Everything else uses LF line endings, so fix up the few stray ones.
-/* \r
- * Copyright (C) 2022 Dinglan Peng\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#ifndef HAVE_NETTLE\r
-#error "This header should not be compiled without HAVE_NETTLE defined"\r
-#endif\r
-\r
-#include <stdlib.h>\r
-#ifndef WIN32\r
-#include <unistd.h>\r
-#endif\r
-#include <assert.h>\r
-\r
-#include <nettle/aes.h>\r
-#include <nettle/md5.h>\r
-#include <nettle/bignum.h>\r
-#include <rfb/CSecurityDH.h>\r
-#include <rfb/CConnection.h>\r
-#include <rdr/InStream.h>\r
-#include <rdr/OutStream.h>\r
-#include <rdr/RandomStream.h>\r
-#include <rfb/Exception.h>\r
-#include <os/os.h>\r
-\r
-using namespace rfb;\r
-\r
-const int MinKeyLength = 128;\r
-const int MaxKeyLength = 1024;\r
-\r
-CSecurityDH::CSecurityDH(CConnection* cc)\r
- : CSecurity(cc), keyLength(0)\r
-{\r
- mpz_init(g);\r
- mpz_init(p);\r
- mpz_init(A);\r
- mpz_init(b);\r
- mpz_init(B);\r
- mpz_init(k);\r
-}\r
-\r
-CSecurityDH::~CSecurityDH()\r
-{\r
- mpz_clear(g);\r
- mpz_clear(p);\r
- mpz_clear(A);\r
- mpz_clear(b);\r
- mpz_clear(B);\r
- mpz_clear(k);\r
-}\r
-\r
-bool CSecurityDH::processMsg()\r
-{\r
- if (readKey()) {\r
- writeCredentials();\r
- return true;\r
- }\r
- return false;\r
-}\r
-\r
-bool CSecurityDH::readKey()\r
-{\r
- rdr::InStream* is = cc->getInStream();\r
- if (!is->hasData(4))\r
- return false;\r
- is->setRestorePoint();\r
- rdr::U16 gen = is->readU16();\r
- keyLength = is->readU16();\r
- if (keyLength < MinKeyLength)\r
- throw AuthFailureException("DH key is too short");\r
- if (keyLength > MaxKeyLength)\r
- throw AuthFailureException("DH key is too long");\r
- if (!is->hasDataOrRestore(keyLength * 2))\r
- return false;\r
- is->clearRestorePoint();\r
- mpz_set_ui(g, gen);\r
- rdr::U8Array pBytes(keyLength);\r
- rdr::U8Array ABytes(keyLength);\r
- is->readBytes(pBytes.buf, keyLength);\r
- is->readBytes(ABytes.buf, keyLength);\r
- nettle_mpz_set_str_256_u(p, keyLength, pBytes.buf);\r
- nettle_mpz_set_str_256_u(A, keyLength, ABytes.buf);\r
- return true;\r
-}\r
-\r
-void CSecurityDH::writeCredentials()\r
-{\r
- CharArray username;\r
- CharArray password;\r
- rdr::RandomStream rs;\r
-\r
- (CSecurity::upg)->getUserPasswd(isSecure(), &username.buf, &password.buf);\r
- rdr::U8Array bBytes(keyLength);\r
- if (!rs.hasData(keyLength))\r
- throw ConnFailedException("failed to generate DH private key");\r
- rs.readBytes(bBytes.buf, keyLength);\r
- nettle_mpz_set_str_256_u(b, keyLength, bBytes.buf);\r
- mpz_powm(k, A, b, p);\r
- mpz_powm(B, g, b, p);\r
-\r
- rdr::U8Array sharedSecret(keyLength);\r
- rdr::U8Array BBytes(keyLength);\r
- nettle_mpz_get_str_256(keyLength, sharedSecret.buf, k);\r
- nettle_mpz_get_str_256(keyLength, BBytes.buf, B);\r
- rdr::U8 key[16];\r
- struct md5_ctx md5Ctx;\r
- md5_init(&md5Ctx);\r
- md5_update(&md5Ctx, keyLength, sharedSecret.buf);\r
- md5_digest(&md5Ctx, 16, key);\r
- struct aes128_ctx aesCtx;\r
- aes128_set_encrypt_key(&aesCtx, key);\r
-\r
- char buf[128];\r
- if (!rs.hasData(128))\r
- throw ConnFailedException("failed to generate random padding");\r
- rs.readBytes(buf, 128);\r
