vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

2010-01-07 Vladimir Serbinenko <phcoder@gmail.com>

Browse source 
Merge crypto branch.

	* Makefile.in (pkglib_DATA):  Add crypto.lst.
	(crypto.lst): New target.
	* commands/hashsum.c: New file.
	* commands/password.c (check_password): Use grub_crypto_memcmp.
	* commands/password_pbkdf2.c: New file.
	* commands/xnu_uuid.c: Remove MD5. Use GRUB_MD_MD5.
	* conf/any-emu.rmk (grub_emu_SOURCES): Add lib/crypto.c,
	normal/crypto.c and lib/libgcrypt-grub/cipher/md5.c.
	(grub_emu_CFLAGS): Add -Wno-missing-field-initializers -Wno-error
	-I$(srcdir)/lib/libgcrypt_wrap.
	* conf/common.rmk (normal_mod_SOURCES): Add normal/crypto.c.
	(pkglib_MODULES): Add crypto.mod, hashsum.mod, pbkdf2.mod and
	password_pbkdf2.mod.
	(crypto_mod_SOURCES): New variable.
	(crypto_mod_CFLAGS): Likewise.
	(crypto_mod_LDFLAGS): Likewise.
	(hashsum_mod_SOURCES): New variable.
	(hashsum_mod_CFLAGS): Likewise.
	(hashsum_mod_LDFLAGS): Likewise.
	(pbkdf2_mod_SOURCES): New variable.
	(pbkdf2_mod_CFLAGS): Likewise.
	(pbkdf2_mod_LDFLAGS): Likewise.
	(password_pbkdf2_mod_SOURCES): New variable.
	(password_pbkdf2_mod_CFLAGS): Likewise.
	(password_pbkdf2_mod_LDFLAGS): Likewise.
	(bin_UTILITIES): Add grub-mkpasswd-pbkdf2.
	(grub_mkpasswd_pbkdf2_SOURCES): New variable.
	(grub_mkpasswd_pbkdf2_CFLAGS): Likewise.
	Include conf/gcry.rmk.
	* include/grub/auth.h: Rewritten.
	* include/grub/crypto.h: New file.
	* include/grub/disk.h (grub_disk_dev_id): Add GRUB_DISK_DEVICE_LUKS_ID.
	* include/grub/normal.h (read_crypto_list): New prototype.
	* lib/crypto.c: New file.
	* lib/libgcrypt_wrap/cipher_wrap.h: Likewise.
	* lib/pbkdf2.c: Likewise.
	* normal/auth.c (grub_auth_strcmp): Removed.
	(grub_iswordseparator): Likewise.
	(grub_auth_strword): Likewise.
	(is_authenticated): Use grub_strword.
	(grub_auth_check_authentication): Use grub_strcmp, grub_password_get
	and grub_strword. Pass entered password to authentication callback.
	* normal/crypto.c: New file.
	* normal/main.c: Call read_crypto_list.
	* util/grub-mkpasswd-pbkdf2.c: New file.
	* util/import_gcry.py: Generate crypto.lst. Add hash blocklen.
This commit is contained in:
Vladimir 'phcoder' Serbinenko 2010-01-07 01:13:01 +01:00
commit 607a3701db
21 changed files with 2086 additions and 414 deletions
Download patch file Download diff file Expand all files Collapse all files

