Exemplo n.º 1
0
bool record_create(record_t *record, const char *prog, int argc, char **argv)
{
    char hash_buf[SHA1_STRING_LEN];
    const char *prog_bin = prog;
    unsigned i;

    record_clear(record);

    if (strrchr(prog, '/'))
	prog_bin = strrchr(prog, '/') + 1;

    if (!sha1_file(prog, hash_buf)) return false;
    strlist_push_back(&record->prog_line, prog_bin);
    strlist_push_back(&record->prog_line, sha1_file(prog, hash_buf));
    for (i = 0; i < (unsigned)argc; ++i)
	strlist_push_back(&record->prog_line, argv[i]);

    strlist lib_list = STRLIST_INITIALIZER;
    get_libs(&lib_list, prog);
    for (i = 0; i < lib_list.count; ++i) {
	const char *lib_path = strlist_get(&lib_list, i);

	if (!sha1_file(lib_path, hash_buf)) continue;
	strlist_push_back(&record->lib_line, lib_path);
	strlist_push_back(&record->lib_line, sha1_file(lib_path, hash_buf));
    }

    record->enabled = true;
    return true;
}
Exemplo n.º 2
0
char *
crySha1File(const char *sFile, char sOutBuf[20])
{
	if (sha1_file(sFile, (unsigned char *)sOutBuf) != 0) {
		return NULL;
	}

	return sOutBuf;
}
Exemplo n.º 3
0
static int sha1_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
    return sha1_file( path, output );
#else
    ((void) path);
    ((void) output);
    return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
Exemplo n.º 4
0
CAMLprim value stub_sha1_file(value name)
{
	CAMLparam1(name);
	CAMLlocal1(result);

	result = caml_alloc_string(20);
	if (sha1_file(String_val(name), String_val(result)))
		caml_failwith("file error");

	CAMLreturn(result);
}
Exemplo n.º 5
0
static int sha1_wrapper( char *filename, unsigned char *sum )
{
    int ret = sha1_file( filename, sum );

    if( ret == 1 )
        fprintf( stderr, "failed to open: %s\n", filename );

    if( ret == 2 )
        fprintf( stderr, "failed to read: %s\n", filename );

    return( ret );
}
Exemplo n.º 6
0
static PyObject *
spam_sha1_file(PyObject *self, PyObject *args)
{
    const char *filename;
    int sts;

    if (!PyArg_ParseTuple(args, "s", &filename))
        return NULL;
    
    std::string cs;
    sts = sha1_file(filename, cs, false);
    std::cout << cs << "  " << filename << std::endl;
    return Py_BuildValue("i", sts);
}
Exemplo n.º 7
0
	uint Sha::GetFileDigest(void* digest, LPCSTR fn, SHA_BITS bits) {
		int rst;
		if(bits == sha_160) {
			rst = sha1_file((char*)fn, (byte*)digest);
		} else if(bits == sha_224) {
			rst = sha2_file((char*)fn, (byte*)digest, 1);
		} else if(bits == sha_256) {
			rst = sha2_file((char*)fn, (byte*)digest, 0);
		} else if(bits == sha_384) {
			rst = sha4_file((char*)fn, (byte*)digest, 1);
		} else if(bits == sha_512) {
			rst = sha4_file((char*)fn, (byte*)digest, 0);
		} else {
			_ASSERT(0);
			return 0;
		}
		return rst ? 0 : bits;
	}
Exemplo n.º 8
0
int main(int argc, char* argv[])
{
	FILE *infile;
	unsigned char sha1[20];
	struct stat st;

	if (argc < 2)
		usage(argv[0]);
	if (!(infile = fopen(argv[1], "rb")))
		die("Could not open %s", argv[1]);
	if (stat(argv[1], &st) < 0)
		die("Could not stat %s", argv[1]);
	if (sha1_file(infile, st.st_size, sha1) < 0)
		die("SHA1 failed");
	fclose(infile);
	print_sha1(NULL, sha1);
	printf("  %s\n", argv[1]);
	return 0;
}
Exemplo n.º 9
0
struct file_record *make_fr(const char *path, const char *follow)
{
	struct file_record *fr;
	unsigned char sha1[20];
	char xpath[PATH_MAX];
	struct stat st;
	FILE *infile;

	PHOENIXFS_DBG("make_fr:: %s", path);
	if (!(fr = malloc(sizeof(struct file_record))))
		return NULL;
	memset(fr, 0, sizeof(struct file_record));
	build_xpath(xpath, path, 0);

	if (lstat(xpath, &st) < 0) {
		PHOENIXFS_DBG("make_fr:: can't stat %s", xpath);
		free(fr);
		return NULL;
	}

