* Purple is the legal property of its developers, whose names are too numerous * to list here. Please refer to the COPYRIGHT file distributed with this * Original des taken from gpg * des.c - DES and Triple-DES encryption/decryption Algorithm * Copyright (C) 1998 Free Software Foundation, Inc. * Please see below for more legal information! * According to the definition of DES in FIPS PUB 46-2 from December 1993. * For a description of triple encryption, see: * Bruce Schneier: Applied Cryptography. Second Edition. * John Wiley & Sons, 1996. ISBN 0-471-12845-7. Pages 358 ff. * This file is part of GnuPG. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA /******************************************************************************* ******************************************************************************/ gchar *name; /**< Internal name - used for searching */ PurpleCipherOps *ops; /**< Operations supported by this cipher */ guint ref; /**< Reference count */ struct _PurpleCipherContext { PurpleCipher *cipher; /**< Cipher this context is under */ gpointer data; /**< Internal cipher state data */ /****************************************************************************** *****************************************************************************/ static GList *ciphers = NULL; /****************************************************************************** *****************************************************************************/ purple_cipher_get_name(PurpleCipher *cipher) { g_return_val_if_fail(cipher, NULL); purple_cipher_get_capabilities(PurpleCipher *cipher) { PurpleCipherOps *ops = NULL; g_return_val_if_fail(cipher, 0); g_return_val_if_fail(ops, 0); caps |= PURPLE_CIPHER_CAPS_SET_OPT; caps |= PURPLE_CIPHER_CAPS_GET_OPT; caps |= PURPLE_CIPHER_CAPS_INIT; caps |= PURPLE_CIPHER_CAPS_RESET; caps |= PURPLE_CIPHER_CAPS_UNINIT; caps |= PURPLE_CIPHER_CAPS_SET_IV; caps |= PURPLE_CIPHER_CAPS_APPEND; caps |= PURPLE_CIPHER_CAPS_DIGEST; caps |= PURPLE_CIPHER_CAPS_ENCRYPT; caps |= PURPLE_CIPHER_CAPS_DECRYPT; caps |= PURPLE_CIPHER_CAPS_SET_SALT; caps |= PURPLE_CIPHER_CAPS_GET_SALT_SIZE; caps |= PURPLE_CIPHER_CAPS_SET_KEY; caps |= PURPLE_CIPHER_CAPS_GET_KEY_SIZE; caps |= PURPLE_CIPHER_CAPS_SET_BATCH_MODE; caps |= PURPLE_CIPHER_CAPS_GET_BATCH_MODE; caps |= PURPLE_CIPHER_CAPS_GET_BLOCK_SIZE; if(ops->set_key_with_len) caps |= PURPLE_CIPHER_CAPS_SET_KEY_WITH_LEN; purple_cipher_digest_region(const gchar *name, const guchar *data, size_t data_len, size_t in_len, guchar digest[], size_t *out_len) PurpleCipherContext *context; g_return_val_if_fail(name, FALSE); g_return_val_if_fail(data, FALSE); cipher = purple_ciphers_find_cipher(name); g_return_val_if_fail(cipher, FALSE); if(!cipher->ops->append || !cipher->ops->digest) { purple_debug_warning("cipher", "purple_cipher_region failed: " "the %s cipher does not support appending and or " "digesting.", cipher->name); context = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context, data, data_len); ret = purple_cipher_context_digest(context, in_len, digest, out_len); purple_cipher_context_destroy(context); /****************************************************************************** *****************************************************************************/ purple_ciphers_find_cipher(const gchar *name) { g_return_val_if_fail(name, NULL); for(l = ciphers; l; l = l->next) { cipher = PURPLE_CIPHER(l->data); if(!g_ascii_strcasecmp(cipher->name, name)) purple_ciphers_register_cipher(const gchar *name, PurpleCipherOps *ops) { PurpleCipher *cipher = NULL; g_return_val_if_fail(name, NULL); g_return_val_if_fail(ops, NULL); g_return_val_if_fail(!purple_ciphers_find_cipher(name), NULL); cipher = g_new0(PurpleCipher, 1); PURPLE_DBUS_REGISTER_POINTER(cipher, PurpleCipher); cipher->name = g_strdup(name); ciphers = g_list_append(ciphers, cipher); purple_signal_emit(purple_ciphers_get_handle(), "cipher-added", cipher); purple_ciphers_unregister_cipher(PurpleCipher *cipher) { g_return_val_if_fail(cipher, FALSE); g_return_val_if_fail(cipher->ref == 0, FALSE); purple_signal_emit(purple_ciphers_get_handle(), "cipher-removed", cipher); ciphers = g_list_remove(ciphers, cipher); PURPLE_DBUS_UNREGISTER_POINTER(cipher); purple_ciphers_get_ciphers() { /****************************************************************************** * PurpleCipher