Changeset ddcf491f


Ignore:
Timestamp:
2008-03-16T14:18:22Z (12 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
e960a52
Parents:
d07c3a8
Message:

Adding padding to encrypted IM-passwords so the exact password length can't
be guessed from the encrypted data anymore.

Files:
4 edited

Legend:

Unmodified
Added
Removed
  • lib/arc.c

    rd07c3a8 rddcf491f  
    131131   
    132132   Both functions return the number of bytes in the result string.
     133   
     134   Note that if you use the pad_to argument, you will need zero-termi-
     135   nation to find back the original string length after decryption. So
     136   it shouldn't be used if your string contains \0s by itself!
    133137*/
    134138
    135 int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password )
     139int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password, int pad_to )
    136140{
    137141        struct arc_state *st;
    138142        unsigned char *key;
    139         int key_len, i;
     143        char *padded = NULL;
     144        int key_len, i, padded_len;
    140145       
    141146        key_len = strlen( password ) + ARC_IV_LEN;
    142147        if( clear_len <= 0 )
    143148                clear_len = strlen( clear );
     149       
     150        /* Pad the string to the closest multiple of pad_to. This makes it
     151           impossible to see the exact length of the password. */
     152        if( pad_to > 0 && ( clear_len % pad_to ) > 0 )
     153        {
     154                padded_len = clear_len + pad_to - ( clear_len % pad_to );
     155                padded = g_malloc( padded_len );
     156                memcpy( padded, clear, clear_len );
     157               
     158                /* First a \0 and then random data, so we don't have to do
     159                   anything special when decrypting. */
     160                padded[clear_len] = 0;
     161                random_bytes( (unsigned char*) padded + clear_len + 1, padded_len - clear_len - 1 );
     162               
     163                clear = padded;
     164                clear_len = padded_len;
     165        }
    144166       
    145167        /* Prepare buffers and the key + IV */
     
    161183       
    162184        g_free( st );
     185        g_free( padded );
    163186       
    164187        return clear_len + ARC_IV_LEN;
  • lib/arc.h

    rd07c3a8 rddcf491f  
    3131};
    3232
    33 struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles );
     33G_GNUC_MALLOC struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles );
    3434unsigned char arc_getbyte( struct arc_state *st );
    35 int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password );
     35int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password, int pad_to );
    3636int arc_decode( unsigned char *crypt, int crypt_len, char **clear, char *password );
  • storage_xml.c

    rd07c3a8 rddcf491f  
    428428                int pass_len;
    429429               
    430                 pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password );
     430                pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 );
    431431                pass_b64 = base64_encode( pass_cr, pass_len );
    432432                g_free( pass_cr );
  • tests/check_arc.c

    rd07c3a8 rddcf491f  
    77#include "arc.h"
    88
    9 char *password = "TotT";
     9char *password = "ArcVier";
    1010
    1111char *clear_tests[] =
     
    1414        "ItllBeBitlBee",
    1515        "One more boring password",
     16        "Hoi hoi",
    1617        NULL
    1718};
     
    2829                int len;
    2930               
    30                 len = arc_encode( clear_tests[i], 0, &crypted, password );
     31                len = arc_encode( clear_tests[i], 0, &crypted, password, 12 );
    3132                len = arc_decode( crypted, len, &decrypted, password );
    3233               
     
    4142struct
    4243{
    43         unsigned char crypted[24];
     44        unsigned char crypted[30];
    4445        int len;
    4546        char *decrypted;
    4647} decrypt_tests[] = {
     48        /* One block with padding. */
    4749        {
    4850                {
    49                         0xc3, 0x0d, 0x43, 0xc3, 0xee, 0x80, 0xe2, 0x8c, 0x0b, 0x29, 0x32, 0x7e,
    50                         0x38, 0x05, 0x82, 0x10, 0x21, 0x1c, 0x4a, 0x00, 0x2c
    51                 }, 21, "Debugging sucks"
     51                        0x3f, 0x79, 0xb0, 0xf5, 0x91, 0x56, 0xd2, 0x1b, 0xd1, 0x4b, 0x67, 0xac,
     52                        0xb1, 0x31, 0xc9, 0xdb, 0xf9, 0xaa
     53                }, 18, "short pass"
    5254        },
     55       
     56        /* Two blocks with padding. */
    5357        {
    5458                {
    55                         0xb0, 0x00, 0x57, 0x0d, 0x0d, 0x0d, 0x70, 0xe1, 0xc0, 0x00, 0xa4, 0x25,
    56                         0x7d, 0xbe, 0x03, 0xcc, 0x24, 0xd1, 0x0c
    57                 }, 19, "Testing rocks"
     59                        0xf9, 0xa6, 0xec, 0x5d, 0xc7, 0x06, 0xb8, 0x6b, 0x63, 0x9f, 0x2d, 0xb5,
     60                        0x7d, 0xaa, 0x32, 0xbb, 0xd8, 0x08, 0xfd, 0x81, 0x2e, 0xca, 0xb4, 0xd7,
     61                        0x2f, 0x36, 0x9c, 0xac, 0xa0, 0xbc
     62                }, 30, "longer password"
    5863        },
     64
     65        /* This string is exactly two "blocks" long, to make sure unpadded strings also decrypt
     66           properly. */
    5967        {
    6068                {
    61                         0xb6, 0x92, 0x59, 0xe4, 0xf9, 0xc1, 0x7a, 0xf6, 0xf3, 0x18, 0xea, 0x28,
    62                         0x73, 0x6d, 0xb3, 0x0a, 0x6f, 0x0a, 0x2b, 0x43, 0x57, 0xe9, 0x3e, 0x63
    63                 }, 24, "OSCAR is creepy..."
     69                        0x95, 0x4d, 0xcf, 0x4d, 0x5e, 0x6c, 0xcf, 0xef, 0xb9, 0x80, 0x00, 0xef,
     70                        0x25, 0xe9, 0x17, 0xf6, 0x29, 0x6a, 0x82, 0x79, 0x1c, 0xca, 0x68, 0xb5,
     71                        0x4e, 0xd0, 0xc1, 0x41, 0x8e, 0xe6
     72                }, 30, "OSCAR is really creepy.."
    6473        },
    6574        { "", 0, NULL }
     
    8089               
    8190                fail_if( strcmp( decrypt_tests[i].decrypted, decrypted ) != 0,
    82                          "%s didn't decrypt properly", clear_tests[i] );
     91                         "`%s' didn't decrypt properly", decrypt_tests[i].decrypted );
    8392               
    8493                g_free( decrypted );
Note: See TracChangeset for help on using the changeset viewer.