[d309eb3] | 1 | /* This file is stolen and slightly modified code */ |
---|
| 2 | |
---|
| 3 | /* zcrypt.c -- Read in a data stream from stdin & dump a decrypted/encrypted * |
---|
| 4 | * datastream. Reads the string to make the key from from the first * |
---|
| 5 | * parameter. Encrypts or decrypts according to -d or -e flag. (-e is * |
---|
| 6 | * default.) Will invoke zwrite if the -c option is provided for * |
---|
| 7 | * encryption. If a zephyr class is specified & the keyfile name omitted * |
---|
| 8 | * the ~/.crypt-table will be checked for "crypt-classname" and then * |
---|
| 9 | * "crypt-default" for the keyfile name. */ |
---|
| 10 | |
---|
| 11 | #include <stdio.h> |
---|
| 12 | #include <stdlib.h> |
---|
| 13 | #include <string.h> |
---|
| 14 | #include <sys/types.h> |
---|
| 15 | #include <sys/wait.h> |
---|
[ac70242] | 16 | #include "owl.h" |
---|
[d309eb3] | 17 | |
---|
[c86a35c] | 18 | #ifdef OWL_ENABLE_ZCRYPT |
---|
[c269e22] | 19 | |
---|
[d309eb3] | 20 | #define BASE_CODE 70 |
---|
| 21 | #define LAST_CODE (BASE_CODE + 15) |
---|
| 22 | #define OUTPUT_BLOCK_SIZE 16 |
---|
| 23 | #include <unistd.h> |
---|
| 24 | #include <sys/types.h> |
---|
[806f769] | 25 | |
---|
| 26 | #ifdef HAVE_KERBEROS_IV |
---|
| 27 | #include <kerberosIV/des.h> |
---|
| 28 | #else |
---|
| 29 | #include <openssl/des.h> |
---|
| 30 | #endif |
---|
[d309eb3] | 31 | |
---|
| 32 | #define MAX_KEY 128 |
---|
| 33 | |
---|
| 34 | #ifndef TRUE |
---|
| 35 | #define TRUE -1 |
---|
| 36 | #endif |
---|
| 37 | #ifndef FALSE |
---|
| 38 | #define FALSE 0 |
---|
| 39 | #endif |
---|
| 40 | |
---|
| 41 | #define ZWRITE_OPT_NOAUTH (1<<0) |
---|
| 42 | #define ZWRITE_OPT_SIGNATURE (1<<1) |
---|
| 43 | #define ZWRITE_OPT_IGNOREVARS (1<<2) |
---|
| 44 | #define ZWRITE_OPT_VERBOSE (1<<3) |
---|
| 45 | #define ZWRITE_OPT_QUIET (1<<4) |
---|
| 46 | #define ZCRYPT_OPT_MESSAGE (1<<5) |
---|
| 47 | #define ZCRYPT_OPT_IGNOREDOT (1<<6) |
---|
| 48 | |
---|
| 49 | typedef struct |
---|
| 50 | { |
---|
| 51 | int flags; |
---|
| 52 | char *signature; |
---|
| 53 | char *message; |
---|
| 54 | } ZWRITEOPTIONS; |
---|
| 55 | |
---|
[e19eb97] | 56 | char *GetZephyrVarKeyFile(const char *whoami, const char *class, const char *instance); |
---|
[d309eb3] | 57 | |
---|
| 58 | #define M_NONE 0 |
---|
| 59 | #define M_ZEPHYR_ENCRYPT 1 |
---|
| 60 | #define M_DECRYPT 2 |
---|
| 61 | #define M_ENCRYPT 3 |
---|
| 62 | #define M_RANDOMIZE 4 |
---|
| 63 | #define M_SETKEY 5 |
---|
| 64 | |
---|
[a52eeb1] | 65 | static void owl_zcrypt_string_to_schedule(const char *keystring, des_key_schedule *schedule) { |
---|
[3daca13] | 66 | #ifdef HAVE_KERBEROS_IV |
---|
| 67 | des_cblock key; |
---|
| 68 | #else |
---|
| 69 | des_cblock _key, *key = &_key; |
---|
| 70 | #endif |
---|
| 71 | |
---|
| 72 | des_string_to_key(keystring, key); |
---|
[3f18ad5] | 73 | des_key_sched(key, *schedule); |
---|
[3daca13] | 74 | } |
---|
| 75 | |
---|
[9ceee9d] | 76 | /* The 'owl_zcrypt_decrypt' function was written by kretch for Owl. |
