moth/packages/mcp/src/in.tokend.c

#include <sys/types.h>
#include <errno.h>
#include <time.h>
#include <unistd.h>
#include <fcntl.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
#include <string.h>
#include <ctype.h>
#include <sysexits.h>
#include "common.h"
#include "arc4.h"

#define itokenlen 5

char const consonants[] = "bcdfghklmnprstvz";
char const vowels[]     = "aeiouy";

#define bubblebabble_len(n) (6*(((n)/2)+1))

/** Compute bubble babble for input buffer.
 *
 * The generated output will be of length 6*((inlen/2)+1), including the
 * trailing NULL.
 *
 * Test vectors:
 *     `' (empty string) `xexax'
 *     `1234567890'      `xesef-disof-gytuf-katof-movif-baxux'
 *     `Pineapple'       `xigak-nyryk-humil-bosek-sonax'
 */
void
bubblebabble(unsigned char *out,
             unsigned char const *in,
             const size_t inlen)
{
  size_t pos  = 0;
  int    seed = 1;
  size_t i    = 0;

  out[pos++] = 'x';
  while (1) {
    unsigned char c;

    if (i == inlen) {
      out[pos++] = vowels[seed % 6];
      out[pos++] = 'x';
      out[pos++] = vowels[seed / 6];
      break;
    }

    c = in[i++];
    out[pos++] = vowels[(((c >> 6) & 3) + seed) % 6];
    out[pos++] = consonants[(c >> 2) & 15];
    out[pos++] = vowels[((c & 3) + (seed / 6)) % 6];
    if (i == inlen) {
      break;
    }
    seed = ((seed * 5) + (c * 7) + in[i]) % 36;

    c = in[i++];
    out[pos++] = consonants[(c >> 4) & 15];
    out[pos++] = '-';
    out[pos++] = consonants[c & 15];
  }

  out[pos++] = 'x';
  out[pos] = '\0';
}

int
main(int argc, char *argv[])
{
  char    category[CAT_MAX];
  size_t  categorylen;
  char    token[TOKEN_MAX];
  size_t  tokenlen;
  uint8_t key[256];
  size_t  keylen;

  /* Read category name. */
  {
    ssize_t len;

    len = read(0, category, sizeof(category));
    if (0 >= len) return 0;
    for (categorylen = 0;
         (categorylen < len) && isalnum(category[categorylen]);
         categorylen += 1);
  }

  /* Read in that category's key. */
  {
    int fd;
    int ret;

    fd = open(package_path("mcp/tokend.keys/%.*s", (int)categorylen, category), O_RDONLY);
    if (-1 == fd) {
      fprintf(stderr, "Open key %.*s: %s\n",
              (int)categorylen, category, strerror(errno));
      return 0;
    }

    ret = read(fd, &key, sizeof(key));
    if (-1 == ret) {
      fprintf(stderr, "Read key %.*s: %s\n",
              (int)categorylen, category, strerror(errno));
      return 0;
    }
    keylen = (size_t)ret;

    close(fd);
  }

  /* Send a nonce, expect it back encrypted */
  {
    int32_t nonce;
    int32_t enonce = 0;

    urandom((char *)&nonce, sizeof(nonce));
    write(1, &nonce, sizeof(nonce));
    arc4_crypt_buffer(key, keylen, (uint8_t *)&nonce, sizeof(nonce));
    read(0, &enonce, sizeof(enonce));
    if (nonce != enonce) {
      write(1, ":<", 2);
      return 0;
    }
  }

  /* Create the token. */
  {
    unsigned char crap[itokenlen];
    unsigned char digest[bubblebabble_len(itokenlen)];

    urandom((char *)crap, sizeof(crap));

    /* Digest some random junk. */
    bubblebabble(digest, (unsigned char *)&crap, itokenlen);

    /* Append digest to category name. */
    tokenlen = (size_t)snprintf(token, sizeof(token),
                               "%.*s:%s",
                                (int)categorylen, category, digest);
  }

  /* Write that token out now. */
  {
    int fd;
    int ret;

    do {
      fd = open(state_path("tokens.db"), O_WRONLY | O_CREAT, 0666);
      if (-1 == fd) break;

      ret = lockf(fd, F_LOCK, 0);
      if (-1 == ret) break;

      ret = lseek(fd, 0, SEEK_END);
      if (-1 == ret) break;

      ret = write(fd, token, tokenlen);
      if (-1 == ret) break;

      ret = write(fd, "\n", 1);
      if (-1 == ret) break;

      ret = close(fd);
      if (-1 == ret) break;
    } while (0);

    if ((-1 == fd) || (-1 == ret)) {
      printf("!%s", strerror(errno));
      return 0;
    }
  }

