int ora_hash_password(char *pass) {
  // secret hash function comes here, and written to char *hash
  int siz = 0;
  unsigned char *desresult;
  unsigned char *result;
  char buff[strlen(pass) + 5];

  memset(buff, 0, sizeof(buff));

  //concatenate Arb string and convert the resulting string to uppercase
  snprintf(buff, sizeof(buff), "Arb%s", pass);
  strupper(buff);

  if (initial_permutation(&result, buff, &siz)) {
    hydra_report(stderr, "[ERROR] ora_hash_password: in initial_permutation\n");
    return 1;
  }

  if (convert_byteorder(&result, siz)) {
    hydra_report(stderr, "[ERROR] ora_hash_password: in convert_byteorder\n");
    return 1;
  }
  if (ora_descrypt(&desresult, result, siz)) {
    hydra_report(stderr, "[ERROR] ora_hash_password: in DES crypt\n");
    return 1;
  }
  free(result);
  if (ora_hash(&result, desresult, siz)) {
    hydra_report(stderr, "[ERROR] ora_hash_password: in extracting Oracle hash\n");
    return 1;
  }

  memcpy(hash, result, HASHSIZE);
  free(desresult);
  free(result);

  return 0;
}
Beispiel #2
0
/* Merge signatures from userid in fkey (which is keyfile) at keypos with
 * userid from fring (which is ringfile) at ringpos, appending result to out.
 */
static int mergesigs(FILE * fkey, char *keyfile, long keypos, FILE * fring,
		     char *ringfile, long *pringpos, FILE * out)
{
    long ringuseridpos, ringpos;
    int ringpktlen, keypktlen;
    int status;
    byte ctb;
    int copying;
    word32 rstamp, kstamp, xstamp;
    byte keyID[KEYFRAGSIZE];
    char userid[256];

    /* First, copy the userid packet itself, plus any comments or ctrls */
    ringuseridpos = ringpos = *pringpos;
    fseek(fring, ringpos, SEEK_SET);
    (void) readkeypacket(fring, FALSE, &ctb, NULL, userid, NULL, NULL,
			 NULL, NULL, NULL, NULL, NULL, NULL);
    PascalToC(userid);
    ringpktlen = ftell(fring) - ringpos;
    copyfilepos(fring, out, ringpktlen, ringpos);
    for (;;) {
	ringpos = ftell(fring);
	status = nextkeypacket(fring, &ctb);
	if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID ||
	    is_ctb_type(ctb, CTB_SKE_TYPE))
	    break;
	ringpktlen = ftell(fring) - ringpos;
	copyfilepos(fring, out, ringpktlen, ringpos);
    }
    fseek(fring, ringpos, SEEK_SET);

    /* Now, ringpos points just past userid packet and ctrl packet. */
    /* Advance keypos to the analogous location. */
    fseek(fkey, keypos, SEEK_SET);
    (void) nextkeypacket(fkey, &ctb);
    for (;;) {
	keypos = ftell(fkey);
	status = nextkeypacket(fkey, &ctb);
	if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID ||
	    is_ctb_type(ctb, CTB_SKE_TYPE))
	    break;
    }
    fseek(fkey, keypos, SEEK_SET);

