3 otpcli.c - one time password command line interface
4 Copyright (C) 2023 Kyle J. McKay
7 Redistribution and use in source and binary forms, with or without
8 modification, are permitted provided that the following conditions are met:
10 1. Redistributions of source code must retain the above copyright notice,
11 this list of conditions and the following disclaimer.
13 2. Redistributions in binary form must reproduce the above copyright
14 notice, this list of conditions and the following disclaimer in the
15 documentation and/or other materials provided with the distribution.
17 3. Neither the name of the copyright holder nor the names of its
18 contributors may be used to endorse or promote products derived from
19 this software without specific prior written permission.
21 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
25 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 POSSIBILITY OF SUCH DAMAGE.
40 #include <sys/select.h>
50 #define appnm() "otpcli"
55 printf("%s version 1.0\n", appnm());
62 FILE *outf
= ec
? stderr
: stdout
;
65 #define USAGEOPTS "hVi" "s:3:b:" "c:p:0:H:D:T:" "-9l"
67 "usage: %s [-hVi] [option...] -s [@]<hex>] | -3 [@]<base32> | -b <filename>\n"
68 "-h show short help and exit\n"
69 "-hh show full help and exit\n"
70 "-V show program version and exit\n"
71 "-i interactively show countdown of time remaining and update password\n"
72 "-s <hex> is hexadecimal secret or with '@' name of file with hex secret\n"
73 "-3 <base32> is base 32 secret or with '@' name of file with base32 secret\n"
74 "-b <filename> (leading '@' ignored) is file containing exact binary secret\n"
75 "-c <c> hotp mode with counter value <c> (leading 0x hex, 0 octal else decimal)\n"
76 "-p <p> use period <p> (in seconds) instead of default period of 30 seconds\n"
77 "-0 <o> use T0 time <o> (in seconds) instead of default T0 time of 0 seconds\n"
78 "-H <h> use hash <h> (sha1, sha256 or sha512) instead of default sha1\n"
79 "-D <d> show <d> (6, 7 or 8) password digits instead of default 6\n"
80 "-T <t> pretend that the time() function always returns <t> (for testing)\n"
81 "-9 use byte 19 for dynamic reduction for sha256/sha512 (for broken sites)\n"
82 "-l use little endian counter (for broken sites)\n"
85 if (full
) (void)fprintf(outf
,
87 "Exactly one of -s, -3 or -b must be given that specifies the secret to be used\n"
88 "to generate the one time password. Keep the secret in a file and pass the file\n"
89 "name preceded with an '@' as the argument to avoid exposing the secret on the\n"
90 "command line. Hex mode (-s) will skip an optional leading '0x' and both hex\n"
91 "mode (-s) and base 32 mode (-3) ignore whitespace while reading the value.\n"
92 "Using a file name of '-' reads from standard input (e.g. -3@-).\n"
94 "The default mode is a time-based one time password (totp) using hash algorithm\n"
95 "sha1, a time zero of 0, a period of 30 seconds and non-interactively showing a\n"
96 "6 digit password. This is the mode most commonly used by sites.\n"