---|
| 77 | * Decrypt the message in 'in' on class 'class' and instance |
---|
[dacb555] | 78 | * 'instance'. Return must be freed by caller. |
---|
[9ceee9d] | 79 | */ |
---|
[dacb555] | 80 | char *owl_zcrypt_decrypt(const char *in, const char *class, const char *instance) |
---|
| 81 | { |
---|
[65b2173] | 82 | char *fname, keystring[MAX_KEY]; |
---|
[d309eb3] | 83 | FILE *fkey; |
---|
| 84 | |
---|
| 85 | fname=GetZephyrVarKeyFile("zcrypt", class, instance); |
---|
[dacb555] | 86 | if (!fname) return NULL; |
---|
[d309eb3] | 87 | fkey=fopen(fname, "r"); |
---|
[dacb555] | 88 | if (!fkey) return NULL; |
---|
[3daca13] | 89 | if (!fgets(keystring, MAX_KEY-1, fkey)) { |
---|
| 90 | fclose(fkey); |
---|
[dacb555] | 91 | return NULL; |
---|
[3daca13] | 92 | } |
---|
[d309eb3] | 93 | fclose(fkey); |
---|
| 94 | |
---|
[a52eeb1] | 95 | return owl_zcrypt_decrypt_with_key(in, keystring); |
---|
| 96 | } |
---|
| 97 | |
---|
| 98 | char *owl_zcrypt_decrypt_with_key(const char *in, const char *keystring) |
---|
| 99 | { |
---|
| 100 | const char *inptr, *endptr; |
---|
| 101 | char *out; |
---|
| 102 | des_key_schedule schedule; |
---|
| 103 | unsigned char input[8], output[8]; |
---|
| 104 | int i, c1, c2; |
---|
| 105 | |
---|
[dacb555] | 106 | out = owl_malloc(strlen(in) * 16 + 20); |
---|
[a52eeb1] | 107 | |
---|
[d309eb3] | 108 | strcpy(out, ""); |
---|
| 109 | |
---|
| 110 | output[0] = '\0'; /* In case no message at all */ |
---|
| 111 | |
---|
[3f18ad5] | 112 | owl_zcrypt_string_to_schedule(keystring, &schedule); |
---|
[d309eb3] | 113 | |
---|
| 114 | inptr=in; |
---|
[1f37eba] | 115 | endptr = in + strlen(in); |
---|
| 116 | while (inptr + 16 <= endptr) { |
---|
[d309eb3] | 117 | for (i=0; i<8; i++) { |
---|
| 118 | c1=(inptr[0])-BASE_CODE; |
---|
| 119 | c2=(inptr[1])-BASE_CODE; |
---|
| 120 | input[i]=c1 * 0x10 + c2; |
---|
| 121 | inptr+=2; |
---|
| 122 | } |
---|
[3daca13] | 123 | des_ecb_encrypt(&input, &output, schedule, FALSE); |
---|
| 124 | strncat(out, (const char *)output, 8); |
---|
[d309eb3] | 125 | } |
---|
| 126 | |
---|
[dacb555] | 127 | return out; |
---|
[d309eb3] | 128 | } |
---|
| 129 | |
---|
[dacb555] | 130 | char *owl_zcrypt_encrypt(const char *in, const char *class, const char *instance) |
---|
| 131 | { |
---|
[9ceee9d] | 132 | char *fname, keystring[MAX_KEY]; |
---|
| 133 | FILE *fkey; |
---|
| 134 | |
---|
| 135 | fname=GetZephyrVarKeyFile("zcrypt", class, instance); |
---|
[dacb555] | 136 | if (!fname) return NULL; |
---|
[9ceee9d] | 137 | fkey=fopen(fname, "r"); |
---|
[dacb555] | 138 | if (!fkey) return NULL; |
---|
[3daca13] | 139 | if (!fgets(keystring, MAX_KEY-1, fkey)) { |
---|
| 140 | fclose(fkey); |
---|
[dacb555] | 141 | return NULL; |
---|
[3daca13] | 142 | } |
---|
[9ceee9d] | 143 | fclose(fkey); |
---|
| 144 | |
---|
[a52eeb1] | 145 | return owl_zcrypt_encrypt_with_key(in, keystring); |
---|
| 146 | } |
---|
| 147 | |
---|
