diff options
| author | Bakasura <bakasura@protonmail.ch> | 2020-07-13 18:27:27 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-13 16:27:27 -0700 |
| commit | c5a798beec0f24f6828cd3c43bbefd1e18a9d33a (patch) | |
| tree | 3d79de60cbcaf71562bf93c8b59db926eb020671 /plugins/fishlim/plugin_hexchat.c | |
| parent | 2f376953f3fd7d358aa25bf29c01d70a57d40e0c (diff) | |
FiSHLiM: Support for CBC mode + more commands (#2347)
Diffstat (limited to 'plugins/fishlim/plugin_hexchat.c')
| -rw-r--r-- | plugins/fishlim/plugin_hexchat.c | 342 |
1 files changed, 222 insertions, 120 deletions
diff --git a/plugins/fishlim/plugin_hexchat.c b/plugins/fishlim/plugin_hexchat.c index 3eaad986..ddb692da 100644 --- a/plugins/fishlim/plugin_hexchat.c +++ b/plugins/fishlim/plugin_hexchat.c @@ -2,6 +2,7 @@ Copyright (c) 2010-2011 Samuel Lidén Borell <samuel@kodafritt.se> Copyright (c) 2015 <the.cypher@gmail.com> + Copyright (c) 2019 <bakasura@protonmail.ch> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -30,19 +31,20 @@ #include <string.h> #include "hexchat-plugin.h" -#define HEXCHAT_MAX_WORDS 32 #include "fish.h" #include "dh1080.h" #include "keystore.h" #include "irc.h" +static const char *fish_modes[] = {"", "ECB", "CBC", NULL}; + static const char plugin_name[] = "FiSHLiM"; static const char plugin_desc[] = "Encryption plugin for the FiSH protocol. Less is More!"; -static const char plugin_version[] = "0.1.0"; +static const char plugin_version[] = "1.0.0"; -static const char usage_setkey[] = "Usage: SETKEY [<nick or #channel>] <password>, sets the key for a channel or nick"; -static const char usage_delkey[] = "Usage: DELKEY <nick or #channel>, deletes the key for a channel or nick"; +static const char usage_setkey[] = "Usage: SETKEY [<nick or #channel>] [<mode>:]<password>, sets the key for a channel or nick. Modes: ECB, CBC"; +static const char usage_delkey[] = "Usage: DELKEY [<nick or #channel>], deletes the key for a channel or nick"; static const char usage_keyx[] = "Usage: KEYX [<nick>], performs DH1080 key-exchange with <nick>"; static const char usage_topic[] = "Usage: TOPIC+ <topic>, sets a new encrypted topic for the current channel"; static const char usage_notice[] = "Usage: NOTICE+ <nick or #channel> <notice>"; @@ -54,6 +56,13 @@ static GHashTable *pending_exchanges; /** + * Compare two nicks using the current plugin + */ +int irc_nick_cmp(const char *a, const char *b) { + return hexchat_nickcmp (ph, a, b); +} + +/** * Returns the path to the key store file. */ gchar *get_config_filename(void) { @@ -88,7 +97,7 @@ static hexchat_context *find_context_on_network (const char *name) { int chan_id = hexchat_list_int(ph, channels, "id"); const char *chan_name = hexchat_list_str(ph, channels, "channel"); - if (chan_id == id && chan_name && hexchat_nickcmp (ph, chan_name, name) == 0) { + if (chan_id == id && chan_name && irc_nick_cmp (chan_name, name) == 0) { ret = (hexchat_context*)hexchat_list_str(ph, channels, "context"); break; } @@ -98,8 +107,109 @@ static hexchat_context *find_context_on_network (const char *name) { return ret; } -int irc_nick_cmp(const char *a, const char *b) { - return hexchat_nickcmp (ph, a, b); +/** + * Retrive the prefix character for own nick in current context + * @return @ or + or NULL + */ +char *get_my_own_prefix(void) { + char *result = NULL; + const char *own_nick; + hexchat_list *list; + + /* Display message */ + own_nick = hexchat_get_info(ph, "nick"); + + if (!own_nick) + return NULL; + + /* Get prefix for own nick if any */ + list = hexchat_list_get (ph, "users"); + if (list) { + while (hexchat_list_next(ph, list)) { + if (irc_nick_cmp(own_nick, hexchat_list_str(ph, list, "nick")) == 0) + result = g_strdup(hexchat_list_str(ph, list, "prefix")); + } + hexchat_list_free(ph, list); + } + + return result; +} + +/** + * Try