Главная Обзор contacts
Вход
LDA010
/
bug_ebuild
Следить 0
В избранное 0
Ответвить 0
Файлы Обсуждения 0 Запросы на слияние 0 Вики
Ветка: master
Ветки Метки
bug_ebuild
/
gentoo
/
net-misc
/
openssh-blacklist
/
files
/
blacklist-encode.c

blacklist-encode.c 6.4 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250 
  1. /*
    2. 

  2.  * The blacklist encoder for RSA/DSA key blacklisting based on partial
    3. 

  3.  * fingerprints,
    4. 

  4.  * developed under Openwall Project for Owl - http://www.openwall.com/Owl/
    5. 

  5.  *
    6. 

  6.  * Copyright (c) 2008 Dmitry V. Levin <ldv at cvs.openwall.com>
    7. 

  7.  *
    8. 

  8.  * Permission to use, copy, modify, and distribute this software for any
    9. 

  9.  * purpose with or without fee is hereby granted, provided that the above
    10. 

  10.  * copyright notice and this permission notice appear in all copies.
    11. 

  11.  *
    12. 

  12.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
    13. 

  13.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
    14. 

  14.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
    15. 

  15.  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
    16. 

  16.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
    17. 

  17.  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
    18. 

  18.  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    19. 

  19.  *
    20. 

  20.  * The blacklist encoding was designed by Solar Designer and Dmitry V. Levin.
    21. 

  21.  * No intellectual property rights to the encoding scheme are claimed.
    22. 

  22.  *
    23. 

  23.  * This effort was supported by CivicActions - http://www.civicactions.com
    24. 

  24.  *
    25. 

  25.  * The file size to encode 294,903 of 48-bit fingerprints is just 1.3 MB,
    26. 

  26.  * which corresponds to less than 4.5 bytes per fingerprint.
    27. 

  27.  */
    28. 

  28. 

  29. #ifndef _GNU_SOURCE
    30. 

  30. # define _GNU_SOURCE
    31. 

  31. #endif
    32. 

  32. 

  33. #include <string.h>
    34. 

  34. #include <stdlib.h>
    35. 

  35. #include <stdint.h>
    36. 

  36. #include <stdio.h>
    37. 

  37. #include <errno.h>
    38. 

  38. #include <error.h>
    39. 

  39. #include <limits.h>
    40. 

  40. 

  41. static void *
    42. 

  42. xmalloc(size_t size)
    43. 

  43. {
    44. 

  44. 	void   *r = malloc(size);
    45. 

  45. 

  46. 	if (!r)
    47. 

  47. 		error(EXIT_FAILURE, errno, "malloc: allocating %lu bytes",
    48. 

  48. 		      (unsigned long) size);
    49. 

  49. 	return r;
    50. 

  50. }
    51. 

  51. 

  52. static void *
    53. 

  53. xcalloc(size_t nmemb, size_t size)
    54. 

  54. {
    55. 

  55. 	void   *r = calloc(nmemb, size);
    56. 

  56. 

  57. 	if (!r)
    58. 

  58. 		error(EXIT_FAILURE, errno, "calloc: allocating %lu*%lu bytes",
    59. 

  59. 		      (unsigned long) nmemb, (unsigned long) size);
    60. 

  60. 	return r;
    61. 

  61. }
    62. 

  62. 

  63. static void *
    64. 

  64. xrealloc(void *ptr, size_t nmemb, size_t elem_size)
    65. 

  65. {
    66. 

  66. 	if (nmemb && ULONG_MAX / nmemb < elem_size)
    67. 

  67. 		error(EXIT_FAILURE, 0, "realloc: nmemb*size > ULONG_MAX");
    68. 

  68. 

  69. 	size_t  size = nmemb * elem_size;
    70. 

  70. 	void   *r = realloc(ptr, size);
    71. 

  71. 

  72. 	if (!r)
    73. 

  73. 		error(EXIT_FAILURE, errno,
    74. 

  74. 		      "realloc: allocating %lu*%lu bytes",
    75. 

  75. 		      (unsigned long) nmemb, (unsigned long) elem_size);
    76. 

  76. 	return r;
    77. 

  77. }
    78. 

  78. 

  79. static char *
    80. 

  80. xstrdup(const char *s)
    81. 

  81. {
    82. 

  82. 	size_t  len = strlen(s);
    83. 

