From c6a6581996b2367056c0782f3b5e42bd691d8f53 Mon Sep 17 00:00:00 2001
From: Aaron Ball <nullspoon@oper.io>
Date: Mon, 12 Oct 2020 19:11:16 -0600
Subject: Initial commit

This can encrypt the given password, passed as the first argument.
The encrypted value is written to stdout, so to use it it must be
redirected to the intended path.

If the first argument is a path to a file, the file will be read and
decrypted to stdout.
---
 Makefile   |  4 ++++
 README.rst | 15 +++++++++++++++
 main.c     | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 72 insertions(+)
 create mode 100644 Makefile
 create mode 100644 README.rst
 create mode 100644 main.c

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..0d33524
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,4 @@
+CCOPTS = --std=c99 -Wall -Werror -O2
+
+all:
+	cc $(CCOPTS) -o kcpasswd main.c
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..6122cb7
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,15 @@
+README
+======
+
+The MacOS ``/etc/kcpassword`` file controls logins
+
+Usage
+-----
+
+To encrypt a password::
+
+  kcpasswd <password>
+
+To decrypt a kcpassword file::
+
+  kcpasswd /path/to/file
diff --git a/main.c b/main.c
new file mode 100644
index 0000000..c065116
--- /dev/null
+++ b/main.c
@@ -0,0 +1,53 @@
+#include <stdio.h>
+#include <string.h>
+
+#define MAXLEN 256
+
+int readfile(char* path, char* buf) {
+  FILE* fd;
+  fd = fopen(path, "r");
+  if(!fd)
+    return -1;
+  fgets(buf, MAXLEN, fd);
+  fclose(fd);
+  return 0;
+}
+
+void applexor(char* msg, char* out) {
+  int keys[] = {125, 137, 82, 35, 210, 188, 221, 234, 163, 185, 31};
+  int i = 0;
+
+  // Encrypt/decrypt (xor)
+  for(i=0; msg[i] != '\0'; i++)
+    out[i] = msg[i] ^ keys[i % 11];
+
+  // If the previous char wasn't a null byte, we are likely encrypting not
+  // decrypting, so add a null byte.
+  if(out[i-1] != '\0') {
+    out[i] = '\0' ^ keys[i % 11];
+    i++;
+  }
+
+  // Append until we hit a multiple of 12
+  for(; i%12 != 0; i++)
+    out[i] = msg[i%strlen(msg)] ^ keys[i % 11];
+  out[i] = '\0' ;
+}
+
+int main(int argc, char* argv[]) {
+  char in[MAXLEN];
+  char out[MAXLEN];
+  if(argc == 1) {
+    printf("Must provide path to file or a password to encrypt\n");
+    return 1;
+  }
+
+  // If the file can't be opened, try to use the "path" as a password
+  if(readfile(argv[1], in) == -1)
+    strcpy(in, argv[1]);
+
+  applexor(in, out);
+
+  printf("%s\n", out);
+  return 0;
+}
-- 
cgit v1.2.3