diff options
Diffstat (limited to 'gst/librfb/vncauth.c')
| -rw-r--r-- | gst/librfb/vncauth.c | 166 |
1 files changed, 166 insertions, 0 deletions
diff --git a/gst/librfb/vncauth.c b/gst/librfb/vncauth.c new file mode 100644 index 00000000..19083088 --- /dev/null +++ b/gst/librfb/vncauth.c @@ -0,0 +1,166 @@ +/* + * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved. + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +/* + * vncauth.c - Functions for VNC password management and authentication. + */ + +#include "config.h" +#include "stdint.h" +#include "stdio.h" +#include "stdlib.h" +#include "string.h" +#include "time.h" +#include "vncauth.h" +#include "d3des.h" + +#include "sys/stat.h" + + +/* + * We use a fixed key to store passwords, since we assume that our local + * file system is secure but nonetheless don't want to store passwords + * as plaintext. + */ + +unsigned char fixedkey[8] = { 23, 82, 107, 6, 35, 78, 88, 7 }; + + +/* + * Encrypt a password and store it in a file. Returns 0 if successful, + * 1 if the file could not be written. + */ + +int32_t +vncEncryptAndStorePasswd (char *passwd, char *fname) +{ + FILE *fp; + uint32_t i; + unsigned char encryptedPasswd[8]; + + if ((fp = fopen (fname, "w")) == NULL) + return 1; + + chmod (fname, S_IRUSR | S_IWUSR); + + /* pad password with nulls */ + + for (i = 0; i < 8; i++) { + if (i < strlen (passwd)) { + encryptedPasswd[i] = passwd[i]; + } else { + encryptedPasswd[i] = 0; + } + } + + /* Do encryption in-place - this way we overwrite our copy of the plaintext + password */ + + deskey (fixedkey, EN0); + des (encryptedPasswd, encryptedPasswd); + + for (i = 0; i < 8; i++) { + putc (encryptedPasswd[i], fp); + } + + fclose (fp); + return 0; +} + + +/* + * Decrypt a password from a file. Returns a pointer to a newly allocated + * string containing the password or a null pointer if the password could + * not be retrieved for some reason. + */ + +char * +vncDecryptPasswdFromFile (char *fname) +{ + FILE *fp; + int32_t i, ch; + unsigned char *passwd = (unsigned char *) malloc (9); + + if ((fp = fopen (fname, "r")) == NULL) + return NULL; + + for (i = 0; i < 8; i++) { + ch = getc (fp); + if (ch == EOF) { + fclose (fp); + return NULL; + } + passwd[i] = ch; + } + + fclose (fp); + + deskey (fixedkey, DE1); + des (passwd, passwd); + + passwd[8] = 0; + + return (char *) passwd; +} + + +/* + * Generate CHALLENGESIZE random bytes for use in challenge-response + * authentication. + */ + +void +vncRandomBytes (unsigned char *bytes) +{ + int32_t i; + uint32_t seed = (uint32_t) time (0); + + srandom (seed); + for (i = 0; i < CHALLENGESIZE; i++) { + bytes[i] = (unsigned char) (random () & 255); + } +} + + +/* + * Encrypt CHALLENGESIZE bytes in memory using a password. + */ + +void +vncEncryptBytes (unsigned char *bytes, char *passwd) +{ + unsigned char key[8]; + uint32_t i; + + /* key is simply password padded with nulls */ + + for (i = 0; i < 8; i++) { + if (i < strlen (passwd)) { + key[i] = passwd[i]; + } else { + key[i] = 0; + } + } + + deskey (key, EN0); + + for (i = 0; i < CHALLENGESIZE; i += 8) { + des (bytes + i, bytes + i); + } +} |