![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to stealth.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp / contrib / stealth|
Return to stealth.c CVS log | Up to [PGP] / pgp / contrib / stealth |
1.1 root 1:
2: /*
3: * Stealth V1.1 by Henry Hastur
4: *
5: * May or may not be covered by US ITAR encryption export regulations, if
6: * in doubt, don't export it. It would be pretty stupid if it was, but
7: * hey, governments have done some pretty stupid things before now....
8: *
9: * This program is copyright Henry Hastur 1994, but may be freely distributed,
10: * modified, incorporated into other programs and used, as long as the
11: * copyright stays attached and you obey any relevant import or export
12: * restrictions on the code. No warranty is offered, and no responsibility
13: * is taken for any damage use of this program may cause. In other words,
14: * do what you want with it, but don't expect me to pay up if anything
15: * unexpected goes wrong - you're using it at your own risk...
16: *
17: */
18:
19: #include <stdio.h>
20: #include <ctype.h>
21: #include <stdlib.h>
22: #ifndef DOS
23: #include <unistd.h>
24: #else
25: #include <fcntl.h>
26: #include <io.h>
27: #endif
28: #include <signal.h>
29:
30: /* Few definitions from PGP for its header/algorithm versions */
31:
32: #define CURRENT_VERSION 0x02
33: #define RSA_VERSION 0x01
34: #define ID_SIZE 8
35:
36: /* define TRUE and FALSE */
37:
38: #define TRUE 1
39: #define FALSE 0
40:
41: /* A byte */
42:
43: typedef unsigned char byte;
44:
45: /* Few global variables */
46:
47: static int verbose = FALSE;
48: static int conventional = FALSE;
49: static int adding = FALSE;
50: static char file_name [1024];
51: static int file_open = FALSE;
52: static FILE *afp;
53:
54: /* int_handler() - tidy up and exit */
55:
56: static void int_handler(unused)
57:
58: int unused;
59:
60: {
61: long fpos;
62:
63: /* If we've still got a file open */
64:
65: if (file_open) {
66:
67: /* If we can still write to it, erase it */
68:
69: if (afp) {
70: fseek (afp, 0l, 2);
71: fpos = ftell (afp);
72: fseek (afp, 0l, 0);
73:
74: while (fpos --)
75: putc (0, afp);
76: }
77:
78: #ifndef UNIX
79: /* Finally unlink it */
80:
81: unlink (file_name);
82: #endif
83: }
84:
85: exit (1);
86: }
87:
88: /* Read a PGP ctb-lengh */
89:
90: static long read_length (c,fp)
91:
92: FILE *fp;
93: int c;
94:
95: {
96: static int bytes [] = { 1, 2, 4, 0 };
97: long len = 0;
98: int n;
99:
100: n = bytes [c & 0x03];
101:
102: if (!n)
103: return 0x7FFFFFFF;
104:
105: for (; n > 0 ; n--) {
106: len *= 256;
107: len += getc(fp);
108: }
109:
110: return len;
111: }
112:
113: /* Write a PGP ctb-length */
114:
115: static void write_length (ctb,length,fp)
116:
117: int ctb;
118: unsigned long length;
119: FILE *fp;
120:
121: {
122: unsigned long mask;
123: int bytes, shift,c;
124:
125: ctb &= 0xFC;
126:
127: if (length < 256) {
128: mask = 0xFF;
129: bytes = 1;
130: shift = 0;
131: }
132: else if (length < 65536) {
133: mask = 0xFF00;
134: bytes = 2;
135: shift = 8;
136: ctb |= 1;
137: }
138: else {
139: mask = 0xFF000000;
140: shift = 24;
141: bytes = 4;
142: ctb |= 2;
143: }
144:
145: putc (ctb, fp);
146:
147: while (bytes-- > 0) {
148: c = ((length & mask) >> shift);
149: mask >>= 8;
150: shift -= 8;
151:
152: putc (c, fp);
153: }
154: }
155:
156: /* Hunt through pubring.pgp for the appropriate secret key */
157:
158: #define ID_FROM_NAME 0
159: #define LENGTH_FROM_ID 1
160:
161: static int find_key_id(id,length,s,type)
162:
163: char *s;
164: byte *id;
165: int *length;
166: int type;
167:
168: {
169: char *path;
170: FILE *pub = NULL;
171: int c1, c2, len, i, klen, c;
172: long hex_id = (-1);
173:
174: /* Following are static only to reduce DOS stack requirements */
175:
176: static char pub_name [1024];
177: static char userid [256];
178:
179: /* Find pubring.pgp */
180:
181: if (path = getenv("PGPPATH")) {
182: sprintf (pub_name, "%s/pubring.pgp", path);
183: pub = fopen(pub_name, "rb");
184: }
185:
186: if (!pub)
187: pub = fopen ("pubring.pgp", "rb");
188:
189: if (!pub) {
190: fprintf (stderr,"Can't find pubring.pgp in $PGPPATH or . : exiting !\n");
