~ubuntu-branches/debian/stretch/uswsusp/stretch

« back to all changes in this revision

Viewing changes to keygen.c

Committer: Bazaar Package Importer
Author(s): Matthew Garrett
Date: 2006-08-11 09:42:59 UTC
Revision ID: james.westby@ubuntu.com-20060811094259-xbpx53fo39c0xl8y

Tags: 0.1

Initial Release.

files added:

.bzr-builddeb

.bzr-builddeb/default.conf

HOWTO

LICENSE

Makefile

README

TODO

conf

conf/suspend.conf

config.c

config.h

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/dirs

debian/rules

debian/uswsusp.hooks

encrypt.c

encrypt.h

keygen.c

lzf/Changes

lzf/LICENSE

lzf/Makefile

lzf/README

lzf/crc32.h

lzf/install-sh

lzf/lzf

lzf/lzf.c

lzf/lzf.h

lzf/lzfP.h

lzf/lzf_c.c

lzf/lzf_d.c

md5.c

md5.h

resume.c

scripts

scripts/create-resume-initrd.sh

scripts/install-resume.sh

splash.c

splash.h

suspend.c

swsusp.h

vt.c

vt.h

whitelist.c

Show diffs side-by-side

added added

removed removed

keygen.c

* keygen.c

* RSA key generator for the suspend and resume tools.

* This file is released under the GPLv2.

#include <sys/types.h>

#include <sys/stat.h>

#include <fcntl.h>

#include <unistd.h>

#include <errno.h>

#include <stdlib.h>

#include <stdio.h>

#include <string.h>

#include <termios.h>

#include "md5.h"

#include "encrypt.h"

#define MIN_KEY_BITS 1024

#define MAX_KEY_BITS 4096

#define MAX_OUT_SIZE (sizeof(struct RSA_data))

#define MAX_STR_LEN 256

#define DEFAULT_FILE "suspend.key"

static char in_buffer[MAX_STR_LEN];

static char pass_buf[MAX_STR_LEN];

static struct RSA_data rsa;

static unsigned char encrypt_buffer[RSA_DATA_SIZE];

int main(int argc, char *argv[])

{

gcry_ac_data_t rsa_data_set;

gcry_ac_handle_t rsa_hd;

gcry_ac_key_t rsa_priv;

gcry_ac_key_pair_t rsa_key_pair;

gcry_mpi_t mpi;

size_t offset;

int len = MIN_KEY_BITS, ret = EXIT_SUCCESS;

struct termios termios;

char *vrfy_buf;

struct md5_ctx ctx;

unsigned char key_buf[PK_KEY_SIZE];

gcry_cipher_hd_t sym_hd;

unsigned char ivec[PK_CIPHER_BLOCK];

unsigned short size;

int j, fd;

printf("libgcrypt version: %s\n", gcry_check_version(NULL));

gcry_control(GCRYCTL_INIT_SECMEM, 4096, 0);

ret = gcry_ac_open(&rsa_hd, GCRY_AC_RSA, 0);

if (ret)

return ret;

do {

printf("Key bits (between %d and %d inclusive) [%d]: ",

MIN_KEY_BITS, MAX_KEY_BITS, len);

fgets(in_buffer, MAX_STR_LEN, stdin);

if (strlen(in_buffer) && *in_buffer != '\n')

sscanf(in_buffer, "%d", &len);

} while (len < MIN_KEY_BITS || len > MAX_KEY_BITS);

Retry:

printf("Generating %d-bit RSA keys. Please wait.\n", len);

ret = gcry_ac_key_pair_generate(rsa_hd, len, NULL, &rsa_key_pair, NULL);

if (ret) {

fprintf(stderr, "Key generation failed: %s\n", gcry_strerror(ret));

ret = EXIT_FAILURE;

goto Close_RSA;

}

printf("Testing the private key. Please wait.\n");

rsa_priv = gcry_ac_key_pair_extract(rsa_key_pair, GCRY_AC_KEY_SECRET);

ret = gcry_ac_key_test(rsa_hd, rsa_priv);

if (ret) {

printf("RSA key test failed. Retrying.\n");

goto Retry;

}

rsa_data_set = gcry_ac_key_data_get(rsa_priv);

if (gcry_ac_data_length(rsa_data_set) != RSA_FIELDS) {

fprintf(stderr, "Wrong number of key fields\n");

ret = -EINVAL;

goto Free_RSA;

}

/* Convert the key length into bytes */

size = (len + 7) >> 3;

/* Copy the public key components to struct RSA_data */

offset = 0;

for (j = 0; j < RSA_FIELDS_PUB; j++) {

char *str;

size_t s;

if (offset + size >= RSA_DATA_SIZE)

100

goto Free_RSA;

101

102

gcry_ac_data_get_index(rsa_data_set, GCRY_AC_FLAG_COPY, j,

103

(const char **)&str, &mpi);

104

gcry_mpi_print(GCRYMPI_FMT_USG, rsa.data + offset,

105

size, &s, mpi);

106

rsa.field[j][0] = str[0];

