Context Navigation

source: zcrypt.c @ f5f6ec0

Visit:

release-1.10release-1.8release-1.9

Last change on this file since f5f6ec0 was c6332f5, checked in by David Benjamin <davidben@mit.edu>, 14 years ago
Compute the home directory in zcrypt as in owl_global While I'm here, may as well be consistent and fall back to passwd entries as appropriate.
Property mode set to `100644`
File size: 20.9 KB

Line
1	/* zcrypt.c -- Read in a data stream from stdin & dump a decrypted/encrypted *
2	* datastream. Reads the string to make the key from from the first *
3	* parameter. Encrypts or decrypts according to -d or -e flag. (-e is *
4	* default.) Will invoke zwrite if the -c option is provided for *
5	* encryption. If a zephyr class is specified & the keyfile name omitted *
6	* the ~/.crypt-table will be checked for "crypt-classname" and then *
7	* "crypt-default" for the keyfile name. */
8
9	#include <stdio.h>
10
11	#include <unistd.h>
12	#include <sys/types.h>
13	#include <glib.h>
14	#include <string.h>
15	#include <stdlib.h>
16	#include <sys/wait.h>
17	#include <ctype.h>
18
19	#include "config.h"
20
21	#ifdef HAVE_KERBEROS_IV
22	#include <kerberosIV/des.h>
23	#else
24	#include <openssl/des.h>
25	#endif
26
27	#include "filterproc.h"
28
29	/* Annotate functions in which the caller owns the return value and is
30	* responsible for ensuring it is freed. */
31	#define CALLER_OWN G_GNUC_WARN_UNUSED_RESULT
32
33	#define MAX_KEY 128
34	#define MAX_LINE 128
35	#define MAX_RESULT 4096
36
37	#ifndef TRUE
38	#define TRUE -1
39	#endif
40	#ifndef FALSE
41	#define FALSE 0
42	#endif
43
44	#define ZWRITE_OPT_NOAUTH (1<<0)
45	#define ZWRITE_OPT_SIGNATURE (1<<1)
46	#define ZWRITE_OPT_IGNOREVARS (1<<2)
47	#define ZWRITE_OPT_VERBOSE (1<<3)
48	#define ZWRITE_OPT_QUIET (1<<4)
49	#define ZCRYPT_OPT_MESSAGE (1<<5)
50	#define ZCRYPT_OPT_IGNOREDOT (1<<6)
51
52	typedef struct
53	{
54	int flags;
55	const char *signature;
56	char *message;
57	} ZWRITEOPTIONS;
58
59	CALLER_OWN char GetZephyrVarKeyFile(const char whoami, const char class, const char instance);
60	int ParseCryptSpec(const char spec, const char *keyfile);
61	CALLER_OWN char BuildArgString(char *argv, int start, int end);
62	CALLER_OWN char read_keystring(const char keyfile);
63
64	int do_encrypt(int zephyr, const char class, const char instance,
65	ZWRITEOPTIONS zoptions, const char keyfile, int cipher);
66	int do_encrypt_des(const char keyfile, const char in, int len, FILE *out);
67	int do_encrypt_aes(const char keyfile, const char in, int len, FILE *out);
68
69	int do_decrypt(const char *keyfile, int cipher);
70	int do_decrypt_aes(const char *keyfile);
71	int do_decrypt_des(const char *keyfile);
72
73
74	#define M_NONE 0
75	#define M_ZEPHYR_ENCRYPT 1
76	#define M_DECRYPT 2
77	#define M_ENCRYPT 3
78	#define M_RANDOMIZE 4
79	#define M_SETKEY 5
80
81	enum cipher_algo {
82	CIPHER_DES,
83	CIPHER_AES,
84	NCIPHER
85	};
86
87	typedef struct {
88	int (encrypt)(const char keyfile, const char in, int len, FILE out);
89	int (decrypt)(const char keyfile);
90	} cipher_pair;
91
92	cipher_pair ciphers[NCIPHER] = {
93	[CIPHER_DES] = { do_encrypt_des, do_decrypt_des},
94	[CIPHER_AES] = { do_encrypt_aes, do_decrypt_aes},
