• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Utility program for generating entries in /etc/ppp/srp-secrets
3  *
4  * Copyright (c) 2001 by Sun Microsystems, Inc.
5  * All rights reserved.
6  *
7  * Non-exclusive rights to redistribute, modify, translate, and use
8  * this software in source and binary forms, in whole or in part, is
9  * hereby granted, provided that the above copyright notice is
10  * duplicated in any source form, and that neither the name of the
11  * copyright holder nor the author is used to endorse or promote
12  * products derived from this software.
13  *
14  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
16  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17  *
18  * Original version by James Carlson
19  *
20  * Usage:
21  *	srp-entry [-i index] [clientname]
22  *
23  * Index, if supplied, is the modulus/generator index from
24  * /etc/tpasswd.conf.  If not supplied, then the last (highest
25  * numbered) entry from that file is used.  If the file doesn't exist,
26  * then the default "well known" EAP SRP-SHA1 modulus/generator is
27  * used.
28  *
29  * The default modulus/generator can be requested as index 0.
30  */
31 
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <unistd.h>
35 #include <string.h>
36 #include <ctype.h>
37 #include <t_pwd.h>
38 
39 #ifndef	SOL2
40 #define	getpassphrase	getpass
41 #endif
42 
43 #define	HAS_SPACE	1
44 #define	HAS_DQUOTE	2
45 #define	HAS_SQUOTE	4
46 #define	HAS_BACKSLASH	8
47 
48 static const u_char wkmodulus[] = {
49 	0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B,
50 	0xF1, 0x66, 0xDE, 0x5E, 0x13, 0x89, 0x58, 0x2F,
51 	0xAF, 0x72, 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07,
52 	0xFC, 0x31, 0x92, 0x94, 0x3D, 0xB5, 0x60, 0x50,
53 	0xA3, 0x73, 0x29, 0xCB, 0xB4, 0xA0, 0x99, 0xED,
54 	0x81, 0x93, 0xE0, 0x75, 0x77, 0x67, 0xA1, 0x3D,
55 	0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, 0x31, 0x0D,
56 	0xCD, 0x7F, 0x48, 0xA9, 0xDA, 0x04, 0xFD, 0x50,
57 	0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0,
58 	0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3,
59 	0x66, 0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8,
60 	0x29, 0x18, 0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8,
61 	0x55, 0xF9, 0x79, 0x93, 0xEC, 0x97, 0x5E, 0xEA,
62 	0xA8, 0x0D, 0x74, 0x0A, 0xDB, 0xF4, 0xFF, 0x74,
63 	0x73, 0x59, 0xD0, 0x41, 0xD5, 0xC3, 0x3E, 0xA7,
64 	0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14, 0x77, 0x3B,
65 	0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80, 0x16,
66 	0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81,
67 	0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A,
68 	0x5B, 0x9D, 0x32, 0xE6, 0x88, 0xF8, 0x77, 0x48,
69 	0x54, 0x45, 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D,
70 	0x5E, 0xA7, 0x7A, 0x27, 0x75, 0xD2, 0xEC, 0xFA,
71 	0x03, 0x2C, 0xFB, 0xDB, 0xF5, 0x2F, 0xB3, 0x78,
72 	0x61, 0x60, 0x27, 0x90, 0x04, 0xE5, 0x7A, 0xE6,
73 	0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, 0x53, 0x29,
74 	0x9C, 0xCC, 0x04, 0x1C, 0x7B, 0xC3, 0x08, 0xD8,
75 	0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82,
76 	0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6,