278
commands/hashsum.c Normal file
View file

@ -0,0 +1,278 @@
/*
* GRUB -- GRand Unified Bootloader
* Copyright (C) 2009 Free Software Foundation, Inc.
*
* GRUB is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* GRUB is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
#include <grub/dl.h>
#include <grub/extcmd.h>
#include <grub/file.h>
#include <grub/disk.h>
#include <grub/mm.h>
#include <grub/misc.h>
#include <grub/crypto.h>
#include <grub/normal.h>
static const struct grub_arg_option options[] = {
{"hash", 'h', 0, "Specify hash to use.", "HASH", ARG_TYPE_STRING},
{"check", 'c', 0, "Check hash list file.", "FILE", ARG_TYPE_STRING},
{"prefix", 'p', 0, "Base directory for hash list.", "DIRECTORY",
ARG_TYPE_STRING},
{"keep-going", 'k', 0, "Don't stop after first error.", 0, 0},
{0, 0, 0, 0, 0, 0}
};
struct { const char *name; const char *hashname; } aliases[] =
{
{"sha256sum", "sha256"},
{"sha512sum", "sha512"},
{"md5sum", "md5"},
};
static inline int
hextoval (char c)
{
if (c >= '0' && c <= '9')
return c - '0';
if (c >= 'a' && c <= 'f')
return c - 'a' + 10;
if (c >= 'A' && c <= 'F')
return c - 'A' + 10;
return -1;
}
static grub_err_t
hash_file (grub_file_t file, const gcry_md_spec_t *hash, void *result)
{
grub_uint8_t context[hash->contextsize];
char *readbuf[4096];
grub_memset (context, 0, sizeof (context));
hash->init (context);
while (1)
{
grub_ssize_t r;
r = grub_file_read (file, readbuf, sizeof (readbuf));
if (r < 0)
return grub_errno;
if (r == 0)
break;
hash->write (context, readbuf, r);
}
hash->final (context);
grub_memcpy (result, hash->read (context), hash->mdlen);
return GRUB_ERR_NONE;
}
static grub_err_t
check_list (const gcry_md_spec_t *hash, const char *hashfilename,
const char *prefix, int keep)
{
grub_file_t hashlist, file;
char *buf = NULL;
grub_uint8_t expected[hash->mdlen];
grub_uint8_t actual[hash->mdlen];
grub_err_t err;
unsigned i;
unsigned unread = 0, mismatch = 0;
hashlist = grub_file_open (hashfilename);
if (!hashlist)
return grub_errno;
while (grub_free (buf), (buf = grub_file_getline (hashlist)))
{
const char *p = buf;
for (i = 0; i < hash->mdlen; i++)
{
int high, low;
high = hextoval (*p++);
low = hextoval (*p++);
if (high < 0 || low < 0)
return grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid hash list");
expected[i] = (high << 4) | low;
}
if (*p++ != ' ' || *p++ != ' ')
return grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid hash list");
if (prefix)
{
char *filename;
filename = grub_malloc (grub_strlen (prefix)
+ grub_strlen (p) + 2);
if (!filename)
return grub_errno;
grub_sprintf (filename, "%s/%s", prefix, p);
file = grub_file_open (filename);
grub_free (filename);
}
else
file = grub_file_open (p);
if (!file)
{
grub_file_close (hashlist);
grub_free (buf);
return grub_errno;
}
err = hash_file (file, hash, actual);
grub_file_close (file);
if (err)
{
grub_printf ("%s: READ ERROR\n", p);
if (!keep)
{
grub_file_close (hashlist);
grub_free (buf);
return err;
}
grub_print_error ();
grub_errno = GRUB_ERR_NONE;
unread++;
continue;
}
if (grub_crypto_memcmp (expected, actual, hash->mdlen) != 0)
{
grub_printf ("%s: HASH MISMATCH\n", p);
if (!keep)
{
grub_file_close (hashlist);
grub_free (buf);
return grub_error (GRUB_ERR_TEST_FAILURE,
"hash of '%s' mismatches", p);
}
mismatch++;
continue;
}
grub_printf ("%s: OK\n", p);
}
if (mismatch || unread)
return grub_error (GRUB_ERR_TEST_FAILURE,
"%d files couldn't be read and hash "
"of %d files mismatches", unread, mismatch);
return GRUB_ERR_NONE;
}
static grub_err_t
grub_cmd_hashsum (struct grub_extcmd *cmd,
int argc, char **args)
{
struct grub_arg_list *state = cmd->state;
const char *hashname = NULL;
const char *prefix = NULL;
const gcry_md_spec_t *hash;
unsigned i;
int keep = state[3].set;
unsigned unread = 0;
for (i = 0; i < ARRAY_SIZE (aliases); i++)
if (grub_strcmp (cmd->cmd->name, aliases[i].name) == 0)
hashname = aliases[i].hashname;
if (state[0].set)
hashname = state[0].arg;
if (!hashname)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no hash specified");
hash = grub_crypto_lookup_md_by_name (hashname);
if (!hash)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "unknown hash");
if (state[2].set)
prefix = state[2].arg;
if (state[1].set)
{
if (argc != 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT,
"--check is incompatible with file list");
return check_list (hash, state[1].arg, prefix, keep);
}
for (i = 0; i < (unsigned) argc; i++)
{
grub_uint8_t result[hash->mdlen];
grub_file_t file;
grub_err_t err;
unsigned j;
file = grub_file_open (args[i]);
if (!file)
{
if (!keep)
return grub_errno;
grub_print_error ();
grub_errno = GRUB_ERR_NONE;
unread++;
continue;
}
err = hash_file (file, hash, result);
grub_file_close (file);
if (err)
{
if (!keep)
return err;
grub_print_error ();
grub_errno = GRUB_ERR_NONE;
unread++;
continue;
}
for (j = 0; j < hash->mdlen; j++)
grub_printf ("%02x", result[j]);
grub_printf (" %s\n", args[i]);
}
if (unread)
return grub_error (GRUB_ERR_TEST_FAILURE, "%d files couldn't be read.",
unread);
return GRUB_ERR_NONE;
}
static grub_extcmd_t cmd, cmd_md5, cmd_sha256, cmd_sha512;
GRUB_MOD_INIT(hashsum)
{
cmd = grub_register_extcmd ("hashsum", grub_cmd_hashsum,
GRUB_COMMAND_FLAG_BOTH,
"hashsum -h HASH [-c FILE [-p PREFIX]] "
"[FILE1 [FILE2 ...]]",
"Compute or check hash checksum.",
options);
cmd_md5 = grub_register_extcmd ("md5sum", grub_cmd_hashsum,
GRUB_COMMAND_FLAG_BOTH,
"md5sum [-c FILE [-p PREFIX]] "
"[FILE1 [FILE2 ...]]",
"Compute or check hash checksum.",
options);
cmd_sha256 = grub_register_extcmd ("sha256sum", grub_cmd_hashsum,
GRUB_COMMAND_FLAG_BOTH,
"sha256sum [-c FILE [-p PREFIX]] "
"[FILE1 [FILE2 ...]]",
"Compute or check hash checksum.",
options);
cmd_sha512 = grub_register_extcmd ("sha512sum", grub_cmd_hashsum,
GRUB_COMMAND_FLAG_BOTH,
"sha512sum [-c FILE [-p PREFIX]] "
"[FILE1 [FILE2 ...]]",
"Compute or check hash checksum.",
options);
}
GRUB_MOD_FINI(hashsum)
{
grub_unregister_extcmd (cmd);
grub_unregister_extcmd (cmd_md5);
grub_unregister_extcmd (cmd_sha256);
grub_unregister_extcmd (cmd_sha512);
}

