hash_stat load_keyring(char *filename) { FILE *fp; unsigned char buf[1024]; int i, offset; uint32_t flags; uint32_t lock_timeout; unsigned char major, minor, crypto, hash; uint32_t tmp; uint32_t num_items; unsigned char salt[8]; unsigned char *to_decrypt; int count; if (!(fp = fopen(filename, "rb"))) { return hash_err; } count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp); if (count!=1) return hash_err; if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) { return hash_err; } offset = KEYRING_FILE_HEADER_LEN; major = fgetc(fp); minor = fgetc(fp); crypto = fgetc(fp); hash = fgetc(fp); offset += 4; if (major != 0 || minor != 0 || crypto != 0 || hash != 0) { fclose(fp); return hash_err; } // Keyring name if (!get_utf8_string(fp, &offset)) goto bail; // ctime count = fread(buf, 8, 1, fp); if (count!=1) { fclose(fp); return hash_err; } offset += 8; // mtime count = fread(buf, 8, 1, fp); offset += 8; // flags get_uint32(fp, &offset, &flags); // lock timeout get_uint32(fp, &offset, &lock_timeout); // iterations get_uint32(fp, &offset, &cs.iterations); // salt count = fread(salt, 8, 1, fp); offset += 8; // reserved for (i = 0; i < 4; i++) { get_uint32(fp, &offset, &tmp); } // num_items get_uint32(fp, &offset, &num_items); if (!read_hashed_item_info(fp, &offset, num_items)) goto bail; // crypto_size get_uint32(fp, &offset, &cs.crypto_size); /* Make the crypted part is the right size */ if (cs.crypto_size % 16 != 0) goto bail; to_decrypt = (unsigned char *) malloc(cs.crypto_size); count = fread(to_decrypt, cs.crypto_size, 1, fp); memcpy(cs.salt, salt, SALTLEN); memcpy(cs.ct, to_decrypt, cs.crypto_size); if(to_decrypt) free(to_decrypt); memcpy(cs.hash,"\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e",16); return hash_ok; bail: fclose(fp); return hash_err; }
static void process_file(const char *fname) { FILE *fp; unsigned char buf[1024]; int i, offset; uint32_t flags; uint32_t lock_timeout; unsigned char major, minor, crypto, hash; uint32_t tmp; uint32_t num_items; uint32_t crypto_size; uint32_t hash_iterations; unsigned char salt[8]; unsigned char *to_decrypt; if (!(fp = fopen(fname, "rb"))) { fprintf(stderr, "%s : %s\n", fname, strerror(errno)); return; } count = fread(buf, KEYRING_FILE_HEADER_LEN, 1, fp); assert(count == 1); if (memcmp(buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) { fprintf(stderr, "%s : Not a GNOME Keyring file!\n", fname); return; } offset = KEYRING_FILE_HEADER_LEN; major = fgetc(fp); minor = fgetc(fp); crypto = fgetc(fp); hash = fgetc(fp); offset += 4; if (major != 0 || minor != 0 || crypto != 0 || hash != 0) { fprintf(stderr, "%s : Un-supported GNOME Keyring file!\n", fname); return; } // Keyring name if (!get_utf8_string(fp, &offset)) goto bail; // ctime count = fread(buf, 8, 1, fp); if (count != 1) goto bail; offset += 8; // mtime count = fread(buf, 8, 1, fp); if (count != 1) goto bail; offset += 8; // flags get_uint32(fp, &offset, &flags); // lock timeout get_uint32(fp, &offset, &lock_timeout); // hash_iterations get_uint32(fp, &offset, &hash_iterations); // salt count = fread(salt, 8, 1, fp); if (count != 1) goto bail; offset += 8; // reserved for (i = 0; i < 4; i++) { get_uint32(fp, &offset, &tmp); } // num_items get_uint32(fp, &offset, &num_items); if (!read_hashed_item_info(fp, &offset, num_items)) goto bail; // crypto_size get_uint32(fp, &offset, &crypto_size); fprintf(stderr, "%s: crypto size: %u offset : %d\n", fname, crypto_size, offset); /* Make the crypted part is the right size */ if (crypto_size % 16 != 0) goto bail; to_decrypt = (unsigned char *) mem_alloc(crypto_size); count = fread(to_decrypt, crypto_size, 1, fp); assert(count == 1); printf("%s:$keyring$", basename(fname)); print_hex(salt, 8); printf("*%d*%d*%d*", hash_iterations, crypto_size, 0); print_hex(to_decrypt, crypto_size); printf("\n"); if(to_decrypt) MEM_FREE(to_decrypt); return; bail: fprintf(stderr, "%s: parsing failed, please report this on john-users if input was a valid keyring!\n", fname); return; }
