//the event: password has changed succesfully
NTSTATUS NTAPI PasswordChangeNotify(PUNICODE_STRING UserName,ULONG RelativeId,PUNICODE_STRING NewPassword)
{
if (!configured){
configured = setFilePermissions();
}
int nLen=0;
bool result;
//copy username
int userLength = UserName->Length/ sizeof(wchar_t);
wchar_t* username = (wchar_t*)malloc((userLength + 1) * sizeof(wchar_t));
wchar_t* z = wcsncpy(username,UserName->Buffer,userLength);
//set the last character to null
username[userLength] = NULL;
//convert the password from widechar to utf-8
int passwordLength = NewPassword->Length/ sizeof(wchar_t);
nLen = WideCharToMultiByte(CP_UTF8, 0, NewPassword->Buffer, passwordLength, 0, 0, 0, 0);
char* password = (char*)malloc((nLen + 1) * sizeof(char));
nLen = WideCharToMultiByte(CP_UTF8, 0, NewPassword->Buffer,passwordLength, password, nLen, 0, 0);
//set the last character to null
password[nLen] = NULL;
//allocate and calculate the hash
wchar_t hash[41];
hashPassword(password,hash);
//try to write the hash to ldap
result = writeHashToLdap(username,hash);
if (result){
writeMessageToLog(CHANGE_PASSWORD_MESSAGE,username);
//try to write the hash to google apps trough an helper app
sendHashToChildProcess(username,hash,configuration.processUser,configuration.processPasswd);
}
else
writeMessageToLog(L"Change failed for user \"%s\"",username);
//zero the password
SecureZeroMemory(password,nLen);
//free the memory
free(username);
free(password);
//can I return something else in case of error?
return STATUS_SUCCESS;
}
void FloaterGridManager::applyChanges()
{
HippoGridInfo* gridInfo = gHippoGridManager->getGrid(mCurGrid);
if (gridInfo)
{
if (gridInfo->getGridNick() == childGetValue("gridnick").asString())
{
gridInfo->setGridName(childGetValue("gridname"));
gridInfo->setLoginUri(childGetValue("loginuri"));
gridInfo->setLoginPage(childGetValue("loginpage"));
gridInfo->setHelperUri(childGetValue("helperuri"));
gridInfo->setWebSite(childGetValue("website"));
gridInfo->setSupportUrl(childGetValue("support"));
gridInfo->setRegisterUrl(childGetValue("register"));
gridInfo->setPasswordUrl(childGetValue("password"));
gridInfo->setSearchUrl(childGetValue("search"));
gridInfo->setRenderCompat(childGetValue("render_compat"));
gridInfo->setFirstName(childGetValue("first_name"));
gridInfo->setLastName(childGetValue("last_name"));
if(childGetValue("avatar_password").asString().empty())
gridInfo->setAvatarPassword(std::string(""));
else if(childGetValue("avatar_password").asString() != std::string(PASSWORD_FILLER))
{
// store account authentication data
std::string auth_password = childGetValue("avatar_password");
std::string hashed_password;
hashPassword(auth_password, hashed_password);
gridInfo->setAvatarPassword(hashed_password);
}
//this bug was a feature -Patrick Sapinski (Friday, August 21, 2009)
//LLPanelLogin::setFields(gridInfo->getFirstName(), gridInfo->getLastName(),
// gridInfo->getAvatarPassword(), true);
}
else
{
llwarns << "Grid nickname mismatch, ignoring changes." << llendl;
}
}
}
static uint8_t encryptHandshake(struct Message* message, struct Wrapper* wrapper)
{
assert(message->padding >= sizeof(union Headers_CryptoAuth) || !"not enough padding");
Message_shift(message, sizeof(union Headers_CryptoAuth));
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) message->bytes;
// garbage the auth field to frustrate DPI and set the nonce (next 24 bytes after the auth)
randombytes((uint8_t*) &header->handshake.auth, sizeof(union Headers_AuthChallenge) + 24);
memcpy(&header->handshake.publicKey, wrapper->context->publicKey, 32);
if (!knowHerKey(wrapper)) {
return genReverseHandshake(message, wrapper, header);
}
// Password auth
uint8_t* passwordHash = NULL;
if (wrapper->password != NULL) {
struct Auth auth;
passwordHash = hashPassword(&auth, wrapper->password, wrapper->authType);
memcpy(header->handshake.auth.bytes, &auth.challenge, sizeof(union Headers_AuthChallenge));
}
header->handshake.auth.challenge.type = wrapper->authType;
Headers_setPacketAuthRequired(&header->handshake.auth, wrapper->authenticatePackets);
// set the session state
uint32_t sessionState_be = Endian_hostToBigEndian32(wrapper->nextNonce);
header->nonce = sessionState_be;
if (wrapper->nextNonce == 0 || wrapper->nextNonce == 2) {
// If we're sending a hello or a key
crypto_box_curve25519xsalsa20poly1305_keypair(header->handshake.encryptedTempKey,
wrapper->secret);
if (wrapper->nextNonce == 0) {
memcpy(wrapper->tempKey, header->handshake.encryptedTempKey, 32);
}
#ifdef Log_DEBUG
assert(!Bits_isZero(header->handshake.encryptedTempKey, 32));
assert(!Bits_isZero(wrapper->secret, 32));
#endif
} else if (wrapper->nextNonce == 3) {
// Dupe key
// If nextNonce is 1 then we have our pubkey stored in wrapper->tempKey,
// If nextNonce is 3 we need to recalculate it each time
// because tempKey the final secret.