98 "Using the -c option activates hmac-based one time password (hotp) mode in which\n"
99 "case the proper value of <c> must be given in order to get the correct password.\n"
100 "The -i, -p, -0 and -T options are not available in hotp mode.\n"
102 "When using -H sha256 or -H sha512, it may be necessary to use the -9 option to\n"
103 "correctly match the values generated by some broken sites that always use byte\n"
104 "19 when doing dynamic reduction rather than the last byte of the hash value.\n"
105 "Sites that incorrectly format the counter value as little-endian instead of\n"
106 "correctly big-endian will require -l in order to match their values.\n"
108 "The interactive (-i) mode (only for totp) shows the generated password and\n"
109 "seconds remaining as usual but then updates the seconds remaining each second\n"
110 "until the current period expires and then generates and shows the next password\n"
111 "and restarts the countdown. Exit interactive mode with <return> or <ctrl-c>.\n"
114 " otpauth://totp/test:id@do.main?secret=JBSWY3DPEHPK3XPX&issuer=test\n"
115 "It's sufficient to simply use:\n"
116 " otpcli -3 JBSWY3DPEHPK3XPX\n"
117 "Also perhaps adding the -i option to activate the interactive output mode.\n"
119 "Output is the password and, if in totp mode, a <space> and the number of seconds\n"
120 "remaining (with an 's' suffix).\n"
127 typedef struct opts_s
{
132 const struct hmac_s
*otphash
;
134 char *sval
, *b32val
, *binval
;
135 unsigned char *secret
;
139 unsigned counter
: 1;
150 #define MAX_HASH_OUTPUT 64 /* sha512 */
151 #define MAX_BLOCK_SIZE 128 /* sha512 */
153 typedef union HMAC_CTX_u
{
158 typedef int (*hmacinitfunc_t
)(HMAC_CTX_t
*);
159 typedef int (*hmacupdatefunc_t
)(HMAC_CTX_t
*, const void *, size_t);
160 typedef int (*hmacfinalfunc_t
)(unsigned char *, HMAC_CTX_t
*);
161 typedef unsigned char *(*hmacfunc_t
)(const void *, size_t, unsigned char *);
162 typedef enum otphash_e
{
167 typedef struct hmac_s
{
171 hmacinitfunc_t hashinitfunc
;
172 hmacupdatefunc_t hashupdatefunc
;
173 hmacfinalfunc_t hashfinalfunc
;
176 static const hmac_t otphash_table
[3] = {
177 {otphash_sha1
, 20, 64, (hmacinitfunc_t
)SHA1_Init
,
178 (hmacupdatefunc_t
)SHA1_Update
,
179 (hmacfinalfunc_t
)SHA1_Final
, SHA1
},
180 {otphash_sha256
, 32, 64, (hmacinitfunc_t
)SHA256_Init
,
181 (hmacupdatefunc_t
)SHA256_Update
,
182 (hmacfinalfunc_t
)SHA256_Final
, SHA256
},
183 {otphash_sha512
, 64, 128, (hmacinitfunc_t
)SHA512_Init
,
184 (hmacupdatefunc_t
)SHA512_Update
,
185 (hmacfinalfunc_t
)SHA512_Final
, SHA512
}
188 typedef unsigned char counter_t
[8];
189 typedef unsigned char hashdata_t
[MAX_HASH_OUTPUT
];
191 static void parseopts(int *, char ***, opts_t
*);
192 static int isws(unsigned);
193 static int isrdtty(int);
194 static void flushinput(int);
195 static unsigned char *readfile(const char *, size_t *, int);
196 static unsigned char *decodehex(const void *, size_t, size_t *);
197 static unsigned char *decodebase32(const void *, size_t, size_t *);
198 static unsigned char *calchmac(unsigned char *, const hmac_t
