Changeset 758 in openpam

Timestamp:

Jan 23, 2014, 8:19:54 PM (7 years ago)

Author:

Dag-Erling Smørgrav

Message:

Factor out and document oath_key_from_uri().
Implement percent-decoding of the key label.

Location:

trunk

Files:

• include/security/Makefile.am (modified) (1 diff)
• include/security/oath.h (modified) (2 diffs)
• include/security/oath_rfc3986.h (added)
• lib/liboath/Makefile.am (modified) (1 diff)
• lib/liboath/oath_key.c (modified) (1 diff)
• lib/liboath/oath_key_from_uri.c (copied) (copied from trunk/lib/liboath/oath_key.c) (6 diffs)
• lib/liboath/oath_uri_decode.c (added)

trunk/include/security/Makefile.am

@@ -16 +16 @@
         oath.h \
         oath_constants.h \
+        oath_rfc3986.h \
         oath_rfc4648.h \
         oath_types.h

trunk/include/security/oath.h

@@ -1 +1 @@
 /*-
- * Copyright (c) 2012-2013 Universitetet i Oslo
+ * Copyright (c) 2012-2014 Universitetet i Oslo
+ * Copyright (c) 2013-2014 Dag-Erling Smørgrav
  * All rights reserved.
  *
@@ -35 +36 @@
 #include <security/oath_constants.h>
 #include <security/oath_types.h>
+#include <security/oath_rfc3986.h>
 #include <security/oath_rfc4648.h>
 

trunk/lib/liboath/Makefile.am

@@ -13 +13 @@
         oath_key_create.c \
         oath_key_dummy.c \
+        oath_key_from_uri.c \
         oath_key_free.c \
-        oath_key.c
+        oath_key.c \
+        oath_uri_decode.c
 
 liboath_la_LDFLAGS = -no-undefined -version-info @LIB_MAJ@

trunk/lib/liboath/oath_key.c

@@ -36 +36 @@
 #include <sys/types.h>
 
-#include <errno.h>
 #include <inttypes.h>
-#include <limits.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
 
 #include <security/pam_appl.h>
 #include <security/openpam.h>
 
-#include "openpam_asprintf.h"
 #include "openpam_strlcmp.h"
 
