dns-oarc/cryptopant
1
0
Fork 0
Code Issues Activity

Adding upstream version 1.3.1.

Browse source 
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
Daniel Baumann 2025-02-10 05:27:32 +01:00
parent 5296a60534
commit 99a6be27f1
Signed by: daniel
GPG key ID: FBB4F0E80A80222F
42 changed files with 56893 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

847
src/cryptopANT.c Normal file
View file

@ -0,0 +1,847 @@
/* -*- Mode:C; c-basic-offset:8; tab-width:8; indent-tabs-mode:t -*- */
/*
* Copyright (C) 2004-2024 by the University of Southern California
* $Id: cdc84b9fca5b7bc01d665de67bbe6358d0a8131f $
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
*
*/
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <fcntl.h>
#include <stdint.h>
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <assert.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
#include <openssl/blowfish.h>
#include <openssl/sha.h>
#include <openssl/aes.h>
#include <openssl/err.h>
#include <openssl/core_names.h>
#include <openssl/provider.h>
#include "cryptopANT.h"
#include "config.h"
#define MAX_BLK_LENGTH 32
#define CACHE_BITS 24 /* How many bits of IPv4 we cache, cannot be zero */
#define BF_KEYLEN 16 /* bytes */
#define TEST_CACHE 0
#define RESET_ETHER_MCAST(p) (*(char*)(p) &= 0xfe)
#ifndef MAX
#define MAX(a,b) ((a) > (b) ? (a) : (b))
#endif
#if HAVE__U6_ADDR32
#define s6_addr32 __u6_addr.__u6_addr32
#endif
//determined by autoconf
#ifdef WORDS_BIGENDIAN
//sigh, older version of the code was not byte-order safe; this is needed
//to ensure backward compatibility AND compatibility with BE-systems.
#include <byteswap.h>
#define cryptopant_swap32(x) bswap_32(x)
#else
#define cryptopant_swap32(x) (x)
#endif
typedef struct ipv4_hash_blk_ {
uint32_t ip4;
uint8_t pad[MAX_BLK_LENGTH - sizeof(uint32_t)];
} ipv4_hash_blk_t;
typedef struct ipv6_hash_blk_ {
struct in6_addr ip6;
uint8_t pad[MAX_BLK_LENGTH - sizeof(struct in6_addr)];
} ipv6_hash_blk_t;
uint8_t scramble_ether_addr[ETHER_ADDR_LEN];
uint16_t scramble_ether_vlan;
int scramble_mac;
static int readhexstring (FILE *, u_char *, int *);
static uint32_t ip4cache[1<<CACHE_BITS];
static uint32_t ip4pad; /* first 4 bytes of pad */
static uint32_t ip6pad[4];
static u_char scramble_mac_buf[MAX_BLK_LENGTH];
static u_char scramble_key[MAX_BLK_LENGTH];
static uint8_t ivec[64];
/* statistics */
static long ipv4_cache_hits = 0;
static long ipv4_anon_calls = 0;
static long ipv6_anon_calls = 0;
static ipv4_hash_blk_t b4_in, b4_out;
static ipv6_hash_blk_t b6_in, b6_out;
static scramble_crypt_t scramble_crypto4 = SCRAMBLE_AES;
static scramble_crypt_t scramble_crypto6 = SCRAMBLE_AES;
/* openssl EVP pointers */
static EVP_CIPHER_CTX *ctx4, *ctx6;
static EVP_CIPHER *cipher4, *cipher6;
static EVP_MD_CTX *mdctx4, *mdctx6;
static EVP_MD *md4, *md6;
static struct {
char *name;
scramble_crypt_t type;
} scramble_names[] = {
{ "md5", SCRAMBLE_MD5 },
{ "blowfish", SCRAMBLE_BLOWFISH },
{ "aes", SCRAMBLE_AES },
{ "sha", SCRAMBLE_SHA1 },
