/*! Init authentication.
*/
void DeRestPluginPrivate::initAuthentication()
{
bool ok = false;
if (gwConfig.contains("gwusername") && gwConfig.contains("gwpassword"))
{
gwAdminUserName = gwConfig["gwusername"].toString();
gwAdminPasswordHash = gwConfig["gwpassword"].toString();
if (!gwAdminUserName.isEmpty() && !gwAdminPasswordHash.isEmpty())
{
ok = true;
}
}
if (!ok)
{
// generate default username and password
gwAdminUserName = "******";
gwAdminPasswordHash = "delight";
DBG_Printf(DBG_INFO, "create default username and password\n");
// combine username:password
QString comb = QString("%1:%2").arg(gwAdminUserName).arg(gwAdminPasswordHash);
// create base64 encoded version as used in HTTP basic authentication
QString hash = comb.toLocal8Bit().toBase64();
gwAdminPasswordHash = encryptString(hash);
queSaveDb(DB_CONFIG, DB_SHORT_SAVE_DELAY);
}
}
int main( int argc, char** argv )
{
if( argc != 2 )
{
printf( "Nombre d'arguments incorrect. %i\n", argc);
return -1;
}
FILE* file = fopen( argv[0], "r" );
if( file != NULL )
{
unsigned long len;
char* fileStr = fileToString( file, &len );
fclose( file );
char* enc = encryptString( fileStr, len );
file = fopen( argv[1], "w" );
writeStringToFile( file, enc );
fclose( file );
}
else
{
printf( "Impossible d'ouvrir le fichier %s.\n", argv[0] );
return -1;
}
return 0;
}
void test_twofish_decrypt_encrypt_wrong_size() {
char *key = "ldlelslelslelslslflellalelslssl";
char *plainText = "ldlelslelslelslslflelslalelslsslldlelslelslelslslflelslallslssl";
enum EncryptionAlgorithm algorithm = TWOFISH;
initCryptographyModule();
int plainTextSize = getStringLength(plainText);
char *cipherText = encryptString(plainText,plainTextSize, key, algorithm);
CU_ASSERT_EQUAL(cipherText, NULL);
freeCryptographyModuleMemory();
}
// THE MAIN
main(int argc, char *argv[]) // Aufruf: setflag a 'b-.-c' d
{
char* flag_id = argv[1]; // FahrzeugnummerBeginnWortBeginn
char* password = argv[2]; // ( komplette Fahrzeugnummer-.-komplettes Wort )
char* content = argv[3]; // the flag itself
char delimiter[] = "-.-";
char *ptr;
ptr = strtok(password, delimiter);
char* fzn = ptr;
printf("fzn: %s\n", fzn);
ptr = strtok(NULL, delimiter);
char* bayWord = ptr;
printf("bayWord: %s\n", bayWord);
char* aeskey = randstring(256);
printf("aeskey: %s\n", aeskey);
encryptString(content, aeskey);
addBayWordAndKeyToBayCsv(bayWord, aeskey); //TODO Dateipfad kontrollieren
addFznAndEncContentToFznCsv(fzn, content); //TODO Dateipfad kontrollieren
/* RESTE TO DELETE
// char lineToAdd[1000];
// sprintf(lineToAdd, "%s;%s", flag_id, content);
// printf("%s\n", lineToAdd);
// addStringToFile(lineToAdd, "ba");
/*
// save flag in file and encrypt file
FILE *f = fopen("flagfile", "w");
fprintf(f, "%s", content);
fclose(f);
// save flag_id in Fahrzeugnummern.csv
f = fopen("flag_id_file", "w");
fprintf(f, "%s", flag_id);
fclose(f);
// hash password and save it somewhere
// char cmd[80];
// sprintf(cmd, "echo %s | openssl sha1 > pwfile", password);
// system(cmd);
// printf("%s", cmd);
RESTE TO DELETE ENDE */
