src/psk.c

   1 /*
   2  * Copyright (C) 2005, 2007, 2008, 2009, 2010  Free Software Foundation, Inc.
   3  *
   4  * This file is part of GNUTLS.
   5  *
   6  * GNUTLS is free software: you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * GNUTLS is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program.  If not, see
  18  * <http://www.gnu.org/licenses/>.
  19  */
  20
  21 #include <config.h>
  22
  23 /* Gnulib portability files. */
  24 #include <version-etc.h>
  25 #include <progname.h>
  26
  27 #ifndef ENABLE_PSK
  28
  29 #include <stdio.h>
  30
  31 int
  32 main (int argc, char **argv)
  33 {
  34   printf ("\nPSK not supported. This program is a dummy.\n\n");
  35   return 1;
  36 };
  37
  38 #else
  39
  40 #include <stdio.h>
  41 #include <string.h>
  42 #include <stdlib.h>
  43 #include <gnutls/gnutls.h>
  44 #include <gnutls/extra.h>
  45 #include <psk-gaa.h>
  46
  47 #include "../lib/random.h"      /* for random */
  48
  49 #include <sys/types.h>
  50 #include <sys/stat.h>
  51
  52 #ifndef _WIN32
  53 # include <pwd.h>
  54 # include <unistd.h>
  55 #else
  56 # include <windows.h>
  57 #endif
  58
  59 /* Gnulib portability files. */
  60 #include <minmax.h>
  61 #include "getpass.h"
  62
  63 static int write_key (const char *username, const char *key, int key_size,
  64                       char *passwd_file);
  65
  66 #define KPASSWD "/etc/passwd.psk"
  67 #define MAX_KEY_SIZE 64
  68 int
  69 main (int argc, char **argv)
  70 {
  71   gaainfo info;
  72   int ret;
  73   struct passwd *pwd;
  74   unsigned char key[MAX_KEY_SIZE];
  75   char hex_key[MAX_KEY_SIZE * 2 + 1];
  76   gnutls_datum_t dkey;
  77   size_t hex_key_size = sizeof (hex_key);
  78
  79   set_program_name (argv[0]);
  80
  81   if ((ret = gnutls_global_init ()) < 0)
  82     {
  83       fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
  84       exit (1);
  85     }
  86
  87   umask (066);
  88
  89   if (gaa (argc, argv, &info) != -1)
  90     {
  91       fprintf (stderr, "Error in the arguments.\n");
  92       return -1;
  93     }
  94
  95   if (info.passwd == NULL)
  96     info.passwd = (char *) KPASSWD;
  97
  98   if (info.username == NULL)
  99     {
 100 #ifndef _WIN32
 101       pwd = getpwuid (getuid ());
 102
 103       if (pwd == NULL)
 104         {
 105           fprintf (stderr, "No such user\n");
 106           return -1;
 107         }
 108
 109       info.username = pwd->pw_name;
 110 #else
 111       fprintf (stderr, "Please specify a user\n");
 112       return -1;
 113 #endif
 114     }
 115
 116   if (info.key_size > MAX_KEY_SIZE)
 117     {
 118       fprintf (stderr, "Key size is too long\n");
 119       exit (1);
 120     }
 121
 122   if (info.netconf_hint)
 123     {
 124       char *passwd;
 125
 126       if (info.key_size != 0 && info.key_size != 20)
 127         {
 128           fprintf (stderr, "For netconf, key size must always be 20.\n");
 129           exit (1);
 130         }
 131
 132       passwd = getpass ("Enter password: ");
 133       if (passwd == NULL)
 134         {
 135           fprintf (stderr, "Please specify a password\n");
 136           exit (1);
 137         }
 138
 139       ret = gnutls_psk_netconf_derive_key (passwd,
 140                                            info.username,
 141                                            info.netconf_hint, &dkey);
 142       if (ret < 0)
 143         {
 144           fprintf (stderr, "Deriving the key failed\n");
 145           exit (1);
 146         }
 147     }
 148   else
 149     {
 150       if (info.key_size < 1)
 151         info.key_size = 16;
 152
 153       printf ("Generating a random key for user '%s'\n", info.username);
 154
 155       ret = _gnutls_rnd (GNUTLS_RND_RANDOM, (char *) key, info.key_size);
 156       if (ret < 0)
 157         {
