} i
`
`f (strcmp(pword,pw)!=O)
`fprintf(stderr,
`
`{
`
`"Keys don't match; drink some coffee and try again\n");
`exit(l);
`
`} e
`
`lse {
`
`/* just accept key from stdio */
`
`if (fgets(pword,256,stdin) == NULL)
`perror("cmkdir");
`exit(l);
`
`{
`
`} p
`
`w=pword;
`
`pw[255]='\0';
`
`n=strlen(pw);
`
`if ((n>O) && (pw[n—l] == '\n'))
`
`PW[n-1]
`
`=
`
`'\0';
`
`} i
`
`f (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pword,smsize);
`
`k.cipher=ciph;
`
`if (cfmt==O)
`
`{
`
`{
`if (old_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InValid key\n");
`exit(l);
`
`}
`
`} else {
`/* this is very ugly and will be replaced but it works */
`
`{
`if (new_pwcrunch(pw,&k !=O)
`fprintf(stderr,"InValid key\n");
`exit(l);
`
`} /
`
`* now we xor in some truerand bytes for good measure */
`
`bcopy(&k,ekey,32);
`
`/* assumes key material < 32 bytes */
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 148
`
`{
`i++)
`i<32;
`for (i=0;
`ekey[i]
`“= randbyte();
`
`} e
`
`ncrypt_key(&k,ekey);
`bcopy(ekey,ekl,32);
`
`decrypt_key(&k,ekl);
`/* new &k is our real key */
`
`} i
`
`f (mkdir(argV[O],O777)<O)
`perror("cmkdir");
`exit(l);
`
`{
`
`} s
`
`printf(pat ,"%s/...",argv[O]);
`
`strcpy(str."qua!");
`/* now randomize the end of str.. */
`r = trand32();
`
`for (i=0;
`
`i<4;
`
`i++)
`
`str[i+4]=(r<<(i*8))&O377;
`
`copykey(&k,&kt);
`
`cipher(&kt,str,O);
`
`“‘aSk—"iPher “‘kt' 5”’ 1’ ’
`cipher(&kt,str,O);
`EXNbHD
`
`
`
`f (strcmp(pword,pw)!=O)
`fprintf(stderr,
`
`{
`
`"Keys don't match; drink some coffee and try again\n");
`exit(l);
`
`} e
`
`lse {
`
`/* just accept key from stdio */
`
`if (fgets(pword,256,stdin) == NULL)
`perror("cmkdir");
`exit(l);
`
`{
`
`} p
`
`w=pword;
`
`pw[255]='\0';
`
`n=strlen(pw);
`
`if ((n>O) && (pw[n—l] == '\n'))
`
`PW[n-1]
`
`=
`
`'\0';
`
`} i
`
`f (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pword,smsize);
`
`k.cipher=ciph;
`
`if (cfmt==O)
`
`{
`
`{
`if (old_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InValid key\n");
`exit(l);
`
`}
`
`} else {
`/* this is very ugly and will be replaced but it works */
`
`{
`if (new_pwcrunch(pw,&k !=O)
`fprintf(stderr,"InValid key\n");
`exit(l);
`
`} /
`
`* now we xor in some truerand bytes for good measure */
`
`bcopy(&k,ekey,32);
`
`/* assumes key material < 32 bytes */
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 148
`
`{
`i++)
`i<32;
`for (i=0;
`ekey[i]
`“= randbyte();
`
`} e
`
`ncrypt_key(&k,ekey);
`bcopy(ekey,ekl,32);
`
`decrypt_key(&k,ekl);
`/* new &k is our real key */
`
`} i
`
`f (mkdir(argV[O],O777)<O)
`perror("cmkdir");
`exit(l);
`
`{
`
`} s
`
`printf(pat ,"%s/...",argv[O]);
`
`strcpy(str."qua!");
`/* now randomize the end of str.. */
`r = trand32();
`
`for (i=0;
`
`i<4;
`
`i++)
`
`str[i+4]=(r<<(i*8))&O377;
`
`copykey(&k,&kt);
`
`cipher(&kt,str,O);
`
`“‘aSk—"iPher “‘kt' 5”’ 1’ ’
`cipher(&kt,str,O);
`EXNbHD
`
`
`
`{
`
`{
`
`{
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`write(str,8,l,fp);
`
`fc1ose(fp);
`
`sprintf(path,"%s/..c",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`printf(fp,"%d",k.cipher);
`
`fc1ose(fp);
`
`sprintf(path,"%s/..s",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`printf(fp,"%d\n",smsize);
`
`fc1ose(fp);
`
`{
`if (cfmt)
`sprintf(path,"%s/..k",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`{
`
`} f
`
`write(ekey,32,l,fp);
`
`fc1ose(fp);
`
`} e
`
`xit(O);
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 149
`
`
`
`cname. 8
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 150
`
`
`
`.TH CNAME 8 ""
`
`.SH NAME
`cname
`
`.SH SYNOPSIS
`
`.B cname
`
`[
`
`\-\fB3bms\fP ]
`
`\—\fBv\fP ]
`[
`.SH DESCRIPTION
`
`\fBcname\fP prompts for a passphrase and reads,
`
`from standard input, a
`
`list of CFS encrypted file names (e.g., "5lO5lf97e3l6l3b7").
`
`It
`
`produces, on standard output, a corresponding list of cleartext names.
`
`By default, names are decrypted using standard 2—key hybrid mode
`
`single—DES.
`
`The \-\fB3\fP option specifies 2—key hybrid mode triple
`
`DES.
`
`\-\fBm\fP specifies 1-key hybrid MacGuffin.
`
`\-\fBs\fP specifies
`
`SAFER-SKl28.
`the output.
`.LP
`
`The \—\fBv\fP option includes the ciphertext names in
`
`All names must be specified one per input line, as individual path
`
`components (full path names are not accepted).
`
`If a name cannot be
`
`decrypted to printable characters, "???" is printed in its place.
`
`This is the only way to detect an incorrect passphrase.
`.LP
`
`\fBcname\fP is intended to assist in making sense of CFS directories
`
`when no CFS daemon is available.
`from backups.
`.SH SEE ALSO
`
`ccat(8)
`.SH BUGS
`
`It is also useful
`
`in locating files
`
`Does not work with new format
`.LP
`
`(1.3 and later) directories.
`
`The program is easily confused by slightly wrong input.
`
`It would be
`
`better if it could transparently translate the output from other
`
`programs such as ls(l),
`.SH AUTHOR
`
`tar(l) and dump(8).
`
`Matt Blaze; for information on cfs, email to cfs@research.att.com.
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 151
`
`
`
`cname . C
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 152
`
`
`
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1992, 1994 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`
`* This software is subject to United States export controls.
