Working in.tokend

This commit is contained in:
Neale Pickett 2010-09-03 15:26:51 -06:00
parent be41c32fd1
commit b9ee25cfe8
1 changed files with 44 additions and 15 deletions

View File

@ -10,6 +10,8 @@
#define itokenlen 3
char const *keydir = "/var/lib/ctf/tokend/keys";
char const *tokendir = "/var/lib/ctf/tokend/tokens";
char const consonants[] = "bcdfghklmnprstvz";
char const vowels[] = "aeiouy";
@ -71,10 +73,11 @@ main(int argc, char *argv[])
uint32_t key[4];
size_t tokenlen;
/* This ought to be unpredictable enough for a contest */
/* Seed the random number generator. This ought to be unpredictable
enough for a contest. */
srand((int)time(NULL) * (int)getpid());
/* Read service name */
/* Read service name. */
{
size_t len;
int i;
@ -84,13 +87,20 @@ main(int argc, char *argv[])
service[i] = '\0';
}
/* Read in that service's key */
/* Read in that service's key. */
{
FILE *f = fopen(service, "r");
char path[100];
FILE *f = NULL;
size_t len;
int ret;
ret = snprintf(path, sizeof(path),
"%s/%s", keydir, service);
if (ret < sizeof(path)) {
f = fopen(path, "r");
}
if (! f) {
printf("Unregistered service");
printf("!Unregistered service");
return 0;
}
@ -98,38 +108,57 @@ main(int argc, char *argv[])
fclose(f);
if (4 != len) {
printf("Key file screwed up");
printf("!Key file too short");
return 0;
}
}
/* Create the token */
/* Create the token. */
{
uint8_t crap[itokenlen];
char digest[bubblebabble_len(itokenlen)];
int i;
char digest[bubblebabble_len(itokenlen)];
int i;
/* Digest some random junk */
/* Digest some random junk. */
for (i = 0; i < itokenlen; i += 1) {
crap[i] = (uint8_t)random();
}
bubblebabble(digest, crap, itokenlen);
/* Append digest to service name */
/* Append digest to service name. I use . as a separator because it
won't be URL encoded. */
tokenlen = (size_t)snprintf(token, sizeof(token),
"%s:%s",
"%s.%s",
service, digest);
}
/* Encrypt the token */
/* Note that now tokenlen is in uint32_ts, not chars! */
/* Write that token out now. */
{
char path[100];
FILE *f = NULL;
int ret;
ret = snprintf(path, sizeof(path),
"%s/%s", tokendir, token);
f = fopen(path, "w");
if (f) {
fclose(f);
} else {
printf("!Unable to write token");
return 0;
}
}
/* Encrypt the token. Note that now tokenlen is in uint32_ts, not
chars! */
{
tokenlen = (tokenlen + (tokenlen % 4)) / 4;
tea_encode(key, (uint32_t *)token, tokenlen);
}
/* Send it back */
/* Send it back. If there's an error here, it's okay. Better to have
unclaimed tokens than unclaimable ones. */
fwrite(token, tokenlen, sizeof(uint32_t), stdout);
return 0;