From 3d8ba053deeacd74e621469d3d45d1db38ee411a Mon Sep 17 00:00:00 2001 From: Jonathan Beck Date: Fri, 12 Dec 2008 23:39:33 +0100 Subject: Change from Base64 encoded buffers to real buffers. Base64 decoding/encoding only happens in xml plists. --- src/lockdown.c | 143 ++++++++++++++++++++++++++++++++------------------------- src/lockdown.h | 11 +++-- src/plist.c | 8 ++-- src/plist.h | 4 +- src/userpref.c | 10 ++-- src/userpref.h | 2 +- src/xplist.c | 8 +++- 7 files changed, 104 insertions(+), 82 deletions(-) diff --git a/src/lockdown.c b/src/lockdown.c index 4c96a7d..e882128 100644 --- a/src/lockdown.c +++ b/src/lockdown.c @@ -180,7 +180,7 @@ iphone_error_t lockdownd_hello(iphone_lckd_client_t control) plist_t dict = NULL; plist_new_dict(&dict); - plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "QueryType"); + plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "QueryType", strlen("QueryType")); log_debug_msg("lockdownd_hello() called\n"); char *XML_content = NULL; @@ -190,7 +190,7 @@ iphone_error_t lockdownd_hello(iphone_lckd_client_t control) log_debug_msg("Send msg :\nsize : %i\nxml : %s", length, XML_content); ret = iphone_lckd_send(control, XML_content, length, &bytes); - xmlFree(XML_content); + free(XML_content); XML_content = NULL; plist_free(dict); dict = NULL; @@ -211,9 +211,11 @@ iphone_error_t lockdownd_hello(iphone_lckd_client_t control) char *result_value = NULL; char *value_value = NULL; + uint64_t result_length = 0; + uint64_t value_length = 0; - get_type_and_value(result_node, &result_type, (void *) (&result_value)); - get_type_and_value(value_node, &value_type, (void *) (&value_value)); + get_type_and_value(result_node, &result_type, (void *) (&result_value), &result_length); + get_type_and_value(value_node, &value_type, (void *) (&value_value), &value_length); if (result_type == PLIST_KEY && value_type == PLIST_STRING && !strcmp(result_value, "Result") && !strcmp(value_value, "Success")) { @@ -232,9 +234,10 @@ iphone_error_t lockdownd_hello(iphone_lckd_client_t control) * * @return IPHONE_E_SUCCESS on success. */ -iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *req_key, char *req_string, char **value) +iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *req_key, char *req_string, + gnutls_datum_t * value) { - if (!control || !req_key || !value || (value && *value)) + if (!control || !req_key || !value || value->data) return IPHONE_E_INVALID_ARG; plist_t dict = NULL; @@ -245,15 +248,15 @@ iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *r /* Setup DevicePublicKey request plist */ plist_new_dict(&dict); - plist_add_dict_element(dict, req_key, PLIST_STRING, (void *) req_string); - plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "GetValue"); + plist_add_dict_element(dict, req_key, PLIST_STRING, (void *) req_string, strlen(req_string)); + plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "GetValue", strlen("GetValue")); plist_to_xml(dict, &XML_content, &length); /* send to iPhone */ log_debug_msg("Send msg :\nsize : %i\nxml : %s", length, XML_content); ret = iphone_lckd_send(control, XML_content, length, &bytes); - xmlFree(XML_content); + free(XML_content); XML_content = NULL; plist_free(dict); dict = NULL; @@ -280,9 +283,11 @@ iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *r plist_type result_value_type; char *result_key = NULL; char *result_value = NULL; + uint64_t result_length = 0; + uint64_t value_length = 0; - get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key)); - get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value)); + get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key), &result_length); + get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value), &value_length); if (result_key_type == PLIST_KEY && result_value_type == PLIST_STRING && !strcmp(result_key, "Result") && !strcmp(result_value, "Success")) { @@ -300,13 +305,16 @@ iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *r plist_type value_value_type; char *value_key = NULL; char *value_value = NULL; + uint64_t key_length = 0; + uint64_t valval_length = 0; - get_type_and_value(value_key_node, &value_key_type, (void *) (&value_key)); - get_type_and_value(value_value_node, &value_value_type, (void *) (&value_value)); + get_type_and_value(value_key_node, &value_key_type, (void *) (&value_key), &key_length); + get_type_and_value(value_value_node, &value_value_type, (void *) (&value_value), &valval_length); if (value_key_type == PLIST_KEY && !strcmp(result_key, "Value")) { log_debug_msg("lockdownd_generic_get_value(): success\n"); - *value = value_value; + value->data = value_value; + value->size = valval_length; ret = IPHONE_E_SUCCESS; } @@ -323,7 +331,9 @@ iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *r */ iphone_error_t lockdownd_get_device_uid(iphone_lckd_client_t control, char **uid) { - return lockdownd_generic_get_value(control, "Key", "UniqueDeviceID", uid); + gnutls_datum_t temp = { NULL, 0 }; + return lockdownd_generic_get_value(control, "Key", "UniqueDeviceID", &temp); + *uid = temp.data; } /** Askes for the device's public key. Part of the lockdownd handshake. @@ -332,7 +342,7 @@ iphone_error_t lockdownd_get_device_uid(iphone_lckd_client_t control, char **uid * * @return 1 on success and 0 on failure. */ -iphone_error_t lockdownd_get_device_public_key(iphone_lckd_client_t control, char **public_key) +iphone_error_t lockdownd_get_device_public_key(iphone_lckd_client_t control, gnutls_datum_t * public_key) { return lockdownd_generic_get_value(control, "Key", "DevicePublicKey", public_key); } @@ -410,39 +420,39 @@ iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *uid, ch char *XML_content = NULL; uint32_t length = 0; - char *device_cert_b64 = NULL; - char *host_cert_b64 = NULL; - char *root_cert_b64 = NULL; - char *public_key_b64 = NULL; + gnutls_datum_t device_cert = { NULL, 0 }; + gnutls_datum_t host_cert = { NULL, 0 }; + gnutls_datum_t root_cert = { NULL, 0 }; + gnutls_datum_t public_key = { NULL, 0 }; - ret = lockdownd_get_device_public_key(control, &public_key_b64); + ret = lockdownd_get_device_public_key(control, &public_key); if (ret != IPHONE_E_SUCCESS) { fprintf(stderr, "Device refused to send public key.\n"); return ret; } - ret = lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64); + ret = lockdownd_gen_pair_cert(public_key, &device_cert, &host_cert, &root_cert); if (ret != IPHONE_E_SUCCESS) { - free(public_key_b64); + free(public_key.data); return ret; } /* Setup Pair request plist */ plist_new_dict(&dict); - plist_add_dict_element(dict, "PairRecord", PLIST_DICT, NULL); + plist_add_dict_element(dict, "PairRecord", PLIST_DICT, NULL, 0); dict_record = g_node_last_child(dict); - plist_add_dict_element(dict_record, "DeviceCertificate", PLIST_DATA, (void *) device_cert_b64); - plist_add_dict_element(dict_record, "HostCertificate", PLIST_DATA, (void *) host_cert_b64); - plist_add_dict_element(dict_record, "HostID", PLIST_STRING, (void *) host_id); - plist_add_dict_element(dict_record, "RootCertificate", PLIST_DATA, (void *) root_cert_b64); - plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "Pair"); + plist_add_dict_element(dict_record, "DeviceCertificate", PLIST_DATA, (void *) device_cert.data, device_cert.size); + plist_add_dict_element(dict_record, "HostCertificate", PLIST_DATA, (void *) host_cert.data, host_cert.size); + plist_add_dict_element(dict_record, "HostID", PLIST_STRING, (void *) host_id, strlen(host_id)); + plist_add_dict_element(dict_record, "RootCertificate", PLIST_DATA, (void *) root_cert.data, root_cert.size); + plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "Pair", strlen("Pair")); plist_to_xml(dict, &XML_content, &length); log_debug_msg("XML Pairing request :\nsize : %i\nxml :\n %s", length, XML_content); /* send to iPhone */ ret = iphone_lckd_send(control, XML_content, length, &bytes); - xmlFree(XML_content); + free(XML_content); plist_free(dict); dict = NULL; @@ -471,9 +481,11 @@ iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *uid, ch plist_type result_value_type; char *result_key = NULL; char *result_value = NULL; + uint64_t key_length = 0; + uint64_t val_length = 0; - get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key)); - get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value)); + get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key), &key_length); + get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value), &val_length); if (result_key_type == PLIST_KEY && result_value_type == PLIST_STRING && !strcmp(result_key, "Result") && !strcmp(result_value, "Success")) { @@ -483,13 +495,13 @@ iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *uid, ch /* store public key in config if pairing succeeded */ if (ret == IPHONE_E_SUCCESS) { log_debug_msg("lockdownd_pair_device: pair success\n"); - store_device_public_key(uid, public_key_b64); + store_device_public_key(uid, public_key); ret = IPHONE_E_SUCCESS; } else { log_debug_msg("lockdownd_pair_device: pair failure\n"); ret = IPHONE_E_PAIRING_FAILED; } - free(public_key_b64); + free(public_key.data); return ret; } @@ -498,25 +510,19 @@ iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *uid, ch * * @return IPHONE_E_SUCCESS on success. */ -iphone_error_t lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char **host_cert_b64, - char **root_cert_b64) +iphone_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datum_t * odevice_cert, + gnutls_datum_t * ohost_cert, gnutls_datum_t * oroot_cert) { - if (!public_key_b64 || !device_cert_b64 || !host_cert_b64 || !root_cert_b64) + if (!public_key.data || !odevice_cert || !ohost_cert || !oroot_cert) return IPHONE_E_INVALID_ARG; iphone_error_t ret = IPHONE_E_UNKNOWN_ERROR; gnutls_datum_t modulus = { NULL, 0 }; gnutls_datum_t exponent = { NULL, 0 }; - /* first decode base64 public_key */ - gnutls_datum_t pem_pub_key; - gsize decoded_size; - pem_pub_key.data = g_base64_decode(public_key_b64, &decoded_size); - pem_pub_key.size = decoded_size; - /* now decode the PEM encoded key */ gnutls_datum_t der_pub_key; - if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &pem_pub_key, &der_pub_key)) { + if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key)) { /* initalize asn.1 parser */ ASN1_TYPE pkcs1 = ASN1_TYPE_EMPTY; @@ -600,10 +606,18 @@ iphone_error_t lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_ dev_pem.data = gnutls_malloc(dev_pem.size); gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &dev_pem.size); - /* now encode certificates for output */ - *device_cert_b64 = g_base64_encode(dev_pem.data, dev_pem.size); - *host_cert_b64 = g_base64_encode(pem_host_cert.data, pem_host_cert.size); - *root_cert_b64 = g_base64_encode(pem_root_cert.data, pem_root_cert.size); + /* copy buffer for output */ + odevice_cert->data = malloc(dev_pem.size); + memcpy(odevice_cert->data, dev_pem.data, dev_pem.size); + odevice_cert->size = dev_pem.size; + + ohost_cert->data = malloc(pem_host_cert.size); + memcpy(ohost_cert->data, pem_host_cert.data, pem_host_cert.size); + ohost_cert->size = pem_host_cert.size; + + oroot_cert->data = malloc(pem_root_cert.size); + memcpy(oroot_cert->data, pem_root_cert.data, pem_root_cert.size); + oroot_cert->size = pem_root_cert.size; } gnutls_free(pem_root_priv.data); gnutls_free(pem_root_cert.data); @@ -615,7 +629,6 @@ iphone_error_t lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_ gnutls_free(exponent.data); gnutls_free(der_pub_key.data); - g_free(pem_pub_key.data); return ret; } @@ -637,14 +650,14 @@ iphone_error_t lockdownd_start_SSL_session(iphone_lckd_client_t control, const c /* Setup DevicePublicKey request plist */ plist_new_dict(&dict); - plist_add_dict_element(dict, "HostID", PLIST_STRING, (void *) HostID); - plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "StartSession"); + plist_add_dict_element(dict, "HostID", PLIST_STRING, (void *) HostID, strlen(HostID)); + plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "StartSession", strlen("StartSession")); plist_to_xml(dict, &XML_content, &length); log_debug_msg("Send msg :\nsize : %i\nxml : %s", length, XML_content); ret = iphone_lckd_send(control, XML_content, length, &bytes); - xmlFree(XML_content); + free(XML_content); XML_content = NULL; plist_free(dict); dict = NULL; @@ -667,11 +680,13 @@ iphone_error_t lockdownd_start_SSL_session(iphone_lckd_client_t control, const c plist_type result_value_type; char *result_key = NULL; char *result_value = NULL; + uint64_t key_length = 0; + uint64_t val_length = 