};
const char *
scramble_type2name(scramble_crypt_t t)
{
int i;
for (i = 0; i < sizeof(scramble_names)/sizeof(scramble_names[0]); ++i)
if (scramble_names[i].type == t)
return scramble_names[i].name;
return NULL;
}
scramble_crypt_t
scramble_name2type(const char *name)
{
int i;
for (i = 0; i < sizeof(scramble_names)/sizeof(scramble_names[0]); ++i)
if (strcasecmp(name, scramble_names[i].name) == 0)
return scramble_names[i].type;
return SCRAMBLE_NONE;
}
scramble_crypt_t
scramble_crypto_ip4(void)
{
return scramble_crypto4;
}
scramble_crypt_t
scramble_crypto_ip6(void)
{
return scramble_crypto6;
}
int
scramble_newkey(u_char *key, int klen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newkey(): fopen");
return -1;
}
if (fread(key, 1, klen, rnd) != klen) {
perror("scramble_newkey(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newpad(u_char *pad, int plen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newpad(): fopen");
return -1;
}
if (fread(pad, 1, plen, rnd) != plen) {
perror("scramble_newpad(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newmac(u_char *mac, int mlen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newkey(): fopen");
return -1;
}
if (fread(mac, 1, mlen, rnd) != mlen) {
perror("scramble_newkey(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newiv(u_char *iv, int ivlen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newiv(): fopen");
return -1;
}
if (fread(iv, 1, ivlen, rnd) != ivlen) {
perror("scramble_newiv(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
/* read a hex string from fd at current position and store it in s */
static int
readhexstring(FILE *f, u_char *s, int *len)
{
char c = 0;
int i;
for (i = 0; i < *len + 1; ++i) {
switch (fread(&c, 1, 1, f)) {
case 0:
*len = i;
return 0;
case 1:
break;
default:
return -1;
}
if (!isxdigit(c)) {
*len = i;
return 0;
}
s[i] = ((isdigit(c)) ? c - '0' : tolower(c) - 'a' + 10) << 4;
if (fread(&c, 1, 1, f) != 1) {
*len = i;
return -1; /* error: a byte has 2 digits */
}
if (!isxdigit(c)) {
*len = i;
return -1;
}
s[i] |= (isdigit(c)) ? c - '0' : tolower(c) - 'a' + 10;
}
if (i == *len + 1)
return -1; /* means buffer is too short */
return 0;
}
int
scramble_readstate(const char *fn, scramble_state_t *s)
{
u_char c4, c6;
int l4 = 1, l6 = 1;
FILE *f = fopen(fn, "r");
if (f == NULL) {
perror("scramble_readstate(): fopen");
return -1;
}
if (readhexstring(f, (u_char*)&c4, &l4) != 0) {
fprintf(stderr, "scramble_readstate(): error reading c4");
fclose(f);
return -1;
}
assert(l4 == 1);
s->c4 = (scramble_crypt_t)c4;
if (readhexstring(f, (u_char*)&c6, &l6) != 0) {
fprintf(stderr, "scramble_readstate(): error reading c6");
fclose(f);
return -1;
}
assert(l6 == 1);
s->c6 = (scramble_crypt_t)c6;
if (readhexstring(f, s->key, &s->klen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading key");
fclose(f);
return -1;
}
if (readhexstring(f, s->pad, &s->plen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading pad");
fclose(f);
return -1;
}