to decrypt the first occurrence of fish message + * + * @param message Message to decrypt + * @param key Key of message + * @return Array of char with decrypted message or NULL. The returned string + * should be freed with g_free() when no longer needed. + */ +char *decrypt_raw_message(const char *message, const char *key) { + const char *prefixes[] = {"+OK ", "mcps ", NULL}; + char *start = NULL, *end = NULL; + char *left = NULL, *right = NULL; + char *encrypted = NULL, *decrypted = NULL; + int length = 0; + int index_prefix; + enum fish_mode mode; + GString *message_decrypted; + char *result = NULL; + + if (message == NULL || key == NULL) + return NULL; + + for (index_prefix = 0; index_prefix < 2; index_prefix++) { + start = g_strstr_len(message, strlen(message), prefixes[index_prefix]); + if (start) { + /* Length ALWAYS will be less that original message + * add '[CBC] ' length */ + message_decrypted = g_string_sized_new(strlen(message) + 6); + + /* Left part of message */ + left = g_strndup(message, start - message); + g_string_append(message_decrypted, left); + g_free(left); + + /* Encrypted part */ + start += strlen(prefixes[index_prefix]); + end = g_strstr_len(start, strlen(message), " "); + if (end) { + length = end - start; + right = end; + } + + if (length > 0) { + encrypted = g_strndup(start, length); + } else { + encrypted = g_strdup(start); + } + decrypted = fish_decrypt_from_nick(key, encrypted, &mode); + g_free(encrypted); + + if (decrypted == NULL) { + g_string_free(message_decrypted, TRUE); + return NULL; + } + + /* Add encrypted flag */ + g_string_append(message_decrypted, "["); + g_string_append(message_decrypted, fish_modes[mode]); + g_string_append(message_decrypted, "] "); + /* Decrypted message */ + g_string_append(message_decrypted, decrypted); + g_free(decrypted); + + /* Right part of message */ + if (right) { + g_string_append(message_decrypted, right); + } + + result = message_decrypted->str; + g_string_free(message_decrypted, FALSE); + return result; + } + } + + return NULL; } /*static int handle_debug(char *word[], char *word_eol[], void *userdata) { @@ -115,15 +225,24 @@ int irc_nick_cmp(const char *a, const char *b) { * Called when a message is to be sent. */ static int handle_outgoing(char *word[], char *word_eol[], void *userdata) { - const char *own_nick; + char *prefix; + enum fish_mode mode; + char *message; /* Encrypt the message if possible */ const char *channel = hexchat_get_info(ph, "channel"); - char *encrypted = fish_encrypt_for_nick(channel, word_eol[1]); + char *encrypted = fish_encrypt_for_nick(channel, word_eol[1], &mode); if (!encrypted) return HEXCHAT_EAT_NONE; + /* Get prefix for own nick if any */ + prefix = get_my_own_prefix(); + + /* Add encrypted flag */ + message = g_strconcat("[", fish_modes[mode], "] ", word_eol[1], NULL); + /* Display message */ - own_nick = hexchat_get_info(ph, "nick"); - hexchat_emit_print(ph, "Your Message", own_nick, word_eol[1], NULL); + hexchat_emit_print(ph, "Your Message", hexchat_get_info(ph, "nick"), message, prefix, NULL); + g_free(prefix); + g_free(message); /* Send message */ hexchat_commandf(ph, "PRIVMSG %s :+OK %s", channel, encrypted); @@ -139,96 +258,59 @@ static int handle_incoming(char *word[], char *word_eol[], hexchat_event_attrs * const char *prefix; const char *command; const char *recipient; - const char *encrypted; - const char *peice; + const char *raw_message = word_eol[1]; char *sender_nick; char *decrypted; - size_t w; - size_t ew; - size_t uw; - char prefix_char = 0; + size_t parameters_offset; GString *message; - if (!irc_parse_message((const char **)word, &prefix, &command, &w)) + if (!irc_parse_message((const char **)word, &prefix, &command, ¶meters_offset)) return HEXCHAT_EAT_NONE; - + /* Topic (command 332) has an extra parameter */ - if (!strcmp(command, "332")) w++; - - /* Look for encrypted data */ - for (ew = w+1; ew < HEXCHAT_MAX_WORDS-1; ew++) { - const char *s = (ew == w+1 ? word[ew]+1 : word[ew]); - if (*s && (s[1] == '+' || s[1] == 'm')) { prefix_char = *(s++); } - else { prefix_char = 0; } - if (strcmp(s, "+OK") == 0 || strcmp(s, "mcps") == 0) goto has_encrypted_data; + if (!strcmp(command, "332")) + parameters_offset++; + + /* Extract sender nick and recipient nick/channel and try to decrypt */ + recipient = word[parameters_offset]; + decrypted = decrypt_raw_message(raw_message, recipient); + if (decrypted == NULL) { + sender_nick = irc_prefix_get_nick(prefix); + decrypted = decrypt_raw_message(raw_message, sender_nick); + g_free(sender_nick); } - return HEXCHAT_EAT_NONE; - has_encrypted_data: ; - /* Extract sender nick and recipient nick/channel */ - sender_nick = irc_prefix_get_nick(prefix); - recipient = word[w]; - - /* Try to decrypt with these (the keys are searched for in the key store) */ - encrypted = word[ew+1]; - decrypted = fish_decrypt_from_nick(recipient, encrypted); - if (!decrypted) decrypted = fish_decrypt_from_nick(sender_nick, encrypted); - - /* Check for error */ - if (!decrypted) goto decrypt_error; - - /* Build unecrypted message */ - message = g_string_sized_new (100); /* TODO: more accurate estimation of size */ - g_string_append (message, "RECV"); + + /* Nothing to decrypt */ + if (decrypted == NULL) + return HEXCHAT_EAT_NONE; + + /* Build decrypted message */ + + /* decrypted + 'RECV ' + '@time=YYYY-MM-DDTHH:MM:SS.fffffZ ' */ + message = g_string_sized_new (strlen(decrypted) + 5 + 33); + g_string_append (message, "RECV "); if (attrs->server_time_utc) { GTimeVal tv = { (glong)attrs->server_time_utc, 0 }; char *timestamp = g_time_val_to_iso8601 (&tv); - g_string_append (message, " @time="); + g_string_append (message, "@time="); g_string_append (message, timestamp); + g_string_append (message, " "); g_free (timestamp); } - for (uw = 1; uw < HEXCHAT_MAX_WORDS; uw++) { - if (word[uw][0] != '\0') - g_string_append_c (message, ' '); - - if (uw == ew) { - /* Add the encrypted data */ - peice = decrypted; - uw++; /* Skip "OK+" */ - - if (ew == w+1) { - /* Prefix with colon, which gets stripped out otherwise */ - g_string_append_c (message, ':'); - } - - if (prefix_char) { - g_string_append_c (message, prefix_char); - } - - } else { - /* Add unencrypted data (for example, a prefix from a bouncer or bot) */ - peice = word[uw]; - } - - g_string_append (message, peice); - } + g_string_append (message, decrypted); g_free(decrypted); - /* Simulate unencrypted message */ - /* hexchat_printf(ph, "simulating: %s\n", message->str); */ + /* Fake server message + * RECV command will throw this function again, if message have multiple + * encrypted data, we will decrypt all */ hexchat_command(ph, message->str); - g_string_free (message, TRUE); - g_free(sender_nick); - return HEXCHAT_EAT_HEXCHAT; - decrypt_error: - g_free(decrypted); - g_free(sender_nick); - return HEXCHAT_EAT_NONE; + return HEXCHAT_EAT_HEXCHAT; } static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) { @@ -236,8 +318,8 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) { const char *dh_pubkey = word[5]; hexchat_context *query_ctx; const char *prefix; - gboolean cbc; char *sender, *secret_key, *priv_key = NULL; + enum fish_mode mode = FISH_ECB_MODE; if (!*dh_message || !