libotr/toolkit/ctrmode.h new file mode 100644 index 0000000000..6ef648fd5a --- /dev/null +++ b/comm/third_party/libotr/toolkit/ctrmode.h @@ -0,0 +1,29 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __CTRMODE_H__ +#define __CTRMODE_H__ + +/* Encrypt or decrypt data in AES-CTR mode. (The operations are the + * same.) We roll our own here just to double-check that the calls + * libotr makes to libgcrypt are doing the right thing. */ +void aes_ctr_crypt(unsigned char *out, const unsigned char *in, size_t len, + unsigned char key[16], unsigned char ctrtop[8]); + +#endif diff --git a/comm/third_party/libotr/toolkit/otr_mackey.c b/comm/third_party/libotr/toolkit/otr_mackey.c new file mode 100644 index 0000000000..cf2b4eb6e1 --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_mackey.c @@ -0,0 +1,65 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* toolkit headers */ +#include "parse.h" +#include "sesskeys.h" + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s aeskey\n" +"Calculate and display the MAC key derived from a given AES key.\n", + progname); + exit(1); +} + +int main(int argc, char **argv) +{ + unsigned char *argbuf; + size_t argbuflen; + unsigned char mackey[20]; + + if (argc != 2) { + usage(argv[0]); + } + + argv_to_buf(&argbuf, &argbuflen, argv[1]); + /* AES keys are 128 bits long, so check for that */ + if (!argbuf) { + usage(argv[0]); + } + + if (argbuflen != 16) { + fprintf(stderr, "The AES key must be 32 hex chars long.\n"); + usage(argv[0]); + } + + sesskeys_make_mac(mackey, argbuf); + + dump_data(stdout, "AES key", argbuf, 16); + dump_data(stdout, "MAC key", mackey, 20); + + free(argbuf); + fflush(stdout); + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_modify.c b/comm/third_party/libotr/toolkit/otr_modify.c new file mode 100644 index 0000000000..8257b511e1 --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_modify.c @@ -0,0 +1,126 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libotr headers */ +#include "proto.h" + +/* toolkit headers */ +#include "readotr.h" +#include "parse.h" +#include "sha1hmac.h" + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s mackey old_text new_text offset\n" +"Read an OTR Data Message from stdin. Even if we can't read the\n" +"data because we don't know either the AES key or the DH privkey,\n" +"but we can make a good guess that the substring \"old_text\"\n" +"appears at the given offset in the message, replace the old_text\n" +"with the new_text (which must be of the same length), recalculate\n" +"the MAC with the given mackey, and output the resulting Data message.\n", + progname); + exit(1); +} + +int main(int argc, char **argv) +{ + unsigned char *mackey; + size_t mackeylen; + unsigned char macval[20]; + char *otrmsg = NULL; + DataMsg datamsg; + size_t textlen; + unsigned int offset; + const unsigned char *old_text, *new_text; + char *newdatamsg; + size_t i; + + if (argc != 5) { + usage(argv[0]); + } + + argv_to_buf(&mackey, &mackeylen, argv[1]); + if (!mackey) { + usage(argv[0]); + } + + if (mackeylen != 20) { + fprintf(stderr, "The MAC key must be 40 hex chars long.\n"); + usage(argv[0]); + } + + textlen = strlen(argv[2]); + if (textlen != strlen(argv[3])) { + fprintf(stderr, "The old_text and new_text must be of the same " + "length.\n"); + usage(argv[0]); + } + old_text = (const unsigned char *)argv[2]; + new_text = (const unsigned char *)argv[3]; + + if (sscanf(argv[4], "%u", &offset) != 1) { + fprintf(stderr, "Unparseable offset given.\n"); + usage(argv[0]); + } + + otrmsg = readotr(stdin); + if (otrmsg == NULL) { + fprintf(stderr, "No OTR Data Message found on stdin.\n"); + exit(1); + } + + if (otrl_proto_message_type(otrmsg) != OTRL_MSGTYPE_DATA) { + fprintf(stderr, "OTR Non-Data Message found on stdin.\n"); + exit(1); + } + + datamsg = parse_datamsg(otrmsg); + free(otrmsg); + if (datamsg == NULL) { + fprintf(stderr, "Invalid OTR Data Message found on stdin.\n"); + exit(1); + } + + /* Check the MAC */ + sha1hmac(macval, mackey, datamsg->macstart, + datamsg->macend - datamsg->macstart); + if (memcmp(macval, datamsg->mac, 20)) { + fprintf(stderr, "MAC does not verify: wrong MAC key?\n"); + exit(1); + } + + /* Modify the ciphertext */ + for(i=0; i<textlen && offset+i < datamsg->encmsglen; ++i) { + datamsg->encmsg[offset+i] ^= (old_text[i] ^ new_text[i]); + } + + /* Recalculate the MAC */ + newdatamsg = remac_datamsg(datamsg, mackey); + printf("%s\n", newdatamsg); + free(newdatamsg); + + free_datamsg(datamsg); + free(mackey); + fflush(stdout); + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_parse.c b/comm/third_party/libotr/toolkit/otr_parse.c new file mode 100644 index 0000000000..e791835413 --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_parse.c @@ -0,0 +1,224 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Rob Smits, Chris Alexander, + * Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libotr headers */ +#include "proto.h" + +/* toolkit headers */ +#include "readotr.h" +#include "parse.h" + +static void parse(const char *msg) +{ + OtrlMessageType mtype = otrl_proto_message_type(msg); + CommitMsg cmsg; + KeyMsg kmsg; + RevealSigMsg rmsg; + SignatureMsg smsg; + KeyExchMsg keyexch; + DataMsg datamsg; + + switch(mtype) { + case OTRL_MSGTYPE_QUERY: + printf("OTR Query:\n\t%s\n\n", msg); + break; + case OTRL_MSGTYPE_DH_COMMIT: + cmsg = parse_commit(msg); + if (!cmsg) { + printf("Invalid D-H Commit Message\n\n"); + break; + } + + printf("D-H Commit Message:\n"); + + dump_data(stdout, "\tVersion", &(cmsg->version), 1); + if (cmsg->version == 3) { + dump_int(stdout, "\tSender instance", cmsg->sender_instance); + dump_int(stdout, "\tReceiver instance", + cmsg->receiver_instance); + } + dump_data(stdout, "\tEncrypted Key", cmsg->enckey, + cmsg->enckeylen); + dump_data(stdout, "\tHashed Key", cmsg->hashkey, + cmsg->hashkeylen); + printf("\n"); + free_commit(cmsg); + break; + case OTRL_MSGTYPE_DH_KEY: + kmsg = parse_key(msg); + if (!kmsg) { + printf("Invalid D-H Key Message\n\n"); + break; + } + printf("D-H Key Message:\n"); + dump_data(stdout, "\tVersion", &(kmsg->version), 1); + if (kmsg->version == 3) { + dump_int(stdout, "\tSender instance", kmsg->sender_instance); + dump_int(stdout, "\tReceiver instance", + kmsg->receiver_instance); + } + dump_mpi(stdout, "\tD-H Key", kmsg->y); + printf("\n"); + free_key(kmsg); + break; + case OTRL_MSGTYPE_REVEALSIG: + rmsg = parse_revealsig(msg); + if (!rmsg) { + printf("Invalid Reveal Signature