- size_t len = strlen(username.buf);\r
- if (len >= 64)\r
- throw AuthFailureException("username is too long");\r
- memcpy(buf, username.buf, len + 1);\r
- len = strlen(password.buf);\r
- if (len >= 64)\r
- throw AuthFailureException("password is too long");\r
- memcpy(buf + 64, password.buf, len + 1);\r
- aes128_encrypt(&aesCtx, 128, (rdr::U8 *)buf, (rdr::U8 *)buf);\r
-\r
- rdr::OutStream* os = cc->getOutStream();\r
- os->writeBytes(buf, 128);\r
- os->writeBytes(BBytes.buf, keyLength);\r
- os->flush();\r
-}\r
+/*
+ * Copyright (C) 2022 Dinglan Peng
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE
+#error "This header should not be compiled without HAVE_NETTLE defined"
+#endif
+
+#include <stdlib.h>
+#ifndef WIN32
+#include <unistd.h>
+#endif
+#include <assert.h>
+
+#include <nettle/aes.h>
+#include <nettle/md5.h>
+#include <nettle/bignum.h>
+#include <rfb/CSecurityDH.h>
+#include <rfb/CConnection.h>
+#include <rdr/InStream.h>
+#include <rdr/OutStream.h>
+#include <rdr/RandomStream.h>
+#include <rfb/Exception.h>
+#include <os/os.h>
+
+using namespace rfb;
+
+const int MinKeyLength = 128;
+const int MaxKeyLength = 1024;
+
+CSecurityDH::CSecurityDH(CConnection* cc)
+ : CSecurity(cc), keyLength(0)
+{
+ mpz_init(g);
+ mpz_init(p);
+ mpz_init(A);
+ mpz_init(b);
+ mpz_init(B);
+ mpz_init(k);
+}
+
+CSecurityDH::~CSecurityDH()
+{
+ mpz_clear(g);
+ mpz_clear(p);
+ mpz_clear(A);
+ mpz_clear(b);
+ mpz_clear(B);
+ mpz_clear(k);
+}
+
+bool CSecurityDH::processMsg()
+{
+ if (readKey()) {
+ writeCredentials();
+ return true;
+ }
+ return false;
+}
+
+bool CSecurityDH::readKey()
+{
+ rdr::InStream* is = cc->getInStream();
+ if (!is->hasData(4))
+ return false;
+ is->setRestorePoint();
+ rdr::U16 gen = is->readU16();
+ keyLength = is->readU16();
+ if (keyLength < MinKeyLength)
+ throw AuthFailureException("DH key is too short");
+ if (keyLength > MaxKeyLength)
+ throw AuthFailureException("DH key is too long");
+ if (!is->hasDataOrRestore(keyLength * 2))
+ return false;
+ is->clearRestorePoint();
+ mpz_set_ui(g, gen);
+ rdr::U8Array pBytes(keyLength);
+ rdr::U8Array ABytes(keyLength);
+ is->readBytes(pBytes.buf, keyLength);
+ is->readBytes(ABytes.buf, keyLength);
+ nettle_mpz_set_str_256_u(p, keyLength, pBytes.buf);
+ nettle_mpz_set_str_256_u(A, keyLength, ABytes.buf);
+ return true;
+}
+
+void CSecurityDH::writeCredentials()
+{
+ CharArray username;
+ CharArray password;
+ rdr::RandomStream rs;
+
+ (CSecurity::upg)->getUserPasswd(isSecure(), &username.buf, &password.buf);
+ rdr::U8Array bBytes(keyLength);
+ if (!rs.hasData(keyLength))
+ throw ConnFailedException("failed to generate DH private key");
+ rs.readBytes(bBytes.buf, keyLength);
+ nettle_mpz_set_str_256_u(b, keyLength, bBytes.buf);
+ mpz_powm(k, A, b, p);
+ mpz_powm(B, g, b, p);
+
+ rdr::U8Array sharedSecret(keyLength);
+ rdr::U8Array BBytes(keyLength);
+ nettle_mpz_get_str_256(keyLength, sharedSecret.buf, k);
+ nettle_mpz_get_str_256(keyLength, BBytes.buf, B);
+ rdr::U8 key[16];
+ struct md5_ctx md5Ctx;
+ md5_init(&md5Ctx);
+ md5_update(&md5Ctx, keyLength, sharedSecret.buf);
+ md5_digest(&md5Ctx, 16, key);
