void parse_opts(int argc, char** argv) { int ch; // Parse the options/switches while ((ch = getopt(argc, argv, "v:k:m:?")) != -1) switch (ch) { case 'k': key = optarg; loadkey( key ); break; case 'm': str = optarg; break; case 'v': initv = optarg; loadMessage(initv); break; case '?': default: usage(); break; } }
static int check_response(char *challenge, char *response, char *key) { char buf[20]; #ifdef KOONTZ_DES extern void des (union LR_block *); extern void loadkey(char *,int); extern void set_des_mode(int); union LR_block data; strncpy((char *)data.string, (char *)challenge, 8); set_des_mode(ENCRYPT); loadkey(key, NOSHIFT); des(&data); memset(key, 0, 8); /* no need for the secret key anymore, scratch it */ sprintf(buf, "%2.2X%2.2X%2.2X%2.2X", (int)(data.LR[0]) & 0xff, (int)(data.LR[0]>>8) & 0xff, (int)(data.LR[0]>>16) & 0xff, (int)(data.LR[0]>>24) & 0xff); #endif /* KOONTZ_DES */ #ifdef EAY_LIBDES des_cblock res; des_key_schedule ks; des_set_key((des_cblock *)key, ks); memset(key, 0, 8); des_ecb_encrypt((des_cblock *)challenge, &res, ks, DES_ENCRYPT); #ifdef LITTLE_ENDIAN /* use this on Intel x86 boxes */ sprintf(buf, "%2.2X%2.2X%2.2X%2.2X", res[0], res[1], res[2], res[3]); #else /* ie. BIG_ENDIAN */ /* use this on big endian RISC boxes */ sprintf(buf, "%2.2X%2.2X%2.2X%2.2X", res[3], res[2], res[1], res[0]); #endif /* LITTLE_ENDIAN */ #endif /* EAY_LIBDES */ /* return success only if ALL requirements have been met */ if (strncmp(buf, response, 8) == 0) return 1; return 0; }
int main(int argc, char **argv) { char *algname = NULL, *classname = NULL; char *filename = NULL, *dir = NULL, *namestr; char *lookaside = NULL; char *endp; int ch; unsigned int dtype = DNS_DSDIGEST_SHA1; isc_boolean_t both = ISC_TRUE; isc_boolean_t usekeyset = ISC_FALSE; isc_boolean_t showall = ISC_FALSE; isc_result_t result; isc_log_t *log = NULL; isc_entropy_t *ectx = NULL; dns_rdataset_t rdataset; dns_rdata_t rdata; dns_rdata_init(&rdata); if (argc == 1) usage(); result = isc_mem_create(0, 0, &mctx); if (result != ISC_R_SUCCESS) fatal("out of memory"); dns_result_register(); isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, "12Aa:c:d:Ff:K:l:sv:h")) != -1) { switch (ch) { case '1': dtype = DNS_DSDIGEST_SHA1; both = ISC_FALSE; break; case '2': dtype = DNS_DSDIGEST_SHA256; both = ISC_FALSE; break; case 'A': showall = ISC_TRUE; break; case 'a': algname = isc_commandline_argument; both = ISC_FALSE; break; case 'c': classname = isc_commandline_argument; break; case 'd': fprintf(stderr, "%s: the -d option is deprecated; " "use -K\n", program); /* fall through */ case 'K': dir = isc_commandline_argument; if (strlen(dir) == 0U) fatal("directory must be non-empty string"); break; case 'f': filename = isc_commandline_argument; break; case 'l': lookaside = isc_commandline_argument; if (strlen(lookaside) == 0U) fatal("lookaside must be a non-empty string"); break; case 's': usekeyset = ISC_TRUE; break; case 'v': verbose = strtol(isc_commandline_argument, &endp, 0); if (*endp != '\0') fatal("-v must be followed by a number"); break; case 'F': /* Reserved for FIPS mode */ /* FALLTHROUGH */ case '?': if (isc_commandline_option != '?') fprintf(stderr, "%s: invalid argument -%c\n", program, isc_commandline_option); /* FALLTHROUGH */ case 'h': usage(); default: fprintf(stderr, "%s: unhandled option -%c\n", program, isc_commandline_option); exit(1); } } if (algname != NULL) { if (strcasecmp(algname, "SHA1") == 0 || strcasecmp(algname, "SHA-1") == 0) dtype = DNS_DSDIGEST_SHA1; else if (strcasecmp(algname, "SHA256") == 0 || strcasecmp(algname, "SHA-256") == 0) dtype = DNS_DSDIGEST_SHA256; #ifdef HAVE_OPENSSL_GOST else if (strcasecmp(algname, "GOST") == 0) dtype = DNS_DSDIGEST_GOST; #endif else if (strcasecmp(algname, "SHA384") == 0 || strcasecmp(algname, "SHA-384") == 0) dtype = DNS_DSDIGEST_SHA384; else fatal("unknown algorithm %s", algname); } rdclass = strtoclass(classname); if (usekeyset && filename != NULL) fatal("cannot use both -s and -f"); /* When not