Message\n\n"); + break; + } + printf("Reveal Signature Message:\n"); + dump_data(stdout, "\tVersion", &(rmsg->version), 1); + if (rmsg->version == 3) { + dump_int(stdout, "\tSender instance", rmsg->sender_instance); + dump_int(stdout, "\tReceiver instance", + rmsg->receiver_instance); + } + dump_data(stdout, "\tKey", rmsg->key, rmsg->keylen); + dump_data(stdout, "\tEncrypted Signature", + rmsg->encsig, rmsg->encsiglen); + dump_data(stdout, "\tMAC", rmsg->mac, 20); + printf("\n"); + free_revealsig(rmsg); + break; + case OTRL_MSGTYPE_SIGNATURE: + smsg = parse_signature(msg); + if (!smsg) { + printf("Invalid Signature Message\n\n"); + break; + } + printf("Signature Message:\n"); + dump_data(stdout, "\tVersion", &(smsg->version), 1); + if (smsg->version == 3) { + dump_int(stdout, "\tSender instance", smsg->sender_instance); + dump_int(stdout, "\tReceiver instance", + smsg->receiver_instance); + } + dump_data(stdout, "\tEncrypted Signature", + smsg->encsig, smsg->encsiglen); + dump_data(stdout, "\tMAC", smsg->mac, 20); + printf("\n"); + free_signature(smsg); + break; + case OTRL_MSGTYPE_V1_KEYEXCH: + keyexch = parse_keyexch(msg); + if (!keyexch) { + printf("Invalid Key Exchange Message\n\n"); + break; + } + printf("Key Exchange Message:\n"); + dump_int(stdout, "\tReply", keyexch->reply); + dump_mpi(stdout, "\tDSA p", keyexch->p); + dump_mpi(stdout, "\tDSA q", keyexch->q); + dump_mpi(stdout, "\tDSA g", keyexch->g); + dump_mpi(stdout, "\tDSA e", keyexch->e); + dump_int(stdout, "\tKeyID", keyexch->keyid); + dump_mpi(stdout, "\tDH y", keyexch->y); + dump_mpi(stdout, "\tSIG r", keyexch->r); + dump_mpi(stdout, "\tSIG s", keyexch->s); + printf("\n"); + free_keyexch(keyexch); + break; + case OTRL_MSGTYPE_DATA: + datamsg = parse_datamsg(msg); + if (!datamsg) { + printf("Invalid Data Message\n\n"); + break; + } + printf("Data Message:\n"); + + dump_data(stdout, "\tVersion", &(datamsg->version), 1); + if (datamsg->flags >= 0) { + dump_int(stdout, "\tFlags", datamsg->flags); + } + + if (datamsg->version == 3) { + dump_int(stdout, "\tSender instance", datamsg->sender_instance); + dump_int(stdout, "\tReceiver instance", + datamsg->receiver_instance); + } + + dump_int(stdout, "\tSender keyid", datamsg->sender_keyid); + dump_int(stdout, "\tRcpt keyid", datamsg->rcpt_keyid); + dump_mpi(stdout, "\tDH y", datamsg->y); + dump_data(stdout, "\tCounter", datamsg->ctr, 8); + dump_data(stdout, "\tEncrypted message", datamsg->encmsg, + datamsg->encmsglen); + dump_data(stdout, "\tMAC", datamsg->mac, 20); + if (datamsg->mackeyslen > 0) { + size_t len = datamsg->mackeyslen; + unsigned char *mks = datamsg->mackeys; + unsigned int i = 0; + printf("\tRevealed MAC keys:\n"); + + while(len > 19) { + char title[20]; + sprintf(title, "\t\tKey %u", ++i); + dump_data(stdout, title, mks, 20); + mks += 20; len -= 20; + } + } + + printf("\n"); + free_datamsg(datamsg); + break; + case OTRL_MSGTYPE_ERROR: + printf("OTR Error:\n\t%s\n\n", msg); + break; + case OTRL_MSGTYPE_TAGGEDPLAINTEXT: + printf("Tagged plaintext message:\n\t%s\n\n", msg); + break; + case OTRL_MSGTYPE_NOTOTR: + printf("Not an OTR message:\n\t%s\n\n", msg); + break; + case OTRL_MSGTYPE_UNKNOWN: + printf("Unrecognized OTR message:\n\t%s\n\n", msg); + break; + } + fflush(stdout); +} + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s\n" +"Read Off-the-Record (OTR) Key Exchange and/or Data messages from stdin\n" +"and display their contents in a more readable format.\n", progname); + exit(1); +} + +int main(int argc, char **argv) +{ + char *otrmsg = NULL; + + if (argc != 1) { + usage(argv[0]); + } + + while ((otrmsg = readotr(stdin)) != NULL) { + parse(otrmsg); + free(otrmsg); + } + + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_readforge.c b/comm/third_party/libotr/toolkit/otr_readforge.c new file mode 100644 index 0000000000..733f2212fb --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_readforge.c @@ -0,0 +1,133 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libotr headers */ +#include "proto.h" + +/* toolkit headers */ +#include "readotr.h" +#include "parse.h" +#include "sesskeys.h" +#include "sha1hmac.h" +#include "ctrmode.h" + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s aeskey [new_message]\n" +"Read an OTR Data Message from stdin. Use the given AES key to\n" +"verify its MAC and decrypt the message to stdout. If new_message\n" +"is given, output a new OTR Data Message with the same fields as the\n" +"original, but with the message replaced by new_message\n", progname); + exit(1); +} + +int main(int argc, char **argv) +{ + unsigned char *aeskey; + unsigned char mackey[20]; + unsigned char macval[20]; + size_t aeskeylen; + unsigned char *plaintext, *ciphertext; + char *otrmsg = NULL; + DataMsg datamsg; + + if (argc != 2 && argc != 3) { + usage(argv[0]); + } + + argv_to_buf(&aeskey, &aeskeylen, argv[1]); + if (!aeskey) { + usage(argv[0]); + } + + if (aeskeylen != 16) { + fprintf(stderr, "The AES key must be 32 hex chars long.\n"); + usage(argv[0]); + } + + otrmsg = readotr(stdin); + if (otrmsg == NULL) { + fprintf(stderr, "No OTR Data Message found on stdin.\n"); + exit(1); + } + + if (otrl_proto_message_type(otrmsg) != OTRL_MSGTYPE_DATA) { + fprintf(stderr, "OTR Non-Data Message found on stdin.\n"); + exit(1); + } + + datamsg = parse_datamsg(otrmsg); + free(otrmsg); + if (datamsg == NULL) { + fprintf(stderr, "Invalid OTR Data Message found on stdin.\n"); + exit(1); + } + + /* Create the MAC key */ + sesskeys_make_mac(mackey, aeskey); + + /* Check the MAC */ + sha1hmac(macval, mackey, datamsg->macstart, + datamsg->macend - datamsg->macstart); + if (memcmp(macval, datamsg->mac, 20)) { + fprintf(stderr, "MAC does not verify: wrong AES key?\n"); + } else { + /* Decrypt the message */ + plaintext = malloc(datamsg->encmsglen+1); + if (!plaintext) { + fprintf(stderr, "Out of memory!\n"); + exit(1); + } + aes_ctr_crypt(plaintext, datamsg->encmsg, datamsg->encmsglen, + aeskey, datamsg->ctr); + plaintext[datamsg->encmsglen] = '\0'; + printf("Plaintext: ``%s''\n", plaintext); + free(plaintext); + } + + /* Do we want to forge a message? */ + if (argv[2] != NULL) { + char *newdatamsg; + size_t newlen = strlen(argv[2]); + ciphertext = malloc(newlen); + if (!ciphertext && newlen > 0) { + fprintf(stderr, "Out of memory!