3 * Reg_svr protocol and encryption/decryption routines
5 * Copyright (C) 1998 by the Massachusetts Institute of Technology
6 * For copying and distribution information, please see the file
11 #include <mit-copyright.h>
33 R_RSA_PRIVATE_KEY *rsa_key;
34 char *emsg[NUM_REG_ERRORS], *ename[NUM_REG_ERRORS];
39 void (*handler)(reg_client *rc, int argc, char **argv);
49 void parse_pdu(reg_client *rc, long len, char *buf);
50 void printhex(unsigned char *buf, int len);
52 int read_rsa_key(void)
57 if (stat(REG_SVR_RSA_KEY, &statbuf))
60 fd = open(REG_SVR_RSA_KEY, O_RDONLY);
64 rsa_key = malloc(statbuf.st_size);
68 if (read(fd, rsa_key, statbuf.st_size) != statbuf.st_size)
81 errs = fopen(REG_SVR_ERROR_MESSAGES, "r");
84 for (i = 0; i < NUM_REG_ERRORS && !feof(errs); i++)
86 if (errbuf[0] != '#' || errbuf[1] != ' ')
87 sprintf(errbuf, "# %d", i);
88 ename[i] = strdup(errbuf + 2);
89 if (ename[i][strlen(ename[i]) - 1] == '\n')
90 ename[i][strlen(ename[i]) - 1] = '\0';
92 if (!ename[i] || !emsg[i])
95 if (!fgets(errbuf, sizeof(errbuf) - 1, errs))
100 if ((p = strchr(errbuf, '\n')) > errbuf)
105 emsg[i] = realloc(emsg[i], strlen(emsg[i]) + strlen(errbuf) + 1);
108 strcat(emsg[i], errbuf);
113 if (i < NUM_REG_ERRORS)
115 com_err(whoami, 0, "Not enough error messages in %s",
116 REG_SVR_ERROR_MESSAGES);
122 void parse_packet(reg_client *rc, int type, long len, char *buf, int sleeping)
126 case REG_RSA_ENCRYPTED_KEY:
128 unsigned char key[MAX_ENCRYPTED_KEY_LEN];
131 if (RSAPrivateDecrypt(key, &keylen, buf, len, rsa_key) || keylen != 8)
133 reply(rc, ENCRYPT_KEY, "INIT", "c", NULL);
136 des_key_sched(key, rc->sched);
140 reply(rc, DATABASE_CLOSED, "INIT", "c", NULL);
142 reply(rc, NO_MESSAGE, "GETN", "c", NULL);
148 char *outbuf, iv[8] = {0, 0, 0, 0, 0, 0, 0, 0};
152 reply(rc, INTERNAL_ERROR, "INIT", "c", NULL,
153 "Encrypted packet unexpected");
157 outbuf = malloc(len + 7);
160 reply(rc, INTERNAL_ERROR, "INIT", "c", NULL, "Out of memory");
163 des_cbc_encrypt(buf, outbuf, len, rc->sched, iv, 0);
165 /* Undo PKCS#5 padding */
166 len -= outbuf[len - 1];
168 parse_pdu(rc, len - 8, outbuf + 8);
173 #ifdef ALLOW_UNENCRYPTED
174 case REG_UNENCRYPTED:
175 parse_pdu(rc, len, buf);
180 com_err(whoami, 0, "Bad packet (type %d, len %d)", type, len);
185 void parse_pdu(reg_client *rc, long len, char *buf)
189 void (*handler)(reg_client *rc, int argc, char **argv) = NULL;
191 if (len < 8 || strcmp(buf, "v1"))
193 com_err(whoami, 0, "Bad packet version number %s", buf);
194 reply(rc, PROTOCOL_ERROR, "INIT", "c", NULL);
200 for (i = 0; handlers[i].name; i++)
202 if (!strcmp(buf, handlers[i].name))
204 handler = handlers[i].handler;
210 com_err(whoami, 0, "Bad packet request %s", buf);
211 reply(rc, PROTOCOL_ERROR, "INIT", "c", NULL);
217 for (argc = 0, p = buf; p < buf + len; p++)
223 argv = malloc(argc * sizeof(char *));
226 com_err(whoami, 0, "in parse_pdu");
227 reply(rc, INTERNAL_ERROR, "INIT", "c", NULL, "Out of memory");
231 fprintf(stderr, "%s[#%d]: %s", whoami, rc->clientid, handlers[i].name);
232 for (argc = 0, p = buf - 1; p < buf + len - 1; p++)
236 argv[argc++] = p + 1;
237 if (strcmp(handlers[i].name, "PSWD") != 0)
238 fprintf(stderr, " '%s'", p + 1);
241 fprintf(stderr, "\n");
244 for (i = 0; i < argc; i++)
246 handler(rc, argc, argv);
250 void reply(reg_client *rc, int msg, char *state, char *clean, char *data,
253 /* reply() can't malloc, since it might be returning an "out of memory"
254 error. We'll use a static buffer which is much larger than any
255 message we'd be returning, and callers have to make sure that any
256 user-generated data is length-limited. */
257 static char buf[8192], outbuf[8192];
259 int len, pad, pcount;
262 unsigned short *nrand;
264 com_err(whoami, 0, "Reply: %s, go to state %s %s", ename[msg], state, clean);
268 memcpy(buf + 3, &junk, 4);
270 memcpy(buf + 7, &junk, 4);
271 nrand = seed48(rc->random);
272 memcpy(rc->random, nrand, 48);
274 memcpy(buf + 11, "v1", 3);
275 memcpy(buf + 14, state, len = strlen(state) + 1);
278 p += vsprintf(p, emsg[msg], ap);
281 memcpy(p, clean, len = strlen(clean) + 1);
285 memcpy(p, data, len = strlen(data) + 1);
291 for (pcount = pad; pcount; pcount--)
292 buf[3 + len++] = pad;
296 char iv[8] = {0, 0, 0, 0, 0, 0, 0, 0};
298 des_cbc_encrypt(buf + 3, outbuf + 3, len, rc->sched, iv, 1);
305 *p = REG_UNENCRYPTED;
310 write(rc->fd, p, len + 3);
312 /* If we're going to INIT, set lastmod to 0 to cause the connection
313 to be closed once we return to the main loop */
314 if (!strcmp(state, "INIT"))
318 char hexd[] = { '0', '1', '2', '3', '4', '5', '6', '7',
319 '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
321 void printhex(unsigned char *buf, int len)
325 printf("%c%c", hexd[*buf>>4], hexd[*buf%0x10]);