From 81712f93a9c62d99600c64462cd4daa733bf7d3f Mon Sep 17 00:00:00 2001 From: Massimiliano Pinto Date: Mon, 22 Jul 2013 19:56:52 +0200 Subject: [PATCH] create_keys.c generates passphrase and init vector for AES in ./secrets.ksey read_keys.c will read from that file. Note passphrase and init vector are not written sequentially Next work is to provide a shared library with basic reoutines for read and write. Read routines will be part of monitor and loadusers --- aes/compile_keys | 4 +++ aes/create_keys.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++ aes/read_keys.c | 73 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 157 insertions(+) create mode 100644 aes/compile_keys create mode 100755 aes/create_keys.c create mode 100755 aes/read_keys.c diff --git a/aes/compile_keys b/aes/compile_keys new file mode 100644 index 000000000..ab945ae06 --- /dev/null +++ b/aes/compile_keys @@ -0,0 +1,4 @@ +gcc -c create_keys.c +gcc -c read_keys.c +gcc -o create_keys create_keys.o ../epoll_revno_203/core/utils.o -lssl +gcc -o read_keys read_keys.o -lssl diff --git a/aes/create_keys.c b/aes/create_keys.c new file mode 100755 index 000000000..c5021b6a3 --- /dev/null +++ b/aes/create_keys.c @@ -0,0 +1,80 @@ +#include +#include +#include +#include +#include +#include +#include + +#include + +#define MAXSCALE_SECRETS_ONE 4 +#define MAXSCALE_SECRETS_TWO 28 +#define MAXSCALE_SECRETS_INIT_VAL_ONE 11 +#define MAXSCALE_SECRETS_INIT_VAL_TWO 5 + +int main(int argc, char *argv[]) +{ + char secret_buffer[1 + AES_BLOCK_SIZE * 3 + 3] = ""; + char scramble_secret[1 + AES_BLOCK_SIZE * 3 + 3] = ""; + char enc_key[1 + AES_BLOCK_SIZE * 2]=""; + char iv[1 + AES_BLOCK_SIZE]=""; + char *home =NULL; + + char one_byte[1 + 1]=""; + char two_bytes[1 + 2]=""; + + char secret_file[1024]=""; + int fd =0; + + if ((home = getenv("MAXSCALE_HOME")) != NULL) { + sprintf(secret_file, "%s/etc/secrets.key"); + } else { + strcpy(secret_file, "./secrets.key"); + } + + fd = open(secret_file, O_CREAT | O_WRONLY | O_TRUNC); + + if (fd < 0) { + fprintf(stderr, "%s, failed opening secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + exit(1); + + } + + srand(time(NULL)); + gw_generate_random_str(secret_buffer, AES_BLOCK_SIZE * 3 + 3); + + memcpy(one_byte, secret_buffer, 1); + memcpy(enc_key, secret_buffer + 1, AES_BLOCK_SIZE * 2); + memcpy(iv, secret_buffer + 1 + AES_BLOCK_SIZE * 2, AES_BLOCK_SIZE); + memcpy(two_bytes, secret_buffer + 1 + AES_BLOCK_SIZE * 2 + AES_BLOCK_SIZE + 1, 2); + + //fprintf(stderr, "<<< Key32 is [%s]\n", enc_key); + //fprintf(stderr, "<<< IV16 is [%s]\n", iv); + + memcpy(scramble_secret, one_byte, 1); + + memcpy(scramble_secret + 1, enc_key, MAXSCALE_SECRETS_ONE); + + memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE, iv, MAXSCALE_SECRETS_INIT_VAL_ONE); + + memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE, enc_key + MAXSCALE_SECRETS_ONE, MAXSCALE_SECRETS_TWO); + + memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE + MAXSCALE_SECRETS_TWO, iv + MAXSCALE_SECRETS_INIT_VAL_ONE, MAXSCALE_SECRETS_INIT_VAL_TWO); + + memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE + MAXSCALE_SECRETS_TWO + MAXSCALE_SECRETS_INIT_VAL_TWO, two_bytes, 2); + + + if(write(fd, scramble_secret, sizeof(scramble_secret)-1) < 0) { + fprintf(stderr, "%s, failed writing into secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + exit(1); + } + + fprintf(stderr, "MaxScale secret keys initialized in %s\n", secret_file); + + if (close(fd) < 0) { + fprintf(stderr, "%s, failed closing the secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + } + + exit(0); +} diff --git a/aes/read_keys.c b/aes/read_keys.c new file mode 100755 index 000000000..42b1618ac --- /dev/null +++ b/aes/read_keys.c @@ -0,0 +1,73 @@ +#include +#include +#include +#include +#include +#include +#include + +#include + +#define MAXSCALE_SECRETS_ONE 4 +#define MAXSCALE_SECRETS_TWO 28 +#define MAXSCALE_SECRETS_INIT_VAL_ONE 11 +#define MAXSCALE_SECRETS_INIT_VAL_TWO 5 + +int main(int argc, char *argv[]) +{ + char enc_key[1 + AES_BLOCK_SIZE * 2]=""; + char iv[1 + AES_BLOCK_SIZE]=""; + char *home =NULL; + struct stat secret_stats; + char read_buffer[1 + AES_BLOCK_SIZE * 2 + AES_BLOCK_SIZE + 3]=""; + + char one_byte[1]=""; + char two_bytes[2]=""; + + char secret_file[1024]=""; + int fd =0; + int secret_file_size = 0; + + if ((home = getenv("MAXSCALE_HOME")) != NULL) { + sprintf(secret_file, "%s/etc/secrets.key"); + } else { + strcpy(secret_file, "./secrets.key"); + } + + fd = open(secret_file, O_RDONLY); + + if (fd < 0) { + fprintf(stderr, "%s, failed opening secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + + } + + if (fstat(fd, &secret_stats) < 0) { + fprintf(stderr, "%s, failed accessing secret file details [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + } + + secret_file_size = secret_stats.st_size; + + fprintf(stderr, "The secret file has %i bytes\n", secret_file_size); + + if (read(fd, read_buffer, sizeof(read_buffer)-1) < 0) { + fprintf(stderr, "%s, failed reading from secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + } + + fprintf(stderr, "The file content is [%s]\n", read_buffer); + + memcpy(enc_key, read_buffer+1, MAXSCALE_SECRETS_ONE); + + memcpy(iv, read_buffer+1+MAXSCALE_SECRETS_ONE, MAXSCALE_SECRETS_INIT_VAL_ONE); + + memcpy(enc_key+ MAXSCALE_SECRETS_ONE, read_buffer+1+MAXSCALE_SECRETS_ONE+MAXSCALE_SECRETS_INIT_VAL_ONE, MAXSCALE_SECRETS_TWO); + memcpy(iv+MAXSCALE_SECRETS_INIT_VAL_ONE, read_buffer+1+MAXSCALE_SECRETS_ONE+MAXSCALE_SECRETS_INIT_VAL_ONE+MAXSCALE_SECRETS_TWO, MAXSCALE_SECRETS_INIT_VAL_TWO); + + fprintf(stderr, "<< Secret 32 is [%s]\n", enc_key); + fprintf(stderr, "<< Iv 16 is [%s]\n", iv); + + if (close(fd) < 0) { + fprintf(stderr, "%s, failed closing the secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno)); + } + + exit(0); +}