void input_uevents(void) { SDL_Event peek; #if SDL_VERSION_ATLEAST(1,3,0) while (SDL_PeepEvents(&peek, 1, SDL_GETEVENT, SDL_USEREVENT, SDL_USEREVENT) > 0) { #else while (SDL_PeepEvents(&peek, 1, SDL_GETEVENT, SDL_EVENTMASK (SDL_USEREVENT)) > 0) { #endif void (*p) (void*) = (void (*)(void*)) peek.user.data1; p(peek.user.data2); } } #if SDL_VERSION_ATLEAST(1,3,0) static void key_compat(struct inp_event *inp) { if (!strcmp(inp->sym, "pageup")) strcpy(inp->sym, "page up"); else if (!strcmp(inp->sym, "pagedown")) strcpy(inp->sym, "page down"); } #endif #ifdef IOS static unsigned long touch_stamp = 0; static int touch_num = 0; #endif int finger_pos(const char *finger, int *x, int *y, float *pressure) { #if SDL_VERSION_ATLEAST(2,0,0) SDL_TouchID tid; SDL_FingerID fid; SDL_Finger *f; int i, n; i = hex2data(finger, &fid, sizeof(fid)); if (i != sizeof(fid) * 2 || finger[i] != ':') return -1; if (hex2data(finger + i + 1, &tid, sizeof(tid)) != sizeof(tid) * 2) return -1; n = SDL_GetNumTouchFingers(tid); if (n <= 0) return -1; for (i = 0; i < n; i++) { f = SDL_GetTouchFinger(tid, i); if (f->id == fid) { if (pressure) *pressure = f->pressure; gfx_finger_pos_scale(f->x, f->y, x, y); return 0; } } return -1; #else return -1; #endif }
int main(void) { /* * MD5 test vectors from RFC 1321 "The MD5 Message-Digest Algorithm" */ static const char *md5_tests[] = { "", "a", "abc", "message digest", "abcdefghijklmnopqrstuvwxyz", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", "12345678901234567890123456789012345678901234567890123456789012345678901234567890", NULL }; static const char *md5_results[] = { "d41d8cd98f00b204e9800998ecf8427e", "0cc175b9c0f1b6a831c399e269772661", "900150983cd24fb0d6963f7d28e17f72", "f96b697d7cb7938d525a2f31aaf161d0", "c3fcd3d76192e4007dfb496cca67e13b", "d174ab98d277d9f5a5611c2c9f419d9f", "57edf4a22be3c955ac49da2e2107b67a" }; /* * SHA1 test vectors from RFC 3174 "US Secure Hash Algorithm 1 (SHA1)" */ static const char *sha1_tests[] = { "abc", "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", NULL }; static const char *sha1_results[] = { "a9993e364706816aba3e25717850c26c9cd0d89d", "84983e441c3bd26ebaae4aa1f95129e5e54670f1", }; /* * HMAC-MD5 test vectors from RFC 2104 * "HMAC: Keyed-Hashing for Message Authentication" */ static const struct hmac_md5_test_struct { unsigned char key[16]; int key_len; unsigned char data[64]; int data_len; char *digest; } hmac_md5_tests[NUM_HMAC_TESTS] = { { "Jefe", 4, "what do ya want for nothing?", 28, "750c783e6ab0b503eaa86e310a5db738" } }; /* * HMAC-SHA1 test vectors from RFC 2202 * "Test Cases for HMAC-MD5 and HMAC-SHA-1" */ static const struct hmac_sha1_test_struct { unsigned char key[20]; int key_len; unsigned char data[64]; int data_len; char *digest; } hmac_sha1_tests[NUM_HMAC_TESTS] = { { "Jefe", 4, "what do ya want for nothing?", 28, "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79" } }; const char **testp; const char **resultp; int i; int error = 0; #ifdef HAVE_OPENSSL printf("\nUsing OpenSSL hash and HMAC functions.\n"); #else printf("\nUsing built-in hash and HMAC functions.\n"); #endif printf("\nChecking MD5 hash function...