1 cbeb0b26 2006-04-01 devnull /* PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al. */
2 cbeb0b26 2006-04-01 devnull /* It is patented and use outside Plan 9 requires you get a license. */
3 cbeb0b26 2006-04-01 devnull /* (All other EKE protocols are patented as well, by Lucent or others.) */
4 6e527fbc 2005-02-13 devnull #include <u.h>
5 6e527fbc 2005-02-13 devnull #include <libc.h>
6 6e527fbc 2005-02-13 devnull #include <mp.h>
7 6e527fbc 2005-02-13 devnull #include <libsec.h>
8 6e527fbc 2005-02-13 devnull #include "SConn.h"
9 6e527fbc 2005-02-13 devnull #include "secstore.h"
11 6e527fbc 2005-02-13 devnull extern int verbose;
13 6e527fbc 2005-02-13 devnull char VERSION[] = "secstore";
14 6e527fbc 2005-02-13 devnull static char *feedback[] = {"alpha","bravo","charlie","delta","echo","foxtrot","golf","hotel"};
16 6e527fbc 2005-02-13 devnull typedef struct PAKparams{
17 6e527fbc 2005-02-13 devnull mpint *q, *p, *r, *g;
18 6e527fbc 2005-02-13 devnull } PAKparams;
20 6e527fbc 2005-02-13 devnull static PAKparams *pak;
22 cbeb0b26 2006-04-01 devnull /* from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E */
23 6e527fbc 2005-02-13 devnull static void
24 6e527fbc 2005-02-13 devnull initPAKparams(void)
28 6e527fbc 2005-02-13 devnull pak = (PAKparams*)emalloc(sizeof(*pak));
29 6e527fbc 2005-02-13 devnull pak->q = strtomp("E0F0EF284E10796C5A2A511E94748BA03C795C13", nil, 16, nil);
30 6e527fbc 2005-02-13 devnull pak->p = strtomp("C41CFBE4D4846F67A3DF7DE9921A49D3B42DC33728427AB159CEC8CBB"
31 6e527fbc 2005-02-13 devnull "DB12B5F0C244F1A734AEB9840804EA3C25036AD1B61AFF3ABBC247CD4B384224567A86"
32 6e527fbc 2005-02-13 devnull "3A6F020E7EE9795554BCD08ABAD7321AF27E1E92E3DB1C6E7E94FAAE590AE9C48F96D9"
33 6e527fbc 2005-02-13 devnull "3D178E809401ABE8A534A1EC44359733475A36A70C7B425125062B1142D",
34 6e527fbc 2005-02-13 devnull nil, 16, nil);
35 6e527fbc 2005-02-13 devnull pak->r = strtomp("DF310F4E54A5FEC5D86D3E14863921E834113E060F90052AD332B3241"
36 6e527fbc 2005-02-13 devnull "CEF2497EFA0303D6344F7C819691A0F9C4A773815AF8EAECFB7EC1D98F039F17A32A7E"
37 6e527fbc 2005-02-13 devnull "887D97251A927D093F44A55577F4D70444AEBD06B9B45695EC23962B175F266895C67D"
38 6e527fbc 2005-02-13 devnull "21C4656848614D888A4", nil, 16, nil);
39 6e527fbc 2005-02-13 devnull pak->g = strtomp("2F1C308DC46B9A44B52DF7DACCE1208CCEF72F69C743ADD4D23271734"
40 6e527fbc 2005-02-13 devnull "44ED6E65E074694246E07F9FD4AE26E0FDDD9F54F813C40CB9BCD4338EA6F242AB94CD"
41 6e527fbc 2005-02-13 devnull "410E676C290368A16B1A3594877437E516C53A6EEE5493A038A017E955E218E7819734"
42 6e527fbc 2005-02-13 devnull "E3E2A6E0BAE08B14258F8C03CC1B30E0DDADFCF7CEDF0727684D3D255F1",
43 6e527fbc 2005-02-13 devnull nil, 16, nil);
46 cbeb0b26 2006-04-01 devnull /* H = (sha(ver,C,sha(passphrase)))^r mod p, */
47 cbeb0b26 2006-04-01 devnull /* a hash function expensive to attack by brute force. */
48 6e527fbc 2005-02-13 devnull static void