}
void test_twofish_decrypt_encrypt_null() {
char *key = NULL;
char *plainText = NULL;
enum EncryptionAlgorithm algorithm = TWOFISH;
initCryptographyModule();
int plainTextSize = getStringLength(plainText);
char *cipherText = encryptString(plainText,plainTextSize, key, algorithm);
char *plainText2 = decryptString(cipherText,plainTextSize, key, algorithm);
CU_ASSERT_EQUAL(plainText, NULL);
CU_ASSERT_EQUAL(plainText2, NULL);
freeCryptographyModuleMemory();
}
void DbConnectionInfo::saveToSettings()
{
Settings::setValue("version", 1);
Settings::setValue("uuid", uuid);
Settings::setValue("title", title);
Settings::setValue("environment", (int)environment);
Settings::setValue("username", username);
Settings::setValue("savePassword", savePassword);
Settings::setValue("password", savePassword ? encryptString(password) : QString());
Settings::setValue("type", type);
Settings::setValue("connectionString", connectionString);
Settings::setValue("connectAs", (int)connectAs);
}
CFDictionaryRef
SecWrapRecoveryPasswordWithAnswers(CFStringRef password, CFArrayRef questions, CFArrayRef answers)
{
uint32_t vers = 1;
CFDataRef iv;
CFDataRef wrappedPassword;
CFMutableDictionaryRef retval = NULL;
CFLocaleRef theLocale = CFLocaleCopyCurrent();
CFStringRef theLocaleString = CFLocaleGetIdentifier(theLocale);
CFIndex ix, limit;
if (!password || !questions || !answers)
return NULL;
limit = CFArrayGetCount(answers);
if (limit != CFArrayGetCount(questions))
return NULL; // Error
CFTypeRef chkval;
for (ix=0; ix<limit; ix++)
{
chkval = CFArrayGetValueAtIndex(answers, ix);
if (!chkval || CFGetTypeID(chkval)!=CFStringGetTypeID() || CFEqual((CFStringRef)chkval, CFSTR("")))
return NULL;
chkval = CFArrayGetValueAtIndex(questions, ix);
if (!chkval || CFGetTypeID(chkval)!=CFStringGetTypeID() || CFEqual((CFStringRef)chkval, CFSTR("")))
return NULL;
}
iv = createIVFromPassword(password);
SecKeyRef wrapKey = secDeriveKeyFromAnswers(answers, theLocale);
if((wrappedPassword = encryptString(wrapKey, iv, password)) != NULL) {
retval = CFDictionaryCreateMutable(kCFAllocatorDefault, 5, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
CFDictionaryAddValue(retval, kSecRecVersionNumber, CFNumberCreate(kCFAllocatorDefault, kCFNumberSInt32Type, &vers));
CFDictionaryAddValue(retval, kSecRecQuestions, questions);
CFDictionaryAddValue(retval, kSecRecLocale, theLocaleString);
CFDictionaryAddValue(retval, kSecRecIV, b64encode(iv));
CFDictionaryAddValue(retval, kSecRecWrappedPassword, wrappedPassword);
}
if(wrappedPassword) CFRelease(wrappedPassword);
CFRelease(iv);
CFRelease(wrapKey);
CFRelease(theLocale);
CFRelease(theLocaleString);
return retval;
}
int main(int argc, char *argv[]) {
char *key = argv[1];
validateCLI(argc, key);
char *sourceStr = GetString();
int length = strlen(sourceStr);
char destStr[length + 1];
encryptString(sourceStr, destStr, key);
printf("%s\n", destStr);
free(sourceStr);
return 0;
}
/*! Use HTTP basic authentication or HMAC token to check if the request
has valid credentials to create API key.
