void
oldCBCencrypt(char *key7, char *p, int len)
{
uchar ivec[8];
uchar key[8];
DESstate s;
memset(ivec, 0, 8);
des56to64((uchar*)key7, key);
setupDESstate(&s, key, ivec);
desCBCencrypt((uchar*)p, len, &s);
}
AuthInfo*
p9any(int fd)
{
char buf[1024], buf2[1024], cchal[CHALLEN], *bbuf, *p, *dom, *u;
char *pass;
char tbuf[TICKETLEN+TICKETLEN+AUTHENTLEN], trbuf[TICKREQLEN];
char authkey[DESKEYLEN];
Authenticator auth;
int afd, i, n, v2;
Ticketreq tr;
Ticket t;
AuthInfo *ai;
if((afd = open("/mnt/factotum/ctl", ORDWR)) >= 0)
return p9anyfactotum(fd, afd);
if(readstr(fd, buf, sizeof buf) < 0)
fatal(1, "cannot read p9any negotiation");
bbuf = buf;
v2 = 0;
if(strncmp(buf, "v.2 ", 4) == 0){
v2 = 1;
bbuf += 4;
}
if((p = strchr(bbuf, ' ')))
*p = 0;
p = bbuf;
if((dom = strchr(p, '@')) == nil)
fatal(1, "bad p9any domain");
*dom++ = 0;
if(strcmp(p, "p9sk1") != 0)
fatal(1, "server did not offer p9sk1");
sprint(buf2, "%s %s", p, dom);
if(write(fd, buf2, strlen(buf2)+1) != strlen(buf2)+1)
fatal(1, "cannot write user/domain choice in p9any");
if(v2){
if(readstr(fd, buf, sizeof buf) != 3)
fatal(1, "cannot read OK in p9any");
if(memcmp(buf, "OK\0", 3) != 0)
fatal(1, "did not get OK in p9any");
}
for(i=0; i<CHALLEN; i++)
cchal[i] = fastrand();
if(write(fd, cchal, 8) != 8)
fatal(1, "cannot write p9sk1 challenge");
if(readn(fd, trbuf, TICKREQLEN) != TICKREQLEN)
fatal(1, "cannot read ticket request in p9sk1");
convM2TR(trbuf, &tr);
u = user;
pass = findkey(&u, tr.authdom);
if(pass == nil)
again:
pass = getkey(u, tr.authdom);
if(pass == nil)
fatal(1, "no password");
passtokey(authkey, pass);
memset(pass, 0, strlen(pass));
tr.type = AuthTreq;
strecpy(tr.hostid, tr.hostid+sizeof tr.hostid, u);
strecpy(tr.uid, tr.uid+sizeof tr.uid, u);
convTR2M(&tr, trbuf);
if(gettickets(&tr, authkey, trbuf, tbuf) < 0)
fatal(1, "cannot get auth tickets in p9sk1");
convM2T(tbuf, &t, authkey);
if(t.num != AuthTc){
print("?password mismatch with auth server\n");
goto again;
}
memmove(tbuf, tbuf+TICKETLEN, TICKETLEN);
auth.num = AuthAc;
memmove(auth.chal, tr.chal, CHALLEN);
auth.id = 0;
convA2M(&auth, tbuf+TICKETLEN, t.key);
if(write(fd, tbuf, TICKETLEN+AUTHENTLEN) != TICKETLEN+AUTHENTLEN)
fatal(1, "cannot send ticket and authenticator back in p9sk1");
if((n=readn(fd, tbuf, AUTHENTLEN)) != AUTHENTLEN ||
memcmp(tbuf, "cpu:", 4) == 0){
if(n <= 4)
fatal(1, "cannot read authenticator in p9sk1");
/*
* didn't send back authenticator:
* sent back fatal error message.
*/
memmove(buf, tbuf, n);
i = readn(fd, buf+n, sizeof buf-n-1);
if(i > 0)
n += i;
buf[n] = 0;
werrstr("");
fatal(0, "server says: %s", buf);
}
convM2A(tbuf, &auth, t.key);
if(auth.num != AuthAs
|| memcmp(auth.chal, cchal, CHALLEN) != 0
|| auth.id != 0){
print("?you and auth server agree about password.\n");
print("?server is confused.\n");
fatal(0, "server lies got %llux.%d want %llux.%d",
*(int64_t*)auth.chal, auth.id, *(int64_t*)cchal, 0);
}
//print("i am %s there.\n", t.suid);
ai = mallocz(sizeof(AuthInfo), 1);
ai->secret = mallocz(8, 1);
des56to64((uint8_t*)t.key, ai->secret);
ai->nsecret = 8;
ai->suid = strdup(t.suid);
ai->cuid = strdup(t.cuid);
memset(authkey, 0, sizeof authkey);
return ai;
}
int
convert(char **db, int len)
{
int i, nu, keydblen, keydboff, keydbaes;
char *p = *db;
keydblen = KEYDBLEN;
keydboff = KEYDBOFF;
keydbaes = len > 24 && memcmp(p, "AES KEYS", 8) == 0;
if(keydbaes) {
keydblen += AESKEYLEN;
keydboff = 8+16; /* signature[8] + iv[16] */
}
len -= keydboff;
if(len % keydblen) {
fprint(2, "%s: file odd length; not converting %d bytes\n", argv0, len % keydblen);
len -= len % keydblen;
}
len += keydboff;
if(keydbaes) {
AESstate s;
/* make sure we have aes key for decryption */
if(memcmp(okey.aes, zeros, AESKEYLEN) == 0) {
fprint(2, "%s: no aes key in NVRAM\n", argv0);
exits("no aes key");
}
setupAESstate(&s, okey.aes, AESKEYLEN, zeros);
aesCBCdecrypt((uchar*)p+8, len-8, &s);
} else {
DESstate s;
uchar k[8];
des56to64((uchar*)okey.des, k);
setupDESstate(&s, k, zeros);
desCBCdecrypt((uchar*)p, len, &s);
}
nu = 0;
for(i = keydboff; i < len; i += keydblen) {
if (badname(&p[i])) {
fprint(2, "%s: bad name %.30s... - aborting\n", argv0, &p[i]);
exits("bad name");
}
nu++;
}
if(verb) {
for(i = keydboff; i < len; i += keydblen)
print("%s\n", &p[i]);
exits(nil);
}
if(convaes && !keydbaes) {
char *s, *d;
keydboff = 8+16;
keydblen += AESKEYLEN;
len = keydboff + keydblen*nu;
p = realloc(p, len);
if(p == nil)
error("out of memory");
*db = p;
s = p + KEYDBOFF + nu*KEYDBLEN;
d = p + keydboff + nu*keydblen;
for(i=0; i<nu; i++) {
s -= KEYDBLEN;
d -= keydblen;
memmove(d, s, KEYDBLEN);
memset(d + KEYDBLEN, 0, keydblen-KEYDBLEN);
}
keydbaes = 1;
}
genrandom((uchar*)p, keydboff);
if(keydbaes) {
AESstate s;
memmove(p, "AES KEYS", 8);
setupAESstate(&s, nkey.aes, AESKEYLEN, zeros);
aesCBCencrypt((uchar*)p+8, len-8, &s);
} else {
DESstate s;
uchar k[8];
des56to64((uchar*)nkey.des, k);
setupDESstate(&s, k, zeros);
desCBCencrypt((uchar*)p, len, &s);
}
return len;
}