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`* cfs cname — 1.3
`
`*/
`#include <stdio.h>
`
`#include <rpc/rpc.h>
`
`#include <sys/time.h>
`
`#include <ctype.h>
`
`#include "nfsproto.h"
`
`#include "admproto.h"
`#include "cfs.h"
`
`/* following are never used — just so i can re—use the library */
`int validhost;
`
`char zerovect[]={o,o,o,o,o,o,o,o,o};
`int cursecs=O;
`
`char *gets();
`
`main(argc,argv)
`
`int argc;
`
`char **argv;
`
`char *pw;
`
`char pword[256];
`
`char *getpassword();
`
`cfs_admkey k;
`cfskey kt;
`
`char *flg;
`char estr[lO24];
`
`char *cstr;
`
`int i;
`
`int ciph=CFS_THREE_DES;
`int verb=O;
`
`fprintf(stderr,"WARNING: cname works only on old format CFS dirs\n");
`
`while (--argc && (**++argv == '—'))
`for (flg= ++*argv; *flg; ++flg)
`
`{
`
`switch (*flg)
`case ‘V’:
`
`{
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 153
`
`
`
`#ifdef NOTDEF
`
`#endif
`
`Verb++;
`
`break;
`case '1':
`
`Ciph=CFS_STD_DES;
`break;
`case '3':
`
`Ciph=CFS_THREE_DES;
`break;
`
`case 'b':
`
`C iph=CFS_BLOWFI SH ;
`break;
`
`case 'm':
`
`ciph=CFS_MACGUFFIN;
`break;
`case 's':
`
`Ciph=CFS_SAFER_SKl28;
`break;
`default:
`
`fprintf(stderr,"usage: cname [—3bmsv]\n");
`exit(1);
`
`} i
`
`} i
`
`{
`f (argc!=O)
`fprintf(stderr,"Usage: cname [—l3bmsv]\n");
`exit(l);
`
`{
`f ((pw=getpassword("Key:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(l);
`
`} s
`
`trcpy(pword,pw);
`
`k.cipher=ciph;
`
`{
`if (o1d_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InVa1id key\n");
`exit(l);
`
`} c
`
`opykey(&k,&kt);
`kt.smsize=LARGESMSIZE;
`
`if (((kt.primask=(char*) ma11oc(kt.smsize)) == NULL)
`
`((kt.secmask=(char*) ma11oc(kt.smsize)) == NULL))
`||
`fprintf(stderr,"No memory\n");
`exit(2);
`
`{
`
`} g
`
`enmasks(&kt);
`
`while (fgets(estr, sizeof(estr), stdin)
`if (estr[str1en(estr)-1] == '\n')
`
`!= NULL)
`
`{
`
`estr[str1en(estr)—l] =
`
`'\O';
`
`cstr=decryptname(&kt,estr);
`if (verb)
`
`printf("%s —> ",estr);
`
`if ((cstr!=NULL) && printab1e(cstr))
`
`puts(cstr);
`
`else
`
`puts("???");
`EXNDHD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 154
`
`
`
`} i
`
`{
`
`}
`
`nt printab1e(s)
`char *s;
`
`while (*s)
`
`if (!isprint(*s++))
`return 0;
`
`return 1;
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 155
`
`
`
`cpasswd. 1
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 156
`
`
`
`.TH CPASSWD l ""
`
`.SH NAME
`
`cpasswd — change passphrase on cfs directory
`.SH SYNOPSIS
`
`.B cpasswd
`
`\fIdirectory\fP
`.SH DESCRIPTION
`
`\fBcpasswd\fP changes the passphrase associated with a
`
`Cryptographic File System (CFS) directory.
`
`\fBcpasswd\fP prompts for
`
`the old passphrase, and, if it is correct, a new passphrase, which
`
`must be entered twice. Passphrases must contain at least a minimum
`
`number of characters (currently 16).
`.LP
`
`Only new format
`
`(CFS 1.3 or later) directories can have their
`
`passphrases changed.
`.SH FILES
`
`.TP
`
`\fIdirectory\fP/...
`
`known—plaintext hash of the assigned keys.
`.TP
`
`\fIdirectory\fP/..c
`
`identifies the cipher algorithm.
`.TP
`
`\fIdirectory\fP/..k
`encrypted key file
`.SH SEE ALSO
`
`cfsd(8), cattach(l), cmkdir(l)
`.SH BUGS
`
`One passphrase per encrypted directory;
`
`there is no provision (yet)
`
`for individual users‘ passphrases.
`.SH AUTHOR
`
`Matt Blaze; for information on cfs, email to cfs@research.att.com.
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 157
`
`
`
`cpasswd.c
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 158
`
`
`
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1995 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`
`* This software is subject to United States export controls.
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`* client cfs cpasswd — 1.3
`*/
`#include <stdio.h>
`
`#include <rpc/rpc.h>
`
`#include <sys/time.h>
`
`#include "nfsproto.h"
`
`#include "admproto.h"
`#include "cfs.h"
`
`#include "shs.h"
`
`main(argc,argv)
`
`int argc;
`
`char **argv;
`
`char *pw;
`
`char pword[256];
`char buf[lO24];
`
`char *getpassword();
`
`cfs_admkey oldkey;
`
`cfs_admkey newkey;
`cfskey kt;
`
`char path[l024];
`
`char kpath[l024];
`
