Exemple #1
0
bits_t *
bits_decode(const string_t *in)
{
	bits_t	*ret;
	size_t	 len;
	size_t	 nbits;
	u_int32_t	*tmp;

	len = in->length;
	tmp = emalloc(len);

	len = __b64_pton(in->text, (void *)tmp, len);

	if (len == (size_t)-1) {
		warnx("bits_decode: mangled base64 stream");
		warnx("  %s", in->text);
		free(tmp);
		return NULL;
	}

	nbits = ntohl(*tmp);
	if (nbits > (len - sizeof(*tmp)) * NBBY) {
		warnx("bits_decode: encoded bits claim to be "
		    "longer than they are (nbits=%zu, stream len=%zu bytes)",
		    nbits, len);
		free(tmp);
		return NULL;
	}

	ret = bits_new(tmp + 1, nbits);
	free(tmp);
	return ret;
}
Exemple #2
0
static void
session_rfc4954_auth_plain(struct session *s, char *arg)
{
	struct auth	*a = &s->s_auth;
	char		 buf[1024], *user, *pass;
	int		 len;

	switch (s->s_state) {
	case S_HELO:
		if (arg == NULL) {
			session_enter_state(s, S_AUTH_INIT);
			session_respond(s, "334 ");
			return;
		}
		session_enter_state(s, S_AUTH_INIT);
		/* FALLTHROUGH */

	case S_AUTH_INIT:
		/* String is not NUL terminated, leave room. */
		if ((len = __b64_pton(arg, (unsigned char *)buf, sizeof(buf) - 1)) == -1)
			goto abort;
		/* buf is a byte string, NUL terminate. */
		buf[len] = '\0';

		/*
		 * Skip "foo" in "foo\0user\0pass", if present.
		 */
		user = memchr(buf, '\0', len);
		if (user == NULL || user >= buf + len - 2)
			goto abort;
		user++; /* skip NUL */
		if (strlcpy(a->user, user, sizeof(a->user)) >= sizeof(a->user))
			goto abort;

		pass = memchr(user, '\0', len - (user - buf));
		if (pass == NULL || pass >= buf + len - 2)
			goto abort;
		pass++; /* skip NUL */
		if (strlcpy(a->pass, pass, sizeof(a->pass)) >= sizeof(a->pass))
			goto abort;

		session_enter_state(s, S_AUTH_FINALIZE);

		a->id = s->s_id;
		session_imsg(s, PROC_PARENT, IMSG_PARENT_AUTHENTICATE, 0, 0, -1,
		    a, sizeof(*a));

		bzero(a->pass, sizeof(a->pass));
		return;

	default:
		fatal("session_rfc4954_auth_plain: unknown state");
	}

abort:
	session_respond(s, "501 Syntax error");
	session_enter_state(s, S_HELO);
}
Exemple #3
0
static void
session_rfc4954_auth_login(struct session *s, char *arg)
{
	struct auth	*a = &s->s_auth;

	switch (s->s_state) {
	case S_HELO:
		session_enter_state(s, S_AUTH_USERNAME);
		session_respond(s, "334 VXNlcm5hbWU6");
		return;

	case S_AUTH_USERNAME:
		bzero(a->user, sizeof(a->user));
		if (__b64_pton(arg, (unsigned char *)a->user, sizeof(a->user) - 1) == -1)
			goto abort;

		session_enter_state(s, S_AUTH_PASSWORD);
		session_respond(s, "334 UGFzc3dvcmQ6");
		return;

	case S_AUTH_PASSWORD:
		bzero(a->pass, sizeof(a->pass));
		if (__b64_pton(arg, (unsigned char *)a->pass, sizeof(a->pass) - 1) == -1)
			goto abort;

		session_enter_state(s, S_AUTH_FINALIZE);

		a->id = s->s_id;
		session_imsg(s, PROC_PARENT, IMSG_PARENT_AUTHENTICATE, 0, 0, -1,
		    a, sizeof(*a));

		bzero(a->pass, sizeof(a->pass));
		return;
	
	default:
		fatal("session_rfc4954_auth_login: unknown state");
	}

abort:
	session_respond(s, "501 Syntax error");
	session_enter_state(s, S_HELO);
}
Exemple #4
0
int main(void)	{