95	};
96
97	static void owl_zcrypt_string_to_schedule(char keystring, des_key_schedule schedule) {
98	#ifdef HAVE_KERBEROS_IV
99	des_cblock key;
100	#else
101	des_cblock _key, *key = &_key;
102	#endif
103
104	des_string_to_key(keystring, key);
105	des_key_sched(key, *schedule);
106	}
107
108	int main(int argc, char *argv[])
109	{
110	char *cryptspec = NULL;
111	const char *keyfile;
112	int cipher;
113	int error = FALSE;
114	int zephyr = FALSE;
115	const char class = NULL, instance = NULL;
116	int mode = M_NONE;
117
118	char c;
119
120	int messageflag = FALSE;
121	ZWRITEOPTIONS zoptions;
122	zoptions.flags = 0;
123
124	while ((c = getopt(argc, argv, "ZDERSF:c:i:advqtluons:f:m")) != (char)EOF)
125	{
126	switch(c)
127	{
128	case 'Z':
129	/* Zephyr encrypt */
130	mode = M_ZEPHYR_ENCRYPT;
131	break;
132	case 'D':
133	/* Decrypt */
134	mode = M_DECRYPT;
135	break;
136	case 'E':
137	/* Encrypt */
138	mode = M_ENCRYPT;
139	break;
140	case 'R':
141	/* Randomize the keyfile */
142	mode = M_RANDOMIZE;
143	break;
144	case 'S':
145	/* Set a new key value from stdin */
146	mode = M_SETKEY;
147	break;
148	case 'F':
149	/* Specify the keyfile explicitly */
150	if (cryptspec != NULL) error = TRUE;
151	cryptspec = optarg;
152	break;
153	case 'c':
154	/* Zwrite/zcrypt: class name */
155	if (class != NULL) error = TRUE;
156	class = optarg;
157	break;
158	case 'i':
159	/* Zwrite/zcrypt: instance name */
160	if (instance != NULL) error = TRUE;
161	instance = optarg;
162	break;
163	case 'a':
164	/* Zwrite: authenticate (default) */
165	zoptions.flags &= ~ZWRITE_OPT_NOAUTH;
166	break;
167	case 'd':
168	/* Zwrite: do not authenticate */
169	zoptions.flags \|= ZWRITE_OPT_NOAUTH;
170	break;
171	case 'v':
172	/* Zwrite: verbose */
173	zoptions.flags \|= ZWRITE_OPT_VERBOSE;
174	break;
175	case 'q':
176	/* Zwrite: quiet */
177	zoptions.flags \|= ZWRITE_OPT_QUIET;
178	break;
179	case 't':
180	/* Zwrite: no expand tabs (ignored) */
181	break;
182	case 'l':
183	/* Zwrite: ignore '.' on a line by itself (ignored) */
184	zoptions.flags \|= ZCRYPT_OPT_IGNOREDOT;
185	break;
186	case 'u':
187	/* Zwrite: urgent message */
188	instance = "URGENT";
189	break;
190	case 'o':
191	/* Zwrite: ignore zephyr variables zwrite-class, zwrite-inst, */
192	/* zwrite-opcode */
193	zoptions.flags \|= ZWRITE_OPT_IGNOREVARS;
194	break;
195	case 'n':
196	/* Zwrite: prevent PING message (always used) */
197	break;
198	case 's':
199	/* Zwrite: signature */
200	zoptions.flags \|= ZWRITE_OPT_SIGNATURE;
201	zoptions.signature = optarg;
202	break;
203	case 'f':
204	/* Zwrite: file system specification (ignored) */
205	break;
206	case 'm':
207	/* Message on rest of line*/
208	messageflag = TRUE;
209	break;
210	case '?':
211	error = TRUE;
212	break;
213	}
214	if (error \|\| messageflag)
215	break;
216	}
217
218	if (class != NULL \|\| instance != NULL)
219	zephyr = TRUE;
220
221	if (messageflag)
222	{
223	zoptions.flags \|= ZCRYPT_OPT_MESSAGE;
224	zoptions.message = BuildArgString(argv, optind, argc);
225	if (!zoptions.message)
226	{
227	fprintf(stderr, "Memory allocation error.\n");
228	error = TRUE;
229	}
230	}
231	else if (optind < argc)
232	{
233	error = TRUE;