*, const void *, size_t, const void *, size_t, size_t *);
199 static void storecounter(uint64_t, counter_t
);
200 static unsigned long calcpw(const unsigned char *, size_t, unsigned);
201 static void die(const char *, ...);
202 static void edie(int, const char *, ...);
213 parseopts(&argc
, &argv
, &opts
);
214 if (opts
.set
.counter
) {
215 storecounter(opts
.counter
, cntr
);
216 if (!calchmac(hmac
, opts
.otphash
, opts
.secret
, opts
.secretSz
, cntr
, sizeof(cntr
), &hmacsz
))
217 die("calchmac failed\n");
218 pword
= calcpw(hmac
, hmacsz
, opts
.digits
);
219 printf("%0*lu\n", (int)opts
.digits
, pword
);
221 uint64_t tnow
= opts
.set
.testT
? opts
.testT
: (uint64_t)time(NULL
);
223 const char *epre
= "", *pre
= "", *post
= "\n";
229 edie(2, "%s%s: error: time now (%llu) is less than time 0 (%llu)\n", epre
,
230 appnm(), (unsigned long long)tnow
, (unsigned long long)opts
.t0
);
231 cval
= (tnow
- opts
.t0
) / opts
.period
;
232 left
= (tnow
- opts
.t0
) - (cval
* opts
.period
);
233 left
= opts
.period
- left
;
234 storecounter(cval
, cntr
);
235 if (!calchmac(hmac
, opts
.otphash
, opts
.secret
, opts
.secretSz
, cntr
, sizeof(cntr
), &hmacsz
))
236 die("calchmac failed\n");
237 pword
= calcpw(hmac
, hmacsz
, opts
.digits
);
238 printf("%s%0*lu %llus%s", pre
, (int)opts
.digits
, pword
, (unsigned long long)left
, post
);
243 uint64_t tnoworig
= tnow
;
248 post
= " \b\b\b\b\b\b\b\b\b\b";
251 FD_SET(opts
.iFileNo
, &fds
);
254 slct
= select(opts
.iFileNo
+ 1, &fds
, NULL
, NULL
, &tv
);
256 die("\n%s: error: select failed\n", appnm());
258 tnow
= (uint64_t)time(NULL
);
259 if (tnow
== tnoworig
)
263 flushinput(opts
.iFileNo
);
276 unsigned char *cp
= cbytes
;
285 for (i
= 0; i
< 8; ++i
) {
286 *cp
= (unsigned char)(cval
& 0xFF);
294 const unsigned char *hmac
,
300 const unsigned char *p
;
302 if (!hmac
|| hmacsz
< 20)
303 die("invalid calcpw arguments\n");
304 if (digs
< 6 || digs
> 8)
305 die("invalid calcpw digits of %u\n", digs
);
306 idx
= opts
.set
.b19
? 19 : (unsigned)(hmacsz
- 1);
307 p
= hmac
+ (hmac
[idx
] & 0xF);
308 reduced
= ((uint32_t)(p
[0] & 0x7F) << 24) |
309 ((uint32_t)p
[1] << 16) | ((uint32_t)p
[2] << 8) | p
[3];
311 return (unsigned long)(reduced
% 1000000LU);
313 return (unsigned long)(reduced
% 10000000LU);
314 return (unsigned long)(reduced
% 100000000LU);
321 putenv("POSIXLY_CORRECT=1"); /* for incompliant c libraries */
322 tzset(); /* use the requested time zone if any */
323 setlocale(LC_NUMERIC
, ""); /* allows ' to work in printf formats */
324 opterr
= 0; /* we show our own errors */
325 if (!argv0
|| !*argv0
)
327 /* possibly extract base name of argv0 here in the future */
335 const unsigned char *s1
= (unsigned char *)s1_
;
336 const unsigned char *s2
= (unsigned char *)s2_
;
337 unsigned char uc1
, uc2
;
342 return 0; /* only match is NULL s1, but that can't get here */
345 uc1
+= (unsigned char)'A' <= uc1
&& uc1
<= (unsigned char)'Z' ?
346 (unsigned char)('a' - 'A') : 0;
348 uc2
+= (unsigned char)'A' <= uc2
&& uc2
<= (unsigned char)'Z' ?
