Add support for different crypto implementations

pull/1/head
Gernot Tenchio 11 years ago
parent cb0340ccc5
commit bd9cae3d12
  1. 12
      libvncserver/Makefile.am
  2. 12
      libvncserver/rfbcrypto.h
  3. 50
      libvncserver/rfbcrypto_gnutls.c
  4. 49
      libvncserver/rfbcrypto_included.c
  5. 49
      libvncserver/rfbcrypto_openssl.c
  6. 26
      libvncserver/rfbcrypto_polarssl.c
  7. 51
      libvncserver/websockets.c

@ -15,16 +15,18 @@ endif
if WITH_WEBSOCKETS
if HAVE_LIBSSL
WEBSOCKETSSSLSRCS = rfbssl_openssl.c
WEBSOCKETSSSLSRCS = rfbssl_openssl.c rfbcrypto_openssl.c
WEBSOCKETSSSLLIBS = @SSL_LIBS@ @CRYPT_LIBS@
else
if HAVE_GNUTLS
WEBSOCKETSSSLSRCS = rfbssl_gnutls.c
WEBSOCKETSSSLSRCS = rfbssl_gnutls.c rfbcrypto_gnutls.c
WEBSOCKETSSSLLIBS = @GNUTLS_LIBS@
else
WEBSOCKETSSSLSRCS = rfbssl_none.c
WEBSOCKETSSSLSRCS = rfbssl_none.c rfbcrypto_included.c ../common/md5.c ../common/sha1.c
endif
endif
WEBSOCKETSSRCS = websockets.c ../common/md5.c ../common/sha1.c $(WEBSOCKETSSSLSRCS)
WEBSOCKETSSRCS = websockets.c $(WEBSOCKETSSSLSRCS)
endif
includedir=$(prefix)/include/rfb
@ -59,7 +61,7 @@ LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \
$(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS)
libvncserver_la_SOURCES=$(LIB_SRCS)
libvncserver_la_LIBADD=@SSL_LIBS@ @CRYPT_LIBS@
libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS)
lib_LTLIBRARIES=libvncserver.la

@ -0,0 +1,12 @@
#ifndef _RFB_CRYPTO_H
#define _RFB_CRYPTO_H 1
#include <sys/uio.h>
#define SHA1_HASH_SIZE 20
#define MD5_HASH_SIZE 16
void digestmd5(const struct iovec *iov, int iovcnt, void *dest);
void digestsha1(const struct iovec *iov, int iovcnt, void *dest);
#endif

@ -0,0 +1,50 @@
/*
* rfbcrypto_gnutls.c - Crypto wrapper (gnutls version)
*/
/*
* Copyright (C) 2011 Gernot Tenchio
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#include <string.h>
#include <gcrypt.h>
#include "rfbcrypto.h"
void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
{
gcry_md_hd_t c;
int i;
gcry_md_open(&c, GCRY_MD_MD5, 0);
for (i = 0; i < iovcnt; i++)
gcry_md_write(c, iov[i].iov_base, iov[i].iov_len);
gcry_md_final(c);
memcpy(dest, gcry_md_read(c, 0), gcry_md_get_algo_dlen(GCRY_MD_MD5));
}
void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
{
gcry_md_hd_t c;
int i;
gcry_md_open(&c, GCRY_MD_SHA1, 0);
for (i = 0; i < iovcnt; i++)
gcry_md_write(c, iov[i].iov_base, iov[i].iov_len);
gcry_md_final(c);
memcpy(dest, gcry_md_read(c, 0), gcry_md_get_algo_dlen(GCRY_MD_SHA1));
}

@ -0,0 +1,49 @@
/*
* rfbcrypto_included.c - Crypto wrapper (included version)
*/
/*
* Copyright (C) 2011 Gernot Tenchio
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#include <string.h>
#include "md5.h"
#include "sha1.h"
#include "rfbcrypto.h"
void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
{
md5_context c;
int i;
__md5_init_ctx(&c);
for (i = 0; i < iovcnt; i++)
__md5_process_bytes(&c, iov[i].iov_base, iov[i].iov_len);
__md5_finish_ctx(&c, dest);
}
void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
{
SHA1Context c;
int i;
SHA1Reset(&c);
for (i = 0; i < iovcnt; i++)
SHA1Input(&c, iov[i].iov_base, iov[i].iov_len);
SHA1Result(&c, dest);
}

