src/psk.c

   1 /*
   2  * Copyright (C) 2005, 2007, 2008, 2009 Free Software Foundation
   3  *
   4  * This file is part of GNUTLS.
   5  *
   6  * GNUTLS is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * GNUTLS is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 #include <config.h>
  21
  22 /* Gnulib portability files. */
  23 #include <version-etc.h>
  24 #include <progname.h>
  25
  26 #ifndef ENABLE_PSK
  27
  28 #include <stdio.h>
  29
  30 int
  31 main (int argc, char **argv)
  32 {
  33   printf ("\nPSK not supported. This program is a dummy.\n\n");
  34   return 1;
  35 };
  36
  37 #else
  38
  39 #include <stdio.h>
  40 #include <string.h>
  41 #include <stdlib.h>
  42 #include <gnutls/gnutls.h>
  43 #include <gnutls/extra.h>
  44 #include <psk-gaa.h>
  45
  46 #include "../lib/random.h"      /* for random */
  47
  48 #include <sys/types.h>
  49 #include <sys/stat.h>
  50
  51 #ifndef _WIN32
  52 # include <pwd.h>
  53 # include <unistd.h>
  54 #else
  55 # include <windows.h>
  56 #endif
  57
  58 /* Gnulib portability files. */
  59 #include <minmax.h>
  60 #include "getpass.h"
  61
  62 static int write_key (const char *username, const char *key, int key_size,
  63                       char *passwd_file);
  64
  65 #define KPASSWD "/etc/passwd.psk"
  66 #define MAX_KEY_SIZE 64
  67 int
  68 main (int argc, char **argv)
  69 {
  70   gaainfo info;
  71   int ret;
  72   struct passwd *pwd;
  73   unsigned char key[MAX_KEY_SIZE];
  74   char hex_key[MAX_KEY_SIZE * 2 + 1];
  75   gnutls_datum_t dkey;
  76   size_t hex_key_size = sizeof (hex_key);
  77
  78   set_program_name (argv[0]);
  79
  80   if ((ret = gnutls_global_init ()) < 0)
  81     {
  82       fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
  83       exit (1);
  84     }
  85
  86   umask (066);
  87
  88   if (gaa (argc, argv, &info) != -1)
  89     {
  90       fprintf (stderr, "Error in the arguments.\n");
  91       return -1;
  92     }
  93
  94   if (info.passwd == NULL)
  95     info.passwd = (char*) KPASSWD;
  96
  97   if (info.username == NULL)
  98     {
  99 #ifndef _WIN32
 100       pwd = getpwuid (getuid ());
 101
 102       if (pwd == NULL)
 103         {
 104           fprintf (stderr, "No such user\n");
 105           return -1;
 106         }
 107
 108       info.username = pwd->pw_name;
 109 #else
 110       fprintf (stderr, "Please specify a user\n");
 111       return -1;
 112 #endif
 113     }
 114
 115   if (info.key_size > MAX_KEY_SIZE)
 116     {
 117       fprintf (stderr, "Key size is too long\n");
 118       exit (1);
 119     }
 120
 121   if (info.netconf_hint)
 122     {
 123       char *passwd;
 124
 125       if (info.key_size != 0 && info.key_size != 20)
 126         {
 127           fprintf (stderr, "For netconf, key size must always be 20.\n");
 128           exit (1);
 129         }
 130
 131       passwd = getpass ("Enter password: ");
 132       if (passwd == NULL)
 133         {
 134           fprintf (stderr, "Please specify a password\n");
 135           exit (1);
 136         }
 137
 138       ret = gnutls_psk_netconf_derive_key (passwd,
 139                                            info.username,
 140                                            info.netconf_hint, &dkey);
 141       if (ret < 0)
 142         {
 143           fprintf (stderr, "Deriving the key failed\n");
 144           exit (1);
 145         }
 146     }
 147   else
 148     {
 149       if (info.key_size < 1)
 150         info.key_size = 16;
 151
 152       printf ("Generating a random key for user '%s'\n", info.username);
 153
 154       ret = _gnutls_rnd (GNUTLS_RND_RANDOM, (char *) key, info.key_size);
 155       if (ret < 0)
 156         {
 157           fprintf (stderr, "Not enough randomness\n");
 158           exit (1);