	FILE *fp;
	char *line = NULL;
	char *pch = NULL;
	char *pch2 = NULL;
	unsigned char b64[24];
	size_t len = 0;
	ssize_t read;
	
	fp = fopen("known_hosts", "r");
	
	if (fp == NULL)
	return 1;

	while ((read = getline(&line, &len, fp)) != -1)	{
		pch=strtok(line+3," ");
		pch=strtok(pch,"|");
		pch2=strtok(NULL,"|");
		__b64_pton(pch2,b64,sizeof(b64));
		
		for (int i=0; i<20; i++)	{
			printf("%02x", b64[i]);
		}
		
		printf(":");
		__b64_pton(pch,b64,sizeof(b64));
		
		for (int i=0; i<20; i++)	{
			printf("%02x", b64[i]);
		}
		
		printf("\n");
	}
	
	return 0;
}
Exemple #5
0
static int
extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len)
{
	char *p, *b64salt;
	u_int b64len;
	int ret;

	if (l < sizeof(HASH_MAGIC) - 1) {
		debug2("extract_salt: string too short");
		return (-1);
	}
	if (strncmp(s, HASH_MAGIC, sizeof(HASH_MAGIC) - 1) != 0) {
		debug2("extract_salt: invalid magic identifier");
		return (-1);
	}
	s += sizeof(HASH_MAGIC) - 1;
	l -= sizeof(HASH_MAGIC) - 1;
	if ((p = memchr(s, HASH_DELIM, l)) == NULL) {
		debug2("extract_salt: missing salt termination character");
		return (-1);
	}

	b64len = p - s;
	/* Sanity check */
	if (b64len == 0 || b64len > 1024) {
		debug2("extract_salt: bad encoded salt length %u", b64len);
		return (-1);
	}
	b64salt = xmalloc(1 + b64len);
	memcpy(b64salt, s, b64len);
	b64salt[b64len] = '\0';

	ret = __b64_pton(b64salt, salt, salt_len);
	free(b64salt);
	if (ret == -1) {
		debug2("extract_salt: salt decode error");
		return (-1);
	}
	if (ret != SHA_DIGEST_LENGTH) {
		debug2("extract_salt: expected salt len %d, got %d",
		    SHA_DIGEST_LENGTH, ret);
		return (-1);
	}

	return (0);
}
Exemple #6
0
/*
 * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes.
 * Will skip leading and trailing whitespace. Returns the number of bytes
 * stored in 'target' or -1 on error (inc. targsize too small).
 */
int
uudecode(const char *src, u_char *target, size_t targsize)
{
	int len;
	char *encoded, *p;

	/* copy the 'readonly' source */
	encoded = xstrdup(src);
	/* skip whitespace and data */
	for (p = encoded; *p == ' ' || *p == '\t'; p++)
		;
	for (; *p != '\0' && *p != ' ' && *p != '\t'; p++)
		;
	/* and remove trailing whitespace because __b64_pton needs this */
	*p = '\0';
	len = __b64_pton(encoded, target, targsize);
	free(encoded);
	return len;
}
Exemple #7
0
bool adbd_auth_verify(const char* token, size_t token_size, const std::string& sig) {
    static constexpr const char* key_paths[] = { "/adb_keys", "/data/misc/adb/adb_keys", nullptr };

    for (const auto& path : key_paths) {
        if (access(path, R_OK) == 0) {
            LOG(INFO) << "Loading keys from " << path;

            std::string content;
            if (!android::base::ReadFileToString(path, &content)) {
                PLOG(ERROR) << "Couldn't read " << path;
                continue;
            }

            for (const auto& line : android::base::Split(content, "\n")) {
                // TODO: do we really have to support both ' ' and '\t'?
                char* sep = strpbrk(const_cast<char*>(line.c_str()), " \t");
                if (sep) *sep = '\0';

                // b64_pton requires one additional byte in the target buffer for
                // decoding to succeed. See http://b/28035006 for details.
                uint8_t keybuf[ANDROID_PUBKEY_ENCODED_SIZE + 1];
                if (__b64_pton(line.c_str(), keybuf, sizeof(keybuf)) != ANDROID_PUBKEY_ENCODED_SIZE) {
                    LOG(ERROR) << "Invalid base64 key " << line.c_str() << " in " << path;
                    continue;
                }

                RSA* key = nullptr;
                if (!android_pubkey_decode(keybuf, ANDROID_PUBKEY_ENCODED_SIZE, &key)) {
                    LOG(ERROR) << "Failed to parse key " << line.c_str() << " in " << path;
                    continue;
                }

                bool verified =
                    (RSA_verify(NID_sha1, reinterpret_cast<const uint8_t*>(token), token_size,
                                reinterpret_cast<const uint8_t*>(sig.c_str()), sig.size(),
                                key) == 1);
                RSA_free(key);
                if (verified) return true;
            }
        }
    }
    return false;
}
Exemple #8
0
int
base64_decode(char const *src, unsigned char *dest, size_t destsize)
{
	return __b64_pton(src, dest, destsize);
}