`char opath[lO24];
`char cname[1024];
`
`char kname[lO24];
`
`char sname[1024];
`
`char dir[lO24];
`
`int smsize;
`
`FILE *fp;
`
`char *flg;
`
`int ciph=CFS_STD_DES;
`int cfmt=1;
`
`unsigned char ekey[l28];
`
`while (--argc && (**++argv == '—'))
`
`{
`
`f°"'
`
`‘£19: ***ar9"’ *f19’ **f19’
`switch (*flg)
`{
`EXNbflD
`
`Petitioner Oracle-Apple-Exhibit1010-Page159
`
`
`
`default:
`
`fprintf(stderr,"usage: cpasswd dir\n");
`exit(1);
`
`} i
`
`} i
`
`{
`f (argc!=l)
`fprintf(stderr,"Usage: cpasswd dir\n");
`exit(1);
`
`f (*argV[O]!='/')
`
`{
`
`{
`if (getcwd(buf,lO24) == NULL)
`fprintf(stderr,"Can't stat current directory\n");
`exit(1);
`
`} s
`
`printf(dir,"%s/%s",buf,argv[O]);
`
`} else
`strcpy(dir,argv[O]);
`
`if (chdir(dir)<O)
`perror(dir);
`exit(l);
`
`{
`
`sprintf(cname,"%s/..c",dir);
`
`sprintf(kname,"%s/..k",dir);
`
`sprintf(sname,"%s/..s",dir);
`
`{
`if ((fp=fopen(cname,"r")) == NULL)
`fprintf(stderr,"Can only change passphrase on new format CFS directories\n");
`exit(1);
`
`} else {
`fscanf(fp,"%d",&ciph);
`
`fc1ose(fp);
`
`} i
`
`f (((fp=fopen(kname,"r")) == NULL)
`perror(dir);
`
`||
`
`(fread(ekey,l,32,fp)<l6)) {
`
`fprintf(stderr,"Can only change passphrase on new format CFS directories\n");
`exit(1);
`
`} f
`
`c1ose(fp);
`
`if ((fp=fopen(sname,"r")) == NULL)
`smsize=LARGESMSIZE;
`
`{
`
`} else {
`if (fscanf(fp,"%d",&smsize)
`smsize=LARGESMSIZE;
`
`!= 1)
`
`fc1ose(fp);
`
`if ((smsize < CFSBLOCK)
`smsize=LARGESMSIZE;
`
`||
`
`(smsize >
`
`(LARGESMSIZE*2)))
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 160
`
`oldkey.cipher=ciph;
`
`if ((pw=getpassword("Old passphrase:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(1);
`
`{
`
`} i
`
`f (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pw.smsize);
`
`if (new_pwcrunch(pw,&o1dkey)!=O)
`EXNbHD
`
`{
`
`
`
`fprintf(stderr,"Invalid key\n");
`exit(l);
`
`} d
`
`ecrypt_key(&oldkey,ekey);
`
`{
`if (!checkkey(dir,&oldkey))
`fprintf(stderr,"Incorrect passphrase\n");
`exit(l);
`
`newkey.cipher=ciph;
`
`if ((pw=getpassword("New passphrase:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(l);
`
`{
`
`} s
`
`trcpy(pword,pw);
`
`{
`if (strlen(pw)<l6)
`fprintf(stderr,"Key must be at least 16 chars.\n");
`exit(l);
`
`if ((pw=getpassword("Again:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(l);
`
`{
`
`if (strcmp(pword,pw)!=O)
`fprintf(stderr,
`
`{
`
`"Keys don't match; drink some coffee and try again\n");
`exit(l);
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 161
`
`if (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pw.smsize);
`
`{
`if (new_pwcrunch(pw,&newkey)!=O)
`fprintf(stderr,"InValid key\n");
`exit(l);
`
`} e
`
`ncrypt_key(&newkey,ekey);
`sprintf(pat ,"%s/..n",dir);
`
`sprintf(opath,"%s/..o",dir);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(l);
`
`{
`
`} i
`
`{
`!= 32)
`f (fwrite(ekey.l.32.fp)
`perror("can't create new key file");
`exit(l);
`
`} f
`
`close(fp);
`
`sprintf(kpat ,"%s/..k",dir);
`
`/* do this in 3 phases, ultra paranoid */
`
`{
`< O)
`if (rename(kpath,opath)
`perror("can't rename old key file");
`exit(l);
`
`} i
`
`{
`< O)
`f (rename(path,kpath)
`perror("can't link new key file");
`
`exit (1) ’
`
`EXNbflD
`
`
`
`if (un1ink(opath)<O)
`
`perror("warning: old key file not removed");
`exit(O);
`
`checkkey(path,ak)
`
`char *path;
`
`cfs_admkey *ak;
`
`FILE *fp;
`char fn[lO24];
`
`char buf[9];
`
`cfskey k;
`
`copykey(ak,&k);
`
`sprintf(fn,"%s/...",path);
`
`if ((fp=fopen(fn,"r"))==NULL)
`return 0;
`
`if (fread(buf.8.l.fp)!=1) {
`fclose (fp);
`return 0;
`
`} f
`
`close (fp);
`
`cipher(&k,buf,l);
`
`/* note order here */
`
`mask_cipher(&k,buf,O);
`cipher(&k,buf,l);
`
`/* note order here */
`
`if (bcmp(buf,"qua!",4)!=O)
`return 0;
`
`return 1;
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 162
`
`
`
`dhpaIams.c
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 163
`
`
`
`#inc1ude "g1oba1.h"
`#inc1ude "rsaref.h"
`
`static unsigned char pO[]
`0x34,
`Oxa6,
`Ox8C,
`Oxfl,
`
`Ox5f,
`
`Ox2f,
`0x91,
`
`Ox9d,
`0x80,
`
`Oxaa,
`
`0x42,
`
`0x47,
`
`Ox6e,
`
`0x01,
`
`0x90,
`
`={
`OxfO,
`0x13,
`
`Oxb2,
`0x90,
`
`Oxaf,
`
`Oxdc,
`0x93,
`
`0x64,
`
`Ox4b,
`0x50,
`
`0x89,
