void oldCBCencrypt(char *key7, char *p, int len) { uchar ivec[8]; uchar key[8]; DESstate s; memset(ivec, 0, 8); des56to64((uchar*)key7, key); setupDESstate(&s, key, ivec); desCBCencrypt((uchar*)p, len, &s); }
AuthInfo* p9any(int fd) { char buf[1024], buf2[1024], cchal[CHALLEN], *bbuf, *p, *dom, *u; char *pass; char tbuf[TICKETLEN+TICKETLEN+AUTHENTLEN], trbuf[TICKREQLEN]; char authkey[DESKEYLEN]; Authenticator auth; int afd, i, n, v2; Ticketreq tr; Ticket t; AuthInfo *ai; if((afd = open("/mnt/factotum/ctl", ORDWR)) >= 0) return p9anyfactotum(fd, afd); if(readstr(fd, buf, sizeof buf) < 0) fatal(1, "cannot read p9any negotiation"); bbuf = buf; v2 = 0; if(strncmp(buf, "v.2 ", 4) == 0){ v2 = 1; bbuf += 4; } if((p = strchr(bbuf, ' '))) *p = 0; p = bbuf; if((dom = strchr(p, '@')) == nil) fatal(1, "bad p9any domain"); *dom++ = 0; if(strcmp(p, "p9sk1") != 0) fatal(1, "server did not offer p9sk1"); sprint(buf2, "%s %s", p, dom); if(write(fd, buf2, strlen(buf2)+1) != strlen(buf2)+1) fatal(1, "cannot write user/domain choice in p9any"); if(v2){ if(readstr(fd, buf, sizeof buf) != 3) fatal(1, "cannot read OK in p9any"); if(memcmp(buf, "OK\0", 3) != 0) fatal(1, "did not get OK in p9any"); } for(i=0; i<CHALLEN; i++) cchal[i] = fastrand(); if(write(fd, cchal, 8) != 8) fatal(1, "cannot write p9sk1 challenge"); if(readn(fd, trbuf, TICKREQLEN) != TICKREQLEN) fatal(1, "cannot read ticket request in p9sk1"); convM2TR(trbuf, &tr); u = user; pass = findkey(&u, tr.authdom); if(pass == nil) again: pass = getkey(u, tr.authdom); if(pass == nil) fatal(1, "no password"); passtokey(authkey, pass); memset(pass, 0, strlen(pass)); tr.type = AuthTreq; strecpy(tr.hostid, tr.hostid+sizeof tr.hostid, u); strecpy(tr.uid, tr.uid+sizeof tr.uid, u); convTR2M(&tr, trbuf); if(gettickets(&tr, authkey, trbuf, tbuf) < 0) fatal(1, "cannot get auth tickets in p9sk1"); convM2T(tbuf, &t, authkey); if(t.num != AuthTc){ print("?password mismatch with auth server\n"); goto again; } memmove(tbuf, tbuf+TICKETLEN, TICKETLEN); auth.num = AuthAc; memmove(auth.chal, tr.chal, CHALLEN); auth.id = 0; convA2M(&auth, tbuf+TICKETLEN, t.key); if(write(fd, tbuf, TICKETLEN+AUTHENTLEN) != TICKETLEN+AUTHENTLEN) fatal(1, "cannot send ticket and authenticator back in p9sk1"); if((n=readn(fd, tbuf, AUTHENTLEN)) != AUTHENTLEN || memcmp(tbuf, "cpu:", 4) == 0){ if(n <= 4) fatal(1, "cannot read authenticator in p9sk1"); /* * didn't send back authenticator: * sent back fatal error message. */ memmove(buf, tbuf, n); i = readn(fd, buf+n, sizeof buf-n-1); if(i > 0) n += i; buf[n] = 0; werrstr(""); fatal(0, "server says: %s", buf); } convM2A(tbuf, &auth, t.key); if(auth.num != AuthAs || memcmp(auth.chal, cchal, CHALLEN) != 0 || auth.id != 0){ print("?you and auth server agree about password.\n"); print("?server is confused.\n"); fatal(0, "server lies got %llux.%d want %llux.%d", *(int64_t*)auth.chal, auth.id, *(int64_t*)cchal, 0); } //print("i am %s there.\n", t.suid); ai = mallocz(sizeof(AuthInfo), 1); ai->secret = mallocz(8, 1); des56to64((uint8_t*)t.key, ai->secret); ai->nsecret = 8; ai->suid = strdup(t.suid); ai->cuid = strdup(t.cuid); memset(authkey, 0, sizeof authkey); return ai; }
int convert(char **db, int len) { int i, nu, keydblen, keydboff, keydbaes; char *p = *db; keydblen = KEYDBLEN; keydboff = KEYDBOFF; keydbaes = len > 24 && memcmp(p, "AES KEYS", 8) == 0; if(keydbaes) { keydblen += AESKEYLEN; keydboff = 8+16; /* signature[8] + iv[16] */ } len -= keydboff; if(len % keydblen) { fprint(2, "%s: file odd length; not converting %d bytes\n", argv0, len % keydblen); len -= len % keydblen; } len += keydboff; if(keydbaes) { AESstate s; /* make sure we have aes key for decryption */ if(memcmp(okey.aes, zeros, AESKEYLEN) == 0) { fprint(2, "%s: no aes key in NVRAM\n", argv0); exits("no aes key"); } setupAESstate(&s, okey.aes, AESKEYLEN, zeros); aesCBCdecrypt((uchar*)p+8, len-8, &s); } else { DESstate s; uchar k[8]; des56to64((uchar*)okey.des, k); setupDESstate(&s, k, zeros); desCBCdecrypt((uchar*)p, len, &s); } nu = 0; for(i = keydboff; i < len; i += keydblen) { if (badname(&p[i])) { fprint(2, "%s: bad name %.30s... - aborting\n", argv0, &p[i]); exits("bad name"); } nu++; } if(verb) { for(i = keydboff; i < len; i += keydblen) print("%s\n", &p[i]); exits(nil); } if(convaes && !keydbaes) { char *s, *d; keydboff = 8+16; keydblen += AESKEYLEN; len = keydboff + keydblen*nu; p = realloc(p, len); if(p == nil) error("out of memory"); *db = p; s = p + KEYDBOFF + nu*KEYDBLEN; d = p + keydboff + nu*keydblen; for(i=0; i<nu; i++) { s -= KEYDBLEN; d -= keydblen; memmove(d, s, KEYDBLEN); memset(d + KEYDBLEN, 0, keydblen-KEYDBLEN); } keydbaes = 1; } genrandom((uchar*)p, keydboff); if(keydbaes) { AESstate s; memmove(p, "AES KEYS", 8); setupAESstate(&s, nkey.aes, AESKEYLEN, zeros); aesCBCencrypt((uchar*)p+8, len-8, &s); } else { DESstate s; uchar k[8]; des56to64((uchar*)nkey.des, k); setupDESstate(&s, k, zeros); desCBCencrypt((uchar*)p, len, &s); } return len; }