\n"); + exit(1); + } + aes_ctr_crypt(ciphertext, (const unsigned char *)argv[2], newlen, + aeskey, datamsg->ctr); + free(datamsg->encmsg); + datamsg->encmsg = ciphertext; + datamsg->encmsglen = newlen; + + newdatamsg = remac_datamsg(datamsg, mackey); + + printf("%s\n", newdatamsg); + free(newdatamsg); + } + + free_datamsg(datamsg); + free(aeskey); + fflush(stdout); + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_remac.c b/comm/third_party/libotr/toolkit/otr_remac.c new file mode 100644 index 0000000000..1567eeb929 --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_remac.c @@ -0,0 +1,143 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Rob Smits, Chris Alexander, + * Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libgcrypt headers */ +#include <gcrypt.h> + +/* toolkit headers */ +#include "parse.h" +#include "sha1hmac.h" + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s mackey sender_instance receiver_instance " + "flags snd_keyid rcp_keyid pubkey counter encdata revealed_mackeys\n" +"Make a new Data message, with the given pieces (note that the\n" +"data part is already encrypted). MAC it with the given mackey.\n" +"mackey, pubkey, counter, encdata, and revealed_mackeys are given\n" +"as strings of hex chars. snd_keyid and rcp_keyid are decimal integers.\n", + progname); + exit(1); +} + +int main(int argc, char **argv) +{ + unsigned char *mackey; + size_t mackeylen; + unsigned int snd_keyid, rcp_keyid; + int flags; + unsigned char version = 3; + unsigned int sender_instance; + unsigned int receiver_instance; + unsigned char *pubkey; + size_t pubkeylen; + gcry_mpi_t pubv; + unsigned char *ctr; + size_t ctrlen; + unsigned char *encdata; + size_t encdatalen; + unsigned char *mackeys; + size_t mackeyslen; + char *newdatamsg; + + if (argc != 11) { + usage(argv[0]); + } + + argv_to_buf(&mackey, &mackeylen, argv[1]); + if (!mackey) { + usage(argv[0]); + } + + if (mackeylen != 20) { + fprintf(stderr, "The MAC key must be 40 hex chars long.\n"); + usage(argv[0]); + } + + if (sscanf(argv[2], "%u", &sender_instance) != 1) { + fprintf(stderr, "Unparseable sender_instance given.\n"); + usage(argv[0]); + } + + if (sscanf(argv[3], "%u", &receiver_instance) != 1) { + fprintf(stderr, "Unparseable receiver_instance given.\n"); + usage(argv[0]); + } + + if (sscanf(argv[4], "%d", &flags) != 1) { + fprintf(stderr, "Unparseable flags given.\n"); + usage(argv[0]); + } + + if (sscanf(argv[5], "%u", &snd_keyid) != 1) { + fprintf(stderr, "Unparseable snd_keyid given.\n"); + usage(argv[0]); + } + + if (sscanf(argv[6], "%u", &rcp_keyid) != 1) { + fprintf(stderr, "Unparseable rcp_keyid given.\n"); + usage(argv[0]); + } + + argv_to_buf(&pubkey, &pubkeylen, argv[7]); + if (!pubkey) { + usage(argv[0]); + } + gcry_mpi_scan(&pubv, GCRYMPI_FMT_USG, pubkey, pubkeylen, NULL); + free(pubkey); + + argv_to_buf(&ctr, &ctrlen, argv[8]); + if (!ctr) { + usage(argv[0]); + } + + if (ctrlen != 8) { + fprintf(stderr, "The counter must be 16 hex chars long.\n"); + usage(argv[0]); + } + + argv_to_buf(&encdata, &encdatalen, argv[9]); + if (!encdata) { + usage(argv[0]); + } + + argv_to_buf(&mackeys, &mackeyslen, argv[10]); + if (!mackeys) { + usage(argv[0]); + } + + newdatamsg = assemble_datamsg(mackey, version, sender_instance, + receiver_instance, flags, snd_keyid, rcp_keyid, pubv, ctr, encdata, + encdatalen, mackeys, mackeyslen); + printf("%s\n", newdatamsg); + free(newdatamsg); + + free(mackey); + gcry_mpi_release(pubv); + free(ctr); + free(encdata); + free(mackeys); + fflush(stdout); + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_sesskeys.c b/comm/third_party/libotr/toolkit/otr_sesskeys.c new file mode 100644 index 0000000000..227d18ffee --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_sesskeys.c @@ -0,0 +1,92 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* toolkit headers */ +#include "parse.h" +#include "sesskeys.h" + +static void usage(const char *progname) +{ + fprintf(stderr, "Usage: %s our_privkey their_pubkey\n" +"Calculate and display our public key, the session id, two AES keys,\n" +"and two MAC keys generated by the given DH private key and public key.\n", + progname); + exit(1); +} + +int main(int argc, char **argv) +{ + unsigned char *argbuf; + size_t argbuflen; + gcry_mpi_t our_x, our_y, their_y; + unsigned char *pubbuf; + size_t publen; + unsigned char sessionid[20], sendenc[16], rcvenc[16]; + unsigned char sendmac[20], rcvmac[20]; + int is_high; + + if (argc != 3) { + usage(argv[0]); + } + + argv_to_buf(&argbuf, &argbuflen, argv[1]); + /* Private keys are only 320 bits long, so check for that to make + * sure they didn't get the args the wrong way around */ + if (!argbuf || argbuflen > 40) usage(argv[0]); + gcry_mpi_scan(&our_x, GCRYMPI_FMT_USG, argbuf, argbuflen, NULL); + free(argbuf); + argv_to_buf(&argbuf, &argbuflen, argv[2]); + if (!argbuf) usage(argv[0]); + gcry_mpi_scan(&their_y, GCRYMPI_FMT_USG, argbuf, argbuflen, NULL); + free(argbuf); + + sesskeys_gen(sessionid, sendenc, rcvenc, &is_high, &our_y, our_x, their_y); + sesskeys_make_mac(sendmac, sendenc); + sesskeys_make_mac(rcvmac, rcvenc); + + /* Print our public key into a buffer */ + gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &publen, our_y); + pubbuf = malloc(publen); + if (!pubbuf) { + fprintf(stderr, "Out of memory!\n"); + exit(1); + } + gcry_mpi_print(GCRYMPI_FMT_USG, pubbuf, publen, NULL, our_y); + + puts(""); + printf("We are the %s end of this key exchange.\n", + is_high ? "high" : "low"); + puts(""); + dump_data(stdout, "Our public key", pubbuf, publen); + puts(""); + dump_data(stdout, "Session id", sessionid, 20); + puts(""); + dump_data(stdout, "Sending AES key", sendenc, 16); + dump_data(stdout, "Sending MAC key", sendmac, 20); + dump_data(stdout, "Receiving AES key", rcvenc, 16); + dump_data(stdout, "Receiving MAC key", rcvmac, 20); + puts(""); + fflush(stdout); + + return 0; +} diff --git a/comm/third_party/libotr/toolkit/otr_toolkit.1 b/comm/third_party/libotr/toolkit/otr_toolkit.1 new file mode 100644 index 0000000000..9ded38f61e --- /dev/null +++ b/comm/third_party/libotr/toolkit/otr_toolkit.1 @@ -0,0 +1,110 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH OTR_PARSE 1 "March 14, 2012" +.\" Please adjust this date whenever revising the manpage. +.\" +.\" Some roff macros, for reference: +.\" .nh disable hyphenation +.\" .hy enable hyphenation +.\" .ad l left justify +.\" .ad b justify to both left and right margins +.\" .nf disable filling +.\" .fi enable filling +.\" .br insert line break +.\" .sp <n> insert n+1 empty lines +.