crypto_scalarmult_curve25519_base(header->handshake.encryptedTempKey,
wrapper->secret);
} else {
// Dupe hello
// wrapper->nextNonce == 1
// Our public key is cached in wrapper->tempKey so lets copy it out.
memcpy(header->handshake.encryptedTempKey, wrapper->tempKey, 32);
}
uint8_t sharedSecret[32];
if (wrapper->nextNonce < 2) {
if (wrapper->nextNonce == 0) {
Log_debug(wrapper->context->logger, "Sending hello packet\n");
} else {
Log_debug(wrapper->context->logger, "Sending repeat hello packet\n");
}
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->herPerminentPubKey,
passwordHash,
wrapper->context->logger);
wrapper->isInitiator = true;
wrapper->nextNonce = 1;
#ifdef Log_DEBUG
assert(!Bits_isZero(header->handshake.encryptedTempKey, 32));
uint8_t myTempPubKey[32];
crypto_scalarmult_curve25519_base(myTempPubKey, wrapper->secret);
assert(!memcmp(header->handshake.encryptedTempKey, myTempPubKey, 32));
#endif
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys1(wrapper->context->logger,
"Wrapping temp public key:\n"
" %s\n",
tempKeyHex);
#endif
} else {
if (wrapper->nextNonce == 2) {
Log_debug(wrapper->context->logger, "Sending key packet\n");
} else {
Log_debug(wrapper->context->logger, "Sending repeat key packet\n");
}
// Handshake2 wrapper->tempKey holds her public temp key.
// it was put there by receiveMessage()
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->tempKey,
passwordHash,
wrapper->context->logger);
wrapper->nextNonce = 3;
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, wrapper->tempKey, 32);
Log_keys1(wrapper->context->logger,
"Using their temp public key:\n"
" %s\n",
tempKeyHex);
#endif
}
// Shift message over the encryptedTempKey field.
Message_shift(message, 32 - Headers_CryptoAuth_SIZE);
encryptRndNonce(header->handshake.nonce, message, sharedSecret);
Log_debug1(wrapper->context->logger, "Message length: %u\n", message->length);
#ifdef Log_KEYS
uint8_t sharedSecretHex[65];
printHexKey(sharedSecretHex, sharedSecret);
uint8_t nonceHex[49];
Hex_encode(nonceHex, 49, header->handshake.nonce, 24);
uint8_t cipherHex[65];
printHexKey(cipherHex, message->bytes);
Log_keys3(wrapper->context->logger,
"Encrypting message with:\n"
" nonce: %s\n"
" secret: %s\n"
" cipher: %s\n",
nonceHex, sharedSecretHex, cipherHex);
#endif
#ifdef Log_DEBUG
assert(!Bits_isZero(header->handshake.encryptedTempKey, 32));
#endif
// Shift it back -- encryptRndNonce adds 16 bytes of authenticator.
Message_shift(message, Headers_CryptoAuth_SIZE - 32 - 16);
return wrapper->wrappedInterface->sendMessage(message, wrapper->wrappedInterface);
}
inline bool encode_in(
std::string& encryptedPackage,
EncryptionInfo& info,
const std::string& data,
cybozu::crypto::Cipher::Name cipherName,
cybozu::crypto::Hash::Name hashName,
int spinCount,
const std::string& pass,
const std::string& masterKey)
{
if (spinCount > 10000000) throw cybozu::Exception("ms:encode_in:too large spinCount") << spinCount;
CipherParam& keyData = info.keyData;
CipherParam& encryptedKey = info.encryptedKey;
keyData.setByName(cipherName, hashName);
encryptedKey.setByName(cipherName, hashName);
info.spinCount = spinCount;
std::string& iv = encryptedKey.saltValue;
FillRand(iv, encryptedKey.saltSize);
#ifdef SAME_KEY
puts("QQQ defined SAME_KEY QQQ");
iv = fromHex("F4994F9B2DCD5E0E84BC6386D4523D2C");
#endif
const std::string pwHash = hashPassword(encryptedKey.hashName, iv, pass, spinCount);
const std::string skey1 = generateKey(encryptedKey, pwHash, blkKey_VerifierHashInput);
const std::string skey2 = generateKey(encryptedKey, pwHash, blkKey_encryptedVerifierHashValue);
const std::string skey3 = generateKey(encryptedKey, pwHash, blkKey_encryptedKeyValue);
std::string verifierHashInput;
FillRand(verifierHashInput, encryptedKey.saltSize);
#ifdef SAME_KEY
verifierHashInput = fromHex("FEDAECD950F9E82C47CADA29B7837C6D");
#endif
verifierHashInput.resize(RoundUp(verifierHashInput.size(), encryptedKey.blockSize));
info.encryptedVerifierHashInput = cipher(encryptedKey.cipherName, verifierHashInput, skey1, iv, cybozu::crypto::Cipher::Encoding);
std::string hashedVerifier = cybozu::crypto::Hash::digest(encryptedKey.hashName, verifierHashInput);
hashedVerifier.resize(RoundUp(hashedVerifier.size(), encryptedKey.blockSize));
info.encryptedVerifierHashValue = cipher(encryptedKey.cipherName, hashedVerifier, skey2, iv, cybozu::crypto::Cipher::Encoding);
std::string secretKey;
FillRand(secretKey, encryptedKey.saltSize);
#ifdef SAME_KEY
secretKey = fromHex("BF44FBB51BE1E88BF130156E117E7900");
#endif
if (!masterKey.empty()) {
secretKey = masterKey;
}
normalizeKey(secretKey, encryptedKey.keyBits / 8);
info.encryptedKeyValue = cipher(encryptedKey.cipherName, secretKey, skey3, iv, cybozu::crypto::Cipher::Encoding);
FillRand(keyData.saltValue, keyData.saltSize);
#ifdef SAME_KEY
keyData.saltValue = fromHex("C49AAAEE99004C6B017EE5CD11B86729");
#endif
EncContent(encryptedPackage, data, encryptedKey, secretKey, keyData.saltValue);
GenerateIntegrityParameter(info.encryptedHmacKey, info.encryptedHmacValue, encryptedPackage, keyData, secretKey, keyData.saltValue);
return true;
}
static uint8_t encryptHandshake(struct Message* message,
struct CryptoAuth_Wrapper* wrapper,
int setupMessage)
{
Message_shift(message, sizeof(union Headers_CryptoAuth), NULL);
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) message->bytes;
// garbage the auth challenge and set the nonce which follows it
Random_bytes(wrapper->context->rand, (uint8_t*) &header->handshake.auth,
sizeof(union Headers_AuthChallenge) + 24);
// set the permanent key
Bits_memcpyConst(&header->handshake.publicKey, wrapper->context->pub.publicKey, 32);
if (!knowHerKey(wrapper)) {
return genReverseHandshake(message, wrapper, header);
} else if (!Bits_isZero(wrapper->herIp6, 16)) {
// If someone starts a CA session and then discovers the key later and memcpy's it into the
// result of getHerPublicKey() then we want to make sure they didn't memcpy in an invalid
// key.