+ struct aes128_ctx aesCtx;
+ aes128_set_encrypt_key(&aesCtx, key);
+
+ char buf[128];
+ if (!rs.hasData(128))
+ throw ConnFailedException("failed to generate random padding");
+ rs.readBytes(buf, 128);
+ size_t len = strlen(username.buf);
+ if (len >= 64)
+ throw AuthFailureException("username is too long");
+ memcpy(buf, username.buf, len + 1);
+ len = strlen(password.buf);
+ if (len >= 64)
+ throw AuthFailureException("password is too long");
+ memcpy(buf + 64, password.buf, len + 1);
+ aes128_encrypt(&aesCtx, 128, (rdr::U8 *)buf, (rdr::U8 *)buf);
+
+ rdr::OutStream* os = cc->getOutStream();
+ os->writeBytes(buf, 128);
+ os->writeBytes(BBytes.buf, keyLength);
+ os->flush();
+}
-/* \r
- * Copyright (C) 2022 Dinglan Peng\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifndef __C_SECURITY_DH_H__\r
-#define __C_SECURITY_DH_H__\r
-\r
-#ifndef HAVE_NETTLE\r
-#error "This header should not be compiled without HAVE_NETTLE defined"\r
-#endif\r
-\r
-#include <nettle/bignum.h>\r
-#include <rfb/CSecurity.h>\r
-#include <rfb/Security.h>\r
-\r
-namespace rfb {\r
- class CSecurityDH : public CSecurity {\r
- public:\r
- CSecurityDH(CConnection* cc);\r
- virtual ~CSecurityDH();\r
- virtual bool processMsg();\r
- virtual int getType() const { return secTypeDH; }\r
- virtual bool isSecure() const { return false; }\r
-\r
- private:\r
- bool readKey();\r
- void writeCredentials();\r
-\r
- int keyLength;\r
- mpz_t g, p, A, b, B, k;\r
- };\r
-}\r
-\r
-#endif\r
+/*
+ * Copyright (C) 2022 Dinglan Peng
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef __C_SECURITY_DH_H__
+#define __C_SECURITY_DH_H__
+
+#ifndef HAVE_NETTLE
+#error "This header should not be compiled without HAVE_NETTLE defined"
+#endif
+
+#include <nettle/bignum.h>
+#include <rfb/CSecurity.h>
+#include <rfb/Security.h>
+
+namespace rfb {
+ class CSecurityDH : public CSecurity {
+ public:
+ CSecurityDH(CConnection* cc);
+ virtual ~CSecurityDH();
+ virtual bool processMsg();
+ virtual int getType() const { return secTypeDH; }
+ virtual bool isSecure() const { return false; }
+
+ private:
+ bool readKey();
+ void writeCredentials();
+
+ int keyLength;
+ mpz_t g, p, A, b, B, k;
+ };
+}
+
+#endif
-/* \r
- * Copyright (C) 2022 Dinglan Peng\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#ifndef HAVE_NETTLE\r
-#error "This header should not be compiled without HAVE_NETTLE defined"\r
-#endif\r
-\r
-#include <stdlib.h>\r
-#ifndef WIN32\r
-#include <unistd.h>\r
-#endif\r
-#include <assert.h>\r
-\r
-#include <nettle/des.h>\r
-#include <nettle/cbc.h>\r
-#include <nettle/bignum.h>\r
-#include <rfb/CSecurityMSLogonII.h>\r
-#include <rfb/CConnection.h>\r
-#include <rdr/InStream.h>\r
-#include <rdr/OutStream.h>\r
-#include <rdr/RandomStream.h>\r
-#include <rfb/Exception.h>\r
-#include <os/os.h>\r
-\r
-using namespace rfb;\r
-\r
-CSecurityMSLogonII::CSecurityMSLogonII(CConnection* cc)\r
- : CSecurity(cc)\r
-{\r
- mpz_init(g);\r
- mpz_init(p);\r
- mpz_init(A);\r
- mpz_init(b);\r
- mpz_init(B);\r
- mpz_init(k);\r
-}\r
-\r
-CSecurityMSLogonII::~CSecurityMSLogonII()\r
-{\r
- mpz_clear(g);\r
- mpz_clear(p);\r
- mpz_clear(A);\r
