|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
1 |
/**
|
2 |
* Copyright (C) 2007 International Business Machines
|
|
3 |
* Author(s): Michael Halcrow <mhalcrow@us.ibm.com>
|
|
4 |
*
|
|
5 |
* This program is free software; you can redistribute it and/or
|
|
6 |
* modify it under the terms of the GNU General Public License as
|
|
7 |
* published by the Free Software Foundation; either version 2 of the
|
|
8 |
* License, or (at your option) any later version.
|
|
9 |
*
|
|
10 |
* This program is distributed in the hope that it will be useful, but
|
|
11 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
12 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
13 |
* General Public License for more details.
|
|
14 |
*
|
|
15 |
* You should have received a copy of the GNU General Public License
|
|
16 |
* along with this program; if not, write to the Free Software
|
|
17 |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
|
|
18 |
* 02111-1307, USA.
|
|
19 |
*/
|
|
20 |
||
21 |
#include <unistd.h> |
|
22 |
#include <sys/stat.h> |
|
23 |
#include <sys/types.h> |
|
24 |
#include <pwd.h> |
|
25 |
#include <stdio.h> |
|
26 |
#include <stdlib.h> |
|
27 |
#include <termios.h> |
|
28 |
#include <string.h> |
|
29 |
#include <errno.h> |
|
30 |
#include "ecryptfs.h" |
|
31 |
#include "io.h" |
|
32 |
||
33 |
/**
|
|
34 |
* TODO: Use decision graph here
|
|
35 |
*/
|
|
36 |
int ecryptfs_generate_key(void) |
|
37 |
{
|
|
38 |
return -EINVAL; |
|
39 |
/* struct ecryptfs_ctx ctx;
|
|
40 |
struct ecryptfs_key_mod *key_mod = NULL;
|
|
41 |
char *home;
|
|
42 |
char *directory;
|
|
43 |
char *file;
|
|
44 |
uid_t id;
|
|
45 |
struct passwd *pw;
|
|
46 |
int rc = 0;
|
|
47 |
||
48 |
id = getuid();
|
|
49 |
pw = getpwuid(id);
|
|
50 |
home = pw->pw_dir;
|
|
51 |
printf("\n");
|
|
52 |
printf("This is the eCryptfs key generation utility. At any time \n"
|
|
53 |
"you may hit enter to selected a default option appearing in \n"
|
|
54 |
"brackets.\n");
|
|
55 |
printf("\n");
|
|
56 |
if ((rc = ecryptfs_get_key_mod_list(&ctx))) {
|
|
57 |
fprintf(stderr, "Error: eCryptfs was unable to initialize the "
|
|
58 |
"PKI modules.\n");
|
|
59 |
return 0;
|
|
60 |
}
|
|
61 |
if (ecryptfs_select_key_mod(&key_mod, &ctx)) {
|
|
62 |
fprintf(stderr, "Error: Problem loading the selected PKI.\n");
|
|
63 |
return 0;
|
|
64 |
}
|
|
65 |
file = malloc(MAX_PATH_SIZE);
|
|
66 |
if (!file) {
|
|
67 |
fprintf(stderr, "Out of memory\n");
|
|
68 |
return 0;
|
|
69 |
}
|
|
70 |
printf("\nEnter the filename where the key should be written.\n"
|
|
71 |
"[%s%s%s/key.pem]:", home, "/.ecryptfs/pki/",
|
|
72 |
key_mod->alias);
|
|
73 |
get_string(file, MAX_PATH_SIZE, ECHO);
|
|
74 |
if (*file == '\0')
|
|
75 |
memcpy(file, "key.pem", 8);
|
|
76 |
if (*file == '/') {
|
|
77 |
rc = key_mod->ops->generate_key(file);
|
|
78 |
if (rc) {
|
|
79 |
fprintf(stderr, "Error: unable to write key to file\n");
|
|
80 |
return 0;
|
|
81 |
}
|
|
82 |
} else {
|
|
83 |
rc = create_default_dir(home, selected_pki);
|
|
84 |
if (rc) {
|
|
85 |
fprintf(stderr, "Error: unable to create default pki directory\n");
|
|
86 |
goto out;
|
|
87 |
}
|
|
88 |
rc = create_subdirectory(file, home, selected_pki);
|
|
89 |
if (rc) {
|
|
90 |
fprintf(stderr, "Error: unable to create the desired subdirectories\n");