49 6e527fbc 2005-02-13 devnull longhash(char *ver, char *C, uchar *passwd, mpint *H)
51 6e527fbc 2005-02-13 devnull uchar *Cp;
52 6e527fbc 2005-02-13 devnull int i, n, nver, nC;
53 6e527fbc 2005-02-13 devnull uchar buf[140], key[1];
55 6e527fbc 2005-02-13 devnull nver = strlen(ver);
56 6e527fbc 2005-02-13 devnull nC = strlen(C);
57 6e527fbc 2005-02-13 devnull n = nver + nC + SHA1dlen;
58 6e527fbc 2005-02-13 devnull Cp = (uchar*)emalloc(n);
59 6e527fbc 2005-02-13 devnull memmove(Cp, ver, nver);
60 6e527fbc 2005-02-13 devnull memmove(Cp+nver, C, nC);
61 6e527fbc 2005-02-13 devnull memmove(Cp+nver+nC, passwd, SHA1dlen);
62 6e527fbc 2005-02-13 devnull for(i = 0; i < 7; i++){
63 6e527fbc 2005-02-13 devnull key[0] = 'A'+i;
64 6e527fbc 2005-02-13 devnull hmac_sha1(Cp, n, key, sizeof key, buf+i*SHA1dlen, nil);
66 6e527fbc 2005-02-13 devnull memset(Cp, 0, n);
67 6e527fbc 2005-02-13 devnull free(Cp);
68 6e527fbc 2005-02-13 devnull betomp(buf, sizeof buf, H);
69 6e527fbc 2005-02-13 devnull mpmod(H, pak->p, H);
70 6e527fbc 2005-02-13 devnull mpexp(H, pak->r, pak->p, H);
73 cbeb0b26 2006-04-01 devnull /* Hi = H^-1 mod p */
75 6e527fbc 2005-02-13 devnull PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi)
77 6e527fbc 2005-02-13 devnull uchar passhash[SHA1dlen];
79 6e527fbc 2005-02-13 devnull sha1((uchar *)passphrase, strlen(passphrase), passhash, nil);
80 6e527fbc 2005-02-13 devnull initPAKparams();
81 6e527fbc 2005-02-13 devnull longhash(VERSION, C, passhash, H);
82 6e527fbc 2005-02-13 devnull mpinvert(H, pak->p, Hi);
83 6e527fbc 2005-02-13 devnull return mptoa(Hi, 64, nil, 0);
86 cbeb0b26 2006-04-01 devnull /* another, faster, hash function for each party to */
87 cbeb0b26 2006-04-01 devnull /* confirm that the other has the right secrets. */
88 6e527fbc 2005-02-13 devnull static void
89 6e527fbc 2005-02-13 devnull shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest)
91 6e527fbc 2005-02-13 devnull SHA1state *state;
93 6e527fbc 2005-02-13 devnull state = sha1((uchar*)mess, strlen(mess), 0, 0);
94 6e527fbc 2005-02-13 devnull state = sha1((uchar*)C, strlen(C), 0, state);
95 6e527fbc 2005-02-13 devnull state = sha1((uchar*)S, strlen(S), 0, state);
96 6e527fbc 2005-02-13 devnull state = sha1((uchar*)m, strlen(m), 0, state);
97 6e527fbc 2005-02-13 devnull state = sha1((uchar*)mu, strlen(mu), 0, state);
98 6e527fbc 2005-02-13 devnull state = sha1((uchar*)sigma, strlen(sigma), 0, state);
99 6e527fbc 2005-02-13 devnull state = sha1((uchar*)Hi, strlen(Hi), 0, state);
100 6e527fbc 2005-02-13 devnull state = sha1((uchar*)mess, strlen(mess), 0, state);
101 6e527fbc 2005-02-13 devnull state = sha1((uchar*)C, strlen(C), 0, state);
102 6e527fbc 2005-02-13 devnull state = sha1((uchar*)S, strlen(S), 0, state);
103 6e527fbc 2005-02-13 devnull state = sha1((uchar*)m, strlen(m), 0, state);
104 6e527fbc 2005-02-13 devnull state = sha1((uchar*)mu, strlen(mu), 0, state);
