X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=authobj.c;h=3bd9da5f33e4de709fbf52924e680a11fb015fec;hp=f06de57f4542191ad040178570fa2903be90cfd2;hb=9cfb078547dfafdb01cfd87c05acffdbc07255ee;hpb=af4a47cbe298e76f76cfa6dbff8190d0158bd080 diff --git a/authobj.c b/authobj.c index f06de57..3bd9da5 100644 --- a/authobj.c +++ b/authobj.c @@ -14,11 +14,11 @@ int make_challenge(const char *id, const char *pass, const char *nonce, serializer_t srl; if (serial_init(&srl, challenge, *challengesize)) return -1; - if (serial_put(&srl, id, strlen(id)) != strlen(id)) return -1; - if (serial_put(&srl, pass, strlen(pass)) != strlen(pass)) return -1; - if (serial_put(&srl, nonce, strlen(nonce)) != strlen(nonce)) return -1; - if (serial_put(&srl, NULL, 0) != 0) return -1; - *challengesize = ((serial_size(&srl) -1) / CBLKSIZE + 1) * CBLKSIZE; + if (serial_put(&srl, id, strlen(id)) != strlen(id)) return -2; + if (serial_put(&srl, pass, strlen(pass)) != strlen(pass)) return -3; + if (serial_put(&srl, nonce, strlen(nonce)) != strlen(nonce)) return -4; + if (serial_put(&srl, NULL, 0) != 0) return -5; + *challengesize = serial_size(&srl); return 0; } @@ -41,32 +41,27 @@ int make_authobj(const char *id, const char *pass, const char *nonce, CBLKSIZE + 1) * CBLKSIZE; data = alloca(datasize); if (serial_init(&srl, data, datasize)) return -1; - if (serial_put(&srl, secret, secsize) != secsize) return -1; - if (serial_put(&srl, payload, paysize) != paysize) return -1; + if (serial_put(&srl, secret, secsize) != secsize) return -2; + if (serial_put(&srl, payload, paysize) != paysize) return -3; if (hash(data, serial_size(&srl), datahash, &datahashsize)) - return -1; + return -4; if (serial_put(&srl, datahash, datahashsize) != datahashsize) - return -1; - if (serial_put(&srl, NULL, 0) != 0) return -1; + return -5; + if (serial_put(&srl, NULL, 0) != 0) return -6; datasize = ((serial_size(&srl) -1) / CBLKSIZE + 1) * CBLKSIZE; challengesize = ((strlen(id) + strlen(pass) + strlen(nonce) + 4 * sizeof(short) - 1) / CBLKSIZE + 1) * CBLKSIZE; challenge = alloca(challengesize); if (make_challenge(id, pass, nonce, challenge, &challengesize)) - return -1; + return -7; if (hmac(secret, secsize, challenge, challengesize, - key, &keysize)) return -1; -#if 0 - int i; - for (i = 0; i < keysize; i++) printf(", 0x%02x", key[i]); - printf("\n"); -#endif + key, &keysize)) return -8; - if (*bufsize < datasize) return -1; + if (*bufsize < datasize) return -9; + if (encrypt(key, CBLKSIZE, data, buffer, datasize)) return -10; *bufsize = datasize; - if (encrypt(key, CBLKSIZE, data, buffer, datasize)) return -1; return 0; } @@ -87,17 +82,18 @@ int parse_authobj(const unsigned char *key, const int keysize, if (decrypt(key, CBLKSIZE, buffer, data, datasize)) return -1; - if (serial_init(&srl, data, datasize)) return -1; + if (serial_init(&srl, data, datasize)) return -2; tsize = *secsize; - if ((*secsize = serial_get(&srl, secret, tsize)) > tsize) return -1; + *secsize = serial_get(&srl, secret, tsize); + if (*secsize > tsize || *secsize <= 0) return -3; tsize = *paysize; - if ((*paysize = serial_get(&srl, payload, tsize)) > tsize) return -1; - if (hash(data, serial_size(&srl), myhash, &myhashsize)) - return -1; - if ((theirhashsize = serial_get(&srl, theirhash, theirhashsize)) != HASHSIZE) - return -1; + *paysize = serial_get(&srl, payload, tsize); + if (*paysize > tsize || *paysize <= 0) return -4; + if (hash(data, serial_size(&srl), myhash, &myhashsize)) return -5; + theirhashsize = serial_get(&srl, theirhash, theirhashsize); + if (theirhashsize != HASHSIZE) return -6; if ((myhashsize != theirhashsize) || memcmp(myhash, theirhash, myhashsize)) - return -1; + return -7; return 0; }