`
`Oxf5,
`Oxe5,
`
`Oxcf,
`0x26,
`
`0x89,
`
`Oxd2,
`Ox3a,
`
`Oxed,
`
`Ox6f,
`0x74,
`
`OxOd,
`Ox8a,
`
`0x92,
`
`0x70,
`
`Ox5a,
`
`0x43,
`
`0x93,
`
`Oxaf,
`0x26,
`
`Oxcd,
`0x74,
`
`0x14,
`
`Oxe3,
`
`Ox4f,
`0x97,
`
`Ox9a,
`
`0x29,
`
`0x36,
`
`OxOd,
`
`0x91,
`
`Oxab,
`Oxe2,
`
`Ox3a,
`
`Oxb8,
`0x22,
`
`Ox5a,
`
`Oxb9,
`
`Oxa9};
`static unsigned char gO[]
`0x31,
`OXC3,
`0x07,
`0x01,
`
`0x03,
`
`0x71,
`
`Oxf6,
`Ox2C,
`
`Ox6a,
`
`Oxa8,
`
`={
`Oxda,
`
`Oxaf,
`0x25,
`
`0x60,
`
`OxOf,
`Ox5e,
`
`Ox8b,
`0x51,
`
`0x35,
`
`OxC9,
`
`Oxb8,
`
`0x83,
`
`Oxe8,
`
`0x52,
`
`Ox4b,
`
`Oxe7,
`
`0x81,
`
`Ox4d,
`0x79,
`
`Oxf6,
`
`0x13,
`
`Oxf7,
`0x76,
`
`OxC6,
`
`Oxeb,
`0x20,
`
`OxOf,
`
`OxOf,
`
`Oxf4,
`0x29,
`
`Ox2b,
`Oxca,
`
`Ox6e,
`
`Oxe5,
`
`Oxld,
`0x66,
`
`Oxf5,
`Oxe4,
`
`Oxa8,
`
`Ox8a,
`
`Oxal,
`
`Ox9a,
`
`0x51,
`
`0x95,
`
`0x62,
`
`0x31,
`
`Ox4d,
`0x13,
`
`Oxd7,
`0x69,
`
`0x72,
`
`0x41,
`
`0x06,
`
`Oxbd};
`static unsigned char pl[]
`Oxa8,
`0x02,
`0x46,
`Oxf3,
`0x86,
`
`0x42,
`
`OxOa,
`
`Oxca,
`
`={
`0x47,
`
`Oxel,
`
`Oxe6,
`
`Ox4e,
`
`0x95,
`
`Oxa9,
`
`0x53,
`
`Oxad,
`
`Oxd2,
`0x20,
`
`Oxad,
`0x88,
`
`0x90,
`
`0x39,
`
`0x35,
`
`0x27,
`
`Oxcl,
`
`Oxd2,
`
`Ox9a,
`
`0x07,
`
`Oxcl,
`
`Oxde,
`0x50,
`
`0x04,
`
`Oxae,
`
`Oxac,
`
`0x57,
`
`Oxb9,
`OxC8,
`
`Oxe4,
`
`Oxd2,
`0x66,
`
`Ox3f,
`Oxe8,
`
`0x81,
`
`OXC4,
`
`Ox5d,
`Oxea,
`
`Oxb2,
`0x20,
`
`Ox7d,
`
`Oxdf,
`0x33,
`
`Oxdd,
`Ox2C,
`
`0x34,
`
`Ox5f,
`0x47,
`
`0x67,
`
`0x36,
`
`Oxb8,
`Oxcl,
`
`Oxe3,
`
`0x81,
`
`Ox7b,
`0x86,
`
`Oxf7,
`
`Oxdd,
`
`OxOb,
`Oxe6,
`
`Ox8f,
`Ox7C,
`
`0x81,
`
`Oxde,
`
`0x86,
`
`0x06,
`
`0x71,
`
`0x42,
`
`Ox9d,
`Ox4a,
`
`0x04,
`
`0x87,
`
`0x18,
`
`0x87,
`
`0x62,
`
`0x19,
`
`OxbO,
`Oxea,
`
`Oxa2,
`
`Oxa7,
`
`Ox2e,
`
`Ox2C,
`
`Oxlb,
`Oxca,
`
`0x25,
`
`Oxb3,
`
`Oxel,
`
`static unsigned char gl[]
`0x80,
`Oxa6,
`Ox6e,
`Oxbb,
`0x34,
`
`0x99,
`
`Ox4e,
`
`={
`0x14,
`
`0x99,
`
`Oxdb,
`0x37,
`
`Ox9b,
`0x29,
`
`0x42,
`
`0x93,
`
`0x73,
`
`0x02,
`
`Oxlb,
`0x16,
`
`OxdO,
`0x86,
`
`Ox8e,
`
`0x90,
`
`0x77,
`
`0x03,
`
`0x06,
`
`0x51,
`
`0x90,
`
`0x01,
`
`Ox3d};
`
`Ox6f,
`
`Oxde,
`0x05,
`
`0x75,
`
`0x21,
`
`Oxd3,
`0x76,
`
`Ox8e,
`
`Oxe3,
`
`Oxcd,
`0x34,
`
`Oxlf,
`
`Oxlf,
`0x48,
`
`Ox8b,
`0x55,
`
`0x04,
`
`Ox5f,
`OxaO,
`
`Oxlb,
`0x23,
`
`0x03,
`
`0x47,
`
`Ox8f,
`
`Oxea,
`
`0x04,
`
`0x34,
`Ox3b,
`EXNbflD
`
`Oxdl,
`
`Ox4d,
`Oxlc,
`
`Oxfl,
`0x86,
`
`0x16,
`
`0x68,
`
`Oxel,
`
`0x41,
`
`Oxf7,
`0x42,
`
`Oxe4,
`
`Ox4a,
`
`0x08,
`
`Oxef,
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 164
`
`
`
`0x55,
`
`0x54,
`
`0x52,
`
`Oxa6,
`
`0x91,
`
`0x96,
`
`Oxd8,
`0x66,
`
`Oxcd,
`0x14,
`
`0x54,
`
`0x09,
`
`Oxa8,
`
`Oxa2,
`
`0x41,
`
`Oxlf,
`
`Oxe6,
`
`0x27,
`
`Oxf3,
`
`Oxfd,
`
`Oxd3,
`
`Oxe3};
`
`static unsigned char p2[]
`0x18,
`0x25,
`Oxfa,
`Oxad,
`0x22,
`0x00,
`
`Oxle,
`
`Ox5e,
`
`0x80,
`
`Ox2C,
`
`0x42,
`
`0x22,
`
`Oxb3,
`0x64,
`
`Oxa2,
`
`0x09,
`
`0x30,
`
`Oxf9,
`
`Oxfd,
`0x52,
`
`Oxdl,
`Ox5e,
`
`={
`0x10,
`
`Oxb7,
`0x74,
`
`Oxlb,
`0x89,
`
`OxOa,
`
`Ox5e,
`
`OxfO,
`Ox2C,
`
`Oxll,
`
`Oxbf,
`Oxle,
`
`0x70,
`
`Oxfl,
`Ox3a,
`
`Oxfd,
`
`0x11,
`
`Ox6b,
`0x26,
`
`Ox9d,
`0x96,
`
`0x53,
`
`0x77,
`
`0x37,
`
`Ox2f,
`
`Ox3C,
`
`OXCC,
`
`0x28,
`
`Ox5e,
`
`0x89,
`
`0x42,
`
`Oxfd,
`Oxal,
`
`Oxf6,
`
`0x80,
`
`Ox3d,
`0x19,
`
`OxfO,
`0x74,
`
`0x04,
`
`Ox8f,
`
`Ox7b,
`0x80,
`
`0x37,
`
`Oxa9,
`
`0x59,
`
`OxC5,
`
`0x40,
`
`0x68,
`
`Oxea,
`
`0x29,
`
`Oxe7,
`
`0x47,
`
`OxOa,
`
`0x22,
`
`Oxbe,
`Oxcl,
`
`OxOf,
`0x80,
`
`0x87,
`
`0x51,
`
`Oxb6,
`0x32,
`
`0x96,
`
`Ox3b,
`Ox4a,
`
`Oxbe,
`
`OxdO,
`0x37,
`
`0x43,
`
`Ox6b,
`0x00,
`
`Oxde,
`Oxe2,
`
`Oxa7,
`
`OXC4,
`
`OXC9,
`
`0x89,
`
`0x93,
`
`0x33,
`
`0x42,
`
`Oxdf,
`
`0x34,
`
`Oxac,
`
`0x61,
`
`Oxb2,
`Oxae,
`
`Oxaf,
`0x64,
`
`Oxd3,
`0x92,
`
`Ox5a,
`
`Oxc7,
`
`Oxf2,
`0x36,
`
`Oxb9,
`
`Oxd8,
`0x74,
`
`0x84,
`
`0x26,
`
`0x74,
`
`OxbO,
`
`Oxd8,
`
`Ox8f,
`
`Oxlb,
`
`Ox6d,
`
`Ox3b,
`
`0x79};
`static unsigned char g2[]
`0x62,
`OxeO,
`Oxa7,
`Ox2a,
`
`Ox5e,
`
`Oxb7,
`
`0x12,
`
`Ox8d,
`
`Ox6d,
`OXCC,
`
`Oxf6,
`
`Oxfl,
`
`Ox2d,
`
`OxOf,
`OxC6,
`
`Oxf5,
`0x59,
`
`Oxld,
`OXC4,
`
`0x90,
`
`0x67,
`
`0x83,
`
`Oxfd,
`
`Ox8d,
`
`OxbO,
`Ox3C,
`
`Oxb3,
`Oxce,
`
`={
`Oxf4,
`0x80,
`
`Oxd3,
`0x38,
`
`Ox9e,
`
`Oxd9,
`
`Oxb3,
`Oxa3,
`
`0x75,