*/
bool DeRestPluginPrivate::allowedToCreateApikey(const ApiRequest &req, ApiResponse &rsp, QVariantMap &map)
{
if (req.hdr.hasKey("Authorization"))
{
QStringList ls = req.hdr.value("Authorization").split(' ');
if ((ls.size() > 1) && ls[0] == "Basic")
{
QString enc = encryptString(ls[1]);
if (enc == gwAdminPasswordHash)
{
return true;
}
DBG_Printf(DBG_INFO, "Invalid admin password hash: %s\n", qPrintable(enc));
}
}
if (apsCtrl && map.contains(QLatin1String("hmac-sha256")))
{
QDateTime now = QDateTime::currentDateTime();
QByteArray remoteHmac = map["hmac-sha256"].toByteArray();
QByteArray sec0 = apsCtrl->getParameter(deCONZ::ParamSecurityMaterial0);
QByteArray installCode = sec0.mid(0, 16);
if (!gwLastChallenge.isValid() || gwLastChallenge.secsTo(now) > (60 * 10))
{
rsp.list.append(errorToMap(ERR_UNAUTHORIZED_USER, QString("/api/challenge"), QString("no active challange")));
rsp.httpStatus = HttpStatusForbidden;
return false;
}
QByteArray hmac = QMessageAuthenticationCode::hash(gwChallenge, installCode, QCryptographicHash::Sha256).toHex();
if (remoteHmac == hmac)
{
return true;
}
DBG_Printf(DBG_INFO, "expected challenge response: %s\n", qPrintable(hmac));
rsp.list.append(errorToMap(ERR_UNAUTHORIZED_USER, QString("/api/challenge"), QString("invalid challange response")));
rsp.httpStatus = HttpStatusForbidden;
return false;
}
rsp.httpStatus = HttpStatusForbidden;
rsp.list.append(errorToMap(ERR_LINK_BUTTON_NOT_PRESSED, "/", "link button not pressed"));
return false;
}
void SmafeStoreDB::storeFeatureRecord(long track_id, long featurevectortype_id,
const SmafeAbstractFeatureVector* fv, long file_id) {
std::string ss_enc;
std::stringstream ss(std::stringstream::in | std::stringstream::out);
{
boost::archive::text_oarchive oa(ss);
//boost::archive::xml_oarchive oa(ss);
oa << BOOST_SERIALIZATION_NVP(fv);
}
// encryption
ss_enc = encryptString(ss.str().c_str());
// call db specific method
storeFeatureRecord(track_id, featurevectortype_id, ss_enc.c_str(),
ss_enc.size(), file_id);
}
int main()
{
Cesar c;
OneTime o("DedeATraversLesBrumes");
OneTime t("TheCakeIsALie");
encryptString(c, "Je clair Luc, ne pas ? Ze woudrai un kekos !");
decryptString(c, "Mi isirb Xhq, ew jvo ? Zf zszjyir fz ytafk !");
encryptString(c, "KIKOO");
encryptString(c, "LULZ XD");
decryptString(c, "Ziqivun ea Ndcsg.Wji !");
encryptString(t, "Prend garde Lion, ne te trompes pas de voie !");
encryptString(o, "De la musique et du bruit !");
encryptString(t, "Kion li faras? Li studas kaj programas!");
decryptString(t, "Iyipd kijdp Pbvr, xi le bvhttgs tik om ovmg !");
decryptString(o, "Gi pa dunmhmp wu xg tuylx !");
decryptString(t, "Dpsp vm xaciw? Pk cxcvad otq rrykzsmla!");
}
std::string SmafeStoreDB::buildConfigRecord(std::string key, std::string value, const char* pp){
// version with escaping:
// return "INSERT INTO config (key, value) VALUES ('" + escapeString(encryptString(key.c_str(), pp)) + "', '" + escapeString(encryptString(value.c_str(), pp)) + "');" + '\n';
// version without escaping:
return "INSERT INTO config (key, value) VALUES ('" + (encryptString(key.c_str(), pp)) + "', '" + (encryptString(value.c_str(), pp)) + "');" + '\n';
}
