27#if PPP_SUPPORT && MPPE_SUPPORT
39#define SHA1_SIGNATURE_SIZE 20
42#define MPPE_BIT_A 0x80
43#define MPPE_BIT_B 0x40
44#define MPPE_BIT_C 0x20
45#define MPPE_BIT_D 0x10
47#define MPPE_BIT_FLUSHED MPPE_BIT_A
48#define MPPE_BIT_ENCRYPTED MPPE_BIT_D
50#define MPPE_BITS(p) ((p)[0] & 0xf0)
51#define MPPE_CCOUNT(p) ((((p)[0] & 0x0f) << 8) + (p)[1])
52#define MPPE_CCOUNT_SPACE 0x1000
55#define SANITY_MAX 1600
61static void mppe_rekey(ppp_mppe_state *
state,
int initial_key)
63 lwip_sha1_context sha1_ctx;
64 u8_t sha1_digest[SHA1_SIGNATURE_SIZE];
70 lwip_sha1_init(&sha1_ctx);
71 lwip_sha1_starts(&sha1_ctx);
72 lwip_sha1_update(&sha1_ctx,
state->master_key,
state->keylen);
73 lwip_sha1_update(&sha1_ctx, mppe_sha1_pad1, SHA1_PAD_SIZE);
74 lwip_sha1_update(&sha1_ctx,
state->session_key,
state->keylen);
75 lwip_sha1_update(&sha1_ctx, mppe_sha1_pad2, SHA1_PAD_SIZE);
76 lwip_sha1_finish(&sha1_ctx, sha1_digest);
77 lwip_sha1_free(&sha1_ctx);
81 lwip_arc4_init(&
state->arc4);
82 lwip_arc4_setup(&
state->arc4, sha1_digest,
state->keylen);
84 lwip_arc4_free(&
state->arc4);
86 if (
state->keylen == 8) {
88 state->session_key[0] = 0xd1;
89 state->session_key[1] = 0x26;
90 state->session_key[2] = 0x9e;
92 lwip_arc4_init(&
state->arc4);
100void mppe_set_key(ppp_pcb *pcb, ppp_mppe_state *
state,
u8_t *
key) {
112 const u8_t *debugstr = (
const u8_t*)
"mppe_comp_init";
113 if (&pcb->mppe_decomp ==
state) {
114 debugstr = (
const u8_t*)
"mppe_decomp_init";
123 else if (
options & MPPE_OPT_40)
126 PPPDEBUG(
LOG_DEBUG, (
"%s[%d]: unknown key length\n", debugstr,
128 lcp_close(pcb,
"MPPE required but peer negotiation failed");
131 if (
options & MPPE_OPT_STATEFUL)
135 mppe_rekey(
state, 1);
140 char mkey[
sizeof(
state->master_key) * 2 + 1];
141 char skey[
sizeof(
state->session_key) * 2 + 1];
143 PPPDEBUG(
LOG_DEBUG, (
"%s[%d]: initialized with %d-bit %s mode\n",
144 debugstr, pcb->netif->num, (
state->keylen == 16) ? 128 : 40,
145 (
state->stateful) ?
"stateful" :
"stateless"));
147 for (
i = 0;
i < (
int)
sizeof(
state->master_key);
i++)
149 for (
i = 0;
i < (
int)
sizeof(
state->session_key);
i++)
152 (
"%s[%d]: keys: master: %s initial session: %s\n",
153 debugstr, pcb->netif->num, mkey, skey));
163 state->ccount = MPPE_CCOUNT_SPACE - 1;
169 state->bits = MPPE_BIT_ENCRYPTED;
181void mppe_comp_reset(ppp_pcb *pcb, ppp_mppe_state *
state)
184 state->bits |= MPPE_BIT_FLUSHED;
223 state->ccount = (
state->ccount + 1) % MPPE_CCOUNT_SPACE;
224 PPPDEBUG(
LOG_DEBUG, (
"mppe_compress[%d]: ccount %d\n", pcb->netif->num,
state->ccount));
226 pl[0] =
state->ccount>>8;
227 pl[1] =
state->ccount;
229 if (!