@ -0,0 +1,49 @@
/*
* rfbcrypto_openssl.c - Crypto wrapper (openssl version)
*/
/*
* Copyright (C) 2011 Gernot Tenchio
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#include <string.h>
#include <openssl/sha.h>
#include <openssl/md5.h>
#include "rfbcrypto.h"
void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
{
MD5_CTX c;
int i;
MD5_Init(&c);
for (i = 0; i < iovcnt; i++)
MD5_Update(&c, iov[i].iov_base, iov[i].iov_len);
MD5_Final(dest, &c);
}
void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
{
SHA_CTX c;
int i;
SHA1_Init(&c);
for (i = 0; i < iovcnt; i++)
SHA1_Update(&c, iov[i].iov_base, iov[i].iov_len);
SHA1_Final(dest, &c);
}

@ -0,0 +1,26 @@
#include <string.h>
#include <polarssl/md5.h>
#include <polarssl/sha1.h>
#include "rfbcrypto.h"
void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
{
md5_context c;
int i;
md5_starts(&c);
for (i = 0; i < iovcnt; i++)
md5_update(&c, iov[i].iov_base, iov[i].iov_len);
md5_finish(dest, &c);
}
void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
{
sha1_context c;
int i;
sha1_starts(&c);
for (i = 0; i < iovcnt; i++)
sha1_update(&c, iov[i].iov_base, iov[i].iov_len);
sha1_finish(dest, &c);
}

@ -33,10 +33,9 @@
#include <byteswap.h>
#include <string.h>
#include "md5.h"
#include "sha1.h"
#include "rfbconfig.h"
#include "rfbssl.h"
#include "rfbcrypto.h"
#if defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && __BYTE_ORDER == __BIG_ENDIAN
#define WS_NTOH64(n) (n)
@ -165,36 +164,20 @@ min (int a, int b) {
return a < b ? a : b;
}
void
webSocketsGenSha1Key(char * target, int size, char *key)
static void webSocketsGenSha1Key(char *target, int size, char *key)
{
int len;
SHA1Context sha;
uint8_t digest[SHA1HashSize];
if (size < B64LEN(SHA1HashSize) + 1) {
rfbErr("webSocketsGenSha1Key: not enough space in target\n");
target[0] = '\0';
return;
}
SHA1Reset(&sha);
SHA1Input(&sha, (unsigned char *)key, strlen(key));
SHA1Input(&sha, (unsigned char *)GUID, strlen(GUID));
SHA1Result(&sha, digest);
len = __b64_ntop((unsigned char *)digest, SHA1HashSize, target, size);
if (len < size - 1) {
rfbErr("webSocketsGenSha1Key: b64_ntop failed\n");
target[0] = '\0';
return;
}
target[len] = '\0';
return;
struct iovec iov[2];
unsigned char hash[20];
iov[0].iov_base = key;
iov[0].iov_len = strlen(key);
iov[1].iov_base = GUID;
iov[1].iov_len = sizeof(GUID) - 1;
digestsha1(iov, 2, hash);
if (-1 == __b64_ntop(hash, sizeof(hash), target, size))
rfbErr("b64_ntop failed\n");
}
/*
* rfbWebSocketsHandshake is called to handle new WebSockets connections
*/
@ -389,7 +372,7 @@ webSocketsHandshake(rfbClientPtr cl, char *scheme)
*/
if (sec_ws_version) {
char accept[B64LEN(SHA1HashSize) + 1];
char accept[B64LEN(SHA1_HASH_SIZE) + 1];
rfbLog(" - WebSockets client version hybi-%02d\n", sec_ws_version);
webSocketsGenSha1Key(accept, sizeof(accept), sec_ws_key);
len = snprintf(response, WEBSOCKETS_MAX_HANDSHAKE_LEN,
@ -436,13 +419,15 @@ webSocketsHandshake(rfbClientPtr cl, char *scheme)
cl->wsctx = (wsCtx *)wsctx;
return TRUE;
}
void
webSocketsGenMd5(char * target, char *key1, char *key2, char *key3)
{
unsigned int i, spaces1 = 0, spaces2 = 0;
unsigned long num1 = 0, num2 = 0;
unsigned char buf[17];
struct iovec iov[1];
for (i=0; i < strlen(key1); i++) {
if (key1[i] == ' ') {
spaces1 += 1;
@ -477,7 +462,9 @@ webSocketsGenMd5(char * target, char *key1, char *key2, char *key3)
strncpy((char *)buf+8, key3, 8);
buf[16] = '\0';
md5_buffer((char *)buf, 16, target);
iov[0].iov_base = buf;
iov[0].iov_len = 16;
digestmd5(iov, 1, target);
target[16] = '\0';
return;

Loading…
Cancel
Save