234	}
235
236	if (mode == M_NONE)
237	mode = (zephyr?M_ZEPHYR_ENCRYPT:M_ENCRYPT);
238
239	if (mode == M_ZEPHYR_ENCRYPT && !zephyr)
240	error = TRUE;
241
242	if (!error && cryptspec == NULL && (class != NULL \|\| instance != NULL)) {
243	cryptspec = GetZephyrVarKeyFile(argv[0], class, instance);
244	if(!cryptspec) {
245	fprintf(stderr, "Unable to find keyfile for ");
246	if(class != NULL) {
247	fprintf(stderr, "-c %s ", class);
248	}
249	if(instance != NULL) {
250	fprintf(stderr, "-i %s ", instance);
251	}
252	fprintf(stderr, "\n");
253	exit(-1);
254	}
255	}
256
257	if (error \|\| !cryptspec)
258	{
259	fprintf(stderr, "Usage: %s [-Z\|-D\|-E\|-R\|-S] [-F Keyfile] [-c class] [-i instance]\n", argv[0]);
260	fprintf(stderr, " [-advqtluon] [-s signature] [-f arg] [-m message]\n");
261	fprintf(stderr, " One or more of class, instance, and keyfile must be specified.\n");
262	exit(1);
263	}
264
265	cipher = ParseCryptSpec(cryptspec, &keyfile);
266	if(cipher < 0) {
267	fprintf(stderr, "Invalid cipher specification: %s\n", cryptspec);
268	exit(1);
269	}
270
271
272	if (mode == M_RANDOMIZE)
273	{
274	/* Choose a new, random key */
275	/*
276	FILE *fkey = fopen(fname, "w");
277	if (!fkey)
278	printf("Could not open key file for writing: %s\n", fname);
279	else
280	{
281	char string[100];
282	fputs(fkey, string);
283	fclose(fkey);
284	}
285	*/
286	fprintf(stderr, "Feature not yet implemented.\n");
287	}
288	else if (mode == M_SETKEY)
289	{
290	/* Set a new, user-entered key */
291	char newkey[MAX_KEY];
292	FILE *fkey;
293
294	if (isatty(0))
295	{
296	printf("Enter new key: ");
297	/* Really should read without echo!!! */
298	}
299	if(!fgets(newkey, MAX_KEY - 1, stdin)) {
300	fprintf(stderr, "Error reading key.\n");
301	return 1;
302	}
303
304	fkey = fopen(keyfile, "w");
305	if (!fkey)
306	fprintf(stderr, "Could not open key file for writing: %s\n", keyfile);
307	else
308	{
309	if (fputs(newkey, fkey) != strlen(newkey) \|\| putc('\n', fkey) != '\n')
310	{
311	fprintf(stderr, "Error writing to key file.\n");
312	fclose(fkey);
313	exit(1);
314	}
315	else
316	{
317	fclose(fkey);
318	fprintf(stderr, "Key update complete.\n");
319	}
320	}
321	}
322	else
323	{
324	if (mode == M_ZEPHYR_ENCRYPT \|\| mode == M_ENCRYPT)
325	error = !do_encrypt((mode == M_ZEPHYR_ENCRYPT), class, instance,
326	&zoptions, keyfile, cipher);
327	else
328	error = !do_decrypt(keyfile, cipher);
329	}
330
331	/* Always print the END message if -D is specified. */
332	if (mode == M_DECRYPT)
333	printf("END\n");
334
335	return error;
336	}
337
338	int ParseCryptSpec(const char spec, const char *keyfile) {
339	int cipher = CIPHER_DES;
340	char *cipher_name = strdup(spec);
341	char *colon = strchr(cipher_name, ':');
342
343	*keyfile = spec;
344
345	if (colon) {
346	char *rest = strchr(spec, ':') + 1;
347	while(isspace(*rest)) rest++;
348
349	*colon-- = '\0';
350	while (colon >= cipher_name && isspace(*colon)) {
351	*colon = '\0';
352	}
353
354	if(strcmp(cipher_name, "AES") == 0) {
355	cipher = CIPHER_AES;
356	*keyfile = rest;
357	} else if(strcmp(cipher_name, "DES") == 0) {
358	cipher = CIPHER_DES;
359	*keyfile = rest;
360	}
361	}
362
363	free(cipher_name);
364
