diff options
| author | Taru Karttunen <taruti@taruti.net> | 2011-03-30 15:46:40 +0300 |
|---|---|---|
| committer | Taru Karttunen <taruti@taruti.net> | 2011-03-30 15:46:40 +0300 |
| commit | e5888a1ffdae813d7575f5fb02275c6bb07e5199 (patch) | |
| tree | d8d51eac403f07814b9e936eed0c9a79195e2450 /sys/src/cmd/auth/lib/netcheck.c | |
Import sources from 2011-03-30 iso image
Diffstat (limited to 'sys/src/cmd/auth/lib/netcheck.c')
| -rwxr-xr-x | sys/src/cmd/auth/lib/netcheck.c | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/sys/src/cmd/auth/lib/netcheck.c b/sys/src/cmd/auth/lib/netcheck.c new file mode 100755 index 000000000..5e4220c25 --- /dev/null +++ b/sys/src/cmd/auth/lib/netcheck.c @@ -0,0 +1,111 @@ +#include <u.h> +#include <libc.h> +#include <bio.h> +#include "authcmdlib.h" + +/* + * compute the key verification checksum + */ +void +checksum(char key[], char csum[]) { + uchar buf[8]; + + memset(buf, 0, 8); + encrypt(key, buf, 8); + sprint(csum, "C %.2ux%.2ux%.2ux%.2ux", buf[0], buf[1], buf[2], buf[3]); +} + +/* + * compute the proper response. We encrypt the ascii of + * challenge number, with trailing binary zero fill. + * This process was derived empirically. + * this was copied from inet's guard. + */ +char * +netresp(char *key, long chal, char *answer) +{ + uchar buf[8]; + + memset(buf, 0, 8); + sprint((char *)buf, "%lud", chal); + if(encrypt(key, buf, 8) < 0) + error("can't encrypt response"); + chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3]; + sprint(answer, "%.8lux", chal); + + return answer; +} + +char * +netdecimal(char *answer) +{ + int i; + + for(i = 0; answer[i]; i++) + switch(answer[i]){ + case 'a': case 'b': case 'c': + answer[i] = '2'; + break; + case 'd': case 'e': case 'f': + answer[i] = '3'; + break; + } + return answer; +} + +int +netcheck(void *key, long chal, char *response) +{ + char answer[32], *p; + int i; + + if(smartcheck(key, chal, response)) + return 1; + + if(p = strchr(response, '\n')) + *p = '\0'; + netresp(key, chal, answer); + + /* + * check for hex response -- securenet mode 1 or 5 + */ + for(i = 0; response[i]; i++) + if(response[i] >= 'A' && response[i] <= 'Z') + response[i] -= 'A' - 'a'; + if(strcmp(answer, response) == 0) + return 1; + + /* + * check for decimal response -- securenet mode 0 or 4 + */ + return strcmp(netdecimal(answer), response) == 0; +} + +int +smartcheck(void *key, long chal, char *response) +{ + uchar buf[2*8]; + int i, c, cslo, cshi; + + sprint((char*)buf, "%lud ", chal); + cslo = 0x52; + cshi = cslo; + for(i = 0; i < 8; i++){ + c = buf[i]; + if(c >= '0' && c <= '9') + c -= '0'; + cslo += c; + if(cslo > 0xff) + cslo -= 0xff; + cshi += cslo; + if(cshi > 0xff) + cshi -= 0xff; + buf[i] = c | (cshi & 0xf0); + } + + encrypt(key, buf, 8); + for(i = 0; i < 8; i++) + if(response[i] != buf[i] % 10 + '0') + return 0; + return 1; +} |