Subsystem API *****************************************************************************/ purple_ciphers_get_handle() { /* These are implemented in the purple-ciphers sublibrary built in the ciphers * directory. We could put a header file in there, but it's less hassle for * the developer to just add it here since they have to register it here as PurpleCipherOps *purple_des_cipher_get_ops(); PurpleCipherOps *purple_des3_cipher_get_ops(); PurpleCipherOps *purple_hmac_cipher_get_ops(); PurpleCipherOps *purple_md4_cipher_get_ops(); PurpleCipherOps *purple_md5_cipher_get_ops(); PurpleCipherOps *purple_rc4_cipher_get_ops(); PurpleCipherOps *purple_sha1_cipher_get_ops(); PurpleCipherOps *purple_sha256_cipher_get_ops(); handle = purple_ciphers_get_handle(); purple_signal_register(handle, "cipher-added", purple_marshal_VOID__POINTER, NULL, 1, purple_value_new(PURPLE_TYPE_SUBTYPE, purple_signal_register(handle, "cipher-removed", purple_marshal_VOID__POINTER, NULL, 1, purple_value_new(PURPLE_TYPE_SUBTYPE, purple_ciphers_register_cipher("md5", purple_md5_cipher_get_ops()); purple_ciphers_register_cipher("sha1", purple_sha1_cipher_get_ops()); purple_ciphers_register_cipher("sha256", purple_sha256_cipher_get_ops()); purple_ciphers_register_cipher("md4", purple_md4_cipher_get_ops()); purple_ciphers_register_cipher("hmac", purple_hmac_cipher_get_ops()); purple_ciphers_register_cipher("des", purple_des_cipher_get_ops()); purple_ciphers_register_cipher("des3", purple_des3_cipher_get_ops()); purple_ciphers_register_cipher("rc4", purple_rc4_cipher_get_ops()); purple_ciphers_uninit() { for(l = ciphers; l; l = ll) { cipher = PURPLE_CIPHER(l->data); purple_ciphers_unregister_cipher(cipher); purple_signals_unregister_by_instance(purple_ciphers_get_handle()); /****************************************************************************** * PurpleCipherContext API *****************************************************************************/ purple_cipher_context_set_option(PurpleCipherContext *context, const gchar *name, PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_option) cipher->ops->set_option(context, name, value); purple_debug_warning("cipher", "the %s cipher does not support the " "set_option operation\n", cipher->name); purple_cipher_context_get_option(PurpleCipherContext *context, const gchar *name) { PurpleCipher *cipher = NULL; g_return_val_if_fail(context, NULL); g_return_val_if_fail(name, NULL); cipher = context->cipher; g_return_val_if_fail(cipher, NULL); if(cipher->ops && cipher->ops->get_option) return cipher->ops->get_option(context, name); purple_debug_warning("cipher", "the %s cipher does not support the " "get_option operation\n", cipher->name); purple_cipher_context_new(PurpleCipher *cipher, void *extra) { PurpleCipherContext *context = NULL; g_return_val_if_fail(cipher, NULL); context = g_new0(PurpleCipherContext, 1); context->cipher = cipher; cipher->ops->init(context, extra); purple_cipher_context_new_by_name(const gchar *name, void *extra) { g_return_val_if_fail(name, NULL); cipher = purple_ciphers_find_cipher(name); g_return_val_if_fail(cipher, NULL); return purple_cipher_context_new(cipher, extra); purple_cipher_context_reset(PurpleCipherContext *context, void *extra) { PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->reset) context->cipher->ops->reset(context, extra); purple_cipher_context_destroy(PurpleCipherContext *context) { PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->uninit) cipher->ops->uninit(context); memset(context, 0, sizeof(*context)); purple_cipher_context_set_iv(PurpleCipherContext *context, guchar *iv, size_t len) PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_iv) cipher->ops->set_iv(context, iv, len); purple_debug_warning("cipher", "the %s cipher does not support the set" "initialization vector operation\n", cipher->name); purple_cipher_context_append(PurpleCipherContext *context, const guchar *data, PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->append) cipher->ops->append(context, data, len); purple_debug_warning("cipher", "the %s cipher does not support the append " "operation\n", cipher->name); purple_cipher_context_digest(PurpleCipherContext *context, size_t in_len, guchar digest[], size_t *out_len) PurpleCipher *cipher = NULL; g_return_val_if_fail(context, FALSE); cipher = context->cipher; if(cipher->ops && cipher->ops->digest) return cipher->ops->digest(context, in_len, digest, out_len); purple_debug_warning("cipher", "the %s cipher does not support the digest " "operation\n", cipher->name); purple_cipher_context_digest_to_str(PurpleCipherContext *context, size_t in_len, gchar digest_s[], size_t *out_len) /* 8k is a bit excessive, will tweak later. */ guchar digest[BUF_LEN * 4]; g_return_val_if_fail(context, FALSE); g_return_val_if_fail(digest_s, FALSE); if(!purple_cipher_context_digest(context, sizeof(digest), digest, &dlen)) /* in_len must be greater than dlen * 2 so we have room for the NUL. */ for(n = 0; n < dlen; n++) sprintf(digest_s + (n * 2), "%02x", digest[n]); purple_cipher_context_encrypt(PurpleCipherContext *context, const guchar data[], size_t len, guchar output[], size_t *outlen) PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->encrypt) return cipher->ops->encrypt(context, data, len, output, outlen); purple_debug_warning("cipher", "the %s cipher does not support the encrypt" "operation\n", cipher->name); purple_cipher_context_decrypt(PurpleCipherContext *context, const guchar data[], size_t len, guchar output[], size_t *outlen) PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->decrypt) return cipher->ops->decrypt(context, data, len, output, outlen); purple_debug_warning("cipher", "the %s cipher does not support the decrypt" "operation\n", cipher->name); purple_cipher_context_set_salt(PurpleCipherContext *context, guchar *salt) { PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_salt) cipher->ops->set_salt(context, salt); purple_debug_warning("cipher", "the %s cipher does not support the " "set_salt operation\n", cipher->name); purple_cipher_context_get_salt_size(PurpleCipherContext *context) { PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->get_salt_size) return cipher->ops->get_salt_size(context); purple_debug_warning("cipher", "the %s cipher does not support the " "get_salt_size operation\n", cipher->name); purple_cipher_context_set_key(PurpleCipherContext *context, const guchar *key) { PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_key) cipher->ops->set_key(context, key); purple_debug_warning("cipher", "the %s cipher does not support the " "set_key operation\n", cipher->name); purple_cipher_context_get_key_size(PurpleCipherContext *context) { PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->get_key_size) return cipher->ops->get_key_size(context); purple_debug_warning("cipher", "the %s cipher does not support the " "get_key_size operation\n", cipher->name); purple_cipher_context_set_batch_mode(PurpleCipherContext *context, PurpleCipherBatchMode mode) PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_batch_mode) cipher->ops->set_batch_mode(context, mode); purple_debug_warning("cipher", "The %s cipher does not support the " "set_batch_mode operation\n", cipher->name); purple_cipher_context_get_batch_mode(PurpleCipherContext *context) PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->get_batch_mode) return cipher->ops->get_batch_mode(context); purple_debug_warning("cipher", "The %s cipher does not support the " "get_batch_mode operation\n", cipher->name); purple_cipher_context_get_block_size(PurpleCipherContext *context) PurpleCipher *cipher = NULL; g_return_val_if_fail(context, -1); cipher = context->cipher; g_return_val_if_fail(cipher, -1); if(cipher->ops && cipher->ops->get_block_size) return cipher->ops->get_block_size(context); purple_debug_warning("cipher", "The %s cipher does not support the " "get_block_size operation\n", cipher->name); purple_cipher_context_set_key_with_len(PurpleCipherContext *context, const guchar *key, size_t len) PurpleCipher *cipher = NULL; g_return_if_fail(context); cipher = context->cipher; g_return_if_fail(cipher); if(cipher->ops && cipher->ops->set_key_with_len) cipher->ops->set_key_with_len(context, key, len); purple_debug_warning("cipher", "The %s cipher does not support the " "set_key_with_len operation\n", cipher->name); purple_cipher_context_set_data(PurpleCipherContext *context, gpointer data) { g_return_if_fail(context); purple_cipher_context_get_data(PurpleCipherContext *context) { g_return_val_if_fail(context, NULL); gchar *purple_cipher_http_digest_calculate_session_key( const gchar *client_nonce) PurpleCipherContext *context; gchar hash[33]; /* We only support MD5. */ g_return_val_if_fail(username != NULL, NULL); g_return_val_if_fail(realm != NULL, NULL); g_return_val_if_fail(password != NULL, NULL); g_return_val_if_fail(nonce != NULL, NULL); /* Check for a supported algorithm. */ g_return_val_if_fail(algorithm == NULL || g_ascii_strcasecmp(algorithm, "MD5") || g_ascii_strcasecmp(algorithm, "MD5-sess"), NULL); cipher = purple_ciphers_find_cipher("md5"); g_return_val_if_fail(cipher != NULL, NULL); context = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context, (guchar *)username, strlen(username)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)realm, strlen(realm)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)password, strlen(password)); if (algorithm != NULL && !g_ascii_strcasecmp(algorithm, "MD5-sess")) if (client_nonce == NULL) purple_cipher_context_destroy(context); purple_debug_error("cipher", "Required client_nonce missing for MD5-sess digest calculation.\n"); purple_cipher_context_digest(context, sizeof(digest), digest, NULL); purple_cipher_context_destroy(context); context = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context, digest, sizeof(digest)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)nonce, strlen(nonce)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)client_nonce, strlen(client_nonce)); purple_cipher_context_digest_to_str(context, sizeof(hash), hash, NULL); purple_cipher_context_destroy(context); gchar *purple_cipher_http_digest_calculate_response( const gchar *nonce_count, const gchar *client_nonce, const gchar *session_key) PurpleCipherContext *context; static gchar hash2[33]; /* We only support MD5. */ g_return_val_if_fail(method != NULL, NULL); g_return_val_if_fail(digest_uri != NULL, NULL); g_return_val_if_fail(nonce != NULL, NULL); g_return_val_if_fail(session_key != NULL, NULL); /* Check for a supported algorithm. */ g_return_val_if_fail(algorithm == NULL || g_ascii_strcasecmp(algorithm, "MD5") || g_ascii_strcasecmp(algorithm, "MD5-sess"), NULL); /* Check for a supported "quality of protection". */ g_return_val_if_fail(qop == NULL || g_ascii_strcasecmp(qop, "auth") || g_ascii_strcasecmp(qop, "auth-int"), NULL); cipher = purple_ciphers_find_cipher("md5"); g_return_val_if_fail(cipher != NULL, NULL); context = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context, (guchar *)method, strlen(method)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)digest_uri, strlen(digest_uri)); if (qop != NULL && !g_ascii_strcasecmp(qop, "auth-int")) PurpleCipherContext *context2; purple_cipher_context_destroy(context); purple_debug_error("cipher", "Required entity missing for auth-int digest calculation.\n"); context2 = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context2, (guchar *)entity, strlen(entity)); purple_cipher_context_digest_to_str(context2, sizeof(entity_hash), entity_hash, NULL); purple_cipher_context_destroy(context2); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)entity_hash, strlen(entity_hash)); purple_cipher_context_digest_to_str(context, sizeof(hash2), hash2, NULL); purple_cipher_context_destroy(context); context = purple_cipher_context_new(cipher, NULL); purple_cipher_context_append(context, (guchar *)session_key, strlen(session_key)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)nonce, strlen(nonce)); purple_cipher_context_append(context, (guchar *)":", 1); if (qop != NULL && *qop != '\0') purple_cipher_context_destroy(context); purple_debug_error("cipher", "Required nonce_count missing for digest calculation.\n"); if (client_nonce == NULL) purple_cipher_context_destroy(context); purple_debug_error("cipher", "Required client_nonce missing for digest calculation.\n"); purple_cipher_context_append(context, (guchar *)nonce_count, strlen(nonce_count)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)client_nonce, strlen(client_nonce)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)qop, strlen(qop)); purple_cipher_context_append(context, (guchar *)":", 1); purple_cipher_context_append(context, (guchar *)hash2, strlen(hash2)); purple_cipher_context_digest_to_str(context, sizeof(hash2), hash2, NULL); purple_cipher_context_destroy(context);