\n"); testp = md5_tests; resultp = md5_results; while (*testp != NULL) { const char *expected; char *actual; printf("\"%s\"\t", *testp); expected = *resultp; actual = hexstring(MD5((const unsigned char *) *testp, strlen(*testp), NULL), 16); if (strcmp(actual, expected)) { error++; printf("FAIL (expected %s, got %s)\n", expected, actual); } else { printf("ok\n"); } testp++; resultp++; } printf("\nChecking SHA1 hash function...\n"); testp = sha1_tests; resultp = sha1_results; while (*testp != NULL) { const char *expected; char *actual; printf("\"%s\"\t", *testp); expected = *resultp; actual = hexstring(SHA1((const unsigned char *) *testp, strlen(*testp), NULL), 20); if (strcmp(actual, expected)) { error++; printf("FAIL (expected %s, got %s)\n", expected, actual); } else { printf("ok\n"); } testp++; resultp++; } printf("\nChecking HMAC-MD5 keyed hash function...\n"); for (i = 0; i < NUM_HMAC_TESTS; i++) { const char *expected; char *actual; printf("\"%s\" \"%s\"\t", hmac_md5_tests[i].key, hmac_md5_tests[i].data); expected = hmac_md5_tests[i].digest; actual = hexstring(hmac_md5(hmac_md5_tests[i].data, hmac_md5_tests[i].data_len, hmac_md5_tests[i].key, hmac_md5_tests[i].key_len, NULL), 16); if (strcmp(actual, expected)) { error++; printf("FAIL (expected %s, got %s)\n", expected, actual); } else { printf("ok\n"); } } printf("\nChecking HMAC-SHA1 keyed hash function...\n"); for (i = 0; i < NUM_HMAC_TESTS; i++) { const char *expected; char *actual; printf("\"%s\" \"%s\"\t", hmac_sha1_tests[i].key, hmac_sha1_tests[i].data); expected = hmac_sha1_tests[i].digest; actual = hexstring(hmac_sha1(hmac_sha1_tests[i].data, hmac_sha1_tests[i].data_len, hmac_sha1_tests[i].key, hmac_sha1_tests[i].key_len, NULL), 20); if (strcmp(actual, expected)) { error++; printf("FAIL (expected %s, got %s)\n", expected, actual); } else { printf("ok\n"); } } printf("\nChecking HMAC-MD5 PSK cracking speed...\n"); do { /* * The values below are observed values from a Firewall-1 system * using IKE Aggressive mode with PSK authentication and MD5 hash. * The ID used was "test", and the valid pre-shared key is "abc123". * The expected hash_r is "f995ec2968f695aeb1d4e4b437f49d26". */ char *g_xr_hex = "9c1e0e07828af45086a4eb559ad8dafb7d655bab38656609426653565ef7e332bed7212cf24a05048032240256a169a68ee304ca500abe073d150bc50239350446ab568132aebcf34acd25ce23b30d0de9f8e7a89c22ce0dec2dabf0409bc25f0988d5d956916dce220c630d2a1fda846667fdecb20b2dc2d5c5b8273a07095c"; char *g_xi_hex = "6f8c74c15bb4dd09b7af8d1c23e7b381a38dddcd4c5afb3b1335ff766f0267df8fdca0ea907ef4482d8164506817d10ba4aed8f108d32c1b082b91772df956bcd5f7a765759bada21c11f28429c48fcd7267be7b3aea96421528b9432110fff607a65b7c41091e5d1a10e143d4701147d7cfc211ba5853cf800d12a11d129724"; char *cky_r_hex = "6d08132c8abb6931"; char *cky_i_hex = "eac82ea45cbe59e6"; char *sai_b_hex = "00000001000000010000002c01010001000000240101000080010001800200018003000180040002800b0001000c000400007080"; char *idir_b_hex = "01000000ac100202"; char *ni_b_hex = "64745a975dbcd95c2abf7d2eeeb93ac4633a03f1"; char *nr_b_hex = "502c0b3872518fa1e7ff8f5a28a3d797f65e2cb1"; unsigned char *g_xr; unsigned char *g_xi; unsigned char *cky_r; unsigned char *cky_i; unsigned char *sai_b; unsigned char *idir_b; unsigned char *ni_b; unsigned char *nr_b; size_t g_xr_len; size_t g_xi_len; size_t cky_r_len; size_t cky_i_len; size_t sai_b_len; size_t idir_b_len; size_t ni_b_len; size_t nr_b_len; unsigned char *skeyid; unsigned char *hash_r; unsigned char *skeyid_data; unsigned char *hash_r_data; size_t