	/* No point computing SHA1 of symlinks */
	if (S_ISLNK(st.st_mode)) {
		PHOENIXFS_DBG("make_fr:: link %s to %s", path, follow);
		memset(fr->sha1, 0, 20);
		strcpy((char *) fr->follow, follow);
		goto END;
	}

	/* Compute SHA1 of regular and executable files */
	if (!(infile = fopen(xpath, "rb")) ||
		(sha1_file(infile, st.st_size, sha1) < 0)) {
		free(fr);
		return NULL;
	}
	fclose(infile);
	memcpy(fr->sha1, sha1, 20);
	strcpy((char *) fr->follow, "\0");
END:
	fill_fr(fr, &st);
	return fr;
}
Exemplo n.º 10
0
static int dag_check( void * instance_struct, struct dag *d){
	struct archive_instance *a = (struct archive_instance*)instance_struct;

	unsigned char digest[SHA1_DIGEST_LENGTH];
	// Takes hash of filename and stores it in digest
	sha1_file(d->filename, digest);
	// Makes a c string copy of your hash address
	a->source_makeflow = xxstrdup(sha1_string(digest));
	// If a is in write mode using the -w flag
	if (a->write) {
		// Formats archive file directory
		char *source_makeflow_file_dir = string_format("%s/files/%.2s", a->dir, a->source_makeflow);
		// If the directory was not able to be created and directory already exists
		if (!create_dir(source_makeflow_file_dir, 0777) && errno != EEXIST){
			// Prints out a debug error
			debug(D_ERROR|D_MAKEFLOW_HOOK, "could not create makeflow archiving directory %s: %d %s\n", 
				source_makeflow_file_dir, errno, strerror(errno));
			// Frees memory for source_makeflow_file_dir
			free(source_makeflow_file_dir);
			return MAKEFLOW_HOOK_FAILURE;
		}
		// Gets the path of the archive file
		char *source_makeflow_file_path = string_format("%s/%s", source_makeflow_file_dir, a->source_makeflow);
		// Frees memory
		free(source_makeflow_file_dir);
		// If the file was unable to be copied to the new path
		if (!copy_file_to_file(d->filename, source_makeflow_file_path)){
			// Prints out debug error
			debug(D_ERROR|D_MAKEFLOW_HOOK, "Could not archive source makeflow file %s\n", source_makeflow_file_path);
			free(source_makeflow_file_path);
			return MAKEFLOW_HOOK_FAILURE;
		} else {
			// Print out where it is stored at
			debug(D_MAKEFLOW_HOOK, "Source makeflow %s stored at %s\n", d->filename, source_makeflow_file_path);
		}
		free(source_makeflow_file_path);
	}
	return MAKEFLOW_HOOK_SUCCESS;
}
Exemplo n.º 11
0
	uint Sha::GetFileDigest(void* digest,LPCWSTR fn,SHA_BITS bits){
		String str = fn;
		char buf[MAX_PATH];
		int len = str.ToMultiByte(buf,MAX_PATH,CP_THREAD_ACP);
		buf[len] = 0;
		int rst;
		if(bits==sha_160){
			rst = sha1_file(buf,(byte*)digest);
		}else if(bits==sha_224){
			rst = sha2_file(buf,(byte*)digest,1);
		}else if(bits==sha_256){
			rst = sha2_file(buf,(byte*)digest,0);
		}else if(bits==sha_384){
			rst = sha4_file(buf,(byte*)digest,1);
		}else if(bits==sha_512){
			rst = sha4_file(buf,(byte*)digest,0);
		}else{
			_ASSERT(0);
			return 0;
		} 
		return rst?0:bits;
	}
Exemplo n.º 12
0
CAMLprim value stub_sha1_file(value name)
{
	CAMLparam1(name);
	CAMLlocal1(result);

	sha1_digest digest;
	const int len = caml_string_length(name);
	char *name_dup = alloca(len);
	memcpy(name_dup, String_val(name), len);
	name_dup[len] = '\0';

	caml_release_runtime_system();
	if (sha1_file(name_dup, &digest)) {
	    caml_acquire_runtime_system();
	    caml_failwith("file error");
	}
	caml_acquire_runtime_system();
	result = caml_alloc_string(sizeof(digest));
	memcpy(String_val(result), &digest, sizeof(digest));

	CAMLreturn(result);
}
Exemplo n.º 13
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret, i, c;
    rsa_context rsa;
    unsigned char hash[20];
    unsigned char buf[512];

    ret = 1;
    if( argc != 2 )
    {
        printf( "usage: rsa_verify <filename>\n" );

#ifdef WIN32
        printf( "\n" );
#endif

        goto exit;
    }

    printf( "\n  . Reading public key from rsa_pub.txt" );
    fflush( stdout );

    if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
    {
        printf( " failed\n  ! Could not open rsa_pub.txt\n" \
                "  ! Please run rsa_genkey first\n\n" );
        goto exit;
    }

    rsa_init( &rsa, RSA_PKCS_V15, 0, NULL, NULL );

    if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
    {
        printf( " failed\n  ! mpi_read_file returned %d\n\n", ret );
        goto exit;
    }

    rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;

    fclose( f );