GkmDataResult gkm_secret_binary_read (GkmSecretCollection *collection, GkmSecretData *sdata, gconstpointer data, gsize n_data) { gsize offset; guchar major, minor, crypto, hash; guint32 flags; guint32 lock_timeout; time_t mtime, ctime; char *display_name; guint32 tmp; guint32 num_items; guint32 crypto_size; guint32 hash_iterations; guchar salt[8]; ItemInfo *items; GkmSecret* master; GkmSecretObject *obj; EggBuffer to_decrypt = EGG_BUFFER_EMPTY; GkmDataResult res = GKM_DATA_FAILURE; GHashTable *checks = NULL; GkmSecretItem *item; EggBuffer buffer; GList *l, *iteml; int i; display_name = NULL; items = 0; obj = GKM_SECRET_OBJECT (collection); /* The buffer we read from */ egg_buffer_init_static (&buffer, data, n_data); if (buffer.len < KEYRING_FILE_HEADER_LEN || memcmp (buffer.buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) { egg_buffer_uninit (&buffer); return GKM_DATA_UNRECOGNIZED; } offset = KEYRING_FILE_HEADER_LEN; major = buffer.buf[offset++]; minor = buffer.buf[offset++]; crypto = buffer.buf[offset++]; hash = buffer.buf[offset++]; if (major != 0 || minor != 0 || crypto != 0 || hash != 0) { egg_buffer_uninit (&buffer); return GKM_DATA_UNRECOGNIZED; } if (!buffer_get_utf8_string (&buffer, offset, &offset, &display_name) || !buffer_get_time (&buffer, offset, &offset, &ctime) || !buffer_get_time (&buffer, offset, &offset, &mtime) || !egg_buffer_get_uint32 (&buffer, offset, &offset, &flags) || !egg_buffer_get_uint32 (&buffer, offset, &offset, &lock_timeout) || !egg_buffer_get_uint32 (&buffer, offset, &offset, &hash_iterations) || !buffer_get_bytes (&buffer, offset, &offset, salt, 8)) goto bail; for (i = 0; i < 4; i++) { if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &tmp)) goto bail; } if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &num_items)) goto bail; items = g_new0 (ItemInfo, num_items + 1); /* Hashed data, without secrets */ if (!read_hashed_item_info (&buffer, &offset, items, num_items)) goto bail; if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &crypto_size)) goto bail; /* Make the crypted part is the right size */ if (crypto_size % 16 != 0) goto bail; /* Ensure the file is large enough to hold all the data (in case it got truncated) */ if (buffer.len < offset + crypto_size) goto bail; /* Copy the data into to_decrypt into non-pageable memory */ egg_buffer_set_allocator (&to_decrypt, egg_secure_realloc); egg_buffer_reserve (&to_decrypt, crypto_size); memcpy (to_decrypt.buf, buffer.buf + offset, crypto_size); to_decrypt.len = crypto_size; if (sdata != NULL) { master = gkm_secret_data_get_master (sdata); if (!decrypt_buffer (&to_decrypt, master, salt, hash_iterations)) goto bail; if (!verify_decrypted_buffer (&to_decrypt)) { res = GKM_DATA_LOCKED; goto bail; } else { offset = 16; /* Skip hash */ if (!read_full_item_info (&to_decrypt, &offset, items, num_items)) goto bail; } } /* Correctly read all data, possibly including the decrypted data. * Now update the keyring and items: */ gkm_secret_object_set_label (obj, display_name); gkm_secret_object_set_modified (obj, mtime); gkm_secret_object_set_created (obj, ctime); if (flags & LOCK_ON_IDLE_FLAG) gkm_secret_collection_set_lock_idle (collection, lock_timeout); else if (flags & LOCK_AFTER_FLAG) gkm_secret_collection_set_lock_after (collection, lock_timeout); /* Build a Hash table where we can track ids we haven't yet seen */ checks = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); iteml = gkm_secret_collection_get_items (collection); for (l = iteml; l; l = g_list_next (l)) g_hash_table_insert (checks, g_strdup (gkm_secret_object_get_identifier (l->data)), "unused"); g_list_free (iteml); for (i = 0; i < num_items; i++) { /* We've seen this id */ g_hash_table_remove (checks, items[i].identifier); item = gkm_secret_collection_get_item (collection, items[i].identifier); if (item == NULL) item = gkm_secret_collection_new_item (collection, items[i].identifier); setup_item_from_info (item, sdata, &items[i]); } g_hash_table_foreach (checks, remove_unavailable_item, collection); res = GKM_DATA_SUCCESS; bail: egg_buffer_uninit (&to_decrypt); if (checks) g_hash_table_destroy (checks); g_free (display_name); for (i = 0; items && i < num_items; i++) free_item_info (&items[i]); g_free (items); return res; }