105 6e527fbc 2005-02-13 devnull state = sha1((uchar*)sigma, strlen(sigma), 0, state);
106 6e527fbc 2005-02-13 devnull sha1((uchar*)Hi, strlen(Hi), digest, state);
109 cbeb0b26 2006-04-01 devnull /* On input, conn provides an open channel to the server; */
110 cbeb0b26 2006-04-01 devnull /* C is the name this client calls itself; */
111 cbeb0b26 2006-04-01 devnull /* pass is the user's passphrase */
112 cbeb0b26 2006-04-01 devnull /* On output, session secret has been set in conn */
113 cbeb0b26 2006-04-01 devnull /* (unless return code is negative, which means failure). */
114 cbeb0b26 2006-04-01 devnull /* If pS is not nil, it is set to the (alloc'd) name the server calls itself. */
116 6e527fbc 2005-02-13 devnull PAKclient(SConn *conn, char *C, char *pass, char **pS)
118 6e527fbc 2005-02-13 devnull char *mess, *mess2, *eol, *S, *hexmu, *ks, *hexm, *hexsigma = nil, *hexHi;
119 6e527fbc 2005-02-13 devnull char kc[2*SHA1dlen+1];
120 6e527fbc 2005-02-13 devnull uchar digest[SHA1dlen];
121 6e527fbc 2005-02-13 devnull int rc = -1, n;
122 6e527fbc 2005-02-13 devnull mpint *x, *m = mpnew(0), *mu = mpnew(0), *sigma = mpnew(0);
123 6e527fbc 2005-02-13 devnull mpint *H = mpnew(0), *Hi = mpnew(0);
125 6e527fbc 2005-02-13 devnull hexHi = PAK_Hi(C, pass, H, Hi);
126 6e527fbc 2005-02-13 devnull if(verbose)
127 cbeb0b26 2006-04-01 devnull fprint(2,"%s\n", feedback[H->p[0]&0x7]); /* provide a clue to catch typos */
129 cbeb0b26 2006-04-01 devnull /* random 1<=x<=q-1; send C, m=g**x H */
130 6e527fbc 2005-02-13 devnull x = mprand(240, genrandom, nil);
131 6e527fbc 2005-02-13 devnull mpmod(x, pak->q, x);
132 6e527fbc 2005-02-13 devnull if(mpcmp(x, mpzero) == 0)
133 6e527fbc 2005-02-13 devnull mpassign(mpone, x);
134 6e527fbc 2005-02-13 devnull mpexp(pak->g, x, pak->p, m);
135 6e527fbc 2005-02-13 devnull mpmul(m, H, m);
136 6e527fbc 2005-02-13 devnull mpmod(m, pak->p, m);
137 6e527fbc 2005-02-13 devnull hexm = mptoa(m, 64, nil, 0);
138 6e527fbc 2005-02-13 devnull mess = (char*)emalloc(2*Maxmsg+2);
139 6e527fbc 2005-02-13 devnull mess2 = mess+Maxmsg+1;
140 6e527fbc 2005-02-13 devnull snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm);
141 6e527fbc 2005-02-13 devnull conn->write(conn, (uchar*)mess, strlen(mess));
143 cbeb0b26 2006-04-01 devnull /* recv g**y, S, check hash1(g**xy) */
144 6e527fbc 2005-02-13 devnull if(readstr(conn, mess) < 0){
145 6e527fbc 2005-02-13 devnull fprint(2, "error: %s\n", mess);
146 6e527fbc 2005-02-13 devnull writerr(conn, "couldn't read g**y");
147 6e527fbc 2005-02-13 devnull goto done;
149 6e527fbc 2005-02-13 devnull eol = strchr(mess, '\n');
150 6e527fbc 2005-02-13 devnull if(strncmp("mu=", mess, 3) != 0 || !eol || strncmp("\nk=", eol, 3) != 0){
151 6e527fbc 2005-02-13 devnull writerr(conn, "verifier syntax error");
152 6e527fbc 2005-02-13 devnull goto done;
154 6e527fbc 2005-02-13 devnull hexmu = mess+3;
155 6e527fbc 2005-02-13 devnull *eol = 0;