    /*
     * Extract the RSA signature from the text file
     */
    ret = 1;
    i = strlen( argv[1] );
    memcpy( argv[1] + i, ".sig", 5 );

    if( ( f = fopen( argv[1], "rb" ) ) == NULL )
    {
        printf( "\n  ! Could not open %s\n\n", argv[1] );
        goto exit;
    }

    argv[1][i] = '\0', i = 0;

    while( fscanf( f, "%02X", &c ) > 0 &&
           i < (int) sizeof( buf ) )
        buf[i++] = (unsigned char) c;

    fclose( f );

    if( i != rsa.len )
    {
        printf( "\n  ! Invalid RSA signature format\n\n" );
        goto exit;
    }

    /*
     * Compute the SHA-1 hash of the input file and compare
     * it with the hash decrypted from the RSA signature.
     */
    printf( "\n  . Verifying the RSA/SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
    {
        printf( " failed\n  ! Could not open or read %s\n\n", argv[1] );
        goto exit;
    }

    if( ( ret = rsa_pkcs1_verify( &rsa, RSA_PUBLIC, RSA_SHA1,
                                  20, hash, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_verify returned %d\n\n", ret );
        goto exit;
    }

    printf( "\n  . OK (the decrypted SHA-1 hash matches)\n\n" );

    ret = 0;

exit:

#ifdef WIN32
    printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout ); getchar();
#endif

    return( ret );
}
Exemplo n.º 14
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret, i;
    rsa_context rsa;
    unsigned char hash[20];
    unsigned char buf[512];

    ret = 1;

    if( argc != 2 )
    {
        printf( "usage: rsa_sign <filename>\n" );

#ifdef WIN32
        printf( "\n" );
#endif

        goto exit;
    }

    printf( "\n  . Reading private key from rsa_priv.txt" );
    fflush( stdout );

    if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
    {
        ret = 1;
        printf( " failed\n  ! Could not open rsa_priv.txt\n" \
                "  ! Please run rsa_genkey first\n\n" );
        goto exit;
    }

    rsa_init( &rsa, RSA_PKCS_V15, 0, NULL, NULL );
    
    if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
        ( ret = mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
    {
        printf( " failed\n  ! mpi_read_file returned %d\n\n", ret );
        goto exit;
    }

    rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;

    fclose( f );

    /*
     * Compute the SHA-1 hash of the input file,
     * then calculate the RSA signature of the hash.
     */
    printf( "\n  . Generating the RSA/SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
    {
        printf( " failed\n  ! Could not open or read %s\n\n", argv[1] );
        goto exit;
    }

    if( ( ret = rsa_pkcs1_sign( &rsa, RSA_PRIVATE, SIG_RSA_SHA1,
                                20, hash, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_sign returned %d\n\n", ret );
        goto exit;
    }

    /*
     * Write the signature into <filename>-sig.txt
     */
    memcpy( argv[1] + strlen( argv[1] ), ".sig", 5 );

    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
    {
        ret = 1;
        printf( " failed\n  ! Could not create %s\n\n", argv[1] );
        goto exit;
    }

    for( i = 0; i < rsa.len; i++ )
        fprintf( f, "%02X%s", buf[i],
                 ( i + 1 ) % 16 == 0 ? "\r\n" : " " );

    fclose( f );

    printf( "\n  . Done (created \"%s\")\n\n", argv[1] );

exit:

#ifdef WIN32
    printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout ); getchar();
#endif

    return( ret );
}
Exemplo n.º 15
0
static void scan_files()
{
	/* Check file changes */
	FILE *tmp_output = fopen("/tmp/.nlidout","w");
	FILE *data_file = NULL;
	struct stat file_mode;
	char *enc_buf = NULL;
	char *dec_buf = NULL;

	if(verbose)
		printf("Scanning\n");

	if(lstat(encrypted_file, &file_mode)==-1)
	{
		fprintf(stderr, "Failed opening %s for scan procedure\n",encrypted_file);
		return;
	}

	data_file = fopen(encrypted_file,"r");
	if(!data_file)
	{
		fprintf(stderr, "Failed opening %s for scan procedure\n",encrypted_file);
		return;
	}


	enc_buf = malloc(file_mode.st_size+1);
	fread(enc_buf, 1, file_mode.st_size, data_file);

	fclose(data_file);

	dec_buf = encrypt_nl(enc_buf, file_mode.st_size);
	fwrite(dec_buf, 1, file_mode.st_size, tmp_output);
	fclose(tmp_output);