`
`0x24,
`
`Oxe3,
`
`Oxec,
`
`Oxbc,
`Oxa8,
`
`0x15,
`
`Ox2C,
`
`Oxle,
`
`Ox8a,
`
`OxOa,
`
`0x61,
`
`Oxd2,
`Oxe5,
`
`Oxbd,
`
`0x36,
`
`0x22,
`
`Oxa6,
`
`Ox2a,
`
`0x43,
`
`0x90,
`
`Oxac,
`
`0x43,
`
`0x96,
`
`Ox4e,
`
`Oxe6,
`
`Ox2d,
`Oxa4,
`
`Oxf5,
`0x47,
`
`Ox4b,
`0x33,
`
`OXCC,
`
`Oxll,
`
`Oxbd,
`Oxle,
`
`Ox2d,
`0x39,
`
`Ox8C,
`
`Ox4d,
`
`Oxd3,
`
`Oxla,
`
`Oxf5,
`
`Oxf6,
`
`Ox6b,
`
`Ox5b,
`0x68,
`
`Oxd4,
`0x01,
`
`Oxb2,
`0x02,
`
`0x57,
`
`0x21,
`
`0x04,
`
`0x37,
`
`0x60,
`
`0x79,
`
`Ox4d,
`0x95,
`
`Ox5b,
`0x12,
`
`Oxd2,
`Oxll,
`
`Oxaa,
`
`0x98,
`
`Ox5d,
`OxC9,
`
`Oxfd,
`0x06,
`
`0x66,
`
`0x62,
`
`0x07,
`
`0x31,
`
`0x85,
`
`Oxfa,
`Oxee,
`
`Oxfl,
`OxC5,
`
`0x77,
`
`Ox9d,
`
`0x64,
`
`Ox2f,
`0x66,
`
`0x92,
`
`0x42};
`
`Oxd4,
`Ox9a,
`
`0x49,
`
`Ox3a,
`
`0x69,
`
`0x61,
`
`Oxef,
`
`R_DH_PARAMS dhparams[3]
`
`{
`
`{po, 64, go, 64},
`
`{p1, 96, g1, 96},
`
`{p2, 128, g2,
`
`l28}}
`
`oI
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 165
`
`
`
`esm.1
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 166
`
`
`
`. TH ESM l
`
`. SH NAME
`
`esm — encrypted session manager
`. SH SYNOPSIS
`
`\fBesm\fP [\fB—lrs\fP]
`. SH DESCRIPTION
`
`. LP
`
`[\fB—e\fP \fIcommand\fP]
`
`\fBesm\fP manages a simple encrypted session protocol. When first
`invoked from an interactive shell, it provides a transparent
`
`pseudo-terminal session on the local machine. When invoked from
`
`within an existing ESM session, however,
`
`the two ESM processes can
`
`automatically encrypt all traffic passed between them. Typically,
`the second session is executed on a remote networked machine reached
`
`by using the initial session to invoke, e.g.,
`program.
`. LP
`
`the \fBtelnet\fP(l)
`
`Ordinarily, ESM is run first on the local machine in "local" mode
`
`("\fBesm —l\fP").
`
`The resulting session is used to establish a
`
`connection (over a possibly insecure network)
`
`to a remote machine on
`
`which \fBesm\fP is run in "server" mode ("\fBesm —s\fP"). Encrypted
`
`sessions are always initiated by the remote \fBesm\fP process. Remote
`
`mode can be invoked in two ways.
`
`\fBesm —s\fP will attempt to
`
`initiate an encrypted session immediately after starting.
`
`\fBesm
`
`—r\fP will start the remote session in cleartext mode; a user escape
`
`sequence ("control—‘" followed by "s") switches to the encrypted
`
`session mode.
`. LP
`
`"Control-A ?" provides a list of other options.
`
`Encrypted sessions use two-key (112 bit) triple DES in 8-bit cipher
`
`feedback mode.
`
`A l024—bit Diffie—Hellman key exchange protocol is
`
`used to establish the session key;
`
`the implementation of this protocol
`
`is based on the RSA Laboratories RSAREF 2.0 library. All encrypted
`
`traffic is encoded using a simple ASCII hexadecimal representation;
`
`this reduces encrypted terminal bandwidth by a factor of just over two
`
`compared with cleartext mode.
`. SH OPTIONS
`
`.IP "\fB-l\fP"
`
`Local mode. This establishes the initial session and provides a
`
`transparent pseudo-terminal interface until an encrypted session is
`
`initiated on the "master" (shell) side by a remote server. This is
`
`also the default mode if no command line flag is specified.
`.IP "\fB-r\fP"
`
`Remote mode.
`
`Provides a transparent pseudo terminal session on the
`
`remote machine, with the ability to initiate an encrypted session with
`the "slave" (terminal) side of the connection.
`
`.IP "\fB—s\fP"
`
`Immediately attempts to initiate an encrypted session
`Remote mode.
`with the "slave" (terminal) side of the connection. This mode is
`
`guaranteed to never operate in cleartext mode.
`.IP "\fB -e\fP \fIcommand\fP"
`
`By default
`Executes \fIcommand\fP on the master side of the session.
`ESM executes the value of the SHELL environment or, if that is not
`
`/bin/sh.
`set,
`. SH BUGS
`
`. LP
`
`ESM is not a replacement for a complete link, network or E£fifi&Q%Q5ack%Appka_EXmb“1010__Page167
`layer security protocol.
`In particular, nothing is authenticated and
`EXNbflD
`
`
`
`traffic is only protected once the session has started (which may
`
`occur after sensitive information like login passwords have already
`been sent in the clear).