|
|
91 |
goto out;
|
|
92 |
}
|
|
93 |
rc = asprintf(&directory, "%s/.ecryptfs/pki/%s/%s", home,
|
|
94 |
selected_pki->pki_name, file);
|
|
95 |
if (rc == -1) {
|
|
96 |
fprintf(stderr, "Out of memory\n");
|
|
97 |
rc = 0;
|
|
98 |
goto out;
|
|
99 |
}
|
|
100 |
rc = selected_pki->ops.generate_key(directory);
|
|
101 |
if (rc)
|
|
102 |
fprintf(stderr, "Error: unable to write key to file\n");
|
|
103 |
}
|
|
104 |
out:
|
|
105 |
return rc; */
|
|
106 |
}
|
|
107 |
||
108 |
int
|
|
109 |
create_subdirectory(char *file, char *home, struct ecryptfs_key_mod *key_mod) |
|
110 |
{
|
|
111 |
char *substring; |
|
112 |
char *directory; |
|
113 |
int rc = 0; |
|
114 |
||
115 |
substring = file; |
|
116 |
while((substring = strstr(substring, "/")) != NULL) { |
|
117 |
char temp = *(substring + 1); |
|
118 |
*(substring + 1) = '\0'; |
|
119 |
if (asprintf(&directory, "%s/.ecryptfs/pki/%s/%s", |
|
120 |
home, key_mod->alias, file) < 0) { |
|
121 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
122 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
123 |
goto out; |
124 |
}
|
|
125 |
printf("%s\n",directory); |
|
126 |
if (mkdir(directory,0700) != 0 && errno != EEXIST) { |
|
127 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
128 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
129 |
goto out; |
130 |
}
|
|
131 |
free(directory); |
|
132 |
*(substring + 1) = temp; |
|
133 |
substring = substring + 1; |
|
134 |
}
|
|
135 |
out: |
|
136 |
return rc; |
|
137 |
}
|
|
138 |
||
139 |
int create_default_dir(char *home, struct ecryptfs_key_mod *key_mod) |
|
140 |
{
|
|
141 |
char *directory; |
|
142 |
int rc = 0; |
|
143 |
||
144 |
if (asprintf(&directory, "%s/.ecryptfs/", home) < 0) { |
|
145 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
146 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
147 |
goto out; |
148 |
}
|
|
149 |
if (mkdir(directory,0700) != 0 && errno != EEXIST) { |
|
150 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
151 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
152 |
goto out; |
153 |
}
|
|
154 |
free(directory); |
|
155 |
if (asprintf(&directory, "%s/.ecryptfs/pki/", home) < 0) { |
|
156 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
157 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
158 |
goto out; |
159 |
}
|
|
160 |
if (mkdir(directory,0700) != 0 && errno != EEXIST) { |
|
161 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
162 |
fprintf(stderr, "Error: %m"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
163 |
goto out; |
164 |
}
|
|
165 |
free(directory); |
|
166 |
if (asprintf(&directory, "%s/.ecryptfs/pki/%s/", home, |
|
167 |
key_mod->alias) < 0) { |
|
168 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
169 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
170 |
goto out; |
171 |
}
|
|
172 |
if (mkdir(directory,0700) != 0 && errno != EEXIST) { |
|
173 |
rc = errno; |
|
|
306.1.1
by Michal Hlavinka
use %m instead of strerror(errno) everywhere |
174 |
fprintf(stderr, "Error: %m\n"); |
|
2
by mhalcrow@us.ibm.com
Initial import of eCryptfs filesystem userspace utilities (mount helper, daemon component, |
175 |
goto out; |
176 |
}
|
|
177 |
free(directory); |
|
178 |
out: |
|
179 |
return rc; |
|
180 |
}
|