Add RIPEMD-160 (rmd160) support to OTP (s/key).

7 files changed, 81 insertions, 17 deletions

diff --git a/lib/libskey/shlib_version b/lib/libskey/shlib_version
index 97247abae54..a4a51c946c4 100644
--- a/lib/libskey/shlib_version
+++ b/lib/libskey/shlib_version
@@ -1,2 +1,2 @@
 major=0
-minor=3
+minor=4
diff --git a/lib/libskey/skeysubr.c b/lib/libskey/skeysubr.c
index 762a809c136..946d5a8cb12 100644
--- a/lib/libskey/skeysubr.c
+++ b/lib/libskey/skeysubr.c
@@ -10,7 +10,7 @@
  *
  * S/KEY misc routines.
  *
- * $Id: skeysubr.c,v 1.14 1997/07/11 01:32:57 millert Exp $
+ * $Id: skeysubr.c,v 1.15 1997/07/17 05:48:38 millert Exp $
  */
 
 #include <stdio.h>
@@ -22,6 +22,7 @@
 #include <md4.h>
 #include <md5.h>
 #include <sha1.h>
+#include <rmd160.h>
 
 #include "skey.h"
 
@@ -33,9 +34,11 @@
 static void f_md4 __P((char *x));
 static void f_md5 __P((char *x));
 static void f_sha1 __P((char *x));
+static void f_rmd160 __P((char *x));
 static int keycrunch_md4 __P((char *result, char *seed, char *passwd));
 static int keycrunch_md5 __P((char *result, char *seed, char *passwd));
 static int keycrunch_sha1 __P((char *result, char *seed, char *passwd));
+static int keycrunch_rmd160 __P((char *result, char *seed, char *passwd));
 static void lowcase __P((char *s));
 static void skey_echo __P((int action));
 static void trapped __P((int sig));
@@ -47,7 +50,7 @@ static int skey_hash_type = SKEY_HASH_DEFAULT;
  * Hash types we support.
  * Each has an associated keycrunch() and f() function.
  */
-#define SKEY_ALGORITH_LAST	3
+#define SKEY_ALGORITH_LAST	4
 struct skey_algorithm_table {
 	const char *name;
 	int (*keycrunch) __P((char *, char *, char *));
@@ -56,7 +59,8 @@ struct skey_algorithm_table {
 static struct skey_algorithm_table skey_algorithm_table[] = {
 	{ "md4", keycrunch_md4, f_md4 },
 	{ "md5", keycrunch_md5, f_md5 },
-	{ "sha1", keycrunch_sha1, f_sha1 }
+	{ "sha1", keycrunch_sha1, f_sha1 },
+	{ "rmd160", keycrunch_rmd160, f_rmd160 }
 };
 
 
@@ -177,6 +181,41 @@ keycrunch_sha1(result, seed, passwd)
 	return 0;
 }
 
+static int
+keycrunch_rmd160(result, seed, passwd)
+	char *result;	/* SKEY_BINKEY_SIZE result */
+	char *seed;	/* Seed, any length */
+	char *passwd;	/* Password, any length */
+{
+	char *buf;
+	RMD160_CTX rmd;
+	u_int32_t results[5];
+	unsigned int buflen;
+
+	buflen = strlen(seed) + strlen(passwd);
+	if ((buf = (char *)malloc(buflen+1)) == NULL)
+		return -1;
+	(void)strcpy(buf, seed);
+	lowcase(buf);
+	(void)strcat(buf, passwd);
+
+	/* Crunch the key through RMD-160 */
+	sevenbit(buf);
+	RMD160Init(&rmd);
+	RMD160Update(&rmd, (unsigned char *)buf, buflen);
+	RMD160Final((unsigned char *)results, &rmd);
+	(void)free(buf);
+
+	/* Fold 160 to 64 bits */
+	results[0] ^= results[2];
+	results[1] ^= results[3];
+	results[0] ^= results[4];
+
+	(void)memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
+
+	return 0;
+}
+
 /*
  * The one-way function f().
  * Takes SKEY_BINKEY_SIZE bytes and returns SKEY_BINKEY_SIZE bytes in place.
@@ -243,6 +282,25 @@ f_sha1(x)
 	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
 }
 
+static void
+f_rmd160(x)
+	char *x;
+{
+	RMD160_CTX rmd;
+	u_int32_t results[5];
+
+	RMD160Init(&rmd);
+	RMD160Update(&rmd, (unsigned char *)x, SKEY_BINKEY_SIZE);
+	RMD160Final((unsigned char *)results, &rmd);
+
+	/* Fold 160 to 64 bits */
+	results[0] ^= results[2];
+	results[1] ^= results[3];
+	results[0] ^= results[4];
+
+	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
+}
+
 /* Strip trailing cr/lf from a line of text */
 void
 rip(buf)
diff --git a/usr.bin/skey/Makefile b/usr.bin/skey/Makefile
index d7dbf376e51..f112db4c8de 100644
--- a/usr.bin/skey/Makefile
+++ b/usr.bin/skey/Makefile
@@ -1,13 +1,15 @@
-# $OpenBSD: Makefile,v 1.9 1997/04/27 20:56:54 millert Exp $
+# $OpenBSD: Makefile,v 1.10 1997/07/17 05:48:39 millert Exp $
 