191: exit (1);
192: }
193:
194: /* Also allow for use of hex key id */
195:
196: if (type == ID_FROM_NAME && !strncmp(s,"0x",2)) {
197: char *i;
198: int c;
199:
200: hex_id = 0l;
201: i = s + 2;
202:
203: while (*i) {
204: hex_id <<= 4;
205: c = tolower (*i);
206:
207: if (c >= '0' && c <= '9') {
208: hex_id += (c - '0');
209: }
210: else if (c >= 'a' && c <= 'f') {
211: hex_id += (c + 10 - 'a');
212: }
213: else {
214: fprintf (stderr, "Hex key id given with invalid hex digits !\n");
215: exit (1);
216: }
217:
218: i++;
219: }
220: }
221:
222: /* Read the contents till we find what we're looking for */
223:
224: while ((c1 = getc(pub)) != EOF) {
225: c2 = (c1 & 0xBC);
226:
227: switch (c2) {
228:
229: /* Secret key, probably revocation cert. */
230:
231: case 0x94:
232: len = read_length (c1, pub);
233:
234: for (; len > 0; len--)
235: (void) getc (pub);
236:
237: break;
238:
239: /* Public key - grab id and length */
240:
241: case 0x98:
242: len = read_length (c1, pub);
243:
244: for (i = 0; i < 8; i++)
245: (void) getc (pub);
246:
247: len -= 10;
248:
249: /* OK, here we are at the public modulus, get the
250: size from the MPI header */
251:
252: klen = getc(pub) * 256;
253: klen += getc (pub);
254:
255: /* Return the length for the caller to use */
256:
257: *length = klen;
258:
259: /* We only need the last 64 bits */
260:
261: len -= ((klen + 7) / 8);
262: i = (((klen + 7) / 8) - ID_SIZE);
263:
264: /* Skip unneccesary bytes */
265:
266: for (; i > 0; i--) {
267: (void) getc (pub);
268: }
269:
270: if (type == ID_FROM_NAME) {
271: for (i = 0; i < ID_SIZE; i++) {
272: id [i] = getc(pub);
273: }
274: }
275: else {
276:
277: /* Looking for length from ID */
278:
279: int found_id = TRUE;
280:
281: for (i = 0; i < ID_SIZE; i++) {
282: if (id[i] != getc(pub))
283: found_id = FALSE;
284: }
285:
286: if (found_id) {
287: fclose (pub);
288: return TRUE;
289: }
290: }
291:
292: for (; len > 0 ; len--) {
293: (void) getc (pub);
294: }
295:
296: break;
297:
298: /* Keyring trust, comment */
299:
300: case 0xB0:
301: case 0xB8:
302:
303: len = getc (pub);
304:
305: for (; len > 0; len--)
306: (void) getc (pub);
307:
308: break;
309:
310: /* USER ID ! */
311:
312: case 0xB4:
313:
314: len = getc (pub);
315:
316: if (type == ID_FROM_NAME) {
317: for (i = 0; i < len; i++) {
318: c = getc (pub);
319: userid [i] = tolower (c);
320: }
321:
322: userid [i] = 0;
323:
324: if (strstr(userid, s)) {
325: if (verbose)
326: fprintf (stderr, "Found user: %s\n",userid);
327: return TRUE;
328: }
329:
330: /* Ok, check for hex id */
331:
332: if (hex_id >= 0) {
333: long id_read = 0l;
334:
335: for (i = 5; i < 8; i++) {
336: id_read <<= 8;
337: id_read += id[i];
338: }
339:
340: if (hex_id == id_read) {
341: if (verbose)
342: fprintf (stderr, "Found hex id : 0x%06X\n", hex_id);
343: return TRUE;
344: }
345: }
346: }
347: else
348: for (i = 0; i < len; i++)
349: (void) getc (pub);
350: break;
351:
352: /* Anything we don't care about */
353:
354: default:
355: len = read_length (c1, pub);
356:
357: for (; len > 0; len--)
358: (void) getc (pub);
359: break;
360:
361: }
362: }
363:
364: fclose (pub);
365:
366: /* Uh-oh, failed to find it ! */
367:
368: return FALSE;
369: }
370:
371: /* Strip_headers() : Should be obvious what this does, really ! */
372:
373: static void strip_headers(fp)
374:
375: FILE *fp;
376:
377: {
378: int c1,c2;
379: long len;
380: int i;
381: byte id [ID_SIZE];
382: int key_length;
383: byte key_length_found = FALSE;
384: byte rsa_written = FALSE;
385: int mpi_length;
386:
387: /* Run through the whole message checking each packet */
388:
389: while ((c1 = getc(fp)) != EOF) {
390: c2 = (c1 & 0xBC);
391:
392: switch (c2) {
393:
394: /* Public key encoded packet */
395:
396: case 0x84:
397:
398: /* Read length */
399:
400: len = read_length(c1, fp);
401: if (verbose)
402: fprintf (stderr, "Found %d byte RSA packet.\n",
403: len);
404:
405: /*
406: We only support ONE RSA block ! This is because
407: we have no idea of the file format when we start
408: adding headers, so we have to assume that this
409: is the case. Warn the user, then abort...