156 6e527fbc 2005-02-13 devnull ks = eol+3;
157 6e527fbc 2005-02-13 devnull eol = strchr(ks, '\n');
158 6e527fbc 2005-02-13 devnull if(!eol || strncmp("\nS=", eol, 3) != 0){
159 6e527fbc 2005-02-13 devnull writerr(conn, "verifier syntax error for secstore 1.0");
160 6e527fbc 2005-02-13 devnull goto done;
162 6e527fbc 2005-02-13 devnull *eol = 0;
163 6e527fbc 2005-02-13 devnull S = eol+3;
164 6e527fbc 2005-02-13 devnull eol = strchr(S, '\n');
165 6e527fbc 2005-02-13 devnull if(!eol){
166 6e527fbc 2005-02-13 devnull writerr(conn, "verifier syntax error for secstore 1.0");
167 6e527fbc 2005-02-13 devnull goto done;
169 6e527fbc 2005-02-13 devnull *eol = 0;
171 6e527fbc 2005-02-13 devnull *pS = estrdup(S);
172 6e527fbc 2005-02-13 devnull strtomp(hexmu, nil, 64, mu);
173 6e527fbc 2005-02-13 devnull mpexp(mu, x, pak->p, sigma);
174 6e527fbc 2005-02-13 devnull hexsigma = mptoa(sigma, 64, nil, 0);
175 6e527fbc 2005-02-13 devnull shorthash("server", C, S, hexm, hexmu, hexsigma, hexHi, digest);
176 6e527fbc 2005-02-13 devnull enc64(kc, sizeof kc, digest, SHA1dlen);
177 6e527fbc 2005-02-13 devnull if(strcmp(ks, kc) != 0){
178 6e527fbc 2005-02-13 devnull writerr(conn, "verifier didn't match");
179 6e527fbc 2005-02-13 devnull goto done;
182 cbeb0b26 2006-04-01 devnull /* send hash2(g**xy) */
183 6e527fbc 2005-02-13 devnull shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest);
184 6e527fbc 2005-02-13 devnull enc64(kc, sizeof kc, digest, SHA1dlen);
185 6e527fbc 2005-02-13 devnull snprint(mess2, Maxmsg, "k'=%s\n", kc);
186 6e527fbc 2005-02-13 devnull conn->write(conn, (uchar*)mess2, strlen(mess2));
188 cbeb0b26 2006-04-01 devnull /* set session key */
189 6e527fbc 2005-02-13 devnull shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest);
190 6e527fbc 2005-02-13 devnull memset(hexsigma, 0, strlen(hexsigma));
191 6e527fbc 2005-02-13 devnull n = conn->secret(conn, digest, 0);
192 6e527fbc 2005-02-13 devnull memset(digest, 0, SHA1dlen);
193 6e527fbc 2005-02-13 devnull if(n < 0){
194 6e527fbc 2005-02-13 devnull writerr(conn, "can't set secret");
195 6e527fbc 2005-02-13 devnull goto done;
200 6e527fbc 2005-02-13 devnull mpfree(x);
201 6e527fbc 2005-02-13 devnull mpfree(sigma);
202 6e527fbc 2005-02-13 devnull mpfree(mu);
203 6e527fbc 2005-02-13 devnull mpfree(m);
204 6e527fbc 2005-02-13 devnull mpfree(Hi);
205 6e527fbc 2005-02-13 devnull mpfree(H);
206 6e527fbc 2005-02-13 devnull free(hexsigma);
207 6e527fbc 2005-02-13 devnull free(hexHi);
208 6e527fbc 2005-02-13 devnull free(hexm);
209 6e527fbc 2005-02-13 devnull free(mess);
210 6e527fbc 2005-02-13 devnull return rc;
213 cbeb0b26 2006-04-01 devnull /* On input, */
214 cbeb0b26 2006-04-01 devnull /* mess contains first message; */
215 cbeb0b26 2006-04-01 devnull /* name is name this server should call itself. */
216 cbeb0b26 2006-04-01 devnull /* On output, session secret has been set in conn; */
