skey.c revision 1.15
1 1.15 lukem /* $NetBSD: skey.c,v 1.15 2001/07/24 23:53:25 lukem Exp $ */ 2 1.4 thorpej 3 1.1 deraadt /* 4 1.1 deraadt * S/KEY v1.1b (skey.c) 5 1.1 deraadt * 6 1.1 deraadt * Authors: 7 1.1 deraadt * Neil M. Haller <nmh (at) thumper.bellcore.com> 8 1.1 deraadt * Philip R. Karn <karn (at) chicago.qualcomm.com> 9 1.1 deraadt * John S. Walden <jsw (at) thumper.bellcore.com> 10 1.1 deraadt * Scott Chasin <chasin (at) crimelab.com> 11 1.1 deraadt * 12 1.1 deraadt * 13 1.1 deraadt * Stand-alone program for computing responses to S/Key challenges. 14 1.1 deraadt * Takes the iteration count and seed as command line args, prompts 15 1.1 deraadt * for the user's key, and produces both word and hex format responses. 16 1.1 deraadt * 17 1.1 deraadt * Usage example: 18 1.1 deraadt * >skey 88 ka9q2 19 1.1 deraadt * Enter password: 20 1.1 deraadt * OMEN US HORN OMIT BACK AHOY 21 1.1 deraadt * > 22 1.1 deraadt */ 23 1.1 deraadt 24 1.3 pk #include <sys/cdefs.h> 25 1.6 lukem #ifndef lint 26 1.15 lukem __RCSID("$NetBSD: skey.c,v 1.15 2001/07/24 23:53:25 lukem Exp $"); 27 1.6 lukem #endif 28 1.6 lukem 29 1.11 mjl #include <ctype.h> 30 1.10 mjl #include <err.h> 31 1.7 perry #include <fcntl.h> 32 1.1 deraadt #include <stdio.h> 33 1.7 perry #include <skey.h> 34 1.1 deraadt #include <stdlib.h> 35 1.1 deraadt #include <string.h> 36 1.7 perry #include <unistd.h> 37 1.1 deraadt 38 1.13 mjl int main(int, char **); 39 1.13 mjl void usage(char *); 40 1.1 deraadt 41 1.3 pk int 42 1.10 mjl main(int argc, char **argv) 43 1.1 deraadt { 44 1.15 lukem int n, cnt, i, pass = 0, hexmode = 0; 45 1.10 mjl char passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE]; 46 1.11 mjl char buf[33], *seed, *slash, *t; 47 1.1 deraadt 48 1.1 deraadt cnt = 1; 49 1.1 deraadt 50 1.13 mjl while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) { 51 1.1 deraadt switch (i) { 52 1.13 mjl case 'f': 53 1.15 lukem /* this option is ignored now */ 54 1.13 mjl break; 55 1.1 deraadt case 'n': 56 1.1 deraadt cnt = atoi(optarg); 57 1.1 deraadt break; 58 1.1 deraadt case 'p': 59 1.12 mjl if (strlcpy(passwd, optarg, sizeof(passwd)) >= 60 1.10 mjl sizeof(passwd)) 61 1.10 mjl errx(1, "Password too long"); 62 1.1 deraadt pass = 1; 63 1.1 deraadt break; 64 1.10 mjl case 't': 65 1.10 mjl if (skey_set_algorithm(optarg) == NULL) { 66 1.10 mjl errx(1, "Unknown hash algorithm %s", optarg); 67 1.10 mjl } 68 1.10 mjl break; 69 1.10 mjl case 'x': 70 1.10 mjl hexmode = 1; 71 1.10 mjl break; 72 1.10 mjl default: 73 1.10 mjl usage(argv[0]); 74 1.10 mjl break; 75 1.1 deraadt } 76 1.1 deraadt } 77 1.1 deraadt 78 1.1 deraadt /* could be in the form <number>/<seed> */ 79 1.1 deraadt if (argc <= optind + 1) { 80 1.1 deraadt /* look for / in it */ 81 1.2 cgd if (argc <= optind) 82 1.1 deraadt usage(argv[0]); 83 1.1 deraadt slash = strchr(argv[optind], '/'); 84 1.2 cgd if (slash == NULL) 85 1.1 deraadt usage(argv[0]); 86 1.1 deraadt *slash++ = '\0'; 87 1.1 deraadt seed = slash; 88 1.1 deraadt 89 1.1 deraadt if ((n = atoi(argv[optind])) < 0) { 90 1.2 cgd fprintf(stderr, "%s not positive\n", argv[optind]); 91 1.1 deraadt usage(argv[0]); 92 1.10 mjl } else if (n > SKEY_MAX_SEQ) { 93 1.10 mjl warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ); 94 1.10 mjl usage(argv[0]); 95 1.1 deraadt } 96 1.1 deraadt } else { 97 1.1 deraadt 98 1.1 deraadt if ((n = atoi(argv[optind])) < 0) { 99 1.2 cgd fprintf(stderr, "%s not positive\n", argv[optind]); 100 1.1 deraadt usage(argv[0]); 101 1.10 mjl } else if (n > SKEY_MAX_SEQ) { 102 1.10 mjl warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ); 103 1.10 mjl usage(argv[0]); 104 1.1 deraadt } 105 1.1 deraadt seed = argv[++optind]; 106 1.1 deraadt } 107 1.1 deraadt 108 1.11 mjl for(t = seed; *t; t++) { 109 1.11 mjl if(!isalnum(*t)) 110 1.11 mjl errx(1, "seed must be alphanumeric"); 111 1.11 mjl } 112 1.11 mjl 113 1.11 mjl if(!*seed || strlen(seed) > SKEY_MAX_SEED_LEN) 114 1.11 mjl errx(1, "seed must be between 1 and %d long", SKEY_MAX_SEED_LEN); 115 1.11 mjl 116 1.1 deraadt /* Get user's secret password */ 117 1.1 deraadt if (!pass) { 118 1.10 mjl (void)fputs("Reminder - Do not use this program while " 119 1.10 mjl "logged in via telnet or rlogin.\n", stderr); 120 1.2 cgd fprintf(stderr, "Enter secret password: "); 121 1.1 deraadt readpass(passwd, sizeof(passwd)); 122 1.10 mjl if (passwd[0] == '\0') 123 1.10 mjl exit(1); 124 1.1 deraadt } 125 1.11 mjl 126 1.15 lukem if (strlen(passwd) < SKEY_MIN_PW_LEN) 127 1.15 lukem warnx( 128 1.15 lukem "password should be at least %d characters long according to RFC2289", 129 1.15 lukem SKEY_MIN_PW_LEN); 130 1.1 deraadt 131 1.1 deraadt /* Crunch seed and password into starting key */ 132 1.10 mjl if (keycrunch(key, seed, passwd) != 0) 133 1.10 mjl errx(1, "key crunch failed"); 134 1.10 mjl 135 1.1 deraadt if (cnt == 1) { 136 1.1 deraadt while (n-- != 0) 137 1.1 deraadt f(key); 138 1.10 mjl (void)puts(hexmode ? put8(buf, key) : btoe(buf, key)); 139 1.1 deraadt } else { 140 1.1 deraadt for (i = 0; i <= n - cnt; i++) 141 1.1 deraadt f(key); 142 1.1 deraadt for (; i <= n; i++) { 143 1.10 mjl (void)printf("%3d: %-29s", i, btoe(buf, key)); 144 1.10 mjl if (hexmode) 145 1.10 mjl (void)printf("\t%s", put8(buf, key)); 146 1.10 mjl puts(""); 147 1.1 deraadt f(key); 148 1.1 deraadt } 149 1.1 deraadt } 150 1.1 deraadt exit(0); 151 1.1 deraadt } 152 1.1 deraadt 153 1.1 deraadt void 154 1.10 mjl usage(char *s) 155 1.1 deraadt { 156 1.2 cgd 157 1.2 cgd fprintf(stderr, 158 1.15 lukem "Usage: %s [-n count] [-p password] [-t hash] [-x] sequence# [/] key\n", 159 1.15 lukem s); 160 1.2 cgd exit(1); 161 1.1 deraadt } 162
Indexes created Tue Oct 28 12:10:06 GMT 2025