410: */
411:
412: if (rsa_written) {
413: fprintf (stderr, "WARNING: More than one RSA block found... stripping extra block !\n");
414:
415: /* Throw away the block */
416:
417: ohno_abort_abort:
418: while (len-- > 0)
419: (void) getc (fp);
420:
421: break;
422: }
423:
424: /* Check for conventional encryption specified */
425:
426: if (conventional) {
427: fprintf (stderr, "WARNING: You specified conventional encryption with an RSA-encrypted file !\nI hope you know what you're doing... stripping RSA header....\n");
428:
429: goto ohno_abort_abort;
430: }
431:
432: /* Check public key version byte */
433:
434: c1 = getc (fp);
435:
436: if (c1 != CURRENT_VERSION) {
437: fprintf(stderr, "Hmm, PK version %d not %d, may not decrypt at recipient\n", c1, CURRENT_VERSION);
438: }
439:
440: /* Strip key ID */
441:
442: for (i = 0; i < ID_SIZE; i++)
443: id[i] = getc (fp);
444:
445: if (find_key_id (id,&key_length,NULL,LENGTH_FROM_ID)) {
446: key_length_found = TRUE;
447: }
448:
449: /* Check RSA version byte */
450:
451: c1 = getc(fp);
452:
453: if (c1 != RSA_VERSION) {
454: fprintf (stderr, "Hmm, RSA version %d not %d, may not decrypt at recipient\n", c1, RSA_VERSION);
455: }
456:
457: /* Strip MPI prefix */
458:
459: mpi_length = getc(fp);
460: mpi_length = mpi_length * 256 + getc(fp);
461:
462: /* Now, we have a problem in that PGP may generate
463: an RSA block shorter than your key, in which
464: case decryption is likely to fail. Check for
465: this and warn the user ! */
466:
467: if (!key_length_found) {
468: fprintf (stderr, "Hmm, couldn't get the length of this key, so can't verify that decryption\nwill be successful.\n");
469: }
470: else {
471: if (((mpi_length + 7) / 8) !=
472: ((key_length + 7) / 8)) {
473: fprintf (stderr, "WARNING : Short RSA block output, decryption will probably fail if used !\n");
474: }
475: }
476:
477: /* Copy remaining data from packet */
478:
479: len -= 12;
480: for (; len > 0; len--)
481: putchar (getc(fp));
482:
483: rsa_written = TRUE;
484: break;
485:
486: /* IDEA packet */
487:
488: case 0xA4:
489:
490: /* Read length */
491:
492: len = read_length(c1, fp);
493: if (verbose)
494: fprintf (stderr, "Found %d byte IDEA packet.\n",
495: len);
496:
497: /* Copy data from packet */
498:
499: for (; len > 0; len--)
500: putchar (getc (fp));
501:
502: break;
503:
504: default:
505:
506: /* Oh no ! Don't know what this is - just skip it ! */
507:
508: if (verbose)
509: fprintf (stderr, "Oops ! Unexpected packet type, skipping !\n");
510:
511: len = read_length (c1, fp);
512:
513: for (; len > 0; len --)
514: (void) getc (fp);
515:
516: break;
517: }
518: }
519: }
520:
521: /* Now we put the headers back in again */
522:
523: static void add_headers(id, length)
524:
525: byte *id;
526: int length;
527:
528: {
529: unsigned long len, mask;
530: int shift;
531: int i, c;
532: long fpos;
533: long flen;
534: int s;
535: #ifdef USE_PGPPATH
536: char *pgp_path;
537: #endif
538:
539: /* Foo ! We have to use a temporary file, because we need to be
540: able to output the length after reading it in ! */
541:
542: #ifdef USE_TMP
543: strcpy (file_name, "/tmp/stealth.t");
544: #else
545: #ifdef USE_PGPPATH
546: pgp_path = getenv ("PGPPATH");
547:
548: if (!pgp_path) {
549: fprintf (stderr, "PGPPATH not set !\n");
550: exit (1);
551: }
552:
553: sprintf(file_name,"%s/stealth.t",pgp_path);
554: #else
555: strcpy (file_name, "stealth.t");
556: #endif
557: #endif
558:
559: s = strlen (file_name);
560:
561: i = 0;
562:
563: #ifdef DOS
564: #define F_OK 0
565: #endif
566:
567: while (!access (file_name, F_OK) && i < 100) {
568: sprintf (file_name + s, "%d", i++);
569: }
570:
571: afp = fopen (file_name,"w+b");
572:
573: if (!afp) {
574: fprintf (stderr, "Can't open '%s' !\n", file_name);
575: exit (2);
576: }
577:
578: /* On unix, unlink the file immediately, to improve security */
579:
580: #ifdef UNIX
581: unlink (file_name);
582: #endif
583:
584: file_open = TRUE;
585:
586: if (!conventional) {
587:
588: /* First output the PK header */
589:
590: len = 4 + ID_SIZE + (length + 7)/8;
591:
592: write_length (0x84, len, afp);
593: putc (CURRENT_VERSION, afp);
594:
595: /* Store the key ID */
596:
597: for (i = 0; i < 8; i++) {
598: putc (id [i], afp);
599: }
600:
601: /* RSA version */
602:
603: putc (RSA_VERSION, afp);
604:
605: /* MPI header */
606:
607: c = (length & 0xFF00) >> 8;
608: putc (c, afp);
609: putc (length & 0xFF, afp);
610:
611: /* Copy the MPI over */
612:
613: i = (length + 7) / 8;
614: while (i-- > 0) {
615: c = getchar();
616: putc (c, afp);
617: }
618:
619: }
620:
621: /* Now the IDEA bits */
622:
623: len = 0xFFFFFFFF;
624:
625: fpos = ftell (afp) + 1;
626: write_length (0xA4, len, afp);
627:
628: len = 0;
629:
630: while ((c = getchar ()) != EOF) {
631: len ++;
632: putc (c, afp);
633: }
634:
635: fseek (afp, fpos, 0);
636:
637: /* Set up mask for length writing */
638:
639: mask = 0xFF000000;
640: shift = 24;
641:
642: /* Write the length back */
643:
644: for (i = 0; i < 4; i++) {
645: c = (len & mask) >> shift;
646: shift -= 8;
647: mask >>= 8;
648:
649: putc (c, afp);
650: }
651:
652: /* OK, now let's output the data ! */
653:
654: fseek (afp, 0l, 0);
655:
656: while ((c = getc (afp)) != EOF) {
657: putchar (c);
658: }
659:
660: /* Erase the file */
661:
662: flen = ftell (afp);
663:
664: fseek (afp, 0l,0);
665:
666: while (flen --)
667: putc (0, afp);
668:
669: fclose (afp);
670: afp = NULL;
671:
672: #ifndef UNIX
673: /* Finally, delete the temporary file */
674:
675: unlink (file_name);
676: #endif
677:
678: file_open = FALSE;
679: }
680:
681: static char looking_for [256];
682:
683: /* Do the stuff */
684:
685: main(argc,argv)
686:
687: char *argv[];
688: int argc;
689:
690: {
691: int length;
692: byte id [ID_SIZE];
693: char *s, *d;
694: int arg = 1,i;
695:
696: /* Following needed for binary stdin/stdout on DOS */
697:
698: #ifdef DOS
699: _fmode = O_BINARY;
700: setmode (fileno(stdin), O_BINARY);
701: setmode (fileno(stdout), O_BINARY);
702: #endif
703:
704: /* Set the umask for any files we may create */
705:
706: umask (077);
707:
708: signal (SIGINT, int_handler);
709:
710: /* Check command line parameters */
711:
712: while (arg != argc && argv [arg][0] == '-') {
713:
714: for (i = 1; argv[arg][i]; i++) {
715: switch (argv[arg][i]) {
716:
717: case 'v':
718: verbose = TRUE;
719: break;
720:
721: case 'c':
722: conventional = TRUE;
723: break;
724:
725: case 'a':
726: adding = TRUE;
727: break;
728:
729: }
730: }
731:
732: arg++;
733: }
734:
735: if (!adding)
736: strip_headers (stdin);
737: else {
738: if (!conventional) {
739:
740: if (arg == argc) {
741: fprintf (stderr, "You specified -a, but gave no user id !\n");
742: exit (1);
743: }
744:
745: s = argv[arg];
746: d = looking_for;
747:
748: while (*s) {
749: *d++ = tolower (*s);
750: s++;
751: }
752: *d = 0;
753: }
754:
755: if (conventional ||
756: find_key_id (id,&length,looking_for,ID_FROM_NAME)) {
757: add_headers (id, length);
758: }
759: else {
760: fprintf (stderr, "Can't find key for user %s\n",argv[arg]);
761: }
762: }
763: }
764:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.