`.LP
`
`the protocol is vulnerable to
`Because nothing is authenticated,
`several variations of the so—called "man—in—the-middle" active attack.
`
`ESM should be regarded as secure only against passive attacks.
`.LP
`
`ESM is slow.
`
`It takes a long time to generate the high—entropy random
`
`numbers required for the key agreement parameters.
`
`The ASCII encoding
`
`of the encrypted traffic noticeably reduces effective bandwidth and
`
`increases response time.
`.LP
`
`The session keys may not be random on all platforms.
`
`The random
`
`number generator relies on variations in clock rate and other hard to
`
`predict factors. Test these assumptions carefully before trusting ESM
`
`on a new machine or operating system.
`.SH AUTHOR
`
`Matt Blaze, mab@research.att.com (for ESM and CFS problems, use
`cfs@research.att.com).
`
`EXNbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 168
`
`
`
`esm.c
`
`Exhibit D
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 169
`
`
`
`* ESM — Encrypted Session Manager
`* vl.O.2
`
`* matt blaze
`
`* December 1995
`
`/* SunOS 5 port by Greg Onufer, based in part on the pty_termios
`* package written by Don Libes, NIST, 2/6/90
`*/
`
`/*
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1995 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`
`* This software is subject to United States export controls.
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`* Some of this file was stolen from the BSD "script" program, which
`
`* is covered under the following notice:
`
`* Copyright
`
`(c) 1980 Regents of the University of California.
`
`* All rights reserved.
`
`* Redistribution and use in source and binary forms, with or without
`
`* modification, are permitted provided that the following conditions
`* are met:
`
`* 1. Redistributions of source code must retain the above copyright
`
`*
`
`notice,
`
`this list of conditions and the following disclaimer.
`
`* 2. Redistributions in binary form must reproduce the above copyright
`
`*
`
`*
`
`notice,
`
`this list of conditions and the following disclaimer in the
`
`documentation and/or other materials provided with the distribution.
`
`* 3. All advertising materials mentioning features or use of this software
`
`*
`
`must display the following acknowledgement:
`
`* This product includes software developed by the University of
`
`* California, Berkeley and its contributors.
`
`* 4. Neither the name of the University nor the names of its contributors
`
`*
`
`*
`
`may be used to endorse or promote products derived from this software
`
`without specific prior written permission.
`
`* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ‘OAS IS" AND
`
`INCLUDING, BUT NOT LIMITED TO, THE
`* ANY EXPRESS OR IMPLIED WARRANTIES,
`*
`IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
`
`* ARE DISCLAIMED.
`
`IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
`
`INCIDENTAL, SPECIAL, EXEMPLA%¥fim8fiéfi8§§$¥HE%E;AEXmb“1010_Page170
`INDIRECT,
`* FOR ANY DIRECT,
`* DAMAGES
`(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
`EXNbflD
`
`
`
`* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
`* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
`
`* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
`* SUCH DAMAGE.
`
`#ifndef lint
`
`char copyright1[]
`
`=
`
`"@(#) Copyright
`
`(c) 1980 Regents of the University of Ca1ifornia.\n\
`
`All rights reserved.\n";
`
`char copyright2[]
`
`=
`
`(c) 1995 AT&T\nA11 rights reserved.\n";
`"@(#) Copyright
`#endif /* not lint */
`
`#inc1ude <sys/types.h>
`
`#inc1ude <sys/stat.h>
`#inc1ude <termios.h>
`
`#ifndef SUN
`
`#inc1ude <sys/ioct1.h>
`#endif
`
`#inc1ude <sys/time.h>
`
`#inc1ude <sys/fi1e.h>
`
`#inc1ude <sys/signa1.h>
`#inc1ude <unistd.h>
`
`#include <stdio.h>
`
`#ifdef SOLARIS2X
`
`#inc1ude <fcnt1.h>
`
`#endif
`
`#ifdef PTMX
`
`#inc1ude <stropts.h>
`#endif
`
`#inc1ude "g1oba1.h"
`#inc1ude "rsaref.h"
`
`#inc1ude "esm.h"
`
`char
`
`*she11;
`
`int master;
`
`int slave;
`
`int subchild;
`
`int escape=O36;
`int ciphstate=O;
`
`int ciphbyte=O;
`
`/* A‘ */
`
`int keyed=O;
`
`struct
`
`termios tt;
`
`struct winsize win;
`
`int lb;
`
`int 1;
`#ifdef PTMX
`
`char
`#e1se
`
`char
`
`*s1ave_name;
`
`= "/dev/ptyXX";
`1ine[]
`EXNbflD
`
`..
`..
`Petltloner Oracle-Apple - Exhlblt 1010 - Page 171
`
`
`
`#endif
`
`int aflg;
`
`#define REMOTE 0
`
`#define LOCAL 1
`
`#define CALC 2
`
`int mode=LOCAL;
`
`int paranoid=O;
`
`#define SL_START 0
`
`#define SL_GOT1
`
`#define SL_GOT2
`
`#define SL_GOT3
`
`L:J[\J}-'
`
`#define SL_GOT4 4
`
`#define SL_KEYING 5
`
`#define SL_CRYPT 6
`
`int s1outstate=SL_START;
`char *cmd=NULL;
`
`FILE *fpmaster;
`
`#define bwrite(fp,buf,1en)
`
`(fwrite(buf,1en,l,fp))
`
`main(argc, argv)
`
`int argc;
`
`char *argv[];
`
`extern char *optarg;
`
`extern int optind;
`int Ch;
`
`Void finish();
`
`char *getenv();
`
`fd_set fds;
`
`while ((ch = getopt(argc, argv, "e:sp1rci"))
`
`!= EOF)
`
`switch((char)ch)
`case 'e':
`
`{
`
`cmd=optarg;
`break;
`case 'i':
`case 's':
`
`case 'p':
`
`paranoid=l;
`case 'r':
`
`mode=REMOTE;
`
`break;
`case '1':
`
`mode=LOCAL;
`
`break;
`case 'c':
`
`mode=CALC;
`
`break;
`case '?':
`
`deféult‘
`fpr1ntf(stderr,
`EXNbflD
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 172
`
`
`
`"usage: esm [—r1c]
`exit(1);
`
`[-e program\n");
`
`}
`argc -= optind;
`
`argv += optind;
`
`if ((shell=getenv("SHELL")) == NULL)
`shell = "/bin/sh";
`
`getmaster();
`
`(Void) signal(SIGCHLD, finish);
`subchild = fork();
`
`{
`if (subchild < O)
`perror("fork");
`fai1();
`
`} i
`
`f (subchild==O)
`
`doshell(mode);
`
`else {
`/* main loop */
`
`printf("ESM v1.0.2 — encrypted session manager\n");
`
`printf("
`randinit();
`
`by Matt Blaze, AT&T Bell Labs, December l995\n");
`
`Cipherinit();
`
`{
`switch (mode)
`case REMOTE:
`
`if (paranoid)
`
`printf("remote server ready\n");
`
`else
`
`printf("remote server ready; ctl—“ to escape\n");
`break;
`case LOCAL:
`
`printf("local layer ready (run 'esm —s' on remote)\n");
`break;
`
`default:
`
`/* not yet */
`
`printf("esm ready\n");
`
`} r
`
`awtty();
`
`fpmaster=fdopen(master,"w");
`
`if (fpmaster == NULL)
`done();
`
`if (paranoid)
`startsession();
`
`FD_ZERO (&fds) ;
`
`FD_SET (O,&fds) ;
`
`FD_SET(master,&fds);
`
`(FD_SETSIZE,&fds,N'ULL,N'ULL,N'ULL)>0)
`While (select
`if (FD_ISSET(O.&fds))
`doinput();
`
`{
`
`if (FD_ISSET(master,&fds))
`dooutput();
`
`FD_ZERO (&fds) ;
`
`FD_SET (O,&fds) ;
`
`“-5” ‘master’ “fdS’ ’
`
`}
`
`Exhibit D
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 173
`
`
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 174
`
`done();
`
`#define
`
`#define
`
`#define
`
`#define
`
`TRANS O
`
`CMDWAIT l
`
`CIPHER 2
`
`KEYWAIT 3
`
`#define
`
`#define
`
`#define
`
`#define
`
`#define
`
`#define
`
`IVO
`IVl
`
`IV2
`
`IV3
`
`C0
`
`C1
`
`U'|r-l>UJ[\J}-‘O
`
`int state=TRANS;
`
`int cstate=IVO;
`
`doinput()
`
`{
`
`int cc;
`
`int i;
`
`static unsigned char ibuf[5l2];
`
`if ((cc = read(O.