349 (unsigned char)('a' - 'A') : 0;
350 } while (uc1
&& uc1
== uc2
);
358 memset(opts
, 0, sizeof(*opts
));
361 opts
->otphash
= &otphash_table
[otphash_sha1
];
376 setupapp((*argv
)[0]);
377 initoutopts(outopts
);
378 while ((ch
= getopt(*argc
, *argv
, ":" USAGEOPTS
)) != -1) {
380 case '?': edie(2, "%s: error: unknown option -%c (try -h)\n", appnm(), optopt
);
381 case ':': edie(2, "%s: error: missing argument for option -%c (try -h)\n", appnm(), optopt
);
382 case 'h': ++opt_h
; break;
383 case 'V': opt_V
= 1; break;
384 case 'i': outopts
->set
.i
= 1U; break;
385 case '9': outopts
->set
.b19
= 1U; break;
386 case 'l': outopts
->set
.l
= 1U; break;
389 while (*optarg
== ' ' || *optarg
== '\t')
391 if (!optarg
|| !*optarg
)
393 edie(2, "%s: error: -%c must have a non-empty argument (try -h)\n",
395 outopts
->sval
= optarg
;
399 while (*optarg
== ' ' || *optarg
== '\t')
401 if (!optarg
|| !*optarg
)
403 outopts
->b32val
= optarg
;
407 while (*optarg
== ' ' || *optarg
== '\t')
409 if (optarg
&& *optarg
== '@')
410 ++optarg
; /* ignore leading '@' */
411 if (!optarg
|| !*optarg
)
413 outopts
->binval
= optarg
;
417 while (*optarg
== ' ' || *optarg
== '\t')
419 if (!optarg
|| !*optarg
)
421 llv
= strtoll(optarg
, &endp
, 0);
423 while (*endp
== ' ' || *endp
== '\t')
425 if (endp
== optarg
|| llv
< 0)
427 edie(2, "%s: error: invalid argument for option -%c (try -h)\n",
429 outopts
->set
.counter
= 1U;
430 outopts
->counter
= (uint64_t)(unsigned long long)llv
;
434 while (*optarg
== ' ' || *optarg
== '\t')
436 if (!optarg
|| !*optarg
)
438 llv
= strtoll(optarg
, &endp
, 0);
440 while (*endp
== ' ' || *endp
== '\t')
442 if (endp
== optarg
|| llv
<= 0)
444 outopts
->set
.period
= 1U;
445 outopts
->period
= (uint64_t)(unsigned long long)llv
;
449 while (*optarg
== ' ' || *optarg
== '\t')
451 if (!optarg
|| !*optarg
)
453 llv
= strtoll(optarg
, &endp
, 0);
455 while (*endp
== ' ' || *endp
== '\t')
457 if (endp
== optarg
|| llv
< 0)
459 outopts
->set
.t0
= 1U;
460 outopts
->t0
= (uint64_t)(unsigned long long)llv
;
464 while (*optarg
== ' ' || *optarg
== '\t')
466 if (!optarg
|| !*optarg
)
468 llv
= strtoll(optarg
, &endp
, 0);
470 while (*endp
== ' ' || *endp
== '\t')
472 if (endp
== optarg
|| llv
< 0)
474 outopts
->set
.testT
= 1U;
475 outopts
->testT
= (uint64_t)(unsigned long long)llv
;
479 while (*optarg
== ' ' || *optarg
== '\t')
481 if (!optarg
|| !*optarg
)
483 llv
= strtoll(optarg
, &endp
, 0);
485 while (*endp
== ' ' || *endp
== '\t')
487 if (endp
== optarg
|| (llv
!= 6 && llv
!= 7 && llv
!= 8))
489 outopts
->digits
= (unsigned)(unsigned long long)llv
;
493 while (*optarg
== ' ' || *optarg
== '\t')
495 if (!optarg
|| !*optarg
)
497 if (streqcase(optarg
, "sha1"))
498 outopts
->otphash
= &otphash_table
[otphash_sha1
];
499 else if (streqcase(optarg
, "sha256"))
500 outopts
->otphash
= &otphash_table
[otphash_sha256
];
501 else if (streqcase(optarg
