From e9cda7ec15f4406da1fb55e9f6ec4198cbc515bf Mon Sep 17 00:00:00 2001 From: Tomek Dubrownik Date: Mon, 30 Apr 2012 23:32:57 +0200 Subject: [PATCH] find card in ldap --- terminal/CMakeLists.txt | 6 ++- terminal/hash-one.c | 11 +++++ terminal/ldap.c | 91 ++++++++++++++++++++++++++++++++++++++--- 3 files changed, 101 insertions(+), 7 deletions(-) create mode 100644 terminal/hash-one.c diff --git a/terminal/CMakeLists.txt b/terminal/CMakeLists.txt index 1506ff3..7356de1 100644 --- a/terminal/CMakeLists.txt +++ b/terminal/CMakeLists.txt @@ -1,6 +1,8 @@ project(hf-terminal) add_executable(hf-terminal main.c tts.c base64.c ldap.c nfc.c) -set(CMAKE_C_FLAGS "-std=c99") +add_executable(hash-one hash-one.c ldap.c) +set(CMAKE_C_FLAGS "-std=c99 -g") -target_link_libraries(hf-terminal nfc m) +target_link_libraries(hf-terminal nfc m ldap crypto) +target_link_libraries(hash-one m crypto ldap) diff --git a/terminal/hash-one.c b/terminal/hash-one.c new file mode 100644 index 0000000..322ebcf --- /dev/null +++ b/terminal/hash-one.c @@ -0,0 +1,11 @@ +#include +#include "ldap.h" + +int main(int argc, char** argv) { + char hash[130]; + if(argc < 3) + return 1; + hash_mifare(argv[1], argv[2], hash); + printf("%s\n", hash); + return 0; +} diff --git a/terminal/ldap.c b/terminal/ldap.c index ae2a908..21d7234 100644 --- a/terminal/ldap.c +++ b/terminal/ldap.c @@ -1,9 +1,90 @@ +//sorry +#define LDAP_DEPRECATED 1 + +#include +#include +#include +#include +#include +#include +#include +#include "config.h" + +static char* ldap_attrs_hashes[] = { + "uid", + "mifareIDHash", + 0, +}; + +int hash_mifare(char *MifareID, char *salt, char* target) { + SHA256_CTX sha_c; + bzero(target, 130); + SHA256_Init(&sha_c); + SHA256_Update(&sha_c, salt, strnlen(salt, 64)); + SHA256_Update(&sha_c, MifareID, strnlen(MifareID, 64)); + strncat(target, salt, 63); + strcat(target, "$"); + unsigned char hash[65]; + SHA256_Final(hash, &sha_c); + target = target + strnlen(target, 64); + for(int i = 0; i < SHA256_DIGEST_LENGTH; ++i) { + sprintf(target, "%02x", hash[i]); + target += 2; + } + *(target + 1) = 0; +} + int ldap_dn_by_mifare(char *MifareID, char *DNOut, int *DNLength) { - // TODO: actually implement thid. tkd? + int i; + + LDAP *ld; + LDAPMessage *msg, *entry; + int result = 0, version = LDAP_VERSION3, nentries; + unsigned char **values, crypt_hash[130], + entry_salt[20]; - strncpy(DNOut, "q3k", *DNLength); - *DNLength = strlen("q3k"); - - return 0; + if(LDAP_SUCCESS != (result = ldap_initialize(&ld, LDAP_URL))) { + goto finalize; + } + if(LDAP_SUCCESS != (result = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version))) { + goto finalize; + } +/* if(LDAP_SUCCESS != (result = ldap_start_tls_s(ld, NULL, NULL))) { + goto finalize; + }*/ + if(LDAP_SUCCESS != (result = ldap_bind_s(ld, LDAP_DN, LDAP_PW, LDAP_AUTH_SIMPLE))) { + goto finalize; + } + if(LDAP_SUCCESS != (result = ldap_search_s(ld, LDAP_BASE, LDAP_SCOPE_SUBTREE, + LDAP_FILTER_HASHES, ldap_attrs_hashes, 0, &msg))) { + goto search_finalize; + } + nentries = ldap_count_entries(ld, msg); + result = LDAP_NO_SUCH_OBJECT; + for(entry = ldap_first_entry(ld, msg); entry != NULL; entry = ldap_next_entry(ld, entry)) { + values = ldap_get_values(ld, entry, "mifareIDHash"); + if(values) { + for(i = 0; values[i] != NULL; ++i) { + bzero(entry_salt, 20); + int hash_len = strcspn(values[i], "$"); + strncpy(entry_salt, values[i], hash_len); + hash_mifare(MifareID, entry_salt, crypt_hash); + if(!strncmp(crypt_hash, values[i], 128)) { + char *dn = ldap_get_dn(ld, entry); + strncpy(DNOut, dn, *DNLength); + DNOut[*DNLength - 1] = 0; + *DNLength = strlen(dn); + ldap_memfree(dn); + result = 0; + } + } + ldap_value_free(values); + } + } +search_finalize: + ldap_msgfree(msg); +finalize: + ldap_unbind_s(ld); + return result; }