2 * Copyright (c) 2011-2012 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@dragonflybsd.org>
6 * by Venkatesh Srinivas <vsrinivas@dragonflybsd.org>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
18 * 3. Neither the name of The DragonFly Project nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific, prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
27 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
29 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
30 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
31 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
32 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <openssl/rsa.h> /* public/private key functions */
39 #include <openssl/pem.h> /* public/private key file load */
40 #include <openssl/err.h>
43 * Should be run as root. Creates /etc/hammer2/rsa.{pub,prv} using
47 cmd_rsainit(const char *dir_path)
57 * Create the directory if necessary
59 if (stat(dir_path, &st) < 0) {
60 str1 = strdup(dir_path);
63 while ((str2 = strchr(str2 + 1, '/')) != NULL) {
71 asprintf(&str1, "%s/rsa.prv", dir_path);
72 asprintf(&str2, "%s/rsa.pub", dir_path);
74 old_umask = umask(077);
75 if (stat(str1, &st) < 0) {
76 asprintf(&cmd, "openssl genrsa -out %s 2048", str1);
82 "hammer2 rsainit: private key gen failed\n");
88 printf("hammer2 rsainit: created %s\n", str1);
91 printf("hammer2 rsainit: Using existing private key in %s\n",
94 if (stat(str2, &st) < 0) {
95 asprintf(&cmd, "openssl rsa -in %s -out %s -pubout",
101 "hammer2 rsainit: public key gen failed\n");
107 printf("hammer2 rsainit: created %s\n", str2);
109 printf("hammer2 rsainit: both keys already exist\n");
119 cmd_rsaenc(const char **keyfiles, int nkeys)
121 RSA **keys = calloc(nkeys, sizeof(RSA *));
122 int *ispub = calloc(nkeys, sizeof(int));
128 unsigned char *data_in;
129 unsigned char *data_out;
131 for (i = 0; i < nkeys; ++i) {
135 sfx = strrchr(keyfiles[i], '.');
136 if (sfx && strcmp(sfx, ".pub") == 0) {
137 fp = fopen(keyfiles[i], "r");
139 fprintf(stderr, "hammer2 rsaenc: unable to "
140 "open %s\n", keyfiles[i]);
144 keys[i] = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
147 if (keys[i] == NULL) {
148 fprintf(stderr, "hammer2 rsaenc: unable to "
149 "parse public key from %s\n",
154 } else if (sfx && strcmp(sfx, ".prv") == 0) {
155 fp = fopen(keyfiles[i], "r");
157 fprintf(stderr, "hammer2 rsaenc: unable to "
158 "open %s\n", keyfiles[i]);
162 keys[i] = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
164 if (keys[i] == NULL) {
165 fprintf(stderr, "hammer2 rsaenc: unable to "
166 "parse private key from %s\n",
172 fprintf(stderr, "hammer2: rsaenc: key files must end "
173 "in .pub or .prv\n");
178 blksize = RSA_size(keys[i]);
180 assert(blksize == RSA_size(keys[i]));
182 fprintf(stderr, "blksize %d\n", blksize);
187 data_in = malloc(blksize);
188 data_out = malloc(blksize);
190 while ((n = read(0, data_in + off, blksize - off)) > 0) {
192 if (off == blksize) {
193 for (i = 0; i < nkeys; ++i) {
195 RSA_public_encrypt(blksize,
200 RSA_private_encrypt(blksize,
205 bcopy(data_out, data_in, blksize);
207 if (write(1, data_out, blksize) != blksize) {
215 if (off && ecode == 0) {
217 bzero(data_in + off, blksize - off);
218 for (i = 0; i < nkeys; ++i) {
220 RSA_public_encrypt(blksize,
225 RSA_private_encrypt(blksize,
230 bcopy(data_out, data_in, blksize);
232 if (write(1, data_out, blksize) != blksize) {
244 for (i = 0; i < nkeys; ++i) {
254 cmd_rsadec(const char **keyfiles, int nkeys)
256 RSA **keys = calloc(nkeys, sizeof(RSA *));
257 int *ispub = calloc(nkeys, sizeof(int));
263 unsigned char *data_in;
264 unsigned char *data_out;
266 for (i = 0; i < nkeys; ++i) {
270 sfx = strrchr(keyfiles[i], '.');
271 if (sfx && strcmp(sfx, ".pub") == 0) {
272 fp = fopen(keyfiles[i], "r");
274 fprintf(stderr, "hammer2 rsaenc: unable to "
275 "open %s\n", keyfiles[i]);
279 keys[i] = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
282 if (keys[i] == NULL) {
283 fprintf(stderr, "hammer2 rsaenc: unable to "
284 "parse public key from %s\n",
289 } else if (sfx && strcmp(sfx, ".prv") == 0) {
290 fp = fopen(keyfiles[i], "r");
292 fprintf(stderr, "hammer2 rsaenc: unable to "
293 "open %s\n", keyfiles[i]);
297 keys[i] = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
299 if (keys[i] == NULL) {
300 fprintf(stderr, "hammer2 rsaenc: unable to "
301 "parse private key from %s\n",
307 fprintf(stderr, "hammer2: rsaenc: key files must end "
308 "in .pub or .prv\n");
313 blksize = RSA_size(keys[i]);
315 assert(blksize == RSA_size(keys[i]));
321 data_in = malloc(blksize);
322 data_out = malloc(blksize);
324 while ((n = read(0, data_in + off, blksize - off)) > 0) {
326 if (off == blksize) {
327 for (i = 0; i < nkeys; ++i) {
329 RSA_public_decrypt(blksize,
334 RSA_private_decrypt(blksize,
339 bcopy(data_out, data_in, blksize);
341 if (write(1, data_out, blksize) != blksize) {
351 bzero(data_in + off, blksize - off);
352 for (i = 0; i < nkeys; ++i) {
354 RSA_public_decrypt(blksize,
359 RSA_private_decrypt(blksize,
364 bcopy(data_out, data_in, blksize);
366 if (write(1, data_out, blksize) != blksize) {
378 for (i = 0; i < nkeys; ++i) {