2 * Copyright (c) 2011-2012 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@dragonflybsd.org>
6 * by Venkatesh Srinivas <vsrinivas@dragonflybsd.org>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
18 * 3. Neither the name of The DragonFly Project nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific, prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
27 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
29 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
30 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
31 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
32 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <openssl/rsa.h> /* public/private key functions */
39 #include <openssl/pem.h> /* public/private key file load */
40 #include <openssl/err.h>
43 * Should be run as root. Creates /etc/hammer2/rsa.{pub,prv} using
47 cmd_rsainit(const char *dir_path
)
57 * Create the directory if necessary
59 if (stat(dir_path
, &st
) < 0) {
60 str1
= strdup(dir_path
);
63 while ((str2
= strchr(str2
+ 1, '/')) != NULL
) {
71 asprintf(&str1
, "%s/rsa.prv", dir_path
);
72 asprintf(&str2
, "%s/rsa.pub", dir_path
);
74 if (stat(str1
, &st
) < 0) {
75 old_umask
= umask(077);
76 asprintf(&cmd
, "openssl genrsa -out %s 2048", str1
);
83 "hammer2 rsainit: private key gen failed\n");
88 printf("hammer2 rsainit: created %s\n", str1
);
91 printf("hammer2 rsainit: Using existing private key in %s\n",
94 if (stat(str2
, &st
) < 0) {
95 asprintf(&cmd
, "openssl rsa -in %s -out %s -pubout",
101 "hammer2 rsainit: public key gen failed\n");
106 printf("hammer2 rsainit: created %s\n", str2
);
108 printf("hammer2 rsainit: both keys already exist\n");
117 cmd_rsaenc(const char **keyfiles
, int nkeys
)
119 RSA
**keys
= calloc(nkeys
, sizeof(RSA
*));
120 int *ispub
= calloc(nkeys
, sizeof(int));
126 unsigned char *data_in
;
127 unsigned char *data_out
;
129 for (i
= 0; i
< nkeys
; ++i
) {
133 sfx
= strrchr(keyfiles
[i
], '.');
134 if (sfx
&& strcmp(sfx
, ".pub") == 0) {
135 fp
= fopen(keyfiles
[i
], "r");
137 fprintf(stderr
, "hammer2 rsaenc: unable to "
138 "open %s\n", keyfiles
[i
]);
142 keys
[i
] = PEM_read_RSA_PUBKEY(fp
, NULL
, NULL
, NULL
);
145 if (keys
[i
] == NULL
) {
146 fprintf(stderr
, "hammer2 rsaenc: unable to "
147 "parse public key from %s\n",
152 } else if (sfx
&& strcmp(sfx
, ".prv") == 0) {
153 fp
= fopen(keyfiles
[i
], "r");
155 fprintf(stderr
, "hammer2 rsaenc: unable to "
156 "open %s\n", keyfiles
[i
]);
160 keys
[i
] = PEM_read_RSAPrivateKey(fp
, NULL
, NULL
, NULL
);
162 if (keys
[i
] == NULL
) {
163 fprintf(stderr
, "hammer2 rsaenc: unable to "
164 "parse private key from %s\n",
170 fprintf(stderr
, "hammer2: rsaenc: key files must end "
171 "in .pub or .prv\n");
176 blksize
= RSA_size(keys
[i
]);
178 assert(blksize
== RSA_size(keys
[i
]));
180 fprintf(stderr
, "blksize %d\n", blksize
);
185 data_in
= malloc(blksize
);
186 data_out
= malloc(blksize
);
188 while ((n
= read(0, data_in
+ off
, blksize
- off
)) > 0) {
190 if (off
== blksize
) {
191 for (i
= 0; i
< nkeys
; ++i
) {
193 RSA_public_encrypt(blksize
,
198 RSA_private_encrypt(blksize
,
203 bcopy(data_out
, data_in
, blksize
);
205 if (write(1, data_out
, blksize
) != blksize
) {
213 if (off
&& ecode
== 0) {
215 bzero(data_in
+ off
, blksize
- off
);
216 for (i
= 0; i
< nkeys
; ++i
) {
218 RSA_public_encrypt(blksize
,
223 RSA_private_encrypt(blksize
,
228 bcopy(data_out
, data_in
, blksize
);
230 if (write(1, data_out
, blksize
) != blksize
) {
242 for (i
= 0; i
< nkeys
; ++i
) {
252 cmd_rsadec(const char **keyfiles
, int nkeys
)
254 RSA
**keys
= calloc(nkeys
, sizeof(RSA
*));
255 int *ispub
= calloc(nkeys
, sizeof(int));
261 unsigned char *data_in
;
262 unsigned char *data_out
;
264 for (i
= 0; i
< nkeys
; ++i
) {
268 sfx
= strrchr(keyfiles
[i
], '.');
269 if (sfx
&& strcmp(sfx
, ".pub") == 0) {
270 fp
= fopen(keyfiles
[i
], "r");
272 fprintf(stderr
, "hammer2 rsaenc: unable to "
273 "open %s\n", keyfiles
[i
]);
277 keys
[i
] = PEM_read_RSA_PUBKEY(fp
, NULL
, NULL
, NULL
);
280 if (keys
[i
] == NULL
) {
281 fprintf(stderr
, "hammer2 rsaenc: unable to "
282 "parse public key from %s\n",
287 } else if (sfx
&& strcmp(sfx
, ".prv") == 0) {
288 fp
= fopen(keyfiles
[i
], "r");
290 fprintf(stderr
, "hammer2 rsaenc: unable to "
291 "open %s\n", keyfiles
[i
]);
295 keys
[i
] = PEM_read_RSAPrivateKey(fp
, NULL
, NULL
, NULL
);
297 if (keys
[i
] == NULL
) {
298 fprintf(stderr
, "hammer2 rsaenc: unable to "
299 "parse private key from %s\n",
305 fprintf(stderr
, "hammer2: rsaenc: key files must end "
306 "in .pub or .prv\n");
311 blksize
= RSA_size(keys
[i
]);
313 assert(blksize
== RSA_size(keys
[i
]));
319 data_in
= malloc(blksize
);
320 data_out
= malloc(blksize
);
322 while ((n
= read(0, data_in
+ off
, blksize
- off
)) > 0) {
324 if (off
== blksize
) {
325 for (i
= 0; i
< nkeys
; ++i
) {
327 RSA_public_decrypt(blksize
,
332 RSA_private_decrypt(blksize
,
337 bcopy(data_out
, data_in
, blksize
);
339 if (write(1, data_out
, blksize
) != blksize
) {
349 bzero(data_in
+ off
, blksize
- off
);
350 for (i
= 0; i
< nkeys
; ++i
) {
352 RSA_public_decrypt(blksize
,
357 RSA_private_decrypt(blksize
,
362 bcopy(data_out
, data_in
, blksize
);
364 if (write(1, data_out
, blksize
) != blksize
) {
376 for (i
= 0; i
< nkeys
; ++i
) {