*dh_pubkey || strlen(dh_pubkey) != 181) return HEXCHAT_EAT_NONE; @@ -248,25 +330,21 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) { sender = irc_prefix_get_nick(prefix); query_ctx = find_context_on_network(sender); if (query_ctx) - hexchat_set_context(ph, query_ctx); + g_assert(hexchat_set_context(ph, query_ctx) == 1); dh_message++; /* : prefix */ if (*dh_message == '+' || *dh_message == '-') dh_message++; /* identify-msg */ - cbc = g_strcmp0 (word[6], "CBC") == 0; + if (g_strcmp0 (word[6], "CBC") == 0) + mode = FISH_CBC_MODE; if (!strcmp(dh_message, "DH1080_INIT")) { char *pub_key; - if (cbc) { - hexchat_print(ph, "Received key exchange for CBC mode which is not supported."); - goto cleanup; - } - - hexchat_printf(ph, "Received public key from %s, sending mine...", sender); + hexchat_printf(ph, "Received public key from %s (%s), sending mine...", sender, fish_modes[mode]); if (dh1080_generate_key(&priv_key, &pub_key)) { - hexchat_commandf(ph, "quote NOTICE %s :DH1080_FINISH %s", sender, pub_key); + hexchat_commandf(ph, "quote NOTICE %s :DH1080_FINISH %s%s", sender, pub_key, (mode == FISH_CBC_MODE) ? " CBC" : ""); g_free(pub_key); } else { hexchat_print(ph, "Failed to generate keys"); @@ -279,11 +357,6 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) { g_hash_table_steal(pending_exchanges, sender_lower); g_free(sender_lower); - if (cbc) { - hexchat_print(ph, "Received key exchange for CBC mode which is not supported."); - goto cleanup; - } - if (!priv_key) { hexchat_printf(ph, "Received a key exchange response for unknown user: %s", sender); goto cleanup; @@ -295,8 +368,8 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) { } if (dh1080_compute_key(priv_key, dh_pubkey, &secret_key)) { - keystore_store_key(sender, secret_key); - hexchat_printf(ph, "Stored new key for %s", sender); + keystore_store_key(sender, secret_key, mode); + hexchat_printf(ph, "Stored new key for %s (%s)", sender, fish_modes[mode]); g_free(secret_key); } else { hexchat_print(ph, "Failed to create secret key!"); @@ -314,6 +387,7 @@ cleanup: static int handle_setkey(char *word[], char *word_eol[], void *userdata) { const char *nick; const char *key; + enum fish_mode mode; /* Check syntax */ if (*word[2] == '\0') { @@ -331,9 +405,17 @@ static int handle_setkey(char *word[], char *word_eol[], void *userdata) { key = word_eol[3]; } + mode = FISH_ECB_MODE; + if (g_ascii_strncasecmp("cbc:", key, 4) == 0) { + key = key+4; + mode = FISH_CBC_MODE; + } else if (g_ascii_strncasecmp("ecb:", key, 4) == 0) { + key = key+4; + } + /* Set password */ - if (keystore_store_key(nick, key)) { - hexchat_printf(ph, "Stored key for %s\n", nick); + if (keystore_store_key(nick, key, mode)) { + hexchat_printf(ph, "Stored key for %s (%s)\n", nick, fish_modes[mode]); } else { hexchat_printf(ph, "\00305Failed to store key in addon_fishlim.conf\n"); } @@ -345,22 +427,30 @@ static int handle_setkey(char *word[], char *word_eol[], void *userdata) { * Command handler for /delkey */ static int handle_delkey(char *word[], char *word_eol[], void *userdata) { - const char *nick; + char *nick = NULL; + int ctx_type = 0; + + /* Delete key from input */ + if (*word[2] != '\0') { + nick = g_strstrip(g_strdup(word_eol[2])); + } else { /* Delete key from current context */ + nick = g_strdup(hexchat_get_info(ph, "channel")); + ctx_type = hexchat_list_int(ph, NULL, "type"); - /* Check syntax */ - if (*word[2] == '\0' || *word[3] != '\0') { - hexchat_printf(ph, "%s\n", usage_delkey); - return HEXCHAT_EAT_HEXCHAT; + /* Only allow channel or dialog */ + if (ctx_type < 2 || ctx_type > 3) { + hexchat_printf(ph, "%s\n", usage_delkey); + return HEXCHAT_EAT_HEXCHAT; + } } - nick = g_strstrip (word_eol[2]); - /* Delete the given nick from the key store */ if (keystore_delete_nick(nick)) { hexchat_printf(ph, "Deleted key for %s\n", nick); } else { hexchat_printf(ph, "\00305Failed to delete key in addon_fishlim.conf!