\" for manpage-specific macros, see man(7) +.SH NAME +otr_parse, otr_sesskeys, otr_mackey, otr_readforge, otr_modify, otr_remac \- Process Off-the-Record Messaging transcripts +.SH SYNOPSIS +.B otr_parse +.br +.B otr_sesskeys +.I our_privkey their_pubkey +.br +.B otr_mackey +.I aes_enc_key +.br +.B otr_readforge +.I aes_enc_key [newmsg] +.br +.B otr_modify +.I mackey old_text new_text offset +.br +.B otr_remac +.I mackey sender_instance receiver_instance flags snd_keyid rcv_keyid pubkey counter encdata revealed_mackeys +.SH DESCRIPTION +Off-the-Record (OTR) Messaging allows you to have private conversations +over IM by providing: + - Encryption + - No one else can read your instant messages. + - Authentication + - You are assured the correspondent is who you think it is. + - Deniability + - The messages you send do \fInot\fP have digital signatures that are + checkable by a third party. Anyone can forge messages after a + conversation to make them look like they came from you. However, + \fIduring\fP a conversation, your correspondent is assured the messages + he sees are authentic and unmodified. + - Perfect forward secrecy + - If you lose control of your private keys, no previous conversation + is compromised. +.PP +The OTR Toolkit is useful for analyzing and/or +forging OTR messages. Why do we offer this? Primarily, to make +absolutely sure that transcripts of OTR conversations are really easy +to forge after the fact. [Note that \fIduring\fP an OTR conversation, +messages can't be forged without real-time access to the secret keys on +the participants' computers, and in that case, all security has already +been lost.] Easily-forgeable transcripts help us provide the +"Deniability" property: if someone claims you said something over OTR, +they'll have no proof, as anyone at all can modify a transcript to make +it say whatever they like, and still have all the verification come out +correctly. + +Here are the six programs in the toolkit: + + - otr_parse + - Parse OTR messages given on stdin, showing the values of all the + fields in OTR protocol messages. + + - otr_sesskeys our_privkey their_pubkey + - Shows our public key, the session id, two AES and two MAC keys + derived from the given Diffie-Hellman keys (one private, one public). + + - otr_mackey aes_enc_key + - Shows the MAC key derived from the given AES key. + + - otr_readforge aes_enc_key [newmsg] + - Decrypts an OTR Data message using the given AES key, and displays + the message. + - If newmsg is given, replace the message with that one, encrypt + and MAC it properly, and output the resulting OTR Data Message. + This works even if the given key was not correct for the original + message, so as to enable complete forgeries. + + - otr_modify mackey old_text new_text offset + - Even if you can't read the data because you don't know either + the AES key or the Diffie-Hellman private key, but you can make a + good guess that the substring "old_text" appears at the given + offset in the message, replace the old_text with the new_text + (which must be of the same length), recalculate the MAC with the + given mackey, and output the resulting Data message. + - Note that, even if you don't know any text in an existing message, + you can still forge messages of your choice using the + otr_readforge command, above. + + - otr_remac mackey sender_instance receiver_instance flags snd_keyid rcv_keyid pubkey counter encdata revealed_mackeys + - Make a new OTR protocol version 3 Data Message, with the given + pieces (note that the data part is already encrypted). MAC it + with the given mackey. + +.SH SEE ALSO +.BR "Off-the-Record Messaging" , +at +.UR https://www.cypherpunks.ca/otr/ +https://www.cypherpunks.ca/otr/ +.UE +.SH AUTHOR +otr_toolkit was written by the OTR Dev Team <otr@cypherpunks.ca>. diff --git a/comm/third_party/libotr/toolkit/parse.c b/comm/third_party/libotr/toolkit/parse.c new file mode 100644 index 0000000000..aaa0ad59c9 --- /dev/null +++ b/comm/third_party/libotr/toolkit/parse.c @@ -0,0 +1,654 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Rob Smits, Chris Alexander, + * Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libotr headers */ +#include "b64.h" + +/* toolkit headers */ +#include "sha1hmac.h" +#include "parse.h" + +/* Dump an unsigned int to a FILE * */ +void dump_int(FILE *stream, const char *title, unsigned int val) +{ + fprintf(stream, "%s: %u\n", title, val); +} + +/* Dump an mpi to a FILE * */ +void dump_mpi(FILE *stream, const char *title, gcry_mpi_t val) +{ + size_t plen; + unsigned char *d; + + gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &plen, val); + d = malloc(plen); + gcry_mpi_print(GCRYMPI_FMT_USG, d, plen, NULL, val); + dump_data(stream, title, d, plen); + free(d); +} + +/* Dump data to a FILE * */ +void dump_data(FILE *stream, const char *title, const unsigned char *data, + size_t datalen) +{ + size_t i; + fprintf(stream, "%s: ", title); + for(i=0;i<datalen;++i) { + fprintf(stream, "%02x", data[i]); + } + fprintf(stream, "\n"); +} + +/* base64 decode the message, and put the resulting size into *lenp */ +static unsigned char *decode(const char *msg, size_t *lenp) +{ + const char *header, *footer; + unsigned char *raw; + size_t rawlen; + + /* Find the header */ + header = strstr(msg, "?OTR:"); + if (!header) return NULL; + /* Skip the header */ + header += 5; + + /* Find the trailing '.' */ + footer = strchr(header, '.'); + if (!footer) footer = header + strlen(header); + + rawlen = OTRL_B64_MAX_DECODED_SIZE(footer-header); + + raw = malloc(rawlen); + if (raw == NULL && rawlen > 0) return NULL; + *lenp = otrl_base64_decode(raw, header, footer-header); + + return raw; +} + +#define require_len(l) do { if (lenp < (l)) goto inv; } while(0) +#define read_int(x) do { \ + require_len(4); \ + (x) = (((unsigned int)bufp[0]) << 24) | (bufp[1] << 16) | (bufp[2] << 8 ) | bufp[3]; \ + bufp += 4; lenp -= 4; \ + } while(0) +#define read_mpi(x) do { \ + size_t mpilen; \ + read_int(mpilen); \ + require_len(mpilen); \ + gcry_mpi_scan(&(x), GCRYMPI_FMT_USG, bufp, mpilen, NULL); \ + bufp += mpilen; lenp -= mpilen; \ + } while(0) +#define read_raw(b, l) do { \ + if (l) { \ + require_len(l); \ + memmove((b), bufp, (l)); \ + bufp += (l); lenp -= (l); \ + } \ + } while(0) +#define write_int(x) do { \ + bufp[0] = ((x) >> 24) & 0xff; \ + bufp[1] = ((x) >> 16) & 0xff; \ + bufp[2] = ((x) >> 8) & 0xff; \ + bufp[3] = (x) & 0xff; \ + bufp += 4; lenp -= 4; \ + } while(0) +#define write_mpi(x,l) do { \ + write_int(l); \ + gcry_mpi_print(GCRYMPI_FMT_USG, bufp, lenp, NULL, (x)); \ + bufp += (l); lenp -= (l); \ + } while(0) +#define write_raw(x,l) do { \ + memmove(bufp, (x), (l)); \ + bufp += (l); lenp -= (l); \ + } while(0) + +/* Parse a Key Exchange Message into a newly-allocated KeyExchMsg structure */ +KeyExchMsg parse_keyexch(const char *msg) +{ + KeyExchMsg kem = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + if (!raw) goto inv; + + kem = calloc(1, sizeof(struct s_KeyExchMsg)); + if (!kem) { + free(raw); + goto inv; + } + + kem->raw = raw; + kem->sigstart = bufp; + + require_len(3); + if (memcmp(bufp, "\x00\x01\x0a", 3)) goto inv; + bufp += 3; lenp -= 3; + + require_len(1); + kem->reply = *bufp; + bufp += 1; lenp -= 1; + + read_mpi(kem->p); + read_mpi(kem->q); + read_mpi(kem->g); + read_mpi(kem->e); + + read_int(kem->keyid); + + read_mpi(kem->y); + + kem->sigend = bufp; + + require_len(40); + gcry_mpi_scan(&kem->r, GCRYMPI_FMT_USG, bufp, 20, NULL); + gcry_mpi_scan(&kem->s, GCRYMPI_FMT_USG, bufp+20, 20, NULL); + bufp += 40; lenp -= 40; + + if (lenp != 0) goto inv; + + return kem; +inv: + free_keyexch(kem); + return NULL; +} + +/* Deallocate a KeyExchMsg and all of the data it points to */ +void free_keyexch(KeyExchMsg keyexch) +{ + if (!keyexch) return; + free(keyexch->raw); + gcry_mpi_release(keyexch->p); + gcry_mpi_release(keyexch->q); + gcry_mpi_release(keyexch->g); + gcry_mpi_release(keyexch->e); + gcry_mpi_release(keyexch->y); + gcry_mpi_release(keyexch->r); + gcry_mpi_release(keyexch->s); + free(keyexch); +} + +/* Parse a D-H Commit Message into a newly-allocated CommitMsg structure */ +CommitMsg parse_commit(const char *msg) +{ + CommitMsg cmsg = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + if (!raw) goto inv; + + cmsg = calloc(1, sizeof(struct s_CommitMsg)); + if (!cmsg) { + free(raw); + goto inv; + } + + cmsg->raw = raw; + + require_len(3); + + cmsg->version = bufp[1]; + + if (!memcmp(bufp, "\x00\x03\x02", 3)) { + bufp += 3; lenp -= 3; + read_int(cmsg->sender_instance); + read_int(cmsg->receiver_instance); + } else if (!memcmp(bufp, "\x00\x02\x02", 3)) { + bufp += 3; lenp -= 3; + cmsg->sender_instance = 0; + cmsg->receiver_instance = 0; + } else goto inv; + + read_int(cmsg->enckeylen); + cmsg->enckey = malloc(cmsg->enckeylen); + if (!cmsg->enckey && cmsg->enckeylen > 0) goto inv; + read_raw(cmsg->enckey, cmsg->enckeylen); + + read_int(cmsg->hashkeylen); + cmsg->hashkey = malloc(cmsg->hashkeylen); + if (!cmsg->hashkey && cmsg->hashkeylen > 0) goto inv; + read_raw(cmsg->hashkey, cmsg->hashkeylen); + + if (lenp != 0) goto inv; + + return cmsg; +inv: + free_commit(cmsg); + return NULL; +} + +/* Deallocate a CommitMsg and all of the data it points to */ +void free_commit(CommitMsg cmsg) +{ + if (!cmsg) return; + free(cmsg->raw); + free(cmsg->enckey); + free(cmsg->hashkey); + free(cmsg); +} + +/* Parse a D-H Key Message into a newly-allocated KeyMsg structure */ +KeyMsg parse_key(const char *msg) +{ + KeyMsg kmsg = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + if (!raw) goto inv; + + kmsg = calloc(1, sizeof(struct s_KeyMsg)); + if (!kmsg) { + free(raw); + goto inv; + } + + kmsg->raw = raw; + + require_len(3); + + kmsg->version = bufp[1]; + + if (!memcmp(bufp, "\x00\x03\x0a", 3)) { + bufp += 3; lenp -= 3; + read_int(kmsg->sender_instance); + read_int(kmsg->receiver_instance); + } else if (!memcmp(bufp, "\x00\x02\x0a", 3)) { + bufp += 3; lenp -= 3; + kmsg->sender_instance = 0; + kmsg->receiver_instance = 0; + } else goto inv; + + read_mpi(kmsg->y); + + if (lenp != 0) goto inv; + + return kmsg; +inv: + free_key(kmsg); + return NULL; +} + +/* Deallocate a KeyMsg and all of the data it points to */ +void free_key(KeyMsg kmsg) +{ + if (!kmsg) return; + free(kmsg->raw); + gcry_mpi_release(kmsg->y); + free(kmsg); +} + +/* Parse a Reveal Signature Message into a newly-allocated RevealSigMsg + * structure */ +RevealSigMsg parse_revealsig(const char *msg) +{ + RevealSigMsg rmsg = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + if (!raw) goto inv; + + rmsg = calloc(1, sizeof(struct s_RevealSigMsg)); + if (!rmsg) { + free(raw); + goto inv; + } + + rmsg->raw = raw; + + require_len(3); + + rmsg->version = bufp[1]; + + if (!memcmp(bufp, "\x00\x03\x11", 3)) { + bufp += 3; lenp -= 3; + read_int(rmsg->sender_instance); + read_int(rmsg->receiver_instance); + } else if (!memcmp(bufp, "\x00\x02\x11", 3)) { + bufp += 3; lenp -= 3; + rmsg->sender_instance = 0; + rmsg->receiver_instance = 0; + } else goto inv; + + read_int(rmsg->keylen); + rmsg->key = malloc(rmsg->keylen); + if (!rmsg->key && rmsg->keylen > 0) goto inv; + read_raw(rmsg->key, rmsg->keylen); + + read_int(rmsg->encsiglen); + rmsg->encsig = malloc(rmsg->encsiglen); + if (!rmsg->encsig && rmsg->encsiglen > 0) goto inv; + read_raw(rmsg->encsig, rmsg->encsiglen); + + read_raw(rmsg->mac, 20); + + if (lenp != 0) goto inv; + + return rmsg; +inv: + free_revealsig(rmsg); + return NULL; +} + +/* Deallocate a RevealSigMsg and all of the data it points to */ +void free_revealsig(RevealSigMsg rmsg) +{ + if (!rmsg) return; + free(rmsg->raw); + free(rmsg->key); + free(rmsg->encsig); + free(rmsg); +} + +/* Parse a Signature Message into a newly-allocated SignatureMsg structure */ +SignatureMsg parse_signature(const char *msg) +{ + SignatureMsg smsg = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + if (!raw) goto inv; + + smsg = calloc(1, sizeof(struct s_SignatureMsg)); + if (!smsg) { + free(raw); + goto inv; + } + + smsg->raw = raw; + + require_len(3); + + smsg->version = bufp[1]; + + if (!memcmp(bufp, "\x00\x03\x12", 3)) { + bufp += 3; lenp -= 3; + read_int(smsg->sender_instance); + read_int(smsg->receiver_instance); + } else if (!memcmp(bufp, "\x00\x02\x12", 3)) { + bufp += 3; lenp -= 3; + smsg->sender_instance = 0; + smsg->receiver_instance = 0; + } else goto inv; + + read_int(smsg->encsiglen); + smsg->encsig = malloc(smsg->encsiglen); + if (!smsg->encsig && smsg->encsiglen > 0) goto inv; + read_raw(smsg->encsig, smsg->encsiglen); + + read_raw(smsg->mac, 20); + + if (lenp != 0) goto inv; + + return smsg; +inv: + free_signature(smsg); + return NULL; +} + +/* Deallocate a SignatureMsg and all of the data it points to */ +void free_signature(SignatureMsg smsg) +{ + if (!smsg) return; + free(smsg->raw); + free(smsg->encsig); + free(smsg); +} + +/* Parse a Data Message into a newly-allocated DataMsg structure */ +DataMsg parse_datamsg(const char *msg) +{ + DataMsg datam = NULL; + size_t