	data_file = fopen("/tmp/.nlidout","r");
	while(!feof(data_file))
	{
		char *line_buf = malloc(1024);
		char *filename = NULL;
		char *last_space = NULL;
		char *thash = NULL;
		char *hash = NULL;

		if(!fgets(line_buf, 1024, data_file)) /* Possible newline at the end of the file */
		{
			free(line_buf);
			break;
		}

		filename = line_buf;
		last_space = strstr(line_buf, " ");

		if(!last_space)
		{
			fprintf(stderr, "Failed scanning file, possibly corrupted\n");
			free(line_buf);
			return;
		}

		while(!hash)
		{
			char *buf = NULL;
			if((buf = strstr(last_space," "))==NULL) /* There are no more spaces so! */
			{
				filename[last_space-filename-1] = '\0';
				hash = last_space;
				hash[strlen(hash)-1] = '\0';
			}
			else
				last_space = buf+1;
		}

		thash = sha1_file(filename);
		if(thash) /* Might be a protected file, or it might not exist! */
		{
			if(verbose)
				printf("Checking %s - %s against %s\n",filename, thash, hash);
			if(strcmp(thash,hash)!=0)
			{
				printf("%s has been modified\n",filename);
			}
			free(thash);
		}
		else
		{
			printf("%s couldn't be open, may of been deleted\n",filename);
		}
		free(line_buf);
		unlink("/tmp/.nlidout");
	}
}
Exemplo n.º 16
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret = 1;
    pk_context pk;
    entropy_context entropy;
    ctr_drbg_context ctr_drbg;
    unsigned char hash[20];
    unsigned char buf[POLARSSL_MPI_MAX_SIZE];
    char filename[512];
    const char *pers = "pk_sign";
    size_t olen = 0;

    entropy_init( &entropy );
    pk_init( &pk );

    if( argc != 3 )
    {
        polarssl_printf( "usage: pk_sign <key_file> <filename>\n" );

#if defined(_WIN32)
        polarssl_printf( "\n" );
#endif

        goto exit;
    }

    polarssl_printf( "\n  . Seeding the random number generator..." );
    fflush( stdout );

    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
    {
        polarssl_printf( " failed\n  ! ctr_drbg_init returned -0x%04x\n", -ret );
        goto exit;
    }

    polarssl_printf( "\n  . Reading private key from '%s'", argv[1] );
    fflush( stdout );

    if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
    {
        ret = 1;
        polarssl_printf( " failed\n  ! Could not open '%s'\n", argv[1] );
        goto exit;
    }

    /*
     * Compute the SHA-1 hash of the input file,
     * then calculate the signature of the hash.
     */
    polarssl_printf( "\n  . Generating the SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
    {
        polarssl_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
        goto exit;
    }

    if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
                         ctr_drbg_random, &ctr_drbg ) ) != 0 )
    {
        polarssl_printf( " failed\n  ! pk_sign returned -0x%04x\n", -ret );
        goto exit;
    }

    /*
     * Write the signature into <filename>-sig.txt
     */
    snprintf( filename, sizeof(filename), "%s.sig", argv[2] );

    if( ( f = fopen( filename, "wb+" ) ) == NULL )
    {
        ret = 1;
        polarssl_printf( " failed\n  ! Could not create %s\n\n", filename );
        goto exit;
    }

    if( fwrite( buf, 1, olen, f ) != olen )
    {
        polarssl_printf( "failed\n  ! fwrite failed\n\n" );
        goto exit;
    }

    fclose( f );

    polarssl_printf( "\n  . Done (created \"%s\")\n\n", filename );

exit:
    pk_free( &pk );
    ctr_drbg_free( &ctr_drbg );
    entropy_free( &entropy );

#if defined(POLARSSL_ERROR_C)
    polarssl_strerror( ret, (char *) buf, sizeof(buf) );
    polarssl_printf( "  !  Last error was: %s\n", buf );
#endif

#if defined(_WIN32)
    polarssl_printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout );
    getchar();
#endif

    return( ret );
}
Exemplo n.º 17
0
static int phoenixfs_release(const char *path, struct fuse_file_info *fi)
{
	struct file_record *fr;
	FILE *infile, *outfile;
	struct stat st;
	unsigned char sha1[20];
	char sha1_digest[40];
	char outfilename[40];
	char inpath[PATH_MAX];
	char outpath[PATH_MAX];
	int rev, ret;

	pthread_mutex_lock(&phoenixfs_mutexlock);

	/* Don't recursively backup history */
	if ((rev = parse_pathspec(xpath, path))) {
		PHOENIXFS_DBG("release:: history: %s", path);