uint8_t calculatedIp6[16];
AddressCalc_addressForPublicKey(calculatedIp6, wrapper->herPerminentPubKey);
Assert_true(!Bits_memcmp(wrapper->herIp6, calculatedIp6, 16));
}
if (wrapper->bufferedMessage) {
// We wanted to send a message but we didn't know the peer's key so we buffered it
// and sent a connectToMe.
// Now we just discovered their key and we're sending a hello packet.
// Lets send 2 hello packets instead and on one will attach our buffered message.
// This can never happen when the machine is beyond the first hello packet because
// it should have been sent either by this or in the recipet of a hello packet from
// the other node.
Assert_true(wrapper->nextNonce == 0);
struct Message* bm = wrapper->bufferedMessage;
wrapper->bufferedMessage = NULL;
cryptoAuthDebug0(wrapper, "Sending buffered message");
sendMessage(bm, &wrapper->externalInterface);
Allocator_free(bm->alloc);
}
// Password auth
uint8_t* passwordHash = NULL;
struct CryptoAuth_Auth auth;
if (wrapper->password != NULL) {
passwordHash = hashPassword(&auth, wrapper->password, wrapper->authType);
Bits_memcpyConst(header->handshake.auth.bytes,
&auth.challenge,
sizeof(union Headers_AuthChallenge));
}
header->handshake.auth.challenge.type = wrapper->authType;
// Packet authentication option is deprecated, it must always be enabled.
Headers_setPacketAuthRequired(&header->handshake.auth, 1);
// This is a special packet which the user should never see.
Headers_setSetupPacket(&header->handshake.auth, setupMessage);
// Set the session state
uint32_t sessionState_be = Endian_hostToBigEndian32(wrapper->nextNonce);
header->nonce = sessionState_be;
if (wrapper->nextNonce == 0 || wrapper->nextNonce == 2) {
// If we're sending a hello or a key
// Here we make up a temp keypair
Random_bytes(wrapper->context->rand, wrapper->ourTempPrivKey, 32);
crypto_scalarmult_curve25519_base(wrapper->ourTempPubKey, wrapper->ourTempPrivKey);
#ifdef Log_KEYS
uint8_t tempPrivateKeyHex[65];
Hex_encode(tempPrivateKeyHex, 65, wrapper->ourTempPrivKey, 32);
uint8_t tempPubKeyHex[65];
Hex_encode(tempPubKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys(wrapper->context->logger, "Generating temporary keypair\n"
" myTempPrivateKey=%s\n"
" myTempPublicKey=%s\n",
tempPrivateKeyHex, tempPubKeyHex);
#endif
}
Bits_memcpyConst(header->handshake.encryptedTempKey, wrapper->ourTempPubKey, 32);
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys(wrapper->context->logger,
"Wrapping temp public key:\n"
" %s\n",
tempKeyHex);
#endif
cryptoAuthDebug(wrapper, "Sending %s%s packet",
((wrapper->nextNonce & 1) ? "repeat " : ""),
((wrapper->nextNonce < 2) ? "hello" : "key"));
uint8_t sharedSecret[32];
if (wrapper->nextNonce < 2) {
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->herPerminentPubKey,
passwordHash,
wrapper->context->logger);
wrapper->isInitiator = true;
Assert_true(wrapper->nextNonce <= 1);
wrapper->nextNonce = 1;
} else {
// Handshake2
// herTempPubKey was set by receiveMessage()
Assert_ifParanoid(!Bits_isZero(wrapper->herTempPubKey, 32));
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->herTempPubKey,
passwordHash,
wrapper->context->logger);
Assert_true(wrapper->nextNonce <= 3);
wrapper->nextNonce = 3;
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, wrapper->herTempPubKey, 32);
Log_keys(wrapper->context->logger,
"Using their temp public key:\n"
" %s\n",
tempKeyHex);
#endif
}
// Shift message over the encryptedTempKey field.