`
`ibuf, 512))
`
`> O)
`
`{
`
`{
`switch (mode)
`case REMOTE:
`
`for (i=0;
`
`i<cc;
`
`i++)
`
`domasterin(ibuf[i]);
`
`break;
`case LOCAL:
`
`for (i=0;
`
`i<cc;
`
`i++)
`
`doslavein(ibuf[i]);
`
`break;
`default:
`
`for (i=0;
`
`i<cc;
`
`i++)
`
`bwrite(fpmaster,&ibuf[i],1);
`break;
`
`} f
`
`f1ush(fpmaster);
`ff1ush(stdout);
`
`} else
`done();
`
`dos1avein(ibuf)
`
`unsigned char ibuf;
`
`int C7
`
`static int count=O;
`
`switch (sloutstate) {
`case SL_CRYPT:
`
`{
`if (ibuf==escape)
`bwrite(stdout,">>",2);
`EXNDHD
`
`
`
`ff1ush(stdout);
`
`{
`if (s1escape())
`printf("q\r\nEntering CLEARTEXT mode\r\n");
`
`bwrite(fpmaster,"PPPPPPPPPPPPPPPP",l6);
`
`s1outstate=SL_START;
`
`} b
`
`reak;
`
`} c
`
`=cfb8_encrypt(ibuf);
`if (!(++count % 8))
`
`bwrite(fpmaster,"!",l);
`
`sendhex(fpmaster,c);
`break;
`default:
`
`bwrite(fpmaster,&ibuf,l);
`break;
`
`s1escape()
`
`{
`
`char buf;
`
`int c;
`
`int escaped=O;
`
`while (read(O.&buf,l)>O)
`
`{
`
`{
`if (escaped)
`escaped=O;
`
`bwrite(fpmaster,&buf,l);
`continue;
`
`} i
`
`{
`f (buf==escape)
`c=cfb8_encrypt(buf);
`sendhex(fpmaster,c);
`return 0;
`
`} b
`
`write(stdout,&buf,1);
`
`ff1ush(stdout);
`
`if (buf=='\\') {
`escaped=1;
`continue;
`
`} i
`
`f (buf=='\r')
`return 0;
`
`if (buf=='C')
`return 1;
`
`{
`
`} p
`
`rintf("\r\nType one of the fo1lowing:\r\n");
`
`printf("
`
`\\[char] to send char as c1eartext\r\n");
`
`printf("
`
`ctr1—‘ to send escape character\r\n");
`
`printf("
`
`'C'
`
`to return to CLEARTEXT session\r\n");
`
`printf(" <enter> to return to encrypted session\r\n");
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 175
`
`} r
`
`}
`
`eturn 1;
`
`/* should never happen */
`
`EXNbflD
`
`
`
`domasterin(ibuf)
`
`unsigned char ibuf;
`
`int c;
`
`char ch;
`
`static int bad=O;
`
`switch (state) {
`case TRANS:
`
`if (ibuf != escape)
`
`bwrite(fpmaster, &ibuf, 1);
`
`else {
`state=CMDWAIT;
`
`bwrite(stdout,">>",2);
`cstate=IVO;
`
`} b
`
`reak;
`case CMDWAIT:
`
`{
`if (ibuf == escape)
`bwrite(fpmaster, &ibuf, 1);
`state=TRANS;
`
`} else switch (ibuf)
`case '\r':
`
`{
`
`case '\n':
`
`bwrite(stdout,"\r\n",2);
`state=TRANS;
`
`break;
`case 's':
`
`case ‘S’:
`
`startsession(LONG);
`break;
`
`case ‘Q’:
`
`done();
`
`break;
`default:
`
`printf("Type 's'
`
`to start encrypted session\r\n");
`
`'Q'
`
`to terminate remote session\r\n");
`
`ctr1—‘ to send escape character\r\n");
`<enter> to return to session\r\n");
`
`printf("
`
`printf("
`printf("
`break;
`
`} b
`
`reak;
`case CIPHER:
`
`if (strchr("Ol23456789abcdef!",ibuf)!=NULL)
`bad=O;
`
`{
`
`if ((c = cipherout(ibuf)) >= 0)
`Ch=C;
`
`{
`
`bwrite(fpmaster,&ch,l);
`
`}
`
`} else if (bad++ > 16)
`de1key();
`bwrite(stdout,"XXXXXXXXXXXXXXXX",16);
`
`{
`
`if ‘paranoid’
`done();
`EXNbflD
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 176
`
`
`
`state=TRANS;
`
`} else
`ciphstate=O;
`break;
`case KEYWAIT:
`
`if (strchr("Ol23456789abcdef:".ibuf)!=NULL)
`masterkeyin(ibuf);
`
`{
`
`} else {
`de1key();
`bwrite(stdout,"XXXXXXXXXXXXXXXX",l6);
`
`if (paranoid)
`done();
`state=TRANS;
`
`} b
`
`reak;
`
`int pubstat=O;
`
`int pubpos=O;
`
`unsigned char pubbyte=O;
`
`int pksize = -1;
`
`startsession()
`
`=
`static unsigned char buf[5]
`static unsigned char co1on=':';
`int i;
`
`pk1en=dhparams[LONG].primeLen;
`
`0177,
`
`'~', 0177,
`
`'~',
`
`'L'};
`
`printf("Starting remote side of %d bit key exchange.\r\n",pk1en*8);
`
`(type any character to abort)");
`printf("
`ff1ush(stdout);
`
`bwrite(stdout.buf,5);
`
`if (createdh(LONG)
`return -1;
`
`< 0)
`
`for (i=0;
`
`i<pk1en;
`
`i++)
`
`sendhex(stdout,ourpub[i]);
