hash_stat load_keyring(char *filename)
{
FILE *fp;
unsigned char buf[1024];
int i, offset;
uint32_t flags;
uint32_t lock_timeout;
unsigned char major, minor, crypto, hash;
uint32_t tmp;
uint32_t num_items;
unsigned char salt[8];
unsigned char *to_decrypt;
int count;
if (!(fp = fopen(filename, "rb"))) {
return hash_err;
}
count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp);
if (count!=1) return hash_err;
if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
return hash_err;
}
offset = KEYRING_FILE_HEADER_LEN;
major = fgetc(fp);
minor = fgetc(fp);
crypto = fgetc(fp);
hash = fgetc(fp);
offset += 4;
if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
fclose(fp);
return hash_err;
}
// Keyring name
if (!get_utf8_string(fp, &offset))
goto bail;
// ctime
count = fread(buf, 8, 1, fp);
if (count!=1)
{
fclose(fp);
return hash_err;
}
offset += 8;
// mtime
count = fread(buf, 8, 1, fp);
offset += 8;
// flags
get_uint32(fp, &offset, &flags);
// lock timeout
get_uint32(fp, &offset, &lock_timeout);
// iterations
get_uint32(fp, &offset, &cs.iterations);
// salt
count = fread(salt, 8, 1, fp);
offset += 8;
// reserved
for (i = 0; i < 4; i++) {
get_uint32(fp, &offset, &tmp);
}
// num_items
get_uint32(fp, &offset, &num_items);
if (!read_hashed_item_info(fp, &offset, num_items))
goto bail;
// crypto_size
get_uint32(fp, &offset, &cs.crypto_size);
/* Make the crypted part is the right size */
if (cs.crypto_size % 16 != 0)
goto bail;
to_decrypt = (unsigned char *) malloc(cs.crypto_size);
count = fread(to_decrypt, cs.crypto_size, 1, fp);
memcpy(cs.salt, salt, SALTLEN);
memcpy(cs.ct, to_decrypt, cs.crypto_size);
if(to_decrypt)
free(to_decrypt);
memcpy(cs.hash,"\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e",16);
return hash_ok;
bail:
fclose(fp);
return hash_err;
}
static void process_file(const char *fname)
{
FILE *fp;
unsigned char buf[1024];
int i, offset;
uint32_t flags;
uint32_t lock_timeout;
unsigned char major, minor, crypto, hash;
uint32_t tmp;
uint32_t num_items;
uint32_t crypto_size;
uint32_t hash_iterations;
unsigned char salt[8];
unsigned char *to_decrypt;
if (!(fp = fopen(fname, "rb"))) {
fprintf(stderr, "%s : %s\n", fname, strerror(errno));
return;
}
count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp);
assert(count == 1);
if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
fprintf(stderr, "%s : Not a GNOME Keyring file!\n", fname);
return;
}
offset = KEYRING_FILE_HEADER_LEN;
major = fgetc(fp);
minor = fgetc(fp);
crypto = fgetc(fp);
hash = fgetc(fp);
offset += 4;
if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
fprintf(stderr, "%s : Un-supported GNOME Keyring file!\n",
fname);
return;
}
// Keyring name
if (!get_utf8_string(fp, &offset))
goto bail;
// ctime
count = fread(buf, 8, 1, fp);
if (count != 1)
goto bail;
offset += 8;
// mtime
count = fread(buf, 8, 1, fp);
if (count != 1)
goto bail;
offset += 8;
// flags
get_uint32(fp, &offset, &flags);
// lock timeout
get_uint32(fp, &offset, &lock_timeout);
// hash_iterations
get_uint32(fp, &offset, &hash_iterations);
// salt
count = fread(salt, 8, 1, fp);
if (count != 1)
goto bail;
offset += 8;
// reserved
for (i = 0; i < 4; i++) {
get_uint32(fp, &offset, &tmp);
}
// num_items
get_uint32(fp, &offset, &num_items);
if (!read_hashed_item_info(fp, &offset, num_items))
goto bail;
// crypto_size
get_uint32(fp, &offset, &crypto_size);
fprintf(stderr, "%s: crypto size: %u offset : %d\n", fname, crypto_size, offset);
/* Make the crypted part is the right size */
if (crypto_size % 16 != 0)
goto bail;
to_decrypt = (unsigned char *) mem_alloc(crypto_size);
count = fread(to_decrypt, crypto_size, 1, fp);
assert(count == 1);
printf("%s:$keyring$", basename(fname));
print_hex(salt, 8);
printf("*%d*%d*%d*", hash_iterations, crypto_size, 0);
print_hex(to_decrypt, crypto_size);
printf("\n");
if(to_decrypt)
MEM_FREE(to_decrypt);
return;
bail:
fprintf(stderr, "%s: parsing failed, please report this on john-users if input was a valid keyring!\n", fname);
return;
}
GkmDataResult
gkm_secret_binary_read (GkmSecretCollection *collection, GkmSecretData *sdata,
gconstpointer data, gsize n_data)
{