365	return cipher;
366	}
367
368	/* Build a space-separated string from argv from elements between start *
369	* and end - 1. malloc()'s the returned string. */
370	CALLER_OWN char BuildArgString(char *argv, int start, int end)
371	{
372	int len = 1;
373	int i;
374	char *result;
375
376	/* Compute the length of the string. (Plus 1 or 2) */
377	for (i = start; i < end; i++)
378	len += strlen(argv[i]) + 1;
379
380	/* Allocate memory */
381	result = (char *)malloc(len);
382	if (result)
383	{
384	/* Build the string */
385	char *ptr = result;
386	/* Start with an empty string, in case nothing is copied. */
387	*ptr = '\0';
388	/* Copy the arguments */
389	for (i = start; i < end; i++)
390	{
391	char *temp = argv[i];
392	/* Add a space, if not the first argument */
393	if (i != start)
394	*ptr++ = ' ';
395	/* Copy argv[i], leaving ptr pointing to the '\0' copied from temp */
396	while ((ptr = temp++))
397	ptr++;
398	}
399	}
400
401	return result;
402	}
403
404	#define MAX_BUFF 258
405	#define MAX_SEARCH 3
406	/* Find the class/instance in the .crypt-table */
407	CALLER_OWN char GetZephyrVarKeyFile(const char whoami, const char class, const char instance)
408	{
409	char *keyfile = NULL;
410	char *varname[MAX_SEARCH];
411	int length[MAX_SEARCH], i;
412	char buffer[MAX_BUFF];
413	const char *home;
414	char *filename;
415	char result[MAX_SEARCH][MAX_BUFF];
416	int numsearch = 0;
417	FILE *fsearch;
418
419	memset(varname, 0, sizeof(varname));
420
421	/* Determine names to look for in .crypt-table */
422	if (instance)
423	varname[numsearch++] = g_strdup_printf("crypt-%s-%s:", (class?class:"message"), instance);
424	if (class)
425	varname[numsearch++] = g_strdup_printf("crypt-%s:", class);
426	varname[numsearch++] = g_strdup("crypt-default:");
427
428	/* Setup the result array, and determine string lengths */
429	for (i = 0; i < numsearch; i++)
430	{
431	result[i][0] = '\0';
432	length[i] = strlen(varname[i]);
433	}
434
435	/* Open~/.crypt-table */
436	home = getenv("HOME");
437	if (home == NULL)
438	home = g_get_home_dir();
439	filename = g_build_filename(home, ".crypt-table", NULL);
440	fsearch = fopen(filename, "r");
441	if (fsearch)
442	{
443	/* Scan file for a match */
444	while (!feof(fsearch))
445	{
446	if (!fgets(buffer, MAX_BUFF - 3, fsearch)) break;
447	for (i = 0; i < numsearch; i++)
448	if (strncasecmp(varname[i], buffer, length[i]) == 0)
449	{
450	int j;
451	for (j = length[i]; buffer[j] == ' '; j++)
452	;
453	strcpy(result[i], &buffer[j]);
454	if (*result[i])
455	if (result[i][strlen(result[i])-1] == '\n')
456	result[i][strlen(result[i])-1] = '\0';
457	}
458	}
459
460	/* Pick the "best" match found */
461	keyfile = NULL;
462	for (i = 0; i < numsearch; i++)
463	if (*result[i])
464	{
465	keyfile = result[i];
466	break;
467	}
468
469	if (keyfile != NULL)
470	{
471	/* Prepare result to be returned */
472	char *temp = keyfile;
473	keyfile = (char *)malloc(strlen(temp) + 1);
474	if (keyfile)
475	strcpy(keyfile, temp);
476	else
477	fprintf(stderr, "Memory allocation error.\n");
478	}
479	fclose(fsearch);
480	}
481	else
482	fprintf(stderr, "Could not open key table file: %s\n", filename);
483
484	for(i = 0; i < MAX_SEARCH; i++) {