 PROG=	skey
 MAN=	skey.1 skeyinfo.1 skeyaudit.1 skeyprune.8
 LINKS=	${BINDIR}/skey ${BINDIR}/otp-md4 \
 	${BINDIR}/skey ${BINDIR}/otp-md5 \
-	${BINDIR}/skey ${BINDIR}/otp-sha1
+	${BINDIR}/skey ${BINDIR}/otp-sha1 \
+	${BINDIR}/skey ${BINDIR}/otp-rmd160
 MLINKS=	skey.1 otp-md4.1 \
 	skey.1 otp-md5.1 \
-	skey.1 otp-sha1.1
+	skey.1 otp-sha1.1 \
+	skey.1 otp-rmd160.1
 DPADD=	${LIBSKEY}
 LDADD=	-lskey
 
diff --git a/usr.bin/skey/skey.1 b/usr.bin/skey/skey.1
index b71c79ee904..019f27c3cd2 100644
--- a/usr.bin/skey/skey.1
+++ b/usr.bin/skey/skey.1
@@ -1,16 +1,16 @@
-.\" $OpenBSD: skey.1,v 1.8 1997/01/05 21:30:06 millert Exp $
+.\" $OpenBSD: skey.1,v 1.9 1997/07/17 05:48:39 millert Exp $
 .\"	@(#)skey.1	1.1 	10/28/93
 .\"
 .Dd 28 October 1993
 .Dt SKEY 1
 .Os
 .Sh NAME
-.Nm skey, otp-md4, otp-md5, otp-sha1
+.Nm skey, otp-md4, otp-md5, otp-sha1, otp-rmd160
 .Nd Respond to a OTP challenge.
 .Sh SYNOPSIS
 .Nm skey
 .Op Fl x
-.Op Fl md4 | Fl md5 | Fl sha1
+.Op Fl md4 | Fl md5 | Fl sha1 | Fl rmd160
 .Op Fl n Ar count
 .Op Fl p Ar passwd
 <sequence#>[/] key
@@ -33,7 +33,7 @@ will use
 .Ar method
 as the hash function where
 .Ar method
-is currently one of md4, md5, or sha1.
+is currently one of md4, md5, sha1, or rmd160.
 .Pp
 If you misspell your password while running
 .Nm skey ,
@@ -62,7 +62,9 @@ Selects MD4 as the hash algorithm.
 .It Fl md5
 Selects MD5 as the hash algorithm.
 .It Fl sha1
-Selects SHA1 (NIST Secure Hash Algorithm Revision 1) as the hash algorithm.
+Selects SHA-1 (NIST Secure Hash Algorithm Revision 1) as the hash algorithm.
+.It Fl rmd160
+Selects RMD-160 (160 bit Ripe Message Digest) as the hash algorithm.
 .El
 .Sh EXAMPLE
 .sp 0
diff --git a/usr.bin/skey/skey.c b/usr.bin/skey/skey.c
index 1e7d815f7f2..61170484cf4 100644
--- a/usr.bin/skey/skey.c
+++ b/usr.bin/skey/skey.c
@@ -1,4 +1,4 @@
-/* * $OpenBSD: skey.c,v 1.9 1996/11/22 03:24:36 millert Exp $*/
+/* * $OpenBSD: skey.c,v 1.10 1997/07/17 05:48:40 millert Exp $*/
 /*
  * S/KEY v1.1b (skey.c)
  *
@@ -149,6 +149,6 @@ void
 usage(s)
 	char   *s;
 {
-	(void)fprintf(stderr, "Usage: %s [-x] [-md4|-md5|-sha1] [-n count] [-p password] <sequence#>[/] key\n", s);
+	(void)fprintf(stderr, "Usage: %s [-x] [-md4|-md5|-sha1|-rmd160] [-n count] [-p password] <sequence#>[/] key\n", s);
 	exit(1);
 }
diff --git a/usr.bin/skeyinit/skeyinit.1 b/usr.bin/skeyinit/skeyinit.1
index d0a86965762..09d7105ca5d 100644
--- a/usr.bin/skeyinit/skeyinit.1
+++ b/usr.bin/skeyinit/skeyinit.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: skeyinit.1,v 1.9 1996/11/03 18:57:45 millert Exp $
+.\"	$OpenBSD: skeyinit.1,v 1.10 1997/07/17 05:48:40 millert Exp $
 .\"	$NetBSD: skeyinit.1,v 1.4 1995/07/07 22:24:09 jtc Exp $
 .\"	@(#)skeyinit.1	1.1 	10/28/93
 .\"
@@ -78,6 +78,8 @@ Selects MD4 as the hash algorithm.
 Selects MD5 as the hash algorithm.
 .It Fl sha1
 Selects SHA (NIST Secure Hash Algorithm Revision 1) as the hash algorithm.
+.It Fl rmd160
+Selects RMD-160 (160 bit Ripe Message Digest) as the hash algorithm.
 .It Ar user
 The username to be changed/added. By default the current user is
 operated on.
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c
index 1ca8bae9310..15225cab781 100644
--- a/usr.bin/skeyinit/skeyinit.c
+++ b/usr.bin/skeyinit/skeyinit.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: skeyinit.c,v 1.17 1996/11/03 18:57:46 millert Exp $	*/
+/*	$OpenBSD: skeyinit.c,v 1.18 1997/07/17 05:48:41 millert Exp $	*/
 /*	$NetBSD: skeyinit.c,v 1.6 1995/06/05 19:50:48 pk Exp $	*/
 
 /* S/KEY v1.1b (skeyinit.c)
@@ -326,6 +326,6 @@ usage(s)
 	char *s;
 {
 	(void)fprintf(stderr,
-		"Usage: %s [-s] [-x] [-z] [-n count] [-md4|-md5|-sha1] [user]\n", s);
+		"Usage: %s [-s] [-x] [-z] [-n count] [-md4|-md5|-sha1|-rmd160] [user]\n", s);
 	exit(1);
 }