Exemple #1
0
hash_stat load_keyring(char *filename)
{
        FILE *fp;
        unsigned char buf[1024];
        int i, offset;
        uint32_t flags;
        uint32_t lock_timeout;
        unsigned char major, minor, crypto, hash;
        uint32_t tmp;
        uint32_t num_items;
        unsigned char salt[8];
        unsigned char *to_decrypt;
        int count;

        if (!(fp = fopen(filename, "rb"))) {
                return hash_err;
        }
        count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp);
        if (count!=1) return hash_err;
        if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
                return hash_err;
        }
        offset = KEYRING_FILE_HEADER_LEN;
        major = fgetc(fp);
        minor = fgetc(fp);
        crypto = fgetc(fp);
        hash = fgetc(fp);
        offset += 4;

        if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
                fclose(fp);
                return hash_err;
        }
        // Keyring name
        if (!get_utf8_string(fp, &offset))
                goto bail;
        // ctime
        count = fread(buf, 8, 1, fp);
        if (count!=1)
        {
            fclose(fp);
            return hash_err;
        }
        offset += 8;
        // mtime
        count = fread(buf, 8, 1, fp);
        offset += 8;
        // flags
        get_uint32(fp, &offset, &flags);
        // lock timeout
        get_uint32(fp, &offset, &lock_timeout);
        // iterations
        get_uint32(fp, &offset, &cs.iterations);
        // salt
        count = fread(salt, 8, 1, fp);
        offset += 8;
        // reserved
        for (i = 0; i < 4; i++) {
                get_uint32(fp, &offset, &tmp);
        }
        // num_items
        get_uint32(fp, &offset, &num_items);
        if (!read_hashed_item_info(fp, &offset, num_items))
                goto bail;

        // crypto_size
        get_uint32(fp, &offset, &cs.crypto_size);

        /* Make the crypted part is the right size */
        if (cs.crypto_size % 16 != 0)
                goto bail;

        to_decrypt = (unsigned char *) malloc(cs.crypto_size);
        count = fread(to_decrypt, cs.crypto_size, 1, fp);
        memcpy(cs.salt, salt, SALTLEN);
        memcpy(cs.ct, to_decrypt, cs.crypto_size);
        if(to_decrypt)
                free(to_decrypt);

	memcpy(cs.hash,"\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e",16);
        return hash_ok;

bail:
        fclose(fp);
        return hash_err;
}
static void process_file(const char *fname)
{
	FILE *fp;
	unsigned char buf[1024];
	int i, offset;
	uint32_t flags;
	uint32_t lock_timeout;
	unsigned char major, minor, crypto, hash;
	uint32_t tmp;
	uint32_t num_items;
	uint32_t crypto_size;
	uint32_t hash_iterations;
	unsigned char salt[8];
	unsigned char *to_decrypt;

	if (!(fp = fopen(fname, "rb"))) {
		fprintf(stderr, "%s : %s\n", fname, strerror(errno));
		return;
	}
	count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp);
	assert(count == 1);
	if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
		fprintf(stderr, "%s : Not a GNOME Keyring file!\n", fname);
		return;
	}
	offset = KEYRING_FILE_HEADER_LEN;
	major = fgetc(fp);
	minor = fgetc(fp);
	crypto = fgetc(fp);
	hash = fgetc(fp);
	offset += 4;

	if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
		fprintf(stderr, "%s : Un-supported GNOME Keyring file!\n",
		    fname);
		return;
	}
	// Keyring name
	if (!get_utf8_string(fp, &offset))
		goto bail;
	// ctime
	count = fread(buf, 8, 1, fp);
	if (count != 1)
		goto bail;
	offset += 8;
	// mtime
	count = fread(buf, 8, 1, fp);
	if (count != 1)
		goto bail;
	offset += 8;
	// flags
	get_uint32(fp, &offset, &flags);
	// lock timeout
	get_uint32(fp, &offset, &lock_timeout);
	// hash_iterations
	get_uint32(fp, &offset, &hash_iterations);
	// salt
	count = fread(salt, 8, 1, fp);
	if (count != 1)
		goto bail;
	offset += 8;
	// reserved
	for (i = 0; i < 4; i++) {
		get_uint32(fp, &offset, &tmp);
	}
	// num_items
	get_uint32(fp, &offset, &num_items);
	if (!read_hashed_item_info(fp, &offset, num_items))
		goto bail;

	// crypto_size
	get_uint32(fp, &offset, &crypto_size);
	fprintf(stderr, "%s: crypto size: %u offset : %d\n", fname, crypto_size, offset);

	/* Make the crypted part is the right size */
	if (crypto_size % 16 != 0)
		goto bail;

	to_decrypt = (unsigned char *) mem_alloc(crypto_size);
	count = fread(to_decrypt, crypto_size, 1, fp);
	assert(count == 1);
	printf("%s:$keyring$", basename(fname));
	print_hex(salt, 8);
	printf("*%d*%d*%d*", hash_iterations, crypto_size, 0);
	print_hex(to_decrypt, crypto_size);
	printf("\n");
	if(to_decrypt)
		MEM_FREE(to_decrypt);
	return;

bail:
	fprintf(stderr, "%s: parsing failed, please report this on john-users if input was a valid keyring!\n", fname);
	return;

