bits_t * bits_decode(const string_t *in) { bits_t *ret; size_t len; size_t nbits; u_int32_t *tmp; len = in->length; tmp = emalloc(len); len = __b64_pton(in->text, (void *)tmp, len); if (len == (size_t)-1) { warnx("bits_decode: mangled base64 stream"); warnx(" %s", in->text); free(tmp); return NULL; } nbits = ntohl(*tmp); if (nbits > (len - sizeof(*tmp)) * NBBY) { warnx("bits_decode: encoded bits claim to be " "longer than they are (nbits=%zu, stream len=%zu bytes)", nbits, len); free(tmp); return NULL; } ret = bits_new(tmp + 1, nbits); free(tmp); return ret; }
static void session_rfc4954_auth_plain(struct session *s, char *arg) { struct auth *a = &s->s_auth; char buf[1024], *user, *pass; int len; switch (s->s_state) { case S_HELO: if (arg == NULL) { session_enter_state(s, S_AUTH_INIT); session_respond(s, "334 "); return; } session_enter_state(s, S_AUTH_INIT); /* FALLTHROUGH */ case S_AUTH_INIT: /* String is not NUL terminated, leave room. */ if ((len = __b64_pton(arg, (unsigned char *)buf, sizeof(buf) - 1)) == -1) goto abort; /* buf is a byte string, NUL terminate. */ buf[len] = '\0'; /* * Skip "foo" in "foo\0user\0pass", if present. */ user = memchr(buf, '\0', len); if (user == NULL || user >= buf + len - 2) goto abort; user++; /* skip NUL */ if (strlcpy(a->user, user, sizeof(a->user)) >= sizeof(a->user)) goto abort; pass = memchr(user, '\0', len - (user - buf)); if (pass == NULL || pass >= buf + len - 2) goto abort; pass++; /* skip NUL */ if (strlcpy(a->pass, pass, sizeof(a->pass)) >= sizeof(a->pass)) goto abort; session_enter_state(s, S_AUTH_FINALIZE); a->id = s->s_id; session_imsg(s, PROC_PARENT, IMSG_PARENT_AUTHENTICATE, 0, 0, -1, a, sizeof(*a)); bzero(a->pass, sizeof(a->pass)); return; default: fatal("session_rfc4954_auth_plain: unknown state"); } abort: session_respond(s, "501 Syntax error"); session_enter_state(s, S_HELO); }
static void session_rfc4954_auth_login(struct session *s, char *arg) { struct auth *a = &s->s_auth; switch (s->s_state) { case S_HELO: session_enter_state(s, S_AUTH_USERNAME); session_respond(s, "334 VXNlcm5hbWU6"); return; case S_AUTH_USERNAME: bzero(a->user, sizeof(a->user)); if (__b64_pton(arg, (unsigned char *)a->user, sizeof(a->user) - 1) == -1) goto abort; session_enter_state(s, S_AUTH_PASSWORD); session_respond(s, "334 UGFzc3dvcmQ6"); return; case S_AUTH_PASSWORD: bzero(a->pass, sizeof(a->pass)); if (__b64_pton(arg, (unsigned char *)a->pass, sizeof(a->pass) - 1) == -1) goto abort; session_enter_state(s, S_AUTH_FINALIZE); a->id = s->s_id; session_imsg(s, PROC_PARENT, IMSG_PARENT_AUTHENTICATE, 0, 0, -1, a, sizeof(*a)); bzero(a->pass, sizeof(a->pass)); return; default: fatal("session_rfc4954_auth_login: unknown state"); } abort: session_respond(s, "501 Syntax error"); session_enter_state(s, S_HELO); }
int main(void) { FILE *fp; char *line = NULL; char *pch = NULL; char *pch2 = NULL; unsigned char b64[24]; size_t len = 0; ssize_t read; fp = fopen("known_hosts", "r"); if (fp == NULL) return 1; while ((read = getline(&line, &len, fp)) != -1) { pch=strtok(line+3," "); pch=strtok(pch,"|"); pch2=strtok(NULL,"|"); __b64_pton(pch2,b64,sizeof(b64)); for (int i=0; i<20; i++) { printf("%02x", b64[i]); } printf(":"); __b64_pton(pch,b64,sizeof(b64)); for (int i=0; i<20; i++) { printf("%02x", b64[i]); } printf("\n"); } return 0; }
