orthanc: OrthancFramework/Resources/ThirdParty/minizip/crypt.h annotate

annotate OrthancFramework/Resources/ThirdParty/minizip/crypt.h @ 5853:4d932683049d get-scu tip

very first implementation of C-Get SCU

author	Alain Mazy <am@orthanc.team>
date	Tue, 29 Oct 2024 17:25:49 +0100
parents	8174e45f48d8
children

rev	line source
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	1 /* crypt.h -- base code for crypt/uncrypt ZIPfile
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	2
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	3
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	4 Version 1.01e, February 12th, 2005
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	5
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	6 Copyright (C) 1998-2005 Gilles Vollant
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	7
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	8 This code is a modified version of crypting code in Infozip distribution
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	9
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	10 The encryption/decryption parts of this source code (as opposed to the
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	11 non-echoing password parts) were originally written in Europe. The
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	12 whole source package can be freely distributed, including from the USA.
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	13 (Prior to January 2000, re-export from the US was a violation of US law.)
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	14
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	15 This encryption code is a direct transcription of the algorithm from
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	16 Roger Schlafly, described by Phil Katz in the file appnote.txt. This
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	17 file (appnote.txt) is distributed with the PKZIP program (even in the
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	18 version without encryption capabilities).
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	19
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	20 If you don't need crypting in your application, just define symbols
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	21 NOCRYPT and NOUNCRYPT.
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	22
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	23 This code support the "Traditional PKWARE Encryption".
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	24
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	25 The new AES encryption added on Zip format by Winzip (see the page
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	26 http://www.winzip.com/aes_info.htm ) and PKWare PKZip 5.x Strong
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	27 Encryption is not supported.
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	28 */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	29
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	30 #define CRC32(c, b) ((*(pcrc_32_tab+(((int)(c) ^ (b)) & 0xff))) ^ ((c) >> 8))
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	31
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	32 /***********************************************************************
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	33 * Return the next byte in the pseudo-random sequence
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	34 */
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	35 static int decrypt_byte(unsigned long* pkeys, const z_crc_t* pcrc_32_tab) {
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	36 unsigned temp; /* POTENTIAL BUG: temp*(temp^1) may overflow in an
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	37 * unpredictable manner on 16-bit systems; not a problem
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	38 * with any known compiler so far, though */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	39
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	40 (void)pcrc_32_tab;
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	41 temp = ((unsigned)(*(pkeys+2)) & 0xffff) \| 2;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	42 return (int)(((temp * (temp ^ 1)) >> 8) & 0xff);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	43 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	44
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	45 /***********************************************************************
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	46 * Update the encryption keys with the next byte of plain text
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	47 */
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	48 static int update_keys(unsigned long* pkeys, const z_crc_t* pcrc_32_tab, int c) {
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	49 ((pkeys+0)) = CRC32(((pkeys+0)), c);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	50 ((pkeys+1)) += ((pkeys+0)) & 0xff;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	51 ((pkeys+1)) = ((pkeys+1)) * 134775813L + 1;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	52 {
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	53 register int keyshift = (int)((*(pkeys+1)) >> 24);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	54 ((pkeys+2)) = CRC32(((pkeys+2)), keyshift);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	55 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	56 return c;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	57 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	58
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	59
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	60 /***********************************************************************
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	61 * Initialize the encryption keys and the random header according to
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	62 * the given password.
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	63 */
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	64 static void init_keys(const char* passwd, unsigned long* pkeys, const z_crc_t* pcrc_32_tab) {
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	65 *(pkeys+0) = 305419896L;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	66 *(pkeys+1) = 591751049L;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	67 *(pkeys+2) = 878082192L;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	68 while (*passwd != '\0') {
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	69 update_keys(pkeys,pcrc_32_tab,(int)*passwd);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	70 passwd++;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	71 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	72 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	73
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	74 #define zdecode(pkeys,pcrc_32_tab,c) \
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	75 (update_keys(pkeys,pcrc_32_tab,c ^= decrypt_byte(pkeys,pcrc_32_tab)))
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	76
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	77 #define zencode(pkeys,pcrc_32_tab,c,t) \
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	78 (t=decrypt_byte(pkeys,pcrc_32_tab), update_keys(pkeys,pcrc_32_tab,c), (Byte)t^(c))
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	79
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	80 #ifdef INCLUDECRYPTINGCODE_IFCRYPTALLOWED
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	81
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	82 #define RAND_HEAD_LEN 12
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	83 /* "last resort" source for second part of crypt seed pattern */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	84 # ifndef ZCR_SEED2
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	85 # define ZCR_SEED2 3141592654UL /* use PI as default pattern */
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	86 # endif
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	87
5428 8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	88 static unsigned crypthead(const char* passwd, /* password string */
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	89 unsigned char* buf, /* where to write header */
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	90 int bufSize,
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	91 unsigned long* pkeys,
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	92 const z_crc_t* pcrc_32_tab,
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	93 unsigned long crcForCrypting) {
8174e45f48d8 Upgraded minizip library to stay away from CVE-2023-45853 Alain Mazy <am@osimis.io> parents: 4044 diff changeset	94 unsigned n; /* index in random header */
102 7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	95 int t; /* temporary */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	96 int c; /* random byte */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	97 unsigned char header[RAND_HEAD_LEN-2]; /* random header */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	98 static unsigned calls = 0; /* ensure different random header each time */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	99
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	100 if (bufSize<RAND_HEAD_LEN)
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	101 return 0;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	102
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	103 /* First generate RAND_HEAD_LEN-2 random bytes. We encrypt the
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	104 * output of rand() to get less predictability, since rand() is
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	105 * often poorly implemented.
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	106 */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	107 if (++calls == 1)
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	108 {
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	109 srand((unsigned)(time(NULL) ^ ZCR_SEED2));
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	110 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	111 init_keys(passwd, pkeys, pcrc_32_tab);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	112 for (n = 0; n < RAND_HEAD_LEN-2; n++)
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	113 {
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	114 c = (rand() >> 7) & 0xff;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	115 header[n] = (unsigned char)zencode(pkeys, pcrc_32_tab, c, t);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	116 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	117 /* Encrypt random header (last two bytes is high word of crc) */
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	118 init_keys(passwd, pkeys, pcrc_32_tab);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	119 for (n = 0; n < RAND_HEAD_LEN-2; n++)
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	120 {
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	121 buf[n] = (unsigned char)zencode(pkeys, pcrc_32_tab, header[n], t);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	122 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	123 buf[n++] = (unsigned char)zencode(pkeys, pcrc_32_tab, (int)(crcForCrypting >> 16) & 0xff, t);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	124 buf[n++] = (unsigned char)zencode(pkeys, pcrc_32_tab, (int)(crcForCrypting >> 24) & 0xff, t);
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	125 return n;
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	126 }
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	127
7593b57dc1bf switch to google log Sebastien Jodogne <s.jodogne@gmail.com> parents: diff changeset	128 #endif

Mercurial > hg > orthanc

annotate OrthancFramework/Resources/ThirdParty/minizip/crypt.h @ 5853:4d932683049d get-scu tip