int ora_hash_password(char *pass) {
// secret hash function comes here, and written to char *hash
int siz = 0;
unsigned char *desresult;
unsigned char *result;
char buff[strlen(pass) + 5];
memset(buff, 0, sizeof(buff));
//concatenate Arb string and convert the resulting string to uppercase
snprintf(buff, sizeof(buff), "Arb%s", pass);
strupper(buff);
if (initial_permutation(&result, buff, &siz)) {
hydra_report(stderr, "[ERROR] ora_hash_password: in initial_permutation\n");
return 1;
}
if (convert_byteorder(&result, siz)) {
hydra_report(stderr, "[ERROR] ora_hash_password: in convert_byteorder\n");
return 1;
}
if (ora_descrypt(&desresult, result, siz)) {
hydra_report(stderr, "[ERROR] ora_hash_password: in DES crypt\n");
return 1;
}
free(result);
if (ora_hash(&result, desresult, siz)) {
hydra_report(stderr, "[ERROR] ora_hash_password: in extracting Oracle hash\n");
return 1;
}
memcpy(hash, result, HASHSIZE);
free(desresult);
free(result);
return 0;
}
/* Merge signatures from userid in fkey (which is keyfile) at keypos with
* userid from fring (which is ringfile) at ringpos, appending result to out.
*/
static int mergesigs(FILE * fkey, char *keyfile, long keypos, FILE * fring,
char *ringfile, long *pringpos, FILE * out)
{
long ringuseridpos, ringpos;
int ringpktlen, keypktlen;
int status;
byte ctb;
int copying;
word32 rstamp, kstamp, xstamp;
byte keyID[KEYFRAGSIZE];
char userid[256];
/* First, copy the userid packet itself, plus any comments or ctrls */
ringuseridpos = ringpos = *pringpos;
fseek(fring, ringpos, SEEK_SET);
(void) readkeypacket(fring, FALSE, &ctb, NULL, userid, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL);
PascalToC(userid);
ringpktlen = ftell(fring) - ringpos;
copyfilepos(fring, out, ringpktlen, ringpos);
for (;;) {
ringpos = ftell(fring);
status = nextkeypacket(fring, &ctb);
if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID ||
is_ctb_type(ctb, CTB_SKE_TYPE))
break;
ringpktlen = ftell(fring) - ringpos;
copyfilepos(fring, out, ringpktlen, ringpos);
}
fseek(fring, ringpos, SEEK_SET);
/* Now, ringpos points just past userid packet and ctrl packet. */
/* Advance keypos to the analogous location. */
fseek(fkey, keypos, SEEK_SET);
(void) nextkeypacket(fkey, &ctb);
for (;;) {
keypos = ftell(fkey);
status = nextkeypacket(fkey, &ctb);
if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID ||
is_ctb_type(ctb, CTB_SKE_TYPE))
break;
}
fseek(fkey, keypos, SEEK_SET);
/* Second, copy all keyfile signatures that aren't in ringfile.
*/
copying = FALSE;
for (;;) {
/* Read next sig from keyfile; see if it is in ringfile;
* if it is not a signature, ignore it,
* if it is absent from ringfile, copy it,
* if it is present, and the timestamp is not newer, ignore it,
* if present and newer, replace old with new.
* Loop till hit a new key or userid in keyfile, or EOF.