using -f, -A is implicit */ if (filename == NULL) showall = ISC_TRUE; if (argc < isc_commandline_index + 1 && filename == NULL) fatal("the key file name was not specified"); if (argc > isc_commandline_index + 1) fatal("extraneous arguments"); if (ectx == NULL) setup_entropy(mctx, NULL, &ectx); result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE); if (result != ISC_R_SUCCESS) fatal("could not initialize hash"); result = dst_lib_init(mctx, ectx, ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY); if (result != ISC_R_SUCCESS) fatal("could not initialize dst: %s", isc_result_totext(result)); isc_entropy_stopcallbacksources(ectx); setup_logging(verbose, mctx, &log); dns_rdataset_init(&rdataset); if (usekeyset || filename != NULL) { if (argc < isc_commandline_index + 1 && filename != NULL) { /* using zone name as the zone file name */ namestr = filename; } else namestr = argv[isc_commandline_index]; result = initname(namestr); if (result != ISC_R_SUCCESS) fatal("could not initialize name %s", namestr); if (usekeyset) result = loadkeyset(dir, &rdataset); else result = loadsetfromfile(filename, &rdataset); if (result != ISC_R_SUCCESS) fatal("could not load DNSKEY set: %s\n", isc_result_totext(result)); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) { dns_rdata_init(&rdata); dns_rdataset_current(&rdataset, &rdata); if (verbose > 2) logkey(&rdata); if (both) { emit(DNS_DSDIGEST_SHA1, showall, lookaside, &rdata); emit(DNS_DSDIGEST_SHA256, showall, lookaside, &rdata); } else emit(dtype, showall, lookaside, &rdata); } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; loadkey(argv[isc_commandline_index], key_buf, DST_KEY_MAXSIZE, &rdata); if (both) { emit(DNS_DSDIGEST_SHA1, showall, lookaside, &rdata); emit(DNS_DSDIGEST_SHA256, showall, lookaside, &rdata); } else emit(dtype, showall, lookaside, &rdata); } if (dns_rdataset_isassociated(&rdataset)) dns_rdataset_disassociate(&rdataset); cleanup_logging(&log); dst_lib_destroy(); isc_hash_destroy(); cleanup_entropy(&ectx); dns_name_destroy(); if (verbose > 10) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); fflush(stdout); if (ferror(stdout)) { fprintf(stderr, "write error\n"); return (1); } else return (0); }
int main(int argc, char **argv) { int n, payloadlen, offset, plen, c; UCHAR encrypted[BLEN], plaintext[BLEN]; UCHAR sender_pubkey[crypto_box_PUBLICKEYBYTES]; UCHAR receiver_secretkey[crypto_box_SECRETKEYBYTES]; UCHAR nonce[crypto_box_NONCEBYTES]; char message[BLEN], *m; char *p, *b_text, *b_nonce; char *delimiters = ":"; if (argc != 3) { fprintf(stderr, "Usage: %s FROMpubkey-file TOprivkey-file\n", *argv); return (1); } sodium_init(); if (loadkey(argv[1], sender_pubkey, crypto_box_PUBLICKEYBYTES) != crypto_box_PUBLICKEYBYTES) { fprintf(stderr, "Can't load %s: size mismatch\n", argv[1]); exit(2); } if (loadkey(argv[2], receiver_secretkey, crypto_box_SECRETKEYBYTES) != crypto_box_SECRETKEYBYTES) { fprintf(stderr, "Can't load %s: size mismatch\n", argv[2]); exit(2); } // dumpkeys(receiver_secretkey, sender_pubkey); /* Read stdin for message consisting of b64nonce : b64crypted */ for (c = fgetc(stdin), p = message, n = 0; (n < BLEN) && (c != EOF); c = fgetc(stdin), n++) { *p++ = c; *p = 0; } /* Warning: message string is being altered by strsep() */ m = message; b_nonce = strsep(&m, delimiters); b_text = strsep(&m, delimiters); n = base64_decode(b_nonce, nonce); assert(n == crypto_box_NONCEBYTES); #if 0 /* * PyNacl's encrypted output contains the nonce in the first * 24 octets of the encrypted result. I'm pointing `nonce' * to the beginning of that buffer. */ offset = crypto_box_NONCEBYTES; #endif offset = 0; n = base64_decode(b_text, encrypted); if (n < 0) { fprintf(stderr, "b64decode failed to decode payload\n"); exit(1); } payloadlen = n - offset; plen = decrypt(plaintext, sender_pubkey, receiver_secretkey, nonce, encrypted + offset, payloadlen); if (plen < 0) { fprintf(stderr, "Cannot decrypt payload\n"); exit(1); } write(1, plaintext, plen); return 0; }