217 cbeb0b26 2006-04-01 devnull /* if pw!=nil, then *pw points to PW struct for authenticated user. */
218 cbeb0b26 2006-04-01 devnull /* returns -1 if error */
220 6e527fbc 2005-02-13 devnull PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
222 6e527fbc 2005-02-13 devnull int rc = -1, n;
223 6e527fbc 2005-02-13 devnull char mess2[Maxmsg+1], *eol;
224 6e527fbc 2005-02-13 devnull char *C, ks[41], *kc, *hexm, *hexmu = nil, *hexsigma = nil, *hexHi = nil;
225 6e527fbc 2005-02-13 devnull uchar digest[SHA1dlen];
226 6e527fbc 2005-02-13 devnull mpint *H = mpnew(0), *Hi = mpnew(0);
227 6e527fbc 2005-02-13 devnull mpint *y = nil, *m = mpnew(0), *mu = mpnew(0), *sigma = mpnew(0);
228 6e527fbc 2005-02-13 devnull PW *pw = nil;
230 cbeb0b26 2006-04-01 devnull /* secstore version and algorithm */
231 6e527fbc 2005-02-13 devnull snprint(mess2,Maxmsg,"%s\tPAK\n", VERSION);
232 6e527fbc 2005-02-13 devnull n = strlen(mess2);
233 6e527fbc 2005-02-13 devnull if(strncmp(mess,mess2,n) != 0){
234 6e527fbc 2005-02-13 devnull writerr(conn, "protocol should start with ver alg");
235 6e527fbc 2005-02-13 devnull return -1;
237 6e527fbc 2005-02-13 devnull mess += n;
238 6e527fbc 2005-02-13 devnull initPAKparams();
240 cbeb0b26 2006-04-01 devnull /* parse first message into C, m */
241 6e527fbc 2005-02-13 devnull eol = strchr(mess, '\n');
242 6e527fbc 2005-02-13 devnull if(strncmp("C=", mess, 2) != 0 || !eol){
243 6e527fbc 2005-02-13 devnull fprint(2,"mess[1]=%s\n", mess);
244 6e527fbc 2005-02-13 devnull writerr(conn, "PAK version mismatch");
245 6e527fbc 2005-02-13 devnull goto done;
247 6e527fbc 2005-02-13 devnull C = mess+2;
248 6e527fbc 2005-02-13 devnull *eol = 0;
249 6e527fbc 2005-02-13 devnull hexm = eol+3;
250 6e527fbc 2005-02-13 devnull eol = strchr(hexm, '\n');
251 6e527fbc 2005-02-13 devnull if(strncmp("m=", hexm-2, 2) != 0 || !eol){
252 6e527fbc 2005-02-13 devnull writerr(conn, "PAK version mismatch");
253 6e527fbc 2005-02-13 devnull goto done;
255 6e527fbc 2005-02-13 devnull *eol = 0;
256 6e527fbc 2005-02-13 devnull strtomp(hexm, nil, 64, m);
257 6e527fbc 2005-02-13 devnull mpmod(m, pak->p, m);
259 cbeb0b26 2006-04-01 devnull /* lookup client */
260 6e527fbc 2005-02-13 devnull if((pw = getPW(C,0)) == nil) {
261 6e527fbc 2005-02-13 devnull snprint(mess2, sizeof mess2, "%r");
262 6e527fbc 2005-02-13 devnull writerr(conn, mess2);
263 6e527fbc 2005-02-13 devnull goto done;
265 6e527fbc 2005-02-13 devnull if(mpcmp(m, mpzero) == 0) {
266 6e527fbc 2005-02-13 devnull writerr(conn, "account exists");
267 6e527fbc 2005-02-13 devnull freePW(pw);
268 6e527fbc 2005-02-13 devnull pw = nil;
269 6e527fbc 2005-02-13 devnull goto done;
271 6e527fbc 2005-02-13 devnull hexHi = mptoa(pw->Hi, 64, nil, 0);
273 cbeb0b26 2006-04-01 devnull /* random y, mu=g**y, sigma=g**xy */
274 6e527fbc 2005-02-13 devnull y = mprand(240, genrandom, nil);
275 6e527fbc 2005-02-13 devnull mpmod(y, pak->q, y);
276 6e527fbc 2005-02-13 devnull if(mpcmp(y, mpzero) == 0){