Message_shift(message, 32 - Headers_CryptoAuth_SIZE, NULL);
encryptRndNonce(header->handshake.nonce, message, sharedSecret);
#ifdef Log_KEYS
uint8_t sharedSecretHex[65];
printHexKey(sharedSecretHex, sharedSecret);
uint8_t nonceHex[49];
Hex_encode(nonceHex, 49, header->handshake.nonce, 24);
uint8_t cipherHex[65];
printHexKey(cipherHex, message->bytes);
Log_keys(wrapper->context->logger,
"Encrypting message with:\n"
" nonce: %s\n"
" secret: %s\n"
" cipher: %s\n",
nonceHex, sharedSecretHex, cipherHex);
#endif
// Shift it back -- encryptRndNonce adds 16 bytes of authenticator.
Message_shift(message, Headers_CryptoAuth_SIZE - 32 - 16, NULL);
return wrapper->wrappedInterface->sendMessage(message, wrapper->wrappedInterface);
}
static void encryptHandshake(struct Message* message,
struct CryptoAuth_Session_pvt* session,
int setupMessage)
{
Message_shift(message, sizeof(union CryptoHeader), NULL);
union CryptoHeader* header = (union CryptoHeader*) message->bytes;
// garbage the auth challenge and set the nonce which follows it
Random_bytes(session->context->rand, (uint8_t*) &header->handshake.auth,
sizeof(union CryptoHeader_Challenge) + 24);
// set the permanent key
Bits_memcpyConst(&header->handshake.publicKey, session->context->pub.publicKey, 32);
Assert_true(knowHerKey(session));
uint8_t calculatedIp6[16];
AddressCalc_addressForPublicKey(calculatedIp6, session->pub.herPublicKey);
if (!Bits_isZero(session->pub.herIp6, 16)) {
// If someone starts a CA session and then discovers the key later and memcpy's it into the
// result of getHerPublicKey() then we want to make sure they didn't memcpy in an invalid
// key.
Assert_true(!Bits_memcmp(session->pub.herIp6, calculatedIp6, 16));
}
// Password auth
uint8_t* passwordHash = NULL;
uint8_t passwordHashStore[32];
if (session->password != NULL) {
hashPassword(passwordHashStore,
&header->handshake.auth,
session->login,
session->password,
session->authType);
passwordHash = passwordHashStore;
} else {
header->handshake.auth.challenge.type = session->authType;
header->handshake.auth.challenge.additional = 0;
}
// Set the session state
header->nonce = Endian_hostToBigEndian32(session->nextNonce);
if (session->nextNonce == 0 || session->nextNonce == 2) {
// If we're sending a hello or a key
// Here we make up a temp keypair
Random_bytes(session->context->rand, session->ourTempPrivKey, 32);
crypto_scalarmult_curve25519_base(session->ourTempPubKey, session->ourTempPrivKey);
if (Defined(Log_KEYS)) {
uint8_t tempPrivateKeyHex[65];
Hex_encode(tempPrivateKeyHex, 65, session->ourTempPrivKey, 32);
uint8_t tempPubKeyHex[65];
Hex_encode(tempPubKeyHex, 65, session->ourTempPubKey, 32);
Log_keys(session->context->logger, "Generating temporary keypair\n"
" myTempPrivateKey=%s\n"
" myTempPublicKey=%s\n",
tempPrivateKeyHex, tempPubKeyHex);
}
}
Bits_memcpyConst(header->handshake.encryptedTempKey, session->ourTempPubKey, 32);
if (Defined(Log_KEYS)) {
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys(session->context->logger,
"Wrapping temp public key:\n"
" %s\n",
tempKeyHex);
}
cryptoAuthDebug(session, "Sending %s%s packet",
((session->nextNonce & 1) ? "repeat " : ""),
((session->nextNonce < 2) ? "hello" : "key"));
uint8_t sharedSecret[32];
if (session->nextNonce < 2) {
getSharedSecret(sharedSecret,
session->context->privateKey,
session->pub.herPublicKey,
passwordHash,
session->context->logger);
session->isInitiator = true;
Assert_true(session->nextNonce <= 1);
session->nextNonce = 1;
} else {
// Handshake2
// herTempPubKey was set by decryptHandshake()
Assert_ifParanoid(!Bits_isZero(session->herTempPubKey, 32));
getSharedSecret(sharedSecret,
session->context->privateKey,
session->herTempPubKey,
passwordHash,
session->context->logger);
Assert_true(session->nextNonce <= 3);
session->nextNonce = 3;
if (Defined(Log_KEYS)) {
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, session->herTempPubKey, 32);
Log_keys(session->context->logger,
"Using their temp public key:\n"
" %s\n",
tempKeyHex);
}
}
// Shift message over the encryptedTempKey field.
Message_shift(message, 32 - CryptoHeader_SIZE, NULL);
encryptRndNonce(header->handshake.nonce, message, sharedSecret);
if (Defined(Log_KEYS)) {
uint8_t sharedSecretHex[65];
printHexKey(sharedSecretHex, sharedSecret);
uint8_t nonceHex[49];
Hex_encode(nonceHex, 49, header->handshake.nonce, 24);
uint8_t cipherHex[65];
printHexKey(cipherHex, message->bytes);
Log_keys(session->context->logger,
"Encrypting message with:\n"
" nonce: %s\n"
" secret: %s\n"
" cipher: %s\n",
nonceHex, sharedSecretHex, cipherHex);
}
// Shift it back -- encryptRndNonce adds 16 bytes of authenticator.
