diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2000-12-20 20:08:24 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-12-20 20:08:24 +0000 |
| commit | 11815997d176b3fa17dd71042c4c21669b9c97e8 (patch) | |
| tree | 230525445a8d746b5b20012813040bd5150cb640 | |
| parent | 7ee117f9ed3ecbe55322f64906d2a353b9c5b692 (diff) | |
use arc4random, clear secrets, use readpassphrase in tokeninit; ok millert@
| -rw-r--r-- | libexec/login_token/login_token.c | 4 | ||||
| -rw-r--r-- | libexec/login_token/token.c | 61 | ||||
| -rw-r--r-- | usr.sbin/tokeninit/tokeninit.c | 50 |
3 files changed, 47 insertions, 68 deletions
diff --git a/libexec/login_token/login_token.c b/libexec/login_token/login_token.c index 1e6461460d4..4ba3344fea4 100644 --- a/libexec/login_token/login_token.c +++ b/libexec/login_token/login_token.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_token.c,v 1.1 2000/12/20 01:41:53 millert Exp $ */ +/* $OpenBSD: login_token.c,v 1.2 2000/12/20 20:08:23 markus Exp $ */ /*- * Copyright (c) 1995, 1996 Berkeley Software Design, Inc. All rights reserved. @@ -62,7 +62,7 @@ main(argc, argv) char *instance; char challenge[1024]; char response[1024]; - char *pp; + char *pp = 0; int c; int mode = 0; struct rlimit cds; diff --git a/libexec/login_token/token.c b/libexec/login_token/token.c index f5634011834..d5138a93368 100644 --- a/libexec/login_token/token.c +++ b/libexec/login_token/token.c @@ -1,4 +1,4 @@ -/* $OpenBSD: token.c,v 1.3 2000/12/20 01:54:42 millert Exp $ */ +/* $OpenBSD: token.c,v 1.4 2000/12/20 20:08:23 markus Exp $ */ /*- * Copyright (c) 1995 Migration Associates Corp. All Rights Reserved @@ -79,7 +79,7 @@ static TOKEN_CBlock tokennumber; */ static long tokenrandomnumber(void); -static void tokenseed(des_cblock *); +static void tokenseed(TOKEN_CBlock *); static void lcase(char *); static void h2d(char *); static void h2cb(char *, TOKEN_CBlock *); @@ -91,16 +91,10 @@ static void cb2h(TOKEN_CBlock, char *); */ static void -tokenseed(des_cblock *cb) +tokenseed(TOKEN_CBlock *cb) { - static int first_time = 1; - - if (first_time) { - first_time = 0; - des_random_key(*cb); - des_init_random_number_generator(cb); - } - des_new_random_key(cb); + cb->ul[0] = arc4random(); + cb->ul[1] = arc4random(); } /* @@ -115,10 +109,7 @@ tokenseed(des_cblock *cb) static long tokenrandomnumber(void) { - TOKEN_CBlock seed; - - tokenseed(&seed.cb); - return (((seed.ul[0] ^ seed.ul[1]) % 99999999)); + return arc4random(); } /* @@ -164,8 +155,8 @@ tokenchallenge(char *user, char *challenge, int size, char *card_type) } } if (r != 0 || tr.rim[0] == '\0') { - memset(tokennumber.ct, 0, sizeof(tokennumber)); - snprintf(tokennumber.ct, sizeof(tokennumber.ct), "%08.8lu", + memset(tokennumber.ct, 0, sizeof(tokennumber.ct)); + snprintf(tokennumber.ct, sizeof(tokennumber.ct), "%8.8lu", tokenrandomnumber()); if (r == 0) { memcpy(tr.rim, tokennumber.ct, 8); @@ -194,15 +185,15 @@ tokenverify(char *username, char *challenge, char *response) des_key_schedule key_schedule; - memset(cmp_text.ct, 0, sizeof(cmp_text)); - memset(user_seed.ct, 0, sizeof(user_seed)); - memset(cipher_text.ct, 0, sizeof(cipher_text)); - memset(tokennumber.ct, 0, sizeof(tokennumber)); + memset(cmp_text.ct, 0, sizeof(cmp_text.ct)); + memset(user_seed.ct, 0, sizeof(user_seed.ct)); + memset(cipher_text.ct, 0, sizeof(cipher_text.ct)); + memset(tokennumber.ct, 0, sizeof(tokennumber.ct)); state = strtok(challenge, "\""); state = strtok(NULL, "\""); tmp.ul[0] = strtoul(state, NULL, 10); - snprintf(tokennumber.ct, sizeof(tokennumber.ct), "%08.8lu",tmp.ul[0]); + snprintf(tokennumber.ct, sizeof(tokennumber.ct), "%8.8lu",tmp.ul[0]); /* * Retrieve the db record for the user. Nuke it as soon as @@ -229,6 +220,7 @@ tokenverify(char *username, char *challenge, char *response) memset(user_seed.ct, 0, sizeof(user_seed.ct)); des_ecb_encrypt(&tokennumber.cb, &cipher_text.cb, key_schedule, DES_ENCRYPT); + memset(key_schedule, 0, sizeof(key_schedule)); /* * The token thinks it's descended from VAXen. Deal with i386 @@ -237,7 +229,7 @@ tokenverify(char *username, char *challenge, char *response) */ HTONL(cipher_text.ul[0]); - snprintf(cmp_text.ct, sizeof(cmp_text.ct), "%08.8lx", cipher_text.ul[0]); + snprintf(cmp_text.ct, sizeof(cmp_text.ct), "%8.8lx", cipher_text.ul[0]); if (tokenrec.mode & TOKEN_PHONEMODE) { /* @@ -284,17 +276,18 @@ tokenuserinit(int flags, char *username, unsigned char *usecret, unsigned mode) TOKEN_CBlock checktxt; des_key_schedule key_schedule; + memset(&secret.ct, 0, sizeof(secret)); + /* * If no user secret passed in, create one */ if ( (flags & TOKEN_GENSECRET) ) - tokenseed(&secret.cb); - else { - memset(&secret, 0, sizeof(secret)); + tokenseed(&secret); + else memcpy(&secret, usecret, sizeof(des_cblock)); - des_fixup_key_parity(&secret.cb); - } + + des_fixup_key_parity(&secret.cb); /* * Check if the db record already exists. If no @@ -326,8 +319,10 @@ tokenuserinit(int flags, char *username, unsigned char *usecret, unsigned mode) * discussion of cipher generation. */ - if (!(flags & TOKEN_GENSECRET)) + if (!(flags & TOKEN_GENSECRET)) { + memset(&secret.ct, 0, sizeof(secret)); return (0); + } printf("Shared secret for %s\'s token: " "%03o %03o %03o %03o %03o %03o %03o %03o\n", @@ -336,10 +331,12 @@ tokenuserinit(int flags, char *username, unsigned char *usecret, unsigned mode) des_key_sched(&secret.cb, key_schedule); + memset(&secret.ct, 0, sizeof(secret)); memset(&nulls, 0, sizeof(nulls)); des_ecb_encrypt(&nulls.cb, &checksum.cb, key_schedule, DES_ENCRYPT); + memset(key_schedule, 0, sizeof(key_schedule)); HTONL(checksum.ul[0]); - snprintf(checktxt.ct, sizeof(checktxt.ct), "%08.8lx", checksum.ul[0]); + snprintf(checktxt.ct, sizeof(checktxt.ct), "%8.8lx", checksum.ul[0]); printf("Hex Checksum: \"%s\"", checktxt.ct); h2d(checktxt.ct); @@ -391,8 +388,8 @@ cb2h(TOKEN_CBlock cb, char* hp) { char scratch[17]; - snprintf(scratch, 9, "%08.8lx", cb.ul[0]); - snprintf(scratch+8, 9, "%08.8lx", cb.ul[1]); + snprintf(scratch, 9, "%8.8lx", cb.ul[0]); + snprintf(scratch+8, 9, "%8.8lx", cb.ul[1]); memcpy(hp, scratch, 16); } diff --git a/usr.sbin/tokeninit/tokeninit.c b/usr.sbin/tokeninit/tokeninit.c index 69cd2f61488..97f220f535b 100644 --- a/usr.sbin/tokeninit/tokeninit.c +++ b/usr.sbin/tokeninit/tokeninit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tokeninit.c,v 1.1 2000/12/20 02:08:09 millert Exp $ */ +/* $OpenBSD: tokeninit.c,v 1.2 2000/12/20 20:08:22 markus Exp $ */ /*- * Copyright (c) 1995 Migration Associates Corp. All Rights Reserved @@ -44,12 +44,12 @@ #include <stdlib.h> #include <unistd.h> #include <string.h> +#include <readpassphrase.h> #include "token.h" #include "tokendb.h" -static void strip_crlf(char *); -static void prompt_for_secret(int, char*); +static char *prompt_for_secret(int, char*); static int parse_secret(int, char *, unsigned char *); int @@ -64,6 +64,7 @@ main(int argc, char **argv) char seed[80]; unsigned char secret[9]; char *optstr; + char *p = 0; struct rlimit cds; @@ -131,16 +132,9 @@ main(int argc, char **argv) fflush(stdout); } if (!(cmd & TOKEN_GENSECRET)) { - prompt_for_secret(hexformat, *argv); - - if (fgets(seed, sizeof(seed), stdin) == NULL) { - fprintf(stderr, - "%sinit: No seed supplied for token.\n", - tt->name); - exit(1); - } - strip_crlf(seed); - if (strlen(seed) == 0) { + p = prompt_for_secret(hexformat, *argv); + if (!readpassphrase(p, seed, sizeof(seed), RPP_ECHO_ON) || + seed[0] == '\0') { fprintf(stderr, "%sinit: No seed supplied for token.\n", tt->name); @@ -180,22 +174,6 @@ main(int argc, char **argv) } /* - * Strip trailing cr/lf from a line of text - */ - -void -strip_crlf(char *buf) -{ - char *cp; - - if((cp = strchr(buf,'\r')) != NULL) - *cp = '\0'; - - if((cp = strchr(buf,'\n')) != NULL) - *cp = '\0'; -} - -/* * Parse the 8 octal numbers or a 16 digit hex string into a token secret */ @@ -226,13 +204,17 @@ parse_secret(int hexformat, char *seed, unsigned char *secret) * Prompt user for seed for token */ -static void +static char * prompt_for_secret(int hexformat, char* username) { + static char prompt[1024]; if (hexformat) - printf("Enter a 16 digit hexidecimal number " - "as a seed for %s\'s token:\n", username); + snprintf(prompt, sizeof prompt, + "Enter a 16 digit hexidecimal number " + "as a seed for %s\'s token:\n", username); else - printf("Enter a series of 8 3-digit octal numbers " - "as a seed for %s\'s token:\n", username); + snprintf(prompt, sizeof prompt, + "Enter a series of 8 3-digit octal numbers " + "as a seed for %s\'s token:\n", username); + return prompt; } |