    /* Second, copy all keyfile signatures that aren't in ringfile.
     */

    copying = FALSE;
    for (;;) {
	/* Read next sig from keyfile; see if it is in ringfile;
	 * if it is not a signature, ignore it,
	 * if it is absent from ringfile, copy it,
	 * if it is present, and the timestamp is not newer, ignore it,
	 * if present and newer, replace old with new.
	 * Loop till hit a new key or userid in keyfile, or EOF.
	 */
	keypos = ftell(fkey);
	status = readkeypacket(fkey, FALSE, &ctb, (byte *) & kstamp,
			       NULL, NULL, NULL,
			       NULL, NULL, NULL, NULL, keyID, NULL);
	if (status == -3)	/* unrecoverable error: bad packet
				   length etc. */
	    return status;
	keypktlen = ftell(fkey) - keypos;
	if (status == -1 || is_key_ctb(ctb) || ctb == CTB_USERID)
	    break;		/* EOF or next key/userid */
	if (status < 0)
	    continue;		/* bad packet, skip it */
	if (is_ctb_type(ctb, CTB_SKE_TYPE)) {
	    long sig_pos;
	    int sig_len;
	    /* Set copying true if signature is not in the ringfile */
	    copying = (getpubusersig(ringfile, ringuseridpos,
				     keyID, (byte *) & rstamp,
				     &sig_pos,
				     &sig_len) < 0);
	    if (!copying) {
		long save_pos = ftell(fkey);
		fseek(fkey, keypos + 6, SEEK_SET);
		fread(&kstamp, 1, SIZEOF_TIMESTAMP, fkey);
		fseek(fkey, save_pos, SEEK_SET);
		convert_byteorder((byte *) & kstamp, SIZEOF_TIMESTAMP);
		if (verbose)
		    fprintf(pgpout, "ring: %lx  key: %lx\n", rstamp, kstamp);
		if (kstamp > rstamp) {	/* Update, Maybe */
		    char *signator;
		    if ((signator = user_from_keyID(keyID)) == NULL) {
			fprintf(pgpout,
	       LANG("Replacing signature from keyID %s on userid \"%s\"\n"),
				keyIDstring(keyID), LOCAL_CHARSET(userid));
			/* No pubkey for KeyID, no update! */
		    } else {
			long save_keypos;
			long save_ringpos;
			long KeyIDpos;
			int KeyIDlen;
			byte sigClass;
			fprintf(pgpout,
				LANG("Verifying signature from %s\n"),
				LOCAL_CHARSET(signator));
			fprintf(pgpout, LANG("on userid \"%s\"\n"),
				LOCAL_CHARSET(userid));
			save_keypos = ftell(fkey);
			save_ringpos = ftell(fring);
			status = getpublickey(GPK_GIVEUP, ringfile,
					      &KeyIDpos, &KeyIDlen, NULL,
					      NULL, (byte *) userid, NULL,
					      NULL);
			if (!status)
			    status = check_key_sig(fring,
						   KeyIDpos, KeyIDlen,
						   userid, fkey, keypos,
						   ringfile, signator,
						   (byte *) & xstamp,
						   &sigClass);
			PascalToC(userid);
			PascalToC(signator);
			if (!status) {
			    fprintf(pgpout,
				    LANG("Replacing signature from %s\n"),
				    LOCAL_CHARSET(signator));
			    fprintf(pgpout,
				    LANG("on userid \"%s\"\n"),
				    LOCAL_CHARSET(userid));
			    sig_list_add(sig_pos);
			    ++newsigs;
			    copying = 1;
			} else
			    fprintf(pgpout, LANG("Verification Failed\n"));
			fseek(fring, save_ringpos, SEEK_SET);
			fseek(fkey, save_keypos, SEEK_SET);
		    }
		}
	    } else {
		char *signator;
		if ((signator = user_from_keyID(keyID)) == NULL)
		    fprintf(pgpout,
		       LANG("New signature from keyID %s on userid \"%s\"\n"),
			    keyIDstring(keyID), LOCAL_CHARSET(userid));
		else {
		    fprintf(pgpout,
			    LANG("New signature from %s\n"),
			    LOCAL_CHARSET(signator));
		    fprintf(pgpout,
			    LANG("on userid \"%s\"\n"), LOCAL_CHARSET(userid));
		}
		++newsigs;
		if (batchmode)
		    show_update(keyIDstring(mykeyID));
	    }
	}
	if (copying && is_ctb_type(ctb, CTB_SKE_TYPE)) {
	    copyfilepos(fkey, out, keypktlen, keypos);
	    if (publickey)
		write_trust(out, KC_SIGTRUST_UNDEFINED);
	}
    }

    /* Third, for all ring sig's which are not replaced, copy to output */
    fseek(fring, ringpos, SEEK_SET);
    for (;;) {
	ringpos = ftell(fring);
	if (sig_list_find(ringpos)) {
	    /* skip signature packet */
	    nextkeypacket(fring, &ctb);
	    ringpos = ftell(fring);
	    /* skip trust packet, if present */
	    if (nextkeypacket(fring, &ctb) < 0 || ctb != CTB_KEYCTRL)
		fseek(fring, ringpos, SEEK_SET);
	    continue;
	}
	status = nextkeypacket(fring, &ctb);
	ringpktlen = ftell(fring) - ringpos;
	if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID)
	    break;
	copyfilepos(fring, out, ringpktlen, ringpos);
    }				/* End of loop for each sig in ringfile */
    sig_list_clear();
    fseek(fring, ringpos, SEEK_SET);
    *pringpos = ringpos;
    return 0;
}				/* mergesigs */