}
GkmDataResult
gkm_secret_binary_read (GkmSecretCollection *collection, GkmSecretData *sdata,
                        gconstpointer data, gsize n_data)
{
	gsize offset;
	guchar major, minor, crypto, hash;
	guint32 flags;
	guint32 lock_timeout;
	time_t mtime, ctime;
	char *display_name;
	guint32 tmp;
	guint32 num_items;
	guint32 crypto_size;
	guint32 hash_iterations;
	guchar salt[8];
	ItemInfo *items;
	GkmSecret* master;
	GkmSecretObject *obj;
	EggBuffer to_decrypt = EGG_BUFFER_EMPTY;
	GkmDataResult res = GKM_DATA_FAILURE;
	GHashTable *checks = NULL;
	GkmSecretItem *item;
	EggBuffer buffer;
	GList *l, *iteml;
	int i;

	display_name = NULL;
	items = 0;
	obj = GKM_SECRET_OBJECT (collection);

	/* The buffer we read from */
	egg_buffer_init_static (&buffer, data, n_data);

	if (buffer.len < KEYRING_FILE_HEADER_LEN ||
	    memcmp (buffer.buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
		egg_buffer_uninit (&buffer);
		return GKM_DATA_UNRECOGNIZED;
	}

	offset = KEYRING_FILE_HEADER_LEN;
	major = buffer.buf[offset++];
	minor = buffer.buf[offset++];
	crypto = buffer.buf[offset++];
	hash = buffer.buf[offset++];

	if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
		egg_buffer_uninit (&buffer);
		return GKM_DATA_UNRECOGNIZED;
	}

	if (!buffer_get_utf8_string (&buffer, offset, &offset, &display_name) ||
	    !buffer_get_time (&buffer, offset, &offset, &ctime) ||
	    !buffer_get_time (&buffer, offset, &offset, &mtime) ||
	    !egg_buffer_get_uint32 (&buffer, offset, &offset, &flags) ||
	    !egg_buffer_get_uint32 (&buffer, offset, &offset, &lock_timeout) ||
	    !egg_buffer_get_uint32 (&buffer, offset, &offset, &hash_iterations) ||
	    !buffer_get_bytes (&buffer, offset, &offset, salt, 8))
		goto bail;

	for (i = 0; i < 4; i++) {
		if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &tmp))
			goto bail;
	}

	if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &num_items))
		goto bail;

	items = g_new0 (ItemInfo, num_items + 1);

	/* Hashed data, without secrets */
	if (!read_hashed_item_info (&buffer, &offset, items, num_items))
		goto bail;

	if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &crypto_size))
		goto bail;

	/* Make the crypted part is the right size */
	if (crypto_size % 16 != 0)
		goto bail;

	/* Ensure the file is large enough to hold all the data (in case it got truncated) */
	if (buffer.len < offset + crypto_size)
		goto bail;

	/* Copy the data into to_decrypt into non-pageable memory */
	egg_buffer_set_allocator (&to_decrypt, egg_secure_realloc);
	egg_buffer_reserve (&to_decrypt, crypto_size);
	memcpy (to_decrypt.buf, buffer.buf + offset, crypto_size);
	to_decrypt.len = crypto_size;

	if (sdata != NULL) {
		master = gkm_secret_data_get_master (sdata);
		if (!decrypt_buffer (&to_decrypt, master, salt, hash_iterations))
			goto bail;
		if (!verify_decrypted_buffer (&to_decrypt)) {
			res = GKM_DATA_LOCKED;
			goto bail;
		} else {
			offset = 16; /* Skip hash */
			if (!read_full_item_info (&to_decrypt, &offset, items, num_items))
				goto bail;
		}
	}

	/* Correctly read all data, possibly including the decrypted data.
	 * Now update the keyring and items: */

	gkm_secret_object_set_label (obj, display_name);
	gkm_secret_object_set_modified (obj, mtime);
	gkm_secret_object_set_created (obj, ctime);
	if (flags & LOCK_ON_IDLE_FLAG)
		gkm_secret_collection_set_lock_idle (collection, lock_timeout);
	else if (flags & LOCK_AFTER_FLAG)
		gkm_secret_collection_set_lock_after (collection, lock_timeout);

	/* Build a Hash table where we can track ids we haven't yet seen */
	checks = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
	iteml = gkm_secret_collection_get_items (collection);
	for (l = iteml; l; l = g_list_next (l))
		g_hash_table_insert (checks, g_strdup (gkm_secret_object_get_identifier (l->data)), "unused");
	g_list_free (iteml);

	for (i = 0; i < num_items; i++) {

		/* We've seen this id */
		g_hash_table_remove (checks, items[i].identifier);

		item = gkm_secret_collection_get_item (collection, items[i].identifier);
		if (item == NULL)
			item = gkm_secret_collection_new_item (collection, items[i].identifier);

		setup_item_from_info (item, sdata, &items[i]);
	}

	g_hash_table_foreach (checks, remove_unavailable_item, collection);
	res = GKM_DATA_SUCCESS;

bail:
	egg_buffer_uninit (&to_decrypt);
	if (checks)
		g_hash_table_destroy (checks);
	g_free (display_name);

	for (i = 0; items && i < num_items; i++)
		free_item_info (&items[i]);
	g_free (items);

	return res;
}