From d8a3e9880303be01f51e6f7274b2885b10cb1576 Mon Sep 17 00:00:00 2001
From: Neale Pickett <neale@lanl.gov>
Date: Thu, 17 Mar 2011 17:11:53 -0600
Subject: [PATCH] Add TEA back in.

---
 packages/pwnables/src/arc4.c     | 49 -----------------
 packages/pwnables/src/ltraceme.c | 60 ---------------------
 packages/pwnables/src/token.c    |  1 -
 packages/pwnables/src/token.h    |  1 -
 src/Makefile                     |  2 +
 src/tea.c                        | 93 ++++++++++++++++++++++++++++++++
 src/xxtea.c                      | 52 ++++++++++++++++++
 src/xxtea.h                      |  9 ++++
 8 files changed, 156 insertions(+), 111 deletions(-)
 delete mode 100644 packages/pwnables/src/arc4.c
 delete mode 100644 packages/pwnables/src/ltraceme.c
 delete mode 120000 packages/pwnables/src/token.c
 delete mode 120000 packages/pwnables/src/token.h
 create mode 100644 src/tea.c
 create mode 100644 src/xxtea.c
 create mode 100644 src/xxtea.h

diff --git a/packages/pwnables/src/arc4.c b/packages/pwnables/src/arc4.c
deleted file mode 100644
index f1a0dd0..0000000
--- a/packages/pwnables/src/arc4.c
+++ /dev/null
@@ -1,49 +0,0 @@
-#include <stdint.h>
-#include <stdio.h>
-#include <sysexits.h>
-#include "arc4.h"
-
-int
-main(int argc, char *argv[])
-{
-  struct arc4_ctx ctx;
-
-  /* Read key and initialize context */
-  {
-    uint8_t  key[256];
-    size_t   keylen = 0;
-    FILE    *f;
-
-    if (argc == 2) {
-      if (! (f = fopen(argv[1], "r"))) {
-        perror(argv[0]);
-      }
-    } else {
-      f = fdopen(3, "r");
-    }
-
-    if (f) {
-      keylen = fread(key, 1, sizeof(key), f);
-      fclose(f);
-    }
-
-    if (0 == keylen) {
-      fprintf(stderr, "Usage: %s [KEYFILE] <PLAINTEXT\n", argv[0]);
-      fprintf(stderr, "\n");
-      fprintf(stderr, "You can also pass in the key on fd 3; omit\n");
-      fprintf(stderr, "KEYFILE in this case.\n");
-      return EX_IOERR;
-    }
-    arc4_init(&ctx, key, (size_t)keylen);
-  }
-
-  /* Encrypt */
-  while (1) {
-    int c = getchar();
-
-    if (EOF == c) break;
-    putchar(c ^ arc4_pad(&ctx));
-  }
-
-  return 0;
-}
diff --git a/packages/pwnables/src/ltraceme.c b/packages/pwnables/src/ltraceme.c
deleted file mode 100644
index 359a211..0000000
--- a/packages/pwnables/src/ltraceme.c
+++ /dev/null
@@ -1,60 +0,0 @@
-#include <stdio.h>
-#include <time.h>
-#include <stdint.h>
-#include <string.h>
-#include "token.h"
-
-/* This hopefully requires an LD_PRELOAD */
-
-uint8_t const key[] = {0x94, 0xf2, 0x92, 0x45,
-                       0x12, 0x44, 0x80, 0xe1,
-                       0x95, 0x64, 0xcd, 0xe4,
-                       0xff, 0x0a, 0x00, 0x10};
-
-int
-main(int argc, char *argv[])
-{
-  char   token[200];
-  size_t tokenlen;
-
-  /* Do some bullshit.  Override with:
-   *
-   * void strcmp(char *a, char *b)
-   * {
-   *   return 0;
-   * }
-   */
-  {
-    FILE         *f = fopen("/dev/urandom", "r");
-    unsigned int  seed;
-    char          seed_str[50];
-
-    printf("Checking credentials...\n");
-    fread(&seed, sizeof(seed), 1, f);
-    sprintf(seed_str, "%d", seed);
-    if ((argc != 2) || strcmp(seed_str, argv[1])) {
-      printf("Ah ah ah!  You didn't say the magic word!\n");
-      return 1;
-    }
-  }
-
-  tokenlen = read_token("ltraceme",
-                        key, sizeof(key),
-                        token, sizeof(token) - 1);
-  if (-1 == tokenlen) {
-    write(1, "Something is broken\nI can't read my token.\n", 43);
-    return 1;
-  }
-  token[tokenlen++] = '\0';
-
-  /* You could override this with:
-   *
-   * void printf(char *fmt, size_t len, char *buf)
-   * {
-   *   if (fmt[0] == 'T') write(1, buf, len);
-   * }
-   */
-  printf("Token length %u at %p.\n", (unsigned int)tokenlen, token);
-
-  return 0;
-}
diff --git a/packages/pwnables/src/token.c b/packages/pwnables/src/token.c
deleted file mode 120000
index f0a9dcd..0000000
--- a/packages/pwnables/src/token.c
+++ /dev/null
@@ -1 +0,0 @@
-../../../include/token.c
\ No newline at end of file
diff --git a/packages/pwnables/src/token.h b/packages/pwnables/src/token.h
deleted file mode 120000
index 21e62e4..0000000
--- a/packages/pwnables/src/token.h
+++ /dev/null
@@ -1 +0,0 @@
-../../../include/token.h
\ No newline at end of file
diff --git a/src/Makefile b/src/Makefile
index da8b6ec..9a5cc26 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -4,5 +4,7 @@ all: $(TARGETS)
 