107

rsa.field[j][1] = '\0';

108

rsa.size[j] = s;

109

offset += s;

110

gcry_mpi_release(mpi);

111

gcry_free(str);

112

}

113

114

tcgetattr(0, &termios);

115

termios.c_lflag &= ~ECHO;

116

termios.c_lflag |= ICANON | ECHONL;

117

tcsetattr(0, TCSANOW, &termios);

118

vrfy_buf = (char *)encrypt_buffer;

119

do {

120

do {

121

printf("Passphrase please (must be non-empty): ");

122

fgets(pass_buf, MAX_STR_LEN, stdin);

123

len = strlen(pass_buf) - 1;

124

} while (len <= 0);

125

if (pass_buf[len] == '\n')

126

pass_buf[len] = '\0';

127

printf("Confirm passphrase: ");

128

fgets(vrfy_buf, MAX_STR_LEN, stdin);

129

if (vrfy_buf[len] == '\n')

130

vrfy_buf[len] = '\0';

131

} while (strncmp(pass_buf, vrfy_buf, MAX_STR_LEN));

132

termios.c_lflag |= ECHO;

133

tcsetattr(0, TCSANOW, &termios);

134

135

memset(ivec, 0, PK_CIPHER_BLOCK);

136

strncpy((char *)ivec, pass_buf, PK_CIPHER_BLOCK);

137

md5_init_ctx(&ctx);

138

md5_process_bytes(pass_buf, strlen(pass_buf), &ctx);

139

md5_finish_ctx(&ctx, key_buf);

140

141

/* First, we encrypt the key test */

142

ret = gcry_cipher_open(&sym_hd, PK_CIPHER, GCRY_CIPHER_MODE_CFB,

143

GCRY_CIPHER_SECURE);

144

if (ret)

145

goto Free_RSA;

146

147

ret = gcry_cipher_setkey(sym_hd, key_buf, PK_KEY_SIZE);

148

if (!ret)

149

ret = gcry_cipher_setiv(sym_hd, ivec, PK_CIPHER_BLOCK);

150

151

if (!ret)

152

ret = gcry_cipher_encrypt(sym_hd, rsa.key_test, KEY_TEST_SIZE,

153

KEY_TEST_DATA, KEY_TEST_SIZE);

154

155

gcry_cipher_close(sym_hd);

156

if (ret)

157

goto Free_RSA;

158

159

/* Now, we can encrypt the private RSA key */

160

ret = gcry_cipher_open(&sym_hd, PK_CIPHER, GCRY_CIPHER_MODE_CFB,

161

GCRY_CIPHER_SECURE);

162

if (ret)

163

goto Free_RSA;

164

165

ret = gcry_cipher_setkey(sym_hd, key_buf, PK_KEY_SIZE);

166

if (!ret)

167

ret = gcry_cipher_setiv(sym_hd, ivec, PK_CIPHER_BLOCK);

168

169

if (ret)

170

goto Free_sym;

171

172

/* Copy the private key components (encrypted) to struct RSA_data */

173

for (j = RSA_FIELDS_PUB; j < RSA_FIELDS; j++) {

174

char *str;

175

size_t s;

176

177

if (offset + size >= RSA_DATA_SIZE)

178

goto Free_sym;

179

180

gcry_ac_data_get_index(rsa_data_set, GCRY_AC_FLAG_COPY, j,

181

(const char **)&str, &mpi);

182

gcry_mpi_print(GCRYMPI_FMT_USG, rsa.data + offset,

183

size, &s, mpi);

184

185

/* We encrypt the data in place */

186

ret = gcry_cipher_encrypt(sym_hd, rsa.data + offset, s, NULL, 0);

187

if (ret)

188

goto Free_sym;

189

190

rsa.field[j][0] = str[0];

191

rsa.field[j][1] = '\0';

192

rsa.size[j] = s;

193

offset += s;

194

gcry_mpi_release(mpi);

195

gcry_free(str);

196

}

197

198

size = offset + sizeof(struct RSA_data) - RSA_DATA_SIZE;

199

200

printf("File name [%s]: ", DEFAULT_FILE);

201

fgets(in_buffer, MAX_STR_LEN, stdin);

202

if (!strlen(in_buffer) || *in_buffer == '\n')

203

strcpy(in_buffer, DEFAULT_FILE);

204

else if (in_buffer[strlen(in_buffer)-1] == '\n')

205

in_buffer[strlen(in_buffer)-1] = '\0';

206

fd = open(in_buffer, O_RDWR | O_CREAT | O_TRUNC, 00600);

207

if (fd >= 0) {

208

write(fd, &rsa, size);

209

close(fd);

210

} else {

211

fprintf(stderr, "Could not open the file %s\n", in_buffer);

212

ret = EXIT_FAILURE;

213

}

214

Free_sym:

215

gcry_cipher_close(sym_hd);

216

Free_RSA:

217

gcry_ac_data_destroy(rsa_data_set);

218

Close_RSA:

219

gcry_ac_close(rsa_hd);

220

221

return ret;

222

}

Older »