From d139d95538a3f7d41e66baae5a5173bffe0ca45d Mon Sep 17 00:00:00 2001
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sun, 18 May 2008 19:49:41 +0200
Subject: [PATCH] Add the scripts that generate the blacklist data

---
 gen/dev-openssl.pl | 33 +++++++++++++++++++++++++++++++++
 gen/dev-openssl.sh |  7 +++++++
 gen/dev-ssh.sh     |  7 +++++++
 gen/gen-openssl.sh | 42 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 89 insertions(+)
 create mode 100644 gen/dev-openssl.pl
 create mode 100644 gen/dev-openssl.sh
 create mode 100644 gen/dev-ssh.sh
 create mode 100644 gen/gen-openssl.sh

diff --git a/gen/dev-openssl.pl b/gen/dev-openssl.pl
new file mode 100644
index 0000000..06712d4
--- /dev/null
+++ b/gen/dev-openssl.pl
@@ -0,0 +1,33 @@
+use strict;
+use warnings;
+
+while (my $line = <STDIN>) {
+    if ($line =~ /^Modulus=([0-9A-F]+)$/) {
+	my $mod = $1;
+	$mod = substr $mod, length($mod) - 32;
+	$mod =~ y/A-F/a-f/;
+	my @mod = $mod =~ /(..)/g;
+	print join('', reverse @mod) . "\n";
+    } else {
+	chomp $line;
+	warn "warning: unparsable line: $line\n";
+    }
+}
+
+__END__
+# Old version, uses -text output
+
+while (my $line = <STDIN>) {
+    last if $line =~ /^modulus:/;
+}
+
+my @bytes;
+while (my $line = <STDIN>) {
+    last if $line !~ /^\s/;
+    chomp $line;
+    $line =~ s/^\s+//;
+    push @bytes, split m/:/, $line;
+}
+
+print join("", (reverse @bytes)[0..15]) . "\n";
+
diff --git a/gen/dev-openssl.sh b/gen/dev-openssl.sh
new file mode 100644
index 0000000..11b6856
--- /dev/null
+++ b/gen/dev-openssl.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+export LC_ALL=C
+
+find "$@" -name '*.key' -print | sort | while read file ; do
+    openssl rsa -noout -modulus -in "$file"
+done | perl dev-openssl.pl
diff --git a/gen/dev-ssh.sh b/gen/dev-ssh.sh
new file mode 100644
index 0000000..568fbd5
--- /dev/null
+++ b/gen/dev-ssh.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+export LC_ALL=C
+
+find "$@" -name '*.pub' -print | sort | while read file ; do
+    ssh-keygen -l -f "$file" | cut -d ' ' -f2 | tr -d :
+done
diff --git a/gen/gen-openssl.sh b/gen/gen-openssl.sh
new file mode 100644
index 0000000..8a5daca
--- /dev/null
+++ b/gen/gen-openssl.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+set -e
+
+if ! test -e "$HOME" ; then
+    echo "home directory $HOME does not exist"
+    exit 2
+fi
+
+type=$1
+case "$type" in
+    rsa[0-9]*)
+	bits=$(echo "$type" | cut --bytes 4-)
+	type=rsa
+	;;
+    dsa)
+	bits=
+	;;
+    ?*)
+	echo "key type argument invalid"
+	exit 1
+	;;
+    *)
+	echo "key type argument missing"
+	exit 1
+	;;
+esac
+
+arch=$(dpkg-architecture -qDEB_HOST_ARCH)
+dso=./setpid-$arch.so
+
+prefix=keys/openssl/$arch/$type$bits
+rm -rf $prefix
+mkdir -p $prefix/rnd
+
+for x in {1..32767} ; do
+    echo "*** PID $x"
+    rm -f $HOME/.rnd
+    LD_PRELOAD=$dso SETPID=$x openssl gen$type -out $prefix/$x.key $bits
+    test -e $HOME/.rnd
+    LD_PRELOAD=$dso SETPID=$x openssl gen$type -out $prefix/$x-rnd.key $bits
+done
-- 
2.11.4.GIT