485	g_free(varname[i]);
486	}
487
488	g_free(filename);
489
490	return keyfile;
491	}
492
493	static pid_t zephyrpipe_pid = 0;
494
495	/* Open a pipe to zwrite */
496	FILE GetZephyrPipe(const char class, const char instance, const ZWRITEOPTIONS zoptions)
497	{
498	int fildes[2];
499	pid_t pid;
500	FILE *result;
501	const char *argv[20];
502	int argc = 0;
503
504	if (pipe(fildes) < 0)
505	return NULL;
506	pid = fork();
507
508	if (pid < 0)
509	{
510	/* Error: clean up */
511	close(fildes[0]);
512	close(fildes[1]);
513	result = NULL;
514	}
515	else if (pid == 0)
516	{
517	/* Setup child process */
518	argv[argc++] = "zwrite";
519	argv[argc++] = "-n"; /* Always send without ping */
520	if (class)
521	{
522	argv[argc++] = "-c";
523	argv[argc++] = class;
524	}
525	if (instance)
526	{
527	argv[argc++] = "-i";
528	argv[argc++] = instance;
529	}
530	if (zoptions->flags & ZWRITE_OPT_NOAUTH)
531	argv[argc++] = "-d";
532	if (zoptions->flags & ZWRITE_OPT_QUIET)
533	argv[argc++] = "-q";
534	if (zoptions->flags & ZWRITE_OPT_VERBOSE)
535	argv[argc++] = "-v";
536	if (zoptions->flags & ZWRITE_OPT_SIGNATURE)
537	{
538	argv[argc++] = "-s";
539	argv[argc++] = zoptions->signature;
540	}
541	argv[argc++] = "-O";
542	argv[argc++] = "crypt";
543	argv[argc] = NULL;
544	close(fildes[1]);
545	if (fildes[0] != STDIN_FILENO)
546	{
547	if (dup2(fildes[0], STDIN_FILENO) != STDIN_FILENO)
548	exit(0);
549	close(fildes[0]);
550	}
551	close(fildes[0]);
552	execvp(argv[0], (char **)argv);
553	fprintf(stderr, "Exec error: could not run zwrite\n");
554	exit(0);
555	}
556	else
557	{
558	close(fildes[0]);
559	/* Create a FILE * for the zwrite pipe */
560	result = (FILE *)fdopen(fildes[1], "w");
561	zephyrpipe_pid = pid;
562	}
563
564	return result;
565	}
566
567	/* Close the pipe to zwrite */
568	void CloseZephyrPipe(FILE *pipe)
569	{
570	fclose(pipe);
571	waitpid(zephyrpipe_pid, NULL, 0);
572	zephyrpipe_pid = 0;
573	}
574
575	#define BASE_CODE 70
576	#define LAST_CODE (BASE_CODE + 15)
577	#define OUTPUT_BLOCK_SIZE 16
578
579	void block_to_ascii(unsigned char output, FILE outfile)
580	{
581	int i;
582	for (i = 0; i < 8; i++)
583	{
584	putc(((output[i] & 0xf0) >> 4) + BASE_CODE, outfile);
585	putc( (output[i] & 0x0f) + BASE_CODE, outfile);
586	}
587	}
588
589	CALLER_OWN char slurp_stdin(int ignoredot, int length) {
590	char *buf;
591	char *inptr;
592
593	if ((inptr = buf = (char *)malloc(MAX_RESULT)) == NULL)
594	{
595	fprintf(stderr, "Memory allocation error\n");
596	return NULL;
597	}
598	while (inptr - buf < MAX_RESULT - MAX_LINE - 20)
599	{
600	if (fgets(inptr, MAX_LINE, stdin) == NULL)
601	break;
602
603	if (inptr[0])
604	{
605	if (inptr[0] == '.' && inptr[1] == '\n' && !ignoredot)
606	{
607	inptr[0] = '\0';
608	break;
609	}
610	else
611	inptr += strlen(inptr);
612	}
613	else
614	break;
615	}
616	*length = inptr - buf;
617
618	return buf;
619	}
620
621	CALLER_OWN char GetInputBuffer(ZWRITEOPTIONS zoptions, int *length) {
622	char *buf;
623
624	if (zoptions->flags & ZCRYPT_OPT_MESSAGE)
625	{
626	/* Use the -m message */
627	buf = strdup(zoptions->message);
628	*length = strlen(buf);
629	}
630	else
631	{
632	if (isatty(0)) {
