Annotation of src/usr.bin/skey/skey.c, Revision 1.33
1.33 ! millert 1: /* $OpenBSD: skey.c,v 1.32 2015/10/12 14:33:13 tim Exp $ */
1.1 deraadt 2: /*
1.15 millert 3: * OpenBSD S/Key (skey.c)
1.1 deraadt 4: *
5: * Authors:
6: * Neil M. Haller <nmh@thumper.bellcore.com>
7: * Philip R. Karn <karn@chicago.qualcomm.com>
8: * John S. Walden <jsw@thumper.bellcore.com>
9: * Scott Chasin <chasin@crimelab.com>
1.15 millert 10: * Todd C. Miller <Todd.Miller@courtesan.com>
1.1 deraadt 11: *
12: *
13: * Stand-alone program for computing responses to S/Key challenges.
14: * Takes the iteration count and seed as command line args, prompts
15: * for the user's key, and produces both word and hex format responses.
16: *
17: * Usage example:
18: * >skey 88 ka9q2
19: * Enter password:
20: * OMEN US HORN OMIT BACK AHOY
21: * >
22: *
23: */
24:
1.29 tim 25: #include <err.h>
26: #include <limits.h>
1.1 deraadt 27: #include <stdio.h>
28: #include <stdlib.h>
29: #include <string.h>
1.3 millert 30: #include <unistd.h>
1.29 tim 31: #include <readpassphrase.h>
1.3 millert 32: #include <skey.h>
1.1 deraadt 33:
1.30 tim 34: void usage();
35:
36: extern char *__progname;
1.1 deraadt 37:
38: int
1.19 deraadt 39: main(int argc, char *argv[])
1.1 deraadt 40: {
1.3 millert 41: int n, i, cnt = 1, pass = 0, hexmode = 0;
1.8 millert 42: char passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
1.30 tim 43: char buf[33], *seed, *slash, *algo;
1.28 deraadt 44: const char *errstr;
1.32 tim 45:
1.33 ! millert 46: if (pledge("stdio tty", NULL) == -1)
1.32 tim 47: err(1, "pledge");
1.1 deraadt 48:
1.5 millert 49: /* If we were called as otp-METHOD, set algorithm based on that */
1.30 tim 50: if (strncmp(__progname, "otp-", 4) == 0) {
51: algo = __progname + 4;
52: if (skey_set_algorithm(algo) == NULL)
53: errx(1, "Unknown hash algorithm %s", algo);
1.1 deraadt 54: }
55:
1.5 millert 56: for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) {
57: if (argv[i][2] == '\0') {
58: /* Single character switch */
59: switch (argv[i][1]) {
60: case 'n':
1.15 millert 61: if (++i == argc)
1.30 tim 62: usage();
1.28 deraadt 63: cnt = strtonum(argv[i], 1, SKEY_MAX_SEQ -1, &errstr);
64: if (errstr)
1.30 tim 65: usage();
1.5 millert 66: break;
67: case 'p':
1.15 millert 68: if (++i == argc)
1.30 tim 69: usage();
1.15 millert 70: if (strlcpy(passwd, argv[i], sizeof(passwd)) >=
1.13 deraadt 71: sizeof(passwd))
72: errx(1, "Password too long");
1.5 millert 73: pass = 1;
74: break;
75: case 'x':
76: hexmode = 1;
77: break;
78: default:
1.30 tim 79: usage();
1.5 millert 80: }
81: } else {
82: /* Multi character switches are hash types */
83: if (skey_set_algorithm(&argv[i][1]) == NULL) {
84: warnx("Unknown hash algorithm %s", &argv[i][1]);
1.30 tim 85: usage();
1.5 millert 86: }
1.4 millert 87: }
1.5 millert 88: i++;
1.4 millert 89: }
1.7 millert 90:
91: if (argc > i + 2)
1.30 tim 92: usage();
1.4 millert 93:
1.5 millert 94: /* Could be in the form <number>/<seed> */
95: if (argc <= i + 1) {
1.1 deraadt 96: /* look for / in it */
1.5 millert 97: if (argc <= i)
1.30 tim 98: usage();
1.5 millert 99: slash = strchr(argv[i], '/');
1.1 deraadt 100: if (slash == NULL)
1.30 tim 101: usage();
1.1 deraadt 102: *slash++ = '\0';
103: seed = slash;
104:
1.28 deraadt 105: n = strtonum(argv[i], 0, SKEY_MAX_SEQ, &errstr);
106: if (errstr) {
107: warnx("%s: %s", argv[i], errstr);
1.30 tim 108: usage();
1.1 deraadt 109: }
110: } else {
1.28 deraadt 111: n = strtonum(argv[i], 0, SKEY_MAX_SEQ, &errstr);
112: if (errstr) {
113: warnx("%s: %s", argv[i], errstr);
1.30 tim 114: usage();
1.1 deraadt 115: }
1.5 millert 116: seed = argv[++i];
1.1 deraadt 117: }
118:
1.20 otto 119: /* Get user's secret passphrase */
1.31 tim 120: if (!pass && (readpassphrase("Enter secret passphrase: ", passwd,
121: sizeof(passwd), 0) == NULL || passwd[0] == '\0'))
122: exit(1);
1.1 deraadt 123:
1.20 otto 124: /* Crunch seed and passphrase into starting key */
1.3 millert 125: if (keycrunch(key, seed, passwd) != 0)
126: errx(1, "key crunch failed");
127:
1.1 deraadt 128: if (cnt == 1) {
129: while (n-- != 0)
130: f(key);
1.12 millert 131: (void)puts(hexmode ? put8(buf, key) : btoe(buf, key));
1.1 deraadt 132: } else {
133: for (i = 0; i <= n - cnt; i++)
134: f(key);
135: for (; i <= n; i++) {
1.3 millert 136: if (hexmode)
1.25 millert 137: (void)printf("%d: %s\n", i, put8(buf, key));
138: else
1.26 millert 139: (void)printf("%d: %-29s\n", i, btoe(buf, key));
1.1 deraadt 140: f(key);
141: }
142: }
143: exit(0);
144: }
145:
146: void
1.30 tim 147: usage(void)
1.1 deraadt 148: {
1.19 deraadt 149: fprintf(stderr,
1.27 naddy 150: "usage: %s [-x] [-md5 | -rmd160 | -sha1] [-n count]\n\t"
1.30 tim 151: "[-p passphrase] <sequence#>[/] key\n", __progname);
1.1 deraadt 152: exit(1);
153: }