skeyid_data_len; size_t hash_r_data_len; unsigned char *cp; unsigned char *psk = (unsigned char *) "abc123"; /* correct key */ size_t psk_len = 6; struct timeval start_time; struct timeval end_time; struct timeval elapsed_time; double elapsed_seconds; g_xr = hex2data(g_xr_hex, &g_xr_len); g_xi = hex2data(g_xi_hex, &g_xi_len); cky_r = hex2data(cky_r_hex, &cky_r_len); cky_i = hex2data(cky_i_hex, &cky_i_len); sai_b = hex2data(sai_b_hex, &sai_b_len); idir_b = hex2data(idir_b_hex, &idir_b_len); ni_b = hex2data(ni_b_hex, &ni_b_len); nr_b = hex2data(nr_b_hex, &nr_b_len); skeyid_data_len = ni_b_len + nr_b_len; skeyid_data = Malloc(skeyid_data_len); cp = skeyid_data; memcpy(cp, ni_b, ni_b_len); cp += ni_b_len; memcpy(cp, nr_b, nr_b_len); skeyid = Malloc(16); hash_r_data_len = g_xr_len + g_xi_len + cky_r_len + cky_i_len + sai_b_len + idir_b_len; hash_r_data = Malloc(hash_r_data_len); cp = hash_r_data; memcpy(cp, g_xr, g_xr_len); cp += g_xr_len; memcpy(cp, g_xi, g_xi_len); cp += g_xi_len; memcpy(cp, cky_r, cky_r_len); cp += cky_r_len; memcpy(cp, cky_i, cky_i_len); cp += cky_i_len; memcpy(cp, sai_b, sai_b_len); cp += sai_b_len; memcpy(cp, idir_b, idir_b_len); hash_r = Malloc(16); Gettimeofday(&start_time); for (i = 0; i < HMAC_SPEED_ITERATIONS; i++) { hmac_md5(skeyid_data, skeyid_data_len, psk, psk_len, skeyid); hmac_md5(hash_r_data, hash_r_data_len, skeyid, 16, hash_r); } Gettimeofday(&end_time); timeval_diff(&end_time, &start_time, &elapsed_time); elapsed_seconds = elapsed_time.tv_sec + (elapsed_time.tv_usec / 1000000.0); printf( "%u MD5 HASH_R calculations in %.6f seconds (%.2f per sec)\n", HMAC_SPEED_ITERATIONS, elapsed_seconds, HMAC_SPEED_ITERATIONS / elapsed_seconds); } while (0); printf("\nChecking HMAC-SHA1 PSK cracking speed...\n"); do { /* * The values below are observed values from a Firewall-1 NG AI system * using IKE Aggressive mode with PSK authentication and SHA1 hash. * The ID used was "test", and the valid pre-shared key is "abc123". * The expected hash_r is "543ea42889c07b17390cc6f0440246c0148422df". */ char *g_xr_hex = "6c5559243259d5293df34a766561b8ffa78a9f8ee03d8a05916aadeeba9997864e0cd712f2a08104366c5e48f391ee7ce7b0ac08c59b8001c888c9f0343fd7d7d2d1da8e672c4ff05a7dd3c4eb6adc09bec712128ed951f7fcde2c31431643eb04d5ffc0be68e17aa80168e9635cb6f4c80af8ea1432c2b095b25f3d79ac4e55"; char *g_xi_hex = "857209de96faf07bad57ff1aba648a2c61a6802e4db3ab54c5593fa8abd9b1304bbb0fe2b5ff5d63565c7d10c1073d22adbd51fb70fc4f35568ede01678f32b24a41940040f263964ee0a70fe8e43295a18390117fdf46d56d24d7d4b40987fe4a1bfe8a0d61205c42c76b2aab9dbf4c20505da02fa4759dc84c717c55f87b9f"; char *cky_r_hex = "963c61ef1778b6c5"; char *cky_i_hex = "efa6639971a91c08"; char *sai_b_hex = "00000001000000010000002c01010001000000240101000080010001800200028003000180040002800b0001000c000400007080"; char *idir_b_hex = "01000000ac100202"; char *ni_b_hex = "6d62656f72fd1c53cda7337d0612aeebe3529a09"; char *nr_b_hex = "8e83c48eb087b8276b4bb2976ea23bf426abde8f"; unsigned char *g_xr; unsigned char *g_xi; unsigned char *cky_r; unsigned char *cky_i; unsigned char *sai_b; unsigned char *idir_b; unsigned char *ni_b; unsigned char *nr_b; size_t g_xr_len; size_t g_xi_len; size_t cky_r_len; size_t cky_i_len; size_t sai_b_len; size_t idir_b_len; size_t ni_b_len; size_t nr_b_len; unsigned char *skeyid; unsigned char *hash_r; unsigned char *skeyid_data; unsigned char *hash_r_data; size_t skeyid_data_len; size_t hash_r_data_len; unsigned char *cp; unsigned char *psk = (unsigned char *) "abc123"; /* correct key */ size_t psk_len = 6; struct timeval start_time; struct timeval end_time; struct timeval elapsed_time; double elapsed_seconds; g_xr = hex2data(g_xr_hex, &g_xr_len); g_xi = hex2data(g_xi_hex, &g_xi_len); cky_r = hex2data(cky_r_hex, &cky_r_len); cky_i = hex2data(cky_i_hex, &cky_i_len); sai_b = hex2data(sai_b_hex, &sai_b_len); idir_b = hex2data(idir_b_hex, &idir_b_len); ni_b = hex2data(ni_b_hex, &ni_b_len); nr_b = hex2data(nr_b_hex, &nr_b_len); skeyid_data_len = ni_b_len + nr_b_len; skeyid_data = Malloc(skeyid_data_len); cp = skeyid_data; memcpy(cp, ni_b, ni_b_len); cp += ni_b_len; memcpy(cp, nr_b, nr_b_len); skeyid = Malloc(20); hash_r_data_len = g_xr_len + g_xi_len + cky_r_len + cky_i_len + sai_b_len + idir_b_len; hash_r_data = Malloc(hash_r_data_len); cp = hash_r_data; memcpy(cp, g_xr, g_xr_len); cp += g_xr_len; memcpy(cp, g_xi, g_xi_len); cp += g_xi_len; memcpy(cp, cky_r, cky_r_len); cp += cky_r_len; memcpy(cp, cky_i, cky_i_len); cp += cky_i_len; memcpy(cp, sai_b, sai_b_len); cp += sai_b_len; memcpy(cp, idir_b, idir_b_len); hash_r = Malloc(20); Gettimeofday(&start_time); for (i = 0; i < HMAC_SPEED_ITERATIONS; i++) { hmac_sha1(skeyid_data, skeyid_data_len, psk, psk_len, skeyid); hmac_sha1(hash_r_data, hash_r_data_len, skeyid, 20, hash_r); } Gettimeofday(&end_time); timeval_diff(&end_time, &start_time, &elapsed_time); elapsed_seconds = elapsed_time.tv_sec + (elapsed_time.tv_usec / 1000000.0); printf( "%u SHA1 HASH_R calculations in %.6f seconds (%.2f per sec)\n", HMAC_SPEED_ITERATIONS, elapsed_seconds, HMAC_SPEED_ITERATIONS / elapsed_seconds); } while (0); printf("\nChecking MD5 hash speed...\n"); do { size_t hash_data_len; unsigned char *hash_result; struct timeval start_time; struct timeval end_time; struct timeval elapsed_time; double elapsed_seconds; unsigned char hash_speed_data[] = "12345678"; size_t memcpy_len; hash_data_len = strlen((char *) hash_speed_data); memcpy_len = hash_data_len > 16 ? 16 : hash_data_len; Gettimeofday(&start_time); for (i = 0; i < HASH_SPEED_ITERATIONS; i++) { hash_result = MD5(hash_speed_data, hash_data_len, NULL); memcpy(hash_speed_data, hash_result, memcpy_len); } Gettimeofday(&end_time); timeval_diff(&end_time, &start_time, &elapsed_time); elapsed_seconds = elapsed_time.tv_sec + (elapsed_time.tv_usec / 1000000.0); printf("%u MD5 calculations in %.6f seconds (%.2f per sec)\n", HASH_SPEED_ITERATIONS, elapsed_seconds, HASH_SPEED_ITERATIONS / elapsed_seconds); } while (0); printf("\nChecking SHA1 hash speed...\n"); do { size_t hash_data_len; unsigned char *hash_result; struct timeval start_time; struct timeval end_time; struct timeval elapsed_time; double elapsed_seconds; unsigned char hash_speed_data[] = "12345678"; size_t memcpy_len; hash_data_len = strlen((char *) hash_speed_data); memcpy_len = hash_data_len > 20 ? 20 : hash_data_len; Gettimeofday(&start_time); for (i = 0; i < HASH_SPEED_ITERATIONS; i++) { hash_result = SHA1(hash_speed_data, hash_data_len, NULL); memcpy(hash_speed_data, hash_result, memcpy_len); } Gettimeofday(&end_time); timeval_diff(&end_time, &start_time, &elapsed_time); elapsed_seconds = elapsed_time.tv_sec + (elapsed_time.tv_usec / 1000000.0); printf("%u SHA1 calculations in %.6f seconds (%.2f per sec)\n", HASH_SPEED_ITERATIONS, elapsed_seconds, HASH_SPEED_ITERATIONS / elapsed_seconds); } while (0); if (error) return EXIT_FAILURE; else return EXIT_SUCCESS; }