19
commands/password.c
View file

@ -17,6 +17,7 @@
*/
#include <grub/auth.h>
#include <grub/crypto.h>
#include <grub/list.h>
#include <grub/mm.h>
#include <grub/misc.h>
@ -28,17 +29,10 @@
static grub_dl_t my_mod;
static grub_err_t
check_password (const char *user,
check_password (const char *user, const char *entered,
void *password)
{
char entered[1024];
grub_memset (entered, 0, sizeof (entered));
if (!GRUB_GET_PASSWORD (entered, sizeof (entered) - 1))
return GRUB_ACCESS_DENIED;
if (grub_auth_strcmp (entered, password) != 0)
if (grub_crypto_memcmp (entered, password, GRUB_AUTH_MAX_PASSLEN) != 0)
return GRUB_ACCESS_DENIED;
grub_auth_authenticate (user);
@ -52,13 +46,18 @@ grub_cmd_password (grub_command_t cmd __attribute__ ((unused)),
{
grub_err_t err;
char *pass;
int copylen;
if (argc != 2)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "two arguments expected");
pass = grub_strdup (args[1]);
pass = grub_zalloc (GRUB_AUTH_MAX_PASSLEN);
if (!pass)
return grub_errno;
copylen = grub_strlen (args[1]);
if (copylen >= GRUB_AUTH_MAX_PASSLEN)
copylen = GRUB_AUTH_MAX_PASSLEN - 1;
grub_memcpy (pass, args[1], copylen);
err = grub_auth_register_authentication (args[0], check_password, pass);
if (err)

