Annotation of src/usr.bin/tcfs/tcfs_keymaint.c, Revision 1.9
1.9 ! aaron 1: /* $OpenBSD: tcfs_keymaint.c,v 1.8 2000/06/19 22:42:28 aaron Exp $ */
1.7 fgsch 2:
1.1 provos 3: /*
4: * Transparent Cryptographic File System (TCFS) for NetBSD
5: * Author and mantainer: Luigi Catuogno [luicat@tcfs.unisa.it]
6: *
7: * references: http://tcfs.dia.unisa.it
8: * tcfs-bsd@tcfs.unisa.it
9: */
10:
11: /*
12: * Base utility set v0.1
13: */
14:
15: #include <sys/types.h>
16: #include <sys/param.h>
17: #include <sys/mount.h>
18: #include <sys/ucred.h>
1.3 provos 19: #include <blf.h>
1.6 fgsch 20: #include <ctype.h>
21: #include <pwd.h>
22: #include <string.h>
23: #include <unistd.h>
1.3 provos 24:
1.1 provos 25: #include <miscfs/tcfs/tcfs.h>
26: #include <miscfs/tcfs/tcfs_cmd.h>
27:
28: #include "tcfsdefines.h"
29: #include "uuencode.h"
30:
31: int
32: tcfs_verify_fs(char *fs)
33: {
34: int ret;
35: struct statfs buf;
36:
37: ret = statfs(fs, &buf);
38:
39: if (ret)
1.8 aaron 40: return (0);
1.1 provos 41:
42: if (!strcmp("tcfs", buf.f_fstypename))
43: return (1);
44: else
45: return (0);
46: }
47:
48: int
49: tcfs_callfunction(char *filesystem, struct tcfs_args *arg)
50: {
51: int i;
1.8 aaron 52:
1.1 provos 53: if (tcfs_verify_fs(filesystem))
1.9 ! aaron 54: i = mount("tcfs", filesystem, MNT_UPDATE, (void *)arg);
1.1 provos 55: else
56: i = -1;
57:
58: return (i);
59: }
60:
61: int
1.8 aaron 62: tcfs_decrypt_key(char *pwd, u_char *t, u_char *tk, int tklen)
1.1 provos 63: {
1.6 fgsch 64: char pass[_PASSWORD_LEN];
1.9 ! aaron 65: char tcfskey[KEYSIZE * 2], iv[8];
1.3 provos 66: blf_ctx ctx;
1.6 fgsch 67: int len;
1.1 provos 68:
69: if (!tk)
1.8 aaron 70: return (0);
1.1 provos 71:
1.8 aaron 72: strlcpy(pass, pwd, sizeof(pass));
1.1 provos 73:
1.8 aaron 74: len = uudecode((char *)t, tcfskey, sizeof(tcfskey));
1.5 provos 75: if (len == -1) {
1.2 provos 76: fprintf(stderr, "tcfs_decrypt_key: uudecode failed\n");
1.8 aaron 77: return (0);
1.5 provos 78: } else if (len != tklen) {
79: fprintf(stderr, "tcfs_decrypt_key: uudecode wrong length\n");
1.8 aaron 80: return (0);
1.2 provos 81: }
1.1 provos 82:
83: while (strlen (pass) < 8) {
84: char tmp[_PASSWORD_LEN];
1.8 aaron 85:
86: strcpy(tmp, pass);
87: strcat(tmp, pass);
88: strcat(pass, tmp);
1.1 provos 89: }
90:
1.3 provos 91: blf_key(&ctx, pass, strlen(pass));
92: memset(iv, 0, sizeof(iv));
1.5 provos 93: blf_cbc_decrypt(&ctx, iv, tcfskey, tklen);
1.1 provos 94:
1.8 aaron 95: memset(pass, 0, strlen(pass));
96: memset(&ctx, 0, sizeof(ctx));
1.1 provos 97:
1.8 aaron 98: memcpy(tk, tcfskey, tklen);
99: return (1);
1.1 provos 100: }
101:
102: int
1.8 aaron 103: tcfs_encrypt_key(char *pw, u_char *key, int klen, u_char *ek, int eklen)
1.1 provos 104: {
1.3 provos 105: char pass[_PASSWORD_LEN], iv[8];
106: blf_ctx ctx;
1.2 provos 107: int res;
1.1 provos 108:
109: if (!ek)
1.8 aaron 110: return (0);