 158           fprintf (stderr, "Not enough randomness\n");
 159           exit (1);
 160         }
 161
 162       dkey.data = key;
 163       dkey.size = info.key_size;
 164     }
 165
 166   ret = gnutls_hex_encode (&dkey, hex_key, &hex_key_size);
 167   if (info.netconf_hint)
 168     gnutls_free (dkey.data);
 169   if (ret < 0)
 170     {
 171       fprintf (stderr, "HEX encoding error\n");
 172       exit (1);
 173     }
 174
 175   ret = write_key (info.username, hex_key, hex_key_size, info.passwd);
 176   if (ret == 0)
 177     printf ("Key stored to %s\n", info.passwd);
 178
 179   return ret;
 180 }
 181
 182 static int
 183 filecopy (char *src, char *dst)
 184 {
 185   FILE *fd, *fd2;
 186   char line[5 * 1024];
 187   char *p;
 188
 189   fd = fopen (dst, "w");
 190   if (fd == NULL)
 191     {
 192       fprintf (stderr, "Cannot open '%s' for write\n", dst);
 193       return -1;
 194     }
 195
 196   fd2 = fopen (src, "r");
 197   if (fd2 == NULL)
 198     {
 199       /* empty file */
 200       fclose (fd);
 201       return 0;
 202     }
 203
 204   line[sizeof (line) - 1] = 0;
 205   do
 206     {
 207       p = fgets (line, sizeof (line) - 1, fd2);
 208       if (p == NULL)
 209         break;
 210
 211       fputs (line, fd);
 212     }
 213   while (1);
 214
 215   fclose (fd);
 216   fclose (fd2);
 217
 218   return 0;
 219 }
 220
 221 static int
 222 write_key (const char *username, const char *key, int key_size,
 223            char *passwd_file)
 224 {
 225   FILE *fd;
 226   char line[5 * 1024];
 227   char *p, *pp;
 228   char tmpname[1024];
 229
 230
 231   /* delete previous entry */
 232   struct stat st;
 233   FILE *fd2;
 234   int put;
 235
 236   if (strlen (passwd_file) > sizeof (tmpname) + 5)
 237     {
 238       fprintf (stderr, "file '%s' is tooooo long\n", passwd_file);
 239       return -1;
 240     }
 241   strcpy (tmpname, passwd_file);
 242   strcat (tmpname, ".tmp");
 243
 244   if (stat (tmpname, &st) != -1)
 245     {
 246       fprintf (stderr, "file '%s' is locked\n", tmpname);
 247       return -1;
 248     }
 249
 250   if (filecopy (passwd_file, tmpname) != 0)
 251     {
 252       fprintf (stderr, "Cannot copy '%s' to '%s'\n", passwd_file, tmpname);
 253       return -1;
 254     }
 255
 256   fd = fopen (passwd_file, "w");
 257   if (fd == NULL)
 258     {
 259       fprintf (stderr, "Cannot open '%s' for write\n", passwd_file);
 260       remove (tmpname);
 261       return -1;
 262     }
 263
 264   fd2 = fopen (tmpname, "r");
 265   if (fd2 == NULL)
 266     {
 267       fprintf (stderr, "Cannot open '%s' for read\n", tmpname);
 268       remove (tmpname);
 269       return -1;
 270     }
 271
 272   put = 0;
 273   do
 274     {
 275       p = fgets (line, sizeof (line) - 1, fd2);
 276       if (p == NULL)
 277         break;
 278
 279       pp = strchr (line, ':');
 280       if (pp == NULL)
 281         continue;
 282
 283       if (strncmp (p, username,
 284                    MAX (strlen (username), (unsigned int) (pp - p))) == 0)
 285         {
 286           put = 1;
 287           fprintf (fd, "%s:%s\n", username, key);
 288         }
 289       else
 290         {
 291           fputs (line, fd);
 292         }
 293     }
 294   while (1);
 295
 296   if (put == 0)
 297     {
 298       fprintf (fd, "%s:%s\n", username, key);
 299     }
 300
 301   fclose (fd);
 302   fclose (fd2);
 303
 304   remove (tmpname);
 305
 306
 307   return 0;
 308 }
 309
 310 #endif /* ENABLE_PSK */
 311
 312 void psktool_version (void);
 313
 314 void
 315 psktool_version (void)
 316 {
 317   const char *p = PACKAGE_NAME;
 318   if (strcmp (gnutls_check_version (NULL), PACKAGE_VERSION) != 0)
 319     p = PACKAGE_STRING;
 320   version_etc (stdout, "psktool", p, gnutls_check_version (NULL),
 321                "Nikos Mavrogiannopoulos", (char *) NULL);
 322 }