Annotation of src/usr.bin/skey/skey.c, Revision 1.20
1.20 ! otto 1: /* $OpenBSD: skey.c,v 1.19 2003/06/10 18:24:40 deraadt Exp $ */
1.1 deraadt 2: /*
1.15 millert 3: * OpenBSD S/Key (skey.c)
1.1 deraadt 4: *
5: * Authors:
6: * Neil M. Haller <nmh@thumper.bellcore.com>
7: * Philip R. Karn <karn@chicago.qualcomm.com>
8: * John S. Walden <jsw@thumper.bellcore.com>
9: * Scott Chasin <chasin@crimelab.com>
1.15 millert 10: * Todd C. Miller <Todd.Miller@courtesan.com>
1.1 deraadt 11: *
12: *
13: * Stand-alone program for computing responses to S/Key challenges.
14: * Takes the iteration count and seed as command line args, prompts
15: * for the user's key, and produces both word and hex format responses.
16: *
17: * Usage example:
18: * >skey 88 ka9q2
19: * Enter password:
20: * OMEN US HORN OMIT BACK AHOY
21: * >
22: *
23: */
24:
25: #include <stdio.h>
26: #include <stdlib.h>
27: #include <string.h>
1.3 millert 28: #include <err.h>
29: #include <unistd.h>
30: #include <skey.h>
1.1 deraadt 31:
1.17 millert 32: void usage(char *);
1.1 deraadt 33:
34: int
1.19 deraadt 35: main(int argc, char *argv[])
1.1 deraadt 36: {
1.3 millert 37: int n, i, cnt = 1, pass = 0, hexmode = 0;
1.8 millert 38: char passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
1.12 millert 39: char buf[33], *seed, *slash;
1.1 deraadt 40:
1.5 millert 41: /* If we were called as otp-METHOD, set algorithm based on that */
1.9 millert 42: if ((slash = strrchr(argv[0], '/')))
1.15 millert 43: slash++;
1.9 millert 44: else
1.15 millert 45: slash = argv[0];
1.9 millert 46: if (strncmp(slash, "otp-", 4) == 0) {
47: slash += 4;
48: if (skey_set_algorithm(slash) == NULL)
49: errx(1, "Unknown hash algorithm %s", slash);
1.1 deraadt 50: }
51:
1.5 millert 52: for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) {
53: if (argv[i][2] == '\0') {
54: /* Single character switch */
55: switch (argv[i][1]) {
56: case 'n':
1.15 millert 57: if (++i == argc)
1.5 millert 58: usage(argv[0]);
1.15 millert 59: cnt = atoi(argv[i]);
1.5 millert 60: break;
61: case 'p':
1.15 millert 62: if (++i == argc)
1.5 millert 63: usage(argv[0]);
1.15 millert 64: if (strlcpy(passwd, argv[i], sizeof(passwd)) >=
1.13 deraadt 65: sizeof(passwd))
66: errx(1, "Password too long");
1.5 millert 67: pass = 1;
68: break;
69: case 'x':
70: hexmode = 1;
71: break;
72: default:
73: usage(argv[0]);
74: }
75: } else {
76: /* Multi character switches are hash types */
77: if (skey_set_algorithm(&argv[i][1]) == NULL) {
78: warnx("Unknown hash algorithm %s", &argv[i][1]);
79: usage(argv[0]);
80: }
1.4 millert 81: }
1.5 millert 82: i++;
1.4 millert 83: }
1.7 millert 84:
85: if (argc > i + 2)
86: usage(argv[0]);
1.4 millert 87:
1.5 millert 88: /* Could be in the form <number>/<seed> */
89: if (argc <= i + 1) {
1.1 deraadt 90: /* look for / in it */
1.5 millert 91: if (argc <= i)
1.1 deraadt 92: usage(argv[0]);
1.5 millert 93: slash = strchr(argv[i], '/');
1.1 deraadt 94: if (slash == NULL)
95: usage(argv[0]);
96: *slash++ = '\0';
97: seed = slash;
98:
1.5 millert 99: if ((n = atoi(argv[i])) < 0) {
1.8 millert 100: warnx("%d not positive", n);
101: usage(argv[0]);
102: } else if (n > SKEY_MAX_SEQ) {
103: warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
1.1 deraadt 104: usage(argv[0]);
105: }
106: } else {
1.5 millert 107: if ((n = atoi(argv[i])) < 0) {
1.9 millert 108: warnx("%d not positive", n);
1.8 millert 109: usage(argv[0]);
110: } else if (n > SKEY_MAX_SEQ) {
111: warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
1.1 deraadt 112: usage(argv[0]);
113: }
1.5 millert 114: seed = argv[++i];
1.1 deraadt 115: }
116:
1.20 ! otto 117: /* Get user's secret passphrase */
1.1 deraadt 118: if (!pass) {
1.19 deraadt 119: fputs("Reminder - Do not use this program while"
120: " logged in via telnet.\n", stderr);
1.20 ! otto 121: (void)fputs("Enter secret passphrase: ", stderr);
1.1 deraadt 122: readpass(passwd, sizeof(passwd));
1.6 millert 123: if (passwd[0] == '\0')
124: exit(1);
1.1 deraadt 125: }
126:
1.20 ! otto 127: /* Crunch seed and passphrase into starting key */
1.3 millert 128: if (keycrunch(key, seed, passwd) != 0)
129: errx(1, "key crunch failed");
130:
1.1 deraadt 131: if (cnt == 1) {
132: while (n-- != 0)
133: f(key);
1.12 millert 134: (void)puts(hexmode ? put8(buf, key) : btoe(buf, key));
1.1 deraadt 135: } else {
136: for (i = 0; i <= n - cnt; i++)
137: f(key);
138: for (; i <= n; i++) {
1.16 millert 139: (void)printf("%d: %-29s", i, btoe(buf, key));
1.3 millert 140: if (hexmode)
1.16 millert 141: (void)printf(" %s", put8(buf, key));
142: putchar('\n');
1.1 deraadt 143: f(key);
144: }
145: }
146: exit(0);
147: }
148:
149: void
1.19 deraadt 150: usage(char *s)
1.1 deraadt 151: {
1.19 deraadt 152: fprintf(stderr,
153: "Usage: %s [-x] [-md4|-md5|-sha1|-rmd160] [-n count] "
1.20 ! otto 154: "[-p passphrase] <sequence#>[/] key\n", s);
1.1 deraadt 155: exit(1);
156: }