| 148 | char *owl_zcrypt_encrypt_with_key(const char *in, const char *keystring) |
---|
| 149 | { |
---|
| 150 | des_key_schedule schedule; |
---|
| 151 | char *out; |
---|
| 152 | unsigned char input[8], output[8]; |
---|
| 153 | int size, length, i; |
---|
| 154 | const char *inbuff = NULL, *inptr; |
---|
| 155 | int num_blocks=0, last_block_size=0; |
---|
| 156 | |
---|
[3f18ad5] | 157 | owl_zcrypt_string_to_schedule(keystring, &schedule); |
---|
[9ceee9d] | 158 | |
---|
[dacb555] | 159 | /* Allocate enough space for the crypted message. For each byte of |
---|
| 160 | * the message, the encoded cyphertext will have two bytes. Block |
---|
| 161 | * size is 8 bytes of input, or 16 bytes of output, so make sure we |
---|
| 162 | * have at least one block worth of space allocated. If the message |
---|
| 163 | * is empty, no blocks are sent, but we still allocate one |
---|
| 164 | * block. The additional 16 bytes also provide space for the null |
---|
| 165 | * terminator, as we will never use all of it for cyphertext. |
---|
| 166 | */ |
---|
| 167 | out = owl_malloc((strlen(in) * 2) + 16); |
---|
| 168 | |
---|
[9ceee9d] | 169 | inbuff=in; |
---|
| 170 | length=strlen(inbuff); |
---|
| 171 | num_blocks=(length+7)/8; |
---|
| 172 | last_block_size=((length+7)%8)+1; |
---|
| 173 | |
---|
| 174 | strcpy(out, ""); |
---|
| 175 | |
---|
| 176 | inptr=inbuff; |
---|
| 177 | while (TRUE) { |
---|
| 178 | /* Get 8 bytes from buffer */ |
---|
| 179 | if (num_blocks > 1) { |
---|
| 180 | size = 8; |
---|
| 181 | memcpy(input, inptr, size); |
---|
| 182 | inptr+=8; |
---|
| 183 | num_blocks--; |
---|
| 184 | } else if (num_blocks == 1) { |
---|
| 185 | size=last_block_size; |
---|
| 186 | memcpy(input, inptr, size); |
---|
| 187 | num_blocks--; |
---|
| 188 | } else { |
---|
| 189 | size=0; |
---|
| 190 | } |
---|
| 191 | |
---|
| 192 | /* Check for EOF and pad the string to 8 chars, if needed */ |
---|
| 193 | if (size == 0) break; /* END OF INPUT: BREAK FROM while LOOP! */ |
---|
| 194 | |
---|
| 195 | if (size<8) memset(input + size, 0, 8 - size); |
---|
| 196 | |
---|
| 197 | /* Encrypt and output the block */ |
---|
[3daca13] | 198 | des_ecb_encrypt(&input, &output, schedule, TRUE); |
---|
[9ceee9d] | 199 | |
---|
| 200 | for (i = 0; i < 8; i++) { |
---|
[b9cb41b] | 201 | sprintf(out + strlen(out), "%c", ((output[i] & 0xf0) >> 4) + BASE_CODE); |
---|
| 202 | sprintf(out + strlen(out), "%c", (output[i] & 0x0f) + BASE_CODE); |
---|
[9ceee9d] | 203 | } |
---|
| 204 | |
---|
| 205 | if (size < 8) break; |
---|
| 206 | } |
---|
[dacb555] | 207 | return out; |
---|
[d309eb3] | 208 | } |
---|
| 209 | |
---|
| 210 | |
---|
| 211 | #define MAX_BUFF 258 |
---|
| 212 | #define MAX_SEARCH 3 |
---|
| 213 | /* Find the class/instance in the .crypt-table */ |
---|
[e19eb97] | 214 | char *GetZephyrVarKeyFile(const char *whoami, const char *class, const char *instance) { |
---|
[e3869df] | 215 | char *keyfile = NULL; |
---|
[8412869] | 216 | char *varname[MAX_SEARCH]; |
---|
