source: zcrypt.c @ dacb555

release-1.6release-1.7release-1.8release-1.9
Last change on this file since dacb555 was dacb555, checked in by Anders Kaseorg <andersk@mit.edu>, 11 years ago
zcrypt: Change zcrypt functions to allocate their output buffer. The logic to determine the right buffer size is complicated and does not belong in callers. Signed-off-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Nelson Elhage <nelhage@mit.edu>
  • Property mode set to 100644
File size: 7.2 KB
Line 
1/* This file is stolen and slightly modified code */
2
3/* zcrypt.c -- Read in a data stream from stdin & dump a decrypted/encrypted *
4 *   datastream.  Reads the string to make the key from from the first       *
5 *   parameter.  Encrypts or decrypts according to -d or -e flag.  (-e is    *
6 *   default.)  Will invoke zwrite if the -c option is provided for          *
7 *   encryption.  If a zephyr class is specified & the keyfile name omitted  *
8 *   the ~/.crypt-table will be checked for "crypt-classname" and then       *
9 *   "crypt-default" for the keyfile name.                                   */
10
11#include <stdio.h>
12#include <stdlib.h>
13#include <string.h>
14#include <sys/types.h>
15#include <sys/wait.h>
16#include "owl.h"
17
18#ifdef OWL_ENABLE_ZCRYPT
19
20#define BASE_CODE 70
21#define LAST_CODE (BASE_CODE + 15)
22#define OUTPUT_BLOCK_SIZE 16
23#include <unistd.h>
24#include <sys/types.h>
25
26#ifdef HAVE_KERBEROS_IV
27#include <kerberosIV/des.h>
28#else
29#include <openssl/des.h>
30#endif
31
32#define MAX_KEY 128
33
34#ifndef TRUE
35#define TRUE -1
36#endif
37#ifndef FALSE
38#define FALSE 0
39#endif
40
41#define ZWRITE_OPT_NOAUTH     (1<<0)
42#define ZWRITE_OPT_SIGNATURE  (1<<1)
43#define ZWRITE_OPT_IGNOREVARS (1<<2)
44#define ZWRITE_OPT_VERBOSE    (1<<3)
45#define ZWRITE_OPT_QUIET      (1<<4)
46#define ZCRYPT_OPT_MESSAGE    (1<<5)
47#define ZCRYPT_OPT_IGNOREDOT  (1<<6)
48
49typedef struct
50{
51  int flags;
52  char *signature;
53  char *message;
54} ZWRITEOPTIONS;
55
56char *GetZephyrVarKeyFile(const char *whoami, const char *class, const char *instance);
57
58#define M_NONE            0
59#define M_ZEPHYR_ENCRYPT  1
60#define M_DECRYPT         2
61#define M_ENCRYPT         3
62#define M_RANDOMIZE       4
63#define M_SETKEY          5
64
65static void owl_zcrypt_string_to_schedule(char *keystring, des_key_schedule *schedule) {
66#ifdef HAVE_KERBEROS_IV
67  des_cblock key;
68#else
69  des_cblock _key, *key = &_key;
70#endif
71
72  des_string_to_key(keystring, key);
73  des_key_sched(key, *schedule);
74}
75
76/* The 'owl_zcrypt_decrypt' function was written by kretch for Owl.
77 * Decrypt the message in 'in' on class 'class' and instance
78 * 'instance'.  Return must be freed by caller.
79 */
80char *owl_zcrypt_decrypt(const char *in, const char *class, const char *instance)
81{
82  const char *inptr, *endptr;
83  char *fname, keystring[MAX_KEY];
84  FILE *fkey;
85  des_key_schedule schedule;
86  char *out;
87  unsigned char input[8], output[8];
88  int i, c1, c2;
89 
90  fname=GetZephyrVarKeyFile("zcrypt", class, instance);
91  if (!fname) return NULL;
92  fkey=fopen(fname, "r");
93  if (!fkey) return NULL;
94  if (!fgets(keystring, MAX_KEY-1, fkey)) {
95    fclose(fkey);
96    return NULL;
97  }
98  fclose(fkey);
99
100  out = owl_malloc(strlen(in) * 16 + 20);
101  strcpy(out, "");
102
103  output[0] = '\0';    /* In case no message at all                 */
104
105  owl_zcrypt_string_to_schedule(keystring, &schedule);
106
107  inptr=in;
108  endptr=in+strlen(in)-1;
109  while (inptr<endptr) {
110    for (i=0; i<8; i++) {
111      c1=(inptr[0])-BASE_CODE;
112      c2=(inptr[1])-BASE_CODE;
113      input[i]=c1 * 0x10 + c2;
114      inptr+=2;
115    }
116    des_ecb_encrypt(&input, &output, schedule, FALSE);
117    strncat(out, (const char *)output, 8);
118  }
119
120  if (out[0] && out[strlen(out) - 1] != '\n')
121    strcat(out, "\n");
122  return out;
123}
124
125char *owl_zcrypt_encrypt(const char *in, const char *class, const char *instance)
126{
127  char *fname, keystring[MAX_KEY];
128  FILE *fkey;
129  des_key_schedule schedule;
130  char *out;
131  unsigned char input[8], output[8];
132  int size, length, i;
133  const char *inbuff = NULL, *inptr;
134  int num_blocks=0, last_block_size=0;
135
136  fname=GetZephyrVarKeyFile("zcrypt", class, instance);
137  if (!fname) return NULL;
138  fkey=fopen(fname, "r");
139  if (!fkey) return NULL;
140  if (!fgets(keystring, MAX_KEY-1, fkey)) {
141    fclose(fkey);
142    return NULL;
143  }
144  fclose(fkey);
145
146  owl_zcrypt_string_to_schedule(keystring, &schedule);
147
148  /* Allocate enough space for the crypted message. For each byte of
149   * the message, the encoded cyphertext will have two bytes. Block
150   * size is 8 bytes of input, or 16 bytes of output, so make sure we
151   * have at least one block worth of space allocated. If the message
152   * is empty, no blocks are sent, but we still allocate one
153   * block. The additional 16 bytes also provide space for the null
154   * terminator, as we will never use all of it for cyphertext.