77 	0x94, 0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4,
78 	0x35, 0xDE, 0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75,
79 	0x9B, 0x65, 0xE3, 0x72, 0xFC, 0xD6, 0x8E, 0xF2,
80 	0x0F, 0xA7, 0x11, 0x1F, 0x9E, 0x4A, 0xFF, 0x73
81 };
82 
83 static const char *myname;
84 
85 static void
usage(void)86 usage(void)
87 {
88 	(void) fprintf(stderr, "Usage:\n\t%s [-i index] [clientname]\n",
89 	    myname);
90 	exit(1);
91 }
92 
93 int
main(int argc,char ** argv)94 main(int argc, char **argv)
95 {
96 	struct t_conf *tc;
97 	struct t_confent *tcent, mytce;
98 	struct t_pw pwval;
99 	char *name;
100 	char pname[256];
101 	char *pass1, *pass2;
102 	int flags, idx;
103 	char *cp;
104 	char delimit;
105 	char strbuf[MAXB64PARAMLEN];
106 	char saltbuf[MAXB64SALTLEN];
107 
108 	if ((myname = *argv) == NULL)
109 		myname = "srp-entry";
110 	else
111 		argv++;
112 
113 	idx = -1;
114 	if (*argv != NULL && strcmp(*argv, "-i") == 0) {
115 		if (*++argv == NULL)
116 			usage();
117 		idx = atoi(*argv++);
118 	}
119 
120 	tcent = NULL;
121 	if (idx != 0 && (tc = t_openconf(NULL)) != NULL) {
122 		if (idx == -1)
123 			tcent = t_getconflast(tc);
124 		else
125 			tcent = t_getconfbyindex(tc, idx);
126 	}
127 	if (idx <= 0 && tcent == NULL) {
128 		mytce.index = 0;
129 		mytce.modulus.data = (u_char *)wkmodulus;
130 		mytce.modulus.len = sizeof (wkmodulus);
131 		mytce.generator.data = (u_char *)"\002";
132 		mytce.generator.len = 1;
133 		tcent = &mytce;
134 	}
135 	if (tcent == NULL) {
136 		(void) fprintf(stderr, "SRP modulus/generator %d not found\n",
137 		    idx);
138 		exit(1);
139 	}
140 
141 	if ((name = *argv) == NULL) {
142 		(void) printf("Client name: ");
143 		if (fgets(pname, sizeof (pname), stdin) == NULL)
144 			exit(1);
145 		if ((cp = strchr(pname, '\n')) != NULL)
146 			*cp = '\0';
147 		name = pname;
148 	}
149 
150 	for (;;) {
151 		if ((pass1 = getpassphrase("Pass phrase: ")) == NULL)
152 			exit(1);
153 		pass1 = strdup(pass1);
154 		if ((pass2 = getpassphrase("Re-enter phrase: ")) == NULL)
155 			exit(1);
156 		if (strcmp(pass1, pass2) == 0)
157 			break;
158 		free(pass1);
159 		(void) printf("Phrases don't match; try again.\n");
160 	}
161 
162 	memset(&pwval, 0, sizeof (pwval));
163 	t_makepwent(&pwval, name, pass1, NULL, tcent);
164 	flags = 0;
165 	for (cp = name; *cp != '\0'; cp++)
166 		if (isspace(*cp))
167 			flags |= HAS_SPACE;
168 		else if (*cp == '"')
169 			flags |= HAS_DQUOTE;
170 		else if (*cp == '\'')
171 			flags |= HAS_SQUOTE;
172 		else if (*cp == '\\')
173 			flags |= HAS_BACKSLASH;
174 	delimit = flags == 0 ? '\0' : (flags & HAS_DQUOTE) ? '\'' : '"';
175 	if (delimit != '\0')
176 		(void) putchar(delimit);
177 	for (cp = name; *cp != '\0'; cp++) {
178 		if (*cp == delimit || *cp == '\\')
179 			(void) putchar('\\');
180 		(void) putchar(*cp);
181 	}
182 	if (delimit != '\0')
183 		(void) putchar(delimit);
184 	(void) printf(" * %d:%s:%s *\n",
185 	    pwval.pebuf.index, t_tob64(strbuf,
186 		(char *)pwval.pebuf.password.data, pwval.pebuf.password.len),
187 	    t_tob64(saltbuf, (char *)pwval.pebuf.salt.data,
188 		pwval.pebuf.salt.len));
189 	return 0;
190 }
191