int
main(int argc, char **argv)
{
FILE *kfile;
RSA *rsa = NULL;
char ndata[257], ddata[257];
/* respond privatefile challenge */
if (argc < 3)
{
puts("Usage: respond privatefile challenge [passphrase]");
return 0;
}
if (argc == 4)
{
/* This is TOTALLY insecure and not recommended, but for
** interfacing with irc client scripts, it's either this
** or don't use a passphrase.
**
** The likelihood of a passphrase leaking isn't TOO great,
** only ps auxww will show it, and even then, only at the
** precise moment this is called.
*/
insecure_mode = 1;
pass_param = argv[3];
}
if (!(kfile = fopen(argv[1], "r")))
{
puts("Could not open the private keyfile.");
return 0;
}
SSLeay_add_all_ciphers();
rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
if(!rsa)
{
puts("Unable to read your private key, is the passphrase wrong?");
return 0;
}
fclose(kfile);
if (hex_to_binary(argv[2], ndata, 128) != 128)
{
puts("Bad challenge.");
return -1;
}
if (RSA_private_decrypt(128, (unsigned char*)ndata,
(unsigned char*)ddata, rsa, RSA_PKCS1_PADDING) == -1)
{
puts("Decryption error.");
return -1;
}
binary_to_hex((unsigned char*)ddata, ndata, 32);
puts(ndata);
return 0;
}
ikptr
ikrt_ssleay_add_all_ciphers (ikpcb * pcb)
{
#if ((defined HAVE_DECL_SSLEAY_ADD_ALL_CIPHERS) && HAVE_DECL_SSLEAY_ADD_ALL_CIPHERS)
SSLeay_add_all_ciphers();
return IK_VOID;
#else
feature_failure(__func__);
#endif
}
// Setup OpenSSL
void __fastcall util_openssl_init()
{
char* tbuf[64];
#ifdef WIN32
HMODULE g_hAdvLib = NULL;
BOOLEAN (APIENTRY *g_CryptGenRandomPtr)(void*, ULONG) = NULL;
#endif
#ifdef _POSIX
int l;
#endif
/*
#ifdef _DEBUG
CRYPTO_malloc_debug_init();
//CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
MemCheck_start();
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
*/
SSLeay_add_all_algorithms();
SSLeay_add_all_ciphers();
SSLeay_add_all_digests();
SSL_library_init(); // TWO LEAKS COMING FROM THIS LINE. Seems to be a well known OpenSSL problem.
SSL_load_error_strings();
ERR_load_crypto_strings(); // ONE LEAK IN LINUX
// Add more random seeding in Windows (This is probably useful since OpenSSL in Windows has weaker seeding)
#ifdef WIN32
//RAND_screen(); // On Windows, add more random seeding using a screen dump (this is very expensive).
if ((g_hAdvLib = LoadLibrary(TEXT("ADVAPI32.DLL"))) != 0) g_CryptGenRandomPtr = (BOOLEAN (APIENTRY *)(void*,ULONG))GetProcAddress(g_hAdvLib,"SystemFunction036");
if (g_CryptGenRandomPtr != 0 && g_CryptGenRandomPtr(tbuf, 64) != 0) RAND_add(tbuf, 64, 64); // Use this high quality random as added seeding
if (g_hAdvLib != NULL) FreeLibrary(g_hAdvLib);
#endif
// Add more random seeding in Linux (May be overkill since OpenSSL already uses /dev/urandom)
#ifdef _POSIX
// Under Linux we use "/dev/urandom" if available. This is the best source of random on Linux & variants
FILE *pFile = fopen("/dev/urandom","rb");
if (pFile != NULL)
{
l = fread(tbuf, 1, 64, pFile);
fclose(pFile);
if (l > 0) RAND_add(tbuf, l, l);
}
#endif
}