secret.c
3.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
/* GNU Mailutils -- a suite of utilities for electronic mail
Copyright (C) 2009, 2010 Free Software Foundation, Inc.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 3 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General
Public License along with this library; if not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301 USA */
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stdlib.h>
#include <string.h>
#include <mailutils/types.h>
#include <mailutils/secret.h>
#include <mailutils/errno.h>
struct _mu_secret
{
unsigned int refcnt; /* Number of references to this object */
size_t length; /* Secret length */
unsigned char *obptr; /* Obfuscated data */
unsigned char *clptr; /* Cleartext data */
unsigned int clref; /* Number of references to clptr returned
this far */
};
static unsigned char xchar;
static void
obfuscate (const unsigned char *input, unsigned char *output, size_t len)
{
if (!xchar)
xchar = random () % 255;
while (len--)
*output++ = *input++ ^ xchar;
}
int
mu_secret_create (mu_secret_t *psec, const char *value, size_t len)
{
mu_secret_t sec;
sec = calloc (1, sizeof (sec[0]) + 2 * (len + 1));
if (!sec)
return ENOMEM;
sec->obptr = (unsigned char*)(sec + 1);
sec->clptr = sec->obptr + len + 1;
obfuscate ((unsigned char *) value, sec->obptr, len);
sec->length = len;
*psec = sec;
mu_secret_ref (sec);
return 0;
}
int
mu_secret_dup (mu_secret_t sec, mu_secret_t *newsec)
{
const char *pass = mu_secret_password (sec);
int rc = mu_secret_create (newsec, pass, strlen (pass));
mu_secret_password_unref (sec);
return rc;
}
void
mu_secret_ref (mu_secret_t sec)
{
if (sec)
sec->refcnt++;
}
/* Decrement reference counter in SEC. If it falls to 0, free memory
allocated for SEC and return 0. Otherwise, return MU_ERR_EXISTS,
indicating that someone else is still holding it.
Return EINVAL if sec==NULL. */
int
mu_secret_unref (mu_secret_t sec)
{
if (sec)
{
if (sec->refcnt)
sec->refcnt--;
if (sec->refcnt == 0)
{
memset (sec->clptr, 0, sec->length);
memset (sec->obptr, 0, sec->length);
free (sec);
return 0;
}
return MU_ERR_EXISTS;
}
return EINVAL;
}
void
mu_secret_destroy (mu_secret_t *psec)
{
if (psec && *psec && mu_secret_unref (*psec) == 0)
*psec = NULL;
}
const char *
mu_secret_password (mu_secret_t sec)
{
if (!sec)
return 0;
if (sec->clref++ == 0)
obfuscate (sec->obptr, sec->clptr, sec->length);
return (const char*) sec->clptr;
}
size_t
mu_secret_length (mu_secret_t sec)
{
if (!sec)
return 0;
return sec->length;
}
void
mu_secret_password_unref (mu_secret_t sec)
{
if (--sec->clref == 0)
memset (sec->clptr, 0, sec->length);
}