- mpz_clear(b);\r
- mpz_clear(B);\r
- mpz_clear(k);\r
-}\r
-\r
-bool CSecurityMSLogonII::processMsg()\r
-{\r
- if (readKey()) {\r
- writeCredentials();\r
- return true;\r
- }\r
- return false;\r
-}\r
-\r
-bool CSecurityMSLogonII::readKey()\r
-{\r
- rdr::InStream* is = cc->getInStream();\r
- if (!is->hasData(24))\r
- return false;\r
- rdr::U8 gBytes[8];\r
- rdr::U8 pBytes[8];\r
- rdr::U8 ABytes[8];\r
- is->readBytes(gBytes, 8);\r
- is->readBytes(pBytes, 8);\r
- is->readBytes(ABytes, 8);\r
- nettle_mpz_set_str_256_u(g, 8, gBytes);\r
- nettle_mpz_set_str_256_u(p, 8, pBytes);\r
- nettle_mpz_set_str_256_u(A, 8, ABytes);\r
- return true;\r
-}\r
-\r
-void CSecurityMSLogonII::writeCredentials()\r
-{\r
- CharArray username;\r
- CharArray password;\r
- rdr::RandomStream rs;\r
-\r
- (CSecurity::upg)->getUserPasswd(isSecure(), &username.buf, &password.buf);\r
- rdr::U8Array bBytes(8);\r
- if (!rs.hasData(8))\r
- throw ConnFailedException("failed to generate DH private key");\r
- rs.readBytes(bBytes.buf, 8);\r
- nettle_mpz_set_str_256_u(b, 8, bBytes.buf);\r
- mpz_powm(k, A, b, p);\r
- mpz_powm(B, g, b, p);\r
-\r
- rdr::U8 key[8];\r
- rdr::U8 reversedKey[8];\r
- rdr::U8 BBytes[8];\r
- rdr::U8 user[256];\r
- rdr::U8 pass[64];\r
- nettle_mpz_get_str_256(8, key, k);\r
- nettle_mpz_get_str_256(8, BBytes, B);\r
- for (int i = 0; i < 8; ++i) {\r
- rdr::U8 x = 0;\r
- for (int j = 0; j < 8; ++j) {\r
- x |= ((key[i] >> j) & 1) << (7 - j);\r
- }\r
- reversedKey[i] = x;\r
- }\r
-\r
- if (!rs.hasData(256 + 64))\r
- throw ConnFailedException("failed to generate random padding");\r
- rs.readBytes(user, 256);\r
- rs.readBytes(pass, 64);\r
- size_t len = strlen(username.buf);\r
- if (len >= 256)\r
- throw AuthFailureException("username is too long");\r
- memcpy(user, username.buf, len + 1);\r
- len = strlen(password.buf);\r
- if (len >= 64)\r
- throw AuthFailureException("password is too long");\r
- memcpy(pass, password.buf, len + 1);\r
-\r
- // DES-CBC with the original key as IV, and the reversed one as the DES key\r
- struct CBC_CTX(struct des_ctx, DES_BLOCK_SIZE) ctx;\r
- des_fix_parity(8, reversedKey, reversedKey);\r
- des_set_key(&ctx.ctx, reversedKey);\r
- CBC_SET_IV(&ctx, key);\r
- CBC_ENCRYPT(&ctx, des_encrypt, 256, user, user);\r
- CBC_SET_IV(&ctx, key);\r
- CBC_ENCRYPT(&ctx, des_encrypt, 64, pass, pass);\r
-\r
- rdr::OutStream* os = cc->getOutStream();\r
- os->writeBytes(BBytes, 8);\r
- os->writeBytes(user, 256);\r
- os->writeBytes(pass, 64);\r
- os->flush();\r
-}\r
+/*
+ * Copyright (C) 2022 Dinglan Peng
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE
+#error "This header should not be compiled without HAVE_NETTLE defined"
+#endif
+
+#include <stdlib.h>
+#ifndef WIN32
+#include <unistd.h>
+#endif
+#include <assert.h>
+
+#include <nettle/des.h>
+#include <nettle/cbc.h>
+#include <nettle/bignum.h>
+#include <rfb/CSecurityMSLogonII.h>
+#include <rfb/CConnection.h>
+#include <rdr/InStream.h>
+#include <rdr/OutStream.h>
+#include <rdr/RandomStream.h>
+#include <rfb/Exception.h>
+#include <os/os.h>
+
+using namespace rfb;
+
+CSecurityMSLogonII::CSecurityMSLogonII(CConnection* cc)