[d309eb3] | 217 | int length[MAX_SEARCH], i; |
---|
| 218 | char buffer[MAX_BUFF]; |
---|
[8412869] | 219 | char *filename; |
---|
[d309eb3] | 220 | char result[MAX_SEARCH][MAX_BUFF]; |
---|
| 221 | int numsearch = 0; |
---|
| 222 | FILE *fsearch; |
---|
| 223 | |
---|
[8412869] | 224 | memset(varname, 0, sizeof(varname)); |
---|
| 225 | |
---|
[d309eb3] | 226 | /* Determine names to look for in .crypt-table */ |
---|
| 227 | if (instance) { |
---|
[8412869] | 228 | varname[numsearch++] = owl_sprintf("crypt-%s-%s:", (class?class:"message"), instance); |
---|
[d309eb3] | 229 | } |
---|
| 230 | if (class) { |
---|
[8412869] | 231 | varname[numsearch++] = owl_sprintf("crypt-%s:", class); |
---|
[d309eb3] | 232 | } |
---|
[8412869] | 233 | varname[numsearch++] = owl_strdup("crypt-default:"); |
---|
[d309eb3] | 234 | |
---|
| 235 | /* Setup the result array, and determine string lengths */ |
---|
| 236 | for (i = 0; i < numsearch; i++) { |
---|
| 237 | result[i][0] = '\0'; |
---|
| 238 | length[i] = strlen(varname[i]); |
---|
| 239 | } |
---|
| 240 | |
---|
| 241 | /* Open~/.crypt-table */ |
---|
[8412869] | 242 | filename = owl_sprintf("%s/.crypt-table", getenv("HOME")); |
---|
[d309eb3] | 243 | fsearch = fopen(filename, "r"); |
---|
| 244 | if (fsearch) { |
---|
| 245 | /* Scan file for a match */ |
---|
| 246 | while (!feof(fsearch)) { |
---|
[3daca13] | 247 | if (!fgets(buffer, MAX_BUFF - 3, fsearch)) break; |
---|
[d309eb3] | 248 | for (i = 0; i < numsearch; i++) { |
---|
| 249 | if (strncasecmp(varname[i], buffer, length[i]) == 0) { |
---|
| 250 | int j; |
---|
| 251 | for (j = length[i]; buffer[j] == ' '; j++) |
---|
| 252 | ; |
---|
| 253 | strcpy(result[i], &buffer[j]); |
---|
| 254 | if (*result[i]) { |
---|
| 255 | if (result[i][strlen(result[i])-1] == '\n') { |
---|
| 256 | result[i][strlen(result[i])-1] = '\0'; |
---|
| 257 | } |
---|
| 258 | } |
---|
| 259 | } |
---|
| 260 | } |
---|
| 261 | } |
---|
| 262 | |
---|
| 263 | /* Pick the "best" match found */ |
---|
| 264 | keyfile = NULL; |
---|
| 265 | for (i = 0; i < numsearch; i++) { |
---|
| 266 | if (*result[i]) { |
---|
| 267 | keyfile = result[i]; |
---|
| 268 | break; |
---|
| 269 | } |
---|
| 270 | } |
---|
| 271 | |
---|
| 272 | if (keyfile == NULL) { |
---|
[9ceee9d] | 273 | /* printf("Could not find key table entry.\n"); */ |
---|
[d309eb3] | 274 | } else { |
---|
| 275 | /* Prepare result to be returned */ |
---|
[36486be] | 276 | keyfile = owl_strdup(keyfile); |
---|
[d309eb3] | 277 | } |
---|
| 278 | |
---|
| 279 | fclose(fsearch); |
---|
| 280 | } else { |
---|
[9ceee9d] | 281 | /* printf("Could not open key table file: %s\n", filename); */ |
---|
[d309eb3] | 282 | } |
---|
| 283 | |
---|
[8412869] | 284 | for(i = 0; i < MAX_SEARCH; i++) { |
---|
| 285 | owl_free(varname[i]); |
---|
| 286 | } |
---|
| 287 | |
---|
| 288 | owl_free(filename); |
---|
| 289 | |
---|
[d309eb3] | 290 | return(keyfile); |
---|
| 291 | } |
---|
| 292 | |
---|
[c269e22] | 293 | #endif |
---|