decrypt-utils.c

   1 /* IPSec VPN client compatible with Cisco equipment.
   2    Copyright (C) 2004-2007 Maurice Massar
   3    A bit reorganized in 2007 by Wolfram Sang
   4
   5    This program is free software; you can redistribute it and/or modify
   6    it under the terms of the GNU General Public License as published by
   7    the Free Software Foundation; either version 2 of the License, or
   8    (at your option) any later version.
   9
  10    This program is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13    GNU General Public License for more details.
  14
  15    You should have received a copy of the GNU General Public License
  16    along with this program; if not, write to the Free Software
  17    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  18
  19    $Id$
  20 */
  21
  22 #define _GNU_SOURCE
  23
  24 #include <inttypes.h>
  25 #include <stdlib.h>
  26 #include <string.h>
  27 #include <unistd.h>
  28 #include <errno.h>
  29
  30 #include <gcrypt.h>
  31
  32 #include "decrypt-utils.h"
  33
  34
  35 static int hex2bin_c(unsigned int c)
  36 {
  37         if ((c >= '0')&&(c <= '9'))
  38                 return c - '0';
  39         if ((c >= 'A')&&(c <= 'F'))
  40                 return c - 'A' + 10;
  41         if ((c >= 'a')&&(c <= 'f'))
  42                 return c - 'a' + 10;
  43         return -1;
  44 }
  45
  46 int hex2bin(const char *str, char **bin, int *len)
  47 {
  48         char *p;
  49         int i, l;
  50
  51         if (!bin)
  52                 return EINVAL;
  53
  54         for (i = 0; str[i] != '\0'; i++)
  55                 if (hex2bin_c(str[i]) == -1)
  56                         return EINVAL;
  57
  58         l = i;
  59         if ((l & 1) != 0)
  60                 return EINVAL;
  61         l /= 2;
  62
  63         p = malloc(l);
  64         if (p == NULL)
  65                 return ENOMEM;
  66
  67         for (i = 0; i < l; i++)
  68                 p[i] = hex2bin_c(str[i*2]) << 4 | hex2bin_c(str[i*2+1]);
  69
  70         *bin = p;
  71         if (len)
  72                 *len = l;
  73
  74         return 0;
  75 }
  76
  77 int deobfuscate(char *ct, int len, const char **resp, char *reslenp)
  78 {
  79         const char *h1  = ct;
  80         const char *h4  = ct + 20;
  81         const char *enc = ct + 40;
  82
  83         char ht[20], h2[20], h3[20], key[24];
  84         const char *iv = h1;
  85         char *res;
  86         gcry_cipher_hd_t ctx;
  87         int reslen;
  88
  89         if (len < 48)
  90                 return -1;
  91         len -= 40;
  92
  93         memcpy(ht, h1, 20);
  94
  95         ht[19]++;
  96         gcry_md_hash_buffer(GCRY_MD_SHA1, h2, ht, 20);
  97
  98         ht[19] += 2;
  99         gcry_md_hash_buffer(GCRY_MD_SHA1, h3, ht, 20);
 100
 101         memcpy(key, h2, 20);
 102         memcpy(key+20, h3, 4);
 103         /* who cares about parity anyway? */
 104
 105         gcry_md_hash_buffer(GCRY_MD_SHA1, ht, enc, len);
 106
 107         if (memcmp(h4, ht, 20) != 0)
 108                 return -1;
 109
 110         res = malloc(len);
 111         if (res == NULL)
 112                 return -1;
 113
 114         gcry_cipher_open(&ctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
 115         gcry_cipher_setkey(ctx, key, 24);
 116         gcry_cipher_setiv(ctx, iv, 8);
 117         gcry_cipher_decrypt(ctx, (unsigned char *)res, len, (unsigned char *)enc, len);
 118         gcry_cipher_close(ctx);
 119
 120         reslen = len - res[len-1];
 121         res[reslen] = '\0';
 122
 123         if (resp)
 124                 *resp = res;
 125         if (reslenp)
 126                 *reslenp = reslen;
 127         return 0;
 128 }