#include "cf.defs.h"#include "cf.extern.h"#include "../pub/global.h"Go to the source code of this file.
Functions | |
| void | RandomSeed () |
| void | LoadSecretKeys () |
| RSA * | HavePublicKey (char *name) |
| void | SavePublicKey (char *name, RSA *key) |
| void | DeletePublicKey (char *name) |
| void | MD5Random (digest) |
| void | GenerateRandomSessionKey () |
| int | EncryptString (char *in, char *out, unsigned char *key, int plainlen) |
| int | DecryptString (char *in, char *out, unsigned char *key, int cipherlen) |
|
||||||||||||||||||||
|
Definition at line 369 of file crypto.c. Referenced by BusyWithConnection(). 00375 { int plainlen, tmplen; 00376 unsigned char iv[8] = {1,2,3,4,5,6,7,8}; 00377 EVP_CIPHER_CTX ctx; 00378 00379 EVP_CIPHER_CTX_init(&ctx); 00380 EVP_DecryptInit(&ctx,EVP_bf_cbc(),key,iv); 00381 00382 if (!EVP_DecryptUpdate(&ctx,out,&plainlen,in,cipherlen)) 00383 { 00384 return -1; 00385 } 00386 00387 if (!EVP_DecryptFinal(&ctx,out+plainlen,&tmplen)) 00388 { 00389 return -1; 00390 } 00391 00392 plainlen += tmplen; 00393 00394 EVP_CIPHER_CTX_cleanup(&ctx); 00395 return plainlen; 00396 }
|
|
|
Definition at line 248 of file crypto.c. References bufsize, FatalError(), getenv(), IsPrivileged(), NULL, snprintf(), sp, and Verbose. Referenced by IsWildKnownHost(). 00252 { char filename[bufsize],*sp; 00253 int err; 00254 00255 if (!IsPrivileged()) 00256 { 00257 Verbose("\n(Non privileged user...)\n\n"); 00258 00259 if ((sp = getenv("HOME")) == NULL) 00260 { 00261 FatalError("You do not have a HOME variable pointing to your home directory"); 00262 } 00263 snprintf(filename,bufsize,"%s/.cfengine/ppkeys/%s.pub",sp,name); 00264 } 00265 else 00266 { 00267 snprintf(filename,bufsize,"%s/ppkeys/%s.pub",WORKDIR,name); 00268 } 00269 00270 unlink(filename); 00271 }
|
|
||||||||||||||||||||
|
Definition at line 339 of file crypto.c. Referenced by cf_rstat(), CompareMD5Net(), and CopyRegNet(). 00345 { int cipherlen, tmplen; 00346 unsigned char iv[8] = {1,2,3,4,5,6,7,8}; 00347 EVP_CIPHER_CTX ctx; 00348 00349 EVP_CIPHER_CTX_init(&ctx); 00350 EVP_EncryptInit(&ctx,EVP_bf_cbc(),key,iv); 00351 00352 if (!EVP_EncryptUpdate(&ctx,out,&cipherlen,in,plainlen)) 00353 { 00354 return -1; 00355 } 00356 00357 if (!EVP_EncryptFinal(&ctx,out+cipherlen,&tmplen)) 00358 { 00359 return -1; 00360 } 00361 00362 cipherlen += tmplen; 00363 EVP_CIPHER_CTX_cleanup(&ctx); 00364 return cipherlen; 00365 }
|
|
|
Definition at line 326 of file crypto.c. References CONN, and cfagent_connection::session_key. Referenced by KeyAuthentication(). 00328 { BIGNUM *bp; 00329 00330 /* Hardcode blowfish for now - it's fast */ 00331 00332 bp = BN_new(); 00333 BN_rand(bp,16,0,0); 00334 CONN->session_key = (unsigned char *)bp; 00335 }
|
|
|
Definition at line 132 of file crypto.c. References bufsize, cferror, CfLog(), Debug, FatalError(), fp, getenv(), IsPrivileged(), NULL, OUTPUT, snprintf(), sp, and Verbose. Referenced by CheckStoreKey(), KeyAuthentication(), and PollServer(). 00136 { char filename[bufsize],*sp; 00137 struct stat statbuf; 00138 static char *passphrase = "public"; 00139 unsigned long err; 00140 FILE *fp; 00141 RSA *newkey = NULL; 00142 00143 Debug("Havekey(%s)\n",name); 00144 00145 if (!IsPrivileged()) 00146 { 00147 Verbose("\n(Non privileged user...)