1.1 provos 111:
1.8 aaron 112: strlcpy(pass, pw, sizeof(pass));
1.1 provos 113:
114: while (strlen(pass) < 8) {
115: char tmp[_PASSWORD_LEN];
116:
1.8 aaron 117: strcpy(tmp, pass);
118: strcat(tmp, pass);
119: strcat(pass, tmp);
1.1 provos 120: }
1.3 provos 121:
122: blf_key(&ctx, pass, strlen(pass));
1.4 provos 123: memset(iv, 0, sizeof(iv));
1.5 provos 124: blf_cbc_encrypt(&ctx, iv, key, klen);
1.1 provos 125:
1.3 provos 126: memset(&ctx, 0, sizeof(ctx));
1.1 provos 127:
1.8 aaron 128: res = uuencode(key, klen, ek, eklen);
1.5 provos 129: if (res != eklen - 1) {
1.2 provos 130: fprintf(stderr, "tcfs_encrypt_key: uuencode length wrong\n");
131: return (0);
132: }
1.1 provos 133:
1.8 aaron 134: return (1);
1.1 provos 135: }
136:
1.2 provos 137: int
138: tcfs_user_enable(char *filesystem, uid_t user, u_char *key)
1.1 provos 139: {
140: struct tcfs_args a;
1.9 ! aaron 141:
1.1 provos 142: a.user = user;
143: memcpy(a.tcfs_key, key, sizeof(a.tcfs_key));
144: a.cmd = TCFS_PUT_UIDKEY;
1.8 aaron 145:
146: return (tcfs_callfunction(filesystem, &a));
1.1 provos 147: }
148:
1.2 provos 149: int
150: tcfs_user_disable(char *filesystem, uid_t user)
1.1 provos 151: {
152: struct tcfs_args a;
1.9 ! aaron 153:
1.1 provos 154: a.user = user;
155: a.cmd = TCFS_RM_UIDKEY;
1.8 aaron 156:
157: return (tcfs_callfunction(filesystem, &a));
1.1 provos 158: }
159:
1.2 provos 160: int
161: tcfs_proc_enable(char *filesystem, uid_t user, pid_t pid, char *key)
1.1 provos 162: {
163: struct tcfs_args a;
1.9 ! aaron 164:
1.1 provos 165: a.user = user;
166: a.cmd = TCFS_PUT_PIDKEY;
167: a.proc = pid;
168: memcpy(a.tcfs_key, key, sizeof(a.tcfs_key));
1.8 aaron 169:
170: return (tcfs_callfunction(filesystem, &a));
1.1 provos 171: }
172:
1.2 provos 173: int
174: tcfs_proc_disable(char *filesystem, uid_t user, pid_t pid)
1.1 provos 175: {
176: struct tcfs_args a;
1.9 ! aaron 177:
1.1 provos 178: a.user = user;
179: a.cmd = TCFS_RM_PIDKEY;
180: a.proc = pid;
1.8 aaron 181:
182: return (tcfs_callfunction(filesystem, &a));
1.1 provos 183: }
184:
1.2 provos 185: int
186: tcfs_group_enable(char *filesystem, uid_t uid, gid_t gid,
187: int tre, char *key)
1.1 provos 188: {
189: struct tcfs_args a;
1.9 ! aaron 190:
1.1 provos 191: a.cmd = TCFS_PUT_GIDKEY;
192: a.user = uid;
193: a.group = gid;
194: a.treshold = tre;
195: memcpy(a.tcfs_key, key, sizeof(a.tcfs_key));
1.8 aaron 196:
197: return (tcfs_callfunction(filesystem, &a));
1.1 provos 198: }
199:
200: int tcfs_group_disable(char *filesystem, uid_t uid, gid_t gid)
201: {
202: struct tcfs_args a;
1.9 ! aaron 203:
1.1 provos 204: a.cmd = TCFS_RM_GIDKEY;
205: a.user = uid;
206: a.group = gid;
1.8 aaron 207:
208: return (tcfs_callfunction(filesystem, &a));
1.1 provos 209: }
210:
![[BACK]](/icons/back.gif){kind=icon}
Return to tcfs_keymaint.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / tcfs