jehanne/sys/src/cmd/auth/lib/netcheck.c

#include <u.h>
#include <libc.h>
#include <bio.h>
#include <authsrv.h>
#include "authcmdlib.h"

/*
 * compute the key verification checksum
 */
void
checksum(char key[], char csum[]) {
	uint8_t buf[8];

	memset(buf, 0, 8);
	encrypt(key, buf, 8);
	sprint(csum, "C %.2ux%.2ux%.2ux%.2ux", buf[0], buf[1], buf[2], buf[3]);
}

/*
 * compute the proper response.  We encrypt the ascii of
 * challenge number, with trailing binary zero fill.
 * This process was derived empirically.
 * this was copied from inet's guard.
 */
char *
netresp(char *key, int32_t chal, char *answer)
{
	uint8_t buf[8];

	memset(buf, 0, 8);
	sprint((char *)buf, "%lud", chal);
	if(encrypt(key, buf, 8) < 0)
		error("can't encrypt response");
	chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];
	sprint(answer, "%.8lux", chal);

	return answer;
}

char *
netdecimal(char *answer)
{
	int i;

	for(i = 0; answer[i]; i++)
		switch(answer[i]){
		case 'a': case 'b': case 'c':
			answer[i] = '2';
			break;
		case 'd': case 'e': case 'f':
			answer[i] = '3';
			break;
		}
	return answer;
}

int
netcheck(void *key, int32_t chal, char *response)
{
	char answer[32], *p;
	int i;

	if(smartcheck(key, chal, response))
		return 1;

	if(p = strchr(response, '\n'))
		*p = '\0';
	netresp(key, chal, answer);

	/*
	 * check for hex response -- securenet mode 1 or 5
	 */
	for(i = 0; response[i]; i++)
		if(response[i] >= 'A' && response[i] <= 'Z')
			response[i] -= 'A' - 'a';
	if(strcmp(answer, response) == 0)
		return 1;

	/*
	 * check for decimal response -- securenet mode 0 or 4
	 */
	return strcmp(netdecimal(answer), response) == 0;
}

int
smartcheck(void *key, int32_t chal, char *response)
{
	uint8_t buf[2*8];
	int i, c, cslo, cshi;

	sprint((char*)buf, "%lud        ", chal);
	cslo = 0x52;
	cshi = cslo;
	for(i = 0; i < 8; i++){
		c = buf[i];
		if(c >= '0' && c <= '9')
			c -= '0';
		cslo += c;
		if(cslo > 0xff)
			cslo -= 0xff;
		cshi += cslo;
		if(cshi > 0xff)
			cshi -= 0xff;
		buf[i] = c | (cshi & 0xf0);
	}

	encrypt(key, buf, 8);
	for(i = 0; i < 8; i++)
		if(response[i] != buf[i] % 10 + '0')
			return 0;
	return 1;
}
first usable version of kernel and commands After an year of hard work, this is a first "usable" version of Jehanne. 2016-11-25 17:18:40 +01:00			`#include <u.h>`
			`#include <libc.h>`
			`#include <bio.h>`
			`#include <authsrv.h>`
			`#include "authcmdlib.h"`

			`/*`
			`* compute the key verification checksum`
			`*/`
			`void`
			`checksum(char key[], char csum[]) {`
			`uint8_t buf[8];`

			`memset(buf, 0, 8);`
			`encrypt(key, buf, 8);`
			`sprint(csum, "C %.2ux%.2ux%.2ux%.2ux", buf[0], buf[1], buf[2], buf[3]);`
			`}`

			`/*`
			`* compute the proper response. We encrypt the ascii of`
			`* challenge number, with trailing binary zero fill.`
			`* This process was derived empirically.`
			`* this was copied from inet's guard.`
			`*/`
			`char *`
			`netresp(char key, int32_t chal, char answer)`
			`{`
			`uint8_t buf[8];`

			`memset(buf, 0, 8);`
			`sprint((char *)buf, "%lud", chal);`
			`if(encrypt(key, buf, 8) < 0)`
			`error("can't encrypt response");`
			`chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];`
			`sprint(answer, "%.8lux", chal);`

			`return answer;`
			`}`

			`char *`
			`netdecimal(char *answer)`
			`{`
			`int i;`

			`for(i = 0; answer[i]; i++)`
			`switch(answer[i]){`
			`case 'a': case 'b': case 'c':`
			`answer[i] = '2';`
			`break;`
			`case 'd': case 'e': case 'f':`
			`answer[i] = '3';`
			`break;`
			`}`
			`return answer;`
			`}`

			`int`
			`netcheck(void key, int32_t chal, char response)`
			`{`
			`char answer[32], *p;`
			`int i;`

			`if(smartcheck(key, chal, response))`
			`return 1;`

			`if(p = strchr(response, '\n'))`
			`*p = '\0';`
			`netresp(key, chal, answer);`

			`/*`
			`* check for hex response -- securenet mode 1 or 5`
			`*/`
			`for(i = 0; response[i]; i++)`
			`if(response[i] >= 'A' && response[i] <= 'Z')`
			`response[i] -= 'A' - 'a';`
			`if(strcmp(answer, response) == 0)`
			`return 1;`

			`/*`
			`* check for decimal response -- securenet mode 0 or 4`
			`*/`
			`return strcmp(netdecimal(answer), response) == 0;`
			`}`

			`int`
			`smartcheck(void key, int32_t chal, char response)`
			`{`
			`uint8_t buf[2*8];`
			`int i, c, cslo, cshi;`

			`sprint((char*)buf, "%lud ", chal);`
			`cslo = 0x52;`
			`cshi = cslo;`
			`for(i = 0; i < 8; i++){`
			`c = buf[i];`
			`if(c >= '0' && c <= '9')`
			`c -= '0';`
			`cslo += c;`
			`if(cslo > 0xff)`
			`cslo -= 0xff;`
			`cshi += cslo;`
			`if(cshi > 0xff)`
			`cshi -= 0xff;`
			`buf[i] = c \| (cshi & 0xf0);`
			`}`

			`encrypt(key, buf, 8);`
			`for(i = 0; i < 8; i++)`
			`if(response[i] != buf[i] % 10 + '0')`
			`return 0;`
			`return 1;`
			`}`