/* This program prompts for a password and then writes a snippet of C code to stdout which consists of an initialized struct containing the encrypted password. Use like this: encodepw > xx.c You should then include xx.c in your real program and call the decode_password which should be copied into your real application along with the functions reset_xor_seed and getrandomxor. The RSEED, MULT, and PLUS constants can be changed to suit your whim. Yoy could also unix rand functions but be sure to supply the encode and decode programs with the same seed values. */ #include #include #include #define MAXPWLENGTH 15 #define assign_errno(x) ((errno != 0) ? errno : (x)) extern int errno; typedef struct { short len; unsigned char xor[MAXPWLENGTH + 1]; } xor_pw_rec; /* ===================================================================== */ #define RSEED 21957 #define MULT 11109 #define PLUS 265873 /* produces a fixed random sequence so that password dictionary cannot be hacked with a simple string search; not meant to be a really good RNG */ static unsigned int seed = RSEED; static void problem(char *msg, int err) { (void) fprintf(stderr,"%s (%d)\n",msg,err); (void) fflush(stderr); return; } /* problem */ void reset_xor_seed(void) { seed = RSEED; return; } /* reset_xor_seed */ unsigned short getrandomxor(void) { unsigned short out = 0; seed = (seed * MULT) + PLUS; out = (unsigned short) seed % 0xFF; return(out); } /* getrandomxor */ /* ==================================================================== */ static void write_password_code(char *varname, xor_pw_rec q) { short i = 0; (void) printf("xor_pw_rec %s = \n",varname); (void) printf(" {\n"); (void) printf(" %d, {",(int) q.len); while (i < q.len - 1) { (void) printf("%04o,",q.xor[i]); ++i; } /* while */ (void) printf("%04o}\n",q.xor[i]); (void) printf(" };\n\n"); return; } /* write_password_code */ static int encode_password(char *p, xor_pw_rec *q) { int len = 0,cc = 0,i = 0; unsigned char ch = ' '; q->len = 0; len = strlen(p); reset_xor_seed(); while (i < len && i < MAXPWLENGTH) { ch = (unsigned char) p[i]; p[i] ^= getrandomxor(); q->xor[i] = p[i]; q->len += 1; ++i; } /* while */ write_password_code("my_secret",*q); return(cc); } /* encode_password */ unsigned char *decode_password(xor_pw_rec q) { static unsigned char s[MAXPWLENGTH + 1]; short i = 0; unsigned char ch = ' '; reset_xor_seed(); while (i < q.len && i < MAXPWLENGTH) { ch = q.xor[i]; ch ^= getrandomxor(); s[i] = ch; ++i; } /* while */ s[i] = '\0'; return(s); } /* decode_password */ /* ===================================================================== */ int main(int argc, char *argv[]) { int cc = 0; char *p = NULL; p = getpass("Enter password to be encrypted: "); if (p != NULL) { int len = 0; len = (int) strlen(p); if ((len > 0) && (len <= MAXPWLENGTH)) { xor_pw_rec q; cc = encode_password(p,&q); } else { cc = 1; problem("Invalid password length",cc); } } else { cc = assign_errno(-1); problem("Internal error",cc); } return(cc); } /* main */ /* --------- Snippet of decode application ------------ */ #ifdef XXXX #define MAXPWLENGTH 15 typedef struct { short len; unsigned char xor[MAXPWLENGTH + 1]; } xor_pw_rec; /* This would be generated by the encodepw and should be included in the source */ xor_pw_rec my_secret = { 5, {0046,0252,0366,0177,0114} }; void dummy_func(void) { unsigned char *plaintext = NULL; plaintext = decode_password(my_secret); return; } /* dummy_func */ #endif /* XXXX */