196
commands/password_pbkdf2.c Normal file
View file

@ -0,0 +1,196 @@
/*
* GRUB -- GRand Unified Bootloader
* Copyright (C) 2009 Free Software Foundation, Inc.
*
* GRUB is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* GRUB is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
#include <grub/auth.h>
#include <grub/crypto.h>
#include <grub/list.h>
#include <grub/mm.h>
#include <grub/misc.h>
#include <grub/env.h>
#include <grub/normal.h>
#include <grub/dl.h>
static grub_dl_t my_mod;
struct pbkdf2_password
{
grub_uint8_t *salt;
grub_size_t saltlen;
unsigned int c;
grub_uint8_t *expected;
grub_size_t buflen;
};
static grub_err_t
check_password (const char *user, const char *entered, void *pin)
{
grub_uint8_t *buf;
struct pbkdf2_password *pass = pin;
gcry_err_code_t err;
buf = grub_malloc (pass->buflen);
if (!buf)
return grub_crypto_gcry_error (GPG_ERR_OUT_OF_MEMORY);
err = grub_crypto_pbkdf2 (GRUB_MD_SHA512, (grub_uint8_t *) entered,
grub_strlen (entered),
pass->salt, pass->saltlen, pass->c,
buf, pass->buflen);
if (err)
{
grub_free (buf);
return grub_crypto_gcry_error (err);
}
if (grub_crypto_memcmp (buf, pass->expected, pass->buflen) != 0)
return GRUB_ACCESS_DENIED;
grub_auth_authenticate (user);
return GRUB_ERR_NONE;
}
static inline int
hex2val (char hex)
{
if ('0' <= hex && hex <= '9')
return hex - '0';
if ('a' <= hex && hex <= 'f')
return hex - 'a' + 10;
if ('A' <= hex && hex <= 'F')
return hex - 'A' + 10;
return -1;
}
static grub_err_t
grub_cmd_password (grub_command_t cmd __attribute__ ((unused)),
int argc, char **args)
{
grub_err_t err;
char *ptr, *ptr2;
grub_uint8_t *ptro;
struct pbkdf2_password *pass;
if (argc != 2)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Two arguments expected.");
if (grub_memcmp (args[1], "grub.pbkdf2.sha512.",
sizeof ("grub.pbkdf2.sha512.") - 1) != 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Incorrect PBKDF2 password.");
ptr = args[1] + sizeof ("grub.pbkdf2.sha512.") - 1;
pass = grub_malloc (sizeof (*pass));
if (!pass)
return grub_errno;
pass->c = grub_strtoul (ptr, &ptr, 0);
if (*ptr != '.')
{
grub_free (pass);
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Incorrect PBKDF2 password.");
}
ptr++;
ptr2 = grub_strchr (ptr, '.');
if (!ptr2 || ((ptr2 - ptr) & 1) || grub_strlen (ptr2 + 1) & 1)
{
grub_free (pass);
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Incorrect PBKDF2 password.");
}
pass->saltlen = (ptr2 - ptr) >> 1;
pass->buflen = grub_strlen (ptr2 + 1) >> 1;
ptro = pass->salt = grub_malloc (pass->saltlen);
if (!ptro)
{
grub_free (pass);
return grub_errno;
}
while (ptr < ptr2)
{
int hex1, hex2;
hex1 = hex2val (*ptr);
ptr++;
hex2 = hex2val (*ptr);
ptr++;
if (hex1 < 0 || hex2 < 0)
{
grub_free (pass->salt);
grub_free (pass);
return grub_error (GRUB_ERR_BAD_ARGUMENT,
"Incorrect PBKDF2 password.");
}
*ptro = (hex1 << 4) | hex2;
ptro++;
}
ptro = pass->expected = grub_malloc (pass->buflen);
if (!ptro)
{
grub_free (pass->salt);
grub_free (pass);
return grub_errno;
}
ptr = ptr2 + 1;
ptr2 += grub_strlen (ptr2);
while (ptr < ptr2)
{
int hex1, hex2;
hex1 = hex2val (*ptr);
ptr++;
hex2 = hex2val (*ptr);
ptr++;
if (hex1 < 0 || hex2 < 0)
{
grub_free (pass->expected);
grub_free (pass->salt);
grub_free (pass);
return grub_error (GRUB_ERR_BAD_ARGUMENT,
"Incorrect PBKDF2 password.");
}
*ptro = (hex1 << 4) | hex2;
ptro++;
}
err = grub_auth_register_authentication (args[0], check_password, pass);
if (err)
{
grub_free (pass);
return err;
}
grub_dl_ref (my_mod);
return GRUB_ERR_NONE;
}
static grub_command_t cmd;
GRUB_MOD_INIT(password_pbkdf2)
{
my_mod = mod;
cmd = grub_register_command ("password_pbkdf2", grub_cmd_password,
"password_pbkdf2 USER PBKDF2_PASSWORD",
"Set user password (PBKDF2). ");
}
GRUB_MOD_FINI(password_pbkdf2)
{
grub_unregister_command (cmd);
}

