summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
Diffstat (limited to 'src/util')
-rw-r--r--src/util/crypto/libcrypto/crypto_base64.c37
-rw-r--r--src/util/crypto/nss/nss_base64.c91
-rw-r--r--src/util/crypto/nss/nss_obfuscate.c39
-rw-r--r--src/util/crypto/sss_crypto.h8
4 files changed, 139 insertions, 36 deletions
diff --git a/src/util/crypto/libcrypto/crypto_base64.c b/src/util/crypto/libcrypto/crypto_base64.c
new file mode 100644
index 00000000..c04914b9
--- /dev/null
+++ b/src/util/crypto/libcrypto/crypto_base64.c
@@ -0,0 +1,37 @@
+/*
+ Authors:
+ Jan Cholasta <jcholast@redhat.com>
+
+ Copyright (C) 2012 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "util/util.h"
+
+char *sss_base64_encode(TALLOC_CTX *mem_ctx,
+ const unsigned char *in,
+ size_t insize)
+{
+ DEBUG(SSSDBG_CRIT_FAILURE, ("sss_base64_encode not implemented.\n"));
+ return NULL;
+}
+
+unsigned char *sss_base64_decode(TALLOC_CTX *mem_ctx,
+ const char *in,
+ size_t *outsize)
+{
+ DEBUG(SSSDBG_CRIT_FAILURE, ("sss_base64_decode not implemented.\n"));
+ return NULL;
+}
diff --git a/src/util/crypto/nss/nss_base64.c b/src/util/crypto/nss/nss_base64.c
new file mode 100644
index 00000000..be3de487
--- /dev/null
+++ b/src/util/crypto/nss/nss_base64.c
@@ -0,0 +1,91 @@
+/*
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) 2012 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <talloc.h>
+
+#include "util/util.h"
+#include "util/crypto/nss/nss_util.h"
+
+#include <base64.h>
+
+/* NSS wraps b64 encoded buffers with CRLF automatically after 64 chars. This
+ * function strips the CRLF double-chars. The buffer can be decoded with plain
+ * NSS calls */
+char *sss_base64_encode(TALLOC_CTX *mem_ctx,
+ const unsigned char *inbuf,
+ size_t inbufsize)
+{
+ int ret;
+ char *b64encoded = NULL;
+ int i, j, b64size;
+ char *outbuf;
+
+ /* initialize NSS if needed */
+ ret = nspr_nss_init();
+ if (ret != EOK) {
+ return NULL;
+ }
+
+ b64encoded = BTOA_DataToAscii(inbuf, inbufsize);
+ if (!b64encoded) return NULL;
+
+ b64size = strlen(b64encoded) + 1;
+ outbuf = talloc_array(mem_ctx, char, b64size);
+ if (outbuf == NULL) {
+ PORT_Free(b64encoded);
+ return NULL;
+ }
+
+ for (i=0, j=0; i < b64size; i++) {
+ if (b64encoded[i] == '\n' || b64encoded[i] == '\r') {
+ continue;
+ }
+ outbuf[j++] = b64encoded[i]; /* will also copy the trailing \0 char */
+ }
+
+ PORT_Free(b64encoded);
+ return outbuf;
+}
+
+unsigned char *sss_base64_decode(TALLOC_CTX *mem_ctx,
+ const char *inbuf,
+ size_t *outbufsize)
+{
+ int ret;
+ unsigned char *b64decoded = NULL;
+ unsigned int size;
+ unsigned char *outbuf;
+
+ /* initialize NSS if needed */
+ ret = nspr_nss_init();
+ if (ret != EOK) {
+ return NULL;
+ }
+
+ b64decoded = ATOB_AsciiToData(inbuf, &size);
+ if (!b64decoded) return NULL;
+
+ outbuf = talloc_memdup(mem_ctx, b64decoded, size);
+ PORT_Free(b64decoded);
+ if (!outbuf) return NULL;
+
+ *outbufsize = size;
+ return outbuf;
+}
diff --git a/src/util/crypto/nss/nss_obfuscate.c b/src/util/crypto/nss/nss_obfuscate.c
index db10be60..c0882d4e 100644
--- a/src/util/crypto/nss/nss_obfuscate.c
+++ b/src/util/crypto/nss/nss_obfuscate.c
@@ -224,38 +224,6 @@ done:
return ret;
}
-/* NSS wraps b64 encoded buffers with CRLF automatically after 64 chars. This
- * function strips the CRLF double-chars. The buffer can be decoded with plain
- * NSS calls */
-static char *b64_encode(TALLOC_CTX *mem_ctx,
- unsigned char *inbuf,
- size_t inbufsize)
-{
- char *b64encoded = NULL;
- int i, j, b64size;
- char *outbuf;
-
- b64encoded = BTOA_DataToAscii(inbuf, inbufsize);
- if (!b64encoded) return NULL;
-
- b64size = strlen(b64encoded) + 1;
- outbuf = talloc_array(mem_ctx, char, b64size);
- if (outbuf == NULL) {
- PORT_Free(b64encoded);
- return NULL;
- }
-
- for (i=0, j=0; i < b64size; i++) {
- if (b64encoded[i] == '\n' || b64encoded[i] == '\r') {
- continue;
- }
- outbuf[j++] = b64encoded[i]; /* will also copy the trailing \0 char */
- }
-
- PORT_Free(b64encoded);
- return outbuf;
-}
-
int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
enum obfmethod meth, char **obfpwd)
{
@@ -383,7 +351,7 @@ int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
OBF_BUFFER_SENTINEL_SIZE, &p);
/* Base64 encode the resulting buffer */
- *obfpwd = b64_encode(mem_ctx, obfbuf, obufsize);
+ *obfpwd = sss_base64_encode(mem_ctx, obfbuf, obufsize);
if (*obfpwd == NULL) {
ret = ENOMEM;
goto done;
@@ -408,7 +376,7 @@ int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded,
int plainlen;
unsigned int digestlen;
unsigned char *obfbuf = NULL;
- unsigned int obflen;
+ size_t obflen;
char *pwdbuf;
/* for unmarshaling data */
@@ -433,7 +401,7 @@ int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded,
}
/* Base64 decode the incoming buffer */
- obfbuf = ATOB_AsciiToData(b64encoded, &obflen);
+ obfbuf = sss_base64_decode(tmp_ctx, b64encoded, &obflen);
if (!obfbuf) {
ret = ENOMEM;
goto done;
@@ -531,7 +499,6 @@ int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded,
*password = talloc_move(mem_ctx, &pwdbuf);
ret = EOK;
done:
- PORT_Free(obfbuf);
talloc_free(tmp_ctx);
nspr_nss_cleanup();
return ret;
diff --git a/src/util/crypto/sss_crypto.h b/src/util/crypto/sss_crypto.h
index 66394aeb..7b3e5e09 100644
--- a/src/util/crypto/sss_crypto.h
+++ b/src/util/crypto/sss_crypto.h
@@ -11,6 +11,14 @@ enum obfmethod {
int test2(void);
+char *sss_base64_encode(TALLOC_CTX *mem_ctx,
+ const unsigned char *in,
+ size_t insize);
+
+unsigned char *sss_base64_decode(TALLOC_CTX *mem_ctx,
+ const char *in,
+ size_t *outsize);
+
int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
enum obfmethod meth, char **obfpwd);