static int extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) { char *p, *b64salt; u_int b64len; int ret; if (l < sizeof(HASH_MAGIC) - 1) { debug2("extract_salt: string too short"); return (-1); } if (strncmp(s, HASH_MAGIC, sizeof(HASH_MAGIC) - 1) != 0) { debug2("extract_salt: invalid magic identifier"); return (-1); } s += sizeof(HASH_MAGIC) - 1; l -= sizeof(HASH_MAGIC) - 1; if ((p = memchr(s, HASH_DELIM, l)) == NULL) { debug2("extract_salt: missing salt termination character"); return (-1); } b64len = p - s; /* Sanity check */ if (b64len == 0 || b64len > 1024) { debug2("extract_salt: bad encoded salt length %u", b64len); return (-1); } b64salt = xmalloc(1 + b64len); memcpy(b64salt, s, b64len); b64salt[b64len] = '\0'; ret = __b64_pton(b64salt, salt, salt_len); free(b64salt); if (ret == -1) { debug2("extract_salt: salt decode error"); return (-1); } if (ret != SHA_DIGEST_LENGTH) { debug2("extract_salt: expected salt len %d, got %d", SHA_DIGEST_LENGTH, ret); return (-1); } return (0); }
/* * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes. * Will skip leading and trailing whitespace. Returns the number of bytes * stored in 'target' or -1 on error (inc. targsize too small). */ int uudecode(const char *src, u_char *target, size_t targsize) { int len; char *encoded, *p; /* copy the 'readonly' source */ encoded = xstrdup(src); /* skip whitespace and data */ for (p = encoded; *p == ' ' || *p == '\t'; p++) ; for (; *p != '\0' && *p != ' ' && *p != '\t'; p++) ; /* and remove trailing whitespace because __b64_pton needs this */ *p = '\0'; len = __b64_pton(encoded, target, targsize); free(encoded); return len; }
bool adbd_auth_verify(const char* token, size_t token_size, const std::string& sig) { static constexpr const char* key_paths[] = { "/adb_keys", "/data/misc/adb/adb_keys", nullptr }; for (const auto& path : key_paths) { if (access(path, R_OK) == 0) { LOG(INFO) << "Loading keys from " << path; std::string content; if (!android::base::ReadFileToString(path, &content)) { PLOG(ERROR) << "Couldn't read " << path; continue; } for (const auto& line : android::base::Split(content, "\n")) { // TODO: do we really have to support both ' ' and '\t'? char* sep = strpbrk(const_cast<char*>(line.c_str()), " \t"); if (sep) *sep = '\0'; // b64_pton requires one additional byte in the target buffer for // decoding to succeed. See http://b/28035006 for details. uint8_t keybuf[ANDROID_PUBKEY_ENCODED_SIZE + 1]; if (__b64_pton(line.c_str(), keybuf, sizeof(keybuf)) != ANDROID_PUBKEY_ENCODED_SIZE) { LOG(ERROR) << "Invalid base64 key " << line.c_str() << " in " << path; continue; } RSA* key = nullptr; if (!android_pubkey_decode(keybuf, ANDROID_PUBKEY_ENCODED_SIZE, &key)) { LOG(ERROR) << "Failed to parse key " << line.c_str() << " in " << path; continue; } bool verified = (RSA_verify(NID_sha1, reinterpret_cast<const uint8_t*>(token), token_size, reinterpret_cast<const uint8_t*>(sig.c_str()), sig.size(), key) == 1); RSA_free(key); if (verified) return true; } } } return false; }
int base64_decode(char const *src, unsigned char *dest, size_t destsize) { return __b64_pton(src, dest, destsize); }