\n\n"); 00148 00149 if ((sp = getenv("HOME")) == NULL) 00150 { 00151 FatalError("You do not have a HOME variable pointing to your home directory"); 00152 } 00153 snprintf(filename,bufsize,"%s/.cfengine/ppkeys/%s.pub",sp,name); 00154 } 00155 else 00156 { 00157 snprintf(filename,bufsize,"%s/ppkeys/%s.pub",WORKDIR,name); 00158 } 00159 00160 if (stat(filename,&statbuf) == -1) 00161 { 00162 Debug("Did not have key %s\n",name); 00163 return NULL; 00164 } 00165 else 00166 { 00167 if ((fp = fopen(filename,"r")) == NULL) 00168 { 00169 snprintf(OUTPUT,bufsize,"Couldn't find a public key (%s) - use cfkey to get one",filename); 00170 CfLog(cferror,OUTPUT,"open"); 00171 return NULL; 00172 } 00173 00174 if ((newkey = PEM_read_RSAPublicKey(fp,NULL,NULL,passphrase)) == NULL) 00175 { 00176 err = ERR_get_error(); 00177 snprintf(OUTPUT,bufsize,"Error reading Private Key = %s\n",ERR_reason_error_string(err)); 00178 CfLog(cferror,OUTPUT,""); 00179 fclose(fp); 00180 return NULL; 00181 } 00182 00183 Verbose("Loaded %s\n",filename); 00184 fclose(fp); 00185 00186 if (BN_num_bits(newkey->e) < 2 || !BN_is_odd(newkey->e)) 00187 { 00188 FatalError("RSA Exponent too small or not odd"); 00189 } 00190 00191 return newkey; 00192 } 00193 }
|
|
|
Definition at line 76 of file crypto.c. References bufsize, cferror, CfLog(), CFPRIVKEYFILE, CFPUBKEYFILE, FatalError(), fp, NULL, OUTPUT, PRIVKEY, PUBKEY, snprintf(), and Verbose. Referenced by CheckOptsAndInit(), and CheckSystemVariables(). 00078 { FILE *fp; 00079 static char *passphrase = "Cfengine passphrase"; 00080 unsigned long err; 00081 00082 if ((fp = fopen(CFPRIVKEYFILE,"r")) == NULL) 00083 { 00084 snprintf(OUTPUT,bufsize,"Couldn't find a private key (%s) - use cfkey to get one",CFPRIVKEYFILE); 00085 CfLog(cferror,OUTPUT,"open"); 00086 return; 00087 } 00088 00089 if ((PRIVKEY = PEM_read_RSAPrivateKey(fp,(RSA **)NULL,NULL,passphrase)) == NULL) 00090 { 00091 err = ERR_get_error(); 00092 snprintf(OUTPUT,bufsize,"Error reading Private Key = %s\n",ERR_reason_error_string(err)); 00093 CfLog(cferror,OUTPUT,""); 00094 PRIVKEY = NULL; 00095 fclose(fp); 00096 return; 00097 } 00098 00099 fclose(fp); 00100 00101 Verbose("Loaded %s\n",CFPRIVKEYFILE); 00102 00103 if ((fp = fopen(CFPUBKEYFILE,"r")) == NULL) 00104 { 00105 snprintf(OUTPUT,bufsize,"Couldn't find a public key (%s) - use cfkey to get one",CFPUBKEYFILE); 00106 CfLog(cferror,OUTPUT,"fopen"); 00107 return; 00108 } 00109 00110 if ((PUBKEY = PEM_read_RSAPublicKey(fp,NULL,NULL,passphrase)) == NULL) 00111 { 00112 err = ERR_get_error(); 00113 snprintf(OUTPUT,bufsize,"Error reading Private Key = %s\n",ERR_reason_error_string(err)); 00114 CfLog(cferror,OUTPUT,""); 00115 PUBKEY = NULL; 00116 fclose(fp); 00117 return; 00118 } 00119 00120 Verbose("Loaded %s\n",CFPUBKEYFILE); 00121 fclose(fp); 00122 00123 if (BN_num_bits(PUBKEY->e) < 2 || !BN_is_odd(PUBKEY->e)) 00124 { 00125 FatalError("RSA Exponent too small or not odd"); 00126 } 00127 00128 }
|
|
|