277 6e527fbc 2005-02-13 devnull mpassign(mpone, y);
279 6e527fbc 2005-02-13 devnull mpexp(pak->g, y, pak->p, mu);
280 6e527fbc 2005-02-13 devnull mpmul(m, pw->Hi, m);
281 6e527fbc 2005-02-13 devnull mpmod(m, pak->p, m);
282 6e527fbc 2005-02-13 devnull mpexp(m, y, pak->p, sigma);
284 cbeb0b26 2006-04-01 devnull /* send g**y, hash1(g**xy) */
285 6e527fbc 2005-02-13 devnull hexmu = mptoa(mu, 64, nil, 0);
286 6e527fbc 2005-02-13 devnull hexsigma = mptoa(sigma, 64, nil, 0);
287 6e527fbc 2005-02-13 devnull shorthash("server", C, S, hexm, hexmu, hexsigma, hexHi, digest);
288 6e527fbc 2005-02-13 devnull enc64(ks, sizeof ks, digest, SHA1dlen);
289 6e527fbc 2005-02-13 devnull snprint(mess2, sizeof mess2, "mu=%s\nk=%s\nS=%s\n", hexmu, ks, S);
290 6e527fbc 2005-02-13 devnull conn->write(conn, (uchar*)mess2, strlen(mess2));
292 cbeb0b26 2006-04-01 devnull /* recv hash2(g**xy) */
293 6e527fbc 2005-02-13 devnull if(readstr(conn, mess2) < 0){
294 6e527fbc 2005-02-13 devnull writerr(conn, "couldn't read verifier");
295 6e527fbc 2005-02-13 devnull goto done;
297 6e527fbc 2005-02-13 devnull eol = strchr(mess2, '\n');
298 6e527fbc 2005-02-13 devnull if(strncmp("k'=", mess2, 3) != 0 || !eol){
299 6e527fbc 2005-02-13 devnull writerr(conn, "verifier syntax error");
300 6e527fbc 2005-02-13 devnull goto done;
302 6e527fbc 2005-02-13 devnull kc = mess2+3;
303 6e527fbc 2005-02-13 devnull *eol = 0;
304 6e527fbc 2005-02-13 devnull shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest);
305 6e527fbc 2005-02-13 devnull enc64(ks, sizeof ks, digest, SHA1dlen);
306 6e527fbc 2005-02-13 devnull if(strcmp(ks, kc) != 0) {
307 6e527fbc 2005-02-13 devnull rc = -2;
308 6e527fbc 2005-02-13 devnull goto done;
311 cbeb0b26 2006-04-01 devnull /* set session key */
312 6e527fbc 2005-02-13 devnull shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest);
313 6e527fbc 2005-02-13 devnull n = conn->secret(conn, digest, 1);
314 6e527fbc 2005-02-13 devnull if(n < 0){
315 6e527fbc 2005-02-13 devnull writerr(conn, "can't set secret");
316 6e527fbc 2005-02-13 devnull goto done;
321 6e527fbc 2005-02-13 devnull if(rc<0 && pw){
322 6e527fbc 2005-02-13 devnull pw->failed++;
323 6e527fbc 2005-02-13 devnull putPW(pw);
325 6e527fbc 2005-02-13 devnull if(rc==0 && pw && pw->failed>0){
326 6e527fbc 2005-02-13 devnull pw->failed = 0;
327 6e527fbc 2005-02-13 devnull putPW(pw);
330 6e527fbc 2005-02-13 devnull *pwp = pw;
332 6e527fbc 2005-02-13 devnull freePW(pw);
333 6e527fbc 2005-02-13 devnull free(hexsigma);
334 6e527fbc 2005-02-13 devnull free(hexHi);
335 6e527fbc 2005-02-13 devnull free(hexmu);
336 6e527fbc 2005-02-13 devnull mpfree(y);
337 6e527fbc 2005-02-13 devnull mpfree(sigma);
338 6e527fbc 2005-02-13 devnull mpfree(mu);
339 6e527fbc 2005-02-13 devnull mpfree(m);
340 6e527fbc 2005-02-13 devnull mpfree(Hi);
341 6e527fbc 2005-02-13 devnull mpfree(H);
342 6e527fbc 2005-02-13 devnull return rc;