if (readhexstring(f, s->mac, &s->mlen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading mac");
fclose(f);
return -1;
}
if (readhexstring(f, s->iv, &s->ivlen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading iv");
fclose(f);
return -1;
}
fclose(f);
return 0;
}
int
scramble_savestate(const char *fn, const scramble_state_t *s)
{
int i;
/* set restrictive mode */
int fd = creat(fn, S_IRUSR|S_IWUSR);
if (fd < 0) {
perror("scramble_savestate(): open");
return -1;
}
FILE *f = fdopen(fd, "w");
if (f == NULL) {
perror("scramble_savestate(): fopen");
return -1;
}
if (fprintf(f, "%02x:%02x:", (unsigned)s->c4, (unsigned)s->c6) < 0) {
perror("scramble_savestate(): error saving cryptos");
fclose(f);
return -1;
}
for (i = 0; i < s->klen; ++i) {
if (fprintf(f, "%02x", s->key[i]) < 0) {
perror("scramble_savestate(): error saving key");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->plen; ++i) {
if (fprintf(f, "%02x", s->pad[i]) < 0) {
perror("scramble_savestate(): error saving pad");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->mlen; ++i) {
if (fprintf(f, "%02x", s->mac[i]) < 0) {
perror("scramble_savestate(): error saving mac");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->ivlen; ++i) {
if (fprintf(f, "%02x", s->iv[i]) < 0) {
perror("scramble_savestate(): error saving lv");
fclose(f);
return -1;
}
}
fprintf(f, "\n");
fclose(f);
return 0;
}
void
scramble_cleanup()
{
// openssl evp cleanup
if (ctx4 != NULL) {
EVP_CIPHER_CTX_free(ctx4);
ctx4 = NULL;
}
if (ctx6 != NULL) {
EVP_CIPHER_CTX_free(ctx6);
ctx6 = NULL;
}
if (mdctx4 != NULL) {
EVP_MD_CTX_free(mdctx4);
mdctx4 = NULL;
}
if (mdctx6 != NULL) {
EVP_MD_CTX_free(mdctx6);
mdctx6 = NULL;
}
if (cipher4 != NULL) {
EVP_CIPHER_free(cipher4);
cipher4 = NULL;
}
if (cipher6 != NULL) {
EVP_CIPHER_free(cipher6);
cipher6 = NULL;
}
if (md4 != NULL) {
EVP_MD_free(md4);
md4 = NULL;
}
if (md6 != NULL) {
EVP_MD_free(md6);
md6 = NULL;
}
}
int
scramble_init(const scramble_state_t *s)
{
int plen;
if (s->plen > MAX_BLK_LENGTH)
plen = MAX_BLK_LENGTH;
else
plen = s->plen;
scramble_crypto4 = s->c4;
scramble_crypto6 = s->c6;
memcpy(&b4_in, s->pad, plen);
ip4pad = cryptopant_swap32(b4_in.ip4);
memcpy(&b6_in, s->pad, s->plen);
ip6pad[0] = b6_in.ip6.s6_addr32[0];
ip6pad[1] = b6_in.ip6.s6_addr32[1];
ip6pad[2] = b6_in.ip6.s6_addr32[2];
ip6pad[3] = b6_in.ip6.s6_addr32[3];
memcpy(scramble_key, s->key, s->klen);
// create contexts (will not need them all)
ctx4 = EVP_CIPHER_CTX_new();
ctx6 = EVP_CIPHER_CTX_new();
mdctx4 = EVP_MD_CTX_new();
mdctx6 = EVP_MD_CTX_new();
// fetch ciphers and digests
void *res_ctx = NULL, *res_crypt = NULL;
switch(s->c4) {
case SCRAMBLE_AES:
OSSL_PROVIDER_load(NULL, "default");
cipher4 = EVP_CIPHER_fetch(NULL, "AES-128-ECB", "provider=default");
res_ctx = ctx4;
res_crypt = cipher4;
break;
case SCRAMBLE_BLOWFISH:
OSSL_PROVIDER_load(NULL, "legacy");
cipher4 = EVP_CIPHER_fetch(NULL, "BF-ECB", "provider=legacy");
if (cipher4 == NULL) {
cipher4 = EVP_CIPHER_fetch(NULL, "BF-ECB", NULL);
}
res_ctx = ctx4;