/* * load_psk_params -- Load PSK parameters from data file * * Inputs: * * filename The name of the data file * nortel_user The username for Nortel PSK cracking, or NULL * * Returns: * * The number of PSK parameters successfully loaded into the list. * * This function loads the pre-shared key parameters from the input * data file into the psk parameters list, which is an array of structs. * * The array is created dynamically with malloc and realloc, as we don't * know in advance how many PSK entries there will be in the file. */ static unsigned load_psk_params(const char *filename, const char *nortel_user) { FILE *data_file; /* PSK parameters in colon separated format */ char psk_data[MAXLEN]; /* Line read from data file */ int n; /* Number of fields read by sscanf() */ static int num_left=0; /* Number of free entries left */ unsigned count=0; /* Number of entries in the list */ psk_entry *pe; /* Pointer to current PSK entry */ unsigned char *cp; unsigned char *skeyid_data; /* Data for SKEYID hash */ size_t skeyid_data_len; /* Length of skeyid data */ unsigned char *hash_r_data; /* Data for HASH_R hash */ size_t hash_r_data_len; /* Length of hash_r */ char g_xr_hex[MAXLEN]; /* Individual PSK params as hex */ char g_xi_hex[MAXLEN]; char cky_r_hex[MAXLEN]; char cky_i_hex[MAXLEN]; char sai_b_hex[MAXLEN]; char idir_b_hex[MAXLEN]; char ni_b_hex[MAXLEN]; char nr_b_hex[MAXLEN]; char hash_r_hex[MAXLEN]; unsigned char *g_xr; /* Individual PSK params as binary */ unsigned char *g_xi; unsigned char *cky_r; unsigned char *cky_i; unsigned char *sai_b; unsigned char *idir_b; unsigned char *ni_b; unsigned char *nr_b; size_t g_xr_len; /* Lengths of binary PSK params */ size_t g_xi_len; size_t cky_r_len; size_t cky_i_len; size_t sai_b_len; size_t idir_b_len; size_t ni_b_len; size_t nr_b_len; size_t hash_r_hex_len; /* * Open PSK data file for reading. */ if ((data_file = fopen(filename, "r")) == NULL) err_sys("error opening data file %s", filename); /* * For each line in the data file, read the PSK data, convert to * binary, and store in the PSK list. We ignore blank lines, and * any lines beginning with '#'. */ while ((fgets(psk_data, MAXLEN, data_file)) != NULL) { if (psk_data[0] == '#' || psk_data[0] == '\n' || psk_data[0] == '\r') continue; /* Skip comments and blank lines */ n=sscanf(psk_data, "%[^:]:%[^:]:%[^:]:%[^:]:%[^:]:%[^:]:%[^:]:%[^:]:%[^:\r\n]", g_xr_hex, g_xi_hex, cky_r_hex, cky_i_hex, sai_b_hex, idir_b_hex, ni_b_hex, nr_b_hex, hash_r_hex); if (n != 9) { warn_msg("ERROR: Format error in PSK data file %s, line %u", filename, count+1); err_msg("ERROR: Expected 9 colon-separated fields, found %d", n); } /* * Create or grow the psk list array if required. * We grow the list by PSK_REALLOC_COUNT elements each time. */ if (!num_left) { /* No entries left, allocate some more */ if (psk_list) psk_list=Realloc(psk_list, (count * sizeof(psk_entry)) + PSK_REALLOC_COUNT*sizeof(psk_entry)); else psk_list=Malloc(PSK_REALLOC_COUNT*sizeof(psk_entry)); num_left = PSK_REALLOC_COUNT; } pe = psk_list + count; /* Would array notation be better? */ count++; num_left--; /* * Convert hex to binary representation, and construct SKEYID * and HASH_R data. */ g_xr = hex2data(g_xr_hex, &g_xr_len); g_xi = hex2data(g_xi_hex, &g_xi_len); cky_r = hex2data(cky_r_hex, &cky_r_len); cky_i = hex2data(cky_i_hex, &cky_i_len); sai_b = hex2data(sai_b_hex, &sai_b_len); idir_b = hex2data(idir_b_hex, &idir_b_len); ni_b = hex2data(ni_b_hex, &ni_b_len); nr_b = hex2data(nr_b_hex, &nr_b_len); /* skeyid_data = ni_b | nr_b */ skeyid_data_len = ni_b_len + nr_b_len; skeyid_data = Malloc(skeyid_data_len); cp = skeyid_data; memcpy(cp, ni_b, ni_b_len); cp += ni_b_len; memcpy(cp, nr_b, nr_b_len); free(ni_b); free(nr_b); /* hash_r_data = g_xr | g_xi | cky_r | cky_i | sai_b | idir_b */ hash_r_data_len = g_xr_len + g_xi_len + cky_r_len + cky_i_len + sai_b_len + idir_b_len; hash_r_data = Malloc(hash_r_data_len); cp = hash_r_data; memcpy(cp, g_xr, g_xr_len); cp += g_xr_len; memcpy(cp, g_xi, g_xi_len); cp += g_xi_len; memcpy(cp, cky_r, cky_r_len); cp += cky_r_len; memcpy(cp, cky_i, cky_i_len); cp += cky_i_len; memcpy(cp, sai_b, sai_b_len); cp += sai_b_len; memcpy(cp, idir_b, idir_b_len); free(g_xr); free(g_xi); free(cky_r); free(cky_i); free(sai_b); free(idir_b); /* * Store the PSK parameters in the current psk list entry. */ pe->skeyid_data = skeyid_data; pe->skeyid_data_len = skeyid_data_len; pe->hash_r_data = hash_r_data; pe->hash_r_data_len = hash_r_data_len; pe->hash_r = hex2data(hash_r_hex, &pe->hash_r_len); hash_r_hex_len = strlen(hash_r_hex) + 1; /* includes terminating null */ pe->hash_r_hex = Malloc(hash_r_hex_len); strlcpy(pe->hash_r_hex, hash_r_hex, hash_r_hex_len); pe->nortel_user = nortel_user; /* * Determine hash type based on the length of the hash, and * store this in the current psk list entry. */ if (pe->hash_r_len == MD5_HASH_LEN) { pe->hash_type=HASH_TYPE_MD5; pe->hash_name=make_message("MD5"); } else if (pe->hash_r_len == SHA1_HASH_LEN) { pe->hash_type=HASH_TYPE_SHA1; pe->hash_name=make_message("SHA1"); } else { err_msg("Cannot determine hash type from %u byte HASH_R", pe->hash_r_len); } pe->live = 1; } /* End While fgets() */ /* * Close the data file, and return the number of PSK entries * read into the list. */ fclose(data_file); return count; }
int main(int argc, char **argv) { int log_level = 0; char *data_str; char *ap_req_str = NULL; unsigned char *data; size_t data_len; /* krb5 */ krb5_error_code ret; krb5_context context; krb5_auth_context auth_context; char *princ_str_tn = "kink/tn.example.com"; krb5_principal princ_tn; char *princ_str_nut = "kink/nut.example.com"; krb5_principal princ_nut; char *princ_str_krbtgt = "krbtgt/EXAMPLE.COM"; krb5_principal princ_krbtgt; krb5_ccache ccache; krb5_keytab keytab; krb5_creds creds_tgt; krb5_data ap_req; prog = (const char *) basename(argv[0]); if (prog == NULL) { fprintf(stderr, "basename: %s -- %s\n", strerror(errno), argv[0]); return(0); /* NOTREACHED */ } { int ch = 0; while ((ch = getopt(argc, argv, "dq:")) != -1) { switch (ch) { case 'd': log_level++; break; case 'q': ap_req_str = optarg; break; default: usage(); /* NOTREACHED */ break; } } argc -= optind; argv += optind; } if (!argc) { usage(); /* NOTREACHED */ } data_str = argv[0]; { printf("dbg: %s starts arg(%s)\n", prog, data_str); } { { /* stdout */ printf("std:data:%s\n", data_str); } data_len = strlen(data_str); data_len = data_len/2 + data_len%2; data = (unsigned char *)malloc(data_len); memset(data, 0, data_len); data = hex2data(data_str, data); } if (ap_req_str != NULL) { hex2krb5data(ap_req_str, &ap_req); if (log_level) { dump_krb5_data(&ap_req); } { /* stdout */ int i = 0; unsigned char *p; p = (unsigned char *)ap_req.data; printf("std:ap_req:"); for (i = 0; i < ap_req.length; i++) { printf("%02x", *p++); } printf("\n"); } } /* prepare krb5 context */ { /** init context */ ret = krb5_init_context(&context); if (ret != 0) { printf("ERR:krb5_init_context:%s\n", krb5_get_err_text(context, ret)); return(ret); } /** setup principals */ ret = krb5_parse_name(context, princ_str_tn, &princ_tn); if (ret != 0) { printf("ERR:krb5_parse_name:%s\n", krb5_get_err_text(context, ret)); return(ret); } ret = krb5_parse_name(context, princ_str_nut, &princ_nut); if (ret != 0) { printf("ERR:krb5_parse_name:%s\n", krb5_get_err_text(context, ret)); return(ret); } ret = krb5_parse_name(context, princ_str_krbtgt, &princ_krbtgt); if (ret != 0) { printf("ERR:krb5_parse_name:%s\n", krb5_get_err_text(context, ret)); return(ret); } /** prepare credential cache */ ret = krb5_cc_default(context, &ccache); if (ret != 0) { printf("ERR:krb5_cc_default:%s\n", krb5_get_err_text(context, ret)); return(ret); } /** prepare keytab */ /*ret = krb5_kt_resolve(context, "/usr/local/var/krb5kdc/kadm5.keytab", &keytab);*/ ret = krb5_kt_default(context, &keytab); if (ret != 0) { /* printf("ERR:krb5_kt_default:%s", krb5_get_err_text(context, ret)); */ printf("ERR:krb5_kt_resolve:%s", krb5_get_err_text(context, ret)); return(ret); } } /* get TGT */ { krb5_creds mcreds; memset(&mcreds, 0, sizeof(mcreds)); mcreds.client = princ_tn; mcreds.server = princ_krbtgt; ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcreds, &creds_tgt); if (ret != 0) { printf("ERR:krb5_cc_retrieve_cred:%s\n", krb5_get_err_text(context, ret)); return(ret); } } /* prepare authentiation context */ { ret = krb5_auth_con_init(context, &auth_context); if (ret != 0) { printf("ERR:krb5_auth_con_init:%s\n", krb5_get_err_text(context, ret)); return(ret); } ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE); if (ret != 0) { printf("ERR:krb5_auth_con_setflags:%s\n", krb5_get_err_text(context, ret)); return(ret); } /* if USE_SKEY */ /* ret = krb5_auth_con_setuserkey(context, auth_context, &creds_tgt.session); if (ret != 0) { printf("ERR:krb5_auth_con_setuseruserkey:%s\n", krb5_get_err_text(context, ret)); return(ret); } */ } /* set keyblock in auth_context */ if (ap_req_str != NULL) { krb5_ticket *ticket; krb5_flags ap_req_options; ap_req_options = AP_OPTS_MUTUAL_REQUIRED; ticket = NULL; ret = krb5_rd_req(context, &auth_context, &ap_req, NULL, keytab, &ap_req_options, &ticket); if (log_level) { printf("info: ticket.ticket.key is SKEYID_d\n"); /*dump_krb5_ticket(context, *ticket);*/ } if (log_level) { printf("ap_req_opt (%d)\n", ap_req_options); } if (ret != 0) { printf("ERR:krb5_rd_req:%s\n", krb5_get_err_text(context, ret)); return(ret); } if (log_level) { dump_krb5_keyblock(auth_context->keyblock); } krb5_free_ticket(context, ticket); } else { krb5_creds mcreds; krb5_creds *cred; krb5_creds cred_copy; memset(&mcreds, 0, sizeof(mcreds)); mcreds.client = princ_tn; mcreds.server = princ_nut; ret = krb5_get_credentials(context, KRB5_GC_CACHED, ccache, &mcreds, &cred); if (ret != 0) { printf("ERR:krb5_get_credentials:%s\n", krb5_get_err_text(context, ret)); return(ret); } /* mk_req_extends reallocate cred, so use a copy */ ret = krb5_copy_creds_contents(context, (const krb5_creds *)cred, &cred_copy); if (ret != 0) { printf("ERR:krb5_copy_creds_contents:%s\n", krb5_get_err_text(context, ret)); return(ret); } /* * If auth_con == NULL, one is allocated. * This is used later. (keyblock is used to decrypt AP_REP) */ ret = krb5_mk_req_extended(context, &auth_context, AP_OPTS_MUTUAL_REQUIRED, NULL /* in_data */, &cred_copy, &ap_req); if (ret != 0) { printf("ERR:krb5_mk_req_extended:%s\n", krb5_get_err_text(context, ret)); return(ret); } } /* create checksum */ { krb5_crypto crypto; krb5_checksum cksum; ret = krb5_crypto_init(context, auth_context->keyblock, auth_context->keyblock->keytype, &crypto); if (ret != 0) { printf("ERR:krb5_crypto_init:%s\n", krb5_get_err_text(context, ret)); return(ret); } if (0) { dump_krb5_keyblock(auth_context->keyblock); } ret = krb5_create_checksum(context, crypto, 40, 0 /* krb5_cksumtype type */, data, data_len, &cksum); if (ret != 0) { printf("ERR:krb5_create_checksum:%s\n", krb5_get_err_text(context, ret)); return(ret); } if (log_level) { dump_krb5_checksum(cksum); } { /* stdout */ int i = 0; unsigned char *p; p = (unsigned char *)cksum.checksum.data; printf("std:cksum:"); for (i = 0; i < cksum.checksum.length; i++) { printf("%02x", *p++); } printf("\n"); } krb5_crypto_destroy(context, crypto); } /* clenaup */ { /*free(data);*/ /*krb5_data_free(&ap_req);*/ krb5_free_cred_contents(context, &creds_tgt); ret = krb5_kt_close(context, keytab); if (ret != 0) { printf("ERR:krb5_kt_close:%s\n", krb5_get_err_text(context, ret)); return(ret); } ret = krb5_cc_close(context, ccache); if (ret != 0) { printf("ERR:krb5_cc_close:%s\n", krb5_get_err_text(context, ret)); return(ret); } krb5_free_principal(context, princ_krbtgt); krb5_free_principal(context, princ_nut); krb5_free_principal(context, princ_tn); krb5_free_context(context); } return(0); }
int main(int argc, char **argv) { char cmd[1000]; FILE * fp; FILE * sigDb; char * fileName = NULL; char * sigPattern = NULL; size_t len = 0; size_t sigLen = 0; ssize_t readFile; ssize_t readSig; uint8_t *fileBuf; uint8_t *sigBuf; size_t sizeFb; uint8_t *found; int count=0; strcpy(cmd, "find "); strcat(cmd, MOUNT); strcat(cmd, " -type f > filesToScan.txt"); system(cmd); fp = fopen("filesToScan.txt", "r"); if (fp == NULL) exit(EXIT_FAILURE); //sigDb = fopen("mainCPUsig.ndb","r"); timestamp_type time1, time2; get_timestamp(&time1); while ((readFile = getline(&fileName, &len, fp)) != -1) { printf("scaning: %s", fileName); remove_char_from_string('\n',fileName); loadFile(fileName, &fileBuf, &sizeFb); sigDb = fopen("mainCPUsig5k.ndb","r"); while ((readSig = getline(&sigPattern, &sigLen, sigDb)) != -1){ remove_char_from_string('\n',sigPattern); sigLen = strlen(sigPattern)/2; hex2data(&sigBuf, sigPattern); found = boyer_moore(fileBuf,sizeFb, sigBuf, sigLen); if(found != NULL){ printf(" found virus in %s\n", fileName); count++; } free(sigBuf); } fclose(sigDb); printf("\n"); free(fileBuf); } fclose(fp); get_timestamp(&time2); double elapsed = timestamp_diff_in_seconds(time1,time2); printf("%f s\n", elapsed); printf("virus count: %d\n", count); //loadFile(argv[1], &fileBuf, &sizeFb); }