+ : CSecurity(cc)
+{
+ mpz_init(g);
+ mpz_init(p);
+ mpz_init(A);
+ mpz_init(b);
+ mpz_init(B);
+ mpz_init(k);
+}
+
+CSecurityMSLogonII::~CSecurityMSLogonII()
+{
+ mpz_clear(g);
+ mpz_clear(p);
+ mpz_clear(A);
+ mpz_clear(b);
+ mpz_clear(B);
+ mpz_clear(k);
+}
+
+bool CSecurityMSLogonII::processMsg()
+{
+ if (readKey()) {
+ writeCredentials();
+ return true;
+ }
+ return false;
+}
+
+bool CSecurityMSLogonII::readKey()
+{
+ rdr::InStream* is = cc->getInStream();
+ if (!is->hasData(24))
+ return false;
+ rdr::U8 gBytes[8];
+ rdr::U8 pBytes[8];
+ rdr::U8 ABytes[8];
+ is->readBytes(gBytes, 8);
+ is->readBytes(pBytes, 8);
+ is->readBytes(ABytes, 8);
+ nettle_mpz_set_str_256_u(g, 8, gBytes);
+ nettle_mpz_set_str_256_u(p, 8, pBytes);
+ nettle_mpz_set_str_256_u(A, 8, ABytes);
+ return true;
+}
+
+void CSecurityMSLogonII::writeCredentials()
+{
+ CharArray username;
+ CharArray password;
+ rdr::RandomStream rs;
+
+ (CSecurity::upg)->getUserPasswd(isSecure(), &username.buf, &password.buf);
+ rdr::U8Array bBytes(8);
+ if (!rs.hasData(8))
+ throw ConnFailedException("failed to generate DH private key");
+ rs.readBytes(bBytes.buf, 8);
+ nettle_mpz_set_str_256_u(b, 8, bBytes.buf);
+ mpz_powm(k, A, b, p);
+ mpz_powm(B, g, b, p);
+
+ rdr::U8 key[8];
+ rdr::U8 reversedKey[8];
+ rdr::U8 BBytes[8];
+ rdr::U8 user[256];
+ rdr::U8 pass[64];
+ nettle_mpz_get_str_256(8, key, k);
+ nettle_mpz_get_str_256(8, BBytes, B);
+ for (int i = 0; i < 8; ++i) {
+ rdr::U8 x = 0;
+ for (int j = 0; j < 8; ++j) {
+ x |= ((key[i] >> j) & 1) << (7 - j);
+ }
+ reversedKey[i] = x;
+ }
+
+ if (!rs.hasData(256 + 64))
+ throw ConnFailedException("failed to generate random padding");
+ rs.readBytes(user, 256);
+ rs.readBytes(pass, 64);
+ size_t len = strlen(username.buf);
+ if (len >= 256)
+ throw AuthFailureException("username is too long");
+ memcpy(user, username.buf, len + 1);
+ len = strlen(password.buf);
+ if (len >= 64)
+ throw AuthFailureException("password is too long");
+ memcpy(pass, password.buf, len + 1);
+
+ // DES-CBC with the original key as IV, and the reversed one as the DES key
+ struct CBC_CTX(struct des_ctx, DES_BLOCK_SIZE) ctx;
+ des_fix_parity(8, reversedKey, reversedKey);
+ des_set_key(&ctx.ctx, reversedKey);
+ CBC_SET_IV(&ctx, key);
+ CBC_ENCRYPT(&ctx, des_encrypt, 256, user, user);
+ CBC_SET_IV(&ctx, key);
+ CBC_ENCRYPT(&ctx, des_encrypt, 64, pass, pass);
+
+ rdr::OutStream* os = cc->getOutStream();
+ os->writeBytes(BBytes, 8);
+ os->writeBytes(user, 256);
+ os->writeBytes(pass, 64);
+ os->flush();
+}
-/* \r
- * Copyright (C) 2022 Dinglan Peng\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifndef __C_SECURITY_MSLOGONII_H__\r
-#define __C_SECURITY_MSLOGONII_H__\r
-\r
-#ifndef HAVE_NETTLE\r
-#error "This header should not be compiled without HAVE_NETTLE defined"\r
-#endif\r
-\r
-#include <nettle/bignum.h>\r
-#include <rfb/CSecurity.h>\r
-#include <rfb/Security.h>\r
-\r
-namespace rfb {\r
- class CSecurityMSLogonII : public CSecurity {\r
- public:\r
- CSecurityMSLogonII(CConnection* cc);\r
- virtual ~CSecurityMSLogonII();\r
- virtual bool processMsg();\r
