Change protocol version (3 -> 4) in CLI : PKDBF2 is renamed in PBKDF2
This commit is contained in:
parent
65ca3a3d3d
commit
1d71ca6861
|
@ -4,6 +4,7 @@ LDFLAGS= -lcrypto -lcurl
|
||||||
TARGET=gpass_cli
|
TARGET=gpass_cli
|
||||||
SRCS=main.c ini.c
|
SRCS=main.c ini.c
|
||||||
|
|
||||||
|
all: $(TARGET)
|
||||||
|
|
||||||
$(TARGET): $(SRCS)
|
$(TARGET): $(SRCS)
|
||||||
$(CC) $(CFLAGS) $^ -o $@ $(LDFLAGS)
|
$(CC) $(CFLAGS) $^ -o $@ $(LDFLAGS)
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[params]
|
[params]
|
||||||
# ca_path=./ca_path/ca_authority.pem
|
# ca_path=./ca_path/ca_authority.pem
|
||||||
# server=https://demo-gpass.soutade.fr/demo
|
# server=https://demo-gpass.soutade.fr/demo
|
||||||
# pkdbf2_level=1000
|
# pbkdf2_level=1000
|
||||||
# server_port=443
|
# server_port=443
|
||||||
# verify_ssl_peer=1
|
# verify_ssl_peer=1
|
||||||
|
|
31
cli/main.c
31
cli/main.c
|
@ -31,16 +31,16 @@
|
||||||
|
|
||||||
#define DEFAULT_CONFIG_FILE ".local/share/gpass/gpass.ini"
|
#define DEFAULT_CONFIG_FILE ".local/share/gpass/gpass.ini"
|
||||||
|
|
||||||
#define DEFAULT_PKDBF2_LEVEL 1000
|
#define DEFAULT_PBKDF2_LEVEL 1000
|
||||||
#define MASTER_KEY_LENGTH (256/8)
|
#define MASTER_KEY_LENGTH (256/8)
|
||||||
#define BLOCK_SIZE (128/8)
|
#define BLOCK_SIZE (128/8)
|
||||||
#define DEFAULT_SERVER_PORT 443
|
#define DEFAULT_SERVER_PORT 443
|
||||||
#define SERVER_PROTOCOL 3
|
#define SERVER_PROTOCOL 4
|
||||||
#define RESPONSE_SIZE 2048
|
#define RESPONSE_SIZE 2048
|
||||||
#define MAX_SUBDOMAINS 10
|
#define MAX_SUBDOMAINS 10
|
||||||
|
|
||||||
struct gpass_parameters {
|
struct gpass_parameters {
|
||||||
unsigned pkdbf2_level;
|
unsigned pbkdf2_level;
|
||||||
char *server;
|
char *server;
|
||||||
char *salt;
|
char *salt;
|
||||||
char *domain;
|
char *domain;
|
||||||
|
@ -61,7 +61,7 @@ static void derive_master_key(struct gpass_parameters* params)
|
||||||
|
|
||||||
PKCS5_PBKDF2_HMAC(params->orig_master_key, strlen(params->orig_master_key),
|
PKCS5_PBKDF2_HMAC(params->orig_master_key, strlen(params->orig_master_key),
|
||||||
(unsigned char*)params->salt, strlen(params->salt),
|
(unsigned char*)params->salt, strlen(params->salt),
|
||||||
params->pkdbf2_level, EVP_sha256(),
|
params->pbkdf2_level, EVP_sha256(),
|
||||||
MASTER_KEY_LENGTH, params->derived_master_key);
|
MASTER_KEY_LENGTH, params->derived_master_key);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -191,7 +191,7 @@ static char* wildcard_domain(char* domain)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Too much levels
|
// Too much levels
|
||||||
if (cur_level == MAX_SUBDOMAINS)
|
if (cur_level >= MAX_SUBDOMAINS)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "Error: Too much levels for domain %s\n", domain);
|
fprintf(stderr, "Error: Too much levels for domain %s\n", domain);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -251,6 +251,9 @@ static int ask_server(struct gpass_parameters* params)
|
||||||
char response[RESPONSE_SIZE];
|
char response[RESPONSE_SIZE];
|
||||||
unsigned char password[256];
|
unsigned char password[256];
|
||||||
|
|
||||||
|
if (params->verbose)
|
||||||
|
printf("Username: %s\n", params->username);
|
||||||
|
|
||||||