res_crypt = cipher4;
break;
case SCRAMBLE_SHA1:
md4 = EVP_MD_fetch(NULL, "SHA1", NULL);
res_ctx = mdctx4;
res_crypt = md4;
break;
case SCRAMBLE_MD5:
md4 = EVP_MD_fetch(NULL, "MD5", NULL);
res_ctx = mdctx4;
res_crypt = md4;
break;
case SCRAMBLE_NONE:
break;
default:
fprintf(stderr,
"scramble_init(): unsupported ipv4 scrambling crypto: %d\n", s->c4);
return -1;
}
if (s->c4 != SCRAMBLE_NONE && (res_ctx == NULL || res_crypt == NULL)) {
fprintf(stderr,
"scramble_init(): EVP ip4 init failures %p %p\n", res_ctx, res_crypt);
return -1;
}
res_ctx = res_crypt = NULL;
switch(s->c6) {
case SCRAMBLE_AES:
OSSL_PROVIDER_load(NULL, "default");
cipher6 = EVP_CIPHER_fetch(NULL, "AES-128-ECB", "provider=default");
res_ctx = ctx6;
res_crypt = cipher6;
break;
case SCRAMBLE_BLOWFISH:
OSSL_PROVIDER_load(NULL, "legacy");
cipher6 = EVP_CIPHER_fetch(NULL, "BF-CBC", "provider=legacy");
if (cipher6 == NULL) {
cipher6 = EVP_CIPHER_fetch(NULL, "BF-ECB", NULL);
}
res_ctx = ctx6;
res_crypt = cipher6;
break;
case SCRAMBLE_SHA1:
md6 = EVP_MD_fetch(NULL, "SHA1", NULL);
res_ctx = mdctx6;
res_crypt = md6;
break;
case SCRAMBLE_MD5:
md6 = EVP_MD_fetch(NULL, "MD5", NULL);
res_ctx = mdctx6;
res_crypt = md6;
break;
case SCRAMBLE_NONE:
break;
default:
fprintf(stderr,
"scramble_init(): unsupported ipv6 scrambling crypto: %d\n", s->c6);
return -1;
}
if (s->c6 != SCRAMBLE_NONE && (res_ctx == NULL || res_crypt == NULL)) {
fprintf(stderr,
"scramble_init(): EVP ip6 init failures %p %p\n", res_ctx, res_crypt);
return -1;
}
if (cipher4 != NULL) {
if (!EVP_EncryptInit_ex2(ctx4, cipher4, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
return -1;
}
}
if (cipher6 != NULL) {
if (!EVP_EncryptInit_ex2(ctx6, cipher6, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
return -1;
}
}
// don't need to init anything for digests
scramble_mac = 0;
memcpy(scramble_mac_buf, s->mac, s->mlen);
if (s->mlen > 0) {
scramble_mac = 1;
if (s->mlen < ETHER_ADDR_LEN + ETHER_VLAN_LEN) {
fprintf(stderr,
"scramble_init(): mac string is too short (%d)\n",
s->mlen);
return -1;
}
}
memcpy(scramble_ether_addr, scramble_mac_buf, ETHER_ADDR_LEN);
/* we don't want to map ether unicast to multicast and visa versa */
RESET_ETHER_MCAST(scramble_ether_addr);
memcpy(&scramble_ether_vlan, scramble_mac_buf + ETHER_ADDR_LEN, ETHER_VLAN_LEN);
return 0;
}
/* init everything from file, if it doesn't exist, create it */
int
scramble_init_from_file(const char *fn, scramble_crypt_t c4, scramble_crypt_t c6, int *do_mac)
{
// OSSL_PROVIDER *legacy_, *default_;
u_char pad[MAX_BLK_LENGTH];
u_char key[MAX_BLK_LENGTH];
u_char mac[MAX_BLK_LENGTH];
u_char iv[MAX_BLK_LENGTH];
scramble_state_t s;
FILE *f;
s.pad = pad;
s.key = key;
s.mac = mac;
s.iv = iv;
if ((f = fopen(fn, "r")) == NULL) {
if (errno != ENOENT) {
perror("scamble_init_file(): fopen");
return -1;
}
if (c4 == SCRAMBLE_NONE || c6 == SCRAMBLE_NONE)
return -1;
/* file doesn't exist, create it */
s.c4 = c4;
s.c6 = c6;
s.plen = MAX_BLK_LENGTH;
s.klen = 16; /* XXX */
s.ivlen = 16;
