soutade/gPass
1
0
Fork 0
Code Issues Pull Requests Packages Releases 2 Activity

Change protocol version (3 -> 4) in CLI : PKDBF2 is renamed in PBKDF2

Browse Source
This commit is contained in:
Grégory Soutadé 2017-04-17 20:39:53 +02:00
parent 65ca3a3d3d
commit 1d71ca6861
3 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cli/Makefile
View File

@ -4,9 +4,10 @@ LDFLAGS= -lcrypto -lcurl
TARGET=gpass_cli
SRCS=main.c ini.c
all: $(TARGET)
$(TARGET): $(SRCS)
$(CC) $(CFLAGS) $^ -o $@ $(LDFLAGS)
clean:
rm -f $(TARGET) *.o *~
rm -f $(TARGET) *.o *~

2
cli/gpass.ini.sample
View File

@ -1,6 +1,6 @@
[params]
# ca_path=./ca_path/ca_authority.pem
# server=https://demo-gpass.soutade.fr/demo
# pkdbf2_level=1000
# pbkdf2_level=1000
# server_port=443
# verify_ssl_peer=1

31
cli/main.c
View File

@ -31,16 +31,16 @@
#define DEFAULT_CONFIG_FILE ".local/share/gpass/gpass.ini"
#define DEFAULT_PKDBF2_LEVEL 1000
#define DEFAULT_PBKDF2_LEVEL 1000
#define MASTER_KEY_LENGTH (256/8)
#define BLOCK_SIZE (128/8)
#define DEFAULT_SERVER_PORT 443
#define SERVER_PROTOCOL 3
#define SERVER_PROTOCOL 4
#define RESPONSE_SIZE 2048
#define MAX_SUBDOMAINS 10
struct gpass_parameters {
unsigned pkdbf2_level;
unsigned pbkdf2_level;
char *server;
char *salt;
char *domain;
@ -61,7 +61,7 @@ static void derive_master_key(struct gpass_parameters* params)
PKCS5_PBKDF2_HMAC(params->orig_master_key, strlen(params->orig_master_key),
(unsigned char*)params->salt, strlen(params->salt),
params->pkdbf2_level, EVP_sha256(),
params->pbkdf2_level, EVP_sha256(),
MASTER_KEY_LENGTH, params->derived_master_key);
}
@ -191,7 +191,7 @@ static char* wildcard_domain(char* domain)
}
// Too much levels
if (cur_level == MAX_SUBDOMAINS)
if (cur_level >= MAX_SUBDOMAINS)
{
fprintf(stderr, "Error: Too much levels for domain %s\n", domain);
return NULL;
@ -251,6 +251,9 @@ static int ask_server(struct gpass_parameters* params)
char response[RESPONSE_SIZE];
unsigned char password[256];
if (params->verbose)
printf("Username: %s\n", params->username);
encrypt_domain(params, params->domain, &enc_domain, &enc_size);
append_to_request(&request, (char*)enc_domain);
free(enc_domain);
@ -339,13 +342,13 @@ static int ask_server(struct gpass_parameters* params)
ret = 0;
goto end;
}
else if (!STRNCMP(token, "pkdbf2_level"))
else if (!STRNCMP(token, "pbkdf2_level"))
{
cur_ptr += sizeof("pkdbf2_level"); // includes "="
cur_ptr += sizeof("pbkdf2_level"); // includes "="
if (atoi(cur_ptr) != params->pkdbf2_level)
if (atoi(cur_ptr) != params->pbkdf2_level)
{
params->pkdbf2_level = atoi(cur_ptr);
params->pbkdf2_level = atoi(cur_ptr);
ret = 1;
break;
}
@ -370,7 +373,7 @@ end:
static void init_parameters(struct gpass_parameters* params)
{
memset (params, 0, sizeof(*params));
params->pkdbf2_level = DEFAULT_PKDBF2_LEVEL;
params->pbkdf2_level = DEFAULT_PBKDF2_LEVEL;
params->server_port = DEFAULT_SERVER_PORT;
params->verify_ssl_peer = 1;
}
@ -419,8 +422,8 @@ static int gpass_ini_handler(void* user, const char* section,
if (params->ca_path) free(params->ca_path);
params->ca_path = strdup(value);
}
else if (!STRNCMP(name, "pkdbf2_level"))
params->pkdbf2_level = atoi(value);
else if (!STRNCMP(name, "pbkdf2_level"))
params->pbkdf2_level = atoi(value);
else if (!STRNCMP(name, "verify_ssl_peer"))
params->verify_ssl_peer = atoi(value);
else if (!STRNCMP(name, "server_port"))
@ -441,7 +444,7 @@ static int gpass_ini_handler(void* user, const char* section,
static void usage(char* program_name)
{
fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PKDBF2_level] [-s gpass_server] [-v] -d domain -u username\n",
fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PBKDF2_level] [-s gpass_server] [-v] -d domain -u username\n",
program_name);
exit(EXIT_FAILURE);
}
@ -483,7 +486,7 @@ int main(int argc, char** argv)
ini_parse(optarg, gpass_ini_handler, &params);
break;
case 'l':
params.pkdbf2_level = atoi(optarg);
params.pbkdf2_level = atoi(optarg);
break;
case 'n':
params.verify_ssl_peer = 0;