2
* $Id: arjsec_h.c,v 1.5 2003/05/07 18:55:51 andrew_belov Exp $
3
* ---------------------------------------------------------------------------
4
* The high-level ARJ-security envelope verification routine is contained in
11
DEBUGHDR(__FILE__) /* Debug information block */
13
/* Returns ARJ-security signature and 0 when successful. */
16
int get_arjsec_signature(FILE *stream, long offset, char *signature, int iter)
18
#if SFX_LEVEL<=ARJSFXV&&!defined(COMMERCIAL)
21
unsigned char tail[ARJSEC_RECORD_SIZE];
22
unsigned long tmp_tail[8];
23
unsigned long block[8]; /* CRC accumulation */
26
/* We need to retain the position when processing ARJSFX archives */
27
#if SFX_LEVEL<=ARJSFXV
28
unsigned long cur_pos;
32
#if SFX_LEVEL<=ARJSFXV
33
msg_cprintf(0, M_VERIFYING_ARJSEC);
34
cur_pos=ftell(stream);
36
fseek(stream, offset, SEEK_SET);
37
if(fread(tail, 1, sizeof(tail), stream)!=ARJSEC_RECORD_SIZE)
40
fseek(stream, 0L, SEEK_SET);
43
crc32_for_block(tail, ARJSEC_RECORD_SIZE-4);
44
if(crc32term!=mget_dword(&tail[ARJSEC_RECORD_SIZE-4]))
48
*(dest++)^=0x80|tail[8+i%32];
49
memcpy(signature, tail+40, 76);
50
/* The owner's name is already stored at this point, now just make sure that
51
we have the envelope in its original, unmodified form. */
54
arjsec_newblock(block+4);
56
arjsec_crcterm(block+4, *(dest++));
57
arjsec_invert(block+4);
58
arjsec_read(block, stream, offset);
59
#ifdef WORDS_BIGENDIAN
60
for (i=0;i<sizeof(tmp_tail)>>2;i++)
61
tmp_tail[i]=mget_dword(tail+8+(i<<2));
63
memcpy(tmp_tail, tail+8, sizeof(tmp_tail));
65
arjsec_term(block+4, tmp_tail, iter);
67
if(tmp_tail[0]!=block[0])
69
if(tmp_tail[1]!=block[1])
71
if(tmp_tail[2]!=block[2])
73
if(tmp_tail[3]!=block[3])
76
arjsec_xor(block, block+4);
77
if(tmp_tail[4]!=block[0])
79
if(tmp_tail[5]!=block[1])
81
if(tmp_tail[6]!=block[2])
83
if(tmp_tail[7]!=block[3])
86
#ifdef WORDS_BIGENDIAN
87
for (i=0;i<sizeof(tmp_tail)>>2;i++)
88
tmp_tail[i]=mget_dword(tail+8+(i<<2));
90
memcpy(tmp_tail, tail+8, sizeof(tmp_tail));
94
arjsec_newblock(block+4);
96
arjsec_crcterm(block+4, *(dest++));
97
arjsec_invert(block+4);
98
arjsec_newblock(block);
99
while(--offset>=0L&&(c=fgetc(stream))!=EOF)
100
arjsec_crcterm(block, (char)c);
101
arjsec_invert(block);
102
arjsec_term(block+4, tmp_tail, iter);
104
if(memcmp(tmp_tail, block, 16))
106
arjsec_invert(block);
111
if(memcmp(tmp_tail+4, block, 16))
113
fseek(stream, cur_pos, SEEK_SET);
116
msg_cprintf(0, M_VALID_ENVELOPE);
120
return(i); /* Number of errors */
125
/* Verifies registration information */
127
#if SFX_LEVEL>=ARJ||defined(REARJ)||defined(ARJUTIL)
128
int verify_reg_name(char *key1, char *key2, char *name, char *validation)
130
unsigned long encrypt_pad[8], sec_blk[8];
134
#if defined(WORDS_BIGENDIAN)&&!defined(ARJUTIL)
136
encrypt_pad[i]=mget_dword(validation+(i<<2));
138
memcpy(encrypt_pad, validation, 32);
140
arjsec_newblock(sec_blk+4);
141
for(i=0; key1[i]!='\0'; i++)
142
arjsec_crcterm(sec_blk+4, (unsigned char)toupper(key1[i]));
143
arjsec_invert(sec_blk+4);
144
arjsec_newblock(sec_blk);
145
for(i=0; key2[i]!='\0'; i++)
146
arjsec_crcterm(sec_blk, (unsigned char)toupper(key2[i]));
148
for(i=0; name[i]!='\0'; i++)
152
arjsec_crcterm(sec_blk, c);
155
arjsec_invert(sec_blk);
156
arjsec_term(sec_blk+4, encrypt_pad, ARJSEC_ITER);
158
if(encrypt_pad[0]!=sec_blk[0])
160
if(encrypt_pad[1]!=sec_blk[1])
162
if(encrypt_pad[2]!=sec_blk[2])
164
if(encrypt_pad[3]!=sec_blk[3])
166
arjsec_invert(sec_blk);
167
if((sec_blk[0]^sec_blk[4])!=encrypt_pad[4])
169
if((sec_blk[1]^sec_blk[5])!=encrypt_pad[5])
171
if((sec_blk[2]^sec_blk[6])!=encrypt_pad[6])
173
if((sec_blk[3]^sec_blk[7])!=encrypt_pad[7])