implement pgp support

add mechanisms to receive the door key through a pgp encrypted message.
the client script checkes if it is nessesary to decrypt through pgp and does so elsewise.
He detects this by comparing the first 4 bytes of the key, so there is a chance for a false hit, but the next run of the script will then ask for the pwd most likely. using hashes would be more secure but requires more client tools.
This commit is contained in:
Daniel Poelzleithner 2010-04-23 20:09:57 +02:00 committed by test
parent bca0f3a8e7
commit 5a079ed771
5 changed files with 100 additions and 0 deletions

47
door/recover.lua Normal file
View File

@ -0,0 +1,47 @@
#!/usr/bin/env lua
require 'luasql.postgres'
require 'md5'
require 'helper'
require 'token'
require 'config'
function fail(msg)
print "Status: 423 Locked"
print ""
print("Error: " .. msg)
end
print "Content-Type: text/plain"
prefix = os.getenv("QUERY_STRING")
env = luasql.postgres()
con = env:connect(config.db)
if prefix == nil or prefix == "" then
fail("No token given")
else
if prefix:sub(1, 2) == "t=" then
prefix = prefix:sub(3)
end
if prefix:len() == config.prefix_len then
if not is_bruteforce(con) then
msg, why = encrypt_key(prefix)
if not msg then
fail(why)
end
print("")
print(msg)
else
fail("Stop bruteforcing, this box is too slow")
end
else
fail("Invalid token")
end
end
con:close()
env:close()

39
door/setpgp.lua Normal file
View File

@ -0,0 +1,39 @@
#!/usr/bin/env lua
require 'luasql.postgres'
require 'helper'
require 'config'
require 'token'
require 'base64'
function exit(env, con)
con:close()
env:close()
os.exit()
end
print "set gpg token ..."
env = luasql.postgres()
con = env:connect(config.db)
io.stdout:write("enter prefix: ")
prefix = io.stdin:read()
if prefix == "" then
print "* action canceled"
else
local pgp_id = con:execute("select gpg_id from tokens where prefix='"..prefix.."';"):fetch()
if pgp_id then
print("current gpg_id: "..pgp_id)
else
print("current gpg_id: none")
end
edit_pgp(prefix)
end
exit(env,con)

1
setpgp Symbolic link
View File

@ -0,0 +1 @@
door/magic_run

1
www/recover Symbolic link
View File

@ -0,0 +1 @@
../door/magic_run

12
www/recover.html Normal file
View File

@ -0,0 +1,12 @@
<html>
<head>
<link rel="stylesheet" type="text/css" href="./mole.css">
</head>
<body>
Enter your prefix:
<form action="recover" method="get"><input name="t" size="10" /><br/>
<input type="submit" value="Recover key"></form><br/>
<a href="/">Back</a><br/><br/>
<small>Powered by<br/><img width="80" height="121" src="./mole_people.jpg" alt="Mole People" border="0"/>
</body>
</html>