 #include <security/oath.h>
-
-/*
- * Allocate a struct oath_key and populate it from a Google Authenticator
- * otpauth URI
- */
-struct oath_key *
-oath_key_from_uri(const char *uri)
-{
-        struct oath_key *key;
-        const char *p, *q, *r;
-        uintmax_t n;
-        char *e;
-
-        if ((key = oath_key_alloc()) == NULL)
-                return (NULL);
-
-        /* check method */
-        p = uri;
-        if (strlcmp("otpauth://", p, 10) != 0)
-                goto invalid;
-        p += 10;
-
-        /* check mode (hotp = event, totp = time-sync) */
-        if ((q = strchr(p, '/')) == NULL)
-                goto invalid;
-        if (strlcmp("hotp", p, q - p) == 0) {
-                key->mode = om_hotp;
-        } else if (strlcmp("totp", p, q - p) == 0) {
-                key->mode = om_totp;
-        } else {
-                goto invalid;
-        }
-        p = q + 1;
-
-        /* extract label */
-        /* XXX actually URI-encoded */
-        if ((q = strchr(p, '?')) == NULL)
-                goto invalid;
-        if ((key->labellen = q - p + 1) > sizeof key->label)
-                goto invalid;
-        memcpy(key->label, p, q - p);
-        key->label[q - p] = '\0';
-        p = q + 1;
-
-        /* extract parameters */
-        key->counter = UINT64_MAX;
-        key->lastused = UINT64_MAX;
-        while (*p != '\0') {
-                if ((q = strchr(p, '=')) == NULL)
-                        goto invalid;
-                q = q + 1;
-                if ((r = strchr(p, '&')) == NULL)
-                        r = strchr(p, '\0');
-                if (r < q)
-                        /* & before = */
-                        goto invalid;
-                /* p points to key, q points to value, r points to & or NUL */
-                if (strlcmp("secret=", p, q - p) == 0) {
-                        if (key->keylen != 0)
-                                /* dupe */
-                                goto invalid;
-                        key->keylen = sizeof key->key;
-                        if (base32_dec(q, r - q, key->key, &key->keylen) != 0)
-                                goto invalid;
-                        if (base32_enclen(key->keylen) != (size_t)(r - q))
-                                goto invalid;
-                } else if (strlcmp("algorithm=", p, q - p) == 0) {
-                        if (key->hash != oh_undef)
-                                /* dupe */
-                                goto invalid;
-                        if (strlcmp("SHA1", q, r - q) == 0)
-                                key->hash = oh_sha1;
-                        else if (strlcmp("SHA256", q, r - q) == 0)
-                                key->hash = oh_sha256;
-                        else if (strlcmp("SHA512", q, r - q) == 0)
-                                key->hash = oh_sha512;
-                        else if (strlcmp("MD5", q, r - q) == 0)
-                                key->hash = oh_md5;
-                        else
-                                goto invalid;
-                } else if (strlcmp("digits=", p, q - p) == 0) {
-                        if (key->digits != 0)
-                                /* dupe */
-                                goto invalid;
-                        /* only 6 or 8 */
-                        if (r - q != 1 || (*q != '6' && *q != '8'))
-                                goto invalid;
-                        key->digits = *q - '0';
-                } else if (strlcmp("counter=", p, q - p) == 0) {
-                        if (key->counter != UINT64_MAX)
-                                /* dupe */
-                                goto invalid;
-                        n = strtoumax(q, &e, 10);
-                        if (e != r || n >= UINT64_MAX)
-                                goto invalid;
-                        key->counter = (uint64_t)n;
-                } else if (strlcmp("lastused=", p, q - p) == 0) {
-                        if (key->lastused != UINT64_MAX)
-                                /* dupe */
-                                goto invalid;
-                        n = strtoumax(q, &e, 10);
-                        if (e != r || n >= UINT64_MAX)
-                                goto invalid;
-                        key->lastused = (uint64_t)n;
-                } else if (strlcmp("period=", p, q - p) == 0) {
-                        if (key->timestep != 0)
-                                /* dupe */
-                                goto invalid;
-                        n = strtoumax(q, &e, 10);
-                        if (e != r || n > OATH_MAX_TIMESTEP)
-                                goto invalid;
-                        key->timestep = n;
-                } else {
-                        goto invalid;
-                }
-                /* final parameter? */
-                if (*r == '\0')
-                        break;
-                /* skip & and continue */
-                p = r + 1;
-        }
-
-        /* sanity checks and default values */
-        if (key->mode == om_hotp) {
-                if (key->counter == UINT64_MAX)
-                        key->counter = 0;
-                if (key->timestep != 0)
-                        goto invalid;
-                if (key->lastused != UINT64_MAX)
-                        goto invalid;
-        } else if (key->mode == om_totp) {
-                if (key->counter != UINT64_MAX)
-                        goto invalid;
-                if (key->timestep == 0)
-                        key->timestep = OATH_DEF_TIMESTEP;
-                if (key->lastused == UINT64_MAX)
-                        key->lastused = 0;
-        } else {
-                /* unreachable */
-                oath_key_free(key);
-                return (NULL);
-        }
-        if (key->hash == oh_undef)
-                key->hash = oh_sha1;
-        if (key->digits == 0)
-                key->digits = 6;
-        if (key->keylen == 0)
-                goto invalid;
-        return (key);
-
-invalid:
-        openpam_log(PAM_LOG_NOTICE, "invalid OATH URI: %s", uri);
-        oath_key_free(key);
-        return (NULL);
-}
 
 struct oath_key *

trunk/lib/liboath/oath_key_from_uri.c

@@ -1 +1 @@
 /*-
- * Copyright (c) 2013 Universitetet i Oslo
+ * Copyright (c) 2013-2014 Universitetet i Oslo
  * All rights reserved.
  *
@@ -36 +36 @@
 #include <sys/types.h>
 