\n"); } + g_free(nick); return HEXCHAT_EAT_HEXCHAT; } @@ -379,7 +469,7 @@ static int handle_keyx(char *word[], char *word_eol[], void *userdata) { } if (query_ctx) { - hexchat_set_context(ph, query_ctx); + g_assert(hexchat_set_context(ph, query_ctx) == 1); ctx_type = hexchat_list_int(ph, NULL, "type"); } @@ -391,8 +481,8 @@ static int handle_keyx(char *word[], char *word_eol[], void *userdata) { if (dh1080_generate_key(&priv_key, &pub_key)) { g_hash_table_replace (pending_exchanges, g_ascii_strdown(target, -1), priv_key); - hexchat_commandf(ph, "quote NOTICE %s :DH1080_INIT %s", target, pub_key); - hexchat_printf(ph, "Sent public key to %s, waiting for reply...", target); + hexchat_commandf(ph, "quote NOTICE %s :DH1080_INIT %s CBC", target, pub_key); + hexchat_printf(ph, "Sent public key to %s (CBC), waiting for reply...", target); g_free(pub_key); } else { @@ -409,6 +499,7 @@ static int handle_crypt_topic(char *word[], char *word_eol[], void *userdata) { const char *target; const char *topic = word_eol[2]; char *buf; + enum fish_mode mode; if (!*topic) { hexchat_print(ph, usage_topic); @@ -421,7 +512,7 @@ static int handle_crypt_topic(char *word[], char *word_eol[], void *userdata) { } target = hexchat_get_info(ph, "channel"); - buf = fish_encrypt_for_nick(target, topic); + buf = fish_encrypt_for_nick(target, topic, &mode); if (buf == NULL) { hexchat_printf(ph, "/topic+ error, no key found for %s", target); return HEXCHAT_EAT_ALL; @@ -439,21 +530,25 @@ static int handle_crypt_notice(char *word[], char *word_eol[], void *userdata) { const char *target = word[2]; const char *notice = word_eol[3]; + char *notice_flag; char *buf; + enum fish_mode mode; if (!*target || !*notice) { hexchat_print(ph, usage_notice); return HEXCHAT_EAT_ALL; } - buf = fish_encrypt_for_nick(target, notice); + buf = fish_encrypt_for_nick(target, notice, &mode); if (buf == NULL) { hexchat_printf(ph, "/notice+ error, no key found for %s.", target); return HEXCHAT_EAT_ALL; } hexchat_commandf(ph, "quote NOTICE %s :+OK %s", target, buf); - hexchat_emit_print(ph, "Notice Sent", target, notice); + notice_flag = g_strconcat("[", fish_modes[mode], "] ", notice, NULL); + hexchat_emit_print(ph, "Notice Send", target, notice_flag); + g_free(notice_flag); g_free(buf); return HEXCHAT_EAT_ALL; @@ -462,19 +557,21 @@ static int handle_crypt_notice(char *word[], char *word_eol[], void *userdata) /** * Command handler for /msg+ */ -static int handle_crypt_msg(char *word[], char *word_eol[], void *userdata) -{ +static int handle_crypt_msg(char *word[], char *word_eol[], void *userdata) { const char *target = word[2]; const char *message = word_eol[3]; + char *message_flag; + char *prefix; hexchat_context *query_ctx; char *buf; + enum fish_mode mode; if (!*target || !*message) { hexchat_print(ph, usage_msg); return HEXCHAT_EAT_ALL; } - buf = fish_encrypt_for_nick(target, message); + buf = fish_encrypt_for_nick(target, message, &mode); if (buf == NULL) { hexchat_printf(ph, "/msg+ error, no key found for %s", target); return HEXCHAT_EAT_ALL; @@ -484,13 +581,17 @@ static int handle_crypt_msg(char *word[], char *word_eol[], void *userdata) query_ctx = find_context_on_network(target); if (query_ctx) { - hexchat_set_context(ph, query_ctx); + g_assert(hexchat_set_context(ph, query_ctx) == 1); + + prefix = get_my_own_prefix(); - /* FIXME: Mode char */ + /* Add encrypted flag */ + message_flag = g_strconcat("[", fish_modes[mode], "] ", message, NULL); hexchat_emit_print(ph, "Your Message", hexchat_get_info(ph, "nick"), - message, "", ""); - } - else { + message_flag, prefix, NULL); + g_free(prefix); + g_free(message_flag); + } else { hexchat_emit_print(ph, "Message Send", target, message); } @@ -501,8 +602,9 @@ static int handle_crypt_msg(char *word[], char *word_eol[], void *userdata) static int handle_crypt_me(char *word[], char *word_eol[], void *userdata) { const char *channel = hexchat_get_info(ph, "channel"); char *buf; + enum fish_mode mode; - buf = fish_encrypt_for_nick(channel, word_eol[2]); + buf = fish_encrypt_for_nick(channel, word_eol[2], &mode); if (!buf) return HEXCHAT_EAT_NONE; |