 159         }
 160
 161       dkey.data = key;
 162       dkey.size = info.key_size;
 163     }
 164
 165   ret = gnutls_hex_encode (&dkey, hex_key, &hex_key_size);
 166   if (info.netconf_hint)
 167     gnutls_free (dkey.data);
 168   if (ret < 0)
 169     {
 170       fprintf (stderr, "HEX encoding error\n");
 171       exit (1);
 172     }
 173
 174   ret = write_key (info.username, hex_key, hex_key_size, info.passwd);
 175   if (ret == 0)
 176     printf ("Key stored to %s\n", info.passwd);
 177
 178   return ret;
 179 }
 180
 181 static int
 182 filecopy (char *src, char *dst)
 183 {
 184   FILE *fd, *fd2;
 185   char line[5 * 1024];
 186   char *p;
 187
 188   fd = fopen (dst, "w");
 189   if (fd == NULL)
 190     {
 191       fprintf (stderr, "Cannot open '%s' for write\n", dst);
 192       return -1;
 193     }
 194
 195   fd2 = fopen (src, "r");
 196   if (fd2 == NULL)
 197     {
 198       /* empty file */
 199       fclose (fd);
 200       return 0;
 201     }
 202
 203   line[sizeof (line) - 1] = 0;
 204   do
 205     {
 206       p = fgets (line, sizeof (line) - 1, fd2);
 207       if (p == NULL)
 208         break;
 209
 210       fputs (line, fd);
 211     }
 212   while (1);
 213
 214   fclose (fd);
 215   fclose (fd2);
 216
 217   return 0;
 218 }
 219
 220 static int
 221 write_key (const char *username, const char *key, int key_size,
 222            char *passwd_file)
 223 {
 224   FILE *fd;
 225   char line[5 * 1024];
 226   char *p, *pp;
 227   char tmpname[1024];
 228
 229
 230   /* delete previous entry */
 231   struct stat st;
 232   FILE *fd2;
 233   int put;
 234
 235   if (strlen (passwd_file) > sizeof (tmpname) + 5)
 236     {
 237       fprintf (stderr, "file '%s' is tooooo long\n", passwd_file);
 238       return -1;
 239     }
 240   strcpy (tmpname, passwd_file);
 241   strcat (tmpname, ".tmp");
 242
 243   if (stat (tmpname, &st) != -1)
 244     {
 245       fprintf (stderr, "file '%s' is locked\n", tmpname);
 246       return -1;
 247     }
 248
 249   if (filecopy (passwd_file, tmpname) != 0)
 250     {
 251       fprintf (stderr, "Cannot copy '%s' to '%s'\n", passwd_file, tmpname);
 252       return -1;
 253     }
 254
 255   fd = fopen (passwd_file, "w");
 256   if (fd == NULL)
 257     {
 258       fprintf (stderr, "Cannot open '%s' for write\n", passwd_file);
 259       remove (tmpname);
 260       return -1;
 261     }
 262
 263   fd2 = fopen (tmpname, "r");
 264   if (fd2 == NULL)
 265     {
 266       fprintf (stderr, "Cannot open '%s' for read\n", tmpname);
 267       remove (tmpname);
 268       return -1;
 269     }
 270
 271   put = 0;
 272   do
 273     {
 274       p = fgets (line, sizeof (line) - 1, fd2);
 275       if (p == NULL)
 276         break;
 277
 278       pp = strchr (line, ':');
 279       if (pp == NULL)
 280         continue;
 281
 282       if (strncmp (p, username,
 283                    MAX (strlen (username), (unsigned int) (pp - p))) == 0)
 284         {
 285           put = 1;
 286           fprintf (fd, "%s:%s\n", username, key);
 287         }
 288       else
 289         {
 290           fputs (line, fd);
 291         }
 292     }
 293   while (1);
 294
 295   if (put == 0)
 296     {
 297       fprintf (fd, "%s:%s\n", username, key);
 298     }
 299
 300   fclose (fd);
 301   fclose (fd2);
 302
 303   remove (tmpname);
 304
 305
 306   return 0;
 307 }
 308
 309 #endif /* ENABLE_PSK */
 310
 311 void psktool_version (void);
 312
 313 void
 314 psktool_version (void)
 315 {
 316   const char *p = PACKAGE_NAME;
 317   if (strcmp (gnutls_check_version (NULL), PACKAGE_VERSION) != 0)
 318     p = PACKAGE_STRING;
 319   version_etc (stdout, "psktool", p, gnutls_check_version (NULL),
 320                "Nikos Mavrogiannopoulos", (char *) NULL);
 321 }