  83. 	char   *r = xmalloc(len + 1);
    84. 

  84. 

  85. 	memcpy(r, s, len + 1);
    86. 

  86. 	return r;
    87. 

  87. }
    88. 

  88. 

  89. static unsigned
    90. 

  90. c2u(uint8_t c)
    91. 

  91. {
    92. 

  92. 	return (c >= 'a') ? (c - 'a' + 10) : (c - '0');
    93. 

  93. }
    94. 

  94. 

  95. static char **records = NULL;
    96. 

  96. static unsigned records_count = 0;
    97. 

  97. 

  98. static int
    99. 

  99. comparator(const void *p1, const void *p2)
    100. 

  100. {
    101. 

  101. 	return strcmp(*(char *const *) p1, *(char *const *) p2);
    102. 

  102. }
    103. 

  103. 

  104. static void
    105. 

  105. read_stream(FILE *fp, unsigned bytes)
    106. 

  106. {
    107. 

  107. 	char   *line = NULL;
    108. 

  108. 	unsigned size = 0, allocated = 0, len = bytes * 2;
    109. 

  109. 	int     n;
    110. 

  110. 

  111. 	while ((n = getline(&line, &size, fp)) >= 0)
    112. 

  112. 	{
    113. 

  113. 		if (n > 0 && line[n - 1] == '\n')
    114. 

  114. 			line[--n] = '\0';
    115. 

  115. 		if (n < len || strspn(line, "0123456789abcdef") < n)
    116. 

  116. 			continue;	/* ignore short or invalid lines */
    117. 

  117. 		line[len] = '\0';
    118. 

  118. 

  119. 		if (!records)
    120. 

  120. 			records = xcalloc(allocated = 1024, sizeof(*records));
    121. 

  121. 		if (records_count >= allocated)
    122. 

  122. 			records = xrealloc(records, allocated *= 2,
    123. 

  123. 					   sizeof(*records));
    124. 

  124. 		records[records_count++] = xstrdup(line);
    125. 

  125. 	}
    126. 

  126. 	free(line);
    127. 

  127. 	records = xrealloc(records, records_count, sizeof(*records));
    128. 

  128. 	if (records_count >= (1U << 24))
    129. 

  129. 		error(EXIT_FAILURE, 0, "too many records: %u", records_count);
    130. 

  130. 

  131. 	qsort(records, records_count, sizeof(*records), comparator);
    132. 

  132. }
    133. 

  133. 

  134. static void
    135. 

  135. print_uint8(FILE *fp, uint8_t v)
    136. 

  136. {
    137. 

  137. 	fprintf(fp, "%c", v);
    138. 

  138. }
    139. 

  139. 

  140. static void
    141. 

  141. print_uint16(FILE *fp, uint16_t v)
    142. 

  142. {
    143. 

  143. 	fprintf(fp, "%c%c", v >> 8, v & 0xff);
    144. 

  144. }
    145. 

  145. 

  146. static void
    147. 

  147. print_uint24(FILE *fp, uint32_t v)
    148. 

  148. {
    149. 

  149. 	fprintf(fp, "%c%c%c", (v >> 16) & 0xff, (v >> 8) & 0xff, v & 0xff);
    150. 

  150. }
    151. 

  151. 

  152. int
    153. 

  153. main(int ac, const char **av)
    154. 

  154. {
    155. 

  155. 	unsigned count, i, record_bytes, first_index = 0, prev_index = 0;
    156. 

  156. 	int     min_offset, max_offset;
    157. 

  157. 	int    *offsets;
    158. 

  158. 

  159. 	if (ac < 2)
    160. 

  160. 		error(EXIT_FAILURE, 0, "insufficient arguments");
    161. 

  161. 	if (ac > 2)
    162. 

  162. 		error(EXIT_FAILURE, 0, "too many arguments");
    163. 

  163. 	record_bytes = atoi(av[1]);
    164. 

  164. 	if (record_bytes < 6 || record_bytes > 16)
    165. 

  165. 		error(EXIT_FAILURE, 0, "fingerprint size out of bounds");
    166. 

  166. 

  167. 	read_stream(stdin, record_bytes);
    168. 

  168. 

  169. 	/* initialize global records offset table */
    170. 

  170. 	offsets = xcalloc(65536, sizeof(*offsets));
    171. 

