PageRenderTime 36ms CodeModel.GetById 14ms RepoModel.GetById 1ms app.codeStats 0ms

/src/utils_password.c

https://gitlab.com/nmccallu/cryptsetup
C | 294 lines | 215 code | 47 blank | 32 comment | 46 complexity | 3975cef3b5d8b9c6ba45da3be0949bbe MD5 | raw file
    

  1. /*
    2. 

  2.  * Password quality check wrapper
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2012, Red Hat, Inc. All rights reserved.
    5. 

  5.  * Copyright (C) 2012-2014, Milan Broz
    6. 

  6.  *
    7. 

  7.  * This program is free software; you can redistribute it and/or
    8. 

  8.  * modify it under the terms of the GNU General Public License
    9. 

  9.  * as published by the Free Software Foundation; either version 2
    10. 

  10.  * of the License, or (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU General Public License
    18. 

  18.  * along with this program; if not, write to the Free Software
    19. 

  19.  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    20. 

  20.  */
    21. 

  21. 

  22. #include "cryptsetup.h"
    23. 

  23. #include <termios.h>
    24. 

  24. 

  25. int opt_force_password = 0;
    26. 

  26. 

  27. #if defined ENABLE_PWQUALITY
    28. 

  28. #include <pwquality.h>
    29. 

  29. 

  30. static int tools_check_pwquality(const char *password)
    31. 

  31. {
    32. 

  32. 	int r;
    33. 

  33. 	void *auxerror;
    34. 

  34. 	pwquality_settings_t *pwq; 
    35. 

  35. 

  36. 	log_dbg("Checking new password using default pwquality settings.");
    37. 

  37. 	pwq = pwquality_default_settings();
    38. 

  38. 	if (!pwq)
    39. 

  39. 		return -EINVAL;
    40. 

  40. 

  41. 	r = pwquality_read_config(pwq, NULL, &auxerror);
    42. 

  42. 	if (r) {
    43. 

  43. 		log_err(_("Cannot check password quality: %s\n"),
    44. 

  44. 			pwquality_strerror(NULL, 0, r, auxerror));
    45. 

  45. 		pwquality_free_settings(pwq);
    46. 

  46. 		return -EINVAL;
    47. 

  47. 	}
    48. 

  48. 

  49. 	r = pwquality_check(pwq, password, NULL, NULL, &auxerror);
    50. 

  50. 	if (r < 0) {
    51. 

  51. 		log_err(_("Password quality check failed:\n %s\n"),
    52. 

  52. 			pwquality_strerror(NULL, 0, r, auxerror));
    53. 

  53. 		r = -EPERM;
    54. 

  54. 	} else {
    55. 

  55. 		log_dbg("New password libpwquality score is %d.", r);
    56. 

  56. 		r = 0;
    57. 

  57. 	}
    58. 

  58. 

  59. 	pwquality_free_settings(pwq);
    60. 

  60. 	return r;
    61. 

  61. }
    62. 

  62. #elif defined ENABLE_PASSWDQC
    63. 

  63. #include <passwdqc.h>
    64. 

  64. 

  65. static int tools_check_pwquality(const char *password)
    66. 

  66. {
    67. 

  67. 	passwdqc_params_t params;
    68. 

  68. 	char *parse_reason;
    69. 

  69. 	const char *check_reason;
    70. 

  70. 	const char *config = PASSWDQC_CONFIG_FILE;
    71. 

  71. 

  72. 	passwdqc_params_reset(&params);
    73. 

  73. 

  74. 	if (*config && passwdqc_params_load(&params, &parse_reason, config)) {
    75. 

  75. 		log_err(_("Cannot check password quality: %s\n"),
    76. 

  76. 			(parse_reason ? parse_reason : "Out of memory"));
    77. 

  77. 		free(parse_reason);
    78. 

  78. 		return -EINVAL;
    79. 

  79. 	}
    80. 

  80. 

  81. 	check_reason = passwdqc_check(&params.qc, password, NULL, NULL);
    82. 

  82. 	if (check_reason) {
    83. 

  83. 		log_err(_("Password quality check failed: Bad passphrase (%s)\n"),
    84. 

  84. 			check_reason);
    85. 

  85. 		return -EPERM;
    86. 

  86. 	}
    87. 

  87. 

  88. 	return 0;
    89. 

  89. }
    90. 

  90. #else /* !(ENABLE_PWQUALITY || ENABLE_PASSWDQC) */
    91. 

  91. static int tools_check_pwquality(const char *password)
    92. 

  92. {
    93. 

  93. 	return 0;
    94. 

  94. }
    95. 

  95. #endif /* ENABLE_PWQUALITY || ENABLE_PASSWDQC */
    96. 

  96. 

  97. int tools_is_cipher_null(const char *cipher)
    98. 

  98. {
    99. 