		/* Inflate the original version back onto the filesystem */
		if (!(fr = find_fr(xpath, 0))) {
			PHOENIXFS_DBG("release:: Can't find revision 0!");
			pthread_mutex_unlock(&phoenixfs_mutexlock);
			return 0;
		}
		print_sha1(sha1_digest, fr->sha1);
		sprintf(inpath, "%s/.git/loose/%s", ROOTENV->fsback, sha1_digest);
		build_xpath(outpath, xpath, 0);

		if (!(infile = fopen(inpath, "rb")) ||
			!(outfile = fopen(outpath, "wb+"))) {
			pthread_mutex_unlock(&phoenixfs_mutexlock);
			return -errno;
		}
		PHOENIXFS_DBG("release:: history: zinflate %s onto %s",
			sha1_digest, outpath);
		rewind(infile);
		rewind(outfile);
		if (zinflate(infile, outfile) != Z_OK)
			PHOENIXFS_DBG("release:: zinflate issue");
		fflush(outfile);
		fclose(infile);
		fclose(outfile);

		if (close(fi->fh) < 0) {
			PHOENIXFS_DBG("release:: can't really close");
			pthread_mutex_unlock(&phoenixfs_mutexlock);
			return -errno;
		}
		pthread_mutex_unlock(&phoenixfs_mutexlock);
		return 0;
	}

	/* Attempt to create a backup */
	build_xpath(xpath, path, 0);
	if (!(infile = fopen(xpath, "rb")) ||
		(lstat(xpath, &st) < 0)) {
		pthread_mutex_unlock(&phoenixfs_mutexlock);
		return -errno;
	}
	if ((ret = sha1_file(infile, st.st_size, sha1)) < 0) {
		fclose(infile);
		pthread_mutex_unlock(&phoenixfs_mutexlock);
		return ret;
	}
	print_sha1(outfilename, sha1);
	sprintf(outpath, "%s/.git/loose/%s", ROOTENV->fsback, outfilename);
	if (!access(outpath, F_OK)) {
		/* SHA1 match; don't overwrite file as an optimization */
		PHOENIXFS_DBG("release:: not overwriting: %s", outpath);
		goto END;
	}
	if (!(outfile = fopen(outpath, "wb"))) {
		fclose(infile);
		pthread_mutex_unlock(&phoenixfs_mutexlock);
		return -errno;
	}

	/* Rewind and seek back */
	rewind(infile);
	PHOENIXFS_DBG("release:: zdeflate %s onto %s", xpath, outfilename);
	if (zdeflate(infile, outfile, -1) != Z_OK)
		PHOENIXFS_DBG("release:: zdeflate issue");
	mark_for_packing(sha1, st.st_size);
	fclose(outfile);
END:
	fclose(infile);
	if (close(fi->fh) < 0) {
		PHOENIXFS_DBG("release:: can't really close");
		return -errno;
	}

	/* Update the fstree */
	fstree_insert_update_file(path, NULL);

	pthread_mutex_unlock(&phoenixfs_mutexlock);
	return 0;
}
Exemplo n.º 18
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret = 1;
    size_t i;
    pk_context pk;
    unsigned char hash[20];
    unsigned char buf[POLARSSL_MPI_MAX_SIZE];
    char filename[512];

    pk_init( &pk );

    if( argc != 3 )
    {
        printf( "usage: pk_verify <key_file> <filename>\n" );

#if defined(_WIN32)
        printf( "\n" );
#endif

        goto exit;
    }

    printf( "\n  . Reading public key from '%s'", argv[1] );
    fflush( stdout );

    if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
    {
        printf( " failed\n  ! pk_parse_public_keyfile returned -0x%04x\n", -ret );
        goto exit;
    }

    /*
     * Extract the signature from the text file
     */
    ret = 1;
    snprintf( filename, sizeof(filename), "%s.sig", argv[2] );

    if( ( f = fopen( filename, "rb" ) ) == NULL )
    {
        printf( "\n  ! Could not open %s\n\n", filename );
        goto exit;
    }


    i = fread( buf, 1, sizeof(buf), f );

    fclose( f );

    /*
     * Compute the SHA-1 hash of the input file and compare
     * it with the hash decrypted from the signature.
     */
    printf( "\n  . Verifying the SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
    {
        printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
        goto exit;
    }

    if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
                           buf, i ) ) != 0 )
    {
        printf( " failed\n  ! pk_verify returned -0x%04x\n", -ret );
        goto exit;
    }

    printf( "\n  . OK (the decrypted SHA-1 hash matches)\n\n" );

    ret = 0;

exit:
    pk_free( &pk );

#if defined(POLARSSL_ERROR_C)
    polarssl_strerror( ret, (char *) buf, sizeof(buf) );
    printf( "  !  Last error was: %s\n", buf );
#endif