-#include <errno.h>
 #include <inttypes.h>
-#include <limits.h>
-#include <stdio.h>
-#include <stdlib.h>
 #include <string.h>
 
@@ -46 +42 @@
 #include <security/openpam.h>
 
-#include "openpam_asprintf.h"
 #include "openpam_strlcmp.h"
 
@@ -52 +47 @@
 
 /*
- * Allocate a struct oath_key and populate it from a Google Authenticator
- * otpauth URI
+ * OATH
+ *
+ * Creates an OATH key from a Google otpauth URI
  */
+
 struct oath_key *
 oath_key_from_uri(const char *uri)
@@ -85 +82 @@
 
         /* extract label */
-        /* XXX actually URI-encoded */
         if ((q = strchr(p, '?')) == NULL)
                 goto invalid;
-        if ((key->labellen = q - p + 1) > sizeof key->label)
-                goto invalid;
-        memcpy(key->label, p, q - p);
-        key->label[q - p] = '\0';
+        key->labellen = oath_uri_decode(p, q - p, key->label,
+            sizeof key->label);
+        if (key->labellen > sizeof key->label)
+                goto invalid;
         p = q + 1;
 
@@ -206 +202 @@
 }
 
-struct oath_key *
-oath_key_from_file(const char *filename)
-{
-        struct oath_key *key;
-        FILE *f;
-        char *line;
-        size_t len;
-
-        if ((f = fopen(filename, "r")) == NULL)
-                return (NULL);
-        /* get first non-empty non-comment line */
-        line = openpam_readline(f, NULL, &len);
-        if (strlcmp("otpauth://", line, len) == 0) {
-                key = oath_key_from_uri(line);
-        } else {
-                openpam_log(PAM_LOG_ERROR,
-                    "unrecognized key file format: %s", filename);
-                key = NULL;
-        }
-        fclose(f);
-        return (key);
-}
-
-char *
-oath_key_to_uri(const struct oath_key *key)
-{
-        const char *hash;
-        char *tmp, *uri;
-        size_t kslen, urilen;
-
-        switch (key->hash) {
-        case oh_sha1:
-                hash = "SHA1";
-                break;
-        case oh_sha256:
-                hash = "SHA256";
-                break;
-        case oh_sha512:
-                hash = "SHA512";
-                break;
-        case oh_md5:
-                hash = "MD5";
-                break;
-        default:
-                return (NULL);
-        }
-
-        /* XXX the label should be URI-encoded */
-        if (key->mode == om_hotp) {
-                urilen = asprintf(&uri, "otpauth://%s/%s?"
-                    "algorithm=%s&digits=%d&counter=%ju&secret=",
-                    "hotp", key->label, hash, key->digits,
-                    (uintmax_t)key->counter);
-        } else if (key->mode == om_totp) {
-                urilen = asprintf(&uri, "otpauth://%s/%s?"
-                    "algorithm=%s&digits=%d&period=%u&lastused=%ju&secret=",
-                    "totp", key->label, hash, key->digits, key->timestep,
-                    (uintmax_t)key->lastused);
-        } else {
-                /* unreachable */
-                return (NULL);
-        }
-
-        /* compute length of base32-encoded key and append it */
-        kslen = base32_enclen(key->keylen) + 1;
-        if ((tmp = realloc(uri, urilen + kslen)) == NULL) {
-                free(uri);
-                return (NULL);
-        }
-        uri = tmp;
-        if (base32_enc(key->key, key->keylen, uri + urilen, &kslen) != 0) {
-                free(uri);
-                return (NULL);
-        }
-
-        return (uri);
-}
+/**
+ * The =oath_key_from_uri parses a Google otpauth URI into a key
+ * structure.
+ *
+ * The =uri parameter points to a NUL-terminated string containing the
+ * URI.
+ *
+ * Keys created with =oath_key_from_uri must be freed using
+ * =oath_key_free.
+ *
+ * >oath_key_alloc
+ * >oath_key_free
+ * >oath_key_to_uri
+ *
+ * REFERENCES
+ *
+ * https://code.google.com/p/google-authenticator/wiki/KeyUriFormat
+ *
+ * AUTHOR UIO
+ */