lenp; + unsigned char *raw = decode(msg, &lenp); + unsigned char *bufp = raw; + unsigned char version; + if (!raw) goto inv; + + datam = calloc(1, sizeof(struct s_DataMsg)); + if (!datam) { + free(raw); + goto inv; + } + + datam->raw = raw; + datam->rawlen = lenp; + datam->macstart = bufp; + + require_len(3); + if (memcmp(bufp, "\x00\x01\x03", 3) && memcmp(bufp, "\x00\x03\x03", 3) && + memcmp(bufp, "\x00\x02\x03", 3)) goto inv; + + version = bufp[1]; + + datam->sender_instance = 0; + datam->receiver_instance = 0; + datam->version = version; + datam->flags = -1; + bufp += 3; lenp -= 3; + + if (version == 3) { + read_int(datam->sender_instance); + read_int(datam->receiver_instance); + } + + if (version == 2 || version == 3) { + require_len(1); + datam->flags = bufp[0]; + bufp += 1; lenp -= 1; + } + + read_int(datam->sender_keyid); + read_int(datam->rcpt_keyid); + read_mpi(datam->y); + read_raw(datam->ctr, 8); + read_int(datam->encmsglen); + datam->encmsg = malloc(datam->encmsglen); + if (!datam->encmsg && datam->encmsglen > 0) goto inv; + read_raw(datam->encmsg, datam->encmsglen); + datam->macend = bufp; + read_raw(datam->mac, 20); + read_int(datam->mackeyslen); + datam->mackeys = malloc(datam->mackeyslen); + + if (!datam->mackeys && datam->mackeyslen > 0) goto inv; + + read_raw(datam->mackeys, datam->mackeyslen); + if (lenp != 0) goto inv; + + return datam; +inv: + free_datamsg(datam); + return NULL; +} + +/* Recalculate the MAC on the message, base64-encode the resulting MAC'd + * message, and put on the appropriate header and footer. Return a + * newly-allocated pointer to the result, which the caller will have to + * free(). */ +char *remac_datamsg(DataMsg datamsg, unsigned char mackey[20]) +{ + size_t rawlen, lenp; + size_t ylen; + size_t base64len; + char *outmsg; + unsigned char *raw, *bufp; + unsigned char version = datamsg->version; + + /* Calculate the size of the message that will result */ + gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &ylen, datamsg->y); + rawlen = 3 + (version == 3 ? 8 : 0) + (version == 2 || + version == 3 ? 1 : 0) + 4 + 4 + 4 + ylen + 8 + 4 + + datamsg->encmsglen + 20 + 4 + datamsg->mackeyslen; + + /* Construct the new raw message (note that some of the pieces may + * have been altered, so we construct it from scratch). */ + raw = malloc(rawlen); + if (!raw) { + fprintf(stderr, "Out of memory!\n"); + exit(1); + } + bufp = raw; + lenp = rawlen; + datamsg->macstart = raw; + datamsg->macend = NULL; + free(datamsg->raw); + datamsg->raw = raw; + datamsg->rawlen = rawlen; + + + memmove(bufp, "\x00", 1); + memmove(bufp+1, &version, 1); + memmove(bufp+2, "\x03", 1); + bufp += 3; lenp -= 3; + + if (version == 3) { + write_int(datamsg->sender_instance); + write_int(datamsg->receiver_instance); + } + + if (version == 2 || version == 3) { + bufp[0] = datamsg->flags; + bufp += 1; lenp -= 1; + } + + write_int(datamsg->sender_keyid); + write_int(datamsg->rcpt_keyid); + write_mpi(datamsg->y, ylen); + write_raw(datamsg->ctr, 8); + write_int(datamsg->encmsglen); + write_raw(datamsg->encmsg, datamsg->encmsglen); + datamsg->macend = bufp; + + /* Recalculate the MAC */ + sha1hmac(datamsg->mac, mackey, datamsg->macstart, + datamsg->macend - datamsg->macstart); + + write_raw(datamsg->mac, 20); + write_int(datamsg->mackeyslen); + write_raw(datamsg->mackeys, datamsg->mackeyslen); + + if (lenp != 0) { + fprintf(stderr, "Error creating OTR Data Message.\n"); + exit(1); + } + + base64len = 5 + ((datamsg->rawlen + 2) / 3) * 4 + 1 + 1; + outmsg = malloc(base64len); + if (!outmsg) return NULL; + + memmove(outmsg, "?OTR:", 5); + otrl_base64_encode(outmsg + 5, datamsg->raw, datamsg->rawlen); + strcpy(outmsg + base64len - 2, "."); + return outmsg; +} + +/* Assemble a new Data Message from its pieces. Return a + * newly-allocated string containing the base64 representation. */ +char *assemble_datamsg(unsigned char mackey[20], + unsigned char version, unsigned int sender_instance, + unsigned int receiver_instance, int flags, unsigned int sender_keyid, + unsigned int rcpt_keyid, gcry_mpi_t y, + unsigned char ctr[8], unsigned char *encmsg, size_t encmsglen, + unsigned char *mackeys, size_t mackeyslen) +{ + DataMsg datam = calloc(1, sizeof(struct s_DataMsg)); + char *newmsg = NULL; + if (!datam) goto inv; + datam->version = version; + datam->flags = flags; + datam->sender_instance = sender_instance; + datam->receiver_instance = receiver_instance; + datam->sender_keyid = sender_keyid; + datam->rcpt_keyid = rcpt_keyid; + datam->y = gcry_mpi_copy(y); + memmove(datam->ctr, ctr, 8); + datam->encmsg = malloc(encmsglen); + if (!datam->encmsg && encmsglen > 0) goto inv; + memmove(datam->encmsg, encmsg, encmsglen); + datam->encmsglen = encmsglen; + datam->mackeys = malloc(mackeyslen); + if (!datam->mackeys && mackeyslen > 0) goto inv; + memmove(datam->mackeys, mackeys, mackeyslen); + datam->mackeyslen = mackeyslen; + + /* Recalculate the MAC and base64-encode the result */ + newmsg = remac_datamsg(datam, mackey); + free_datamsg(datam); + return newmsg; +inv: + free_datamsg(datam); + return NULL; +} + +/* Deallocate a DataMsg and all of the data it points to */ +void free_datamsg(DataMsg datamsg) +{ + if (!datamsg) return; + free(datamsg->raw); + gcry_mpi_release(datamsg->y); + free(datamsg->encmsg); + free(datamsg->mackeys); + free(datamsg); +} + +static int ctoh(char c) +{ + if (c >= '0' && c <= '9') return (c-'0'); + if (c >= 'a' && c <= 'f') return (c-'a'+10); + if (c >= 'A' && c <= 'F') return (c-'A'+10); + return -1; +} + +/* Convert a string of hex chars to a buffer of unsigned chars. */ +void argv_to_buf(unsigned char **bufp, size_t *lenp, char *arg) +{ + unsigned char *buf; + size_t len, i; + + *bufp = NULL; + *lenp = 0; + + len = strlen(arg); + if (len % 2) { + fprintf(stderr, "Argument ``%s'' must have even length.\n", arg); + return; + } + buf = malloc(len/2); + if (buf == NULL && len > 0) { + fprintf(stderr, "Out of memory!\n"); + return; + } + + for(i=0;i<len/2;++i) { + int hi = ctoh(arg[2*i]); + int lo = ctoh(arg[2*i+1]); + if (hi < 0 || lo < 0) { + free(buf); + fprintf(stderr, "Illegal hex char in argument ``%s''.