155   */
156  out = owl_malloc((strlen(in) * 2) + 16);
157
158  inbuff=in;
159  length=strlen(inbuff);
160  num_blocks=(length+7)/8;
161  last_block_size=((length+7)%8)+1;
162
163  strcpy(out, "");
164 
165  inptr=inbuff;
166  while (TRUE) {
167    /* Get 8 bytes from buffer */
168    if (num_blocks > 1) {
169      size = 8;
170      memcpy(input, inptr, size);
171      inptr+=8;
172      num_blocks--;
173    } else if (num_blocks == 1) {
174      size=last_block_size;
175      memcpy(input, inptr, size);
176      num_blocks--;
177    } else {
178      size=0;
179    }
180
181    /* Check for EOF and pad the string to 8 chars, if needed */
182    if (size == 0) break;     /* END OF INPUT: BREAK FROM while LOOP! */
183     
184    if (size<8) memset(input + size, 0, 8 - size);
185
186    /* Encrypt and output the block */
187    des_ecb_encrypt(&input, &output, schedule, TRUE);
188
189    for (i = 0; i < 8; i++) {
190      sprintf(out + strlen(out), "%c", ((output[i] & 0xf0) >> 4) + BASE_CODE);
191      sprintf(out + strlen(out), "%c", (output[i] & 0x0f)        + BASE_CODE);
192    }
193
194    if (size < 8) break;
195  }
196  return out;
197}
198
199
200#define MAX_BUFF 258
201#define MAX_SEARCH 3
202/* Find the class/instance in the .crypt-table */
203char *GetZephyrVarKeyFile(const char *whoami, const char *class, const char *instance) {
204  char *keyfile = NULL;
205  char *varname[MAX_SEARCH];
206  int length[MAX_SEARCH], i;
207  char buffer[MAX_BUFF];
208  char *filename;
209  char result[MAX_SEARCH][MAX_BUFF];
210  int numsearch = 0;
211  FILE *fsearch;
212
213  memset(varname, 0, sizeof(varname));
214
215  /* Determine names to look for in .crypt-table */
216  if (instance) {
217    varname[numsearch++] = owl_sprintf("crypt-%s-%s:", (class?class:"message"), instance);
218  }
219  if (class) {
220    varname[numsearch++] = owl_sprintf("crypt-%s:", class);
221  }
222  varname[numsearch++] = owl_strdup("crypt-default:");
223
224  /* Setup the result array, and determine string lengths */
225  for (i = 0; i < numsearch; i++) {
226    result[i][0] = '\0';
227    length[i] = strlen(varname[i]);
228  }
229
230  /* Open~/.crypt-table */
231  filename = owl_sprintf("%s/.crypt-table", getenv("HOME"));
232  fsearch = fopen(filename, "r");
233  if (fsearch) {
234    /* Scan file for a match */
235    while (!feof(fsearch)) {
236      if (!fgets(buffer, MAX_BUFF - 3, fsearch)) break;
237      for (i = 0; i < numsearch; i++) {
238        if (strncasecmp(varname[i], buffer, length[i]) == 0) {
239          int j;
240          for (j = length[i]; buffer[j] == ' '; j++)
241            ;
242          strcpy(result[i], &buffer[j]);
243          if (*result[i]) {
244            if (result[i][strlen(result[i])-1] == '\n') {
245              result[i][strlen(result[i])-1] = '\0';
246            }
247          }
248        }
249      }
250    }
251
252    /* Pick the "best" match found */
253    keyfile = NULL;
254    for (i = 0; i < numsearch; i++) {
255      if (*result[i]) {
256        keyfile = result[i];
257        break;
258      }
259    }
260
261    if (keyfile == NULL) {
262      /* printf("Could not find key table entry.\n"); */
263    } else {
264      /* Prepare result to be returned */
265      keyfile = owl_strdup(keyfile);
266    }
267   
268    fclose(fsearch);
269  } else {
270    /* printf("Could not open key table file: %s\n", filename); */
271  }
272
273  for(i = 0; i < MAX_SEARCH; i++) {
274    owl_free(varname[i]);
275  }
276
277  owl_free(filename);
278
279  return(keyfile);
280}
281
282#endif
Note: See TracBrowser for help on using the repository browser.