encrypt_domain(params, params->domain, &enc_domain, &enc_size);
|
encrypt_domain(params, params->domain, &enc_domain, &enc_size);
|
||||||
append_to_request(&request, (char*)enc_domain);
|
append_to_request(&request, (char*)enc_domain);
|
||||||
free(enc_domain);
|
free(enc_domain);
|
||||||
|
@ -339,13 +342,13 @@ static int ask_server(struct gpass_parameters* params)
|
||||||
ret = 0;
|
ret = 0;
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
else if (!STRNCMP(token, "pkdbf2_level"))
|
else if (!STRNCMP(token, "pbkdf2_level"))
|
||||||
{
|
{
|
||||||
cur_ptr += sizeof("pkdbf2_level"); // includes "="
|
cur_ptr += sizeof("pbkdf2_level"); // includes "="
|
||||||
|
|
||||||
if (atoi(cur_ptr) != params->pkdbf2_level)
|
if (atoi(cur_ptr) != params->pbkdf2_level)
|
||||||
{
|
{
|
||||||
params->pkdbf2_level = atoi(cur_ptr);
|
params->pbkdf2_level = atoi(cur_ptr);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -370,7 +373,7 @@ end:
|
||||||
static void init_parameters(struct gpass_parameters* params)
|
static void init_parameters(struct gpass_parameters* params)
|
||||||
{
|
{
|
||||||
memset (params, 0, sizeof(*params));
|
memset (params, 0, sizeof(*params));
|
||||||
params->pkdbf2_level = DEFAULT_PKDBF2_LEVEL;
|
params->pbkdf2_level = DEFAULT_PBKDF2_LEVEL;
|
||||||
params->server_port = DEFAULT_SERVER_PORT;
|
params->server_port = DEFAULT_SERVER_PORT;
|
||||||
params->verify_ssl_peer = 1;
|
params->verify_ssl_peer = 1;
|
||||||
}
|
}
|
||||||
|
@ -419,8 +422,8 @@ static int gpass_ini_handler(void* user, const char* section,
|
||||||
if (params->ca_path) free(params->ca_path);
|
if (params->ca_path) free(params->ca_path);
|
||||||
params->ca_path = strdup(value);
|
params->ca_path = strdup(value);
|
||||||
}
|
}
|
||||||
else if (!STRNCMP(name, "pkdbf2_level"))
|
else if (!STRNCMP(name, "pbkdf2_level"))
|
||||||
params->pkdbf2_level = atoi(value);
|
params->pbkdf2_level = atoi(value);
|
||||||
else if (!STRNCMP(name, "verify_ssl_peer"))
|
else if (!STRNCMP(name, "verify_ssl_peer"))
|
||||||
params->verify_ssl_peer = atoi(value);
|
params->verify_ssl_peer = atoi(value);
|
||||||
else if (!STRNCMP(name, "server_port"))
|
else if (!STRNCMP(name, "server_port"))
|
||||||
|
@ -441,7 +444,7 @@ static int gpass_ini_handler(void* user, const char* section,
|
||||||
|
|
||||||
static void usage(char* program_name)
|
static void usage(char* program_name)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PKDBF2_level] [-s gpass_server] [-v] -d domain -u username\n",
|
fprintf(stderr, "Usage: %s [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PBKDF2_level] [-s gpass_server] [-v] -d domain -u username\n",
|
||||||
program_name);
|
program_name);
|
||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
|
@ -483,7 +486,7 @@ int main(int argc, char** argv)
|
||||||
ini_parse(optarg, gpass_ini_handler, ¶ms);
|
ini_parse(optarg, gpass_ini_handler, ¶ms);
|
||||||
break;
|
break;
|
||||||
case 'l':
|
case 'l':
|
||||||
params.pkdbf2_level = atoi(optarg);
|
params.pbkdf2_level = atoi(optarg);
|
||||||
break;
|
break;
|
||||||
case 'n':
|
case 'n':
|
||||||
params.verify_ssl_peer = 0;
|
params.verify_ssl_peer = 0;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user