  99. 	if (!cipher)
    100. 

  100. 		return 0;
    101. 

  101. 

  102. 	return !strcmp(cipher, "cipher_null") ? 1 : 0;
    103. 

  103. }
    104. 

  104. 

  105. /*
    106. 

  106.  * Keyfile - is standard input treated as a binary file (no EOL handling).
    107. 

  107.  */
    108. 

  108. int tools_is_stdin(const char *key_file)
    109. 

  109. {
    110. 

  110. 	if (!key_file)
    111. 

  111. 		return 1;
    112. 

  112. 

  113. 	return strcmp(key_file, "-") ? 0 : 1;
    114. 

  114. }
    115. 

  115. 

  116. /* Password reading helpers */
    117. 

  117. static int untimed_read(int fd, char *pass, size_t maxlen)
    118. 

  118. {
    119. 

  119. 	ssize_t i;
    120. 

  120. 

  121. 	i = read(fd, pass, maxlen);
    122. 

  122. 	if (i > 0) {
    123. 

  123. 		pass[i-1] = '\0';
    124. 

  124. 		i = 0;
    125. 

  125. 	} else if (i == 0) { /* EOF */
    126. 

  126. 		*pass = 0;
    127. 

  127. 		i = -1;
    128. 

  128. 	}
    129. 

  129. 	return i;
    130. 

  130. }
    131. 

  131. 

  132. static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
    133. 

  133. {
    134. 

  134. 	struct timeval t;
    135. 

  135. 	fd_set fds = {}; /* Just to avoid scan-build false report for FD_SET */
    136. 

  136. 	int failed = -1;
    137. 

  137. 

  138. 	FD_ZERO(&fds);
    139. 

  139. 	FD_SET(fd, &fds);
    140. 

  140. 	t.tv_sec = timeout;
    141. 

  141. 	t.tv_usec = 0;
    142. 

  142. 

  143. 	if (select(fd+1, &fds, NULL, NULL, &t) > 0)
    144. 

  144. 		failed = untimed_read(fd, pass, maxlen);
    145. 

  145. 

  146. 	return failed;
    147. 

  147. }
    148. 

  148. 

  149. static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
    150. 

  150. 		long timeout)
    151. 

  151. {
    152. 

  152. 	struct termios orig, tmp;
    153. 

  153. 	int failed = -1;
    154. 

  154. 	int infd, outfd;
    155. 

  155. 

  156. 	if (maxlen < 1)
    157. 

  157. 		return failed;
    158. 

  158. 

  159. 	/* Read and write to /dev/tty if available */
    160. 

  160. 	infd = open("/dev/tty", O_RDWR);
    161. 

  161. 	if (infd == -1) {
    162. 

  162. 		infd = STDIN_FILENO;
    163. 

  163. 		outfd = STDERR_FILENO;
    164. 

  164. 	} else
    165. 

  165. 		outfd = infd;
    166. 

  166. 

  167. 	if (tcgetattr(infd, &orig))
    168. 

  168. 		goto out_err;
    169. 

  169. 

  170. 	memcpy(&tmp, &orig, sizeof(tmp));
    171. 

  171. 	tmp.c_lflag &= ~ECHO;
    172. 

  172. 

  173. 	if (prompt && write(outfd, prompt, strlen(prompt)) < 0)
    174. 

  174. 		goto out_err;
    175. 

  175. 

  176. 	tcsetattr(infd, TCSAFLUSH, &tmp);
    177. 

  177. 	if (timeout)
    178. 

  178. 		failed = timed_read(infd, pass, maxlen, timeout);
    179. 

  179. 	else
    180. 

  180. 		failed = untimed_read(infd, pass, maxlen);
    181. 

  181. 	tcsetattr(infd, TCSAFLUSH, &orig);
    182. 

  182. 

  183. out_err:
    184. 

  184. 	if (!failed && write(outfd, "\n", 1)) {};
    185. 

  185. 

  186. 	if (infd != STDIN_FILENO)
    187. 

  187. 		close(infd);
    188. 

  188. 	return failed;
    189. 

  189. }
    190. 

  190. 

  191. static int crypt_get_key_tty(const char *prompt,
    192. 

  192. 			     char **key, size_t *key_size,
    193. 

  193. 			     int timeout, int verify,
    194. 

  194. 			     struct crypt_device *cd)
    195. 

  195. {
    196. 

  196. 	int key_size_max = DEFAULT_PASSPHRASE_SIZE_MAX;
    197. 

  197. 	int r = -EINVAL;
    198. 

  198. 	char *pass = NULL, *pass_verify = NULL;
    199. 

  199. 

  200. 	*key = NULL;
    201. 

  201. 	*key_size = 0;
    202. 

  202. 

  203. 	log_dbg("Interactive passphrase entry requested.");
    204. 

  204. 

