From 1d71ca68618f3a77db84bcfa07e84ecbe32a82ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20Soutad=C3=A9?= Date: Mon, 17 Apr 2017 20:39:53 +0200 Subject: [PATCH] Change protocol version (3 -> 4) in CLI : PKDBF2 is renamed in PBKDF2 --- cli/Makefile | 3 ++- cli/gpass.ini.sample | 2 +- cli/main.c | 31 +++++++++++++++++-------------- 3 files changed, 20 insertions(+), 16 deletions(-) diff --git a/cli/Makefile b/cli/Makefile index 9d5d910..d3c49ef 100644 --- a/cli/Makefile +++ b/cli/Makefile @@ -4,9 +4,10 @@ LDFLAGS= -lcrypto -lcurl TARGET=gpass_cli SRCS=main.c ini.c +all: $(TARGET) $(TARGET): $(SRCS) $(CC) $(CFLAGS) $^ -o $@ $(LDFLAGS) clean: - rm -f $(TARGET) *.o *~ \ No newline at end of file + rm -f $(TARGET) *.o *~ diff --git a/cli/gpass.ini.sample b/cli/gpass.ini.sample index 463c94b..507c271 100644 --- a/cli/gpass.ini.sample +++ b/cli/gpass.ini.sample @@ -1,6 +1,6 @@ [params] # ca_path=./ca_path/ca_authority.pem # server=https://demo-gpass.soutade.fr/demo -# pkdbf2_level=1000 +# pbkdf2_level=1000 # server_port=443 # verify_ssl_peer=1 diff --git a/cli/main.c b/cli/main.c index 037c7eb..eaf03b6 100644 --- a/cli/main.c +++ b/cli/main.c @@ -31,16 +31,16 @@ #define DEFAULT_CONFIG_FILE ".local/share/gpass/gpass.ini" -#define DEFAULT_PKDBF2_LEVEL 1000 +#define DEFAULT_PBKDF2_LEVEL 1000 #define MASTER_KEY_LENGTH (256/8) #define BLOCK_SIZE (128/8) #define DEFAULT_SERVER_PORT 443 -#define SERVER_PROTOCOL 3 +#define SERVER_PROTOCOL 4 #define RESPONSE_SIZE 2048 #define MAX_SUBDOMAINS 10 struct gpass_parameters { - unsigned pkdbf2_level; + unsigned pbkdf2_level; char *server; char *salt; char *domain; @@ -61,7 +61,7 @@ static void derive_master_key(struct gpass_parameters* params) PKCS5_PBKDF2_HMAC(params->orig_master_key, strlen(params->orig_master_key), (unsigned char*)params->salt, strlen(params->salt), - params->pkdbf2_level, EVP_sha256(), + params->pbkdf2_level, EVP_sha256(), MASTER_KEY_LENGTH, params->derived_master_key); } @@ -191,7 +191,7 @@ static char* wildcard_domain(char* domain) } // Too much levels - if (cur_level == MAX_SUBDOMAINS) + if (cur_level >= MAX_SUBDOMAINS) { fprintf(stderr, "Error: Too much levels for domain %s\n", domain); return NULL; @@ -251,6 +251,9 @@ static int ask_server(struct gpass_parameters* params) char response[RESPONSE_SIZE]; unsigned char password[256]; + if (params->verbose) + printf("Username: %s\n", params->username); + encrypt_domain(params, params->domain, &enc_domain, &enc_size); append_to_request(&request, (char*)enc_domain); free(enc_domain); @@ -339,13 +342,13 @@ static int ask_server(struct gpass_parameters* params) ret = 0; goto end; } - else if (!STRNCMP(token, "pkdbf2_level")) + else if (!STRNCMP(token, "pbkdf2_level")) { - cur_ptr += sizeof("pkdbf2_level"); // includes "=" + cur_ptr += sizeof("pbkdf2_level"); // includes "=" - if (atoi(cur_ptr) != params->pkdbf2_level) + if (atoi(cur_ptr) != params->pbkdf2_level) { - params->pkdbf2_level = atoi(cur_ptr); + params->pbkdf2_level = atoi(cur_ptr); ret = 1; break; } @@ -370,7 +373,7 @@ end: static void init_parameters(struct gpass_parameters* params) { memset (params, 0, sizeof(*params)); - params->pkdbf2_level = DEFAULT_PKDBF2_LEVEL; + params->pbkdf2_level = DEFAULT_PBKDF2_LEVEL; params->server_port = DEFAULT_SERVER_PORT; params->verify_ssl_peer = 1; } @@ -419,8 +422,8 @@ static int gpass_ini_handler(void* user, const char* section, if (params->ca_path) free(params->ca_path); params->ca_path = strdup(value); } - else if (!STRNCMP(name, "pkdbf2_level")) - params->pkdbf2_level = atoi(value); + else if (!STRNCMP(name, "pbkdf2_level")) + params->pbkdf2_level = atoi(value); else if (!STRNCMP(name, "verify_ssl_peer")) params->verify_ssl_peer = atoi(value); else if (!STRNCMP(name, "server_port")) @@ -441,7 +444,7 @@ static int gpass_ini_handler(void* user, const char* section, static void usage(char* program_name) { - fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PKDBF2_level] [-s gpass_server] [-v] -d domain -u username\n", + fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PBKDF2_level] [-s gpass_server] [-v] -d domain -u username\n", program_name); exit(EXIT_FAILURE); } @@ -483,7 +486,7 @@ int main(int argc, char** argv) ini_parse(optarg, gpass_ini_handler, ¶ms); break; case 'l': - params.pkdbf2_level = atoi(optarg); + params.pbkdf2_level = atoi(optarg); break; case 'n': params.verify_ssl_peer = 0;