#if defined(_WIN32)
    printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout ); getchar();
#endif

    return( ret );
}
Exemplo n.º 19
0
static int verify_chunk_checksums(struct backup *backup, struct backup_chunk *chunk,
                                  struct gzuncat *gzuc, int verbose, FILE *out)
{
    int r;

    if (out && verbose)
        fprintf(out, "checking chunk %d checksums...\n", chunk->id);

    /* validate file-prior-to-this-chunk checksum */
    if (out && verbose > 1)
        fprintf(out, "  checking file checksum...\n");
    char file_sha1[2 * SHA1_DIGEST_LENGTH + 1];
    sha1_file(backup->fd, backup->data_fname, chunk->offset, file_sha1);
    r = strncmp(chunk->file_sha1, file_sha1, sizeof(file_sha1));
    if (r) {
        syslog(LOG_DEBUG, "%s: %s (chunk %d) file checksum mismatch: %s on disk, %s in index\n",
                __func__, backup->data_fname, chunk->id, file_sha1, chunk->file_sha1);
        if (out)
            fprintf(out, "file checksum mismatch for chunk %d: %s on disk, %s in index\n",
                    chunk->id, file_sha1, chunk->file_sha1);
        goto done;
    }

    /* validate data-within-this-chunk checksum */
    // FIXME length and data_sha1 are set at backup_append_end.
    //       detect and correctly report case where this hasn't occurred.
    if (out && verbose > 1)
        fprintf(out, "  checking data length\n");
    char buf[8192]; /* FIXME whatever */
    size_t len = 0;
    SHA_CTX sha_ctx;
    SHA1_Init(&sha_ctx);
    gzuc_member_start_from(gzuc, chunk->offset);
    while (!gzuc_member_eof(gzuc)) {
        ssize_t n = gzuc_read(gzuc, buf, sizeof(buf));
        if (n >= 0) {
            SHA1_Update(&sha_ctx, buf, n);
            len += n;
        }
    }
    gzuc_member_end(gzuc, NULL);
    if (len != chunk->length) {
        syslog(LOG_DEBUG, "%s: %s (chunk %d) data length mismatch: "
                        SIZE_T_FMT " on disk,"
                        SIZE_T_FMT " in index\n",
                __func__, backup->data_fname, chunk->id, len, chunk->length);
        if (out)
            fprintf(out, "data length mismatch for chunk %d: "
                         SIZE_T_FMT " on disk,"
                         SIZE_T_FMT " in index\n",
                    chunk->id, len, chunk->length);
        r = -1;
        goto done;
    }

    if (out && verbose > 1)
        fprintf(out, "  checking data checksum...\n");
    unsigned char sha1_raw[SHA1_DIGEST_LENGTH];
    char data_sha1[2 * SHA1_DIGEST_LENGTH + 1];
    SHA1_Final(sha1_raw, &sha_ctx);
    r = bin_to_hex(sha1_raw, SHA1_DIGEST_LENGTH, data_sha1, BH_LOWER);
    assert(r == 2 * SHA1_DIGEST_LENGTH);
    r = strncmp(chunk->data_sha1, data_sha1, sizeof(data_sha1));
    if (r) {
        syslog(LOG_DEBUG, "%s: %s (chunk %d) data checksum mismatch: %s on disk, %s in index\n",
                __func__, backup->data_fname, chunk->id, data_sha1, chunk->data_sha1);
        if (out)
            fprintf(out, "data checksum mismatch for chunk %d: %s on disk, %s in index\n",
                    chunk->id, data_sha1, chunk->data_sha1);
        goto done;
    }

done:
    syslog(LOG_DEBUG, "%s: checksum %s!\n", __func__, r ? "failed" : "passed");
    if (out && verbose)
        fprintf(out, "%s\n", r ? "error" : "ok");
    return r;
}
Exemplo n.º 20
0
static void add_file(char *file, int recursive)
{
	char buf[16] = { '\0' }; /* Buffing of a different nature! */
	struct stat file_mode;
	char *hash = NULL;
	char *ftwrite = NULL;
	char *encrypted = NULL;
	memset(buf,' ', (recursive-1)*2);

	if((lstat(file, &file_mode)) == -1)
	{
      fprintf(stderr,"%sCouldn't add %s\n",buf,file);	
		return;
	}

	if(S_ISDIR(file_mode.st_mode))
	{
		struct dirent *dir = NULL;
		DIR *c_dir = NULL;

		if(recursive>=16)  /* 16 levels of recursion */
		{
			fprintf(stderr,"%sHit 16 levels of recursion- stopping here\n",buf);
			return;
		}

		if(verbose)
			printf("%sInside %s\n",buf,file);
		c_dir = opendir(file);
		if(!c_dir) /* Empty dir... I hope */
			return;