633	/* tty input, so show the "Type your message now..." message */
634	if (zoptions->flags & ZCRYPT_OPT_IGNOREDOT)
635	printf("Type your message now. End with the end-of-file character.\n");
636	else
637	printf("Type your message now. End with control-D or a dot on a line by itself.\n");
638	} else {
639	zoptions->flags \|= ZCRYPT_OPT_IGNOREDOT;
640	}
641
642	buf = slurp_stdin(zoptions->flags & ZCRYPT_OPT_IGNOREDOT, length);
643	}
644	return buf;
645	}
646
647	CALLER_OWN char read_keystring(const char keyfile) {
648	char *keystring;
649	FILE *fkey = fopen(keyfile, "r");
650	if(!fkey) {
651	fprintf(stderr, "Unable to open keyfile %s\n", keyfile);
652	return NULL;
653	}
654	keystring = malloc(MAX_KEY);
655	if(!fgets(keystring, MAX_KEY-1, fkey)) {
656	fprintf(stderr, "Unable to read from keyfile: %s\n", keyfile);
657	free(keystring);
658	keystring = NULL;
659	}
660	fclose(fkey);
661	return keystring;
662	}
663
664	/* Encrypt stdin, with prompt if isatty, and send to stdout, or to zwrite
665	if zephyr is set. */
666	int do_encrypt(int zephyr, const char class, const char instance,
667	ZWRITEOPTIONS zoptions, const char keyfile, int cipher)
668	{
669	FILE *outfile = stdout;
670	char *inbuff = NULL;
671	int buflen;
672	int out = TRUE;
673
674	inbuff = GetInputBuffer(zoptions, &buflen);
675
676	if(!inbuff) {
677	fprintf(stderr, "Error reading zcrypt input!\n");
678	return FALSE;
679	}
680
681	if (zephyr) {
682	outfile = GetZephyrPipe(class, instance, zoptions);
683	if (!outfile)
684	{
685	fprintf(stderr, "Could not run zwrite\n");
686	if (inbuff)
687	free(inbuff);
688	return FALSE;
689	}
690	}
691
692	out = ciphers[cipher].encrypt(keyfile, inbuff, buflen, outfile);
693
694	if (zephyr)
695	CloseZephyrPipe(outfile);
696
697	free(inbuff);
698	return out;
699	}
700
701	int do_encrypt_des(const char keyfile, const char in, int length, FILE *outfile)
702	{
703	des_key_schedule schedule;
704	unsigned char input[8], output[8];
705	const char *inptr;
706	int num_blocks, last_block_size;
707	char *keystring;
708	int size;
709
710	keystring = read_keystring(keyfile);
711	if(!keystring) {
712	return FALSE;
713	}
714
715	owl_zcrypt_string_to_schedule(keystring, &schedule);
716	free(keystring);
717
718	inptr = in;
719	num_blocks = (length + 7) / 8;
720	last_block_size = ((length + 7) % 8) + 1;
721
722	/* Encrypt the input (inbuff or stdin) and send it to outfile */
723	while (TRUE)
724	{
725	/* Get 8 bytes from buffer */
726	if (num_blocks > 1)
727	{
728	size = 8;
729	memcpy(input, inptr, size);
730	inptr += 8;
731	num_blocks--;
732	}
733	else if (num_blocks == 1)
734	{
735	size = last_block_size;
736	memcpy(input, inptr, size);
737	num_blocks--;
738	}
739	else
740	size = 0;
741
742	/* Check for EOF and pad the string to 8 chars, if needed */
743	if (size == 0)
744	break;
745	if (size < 8)
746	memset(input + size, 0, 8 - size);
747
748	/* Encrypt and output the block */
749	des_ecb_encrypt(&input, &output, schedule, TRUE);
750	block_to_ascii(output, outfile);
751
752	if (size < 8)
753	break;
754	}
755
756	putc('\n', outfile);
757
758	return TRUE;
759	}
760
761	int do_encrypt_aes(const char keyfile, const char in, int length, FILE *outfile)
762	{
763	char *out;