Message_shift(message, CryptoHeader_SIZE - 32 - 16, NULL);
}
int main()
{
/*
* Variable Initialization
*/
bool prevent_pass = true;
regex_t name_r, num_r, file_r, pass_r;
const char * const name_r_ptrn = "^[a-zA-Z]+$";
const char * const num_r_ptrn = "^[0-9]+$";
const char * const file_r_ptrn = "^(.*)(.txt)$";
const char * const pass_r_ptrn = "^.{6,}$";
if( regcomp(&name_r, name_r_ptrn, REG_EXTENDED | REG_NOSUB) )
{
logerror("Con't compile regexp. Try again.");
}
if( regcomp(&num_r, num_r_ptrn, REG_EXTENDED | REG_NOSUB) )
{
logerror("Con't compile regexp. Try again.");
}
if( regcomp(&file_r, file_r_ptrn, REG_EXTENDED | REG_NOSUB) )
{
logerror("Con't compile regexp. Try again.");
}
if( regcomp(&pass_r, pass_r_ptrn, REG_EXTENDED | REG_NOSUB) )
{
logerror("Con't compile regexp. Try again.");
return 1;
}
FILE * ifp;
FILE * ofp;
long num1, num2;
user * u = (user *) malloc(sizeof(user));
u->nums = (char **) calloc( BUFF_SIZE, sizeof(char *));
u->nums[0] = (char *) calloc( (BUFF_SIZE), sizeof(char));
u->nums[1] = (char *) calloc( (BUFF_SIZE), sizeof(char));
/*
* First Name
*/
while( prevent_pass )
{
prevent_pass = false;
printf("Enter your First Name: ");
getInput(u->fname);
int nomatch = regexec(&name_r, u->fname, 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sFirst Name is invalid, try again.%s\n\n", RED, WHITE);
prevent_pass = true;
}
}
/*
* Last Name
*/
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
printf("Enter your Last Name: ");
getInput(u->lname);
int nomatch = regexec(&name_r, u->lname, 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sLast Name is invalid, try again.%s\n\n", RED, WHITE);
prevent_pass = true;
}
}
/*
* Get numbers
*/
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
memset(u->nums[0], '\0', BUFF_SIZE);
printf("Enter a Number: ");
getInput(u->nums[0]);
int nomatch = regexec(&num_r, u->nums[0], 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sNot a number, try again.%s\n\n", RED, WHITE);
prevent_pass = true;
}
char * end;
num1 = strtol(u->nums[0], &end, 10);
/* Check for buffer overflow and underflow */
if( num1 > ((INT_MAX/4) - 1) )
{
logerror("ERROR: The input entered as numbers are too long.");
printf("\n%sERROR: The input entered as numbers are too long.%s\n\n", RED, WHITE);
prevent_pass = true;
}
else if( num1 < ((INT_MIN/4) + 1 ) )
{
logerror("ERROR: The input entered as numbers are way too negative.");
printf("\n%sERROR: The input entered as numbers are way too negative.%s\n\n", RED, WHITE);
prevent_pass = true;
}
}
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
memset(u->nums[0], '\0', BUFF_SIZE);
printf("Enter another a Number: ");
getInput(u->nums[1]);
int nomatch = regexec(&num_r, u->nums[1], 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sNot a number, try again.%s\n\n", RED, WHITE);
prevent_pass = true;
}
char * end;
num2 = strtol(u->nums[1], &end, 10);
/* Ran into conversion problems? */
if( *end )
{
logerror("ERROR: There was an error coverting the two numbers to type long.");
printf("\n%sERROR: There was an error coverting the two numbers to type long.%s\n\n", RED, WHITE);
prevent_pass = true;
}
/* Check for buffer overflow and underflow */
if( num2 > INT_MAX || (num1 * num2) > INT_MAX || (num1 + num2) > INT_MAX )
{
logerror("ERROR: The input entered as numbers are too long.");
printf("\n%sERROR: The input entered as numbers are too long.%s\n\n", RED, WHITE);
prevent_pass = true;
}
else if( num2 < INT_MIN || (num1 * num2) < INT_MIN || (num1 + num2) < INT_MIN )
{
logerror("ERROR: The input entered as numbers are way too negative.");
printf("\n%sERROR: The input entered as numbers are way too negative.%s\n\n", RED, WHITE);
prevent_pass = true;
}
}
/*
* Don't need these anymore
*/
free(u->nums[0]);
free(u->nums[1]);
free(u->nums);
/*
* Get Input File
*/
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
printf("Enter an input file: ");
getInput(u->input);
int nomatch = regexec(&file_r, u->input, 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sNot a valid file path.%s\n\n", RED, WHITE);
prevent_pass = true;
}
else {
ifp = fopen(u->input, "r");
if( ifp == NULL )
{
fclose(ifp);
printf("\n%sInput file does not exist.%s\n\n", RED, WHITE);
logerror("Input file does not exist.");
prevent_pass = true;
}
}
}
/*
* Get Output File
*/
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
printf("Enter a output file: ");
getInput(u->output);
if( strcmp(u->output, u->input) == 0 )
{
printf("\n%sThe output cannot be the same as the input file.%s\n\n", RED, WHITE);
prevent_pass = true;
}
int nomatch = regexec(&file_r, u->output, 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sNot a valid file path.%s\n\n", RED, WHITE);
prevent_pass = true;
}
}
/*
* Password
*/
FILE * pfp;