		while((dir = readdir(c_dir))!=NULL)
		{
			if(strcmp(dir->d_name,".")!=0 && strcmp(dir->d_name,"..")!=0)
			{
				char *fname = malloc(strlen(file)+strlen(dir->d_name)+2); /* \0 and / */
				if(file[strlen(file)-1]!='/')
					sprintf(fname, "%s/%s",file, dir->d_name);
				else
					sprintf(fname, "%s%s",file, dir->d_name);
				add_file(fname, recursive+1);
				free(fname);
			}
		}
		return;
	}
	else if(!S_ISREG(file_mode.st_mode))
	{
		fprintf(stderr, "Not adding unregular file %s\n", file);
		return;
	}
	if(tmp_file==NULL)
	{
		struct stat tmp_file_mode;
		tmp_file = fopen(encrypted_file,"a+");

		if(!tmp_file)
		{
			fprintf(stderr, "Failed creating temporary file - fatal error\n");
			exit(0);
		}

		if(lstat(encrypted_file,&tmp_file_mode)==-1)
		{
			fprintf(stderr, "Failed statting the encrypted file - fatal error\n");
			exit(0);
		}
		if(tmp_file_mode.st_size>0)
		{
			char *file_contents = NULL;
			fseek(tmp_file,0,SEEK_SET);
			file_contents = malloc(tmp_file_mode.st_size+1);
			fread(file_contents,1,tmp_file_mode.st_size,tmp_file);
			decrypted_buf = encrypt_nl(file_contents, tmp_file_mode.st_size); /* SHOULD BE DECRYPRY!T */
			free(file_contents);
			fclose(tmp_file);
			tmp_file = fopen(encrypted_file, "w");
		}
	}

	hash = sha1_file(file);
	if(!hash)
	{
		fprintf(stderr, "Couldn't add %s - Failed to hash\n",file);
		return;
	}

	/* Check to see if the file is already being looked after */
	if(decrypted_buf)
	{
		char *offset = NULL;
		if((offset = strstr(decrypted_buf, file))!=NULL)
		{
			if(strncmp(offset, file, strlen(file)) == 0)
			{
				/* Now check to make sure that the hash is the same */
				if(strncmp(offset+strlen(file)+1,hash,40)!=0)
				{
					if(!updates)
					{
						fprintf(stderr, "%s the hash isn't the same as the one currently stored. To force an update use the `-u` command arguement.\n",file);	
						free(hash);
						return;
					}
					else
					{
						if(verbose) /* Since we will encrypt and write the decrypted text back to the file, we just memcpy the new hash. */
						{
							printf("Updating %s\n",file);
						}
						memcpy(offset+strlen(file)+1,hash,40);
						free(hash);
					}
					return;
				}
				else
				{
					printf("Hash is the same %s - %s\n",offset+strlen(file)+1, hash);
					free(hash);
					return;
				}
			}
			free(hash);
			return;
		}
	}

	ftwrite = malloc(strlen(file)+strlen(hash)+3);
	sprintf(ftwrite,"%s %s\n",file, hash);
	encrypted = encrypt_nl(ftwrite,strlen(file)+strlen(hash)+2);
	fwrite(encrypted,1,strlen(file)+strlen(hash)+2,tmp_file);
	if(verbose)
		printf("%sAdded %s\n",buf,file);

	free(encrypted);
	free(ftwrite);
	free(hash);
}
static int interpolate (chirp_jobid_t id, char task_path[CHIRP_PATH_MAX], char serv_path[CHIRP_PATH_MAX])
{
	int rc;
	char *mark;

	for (mark = serv_path; (mark = strchr(mark, '%')); ) {
		switch (mark[1]) {
			case 'g':
			case 'h':
			case 's':
			{
				/* replace with hash of task_path */
				unsigned char digest[SHA1_DIGEST_LENGTH];
				if (mark[1] == 'h')
					CATCHUNIX(sha1_file(task_path, digest) ? 0 : -1);
				else if (mark[1] == 'g')
					sqlite3_randomness(SHA1_DIGEST_LENGTH, digest);
				else if (mark[1] == 's') {
					struct stat64 buf;
					CATCHUNIX(stat64(task_path, &buf));
					if (buf.st_size <= MAX_SIZE_HASH) {
						CATCHUNIX(sha1_file(task_path, digest) ? 0 : -1);
					} else {
						sqlite3_randomness(SHA1_DIGEST_LENGTH, digest);
					}
				}