state->stateful ||
230 ((
state->ccount & 0xff) == 0xff) ||
231 (
state->bits & MPPE_BIT_FLUSHED)) {
233 if (
state->stateful) {
234 PPPDEBUG(
LOG_DEBUG, (
"mppe_compress[%d]: rekeying\n", pcb->netif->num));
236 mppe_rekey(
state, 0);
237 state->bits |= MPPE_BIT_FLUSHED;
239 pl[0] |=
state->bits;
240 state->bits &= ~MPPE_BIT_FLUSHED;
253 lwip_arc4_crypt(&
state->arc4, (
u8_t*)
n->payload,
n->len);
254 if (
n->tot_len ==
n->len) {
268void mppe_decomp_reset(ppp_pcb *pcb, ppp_mppe_state *
state)
279mppe_decompress(ppp_pcb *pcb, ppp_mppe_state *
state,
struct pbuf **pb)
281 struct pbuf *n0 = *pb, *
n;
287 if (n0->
len < MPPE_OVHD) {
289 (
"mppe_decompress[%d]: short pkt (%d)\n",
290 pcb->netif->num, n0->
len));
291 state->sanity_errors += 100;
296 flushed = MPPE_BITS(pl) & MPPE_BIT_FLUSHED;
297 ccount = MPPE_CCOUNT(pl);
298 PPPDEBUG(
LOG_DEBUG, (
"mppe_decompress[%d]: ccount %d\n",
299 pcb->netif->num, ccount));
302 if (!(MPPE_BITS(pl) & MPPE_BIT_ENCRYPTED)) {
304 (
"mppe_decompress[%d]: ENCRYPTED bit not set!\n",
306 state->sanity_errors += 100;
309 if (!
state->stateful && !flushed) {
310 PPPDEBUG(
LOG_DEBUG, (
"mppe_decompress[%d]: FLUSHED bit not set in "
311 "stateless mode!\n", pcb->netif->num));
312 state->sanity_errors += 100;
315 if (
state->stateful && ((ccount & 0xff) == 0xff) && !flushed) {
316 PPPDEBUG(
LOG_DEBUG, (
"mppe_decompress[%d]: FLUSHED bit not set on "
317 "flag packet!\n", pcb->netif->num));
318 state->sanity_errors += 100;
326 if (!
state->stateful) {
328 if ((ccount -
state->ccount) % MPPE_CCOUNT_SPACE > MPPE_CCOUNT_SPACE / 2) {
329 state->sanity_errors++;
334 while (
state->ccount != ccount) {
335 mppe_rekey(
state, 0);
336 state->ccount = (
state->ccount + 1) % MPPE_CCOUNT_SPACE;
340 if (!
state->discard) {
342 state->ccount = (
state->ccount + 1) % MPPE_CCOUNT_SPACE;
343 if (ccount !=
state->ccount) {
350 ccp_resetrequest(pcb);
360 while ((ccount & ~0xff) !=
361 (
state->ccount & ~0xff)) {
362 mppe_rekey(
state, 0);
365 256) % MPPE_CCOUNT_SPACE;
370 state->ccount = ccount;
381 mppe_rekey(
state, 0);
389 lwip_arc4_crypt(&
state->arc4, (
u8_t*)
n->payload,
n->len);
390 if (
n->tot_len ==
n->len) {
396 state->sanity_errors >>= 1;
401 if (
state->sanity_errors >= SANITY_MAX) {
407 lcp_close(pcb,
"Too many MPPE errors");
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define LWIP_UNUSED_ARG(x)
struct pbuf * pbuf_alloc(pbuf_layer layer, u16_t length, pbuf_type type)
u8_t pbuf_free(struct pbuf *p)
err_t pbuf_copy(struct pbuf *p_to, const struct pbuf *p_from)
#define MEMCPY(DST, SRC, BYTES)
#define sprintf(buf, format,...)
u8_t pbuf_add_header(struct pbuf *p, size_t header_size_increment)
u8_t pbuf_remove_header(struct pbuf *p, size_t header_size_decrement)