311
commands/xnu_uuid.c
View file

@ -32,12 +32,7 @@
#include <grub/env.h>
#include <grub/command.h>
#include <grub/i18n.h>
struct tohash
{
grub_uint8_t prefix[16];
grub_uint64_t serial;
} __attribute__ ((packed));
#include <grub/crypto.h>
/* This prefix is used by xnu and boot-132 to hash
together with volume serial. */
@ -45,311 +40,27 @@ static grub_uint8_t hash_prefix[16]
= {0xB3, 0xE2, 0x0F, 0x39, 0xF2, 0x92, 0x11, 0xD6,
0x97, 0xA4, 0x00, 0x30, 0x65, 0x43, 0xEC, 0xAC};
#define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
#define ror(x,n) ( ((x) >> (n)) | ((x) << (32-(n))) )
typedef struct {
grub_uint32_t A,B,C,D; /* chaining variables */
grub_uint32_t nblocks;
grub_uint8_t buf[64];
int count;
} MD5_CONTEXT;
static void
md5_init( void *context )
{
MD5_CONTEXT *ctx = context;
ctx->A = 0x67452301;
ctx->B = 0xefcdab89;
ctx->C = 0x98badcfe;
ctx->D = 0x10325476;
ctx->nblocks = 0;
ctx->count = 0;
}
/* These are the four functions used in the four steps of the MD5 algorithm
and defined in the RFC 1321. The first function is a little bit optimized
(as found in Colin Plumbs public domain implementation). */
/* #define FF(b, c, d) ((b & c) | (~b & d)) */
#define FF(b, c, d) (d ^ (b & (c ^ d)))
#define FG(b, c, d) FF (d, b, c)
#define FH(b, c, d) (b ^ c ^ d)
#define FI(b, c, d) (c ^ (b | ~d))
/****************
* transform n*64 grub_uint8_ts
*/
static void
transform ( MD5_CONTEXT *ctx, const unsigned char *data )
{
grub_uint32_t correct_words[16];
register grub_uint32_t A = ctx->A;
register grub_uint32_t B = ctx->B;
register grub_uint32_t C = ctx->C;
register grub_uint32_t D = ctx->D;
grub_uint32_t *cwp = correct_words;
#ifdef GRUB_CPU_WORDS_BIGENDIAN
{
int i;
const grub_uint32_t *p = (const grub_uint32_t *) data;
for (i = 0; i < 16; i++)
correct_words[i] = grub_le_to_cpu32 (p[i]);
}
#else
grub_memcpy (correct_words, data, 64);
#endif
#define OP(a, b, c, d, s, T) \
do \
{ \
a += FF (b, c, d) + (*cwp++) + T; \
a = rol(a, s); \
a += b; \
} \
while (0)
/* Before we start, one word about the strange constants.
They are defined in RFC 1321 as
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
*/
/* Round 1. */
OP (A, B, C, D, 7, 0xd76aa478);
OP (D, A, B, C, 12, 0xe8c7b756);
OP (C, D, A, B, 17, 0x242070db);
OP (B, C, D, A, 22, 0xc1bdceee);
OP (A, B, C, D, 7, 0xf57c0faf);
OP (D, A, B, C, 12, 0x4787c62a);
OP (C, D, A, B, 17, 0xa8304613);
OP (B, C, D, A, 22, 0xfd469501);
OP (A, B, C, D, 7, 0x698098d8);
OP (D, A, B, C, 12, 0x8b44f7af);
OP (C, D, A, B, 17, 0xffff5bb1);
OP (B, C, D, A, 22, 0x895cd7be);
OP (A, B, C, D, 7, 0x6b901122);
OP (D, A, B, C, 12, 0xfd987193);
OP (C, D, A, B, 17, 0xa679438e);
OP (B, C, D, A, 22, 0x49b40821);
#undef OP
#define OP(f, a, b, c, d, k, s, T) \
do \
{ \
a += f (b, c, d) + correct_words[k] + T; \
a = rol(a, s); \
a += b; \
} \
while (0)
/* Round 2. */
OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
OP (FG, D, A, B, C, 6, 9, 0xc040b340);
OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
OP (FG, D, A, B, C, 10, 9, 0x02441453);
OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
/* Round 3. */
OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
OP (FH, D, A, B, C, 8, 11, 0x8771f681);
OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
OP (FH, B, C, D, A, 6, 23, 0x04881d05);
OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
/* Round 4. */
OP (FI, A, B, C, D, 0, 6, 0xf4292244);
OP (FI, D, A, B, C, 7, 10, 0x432aff97);
OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
OP (FI, C, D, A, B, 6, 15, 0xa3014314);
OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
/* Put checksum in context given as argument. */
ctx->A += A;
ctx->B += B;
ctx->C += C;
ctx->D += D;
}
/* The routine updates the message-digest context to
* account for the presence of each of the characters inBuf[0..inLen-1]
* in the message whose digest is being computed.
*/
static void
md5_write( void *context, const void *inbuf_arg , grub_size_t inlen)
{
const unsigned char *inbuf = inbuf_arg;
MD5_CONTEXT *hd = context;
if( hd->count == 64 ) /* flush the buffer */
{
transform( hd, hd->buf );
// _gcry_burn_stack (80+6*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->count )
{
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
md5_write( hd, NULL, 0 );
if( !inlen )
return;
}
// _gcry_burn_stack (80+6*sizeof(void*));
while( inlen >= 64 )
{
transform( hd, inbuf );
hd->count = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
}
/* The routine final terminates the message-digest computation and
* ends with the desired message digest in mdContext->digest[0...15].
* The handle is prepared for a new MD5 cycle.
* Returns 16 grub_uint8_ts representing the digest.
*/
static void
md5_final( void *context)
{
MD5_CONTEXT *hd = context;
grub_uint32_t t, msb, lsb;
grub_uint32_t *p;
md5_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a grub_uint8_t count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) /* enough room */
{
hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else /* need one extra block */
{
hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
md5_write(hd, NULL, 0); /* flush */;
grub_memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = lsb ;
hd->buf[57] = lsb >> 8;
hd->buf[58] = lsb >> 16;
hd->buf[59] = lsb >> 24;
hd->buf[60] = msb ;
hd->buf[61] = msb >> 8;
hd->buf[62] = msb >> 16;
hd->buf[63] = msb >> 24;
transform( hd, hd->buf );
// _gcry_burn_stack (80+6*sizeof(void*));
p = (grub_uint32_t *) hd->buf;
#define X(a) do { *p = grub_le_to_cpu32 (hd->a); p++; } while (0)
X(A);
X(B);
X(C);
X(D);
#undef X
}
/**
* GRUB2 Crypto Interface
* Written by Michael Gorven
*/
static grub_err_t
md5 (const char *in, grub_size_t insize, char *out)
{
MD5_CONTEXT hd;
md5_init (&hd);
md5_write (&hd, in, insize);
md5_final (&hd);
grub_memcpy (out, hd.buf, 16);
return GRUB_ERR_NONE;
}
static grub_err_t
grub_cmd_xnu_uuid (grub_command_t cmd __attribute__ ((unused)),
int argc, char **args)
{
struct tohash hashme;
grub_uint8_t xnu_uuid[16];
grub_uint64_t serial;
grub_uint8_t *xnu_uuid;
char uuid_string[sizeof ("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx")];
char *ptr;
grub_uint8_t ctx[GRUB_MD_MD5->contextsize];
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "UUID required");
hashme.serial = grub_cpu_to_be64 (grub_strtoull (args[0], 0, 16));
grub_memcpy (hashme.prefix, hash_prefix, sizeof (hashme.prefix));
serial = grub_cpu_to_be64 (grub_strtoull (args[0], 0, 16));
GRUB_MD_MD5->init (&ctx);
GRUB_MD_MD5->write (&ctx, hash_prefix, sizeof (hash_prefix));
GRUB_MD_MD5->write (&ctx, &serial, sizeof (serial));
GRUB_MD_MD5->final (&ctx);
xnu_uuid = GRUB_MD_MD5->read (&ctx);
md5 ((char *) &hashme, sizeof (hashme), (char *) xnu_uuid);
grub_sprintf (uuid_string,
"%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
(unsigned int) xnu_uuid[0], (unsigned int) xnu_uuid[1],