`bwrite(stdout,&co1on,1);
`
`pksize=LONG;
`pubstat=O;
`
`pubpos=O;
`
`pubbyte=O;
`state=KEYWAIT;
`
`return 0;
`
`s1transpub(1en)
`
`{
`
`static unsigned char co1on=':';
`int i;
`
`for (i=0;
`
`i<1en;
`
`i++)
`
`sendhex(fpmaster,ourpub[i]);
`
`bwrite ‘fP“‘aSter' “°°1°“' 1’ ’
`
`Petitioner Oracle-Apple — Exhibit 1010 — Page 177
`
`EXNbflD
`
`
`
`masterkeyin(c)
`char C;
`
`{
`
`int bits;
`
`{
`if (C==':')
`if (pubpos!=(pk1en))
`goto abort;
`
`if (mca1ckeys(pksize)<O)
`
`goto abort;
`
`ciphstate=O;
`state=CIPHER;
`
`/* state = CHECK */
`
`/* add code to do check */
`return;
`
`} else if (pubpos<MAXPUBKEY)
`bits=atoh(c);
`
`{
`
`if (bits<O)
`
`goto abort;
`
`if (pubstat)
`
`{
`
`pubbyte |= bits;
`otherpub[pubpos]=pubbyte;
`
`pubpos++;
`
`} else {
`pubbyte = bits<<4;
`
`} p
`
`ubstat = l-pubstat;
`return;
`
`}a
`
`bort:
`
`bwrite(stdout,"XXXXXXXXXXXXXXXX",l6);
`
`/* sets up session keys */
`
`if (paranoid)
`done();
`State=TRANS;
`
`nt mca1ckeys(1en)
`int len;
`
`int i;
`
`static char kh[32];
`
`if (dhagree(1en,l)<O)
`return -1;
`
`i<8;
`for (i=0;
`iVin[i]=O;
`
`i++)
`
`{
`
`iVout[i]=Oxff;
`
`} /
`
`* TODO
`
`sprintf(kh,"KEYHASH=%O2X%O2x%O2X%O2X",
`check[O],check[1],check[2],check[3]);
`
`putenv(kh); */
`return 0;
`
`ExmbflD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 178
`
`} i
`
`{
`
`}
`
`
`
`int s1ca1ckeys(1en)
`int len;
`
`int i;
`
`if (dhagree(1en,O)<O)
`return -1;
`
`i<8;
`for (i=0;
`ivout[i]=O;
`
`i++)
`
`{
`
`iVin[i]=Oxff;
`
`/* sets up session keys */
`
`} p
`
`rintf("\r\n(key hash is %O2x%O2x%O2x%O2x)\r\n",
`check[O],check[1],check[2],check[3]);
`return 0;
`
`inits1key(param)
`
`int param;
`
`if ((param<O)
`return -1;
`
`||
`
`(param>2))
`
`pk1en=dhparams[param].primeLen;
`
`pksize=param;
`
`pubstat=O;
`
`pubpos=O;
`
`pubbyte=O;
`
`s1keyin(c)
`char C;
`
`int bits;
`
`{
`if (C==':')
`if (pubpos!=pk1en)
`
`goto abort;
`
`printf("\r\nStarting local key exchange...");
`
`if (createdh(pksize)<O)
`
`goto abort;
`
`s1transpub(pk1en);
`
`printf("ca1cu1ating DH key...");
`ff1ush(stdout);
`
`if (s1ca1ckeys(pksize)<O)
`
`goto abort;
`
`printf("Entering ENCRYPTED mode;
`ciphstate=O;
`
`type ctr1—‘ to escape\r\n");
`
`s1outstate=SL_CRYPT;
`/* add code to send two ascci nulls for check */
`return;
`
`} else if (pubpos<MAXPUBKEY){
`bits=atoh(c);
`
`if (bits<O)
`
`goto abort;
`
`if (pubstat)
`{
`pubbyte |= bits;
`otherpub[pubpos]=pubbyte;
`EXMDHD
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 179
`
`
`
`Petitioner Oracle-Apple - Exhibit 1010 - Page 180
`
`pubpos++;
`
`} else {
`pubbyte = bits<<4;
`
`} p
`
`ubstat = l-pubstat;
`return;
`
`}a
`
`bort:
`
`bwrite(stdout,"X",1);
`
`state=SL_START;
`
`int cipherout(ch)
`char ch;
`
`int bits;
`
`{
`if (ch=='!')
`ciphstate=O;
`return -1;
`
`} b
`
`its=atoh(ch);
`
`if (ciphstate) {
`
`ciphbyte |= bits;
`ciphstate=O;
`
`return(cfb8_decrypt(ciphbyte));
`
`} else {
`ciphbyte = bits<<4;
`
`ciphstate=1;
`return -1;
`
`int cipherca1cin(ch)
`
`unsigned char ch;
`
`static unsigned char iv[8];
`
`static unsigned int Cbuf;
`int C;
`
`int i;
`
`c = atoh(ch);
`
`switch (cstate) {
`case IVO:
`
`for(i=O;
`
`i<8;
`
`i++)
`
`iV[i]=O;
`
`(C&Oxf)<<4;
`Cbuf =
`cstate=IV1;
`
`return '.';
`case IVl:
`
`Cbuf = Cbuf
`iV[7]=Cbuf;
`cstate=IV2;
`EXNbflD
`
`|
`
`(c&Oxf);
`
`
`
`return '.';
`case IV2:
`
`(C&Oxf)<<4;
`Cbuf =
`cstate=IV3;
`
`return '.';
`case IV3:
`
`Cbuf = Cbuf
`iv[6]=cbuf;
`cstate=CO;
`
`return '.';
`case CO:
`
`|
`
`(c&Oxf);
`
`(C&Oxf)<<4;
`Cbuf =
`cstate=C1;
`
`return '.';
`case Cl:
`
`| c&Oxf;
`Cbuf = Cbuf
`c
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