, "sha512"))
502 outopts
->otphash
= &otphash_table
[otphash_sha512
];
507 edie(2, "%s: error: unknown option -%c (try -h)\n", appnm(), ch
);
523 if (!outopts
->sval
&& !outopts
->b32val
&& !outopts
->binval
)
524 edie(2, "%s: error: at least one of -s, -3 or -b is required (try -h)\n",
526 if ((outopts
->sval
? 1 : 0) + (outopts
->b32val
? 1 : 0) + (outopts
->binval
? 1 : 0) != 1)
527 edie(2, "%s: error: at most one of -s, -3 or -b is allowed (try -h)\n",
529 if (outopts
->binval
) {
531 unsigned char *contents
= readfile(outopts
->binval
, &sz
, 1);
533 outopts
->secret
= contents
;
534 outopts
->secretSz
= sz
;
535 } else if (outopts
->sval
) {
537 unsigned char *contents
, *contents2
, *p
;
538 int freecontents
= 0;
540 if (outopts
->sval
[0] == '@') {
541 contents
= readfile(outopts
->sval
+ 1, &sz
, 0);
544 contents
= (unsigned char *)outopts
->sval
;
545 sz
= strlen((char *)contents
);
548 while (sz
&& isws(*p
)) {
552 if (sz
>= 2 && p
[0] == '0' && (p
[1] == 'x' || p
[1] == 'X')) {
556 contents2
= decodehex(p
, sz
, &sz2
);
559 if (!contents2
|| !sz2
)
560 die("%s: error: invalid hexadecimal secret data\n", appnm());
561 outopts
->secret
= contents2
;
562 outopts
->secretSz
= sz2
;
563 } else /* outopts->b32val */ {
565 unsigned char *contents
, *contents2
;
566 int freecontents
= 0;
568 if (outopts
->b32val
[0] == '@') {
569 contents
= readfile(outopts
->b32val
+ 1, &sz
, 0);
572 contents
= (unsigned char *)outopts
->b32val
;
573 sz
= strlen((char *)contents
);
575 contents2
= decodebase32(contents
, sz
, &sz2
);
578 if (!contents2
|| !sz2
)
579 die("%s: error: invalid base 32 secret data\n", appnm());
580 outopts
->secret
= contents2
;
581 outopts
->secretSz
= sz2
;
583 if (outopts
->set
.counter
) {
584 if (outopts
->set
.period
|| outopts
->set
.t0
|| outopts
->set
.i
||
586 edie(2, "%s: error: -c is not compatible with -i, -p, -0 or -T\n",
589 if (outopts
->set
.i
&& outopts
->set
.testT
) {
590 fprintf(stderr
, "%s: warning: ignoring -i because -T specified\n", appnm());
593 if (outopts
->set
.i
&& !isatty(STDOUT_FILENO
)) {
594 fprintf(stderr
, "%s: warning: ignoring -i because output is not a tty\n", appnm());
597 if (outopts
->set
.i
) {
598 if (isrdtty(STDIN_FILENO
))
599 outopts
->iFileNo
= STDIN_FILENO
;
600 else if (isrdtty(STDERR_FILENO
))
601 outopts
->iFileNo
= STDERR_FILENO
;
602 else if (isrdtty(STDOUT_FILENO
))
603 outopts
->iFileNo
= STDOUT_FILENO
;
605 fprintf(stderr
, "%s: warning: ignoring -i because no input tty available\n", appnm());
609 if (outopts
->set
.testT
&& outopts
->testT
< outopts
->t0
)
610 edie(2, "%s: error: -T value (%llu) must be at least as big as the -0 value (%llu)\n",
611 appnm(), (unsigned long long)outopts
->testT
, (unsigned long long)outopts
->t0
);
612 if (!outopts
->set
.counter
&& !outopts
->set
.testT
) {
613 uint64_t tnow
= (uint64_t)time(NULL
);
615 if (tnow
< outopts