0; - get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key)); - get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value)); + get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key), &key_length); + get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value), &val_length); - xmlFree(XML_content); + free(XML_content); XML_content = NULL; plist_free(dict); dict = NULL; @@ -872,15 +887,15 @@ iphone_error_t iphone_lckd_start_service(iphone_lckd_client_t client, const char host_id = NULL; plist_new_dict(&dict); - plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "StartService"); - plist_add_dict_element(dict, "Service", PLIST_STRING, (void *) service); + plist_add_dict_element(dict, "Request", PLIST_STRING, (void *) "StartService", strlen("StartService")); + plist_add_dict_element(dict, "Service", PLIST_STRING, (void *) service, strlen(service)); plist_to_xml(dict, &XML_content, &length); /* send to iPhone */ log_debug_msg("Send msg :\nsize : %i\nxml : %s", length, XML_content); ret = iphone_lckd_send(client, XML_content, length, &bytes); - xmlFree(XML_content); + free(XML_content); XML_content = NULL; plist_free(dict); dict = NULL; @@ -916,12 +931,16 @@ iphone_error_t iphone_lckd_start_service(iphone_lckd_client_t client, const char char *result_key = NULL; char *result_value = NULL; char *port_key = NULL; + uint64_t res_key_length = 0; + uint64_t res_val_length = 0; + uint64_t port_key_length = 0; + uint64_t port_val_length = 0; uint64_t port_value = 0; - get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key)); - get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value)); - get_type_and_value(port_key_node, &port_key_type, (void *) (&port_key)); - get_type_and_value(port_value_node, &port_value_type, (void *) (&port_value)); + get_type_and_value(result_key_node, &result_key_type, (void *) (&result_key), &res_key_length); + get_type_and_value(result_value_node, &result_value_type, (void *) (&result_value), &res_val_length); + get_type_and_value(port_key_node, &port_key_type, (void *) (&port_key), &port_key_length); + get_type_and_value(port_value_node, &port_value_type, (void *) (&port_value), &port_val_length); if (result_key_type == PLIST_KEY && result_value_type == PLIST_STRING && diff --git a/src/lockdown.h b/src/lockdown.h index b75d4bf..8b3dd41 100644 --- a/src/lockdown.h +++ b/src/lockdown.h @@ -42,13 +42,14 @@ struct iphone_lckd_client_int { iphone_lckd_client_t new_lockdownd_client(iphone_device_t phone); iphone_error_t lockdownd_hello(iphone_lckd_client_t control); -iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *req_key, char *req_string, char **value); +iphone_error_t lockdownd_generic_get_value(iphone_lckd_client_t control, char *req_key, char *req_string, + gnutls_datum_t * value); iphone_error_t lockdownd_get_device_uid(iphone_lckd_client_t control, char **uid); -iphone_error_t lockdownd_get_device_public_key(iphone_lckd_client_t control, char **public_key); +iphone_error_t lockdownd_get_device_public_key(iphone_lckd_client_t control, gnutls_datum_t * public_key); -iphone_error_t lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char **host_cert_b64, - char **root_cert_b64); -iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *public_key, char *host_id); +iphone_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datum_t * device_cert, + gnutls_datum_t * host_cert, gnutls_datum_t * root_cert); +iphone_error_t lockdownd_pair_device(iphone_lckd_client_t control, char *uid, char *host_id); void lockdownd_close(iphone_lckd_client_t control); // SSL functions diff --git a/src/plist.c b/src/plist.c index 66a74c3..932ea5e 100644 --- a/src/plist.c +++ b/src/plist.c @@ -67,7 +67,7 @@ void plist_new_dict_in_plist(plist_t plist, plist_t * dict) * @param value a pointer to the actual buffer containing the value. WARNING : the buffer is supposed to match the type of the value * */ -void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *value) +void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *value, uint64_t length) { if (!dict || !key || !value) return; @@ -81,6 +81,7 @@ void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *valu //now handle value struct plist_data *val = (struct plist_data *) calloc(sizeof(struct plist_data), 1); val->type = type; + val->length = length; switch (type) { case PLIST_BOOLEAN: @@ -99,7 +100,7 @@ void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *valu val->unicodeval = wcsdup((wchar_t *) value); break; case PLIST_DATA: - val->buff = strdup((char *) value); + memcpy(val->buff, value, length); break; case PLIST_ARRAY: case PLIST_DICT: @@ -195,7 +196,7 @@ plist_t find_node(plist_t plist, plist_type type, void *value) return NULL; } -void get_type_and_value(GNode * node, plist_type * type, void *value) +void get_type_and_value(GNode * node, plist_type * type, void *value, uint64_t * length) { if (!node) return; @@ -203,6 +204,7 @@ void get_type_and_value(GNode * node, plist_type * type, void *value) struct plist_data *data = (struct plist_data *) node->data; *type = data->type; + *length = data->length; switch (*type) { case PLIST_BOOLEAN: diff --git a/src/plist.h b/src/plist.h index ff4bdbf..1dc464a 100644 --- a/src/plist.h +++ b/src/plist.h @@ -67,7 +67,7 @@ typedef GNode *plist_t; void plist_new_dict(plist_t * plist); void plist_new_array(plist_t * plist); void plist_new_dict_in_plist(plist_t plist, plist_t * dict); -void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *value); +void plist_add_dict_element(plist_t dict, char *key, plist_type type, void *value, uint64_t length); void plist_free(plist_t plist); void plist_to_xml(plist_t plist, char **plist_xml, uint32_t * length); @@ -78,6 +78,6 @@ void bin_to_plist(const char *plist_bin, uint32_t length, plist_t * plist); plist_t find_query_node(plist_t plist, char *key, char *request); plist_t find_node(plist_t plist, plist_type type, void *value); -void get_type_and_value(plist_t node, plist_type * type, void *value); +void get_type_and_value(plist_t node, plist_type * type, void *value, uint64_t * length); #endif diff --git a/src/userpref.c b/src/userpref.c index db54679..b707957 100644 --- a/src/userpref.c +++ b/src/userpref.c @@ -114,10 +114,10 @@ int is_device_known(char *uid) * @return 1 on success and 0 if no public key is given or if it has already * been marked as connected previously. */ -int store_device_public_key(char *uid, char *public_key) +int store_device_public_key(char *uid, gnutls_datum_t public_key) { - if (NULL == public_key || is_device_known(uid)) + if (NULL == public_key.data || is_device_known(uid)) return 0; /* ensure config directory exists */ @@ -127,15 +127,11 @@ int store_device_public_key(char *uid, char *public_key) gchar *device_file = g_strconcat(uid, ".pem", NULL); gchar *pem = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, device_file, NULL); - /* decode public key for storing */ - gsize decoded_size; - gchar *data = g_base64_decode(public_key, &decoded_size); /* store file */ FILE *pFile = fopen(pem, "wb"); - fwrite(data, 1, decoded_size, pFile); + fwrite(public_key.data, 1, public_key.size, pFile); fclose(pFile); g_free(pem); - g_free(data); g_free(device_file); return 1; } diff --git a/src/userpref.h b/src/userpref.h index 5171929..450549f 100644 --- a/src/userpref.h +++ b/src/userpref.h @@ -40,7 +40,7 @@ int is_device_known(char *uid); /** * @return 1 if everything went well. Returns 0 otherwise. */ -int store_device_public_key(char *uid, char *public_key); +int store_device_public_key(char *uid, gnutls_datum_t public_key); /** * @return 1 if everything went well. Returns 0 otherwise. diff --git a/src/xplist.c b/src/xplist.c index 3e975f6..2d650b4 100644 --- a/src/xplist.c +++ b/src/xplist.c @@ -165,7 +165,9 @@ void node_to_xml(GNode * node, gpointer xml_struct) case PLIST_DATA: tag = "data"; - val = format_string(node_data->buff, 60, xstruct->depth); + gchar *valtmp = g_base64_encode(node_data->buff, node_data->length); + val = format_string(valtmp, 60, xstruct->depth); + g_free(valtmp); break; case PLIST_ARRAY: tag = "array"; @@ -267,7 +269,9 @@ void xml_to_node(xmlNodePtr xml_node, plist_t * plist_node) } if (!xmlStrcmp(node->name, "data")) { - data->buff = strdup(xmlNodeGetContent(node)); + gsize size = 0; + data->buff = g_base64_decode(xmlNodeGetContent(node), &size); + data->length = size; data->type = PLIST_DATA; continue; } -- cgit v1.1-32-gdbae