digt.cpp

伯克利做的SFTP安全文件传输协议

// digt.cpp
// code for digt.h
// copyright SafeTP Development Group, Inc., 2000  Terms of use are as specified in license.txt

#include "digt.h"       // this module
#include "ssha.h"       // SHA
#include "request.h"    // Request
#include "reply.h"      // Reply


// thread safety: we assume this is only changed during global
// initialization, e.g. processing command-line parameters
bool DigestComputer::echoDigestInput = false;


DigestComputer::DigestComputer()
  : sha(new SHA()),
    computedDigt(SHA::DIGESTSIZE),      // allocate space now
    alreadyComputed(false)
{}

DigestComputer::~DigestComputer()
{
  delete sha;
}


void DigestComputer::add(Request const &req)
{
  // Request stores the exact string sent by the client, except for
  // the CRLF, which is always removed (but nothing else is).

  string const &s = req.getText();
  add((byte const*)s.pcharc(), s.length());
  add((byte const*)"\r\n", 2);        // CRLF
}


void DigestComputer::add(Reply const &reply)
{
  // --- older comments ---
  // Reply does not store an exact string.  However, I am the server,
  // and get to choose my reply formats.  In particular, I always send
  // precisely what reply.getAllText returns (that fn adds the CRLF),
  // so I have the luxury here of just relying on that fact.  (This is
  // only true while I am not relaying ftpd's replies; but since DIGT
  // only applies to authentication, it's ok.)

  // --- newer comments ---
  // Obviously, this is now an independent module, used by both sftpd
  // and sftpc.  sftpd still gets to assume replies are of the form
  // decribed above, but sftpc is taking a risk in that assumption, if
  // it uses this routine (as opposed to the char* version below).

  string s = reply.getAllText();
  add((byte const*)s.pcharc(), s.length());
    // includes CRLF
}


// this is separated from the main add() function so we
// don't have to create and destroy a DataBlock if
// we don't use it
static void echoInput(byte const *buffer, int length)
{
  DataBlock block(buffer, length);
  block.print("adding to DIGT");
}


void DigestComputer::add(byte const *buffer, int length)
{
  xassert(!alreadyComputed);    // can't continue adding after extracting
  sha->Update(buffer, length);

  // print what is being added
  if (echoDigestInput) {
    echoInput(buffer, length);
  }
}


DataBlock DigestComputer::getDigt()
{
  // retrieve the digest from SHA
  if (!alreadyComputed) {
    sha->Final(computedDigt.getData());
    computedDigt.setDataLen(sha->DigestSize());
    alreadyComputed = true;
  }

  return computedDigt;
}


// ----------------- test code ---------------------
#ifdef TEST_DIGT

#include "test.h"        // USUAL_MAIN
#include <string.h>      // strlen
#include "base64t.h"     // base64encode

void adds(DigestComputer &digt, char const *str)
{
  digt.add((byte const*)str, strlen(str));
}

string b64i(char const *prefix, char const *adat, char const *final)
{
  string b64 = base64encode(DataBlock(adat));
  return stringb(prefix << b64 << final);
}


void entry()
{
  DigestComputer::echoDigestInput = true;

  // compute the DIGT of the authentication sequence
  // for X-Cleartext2 (broken up to match how it is
  // actually passed by sftpd)
  DigestComputer digt;
  adds(digt, "AUTH X-CLEARTEXT2");
  adds(digt, "\r\n");
  adds(digt, b64i("334 ADAT=", "Cleartext2 first server ADAT", "\r\n"));
  adds(digt, b64i("ADAT ", "Cleartext2 first client ADAT", ""));
  adds(digt, "\r\n");
  adds(digt, b64i("335 ADAT=", "Cleartext2 second server ADAT", "\r\n"));
  adds(digt, b64i("ADAT ", "Cleartext2 second client ADAT", ""));
  adds(digt, "\r\n");
  adds(digt, "235 Security data exchange complete.\r\n");

  DataBlock digtBlock = digt.getDigt();
  digtBlock.print("DIGT");

  // compare to the expected (believed correct) value
  byte const expectedBytes[] = {
    // ---- DIGT, length = 20, crc32 = 0x43F2029B ----
    0x35, 0x91, 0xBE, 0xB2, 0x22, 0x64, 0xF8, 0x95, 0x60, 0x19,
    0x63, 0x5D, 0x8C, 0x39, 0x7F, 0xED, 0x5B, 0x56, 0x8C, 0x84

#   if 0  // old
    // used "X-Cleartext2" instead of "X-CLEARTEXT2"
    // ---- DIGT, length = 20, crc32 = 0x26E4B65D ----
    0xF8, 0x8E, 0x13, 0xD7, 0xE7, 0xF9, 0xAD, 0x5F, 0x8A, 0xBD,
    0xE8, 0x80, 0x2A, 0xA6, 0xE9, 0xA7, 0x51, 0xBD, 0x52, 0x00

    // used 234 as last reply code
    // ---- DIGT, length = 20, crc32 = 0xCB1C972A ----
    0xB3, 0x8A, 0xA0, 0x9E, 0xF1, 0xD5, 0x36, 0x7F, 0xC2, 0x76,
    0x28, 0x84, 0xC3, 0x36, 0x5E, 0x96, 0x04, 0xBD, 0x20, 0x97
#   endif // 0
  };

  DataBlock expected(expectedBytes, TABLESIZE(expectedBytes));
  if (digtBlock != expected) {
    expected.print("expected DIGT");
    printf("The computed and expected DIGTs differ!\n");
  }
  else {
    printf("This matches what was expected.\n");
  }
}

USUAL_MAIN

#endif // TEST_DIGT