gsize offset;
guchar major, minor, crypto, hash;
guint32 flags;
guint32 lock_timeout;
time_t mtime, ctime;
char *display_name;
guint32 tmp;
guint32 num_items;
guint32 crypto_size;
guint32 hash_iterations;
guchar salt[8];
ItemInfo *items;
GkmSecret* master;
GkmSecretObject *obj;
EggBuffer to_decrypt = EGG_BUFFER_EMPTY;
GkmDataResult res = GKM_DATA_FAILURE;
GHashTable *checks = NULL;
GkmSecretItem *item;
EggBuffer buffer;
GList *l, *iteml;
int i;
display_name = NULL;
items = 0;
obj = GKM_SECRET_OBJECT (collection);
/* The buffer we read from */
egg_buffer_init_static (&buffer, data, n_data);
if (buffer.len < KEYRING_FILE_HEADER_LEN ||
memcmp (buffer.buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
egg_buffer_uninit (&buffer);
return GKM_DATA_UNRECOGNIZED;
}
offset = KEYRING_FILE_HEADER_LEN;
major = buffer.buf[offset++];
minor = buffer.buf[offset++];
crypto = buffer.buf[offset++];
hash = buffer.buf[offset++];
if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
egg_buffer_uninit (&buffer);
return GKM_DATA_UNRECOGNIZED;
}
if (!buffer_get_utf8_string (&buffer, offset, &offset, &display_name) ||
!buffer_get_time (&buffer, offset, &offset, &ctime) ||
!buffer_get_time (&buffer, offset, &offset, &mtime) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &flags) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &lock_timeout) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &hash_iterations) ||
!buffer_get_bytes (&buffer, offset, &offset, salt, 8))
goto bail;
for (i = 0; i < 4; i++) {
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &tmp))
goto bail;
}
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &num_items))
goto bail;
items = g_new0 (ItemInfo, num_items + 1);
/* Hashed data, without secrets */
if (!read_hashed_item_info (&buffer, &offset, items, num_items))
goto bail;
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &crypto_size))
goto bail;
/* Make the crypted part is the right size */
if (crypto_size % 16 != 0)
goto bail;
/* Ensure the file is large enough to hold all the data (in case it got truncated) */
if (buffer.len < offset + crypto_size)
goto bail;
/* Copy the data into to_decrypt into non-pageable memory */
egg_buffer_set_allocator (&to_decrypt, egg_secure_realloc);
egg_buffer_reserve (&to_decrypt, crypto_size);
memcpy (to_decrypt.buf, buffer.buf + offset, crypto_size);
to_decrypt.len = crypto_size;
if (sdata != NULL) {
master = gkm_secret_data_get_master (sdata);
if (!decrypt_buffer (&to_decrypt, master, salt, hash_iterations))
goto bail;
if (!verify_decrypted_buffer (&to_decrypt)) {
res = GKM_DATA_LOCKED;
goto bail;
} else {
offset = 16; /* Skip hash */
if (!read_full_item_info (&to_decrypt, &offset, items, num_items))
goto bail;
}
}
/* Correctly read all data, possibly including the decrypted data.
* Now update the keyring and items: */
gkm_secret_object_set_label (obj, display_name);
gkm_secret_object_set_modified (obj, mtime);
gkm_secret_object_set_created (obj, ctime);
if (flags & LOCK_ON_IDLE_FLAG)
gkm_secret_collection_set_lock_idle (collection, lock_timeout);
else if (flags & LOCK_AFTER_FLAG)
gkm_secret_collection_set_lock_after (collection, lock_timeout);
/* Build a Hash table where we can track ids we haven't yet seen */
checks = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
iteml = gkm_secret_collection_get_items (collection);
for (l = iteml; l; l = g_list_next (l))
g_hash_table_insert (checks, g_strdup (gkm_secret_object_get_identifier (l->data)), "unused");
g_list_free (iteml);
for (i = 0; i < num_items; i++) {
/* We've seen this id */
g_hash_table_remove (checks, items[i].identifier);
item = gkm_secret_collection_get_item (collection, items[i].identifier);
if (item == NULL)
item = gkm_secret_collection_new_item (collection, items[i].identifier);
setup_item_from_info (item, sdata, &items[i]);
}
g_hash_table_foreach (checks, remove_unavailable_item, collection);
res = GKM_DATA_SUCCESS;
bail:
egg_buffer_uninit (&to_decrypt);
if (checks)
g_hash_table_destroy (checks);
g_free (display_name);
for (i = 0; items && i < num_items; i++)
free_item_info (&items[i]);
g_free (items);
return res;
}