*/
keypos = ftell(fkey);
status = readkeypacket(fkey, FALSE, &ctb, (byte *) & kstamp,
NULL, NULL, NULL,
NULL, NULL, NULL, NULL, keyID, NULL);
if (status == -3) /* unrecoverable error: bad packet
length etc. */
return status;
keypktlen = ftell(fkey) - keypos;
if (status == -1 || is_key_ctb(ctb) || ctb == CTB_USERID)
break; /* EOF or next key/userid */
if (status < 0)
continue; /* bad packet, skip it */
if (is_ctb_type(ctb, CTB_SKE_TYPE)) {
long sig_pos;
int sig_len;
/* Set copying true if signature is not in the ringfile */
copying = (getpubusersig(ringfile, ringuseridpos,
keyID, (byte *) & rstamp,
&sig_pos,
&sig_len) < 0);
if (!copying) {
long save_pos = ftell(fkey);
fseek(fkey, keypos + 6, SEEK_SET);
fread(&kstamp, 1, SIZEOF_TIMESTAMP, fkey);
fseek(fkey, save_pos, SEEK_SET);
convert_byteorder((byte *) & kstamp, SIZEOF_TIMESTAMP);
if (verbose)
fprintf(pgpout, "ring: %lx key: %lx\n", rstamp, kstamp);
if (kstamp > rstamp) { /* Update, Maybe */
char *signator;
if ((signator = user_from_keyID(keyID)) == NULL) {
fprintf(pgpout,
LANG("Replacing signature from keyID %s on userid \"%s\"\n"),
keyIDstring(keyID), LOCAL_CHARSET(userid));
/* No pubkey for KeyID, no update! */
} else {
long save_keypos;
long save_ringpos;
long KeyIDpos;
int KeyIDlen;
byte sigClass;
fprintf(pgpout,
LANG("Verifying signature from %s\n"),
LOCAL_CHARSET(signator));
fprintf(pgpout, LANG("on userid \"%s\"\n"),
LOCAL_CHARSET(userid));
save_keypos = ftell(fkey);
save_ringpos = ftell(fring);
status = getpublickey(GPK_GIVEUP, ringfile,
&KeyIDpos, &KeyIDlen, NULL,
NULL, (byte *) userid, NULL,
NULL);
if (!status)
status = check_key_sig(fring,
KeyIDpos, KeyIDlen,
userid, fkey, keypos,
ringfile, signator,
(byte *) & xstamp,
&sigClass);
PascalToC(userid);
PascalToC(signator);
if (!status) {
fprintf(pgpout,
LANG("Replacing signature from %s\n"),
LOCAL_CHARSET(signator));
fprintf(pgpout,
LANG("on userid \"%s\"\n"),
LOCAL_CHARSET(userid));
sig_list_add(sig_pos);
++newsigs;
copying = 1;
} else
fprintf(pgpout, LANG("Verification Failed\n"));
fseek(fring, save_ringpos, SEEK_SET);
fseek(fkey, save_keypos, SEEK_SET);
}
}
} else {
char *signator;
if ((signator = user_from_keyID(keyID)) == NULL)
fprintf(pgpout,
LANG("New signature from keyID %s on userid \"%s\"\n"),
keyIDstring(keyID), LOCAL_CHARSET(userid));
else {
fprintf(pgpout,
LANG("New signature from %s\n"),
LOCAL_CHARSET(signator));
fprintf(pgpout,
LANG("on userid \"%s\"\n"), LOCAL_CHARSET(userid));
}
++newsigs;
if (batchmode)
show_update(keyIDstring(mykeyID));
}
}
if (copying && is_ctb_type(ctb, CTB_SKE_TYPE)) {
copyfilepos(fkey, out, keypktlen, keypos);
if (publickey)
write_trust(out, KC_SIGTRUST_UNDEFINED);
}
}
/* Third, for all ring sig's which are not replaced, copy to output */
fseek(fring, ringpos, SEEK_SET);
for (;;) {
ringpos = ftell(fring);
if (sig_list_find(ringpos)) {
/* skip signature packet */
nextkeypacket(fring, &ctb);
ringpos = ftell(fring);
/* skip trust packet, if present */
if (nextkeypacket(fring, &ctb) < 0 || ctb != CTB_KEYCTRL)
fseek(fring, ringpos, SEEK_SET);
continue;
}
status = nextkeypacket(fring, &ctb);
ringpktlen = ftell(fring) - ringpos;
if (status < 0 || is_key_ctb(ctb) || ctb == CTB_USERID)
break;
copyfilepos(fring, out, ringpktlen, ringpos);
} /* End of loop for each sig in ringfile */
sig_list_clear();
fseek(fring, ringpos, SEEK_SET);
*pringpos = ringpos;
return 0;
} /* mergesigs */
