X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=authobj.c;h=b4a1f2be26e1f3e3a284a128a5a6ba49c2aac954;hp=78eb3f8682bb3811fed7837c42624ad972e860fb;hb=8fa876111604e494a754e452090bfdd8fccd64c6;hpb=fb64e7a4da4999c17484a85359fbfe4b8035541d diff --git a/authobj.c b/authobj.c index 78eb3f8..b4a1f2b 100644 --- a/authobj.c +++ b/authobj.c @@ -1,13 +1,36 @@ +/* +Copyright (c) 2013 Eugene Crosser + +This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. + +Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must + not claim that you wrote the original software. If you use this + software in a product, an acknowledgment in the product documentation + would be appreciated but is not required. + + 2. Altered source versions must be plainly marked as such, and must + not be misrepresented as being the original software. + + 3. This notice may not be removed or altered from any source + distribution. +*/ + #ifdef HAVE_CONFIG_H # include "config.h" #endif #include #include +#include #include #include "serial.h" #include "crypto.h" #include "authobj.h" -#include "pcsc_cr.h" static struct _auth_chunk make_challenge(const char *uid, const char *pass, const char *nonce) @@ -88,7 +111,7 @@ make_key(const char *userid, const char *password, const char *nonce, } static struct _auth_obj -make_authobj(char *userid, char *password, char *nonce, +make_authobj(const char *userid, const char *password, const char *nonce, const unsigned char *secret, const int secsize, const unsigned char *payload, const int paylsize) { @@ -103,6 +126,15 @@ make_authobj(char *userid, char *password, char *nonce, datasize = ((secsize + paylsize + HASHSIZE + 4 * sizeof(short) - 1) / CBLKSIZE + 1) * CBLKSIZE; data = alloca(datasize); + /* + We allocate memory rounded up to CBLKSIZE on the stack, but do not + use the last bytes. Stack protectors, if enabled, fill this memory + with `canary` value. Later, when encryption function is called, + stack protector detects that it tries to access "uninitialized + memory". Which, while technically true, is not an error. Still, + let us make stack protector happy by initializing the whole area: + */ + memset(data, 0, datasize); serial_init(&srl, data, datasize); if (serial_put(&srl, secret, secsize) != secsize) { ao.err = "authobj: serialization of secret failed"; @@ -146,7 +178,7 @@ make_authobj(char *userid, char *password, char *nonce, } static struct _auth_obj -parse_authobj(char *userid, char *password, char *nonce, +parse_authobj(const char *userid, const char *password, const char *nonce, const unsigned char *secret, const int secsize, const unsigned char *ablob, const int blobsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, @@ -201,14 +233,18 @@ struct _auth_obj authobj(const char *userid, const char *password, struct _auth_chunk (*fetch_key)(const unsigned char *chal, const int csize)) { - unsigned char *wsecret; + const unsigned char *wsecret; int wsecsize; - unsigned char *wpayload; + const unsigned char *wpayload; int wpaylsize; struct _auth_obj old_ao = {0}; struct _auth_obj new_ao = {0}; if (!secret || !secsize || !payload) { + if (!ablob || !blobsize) { + new_ao.err = "authobj: previous data not supplied"; + return new_ao; + } old_ao = parse_authobj(userid, password, oldnonce, secret, secsize, ablob, blobsize, fetch_key);