->t0
)
616 edie(2, "%s: error: time now (%llu) is less than time 0 (%llu)\n",
617 appnm(), (unsigned long long)tnow
, (unsigned long long)outopts
->t0
);
624 #define UCH(c) ((unsigned)(c))
625 return c
== UCH(' ') || c
== UCH('\t') || c
== UCH('\n') ||
626 c
== UCH('\r') || c
== UCH('\f');
636 if (fd
< 0 || fcntl(fd
, F_GETFD
) == -1 || !isatty(fd
))
638 acmode
= fcntl(fd
, F_GETFL
);
641 switch (acmode
& O_ACCMODE
) {
642 case O_RDONLY
: return 1;
643 case O_RDWR
: return 1;
655 acmode
= fcntl(fd
, F_GETFL
);
658 if (!(acmode
& O_NONBLOCK
)) {
659 if (fcntl(fd
, F_SETFL
, acmode
| O_NONBLOCK
) == -1)
662 while (read(fd
, discard
, sizeof(discard
)) > 0) {
665 if (!(acmode
& O_NONBLOCK
))
666 fcntl(fd
, F_SETFL
, acmode
);
669 #define MAX_FILE_SZ 16384
670 #define MAX_DECODE_SZ (((MAX_FILE_SZ) + 1) / 2)
672 static unsigned char *
684 die("bad readfile args\n");
685 while (*fn
== ' ' || *fn
== '\t')
688 die("%s: error: empty file name is invalid\n", appnm());
689 if (fn
[0] == '-' && !fn
[1]) {
690 if (dobinary
&& isatty(STDIN_FILENO
))
691 die("%s: error: refusing to read binary secret from isatty stdin\n",
696 data
= (unsigned char *)malloc(MAX_FILE_SZ
);
698 die("%s: error: unable to allocate memory block of size %u\n",
699 appnm(), MAX_FILE_SZ
);
700 sfile
= usingstdin
? stdin
: fopen(fn
, dobinary
? "rb" : "r");
702 die("%s: error: unable to open for reading file \"%s\"\n",
704 rcnt
= fread(data
, 1, MAX_FILE_SZ
, sfile
);
705 if (rcnt
>= MAX_FILE_SZ
&& !ferror(sfile
) && !feof(sfile
)) {
707 die("%s: error: file too large (> %u bytes) \"%s\"\n", appnm(),
712 die("%s: error: unable to read file \"%s\"\n", appnm(), fn
);
717 die("%s: error: empty file \"%s\"\n", appnm(), fn
);
722 static signed char hexdecode_table
[96] = {
723 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 0x20 - 0x2F */
724 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,-1,-1,-1,-1,-1,-1, /* 0x30 - 0x3F */
725 -1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 0x40 - 0x4F */
726 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 0x50 - 0x5F */
727 -1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 0x60 - 0x6F */
728 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1 /* 0x70 - 0x7F */
731 static unsigned char *
737 const unsigned char *in
= (unsigned char *)data_
;
738 unsigned char *out
, *p
;
741 unsigned char val
= 0;
743 if (!in
|| !sz
|| !outszp
)
745 out
= (unsigned char *)malloc(MAX_DECODE_SZ
);
747 die("%s: error: unable to allocate memory block of size %u\n",
748 appnm(), MAX_DECODE_SZ
);
751 unsigned char c
= *in
++;
757 if (c
< 0x20 || c
>= 0x80 || (d
= hexdecode_table
[c
- 0x20]) < 0) {
763 val
|= (unsigned char)d
;
764 if (outsz
>= MAX_DECODE_SZ
)
765 die("%s: error: decoded hex size exceeds %u\n",
766 appnm(), MAX_DECODE_SZ
);
771 val
= (unsigned char)d
;
783 static signed char b32decode_table
[96] = {