if (scramble_newpad(pad, s.plen) < 0)
return -1;
if (scramble_newkey(key, s.klen) < 0)
return -1;
if (scramble_newiv(iv, s.ivlen) < 0)
return -1;
if (do_mac && *do_mac) {
s.mlen = ETHER_ADDR_LEN + ETHER_VLAN_LEN;
if (scramble_newmac(mac, s.mlen) < 0)
return -1;
} else
s.mlen = 0;
if (scramble_savestate(fn, &s) < 0)
return -1;
} else {
fclose(f);
s.plen = MAX_BLK_LENGTH;
s.klen = MAX_BLK_LENGTH;
s.mlen = MAX_BLK_LENGTH;
s.ivlen = MAX_BLK_LENGTH;
if (scramble_readstate(fn, &s) < 0)
return -1;
if (do_mac)
*do_mac = (s.mlen > 0);
}
if (scramble_init(&s) < 0)
return -1;
return 0;
}
/* scramble IPv4 addresses, input and output are in network byte order */
uint32_t
scramble_ip4(uint32_t input, int pass_bits) {
uint32_t output = 0;
uint32_t m = 0xffffffff << 1;
int i = 31;
int class_bits = 0;
int pbits = 0;
int outlen;
#define MAX_CLASS_BITS 4
static int _class_bits[1<<MAX_CLASS_BITS] = {
1,1,1,1,1,1,1,1, /* class A: preserve 1 bit */
2,2,2,2, /* class B: preserve 2 bits */
3,3, /* class C: preserve 3 bits */
4, /* class D: preserve 4 bits */
32 /* class bad, preserve all */
};
uint32_t *cp;
input = ntohl(input);
cp = ip4cache + (input >> (32 - CACHE_BITS));
assert(pass_bits >= 0 && pass_bits < 33);
++ipv4_anon_calls;
b4_in.ip4 = input;
class_bits = _class_bits[input >> (32-MAX_CLASS_BITS)];
// check cache first
output = *cp;
if (output != 0) {
output <<= (32 - CACHE_BITS);
if (class_bits < CACHE_BITS)
class_bits = CACHE_BITS;
++ipv4_cache_hits;
}
pbits = MAX(pass_bits, class_bits);
for (i = 31; i > pbits - 1; --i) {
/* pass through 'i' highest bits of ip4 */
b4_in.ip4 &= m;
/* the following could be:
* b4_in.ip4 |= (ip4pad & ~m); */
b4_in.ip4 |= (ip4pad >> i);
b4_in.ip4 = cryptopant_swap32(b4_in.ip4);
uint mdlen = MD5_DIGEST_LENGTH;
switch (scramble_crypto4) {
case SCRAMBLE_BLOWFISH:
if (!EVP_CipherUpdate(ctx4, (u_char*)&b4_out, &outlen, (u_char*)&b4_in, BF_BLOCK)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_CipherUpdate failed");
abort();
}
case SCRAMBLE_AES:
if (!EVP_CipherUpdate(ctx4, (u_char*)&b4_out, &outlen, (u_char*)&b4_in, AES_BLOCK_SIZE)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_CipherUpdate failed");
abort();
}
break;
case SCRAMBLE_SHA1:
mdlen = SHA_DIGEST_LENGTH;
// fallthrough
case SCRAMBLE_MD5:
if (!EVP_DigestInit_ex2(mdctx4, md4, NULL) ||
!EVP_DigestUpdate(mdctx4, (u_char*)&b4_in, mdlen) ||
!EVP_DigestFinal_ex(mdctx4, (u_char*)&b4_out, &mdlen)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_Digest* failed");
abort();
}
break;
default:
abort();
}
output |= (( *((u_char*)&b4_out.ip4) & 1) << (31 - i));
b4_in.ip4 = cryptopant_swap32(b4_in.ip4);
m <<= 1;
}
/* output == 0 is OK, means pass address unchanged */
*cp = (output >> (32 - CACHE_BITS));
return htonl(output ^ input);
}
/* scramble ipv6 address in place, in network byte order */
void
scramble_ip6(struct in6_addr *input, int pass_bits)
{
struct in6_addr output;
int i, w;
int pbits = pass_bits;
++ipv6_anon_calls;
b6_in.ip6.s6_addr32[0] = ip6pad[0]; /* XXX this one not needed */