\n", arg); + return; + } + buf[i] = (hi << 4) + lo; + } + *bufp = buf; + *lenp = len/2; +} diff --git a/comm/third_party/libotr/toolkit/parse.h b/comm/third_party/libotr/toolkit/parse.h new file mode 100644 index 0000000000..21a335f5dd --- /dev/null +++ b/comm/third_party/libotr/toolkit/parse.h @@ -0,0 +1,163 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Rob Smits, Chris Alexander, + * Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __PARSE_H__ +#define __PARSE_H__ + +#include <gcrypt.h> + +typedef struct s_KeyExchMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + unsigned char reply; + gcry_mpi_t p, q, g, e; + unsigned int keyid; + gcry_mpi_t y; + gcry_mpi_t r, s; + unsigned char *sigstart; /* Pointers into the "raw" array. Don't */ + unsigned char *sigend; /* free() these. */ +} * KeyExchMsg; + +typedef struct s_DataMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + size_t rawlen; + int flags; + unsigned char version; + unsigned int sender_instance; + unsigned int receiver_instance; + unsigned int sender_keyid; + unsigned int rcpt_keyid; + gcry_mpi_t y; + unsigned char ctr[8]; + unsigned char *encmsg; /* A copy; must be free()d */ + size_t encmsglen; + unsigned char mac[20]; + unsigned char *mackeys; /* A copy; must be free()d */ + size_t mackeyslen; + unsigned char *macstart; /* Pointers into the "raw" array. Don't */ + unsigned char *macend; /* free() these. */ +} * DataMsg; + +typedef struct s_CommitMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + unsigned char version; + unsigned int sender_instance; + unsigned int receiver_instance; + unsigned char *enckey; + size_t enckeylen; + unsigned char *hashkey; + size_t hashkeylen; +} * CommitMsg; + +typedef struct s_KeyMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + unsigned char version; + unsigned int sender_instance; + unsigned int receiver_instance; + gcry_mpi_t y; +} * KeyMsg; + +typedef struct s_RevealSigMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + unsigned char version; + unsigned int sender_instance; + unsigned int receiver_instance; + unsigned char *key; + size_t keylen; + unsigned char *encsig; + size_t encsiglen; + unsigned char mac[20]; +} * RevealSigMsg; + +typedef struct s_SignatureMsg { + unsigned char *raw; /* The base64-decoded data; must be free()d */ + unsigned char version; + unsigned int sender_instance; + unsigned int receiver_instance; + unsigned char *encsig; + size_t encsiglen; + unsigned char mac[20]; +} * SignatureMsg; + +/* Dump an unsigned int to a FILE * */ +void dump_int(FILE *stream, const char *title, unsigned int val); + +/* Dump an mpi to a FILE * */ +void dump_mpi(FILE *stream, const char *title, gcry_mpi_t val); + +/* Dump data to a FILE * */ +void dump_data(FILE *stream, const char *title, const unsigned char *data, + size_t datalen); + +/* Parse a Key Exchange Message into a newly-allocated KeyExchMsg structure */ +KeyExchMsg parse_keyexch(const char *msg); + +/* Deallocate a KeyExchMsg and all of the data it points to */ +void free_keyexch(KeyExchMsg keyexch); + +/* Parse a D-H Commit Message into a newly-allocated CommitMsg structure */ +CommitMsg parse_commit(const char *msg); + +/* Parse a Data Message into a newly-allocated DataMsg structure */ +DataMsg parse_datamsg(const char *msg); + +/* Deallocate a CommitMsg and all of the data it points to */ +void free_commit(CommitMsg cmsg); + +/* Parse a Reveal Signature Message into a newly-allocated RevealSigMsg + * structure */ +RevealSigMsg parse_revealsig(const char *msg); + +/* Deallocate a RevealSigMsg and all of the data it points to */ +void free_revealsig(RevealSigMsg rmsg); + +/* Parse a Signature Message into a newly-allocated SignatureMsg structure */ +SignatureMsg parse_signature(const char *msg); + +/* Deallocate a SignatureMsg and all of the data it points to */ +void free_signature(SignatureMsg smsg); + +/* Parse a D-H Key Message into a newly-allocated KeyMsg structure */ +KeyMsg parse_key(const char *msg); + +/* Deallocate a KeyMsg and all of the data it points to */ +void free_key(KeyMsg cmsg); + +/* Recalculate the MAC on the message, base64-encode the resulting MAC'd + * message, and put on the appropriate header and footer. Return a + * newly-allocated pointer to the result, which the caller will have to + * free(). */ +char *remac_datamsg(DataMsg datamsg, unsigned char mackey[20]); + +/* Assemble a new Data Message from its pieces. Return a + * newly-allocated string containing the base64 representation. */ +char *assemble_datamsg(unsigned char mackey[20], + unsigned char version, unsigned int sender_instance, + unsigned int receiver_instance, int flags, unsigned int sender_keyid, + unsigned int rcpt_keyid, gcry_mpi_t y, + unsigned char ctr[8], unsigned char *encmsg, size_t encmsglen, + unsigned char *mackeys, size_t mackeyslen); + +/* Deallocate a DataMsg and all of the data it points to */ +void free_datamsg(DataMsg datamsg); + +/* Convert a string of hex chars to a buffer of unsigned chars. */ +void argv_to_buf(unsigned char **bufp, size_t *lenp, char *arg); + +#endif diff --git a/comm/third_party/libotr/toolkit/readotr.c b/comm/third_party/libotr/toolkit/readotr.c new file mode 100644 index 0000000000..77ffcbb6a6 --- /dev/null +++ b/comm/third_party/libotr/toolkit/readotr.c @@ -0,0 +1,91 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +typedef struct { + char *data; + size_t len; + size_t alloclen; +} Buffer; + +static void buf_new(Buffer *bufp) +{ + bufp->data = NULL; + bufp->len = 0; + bufp->alloclen = 0; +} + +static void buf_put(Buffer *bufp, const char *str, size_t len) +{ + while (bufp->len + len + 1 > bufp->alloclen) { + char *newdata = realloc(bufp->data, bufp->alloclen + 1024); + if (!newdata) { + fprintf(stderr, "Out of memory!\n"); + exit(1); + } + bufp->data = newdata; + bufp->alloclen += 1024; + } + memmove(bufp->data + bufp->len, str, len); + bufp->len += len; + bufp->data[bufp->len] = '\0'; +} + +static void buf_putc(Buffer *bufp, char c) +{ + buf_put(bufp, &c, 1); +} + +/* Read from the given stream until we see a complete OTR Key Exchange + * or OTR Data message. Return a newly-allocated pointer to a copy of + * this message, which the caller should free(). Returns NULL if no + * such message could be found. */ +char *readotr(FILE *stream) +{ + int seen = 0; + const char header[] = "?OTR:"; /* There are no '?' chars other than + the leading one */ + int headerlen = strlen(header); + Buffer buf; + + while(seen < headerlen) { + int c = fgetc(stream); + if (c == EOF) return NULL; + else if (c == header[seen]) seen++; + else if (c == header[0]) seen = 1; + else seen = 0; + } + + buf_new(&buf); + buf_put(&buf, header, headerlen); + + /* Look for the trailing '.' */ + while(1) { + int c = fgetc(stream); + if (c == EOF) break; + buf_putc(&buf, c); + if (c == '.') break; + } + + return buf.data; +} diff --git a/comm/third_party/libotr/toolkit/readotr.h b/comm/third_party/libotr/toolkit/readotr.h new file mode 100644 index 0000000000..a1b78f9130 --- /dev/null +++ b/comm/third_party/libotr/toolkit/readotr.h @@ -0,0 +1,29 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __READOTR_H__ +#define __READOTR_H__ + +/* Read from the given stream until we see a complete OTR Key Exchange + * or OTR Data message. Return a newly-allocated pointer to a copy of + * this message, which the caller should free(). Returns NULL if no + * such message could be found. */ +char *readotr(FILE *stream); + +#endif diff --git a/comm/third_party/libotr/toolkit/sesskeys.c b/comm/third_party/libotr/toolkit/sesskeys.c new file mode 100644 index 0000000000..08649e60f2 --- /dev/null +++ b/comm/third_party/libotr/toolkit/sesskeys.c @@ -0,0 +1,98 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2014 Ian Goldberg, David Goulet, Chris Alexander, + * Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdlib.h> + +/* libgcrypt headers */ +#include <gcrypt.h> + +static const char* DH1536_MODULUS_S = "0x" + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"; +static const int DH1536_MOD_LEN_BITS = 1536; +static const char *DH1536_GENERATOR_S = "0x02"; + +/* Generate the session id and the two encryption keys from our private + * DH key and their public DH key. Also indicate in *high_endp if we + * are the "high" end of the key exchange (set to 1) or the "low" end + * (set to 0) */ +void sesskeys_gen(unsigned char sessionid[20], unsigned char sendenc[16], + unsigned char rcvenc[16], int *high_endp, gcry_mpi_t *our_yp, + gcry_mpi_t our_x, gcry_mpi_t their_y) +{ + gcry_mpi_t modulus, generator, secretv; + unsigned char *secret; + size_t secretlen; + unsigned char hash[20]; + int is_high; + + gcry_mpi_scan(&modulus, GCRYMPI_FMT_HEX, + (const unsigned char *)DH1536_MODULUS_S, 0, NULL); + gcry_mpi_scan(&generator, GCRYMPI_FMT_HEX, + (const unsigned char *)DH1536_GENERATOR_S, 0, NULL); + *our_yp = gcry_mpi_snew(DH1536_MOD_LEN_BITS); + gcry_mpi_powm(*our_yp, generator, our_x, modulus); + secretv = gcry_mpi_snew(DH1536_MOD_LEN_BITS); + gcry_mpi_powm(secretv, their_y, our_x, modulus); + gcry_mpi_release(generator); + gcry_mpi_release(modulus); + gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &secretlen, secretv); + secret = malloc(secretlen + 5); + + secret[1] = (secretlen >> 24) & 0xff; + secret[2] = (secretlen >> 16) & 0xff; + secret[3] = (secretlen >> 8) & 0xff; + secret[4] = (secretlen) & 0xff; + gcry_mpi_print(GCRYMPI_FMT_USG, secret+5, secretlen, NULL, secretv); + gcry_mpi_release(secretv); + + is_high = (gcry_mpi_cmp(*our_yp, their_y) > 0); + + /* Calculate the session id */ + secret[0] = 0x00; + gcry_md_hash_buffer(GCRY_MD_SHA1, hash, secret, secretlen+5); + memmove(sessionid, hash, 20); + + /* Calculate the sending enc key */ + secret[0] = is_high ? 0x01 : 0x02; + gcry_md_hash_buffer(GCRY_MD_SHA1, hash, secret, secretlen+5); + memmove(sendenc, hash, 16); + + /* Calculate the receiving enc key */ + secret[0] = is_high ? 0x02 : 0x01; + gcry_md_hash_buffer(GCRY_MD_SHA1, hash, secret, secretlen+5); + memmove(rcvenc, hash, 16); + + *high_endp = is_high; + free(secret); +} + +/* Generate a MAC key from the corresponding encryption key */ +void sesskeys_make_mac(unsigned char mackey[20], unsigned char enckey[16]) +{ + gcry_md_hash_buffer(GCRY_MD_SHA1, mackey, enckey, 16); +} diff --git a/comm/third_party/libotr/toolkit/sesskeys.h b/comm/third_party/libotr/toolkit/sesskeys.h new file mode 100644 index 0000000000..677d2054c7 --- /dev/null +++ b/comm/third_party/libotr/toolkit/sesskeys.h @@ -0,0 +1,34 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __SESSKEYS_H__ +#define __SESSKEYS_H__ + +/* Generate the session id and the two encryption keys from our private + * DH key and their public DH key. Also indicate in *high_endp if we + * are the "high" end of the key exchange (set to 1) or the "low" end + * (set to 0) */ +void sesskeys_gen(unsigned char sessionid[20], unsigned char sendenc[16], + unsigned char rcvenc[16], int *high_endp, gcry_mpi_t *our_yp, + gcry_mpi_t our_x, gcry_mpi_t their_y); + +/* Generate a MAC key from the corresponding encryption key */ +void sesskeys_make_mac(unsigned char mackey[20], unsigned char enckey[16]); + +#endif diff --git a/comm/third_party/libotr/toolkit/sha1hmac.c b/comm/third_party/libotr/toolkit/sha1hmac.c new file mode 100644 index 0000000000..7cf82d6a10 --- /dev/null +++ b/comm/third_party/libotr/toolkit/sha1hmac.c @@ -0,0 +1,61 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* system headers */ +#include <stdio.h> +#include <stdlib.h> + +/* libgcrypt headers */ +#include <gcrypt.h> + +/* Implementation of SHA1-HMAC. We're rolling our own just to + * double-check that the calls libotr makes to libgcrypt are in fact + * doing the right thing. */ +void sha1hmac(unsigned char digest[20], unsigned char key[20], + unsigned char *data, size_t datalen) +{ + unsigned char ipad[64], opad[64]; + size_t i; + gcry_md_hd_t sha1; + gcry_error_t err; + unsigned char hash[20]; + + memset(ipad, 0, 64); + memset(opad, 0, 64); + memmove(ipad, key, 20); + memmove(opad, key, 20); + for(i=0;i<64;++i) { + ipad[i] ^= 0x36; + opad[i] ^= 0x5c; + } + + err = gcry_md_open(&sha1, GCRY_MD_SHA1, 0); + if (err) { + fprintf(stderr, "Error: %s\n", gcry_strerror(err)); + exit(1); + } + gcry_md_write(sha1, ipad, 64); + gcry_md_write(sha1, data, datalen); + memmove(hash, gcry_md_read(sha1, 0), 20); + gcry_md_reset(sha1); + gcry_md_write(sha1, opad, 64); + gcry_md_write(sha1, hash, 20); + memmove(digest, gcry_md_read(sha1, 0), 20); + gcry_md_close(sha1); +} diff --git a/comm/third_party/libotr/toolkit/sha1hmac.h b/comm/third_party/libotr/toolkit/sha1hmac.h new file mode 100644 index 0000000000..1f76ddc41b --- /dev/null +++ b/comm/third_party/libotr/toolkit/sha1hmac.h @@ -0,0 +1,29 @@ +/* + * Off-the-Record Messaging Toolkit + * Copyright (C) 2004-2012 Ian Goldberg, Chris Alexander, Nikita Borisov + * <otr@cypherpunks.ca> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __SHA1HMAC_H__ +#define __SHA1HMAC_H__ + +/* Implementation of SHA1-HMAC. We're rolling our own just to + * double-check that the calls libotr makes to libgcrypt are in fact + * doing the right thing. */ +void sha1hmac(unsigned char digest[20], unsigned char key[20], + unsigned char *data, size_t datalen); + +#endif |