784 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 0x20 - 0x2F */
785 -1,-1,26,27,28,29,30,31,-1,-1,-1,-1,-1,32,-1,-1, /* 0x30 - 0x3F */
786 -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14, /* 0x40 - 0x4F */
787 15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1, /* 0x50 - 0x5F */
788 -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14, /* 0x60 - 0x6F */
789 15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1 /* 0x70 - 0x7F */
792 static unsigned char *
798 const unsigned char *in
= (unsigned char *)data_
;
799 unsigned char *out
, *p
;
804 if (!in
|| !sz
|| !outszp
)
806 out
= (unsigned char *)malloc(MAX_DECODE_SZ
);
808 die("%s: error: unable to allocate memory block of size %u\n",
809 appnm(), MAX_DECODE_SZ
);
812 unsigned char c
= *in
++;
818 if (c
< 0x20 || c
>= 0x80 || (d
= b32decode_table
[c
- 0x20]) < 0) {
826 bits
|= (unsigned char)d
;
829 if (outsz
>= MAX_DECODE_SZ
)
830 die("%s: error: decoded base 32 size exceeds %u\n",
831 appnm(), MAX_DECODE_SZ
);
832 *p
++ = (unsigned char)(bits
>> (bitcnt
- 8));
834 bits
&= (1U << (bitcnt
- 8)) - 1U;
839 if (bitcnt
>= 5 || bits
) {
847 static unsigned char *
857 const unsigned char *k
= (unsigned char *)k_
;
858 const unsigned char *d
= (unsigned char *)d_
;
860 unsigned char keydata
[MAX_BLOCK_SIZE
];
861 unsigned char hashdata
[MAX_HASH_OUTPUT
];
864 if (!hfnc
|| !hfnc
->outSize
|| !hfnc
->blockSize
|| !hfnc
->hashfunc
||
865 hfnc
->outSize
>= hfnc
->blockSize
)
867 if (!md
|| !k
|| !ksz
|| !d
|| !dsz
|| !omdsz
)
869 if (hfnc
->outSize
> MAX_HASH_OUTPUT
|| hfnc
->blockSize
> MAX_BLOCK_SIZE
)
871 if (ksz
> hfnc
->blockSize
) {
872 (*hfnc
->hashfunc
)(k
, ksz
, keydata
);
873 memset(keydata
+ hfnc
->outSize
, 0, hfnc
->blockSize
- hfnc
->outSize
);
875 memcpy(keydata
, k
, ksz
);
876 if (ksz
< hfnc
->blockSize
)
877 memset(keydata
+ ksz
, 0, hfnc
->blockSize
- ksz
);
879 for (idx
= 0; idx
< hfnc
->blockSize
; ++idx
)
880 keydata
[idx
] ^= 0x36;
881 if (!(*hfnc
->hashinitfunc
)(&hctx
))
882 die("hash init failed\n");
883 if (!(*hfnc
->hashupdatefunc
)(&hctx
, keydata
, hfnc
->blockSize
))
884 die("hash update failed\n");
885 if (!(*hfnc
->hashupdatefunc
)(&hctx
, d
, dsz
))
886 die("hash update failed\n");
887 if (!(*hfnc
->hashfinalfunc
)(hashdata
, &hctx
))
888 die("hash final failed\n");
889 for (idx
= 0; idx
< hfnc
->blockSize
; ++idx
)
890 keydata
[idx
] ^= (0x36 ^ 0x5C);
891 if (!(*hfnc
->hashinitfunc
)(&hctx
))
892 die("hash init failed\n");
893 if (!(*hfnc
->hashupdatefunc
)(&hctx
, keydata
, hfnc
->blockSize
))
894 die("hash update failed\n");
895 if (!(*hfnc
->hashupdatefunc
)(&hctx
, hashdata
, hfnc
->outSize
))
896 die("hash update failed\n");
897 if (!(*hfnc
->hashfinalfunc
)(md
, &hctx
))
898 die("hash final failed\n");
899 *omdsz
= hfnc
->outSize
;
908 vfprintf(stderr
, fmt
, args
);
920 vedie(ec
, fmt
, args
);
925 die( const char *fmt
,
931 vedie(255, fmt
, args
);