Definition at line 275 of file crypto.c. References bufsize, cferror, CfLog(), cfpclose(), cfpopen(), CFSTARTTIME, maxlinksize, NULL, OUTPUT, ReadLine(), snprintf(), Verbose, VFQNAME, VPSCOMM, VPSOPTS, and VSYSTEMHARDCLASS. Referenced by RandomSeed(). 00282 { unsigned char buffer[bufsize]; 00283 char pscomm[maxlinksize]; 00284 char uninitbuffer[100]; 00285 int md_len; 00286 const EVP_MD *md; 00287 EVP_MD_CTX context; 00288 FILE *pp; 00289 00290 Verbose("Looking for a random number seed...\n"); 00291 00292 md = EVP_get_digestbyname("md5"); 00293 EVP_DigestInit(&context,md); 00294 00295 Verbose("...\n"); 00296 00297 snprintf(buffer,bufsize,"%d%d%25s",(int)CFSTARTTIME,(int)digest,VFQNAME); 00298 00299 EVP_DigestUpdate(&context,buffer,bufsize); 00300 00301 snprintf(pscomm,bufsize,"%s %s",VPSCOMM[VSYSTEMHARDCLASS],VPSOPTS[VSYSTEMHARDCLASS]); 00302 00303 if ((pp = cfpopen(pscomm,"r")) == NULL) 00304 { 00305 snprintf(OUTPUT,bufsize,"Couldn't open the process list with command %s\n",pscomm); 00306 CfLog(cferror,OUTPUT,"popen"); 00307 } 00308 00309 while (!feof(pp)) 00310 { 00311 ReadLine(buffer,bufsize,pp); 00312 EVP_DigestUpdate(&context,buffer,bufsize); 00313 } 00314 00315 uninitbuffer[99] = '\0'; 00316 snprintf(buffer,bufsize-1,"%ld %s",time(NULL),uninitbuffer); 00317 EVP_DigestUpdate(&context,buffer,bufsize); 00318 00319 cfpclose(pp); 00320 00321 EVP_DigestFinal(&context,digest,&md_len); 00322 }
|
|
|
Definition at line 39 of file crypto.c. References AVDB, AVDB_FILE, bufsize, CfLog(), cfverbose, Debug, MD5Random(), OUTPUT, snprintf(), VBUFF, Verbose, and VLOGDIR. Referenced by CheckOptsAndInit(), and Initialize(). 00041 { static unsigned char digest[EVP_MAX_MD_SIZE+1]; 00042 struct stat statbuf; 00043 00044 /* Use the system database as the entropy source for random numbers */ 00045 00046 Debug("RandomSeed() work directory is %s\n",VLOGDIR); 00047 00048 snprintf(VBUFF,bufsize,"%s/randseed",VLOGDIR); 00049 00050 if (stat(VBUFF,&statbuf) == -1) 00051 { 00052 snprintf(AVDB,bufsize,"%s/%s",WORKDIR,AVDB_FILE); 00053 } 00054 else 00055 { 00056 strcpy(AVDB,VBUFF); 00057 } 00058 00059 Verbose("Looking for a source of entropy in %s\n",AVDB); 00060 00061 if (!RAND_load_file(AVDB,-1)) 00062 { 00063 snprintf(OUTPUT,bufsize,"Could not read sufficient randomness from %s\n",AVDB); 00064 CfLog(cfverbose,OUTPUT,""); 00065 } 00066 00067 while (!RAND_status()) 00068 { 00069 MD5Random(digest); 00070 RAND_seed((void *)digest,16); 00071 } 00072 }
|
|
||||||||||||
|
Definition at line 197 of file crypto.c. References bufsize, cferror, CfLog(), FatalError(), fp, getenv(), IsPrivileged(), NULL, OUTPUT, snprintf(), sp, and Verbose. Referenced by CheckStoreKey(), IsWildKnownHost(), and KeyAuthentication(). 00202 { char filename[bufsize],*sp; 00203 struct stat statbuf; 00204 FILE *fp; 00205 int err; 00206 00207 if (!IsPrivileged()) 00208 { 00209 Verbose("\n(Non privileged user...)\n\n"); 00210 00211 if ((sp = getenv("HOME")) == NULL) 00212 { 00213 FatalError("You do not have a HOME variable pointing to your home directory"); 00214 } 00215 snprintf(filename,bufsize,"%s/.cfengine/ppkeys/%s.pub",sp,name); 00216 } 00217 else 00218 { 00219 snprintf(filename,bufsize,"%s/ppkeys/%s.pub",WORKDIR,name); 00220 } 00221 00222 if (stat(filename,&statbuf) != -1) 00223 { 00224 return; 00225 } 00226 00227 Verbose("Saving public key %s\n",filename); 00228 00229 if ((fp = fopen(filename, "w")) == NULL ) 00230 { 00231 snprintf(OUTPUT,bufsize,"Unable to write a public key %s",filename); 00232 CfLog(cferror,OUTPUT,"fopen"); 00233 return; 00234 } 00235 00236 if (!PEM_write_RSAPublicKey(fp,key)) 00237 { 00238 err = ERR_get_error(); 00239 snprintf(OUTPUT,bufsize,"Error saving public key %s = %s\n",filename,ERR_reason_error_string(err)); 00240 CfLog(cferror,OUTPUT,""); 00241 } 00242 00243 fclose(fp); 00244 }
|