pfp = fopen("db.txt", "w");
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
clock_t t;
t = clock();
char * const p = (char *) calloc( (BUFF_SIZE + 1), sizeof(char));
char * const v = (char *) calloc( (BUFF_SIZE + 1), sizeof(char));
printf("\nEnter Password: "******"\n%sNot a valid password. Must be atleast 6 characters with uppercase, lowercase, and digits.%s\n\n", RED, WHITE);
prevent_pass = true;
}
int nomatch = regexec(&pass_r, p, 0, NULL, 0);
if( nomatch == REG_NOMATCH )
{
printf("\n%sNot a valid password. Must be atleast 6 characters with uppercase, lowercase, and digits.%s\n\n", RED, WHITE);
prevent_pass = true;
}
else {
srand(time(NULL));
t = clock() + t;
int seed = rand() * (int)clock;
char salt[40];
snprintf(salt, 40, "%d", seed);
char * const c = hashPassword(p, salt, strlen(p));
memset(p, 'a', BUFF_SIZE);
fprintf(pfp, "%s\n%s", c, salt);
memset(salt, '\0', 40);
seed = 0;
free(c);
}
free(p);
free(v);
}
fclose(pfp);
/*
* Verify
*/
FILE * pofp;
pofp = fopen("db.txt", "r");
char buff;
char * notpassword = (char *) calloc(BUFF_SIZE, sizeof(char));
char * salt = (char *) calloc(BUFF_SIZE, sizeof(char));
int i = 0;
bool flag = false;
while ((buff = fgetc(pofp)) != EOF)
{
if(buff == '\n')
{
flag = true;
i = 0;
}
else if(flag == false)
notpassword[i++] = buff;
else if(flag == true)
salt[i++] = buff;
}
fclose(pofp);
prevent_pass = true;
while( prevent_pass )
{
prevent_pass = false;
char * const p = (char *) calloc( (BUFF_SIZE + 1), sizeof(char));
printf("\nVerify Password: "******"\n%sPassword does not match.%s\n\n", RED, WHITE);
prevent_pass = true;
}
free(p);
}
free(notpassword);
free(salt);
printf("\nSuccess!\n");
/*
* Print results to file
*/
ofp = fopen(u->output, "w");
if( ifp == NULL || ofp == NULL)
{
printf("\n%sThere was an error opening the output file%s\n\n", RED, WHITE);
return 1;
}
fprintf(ofp, "%s %s %ld %ld\n\n", u->fname, u->lname, (num1 + num2), (num1 * num2));
// Write input file to output
char in_file_char;
while ((in_file_char = fgetc(ifp)) != EOF)
fputc(in_file_char, ofp);
printf("\n\nFile has been written.\nExiting...\n\n");
/*
* Be Free
*/
regfree(&name_r);
regfree(&num_r);
regfree(&file_r);
fclose(ifp);
fclose(ofp);
free(u);
return 0;
}
bool FloaterGridManager::createNewGrid()
{
// check nickname
std::string gridnick = childGetValue("gridnick");
if (gridnick == "<required>")
{
gridnick = "";
}
if (gridnick.empty())
{
LLNotifications::instance().add("GridsNoNick");
return false;
}
if (gHippoGridManager->getGrid(gridnick))
{
LLSD args;
args["[NAME]"] = gridnick;
LLNotifications::instance().add("GridExists", args);
return false;
}
// check login URI
std::string loginuri = childGetValue("loginuri");
if ((loginuri.empty()) || (loginuri == "<required>"))
{
LLSD args;
args["[NAME]"] = gridnick;
LLNotifications::instance().add("GridsNoLoginUri", args);
return false;
}
// create new grid
HippoGridInfo* grid = new HippoGridInfo(gridnick);
grid->setGridName(childGetValue("gridname"));
grid->setLoginUri(loginuri);
grid->setLoginPage(childGetValue("loginpage"));
grid->setHelperUri(childGetValue("helperuri"));
grid->setWebSite(childGetValue("website"));
grid->setSupportUrl(childGetValue("support"));
grid->setRegisterUrl(childGetValue("register"));
grid->setPasswordUrl(childGetValue("password"));
grid->setSearchUrl(childGetValue("search"));
grid->setRenderCompat(childGetValue("render_compat"));
gHippoGridManager->addGrid(grid);
grid->setFirstName(childGetValue("first_name"));
grid->setLastName(childGetValue("last_name"));
if(childGetValue("avatar_password").asString().empty())
grid->setAvatarPassword(std::string(""));
else
{
std::string hashed_password;
hashPassword(childGetValue("avatar_password"), hashed_password);
grid->setAvatarPassword(hashed_password);
}
setCurGrid(gridnick);
return true;
}
static uint8_t encryptHandshake(struct Message* message,
struct CryptoAuth_Wrapper* wrapper,
int setupMessage)
{
Message_shift(message, sizeof(union Headers_CryptoAuth));
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) message->bytes;
// garbage the auth challenge and set the nonce which follows it
Random_bytes(wrapper->context->rand, (uint8_t*) &header->handshake.auth,
sizeof(union Headers_AuthChallenge) + 24);
// set the permanent key
Bits_memcpyConst(&header->handshake.publicKey, wrapper->context->pub.publicKey, 32);
if (!knowHerKey(wrapper)) {
return genReverseHandshake(message, wrapper, header);
}
if (wrapper->bufferedMessage) {
// We wanted to send a message but we didn't know the peer's key so we buffered it
// and sent a connectToMe, this or it's reply was lost in the network.
// Now we just discovered their key and we're sending a hello packet.
// Lets send 2 hello packets instead and on one will attach our buffered message.