  171. 	for (count = 0; count < records_count; ++count, prev_index = i)
    172. 

  172. 	{
    173. 

  173. 		const char *r = records[count];
    174. 

  174. 

  175. 		i = (((((c2u(r[0]) << 4) + c2u(r[1])) << 4) +
    176. 

  176. 		      c2u(r[2])) << 4) + c2u(r[3]);
    177. 

  177. 		if (count == 0)
    178. 

  178. 			first_index = i;
    179. 

  179. 		else if (i == prev_index)
    180. 

  180. 			continue;
    181. 

  181. 		offsets[i] = count;
    182. 

  182. 	}
    183. 

  183. 

  184. 	/* set offsets for indices without records */
    185. 

  185. 	if (offsets[65536 - 1] == 0)
    186. 

  186. 		offsets[65536 - 1] = records_count;
    187. 

  187. 	for (i = 65536 - 2; i > first_index; --i)
    188. 

  188. 		if (offsets[i] == 0)
    189. 

  189. 			offsets[i] = offsets[i + 1];
    190. 

  190. 

  191. 	/* make global records offset table relative to
    192. 

  192. 	   expected position assuming uniform distribution. */
    193. 

  193. 	for (i = 0, min_offset = 0, max_offset = 0; i < 65536; ++i)
    194. 

  194. 	{
    195. 

  195. 		offsets[i] -= (i * (unsigned long long) records_count) >> 16;
    196. 

  196. 		if (offsets[i] < min_offset)
    197. 

  197. 			min_offset = offsets[i];
    198. 

  198. 		if (offsets[i] > max_offset)
    199. 

  199. 			max_offset = offsets[i];
    200. 

  200. 	}
    201. 

  201. 	min_offset = -min_offset;
    202. 

  202. 	if (min_offset < 0)
    203. 

  203. 		error(EXIT_FAILURE, 0,
    204. 

  204. 		      "invalid offset shift: %d", min_offset);
    205. 

  205. 	for (i = 0; i < 65536; ++i)
    206. 

  206. 	{
    207. 

  207. 		offsets[i] += min_offset;
    208. 

  208. 		if (offsets[i] < 0 || offsets[i] >= 65536)
    209. 

  209. 			error(EXIT_FAILURE, 0,
    210. 

  210. 			      "offset overflow for index %#x: %d",
    211. 

  211. 			      i, offsets[i]);
    212. 

  212. 	}
    213. 

  213. 	max_offset += min_offset;
    214. 

  214. 

  215. 	/* Header, 16 bytes */
    216. 

  216. 

  217. 	/* format version identifier */
    218. 

  218. 	printf("SSH-FP00");
    219. 

  219. 	/* index size, in bits */
    220. 

  220. 	print_uint8(stdout, 16);
    221. 

  221. 	/* offset size, in bits */
    222. 

  222. 	print_uint8(stdout, 16);
    223. 

  223. 	/* record size, in bits */
    224. 

  224. 	print_uint8(stdout, record_bytes * 8);
    225. 

  225. 	/* records count */
    226. 

  226. 	print_uint24(stdout, records_count);
    227. 

  227. 	/* offset shift */
    228. 

  228. 	print_uint16(stdout, min_offset);
    229. 

  229. 	fprintf(stderr, "records=%u, offset shift=%d, max offset=%d\n",
    230. 

  230. 		records_count, min_offset, max_offset);
    231. 

  231. 

  232. 	/* Index, 65536 * 2 bytes */
    233. 

  233. 	for (i = 0; i < 65536; ++i)
    234. 

  234. 		print_uint16(stdout, offsets[i]);
    235. 

  235. 

  236. 	/* Fingerprints, records_count * (record_bytes-2) bytes */
    237. 

  237. 	for (count = 0; count < records_count; ++count)
    238. 

  238. 	{
    239. 

  239. 		const char *r = records[count] + 4;
    240. 

  240. 

  241. 		for (i = 0; i < record_bytes - 2; ++i)
    242. 

  242. 			print_uint8(stdout,
    243. 

  243. 				    c2u(r[i * 2]) * 16 + c2u(r[i * 2 + 1]));
    244. 

  244. 	}
    245. 

  245. 

  246. 	if (fclose(stdout))
    247. 

  247. 		error(EXIT_FAILURE, errno, "stdout");
    248. 

  248. 	return 0;
    249. 

  249. }
    250. 

  250.