- virtual int getType() const { return secTypeMSLogonII; }\r
- virtual bool isSecure() const { return false; }\r
-\r
- private:\r
- bool readKey();\r
- void writeCredentials();\r
-\r
- mpz_t g, p, A, b, B, k;\r
- };\r
-}\r
-\r
-#endif\r
+/*
+ * Copyright (C) 2022 Dinglan Peng
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef __C_SECURITY_MSLOGONII_H__
+#define __C_SECURITY_MSLOGONII_H__
+
+#ifndef HAVE_NETTLE
+#error "This header should not be compiled without HAVE_NETTLE defined"
+#endif
+
+#include <nettle/bignum.h>
+#include <rfb/CSecurity.h>
+#include <rfb/Security.h>
+
+namespace rfb {
+ class CSecurityMSLogonII : public CSecurity {
+ public:
+ CSecurityMSLogonII(CConnection* cc);
+ virtual ~CSecurityMSLogonII();
+ virtual bool processMsg();
+ virtual int getType() const { return secTypeMSLogonII; }
+ virtual bool isSecure() const { return false; }
+
+ private:
+ bool readKey();
+ void writeCredentials();
+
+ mpz_t g, p, A, b, B, k;
+ };
+}
+
+#endif
-/* -*-mode:java; c-basic-offset:2; -*- */\r
-/*\r
-Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.\r
-\r
-Redistribution and use in source and binary forms, with or without\r
-modification, are permitted provided that the following conditions are met:\r
-\r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
-\r
- 2. Redistributions in binary form must reproduce the above copyright \r
- notice, this list of conditions and the following disclaimer in \r
- the documentation and/or other materials provided with the distribution.\r
-\r
- 3. The names of the authors may not be used to endorse or promote products\r
- derived from this software without specific prior written permission.\r
-\r
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,\r
-INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND\r
-FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,\r
-INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,\r
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\r
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,\r
-OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF\r
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING\r
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,\r
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\r
- */\r
-/*\r
- * This program is based on zlib-1.1.3, so all credit should go authors\r
- * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)\r
- * and contributors of zlib.\r
- */\r
-\r
-package com.jcraft.jzlib;\r
-\r
-public class ZStreamException extends java.io.IOException {\r
- public ZStreamException() {\r
- super();\r
- }\r
- public ZStreamException(String s) {\r
- super(s);\r
- }\r
-}\r
+/* -*-mode:java; c-basic-offset:2; -*- */
+/*
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and/or other materials provided with the distribution.
+
+ 3. The names of the authors may not be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+package com.jcraft.jzlib;
+
+public class ZStreamException extends java.io.IOException {
+ public ZStreamException() {
+ super();
+ }
+ public ZStreamException(String s) {
+ super(s);
+ }
+}
projects / tigervnc.git / commitdiff