// This can never happen when the machine is beyond the first hello packet because
// it should have been sent either by this or in the recipet of a hello packet from
// the other node.
Assert_true(wrapper->nextNonce == 0);
struct Message* bm = wrapper->bufferedMessage;
wrapper->bufferedMessage = NULL;
cryptoAuthDebug0(wrapper, "Sending buffered message");
sendMessage(bm, &wrapper->externalInterface);
Allocator_free(bm->alloc);
}
// Password auth
uint8_t* passwordHash = NULL;
struct CryptoAuth_Auth auth;
if (wrapper->password != NULL) {
passwordHash = hashPassword(&auth, wrapper->password, wrapper->authType);
Bits_memcpyConst(header->handshake.auth.bytes,
&auth.challenge,
sizeof(union Headers_AuthChallenge));
}
header->handshake.auth.challenge.type = wrapper->authType;
Headers_setPacketAuthRequired(&header->handshake.auth, wrapper->authenticatePackets);
// This is a special packet which the user should never see.
Headers_setSetupPacket(&header->handshake.auth, setupMessage);
// Set the session state
uint32_t sessionState_be = Endian_hostToBigEndian32(wrapper->nextNonce);
header->nonce = sessionState_be;
if (wrapper->nextNonce == 0 || wrapper->nextNonce == 2) {
// If we're sending a hello or a key
Random_bytes(wrapper->context->rand, wrapper->secret, 32);
crypto_scalarmult_curve25519_base(header->handshake.encryptedTempKey, wrapper->secret);
#ifdef Log_KEYS
uint8_t tempPrivateKeyHex[65];
Hex_encode(tempPrivateKeyHex, 65, wrapper->secret, 32);
uint8_t tempPubKeyHex[65];
Hex_encode(tempPubKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys(wrapper->context->logger, "Generating temporary keypair\n"
" myTempPrivateKey=%s\n"
" myTempPublicKey=%s\n",
tempPrivateKeyHex, tempPubKeyHex);
#endif
if (wrapper->nextNonce == 0) {
Bits_memcpyConst(wrapper->tempKey, header->handshake.encryptedTempKey, 32);
}
#ifdef Log_DEBUG
Assert_true(!Bits_isZero(header->handshake.encryptedTempKey, 32));
Assert_true(!Bits_isZero(wrapper->secret, 32));
#endif
} else if (wrapper->nextNonce == 3) {
// Dupe key
// If nextNonce is 1 then we have our pubkey stored in wrapper->tempKey,
// If nextNonce is 3 we need to recalculate it each time
// because tempKey the final secret.
crypto_scalarmult_curve25519_base(header->handshake.encryptedTempKey,
wrapper->secret);
} else {
// Dupe hello
// wrapper->nextNonce == 1
// Our public key is cached in wrapper->tempKey so lets copy it out.
Bits_memcpyConst(header->handshake.encryptedTempKey, wrapper->tempKey, 32);
}
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, header->handshake.encryptedTempKey, 32);
Log_keys(wrapper->context->logger,
"Wrapping temp public key:\n"
" %s\n",
tempKeyHex);
#endif
cryptoAuthDebug(wrapper, "Sending %s%s packet",
((wrapper->nextNonce & 1) ? "repeat " : ""),
((wrapper->nextNonce < 2) ? "hello" : "key"));
uint8_t sharedSecret[32];
if (wrapper->nextNonce < 2) {
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->herPerminentPubKey,
passwordHash,
wrapper->context->logger);
wrapper->isInitiator = true;
wrapper->nextNonce = 1;
} else {
// Handshake2 wrapper->tempKey holds her public temp key.
// it was put there by receiveMessage()
getSharedSecret(sharedSecret,
wrapper->context->privateKey,
wrapper->tempKey,
passwordHash,
wrapper->context->logger);
wrapper->nextNonce = 3;
#ifdef Log_KEYS
uint8_t tempKeyHex[65];
Hex_encode(tempKeyHex, 65, wrapper->tempKey, 32);
Log_keys(wrapper->context->logger,
"Using their temp public key:\n"
" %s\n",
tempKeyHex);
#endif
}
// Shift message over the encryptedTempKey field.
Message_shift(message, 32 - Headers_CryptoAuth_SIZE);
encryptRndNonce(header->handshake.nonce, message, sharedSecret);
#ifdef Log_KEYS
uint8_t sharedSecretHex[65];
printHexKey(sharedSecretHex, sharedSecret);
uint8_t nonceHex[49];
Hex_encode(nonceHex, 49, header->handshake.nonce, 24);
uint8_t cipherHex[65];
printHexKey(cipherHex, message->bytes);
Log_keys(wrapper->context->logger,
"Encrypting message with:\n"
" nonce: %s\n"
" secret: %s\n"
" cipher: %s\n",
nonceHex, sharedSecretHex, cipherHex);
#endif
#ifdef Log_DEBUG
Assert_true(!Bits_isZero(header->handshake.encryptedTempKey, 32));
#endif
// Shift it back -- encryptRndNonce adds 16 bytes of authenticator.
