2 * Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 RCSID("$OpenBSD: auth-skey.c,v 1.9 2000/10/19 16:41:13 deraadt Exp $");
31 #include <openssl/sha.h>
33 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
36 * try skey authentication,
37 * return 1 on success, 0 on failure, -1 if skey is not available
41 auth_skey_password(struct passwd * pw, const char *password)
43 if (strncasecmp(password, "s/key", 5) == 0) {
44 char *skeyinfo = skey_keyinfo(pw->pw_name);
45 if (skeyinfo == NULL) {
46 debug("generating fake skeyinfo for %.100s.",
48 skeyinfo = skey_fake_keyinfo(pw->pw_name);
51 packet_send_debug("%s", skeyinfo);
54 } else if (skey_haskey(pw->pw_name) == 0 &&
55 skey_passcheck(pw->pw_name, (char *) password) != -1) {
56 /* Authentication succeeded. */
59 /* Fall back to ordinary passwd authentication. */
63 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
65 #define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
78 if ((strlen(s) % sizeof(u_int32_t)) == 0)
79 target = strlen(s); /* Multiple of 4 */
81 target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
83 for (i = 0, len = 0; len < target; len += 4)
90 skey_fake_keyinfo(char *username)
94 u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up;
95 char pbuf[SKEY_MAX_PW_LEN+1];
96 static char skeyprompt[SKEY_MAX_CHALLENGE+1];
103 * Base first 4 chars of seed on hostname.
104 * Add some filler for short hostnames if necessary.
106 if (gethostname(pbuf, sizeof(pbuf)) == -1)
109 for (p = pbuf; *p && isalnum(*p); p++)
110 if (isalpha(*p) && isupper(*p))
112 if (*p && pbuf - p < 4)
113 (void)strncpy(p, "asjd", 4 - (pbuf - p));
116 /* Hash the username if possible */
117 up = malloc(SHA_DIGEST_LENGTH);
124 SHA1_Update(&ctx, username, strlen(username));
125 SHA1_Final(up, &ctx);
127 /* Collapse the hash */
128 ptr = hash_collapse(up);
129 memset(up, 0, strlen(up));
131 /* See if the random file's there, else use ctime */
132 if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1
133 && fstat(fd, &sb) == 0 &&
134 sb.st_size > (off_t)SKEY_MAX_SEED_LEN &&
135 lseek(fd, ptr % (sb.st_size - SKEY_MAX_SEED_LEN),
136 SEEK_SET) != -1 && read(fd, hseed,
137 SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) {
141 secretlen = SKEY_MAX_SEED_LEN;
143 } else if (!stat(_PATH_MEM, &sb) || !stat("/", &sb)) {
146 secretlen = strlen(secret);
153 /* Put that in your pipe and smoke it */
155 /* Hash secret value with username */
157 SHA1_Update(&ctx, secret, secretlen);
158 SHA1_Update(&ctx, username, strlen(username));
159 SHA1_Final(up, &ctx);
162 memset(secret, 0, secretlen);
164 /* Now hash the hash */
166 SHA1_Update(&ctx, up, strlen(up));
167 SHA1_Final(up, &ctx);
169 ptr = hash_collapse(up + 4);
171 for (i = 4; i < 9; i++) {
172 pbuf[i] = (ptr % 10) + '0';
177 /* Sequence number */
178 ptr = ((up[2] + up[3]) % 99) + 1;
180 memset(up, 0, SHA_DIGEST_LENGTH); /* SHA1 specific */
183 (void)snprintf(skeyprompt, sizeof skeyprompt,
185 SKEY_MAX_HASHNAME_LEN,
186 skey_get_algorithm(),
187 ptr, SKEY_MAX_SEED_LEN,
190 /* Base last 8 chars of seed on username */
196 /* Pad remainder with zeros */
202 *p++ = (*u++ % 10) + '0';
206 (void)snprintf(skeyprompt, sizeof skeyprompt,
208 SKEY_MAX_HASHNAME_LEN,
209 skey_get_algorithm(),
210 99, SKEY_MAX_SEED_LEN, pbuf);