				if (strlen(serv_path)+sizeof(digest)*2 < CHIRP_PATH_MAX) {
					size_t i;
					memmove(mark+sizeof(digest)*2, mark+2, strlen(mark+2)+1);
					for (i = 0; i < sizeof(digest); i++) {
						char hex[3];
						CATCHUNIX(snprintf(hex, sizeof(hex), "%02X", (unsigned int)digest[i]));
						assert(rc == 2);
						mark[i*2] = hex[0];
						mark[i*2+1] = hex[1];
					}
					mark += sizeof(digest)*2;
				} else {
					CATCH(ENAMETOOLONG);
				}
				break;
			}
			case 'j':
			{
				char str[64];
				CATCHUNIX(snprintf(str, sizeof(str), "%" PRICHIRP_JOBID_T, id));
				assert((size_t)rc < sizeof(str));
				if (strlen(serv_path)+strlen(str) < CHIRP_PATH_MAX) {
					memmove(mark+strlen(str), mark+2, strlen(mark+2)+1);
					memcpy(mark, str, strlen(str));
					mark += strlen(str);
				} else {
					CATCH(ENAMETOOLONG);
				}
				break;
			}
			default:
				mark += 1; /* ignore */
				break;
		}
	}

	rc = 0;
	goto out;
out:
	return rc;
}
Exemplo n.º 22
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret = 1;
    rsa_context rsa;
    entropy_context entropy;
    ctr_drbg_context ctr_drbg;
    unsigned char hash[20];
    unsigned char buf[POLARSSL_MPI_MAX_SIZE];
    char filename[512];
    const char *pers = "rsa_sign_pss";

    entropy_init( &entropy );
    rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );

    if( argc != 3 )
    {
        printf( "usage: rsa_sign_pss <key_file> <filename>\n" );

#if defined(_WIN32)
        printf( "\n" );
#endif

        goto exit;
    }

    printf( "\n  . Seeding the random number generator..." );
    fflush( stdout );

    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
    {
        printf( " failed\n  ! ctr_drbg_init returned %d\n", ret );
        goto exit;
    }

    printf( "\n  . Reading private key from '%s'", argv[1] );
    fflush( stdout );

    if( ( ret = x509parse_keyfile( &rsa, argv[1], "" ) ) != 0 )
    {
        ret = 1;
        printf( " failed\n  ! Could not open '%s'\n", argv[1] );
        goto exit;
    }

    /*
     * Compute the SHA-1 hash of the input file,
     * then calculate the RSA signature of the hash.
     */
    printf( "\n  . Generating the RSA/SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
    {
        printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
        goto exit;
    }

    if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg,
                                RSA_PRIVATE, SIG_RSA_SHA1,
                                20, hash, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_sign returned %d\n\n", ret );
        goto exit;
    }

    /*
     * Write the signature into <filename>-sig.txt
     */
    snprintf( filename, 512, "%s.sig", argv[2] );

    if( ( f = fopen( filename, "wb+" ) ) == NULL )
    {
        ret = 1;
        printf( " failed\n  ! Could not create %s\n\n", filename );
        goto exit;
    }

    if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len )
    {
        printf( "failed\n  ! fwrite failed\n\n" );
        goto exit;
    }

    fclose( f );

    printf( "\n  . Done (created \"%s\")\n\n", filename );

exit:

#if defined(_WIN32)
    printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout ); getchar();
#endif

    return( ret );
}
Exemplo n.º 23
0
int main( int argc, char *argv[] )
{
    FILE *f;
    int ret;
    size_t i;
    rsa_context rsa;
    unsigned char hash[20];
    unsigned char buf[512];
    char filename[512];

    ret = 1;
    if( argc != 3 )
    {
        printf( "usage: rsa_verify_pss <key_file> <filename>\n" );

#ifdef WIN32
        printf( "\n" );
#endif

        goto exit;
    }

    printf( "\n  . Reading public key from '%s'", argv[1] );
    fflush( stdout );

    rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );

    if( ( ret = x509parse_public_keyfile( &rsa, argv[1] ) ) != 0 )
    {
        printf( " failed\n  ! x509parse_public_key returned %d\n\n", ret );
        goto exit;
    }

    /*
     * Extract the RSA signature from the text file
     */
    ret = 1;
    snprintf( filename, 512, "%s.sig", argv[2] );

    if( ( f = fopen( filename, "rb" ) ) == NULL )
    {
        printf( "\n  ! Could not open %s\n\n", filename );
        goto exit;
    }

    i = fread( buf, 1, rsa.len, f );

    fclose( f );

    if( i != rsa.len )
    {
        printf( "\n  ! Invalid RSA signature format\n\n" );
        goto exit;
    }

    /*
     * Compute the SHA-1 hash of the input file and compare
     * it with the hash decrypted from the RSA signature.
     */
    printf( "\n  . Verifying the RSA/SHA-1 signature" );
    fflush( stdout );

    if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
    {
        printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
        goto exit;
    }

    if( ( ret = rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1,
                                  20, hash, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_verify returned %d\n\n", ret );
        goto exit;
    }

    printf( "\n  . OK (the decrypted SHA-1 hash matches)\n\n" );

    ret = 0;

exit:

#ifdef WIN32
    printf( "  + Press Enter to exit this program.\n" );
    fflush( stdout ); getchar();
#endif

    return( ret );
}