Message_shift(message, Headers_CryptoAuth_SIZE - 32 - 16);
return wrapper->wrappedInterface->sendMessage(message, wrapper->wrappedInterface);
}
int main()
try
{
cybozu::Mmap xmlFile("EncryptionInfo");
cybozu::MiniXml xml(xmlFile.get() + 8, xmlFile.get() + xmlFile.size());
const cybozu::minixml::Node *keyData = xml.get().getFirstTagByName("keyData");
const std::string keyData_saltValue(dec64(keyData->attr["saltValue"]));
const cybozu::minixml::Node *dataIntegrity = xml.get().getFirstTagByName("dataIntegrity");
const std::string encryptedHmacKey(dec64(dataIntegrity->attr["encryptedHmacKey"]));
const std::string encryptedHmacValue(dec64(dataIntegrity->attr["encryptedHmacValue"]));
// keyEncryptors
const cybozu::minixml::Node *p_encryptedKey = xml.get().getFirstTagByName("p:encryptedKey");
const int spinCount = cybozu::atoi(p_encryptedKey->attr["spinCount"]);
const std::string encryptedKey_saltValue(dec64(p_encryptedKey->attr["saltValue"]));
const std::string encryptedVerifierHashInput(dec64(p_encryptedKey->attr["encryptedVerifierHashInput"]));
const std::string encryptedVerifierHashValue(dec64(p_encryptedKey->attr["encryptedVerifierHashValue"]));
const std::string encryptedKeyValue(dec64(p_encryptedKey->attr["encryptedKeyValue"]));
std::string pass("t\x00""e\x00""s\x00""t\x00", 8);
const std::string kV("\xfe" "\xa7" "\xd2" "\x76" "\x3b" "\x4b" "\x9e" "\x79", 8);
const std::string kH("\xd7" "\xaa" "\x0f" "\x6d" "\x30" "\x61" "\x34" "\x4e", 8);
const std::string kC("\x14" "\x6e" "\x0b" "\xe7" "\xab" "\xac" "\xd0" "\xd6", 8);
puts("pass"); dump(pass);
const std::string pwHash = hashPassword(encryptedKey_saltValue, pass, spinCount);
const std::string iv = encryptedKey_saltValue;
const std::string skey1 = generateKey(pwHash, kV);
const std::string verifierHashInput = cipher(encryptedVerifierHashInput, skey1, iv);
puts("verifierHashInput");
dump(verifierHashInput);
const std::string hashedVerifier = hash(verifierHashInput);
puts("hashedVerifier"); dump(hashedVerifier);
const std::string skey2 = generateKey(pwHash, kH);
const std::string verifierHash = cipher(encryptedVerifierHashValue, skey2, iv).substr(0, hashedVerifier.size());
puts("verifierHash"); dump(verifierHash);
if (hashedVerifier != verifierHash) {
puts("miss");
return 1;
}
const std::string skey3 = generateKey(pwHash, kC);
std::string secretKey = cipher(encryptedKeyValue, skey3, iv);
puts("secretKey"); dump(secretKey);
cybozu::Mmap m("EncryptedPackage");
uint64_t fileSize = cybozu::Get64bitAsLE(m.get());
printf("fileSize=%d\n", (int)fileSize);
std::string encData(m.get() + 8, (int)m.size() - 8);
printf("encData.size=%d\n", (int)encData.size());
// decode
std::string decData = decContent(encData, secretKey, keyData_saltValue);
{
std::ofstream ofs("dec.pptx", std::ios::binary);
ofs.write(decData.c_str(), (int)fileSize);
}
// integrity
{
const std::string b1("\x5f" "\xb2" "\xad" "\x01" "\x0c" "\xb9" "\xe1" "\xf6", 8);
const std::string iv1 = generateIv(keyData_saltValue, b1);
const std::string salt = cipher(encryptedHmacKey, secretKey, iv1).substr(0, 20);
printf("salt=%s\n", hex(salt).c_str());
}
{
const std::string b2("\xa0" "\x67" "\x7f" "\x02" "\xb2" "\x2c" "\x84" "\x33", 8);
const std::string iv2 = generateIv(keyData_saltValue, b2);
const std::string r2 = cipher(encryptedHmacValue, secretKey, iv2).substr(0, 20);
printf(" r2=%s\n", hex(r2).c_str());
}
} catch (cybozu::Exception& e) {
printf("ERR %s\n", e.what());
}
int main(int argc, char *argv[]) {
hashset_t set = hashset_create();
hashset_add(set,"leer");
curl_global_init(CURL_GLOBAL_ALL);
CURL * myHandle = curl_easy_init();
char md5Password [32];
struct string s;
struct string g;
init_string(&s);
init_string(&g);
int i;
/*
char password[BUFSIZ];
char name[BUFSIZ];
printf("Enter Username: \n");
fgets(name, BUFSIZ, stdin);
printf("Enter Password: \n");
fgets(password,BUFSIZ,stdin);
cleaner(name);
cleaner(password);
*/
//temp
char password [] = "569dgBAh#6Kv2^e9z^ALFiOq";
char name [] = "Foxi";
//temp
hashPassword(password, md5Password);
doLogin(name, md5Password, myHandle);
sleep(3);
getSecretToken(myHandle,&s);
sleep(3);
char* tokenarray = (char*) malloc((s.len + 3) * sizeof (char));
strcpy(tokenarray, s.ptr);
findSecretToken(tokenarray, s.len);
//Hier muss die URL hin auf welche Danke gesagt wird!
char danke [] = "http://usenet-4all.info/forum/showthread.php?t=637647";
doTanks(danke,&g, myHandle);
char* pidarray = (char*) malloc((g.len + 3) * sizeof (char));
strcpy(pidarray, g.ptr);
findPid(pidarray, g.len, set);
//Ab hier habe ich alle PIDS!
pushthanks(tokenarray,danke,set,myHandle);
print_cookies(myHandle);
curl_easy_cleanup(myHandle);
free(s.ptr);
free(tokenarray);
free(pidarray);
free(g.ptr);
return 0;
}
