ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/ircd-hybrid/tools/respond.c
Revision: 1155
Committed: Tue Aug 9 20:27:45 2011 UTC (12 years, 7 months ago) by michael
Content type: text/x-csrc
File size: 3901 byte(s)
Log Message:
- recreate "trunk"

File Contents

# Content
1 /*
2 * tools/rsa_respond/respond.c
3 * A simple RSA authentification challenge response generator for the
4 * ircd-hybrid CHALLENGE command.
5 * This code is Copyright(C)2001 by the past and present ircd-hybrid
6 * developers.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20 * $Id: respond.c 33 2005-10-02 20:50:00Z knight $
21 */
22 #include <stdio.h>
23 #include <string.h>
24 #include <openssl/err.h>
25 #include <openssl/rsa.h>
26 #include <openssl/pem.h>
27 #include <openssl/md5.h>
28 #include <unistd.h>
29
30 static int insecure_mode = 0;
31 static char *pass_param = NULL;
32
33 static int pass_cb(char *buf, int size, int rwflag, void *u)
34 {
35 int len;
36 char *tmp;
37
38 if (insecure_mode != 0)
39 {
40 if (pass_param == NULL)
41 return 0;
42 len = strlen(pass_param);
43 if (len <= 0) /* This SHOULDN'T happen */
44 return 0;
45 if (len > size)
46 len = size;
47 memcpy(buf, pass_param, len);
48 return len;
49 }
50
51 tmp = getpass("Enter passphrase for challenge: ");
52 if (!tmp)
53 {
54 puts("Couldn't read passphrase from stdin!");
55 exit(-1);
56 }
57 len = strlen(tmp);
58 if (len <= 0)
59 return 0;
60 if (len > size)
61 len = size;
62 memcpy(buf, tmp, len);
63 return len;
64 }
65
66 static void
67 binary_to_hex( unsigned char * bin, char * hex, int length )
68 {
69 static const char trans[] = "0123456789ABCDEF";
70 int i;
71
72 for( i = 0; i < length; i++ )
73 {
74 hex[i<<1] = trans[bin[i] >> 4];
75 hex[(i<<1)+1] = trans[bin[i] & 0xf];
76 }
77 hex[i<<1] = '\0';
78 }
79
80 static int
81 hex_to_binary(const char *from, char *to, int len)
82 {
83 char a, b=1;
84 int p=0;
85 const char *ptr = from;
86 while (-1)
87 {
88 a = *ptr++;
89 if (!a)
90 break;
91 b = *ptr++;
92
93 /* If this happens, we got bad input. */
94 if (!b)
95 break;
96 if (p >= len)
97 break;
98 if (!((a >= '0' && a <= '9') || (a >= 'A' && a <= 'F')))
99 break;
100 if (!((b >= '0' && b <= '9') || (b >= 'A' && b <= 'F')))
101 break;
102 to[p++] = ((a <= '9') ? (a - '0') : (a - 'A' + 0xA))<<4 |
103 ((b <= '9') ? (b - '0') : (b - 'A' + 0xA));
104 }
105 return p;
106 }
107
108 int
109 main(int argc, char **argv)
110 {
111 FILE *kfile;
112 RSA *rsa = NULL;
113 char ndata[257], ddata[257];
114 /* respond privatefile challenge */
115 if (argc < 3)
116 {
117 puts("Usage: respond privatefile challenge [passphrase]");
118 return 0;
119 }
120
121 if (argc == 4)
122 {
123 /* This is TOTALLY insecure and not recommended, but for
124 ** interfacing with irc client scripts, it's either this
125 ** or don't use a passphrase.
126 **
127 ** The likelihood of a passphrase leaking isn't TOO great,
128 ** only ps auxww will show it, and even then, only at the
129 ** precise moment this is called.
130 */
131 insecure_mode = 1;
132 pass_param = argv[3];
133 }
134
135 if (!(kfile = fopen(argv[1], "r")))
136 {
137 puts("Could not open the private keyfile.");
138 return 0;
139 }
140
141 SSLeay_add_all_ciphers();
142 rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
143
144 if(!rsa)
145 {
146 puts("Unable to read your private key, is the passphrase wrong?");
147 return 0;
148 }
149
150 fclose(kfile);
151 if (hex_to_binary(argv[2], ndata, 128) != 128)
152 {
153 puts("Bad challenge.");
154 return -1;
155 }
156
157 if (RSA_private_decrypt(128, (unsigned char*)ndata,
158 (unsigned char*)ddata, rsa, RSA_PKCS1_PADDING) == -1)
159 {
160 puts("Decryption error.");
161 return -1;
162 }
163 binary_to_hex((unsigned char*)ddata, ndata, 32);
164 puts(ndata);
165 return 0;
166 }

Properties

Name Value
svn:eol-style native