  205. 	pass = crypt_safe_alloc(key_size_max + 1);
    206. 

  206. 	if (!pass) {
    207. 

  207. 		log_err( _("Out of memory while reading passphrase.\n"));
    208. 

  208. 		return -ENOMEM;
    209. 

  209. 	}
    210. 

  210. 

  211. 	if (interactive_pass(prompt, pass, key_size_max, timeout)) {
    212. 

  212. 		log_err(_("Error reading passphrase from terminal.\n"));
    213. 

  213. 		goto out_err;
    214. 

  214. 	}
    215. 

  215. 	pass[key_size_max] = '\0';
    216. 

  216. 

  217. 	if (verify) {
    218. 

  218. 		pass_verify = crypt_safe_alloc(key_size_max);
    219. 

  219. 		if (!pass_verify) {
    220. 

  220. 			log_err(_("Out of memory while reading passphrase.\n"));
    221. 

  221. 			r = -ENOMEM;
    222. 

  222. 			goto out_err;
    223. 

  223. 		}
    224. 

  224. 

  225. 		if (interactive_pass(_("Verify passphrase: "),
    226. 

  226. 		    pass_verify, key_size_max, timeout)) {
    227. 

  227. 			log_err(_("Error reading passphrase from terminal.\n"));
    228. 

  228. 			goto out_err;
    229. 

  229. 		}
    230. 

  230. 

  231. 		if (strncmp(pass, pass_verify, key_size_max)) {
    232. 

  232. 			log_err(_("Passphrases do not match.\n"));
    233. 

  233. 			r = -EPERM;
    234. 

  234. 			goto out_err;
    235. 

  235. 		}
    236. 

  236. 	}
    237. 

  237. 

  238. 	*key = pass;
    239. 

  239. 	*key_size = strlen(pass);
    240. 

  240. 	r = 0;
    241. 

  241. out_err:
    242. 

  242. 	crypt_safe_free(pass_verify);
    243. 

  243. 	if (r)
    244. 

  244. 		crypt_safe_free(pass);
    245. 

  245. 	return r;
    246. 

  246. }
    247. 

  247. 

  248. /*
    249. 

  249.  * Note: --key-file=- is interpreted as a read from a binary file (stdin)
    250. 

  250.  * key_size_max == 0 means detect maximum according to input type (tty/file)
    251. 

  251.  */
    252. 

  252. int tools_get_key(const char *prompt,
    253. 

  253. 		  char **key, size_t *key_size,
    254. 

  254. 		  size_t keyfile_offset, size_t keyfile_size_max,
    255. 

  255. 		  const char *key_file,
    256. 

  256. 		  int timeout, int verify, int pwquality,
    257. 

  257. 		  struct crypt_device *cd)
    258. 

  258. {
    259. 

  259. 	int r = -EINVAL, block;
    260. 

  260. 

  261. 	block = tools_signals_blocked();
    262. 

  262. 	if (block)
    263. 

  263. 		set_int_block(0);
    264. 

  264. 

  265. 	if (tools_is_stdin(key_file)) {
    266. 

  266. 		if (isatty(STDIN_FILENO)) {
    267. 

  267. 			if (keyfile_offset) {
    268. 

  268. 				log_err(_("Cannot use offset with terminal input.\n"));
    269. 

  269. 			} else {
    270. 

  270. 				//FIXME:if (!prompt)  "Enter passphrase for %s: "
    271. 

  271. 				if (!prompt)
    272. 

  272. 					prompt = "Enter passphrase:";
    273. 

  273. 				r = crypt_get_key_tty(prompt, key, key_size, timeout, verify, cd);
    274. 

  274. 			}
    275. 

  275. 		} else {
    276. 

  276. 			log_dbg("STDIN descriptor passphrase entry requested.");
    277. 

  277. 			/* No keyfile means STDIN with EOL handling (\n will end input)). */
    278. 

  278. 			r = crypt_keyfile_read(cd, NULL, key, key_size, keyfile_offset, keyfile_size_max,
    279. 

  279. 					       key_file ? 0 : CRYPT_KEYFILE_STOP_EOL);
    280. 

  280. 		}
    281. 

  281. 	} else {
    282. 

  282. 		log_dbg("File descriptor passphrase entry requested.");
    283. 

  283. 		r = crypt_keyfile_read(cd, key_file, key, key_size, keyfile_offset, keyfile_size_max, 0);
    284. 

  284. 	}
    285. 

  285. 

  286. 	if (block && !quit)
    287. 

  287. 		set_int_block(1);
    288. 

  288. 

  289. 	/* Check pwquality for password (not keyfile) */
    290. 

  290. 	if (pwquality && !opt_force_password && !key_file && !r)
    291. 

  291. 		r = tools_check_pwquality(*key);
    292. 

  292. 

  293. 	return r;
    294. 

  294. }
    295. 

  295.