diff options
Diffstat (limited to 'src/util/crypto/libcrypto/crypto_obfuscate.c')
-rw-r--r-- | src/util/crypto/libcrypto/crypto_obfuscate.c | 285 |
1 files changed, 283 insertions, 2 deletions
diff --git a/src/util/crypto/libcrypto/crypto_obfuscate.c b/src/util/crypto/libcrypto/crypto_obfuscate.c index 026e993c6..e303e8c80 100644 --- a/src/util/crypto/libcrypto/crypto_obfuscate.c +++ b/src/util/crypto/libcrypto/crypto_obfuscate.c @@ -1,16 +1,297 @@ +/* + SSSD + + Password obfuscation logic + + Authors: + George McCollister <george.mccollister@gmail.com> + + Copyright (C) George McCollister 2012 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* + * READ ME: + * + * Please note that password obfuscation does not improve security in any + * way. It is just a mechanism to make the password human-unreadable. If you + * need to secure passwords in your application, you should probably take a + * look at storing passwords in NSS-backed database. + */ + +#include "config.h" #include <talloc.h> #include <errno.h> +#include "util/util.h" #include "util/crypto/sss_crypto.h" +#include <openssl/evp.h> +#include <openssl/rand.h> + +#define OBF_BUFFER_SENTINEL "\0\1\2\3" +#define OBF_BUFFER_SENTINEL_SIZE 4 + +struct crypto_mech_data { + const EVP_CIPHER * (*cipher)(void); + uint16_t keylen; + uint16_t bsize; +}; + +static struct crypto_mech_data cmdata[] = { + /* AES with automatic padding, 256b key, 128b block */ + { EVP_aes_256_cbc, 32, 16 }, + /* sentinel */ + { 0, 0, 0 } +}; + +static struct crypto_mech_data *get_crypto_mech_data(enum obfmethod meth) +{ + if (meth >= NUM_OBFMETHODS) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Unsupported cipher type\n")); + return NULL; + } + return &cmdata[meth]; +} + int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen, enum obfmethod meth, char **obfpwd) { - return ENOSYS; + int ret; + EVP_CIPHER_CTX ctx; + struct crypto_mech_data *mech_props; + TALLOC_CTX *tmp_ctx = NULL; + unsigned char *keybuf; + unsigned char *ivbuf; + unsigned char *cryptotext; + int ct_maxsize; + int ctlen = 0; + int digestlen = 0; + int result_len; + + unsigned char *obfbuf; + size_t obufsize = 0; + size_t p = 0; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + EVP_CIPHER_CTX_init(&ctx); + + mech_props = get_crypto_mech_data(meth); + if (mech_props == NULL) { + ret = EINVAL; + goto done; + } + + keybuf = talloc_array(tmp_ctx, unsigned char, mech_props->keylen); + if (keybuf == NULL) { + ret = ENOMEM; + goto done; + } + + ivbuf = talloc_array(tmp_ctx, unsigned char, mech_props->bsize); + if (ivbuf == NULL) { + ret = ENOMEM; + goto done; + } + + RAND_bytes(keybuf, mech_props->keylen); + RAND_bytes(ivbuf, mech_props->bsize); + + /* cryptotext buffer must be at least len(plaintext)+blocksize */ + ct_maxsize = plen + (mech_props->bsize); + cryptotext = talloc_array(tmp_ctx, unsigned char, ct_maxsize); + if (!cryptotext) { + ret = ENOMEM; + goto done; + } + + if (!EVP_EncryptInit_ex(&ctx, mech_props->cipher(), 0, keybuf, ivbuf)) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failure to initialize cipher contex\n")); + ret = EIO; + goto done; + } + + /* sample data we'll encrypt and decrypt */ + if (!EVP_EncryptUpdate(&ctx, cryptotext, &ctlen, (const unsigned char*)password, plen)) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot execute the encryption operation\n")); + ret = EIO; + goto done; + } + + if(!EVP_EncryptFinal_ex(&ctx, cryptotext+ctlen, &digestlen)) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot finialize the encryption operation\n")); + ret = EIO; + goto done; + } + + result_len = ctlen + digestlen; + + /* Pack the obfuscation buffer */ + /* The buffer consists of: + * uint16_t the type of the cipher + * uint32_t length of the cryptotext in bytes (clen) + * uint8_t[klen] key + * uint8_t[blen] IV + * uint8_t[clen] cryptotext + * 4 bytes of "sentinel" denoting end of the buffer + */ + obufsize = sizeof(uint16_t) + sizeof(uint32_t) + + mech_props->keylen + mech_props->bsize + + result_len + OBF_BUFFER_SENTINEL_SIZE; + obfbuf = talloc_array(tmp_ctx, unsigned char, obufsize); + if (!obfbuf) { + ret = ENOMEM; + goto done; + } + + DEBUG(SSSDBG_TRACE_FUNC, ("Writing method: %d\n", meth)); + SAFEALIGN_SET_UINT16(&obfbuf[p], meth, &p); + DEBUG(SSSDBG_TRACE_FUNC, ("Writing bufsize: %d\n", result_len)); + SAFEALIGN_SET_UINT16(&obfbuf[p], result_len, &p); + safealign_memcpy(&obfbuf[p], keybuf, mech_props->keylen, &p); + safealign_memcpy(&obfbuf[p], ivbuf, mech_props->bsize, &p); + safealign_memcpy(&obfbuf[p], cryptotext, result_len, &p); + safealign_memcpy(&obfbuf[p], OBF_BUFFER_SENTINEL, + OBF_BUFFER_SENTINEL_SIZE, &p); + + /* Base64 encode the resulting buffer */ + *obfpwd = sss_base64_encode(mem_ctx, obfbuf, obufsize); + if (*obfpwd == NULL) { + ret = ENOMEM; + goto done; + } + + ret = EOK; + +done: + talloc_free(tmp_ctx); + EVP_CIPHER_CTX_cleanup(&ctx); + return ret; } int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded, char **password) { - return ENOSYS; + int ret; + EVP_CIPHER_CTX ctx; + TALLOC_CTX *tmp_ctx = NULL; + struct crypto_mech_data *mech_props; + + int plainlen; + int digestlen; + unsigned char *obfbuf = NULL; + size_t obflen; + char *pwdbuf; + + /* for unmarshaling data */ + uint16_t meth; + uint16_t ctsize; + size_t p = 0; + unsigned char *cryptotext; + unsigned char *keybuf; + unsigned char *ivbuf; + unsigned char sentinel_check[OBF_BUFFER_SENTINEL_SIZE]; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + EVP_CIPHER_CTX_init(&ctx); + + /* Base64 decode the incoming buffer */ + obfbuf = sss_base64_decode(tmp_ctx, b64encoded, &obflen); + if (!obfbuf) { + ret = ENOMEM; + goto done; + } + + /* unpack obfuscation buffer */ + SAFEALIGN_COPY_UINT16_CHECK(&meth, obfbuf+p, obflen, &p); + DEBUG(SSSDBG_TRACE_FUNC, ("Read method: %d\n", meth)); + SAFEALIGN_COPY_UINT16_CHECK(&ctsize, obfbuf+p, obflen, &p); + DEBUG(SSSDBG_TRACE_FUNC, ("Read bufsize: %d\n", ctsize)); + + mech_props = get_crypto_mech_data(meth); + if (mech_props == NULL) { + ret = EINVAL; + goto done; + } + + /* check that we got sane mechanism properties and cryptotext size */ + memcpy(sentinel_check, + obfbuf + p + mech_props->keylen + mech_props->bsize + ctsize, + OBF_BUFFER_SENTINEL_SIZE); + if (memcmp(sentinel_check, OBF_BUFFER_SENTINEL, OBF_BUFFER_SENTINEL_SIZE) != 0) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Obfuscation buffer seems corrupt, aborting\n")); + ret = EFAULT; + goto done; + } + + /* copy out key, ivbuf and cryptotext */ + keybuf = talloc_array(tmp_ctx, unsigned char, mech_props->keylen); + if (keybuf == NULL) { + ret = ENOMEM; + goto done; + } + safealign_memcpy(keybuf, obfbuf+p, mech_props->keylen, &p); + + ivbuf = talloc_array(tmp_ctx, unsigned char, mech_props->bsize); + if (ivbuf == NULL) { + ret = ENOMEM; + goto done; + } + safealign_memcpy(ivbuf, obfbuf+p, mech_props->bsize, &p); + + cryptotext = talloc_array(tmp_ctx, unsigned char, ctsize); + if (cryptotext == NULL) { + ret = ENOMEM; + goto done; + } + safealign_memcpy(cryptotext, obfbuf+p, ctsize, &p); + + pwdbuf = talloc_array(tmp_ctx, char, ctsize); + if (!pwdbuf) { + ret = ENOMEM; + goto done; + } + + if (!EVP_DecryptInit_ex(&ctx, mech_props->cipher(), 0, keybuf, ivbuf)) { + ret = EIO; + goto done; + } + + /* sample data we'll encrypt and decrypt */ + if (!EVP_DecryptUpdate(&ctx, (unsigned char*)pwdbuf, &plainlen, cryptotext, ctsize)) { + ret = EIO; + goto done; + } + + if(!EVP_DecryptFinal_ex(&ctx, (unsigned char*)pwdbuf+plainlen, &digestlen)) { + ret = EIO; + goto done; + } + + *password = talloc_move(mem_ctx, &pwdbuf); + ret = EOK; +done: + talloc_free(tmp_ctx); + EVP_CIPHER_CTX_cleanup(&ctx); + return ret; } |