 arc4: CFLAGS=-DARC4_MAIN
 
+tea: tea.o xxtea.o
+
 clean:
 	rm -f *.o $(TARGETS)
\ No newline at end of file
diff --git a/src/tea.c b/src/tea.c
new file mode 100644
index 0000000..da706ef
--- /dev/null
+++ b/src/tea.c
@@ -0,0 +1,93 @@
+#include <stdio.h>
+#include <unistd.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sysexits.h>
+#include "xxtea.h"
+
+#define DUMPf(fmt, args...) fprintf(stderr, "%s:%s:%d " fmt "\n", __FILE__, __FUNCTION__, __LINE__, ##args)
+#define DUMP() DUMPf("")
+#define DUMP_d(v) DUMPf("%s = %d", #v, v)
+#define DUMP_x(v) DUMPf("%s = 0x%x", #v, v)
+#define DUMP_s(v) DUMPf("%s = %s", #v, v)
+#define DUMP_c(v) DUMPf("%s = '%c' (0x%02x)", #v, v, v)
+#define DUMP_p(v) DUMPf("%s = %p", #v, v)
+
+#define min(a,b) (((a)<(b))?(a):(b))
+
+int
+usage(const char *prog)
+{
+  fprintf(stderr, "Usage: %s [-e] <PLAINTEXT\n", prog);
+  fprintf(stderr, "\n");
+  fprintf(stderr, "You must pass in a key on fd 3 or in the environment variable KEY.\n");
+  return EX_USAGE;
+}
+
+int
+main(int argc, char *argv[])
+{
+  uint8_t *buf     = NULL;
+  size_t   len     = 0;
+  uint32_t key[4] = {0};
+
+  {
+    char *ekey = getenv("KEY");
+
+    if (ekey) {
+      memcpy(key, ekey, min(strlen(ekey), sizeof(key)));
+    } else {
+      read(3, key, sizeof(key));
+    }
+  }
+
+  while (1) {
+    size_t pos = len;
+    ssize_t nret;
+
+    buf = realloc(buf, len + 4096);
+    if (! buf) {
+      perror("realloc");
+      return EX_OSERR;
+    }
+
+    nret = read(0, buf + pos, 4096);
+    if (0 == nret) break;
+    if (-1 == nret) {
+      perror("read");
+      return EX_OSERR;
+    }
+
+    len = pos + nret;
+  }
+
+  if (argv[1] && (0 == strcmp(argv[1], "-e"))) {
+    if (0 == buf[len-1]) {
+      fprintf(stderr, "I can't cope with trailing NULs.\n");
+      return 1;
+    }
+
+    /* Pad out with NUL */
+    while (len % 4 > 0) {
+      buf[len++] = 0;
+    }
+
+    tea_encode(key, (uint32_t *)buf, len/4);
+  } else {
+    if (len % 4) {
+      fprintf(stderr, "Incorrect padding.\n");
+      return 1;
+    }
+    tea_decode(key, (uint32_t *)buf, len/4);
+
+    /* Remove padding.  If your input had trailing NULs, you shouldn't
+       use this. */
+    while (0 == buf[len-1]) {
+      len -= 1;
+    }
+  }
+  write(1, buf, len);
+
+  return 0;
+}
diff --git a/src/xxtea.c b/src/xxtea.c
new file mode 100644
index 0000000..c70624a
--- /dev/null
+++ b/src/xxtea.c
@@ -0,0 +1,52 @@
+#include <stdint.h>
+#include <stddef.h>
+#include "xxtea.h"
+
+#define DELTA 0x9e3779b9
+#define MX ((z>>5^y<<2) + (y>>3^z<<4)) ^ ((sum^y) + (k[(p&3)^e] ^ z));
+
+void
+btea(uint32_t *v, int n, uint32_t const k[4])
+{
+  uint32_t y, z, sum;
+  unsigned p, rounds, e;
+
+  if (n > 1) {          /* Coding Part */
+    rounds = 6 + 52/n;
+    sum = 0;
+    z = v[n-1];
+    do {
+      sum += DELTA;
+      e = (sum >> 2) & 3;
+      for (p=0; p<n-1; p++)
+        y = v[p+1], z = v[p] += MX;
+      y = v[0];
+      z = v[n-1] += MX;
+    } while (--rounds);
+  } else if (n < -1) {  /* Decoding Part */
+    n = -n;
+    rounds = 6 + 52/n;
+    sum = rounds*DELTA;
+    y = v[0];
+    do {
+      e = (sum >> 2) & 3;
+      for (p=n-1; p>0; p--)
+        z = v[p-1], y = v[p] -= MX;
+      z = v[n-1];
+      y = v[0] -= MX;
+    } while ((sum -= DELTA) != 0);
+  }
+}
+
+void
+tea_encode(uint32_t const key[4], uint32_t *buf, size_t buflen)
+{
+  btea(buf, buflen, key);
+}
+
+void
+tea_decode(uint32_t const key[4], uint32_t *buf, size_t buflen)
+{
+  btea(buf, -buflen, key);
+}
+
diff --git a/src/xxtea.h b/src/xxtea.h
new file mode 100644
index 0000000..a9c207c
--- /dev/null
+++ b/src/xxtea.h
@@ -0,0 +1,9 @@
+#ifndef __XXTEA_H__
+#define __XXTEA_H__
+
+#include <stdint.h>
+
+void tea_encode(uint32_t const key[4], uint32_t *buf, size_t buflen);
+void tea_decode(uint32_t const key[4], uint32_t *buf, size_t buflen);
+
+#endif