b6_in.ip6.s6_addr32[1] = ip6pad[1];
b6_in.ip6.s6_addr32[2] = ip6pad[2];
b6_in.ip6.s6_addr32[3] = ip6pad[3];
int outlen = AES_BLOCK_SIZE;
uint mdlen;
for (w = 0; w < 4; ++w) {
uint32_t m = 0xffffffff << 1;
uint32_t x = ntohl(input->s6_addr32[w]);
uint32_t hpad = ntohl(ip6pad[w]);
output.s6_addr32[w] = 0;
/* anonymize x, using hpad */
for (i = 31; i > pbits - 1; --i) {
/* pass through 'i' highest bits of the word */
x &= m;
/* the following could be:
* x |= (hpad & ~m); */
x |= (hpad >> i);
b6_in.ip6.s6_addr32[w] = htonl(x);
/* hashing proper */
switch (scramble_crypto6) {
case SCRAMBLE_BLOWFISH:
/* use BF in chain mode */
EVP_CIPHER_CTX_reset(ctx6);
if (!EVP_EncryptInit_ex2(ctx6, cipher6, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
}
if (!EVP_CipherUpdate(ctx6, (u_char*)&b6_out, &outlen, (u_char*)&b6_in, sizeof(b6_in))) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_CipherUpdate failed\n");
ERR_print_errors_fp(stderr);
}
break;
case SCRAMBLE_AES:
if (!EVP_CipherUpdate(ctx6, (u_char*)&b6_out, &outlen, (u_char*)&b6_in, AES_BLOCK_SIZE)) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_CipherUpdate failed");
}
break;
case SCRAMBLE_SHA1:
case SCRAMBLE_MD5:
if (scramble_crypto6 == SCRAMBLE_SHA1) {
mdlen = SHA_DIGEST_LENGTH;
} else {
mdlen = MD5_DIGEST_LENGTH;
}
// fallthrough
if (!EVP_DigestInit_ex2(mdctx6, md6, NULL) ||
!EVP_DigestUpdate(mdctx6, (u_char*)&b6_in, mdlen) ||
!EVP_DigestFinal_ex(mdctx6, (u_char*)&b6_out, &mdlen)) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_Digest* failed");
}
break;
default:
abort();
}
output.s6_addr32[w] |= ((ntohl(b6_out.ip6.s6_addr32[3]) & 1)
<< (31 - i));
m <<= 1;
}
pbits = (pbits >= 32) ? pbits - 32 : 0;
/* pbits >= 32 this means the above for-loop wasn't executed */
output.s6_addr32[w] = htonl(output.s6_addr32[w]) ^ input->s6_addr32[w];
/* restore the word */
b6_in.ip6.s6_addr32[w] = input->s6_addr32[w];
}
*input = output;
}
/* reverse map scrambled IP addresses, all network byte order */
uint32_t
unscramble_ip4(uint32_t input, int pass_bits)
{
int i;
uint32_t guess, res;
guess = input; /* Starting with the input seems
* a good idea because some bits
* may be passed through
* unchanged */
for (i=32; i>0; --i) {
res = scramble_ip4(guess, pass_bits);
/* we're only interested in flipping the
* higher bit, don't care about the rest */
res ^= input;
if (res == 0)
return guess;
guess ^= res;
}
//unreachable, since there should be always a match
//(since we're zeroing out at least one bit per iteration)
assert(0);
return (0xffffffff); /* cannot find the match */
}
/* unscramble ipv6 address in place, in network byte order */
void
unscramble_ip6(struct in6_addr *input, int pass_bits)
{
struct in6_addr guess;
struct in6_addr res;
uint32_t r = 0;
int i;
guess = *input;
for (i = 0; i < 4; ++i) {
for (;;) {
res = guess;
scramble_ip6(&res, pass_bits);
r = res.s6_addr32[i] ^ input->s6_addr32[i];
if (r == 0) break;
guess.s6_addr32[i] ^= r;
}
}
*input = guess;
return;
}