summaryrefslogtreecommitdiff
path: root/sys/src/libauthsrv/readnvram.c
diff options
context:
space:
mode:
authorcinap_lenrek <cinap_lenrek@felloff.net>2015-08-21 02:43:31 +0200
committercinap_lenrek <cinap_lenrek@felloff.net>2015-08-21 02:43:31 +0200
commit63b18e79252845d09abbad44672eabd9233a911b (patch)
treea71e5f93e01bf695bca43cc148ebf9a2c9a738c7 /sys/src/libauthsrv/readnvram.c
parente48a5832b26f817ab06db2d42f88288373b78fac (diff)
introduce AES key into nvram and keyfs
Diffstat (limited to 'sys/src/libauthsrv/readnvram.c')
-rw-r--r--sys/src/libauthsrv/readnvram.c26
1 files changed, 18 insertions, 8 deletions
diff --git a/sys/src/libauthsrv/readnvram.c b/sys/src/libauthsrv/readnvram.c
index 5d054725d..ae708acbc 100644
--- a/sys/src/libauthsrv/readnvram.c
+++ b/sys/src/libauthsrv/readnvram.c
@@ -268,13 +268,22 @@ readnvram(Nvrsafe *safep, int flag)
/* verify data read */
err |= check(safe->machkey, DESKEYLEN, safe->machsum,
- "bad nvram key");
-// err |= check(safe->config, CONFIGLEN, safe->configsum,
-// "bad secstore key");
+ "bad nvram des key");
err |= check(safe->authid, ANAMELEN, safe->authidsum,
"bad authentication id");
err |= check(safe->authdom, DOMLEN, safe->authdomsum,
"bad authentication domain");
+ if(0){
+ err |= check(safe->config, CONFIGLEN, safe->configsum,
+ "bad secstore key");
+ err |= check(safe->aesmachkey, AESKEYLEN, safe->aesmachsum,
+ "bad nvram aes key");
+ } else {
+ if(nvcsum(safe->config, CONFIGLEN) != safe->configsum)
+ memset(safe->config, 0, CONFIGLEN);
+ if(nvcsum(safe->aesmachkey, AESKEYLEN) != safe->aesmachsum)
+ memset(safe->aesmachkey, 0, AESKEYLEN);
+ }
if(err == 0)
if(safe->authid[0]==0 || safe->authdom[0]==0){
fprint(2, "empty nvram authid or authdom\n");
@@ -296,18 +305,19 @@ readnvram(Nvrsafe *safep, int flag)
if(readcons("password", nil, 1, in, sizeof in) == nil)
goto Out;
- if(passtokey(&k, in)){
- memmove(safe->machkey, k.des, DESKEYLEN);
- break;
- }
+ passtokey(&k, in);
+ memmove(safe->machkey, k.des, DESKEYLEN);
+ memmove(safe->aesmachkey, k.aes, AESKEYLEN);
+ break;
}
}
- // safe->authsum = nvcsum(safe->authkey, DESKEYLEN);
safe->machsum = nvcsum(safe->machkey, DESKEYLEN);
+ // safe->authsum = nvcsum(safe->authkey, DESKEYLEN);
safe->configsum = nvcsum(safe->config, CONFIGLEN);
safe->authidsum = nvcsum(safe->authid, sizeof safe->authid);
safe->authdomsum = nvcsum(safe->authdom, sizeof safe->authdom);
+ safe->aesmachsum = nvcsum(safe->aesmachkey, AESKEYLEN);
*(Nvrsafe*)buf = *safe;
if(loc.fd < 0
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 06:48:26 +0000