  /* Encrypt the token. */
  {
    arc4_crypt_buffer(key, keylen, (uint8_t *)token, tokenlen);
  }

  /* Send it back.  If there's an error here, it's okay.  Better to have
     unclaimed tokens than unclaimable ones. */
  write(1, token, tokenlen);

  return 0;
}
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`#include <sys/types.h>`
More error checking in in.tokend 2010-09-03 15:59:08 -06:00			`#include <errno.h>`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`#include <time.h>`
			`#include <unistd.h>`
Stop using FILE *; make tokens go into a log instead of one per file 2010-09-03 15:51:54 -06:00			`#include <fcntl.h>`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`#include <stdint.h>`
			`#include <stdlib.h>`
			`#include <stdio.h>`
			`#include <stddef.h>`
-Werror 2010-09-16 12:21:16 -06:00			`#include <string.h>`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`#include <ctype.h>`
Add tokencli, add nonce to token protocol 2010-09-18 21:56:57 -06:00			`#include <sysexits.h>`
Many changes, unit test * Everything in /srv/ctf now, set $CTF_BASE to override that * CGI now accepts parms in argv * Fix bug with uninitialized CGI vars 2010-09-13 12:23:39 -06:00			`#include "common.h"`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`#include "arc4.h"`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`#define itokenlen 5`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
			`char const consonants[] = "bcdfghklmnprstvz";`
			`char const vowels[] = "aeiouy";`

			`#define bubblebabble_len(n) (6*(((n)/2)+1))`

			`/** Compute bubble babble for input buffer.`
			`*`
			`* The generated output will be of length 6*((inlen/2)+1), including the`
			`* trailing NULL.`
			`*`
			`* Test vectors:`
			* `' (empty string) `xexax'
			* `1234567890' `xesef-disof-gytuf-katof-movif-baxux'
			* `Pineapple' `xigak-nyryk-humil-bosek-sonax'
			`*/`
			`void`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`bubblebabble(unsigned char *out,`
			`unsigned char const *in,`
			`const size_t inlen)`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`{`
			`size_t pos = 0;`
			`int seed = 1;`
			`size_t i = 0;`

			`out[pos++] = 'x';`
			`while (1) {`
			`unsigned char c;`

			`if (i == inlen) {`
			`out[pos++] = vowels[seed % 6];`
			`out[pos++] = 'x';`
			`out[pos++] = vowels[seed / 6];`
			`break;`
			`}`

			`c = in[i++];`
			`out[pos++] = vowels[(((c >> 6) & 3) + seed) % 6];`
			`out[pos++] = consonants[(c >> 2) & 15];`
			`out[pos++] = vowels[((c & 3) + (seed / 6)) % 6];`
			`if (i == inlen) {`
			`break;`
			`}`
			`seed = ((seed * 5) + (c * 7) + in[i]) % 36;`

			`c = in[i++];`
			`out[pos++] = consonants[(c >> 4) & 15];`
			`out[pos++] = '-';`
			`out[pos++] = consonants[c & 15];`
			`}`

			`out[pos++] = 'x';`
			`out[pos] = '\0';`
			`}`

			`int`
			`main(int argc, char *argv[])`
			`{`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`char category[CAT_MAX];`
			`size_t categorylen;`
			`char token[TOKEN_MAX];`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`size_t tokenlen;`
			`uint8_t key[256];`
			`size_t keylen;`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`/* Read category name. */`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`{`
I found %*s in printf! Converting... 2010-09-16 17:11:55 -06:00			`ssize_t len;`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`len = read(0, category, sizeof(category));`
Add tokencli, add nonce to token protocol 2010-09-18 21:56:57 -06:00			`if (0 >= len) return 0;`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`for (categorylen = 0;`
			`(categorylen < len) && isalnum(category[categorylen]);`
			`categorylen += 1);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`}`

I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`/* Read in that category's key. */`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`{`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`int fd;`
			`int ret;`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`fd = open(package_path("mcp/tokend.keys/%.*s", (int)categorylen, category), O_RDONLY);`
Stop using FILE *; make tokens go into a log instead of one per file 2010-09-03 15:51:54 -06:00			`if (-1 == fd) {`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`fprintf(stderr, "Open key %.*s: %s\n",`
			`(int)categorylen, category, strerror(errno));`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`return 0;`
			`}`

Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`ret = read(fd, &key, sizeof(key));`
			`if (-1 == ret) {`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`fprintf(stderr, "Read key %.*s: %s\n",`
			`(int)categorylen, category, strerror(errno));`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`return 0;`
			`}`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`keylen = (size_t)ret;`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
Stop using FILE *; make tokens go into a log instead of one per file 2010-09-03 15:51:54 -06:00			`close(fd);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`}`

Add tokencli, add nonce to token protocol 2010-09-18 21:56:57 -06:00			`/* Send a nonce, expect it back encrypted */`
			`{`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`int32_t nonce;`
Add tokencli, add nonce to token protocol 2010-09-18 21:56:57 -06:00			`int32_t enonce = 0;`

I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`urandom((char *)&nonce, sizeof(nonce));`
Add tokencli, add nonce to token protocol 2010-09-18 21:56:57 -06:00			`write(1, &nonce, sizeof(nonce));`
			`arc4_crypt_buffer(key, keylen, (uint8_t *)&nonce, sizeof(nonce));`
			`read(0, &enonce, sizeof(enonce));`
			`if (nonce != enonce) {`
			`write(1, ":<", 2);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`return 0;`
			`}`
			`}`

Working in.tokend 2010-09-03 15:26:51 -06:00			`/* Create the token. */`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`{`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`unsigned char crap[itokenlen];`
			`unsigned char digest[bubblebabble_len(itokenlen)];`

			`urandom((char *)crap, sizeof(crap));`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
Working in.tokend 2010-09-03 15:26:51 -06:00			`/* Digest some random junk. */`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`bubblebabble(digest, (unsigned char *)&crap, itokenlen);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`/* Append digest to category name. */`
I found %*s in printf! Converting... 2010-09-16 17:11:55 -06:00			`tokenlen = (size_t)snprintf(token, sizeof(token),`
Modularize + lots of fixes 2010-09-23 18:23:00 -06:00			`"%.*s:%s",`
I think everything's working... * Octopus changes * Change how things start a little (hopefully cleaner) * Fix bubblebabble bug * other junk, I don't know 2010-09-29 17:38:54 -06:00			`(int)categorylen, category, digest);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`}`

Working in.tokend 2010-09-03 15:26:51 -06:00			`/* Write that token out now. */`
			`{`
Results of code review 2010-09-14 18:04:33 -06:00			`int fd;`
			`int ret;`
Working in.tokend 2010-09-03 15:26:51 -06:00
More error checking in in.tokend 2010-09-03 15:59:08 -06:00			`do {`
Modularize + lots of fixes 2010-09-23 18:23:00 -06:00			`fd = open(state_path("tokens.db"), O_WRONLY \| O_CREAT, 0666);`
More error checking in in.tokend 2010-09-03 15:59:08 -06:00			`if (-1 == fd) break;`

			`ret = lockf(fd, F_LOCK, 0);`
			`if (-1 == ret) break;`

			`ret = lseek(fd, 0, SEEK_END);`
			`if (-1 == ret) break;`

			`ret = write(fd, token, tokenlen);`
			`if (-1 == ret) break;`

			`ret = write(fd, "\n", 1);`
			`if (-1 == ret) break;`

			`ret = close(fd);`
			`if (-1 == ret) break;`
			`} while (0);`

Results of code review 2010-09-14 18:04:33 -06:00			`if ((-1 == fd) \|\| (-1 == ret)) {`
More error checking in in.tokend 2010-09-03 15:59:08 -06:00			`printf("!%s", strerror(errno));`
Working in.tokend 2010-09-03 15:26:51 -06:00			`return 0;`
			`}`
			`}`

Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`/* Encrypt the token. */`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`{`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`arc4_crypt_buffer(key, keylen, (uint8_t *)token, tokenlen);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00			`}`

Working in.tokend 2010-09-03 15:26:51 -06:00			`/* Send it back. If there's an error here, it's okay. Better to have`
			`unclaimed tokens than unclaimable ones. */`
Move from xxtea to arc4 arc4 has known attacks, but you need a lot of data first. More data that we'll have tokens. 2010-09-16 23:18:16 -06:00			`write(1, token, tokenlen);`
Start at in.tokend (not writing files yet) 2010-09-02 17:10:11 -06:00
			`return 0;`
			`}`