764	int err, status;
765	const char *argv[] = {
766	"gpg",
767	"--symmetric",
768	"--batch",
769	"--quiet",
770	"--no-use-agent",
771	"--armor",
772	"--cipher-algo", "AES",
773	"--passphrase-file", keyfile,
774	NULL
775	};
776	err = call_filter("gpg", argv, in, &out, &status);
777	if(err \|\| status) {
778	g_free(out);
779	return FALSE;
780	}
781	fwrite(out, strlen(out), 1, outfile);
782	g_free(out);
783	return TRUE;
784	}
785
786	/* Read a half-byte from stdin, skipping invalid characters. Returns -1
787	if at EOF or file error */
788	int read_ascii_nybble(void)
789	{
790	char c;
791
792	while (TRUE)
793	{
794	if (fread(&c, 1, 1, stdin) == 0)
795	return -1;
796	else if (c >= BASE_CODE && c <= LAST_CODE)
797	return c - BASE_CODE;
798	}
799	}
800
801	/* Read both halves of the byte and return the single byte. Returns -1
802	if at EOF or file error. */
803	int read_ascii_byte(void)
804	{
805	int c1, c2;
806	c1 = read_ascii_nybble();
807	if (c1 >= 0)
808	{
809	c2 = read_ascii_nybble();
810	if (c2 >= 0)
811	{
812	return c1 * 0x10 + c2;
813	}
814	}
815	return -1;
816	}
817
818	/* Read an 8-byte DES block from stdin */
819	int read_ascii_block(unsigned char *input)
820	{
821	int c;
822
823	int i;
824	for (i = 0; i < 8; i++)
825	{
826	c = read_ascii_byte();
827	if (c < 0)
828	return FALSE;
829
830	input[i] = c;
831	}
832
833	return TRUE;
834	}
835
836	/* Decrypt stdin */
837	int do_decrypt(const char *keyfile, int cipher)
838	{
839	return ciphers[cipher].decrypt(keyfile);
840	}
841
842	int do_decrypt_aes(const char *keyfile) {
843	char in, out;
844	int length;
845	const char *argv[] = {
846	"gpg",
847	"--decrypt",
848	"--batch",
849	"--no-use-agent",
850	"--quiet",
851	"--passphrase-file", keyfile,
852	NULL
853	};
854	int err, status;
855
856	in = slurp_stdin(TRUE, &length);
857	if(!in) return FALSE;
858
859	err = call_filter("gpg", argv, in, &out, &status);
860	if(err \|\| status) {
861	g_free(out);
862	return FALSE;
863	}
864	fwrite(out, strlen(out), 1, stdout);
865	g_free(out);
866
867	return TRUE;
868	}
869
870	int do_decrypt_des(const char *keyfile) {
871	des_key_schedule schedule;
872	unsigned char input[8], output[8];
873	char tmp[9];
874	char *keystring;
875
876	/*
877	DES decrypts 8 bytes at a time. We copy those over into the 9-byte
878	'tmp', which has the final byte zeroed, to ensure that we always
879	have a NULL-terminated string we can call printf/strlen on.
880
881	We don't pass 'tmp' to des_ecb_encrypt directly, because it's
882	prototyped as taking 'unsigned char[8]', and this avoids a stupid
883	cast.
884
885	We zero 'tmp' entirely, not just the final byte, in case there are
886	no input blocks.
887	*/
888	memset(tmp, 0, sizeof tmp);
889
890	keystring = read_keystring(keyfile);
891	if(!keystring) return FALSE;
892
893	owl_zcrypt_string_to_schedule(keystring, &schedule);
894
895	free(keystring);
896
897	while (read_ascii_block(input))
898	{
899	des_ecb_encrypt(&input, &output, schedule, FALSE);
900	memcpy(tmp, output, 8);
901	printf("%s", tmp);
902	}
903
904	if (!tmp[0] \|\| tmp[strlen(tmp) - 1] != '\n')
905	printf("\n");
906	return TRUE;
907	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: