create_keys.c generates passphrase and init vector for AES in ./secrets.ksey

read_keys.c will read from that file. Note passphrase and init vector are not written sequentially Next work is to provide a shared library with basic reoutines for read and write. Read routines will be part of monitor and loadusers
2013-07-22 19:56:52 +02:00
parent 64c15fd4fb
commit 81712f93a9
3 changed files with 157 additions and 0 deletions
--- a/aes/compile_keys
+++ b/aes/compile_keys
@ -0,0 +1,4 @@
+gcc -c create_keys.c
+gcc -c read_keys.c
+gcc -o create_keys create_keys.o ../epoll_revno_203/core/utils.o -lssl
+gcc -o read_keys read_keys.o -lssl
--- a/aes/create_keys.c
+++ b/aes/create_keys.c
@ -0,0 +1,80 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include <openssl/aes.h>
+
+#define MAXSCALE_SECRETS_ONE 4
+#define MAXSCALE_SECRETS_TWO 28
+#define MAXSCALE_SECRETS_INIT_VAL_ONE 11
+#define MAXSCALE_SECRETS_INIT_VAL_TWO 5
+
+int main(int argc, char *argv[])
+{
+	char secret_buffer[1 + AES_BLOCK_SIZE * 3 + 3] = "";
+	char scramble_secret[1 + AES_BLOCK_SIZE * 3 + 3] = "";
+	char enc_key[1 + AES_BLOCK_SIZE * 2]="";
+	char iv[1 + AES_BLOCK_SIZE]="";
+	char *home =NULL;
+
+	char one_byte[1 + 1]="";
+	char two_bytes[1 + 2]="";
+
+	char secret_file[1024]="";
+	int fd =0;
+
+	if ((home = getenv("MAXSCALE_HOME")) != NULL) {
+		sprintf(secret_file, "%s/etc/secrets.key");
+	} else {
+		strcpy(secret_file, "./secrets.key");
+	}
+
+	fd = open(secret_file, O_CREAT | O_WRONLY | O_TRUNC);
+
+	if (fd < 0) {
+		fprintf(stderr, "%s, failed opening secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+		exit(1);
+
+	}
+
+	srand(time(NULL));
+	gw_generate_random_str(secret_buffer, AES_BLOCK_SIZE * 3 + 3);
+
+	memcpy(one_byte, secret_buffer, 1);
+	memcpy(enc_key, secret_buffer + 1, AES_BLOCK_SIZE * 2);
+	memcpy(iv, secret_buffer + 1 + AES_BLOCK_SIZE * 2, AES_BLOCK_SIZE);
+	memcpy(two_bytes, secret_buffer + 1 + AES_BLOCK_SIZE * 2 + AES_BLOCK_SIZE + 1, 2);
+
+	//fprintf(stderr, "<<< Key32 is [%s]\n", enc_key);
+	//fprintf(stderr, "<<< IV16 is [%s]\n", iv);
+
+	memcpy(scramble_secret, one_byte, 1);
+
+	memcpy(scramble_secret + 1, enc_key, MAXSCALE_SECRETS_ONE);
+
+	memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE, iv, MAXSCALE_SECRETS_INIT_VAL_ONE);
+
+	memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE, enc_key + MAXSCALE_SECRETS_ONE, MAXSCALE_SECRETS_TWO);
+
+	memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE + MAXSCALE_SECRETS_TWO, iv + MAXSCALE_SECRETS_INIT_VAL_ONE, MAXSCALE_SECRETS_INIT_VAL_TWO);
+
+	memcpy(scramble_secret + 1 + MAXSCALE_SECRETS_ONE + MAXSCALE_SECRETS_INIT_VAL_ONE + MAXSCALE_SECRETS_TWO + MAXSCALE_SECRETS_INIT_VAL_TWO, two_bytes, 2);
+
+
+	if(write(fd, scramble_secret, sizeof(scramble_secret)-1) < 0) {
+		fprintf(stderr, "%s, failed writing into secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+		exit(1);
+	}
+
+	fprintf(stderr, "MaxScale secret keys initialized in %s\n", secret_file);
+
+	if (close(fd) < 0) {
+		fprintf(stderr, "%s, failed closing the secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+	}
+
+	exit(0);
+}
--- a/aes/read_keys.c
+++ b/aes/read_keys.c
@ -0,0 +1,73 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include <openssl/aes.h>
+
+#define MAXSCALE_SECRETS_ONE 4
+#define MAXSCALE_SECRETS_TWO 28
+#define MAXSCALE_SECRETS_INIT_VAL_ONE 11
+#define MAXSCALE_SECRETS_INIT_VAL_TWO 5
+
+int main(int argc, char *argv[])
+{   
+	char enc_key[1 + AES_BLOCK_SIZE * 2]="";
+	char iv[1 + AES_BLOCK_SIZE]="";
+	char *home =NULL;
+	struct stat secret_stats;
+	char read_buffer[1 + AES_BLOCK_SIZE * 2 + AES_BLOCK_SIZE + 3]="";
+
+	char one_byte[1]="";
+	char two_bytes[2]="";
+
+	char secret_file[1024]="";
+	int fd =0;
+	int secret_file_size = 0;
+
+	if ((home = getenv("MAXSCALE_HOME")) != NULL) {
+		sprintf(secret_file, "%s/etc/secrets.key");
+	} else {
+		strcpy(secret_file, "./secrets.key");
+	}
+
+	fd = open(secret_file, O_RDONLY);
+
+	if (fd < 0) {
+		fprintf(stderr, "%s, failed opening secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+
+	}
+
+	if (fstat(fd, &secret_stats) < 0) {
+		fprintf(stderr, "%s, failed accessing secret file details [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+	}	
+
+	secret_file_size = secret_stats.st_size;
+
+	fprintf(stderr, "The secret file has %i bytes\n", secret_file_size);
+
+	if (read(fd, read_buffer, sizeof(read_buffer)-1) < 0) {
+		fprintf(stderr, "%s, failed reading from  secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+	}
+
+	fprintf(stderr, "The file content is [%s]\n", read_buffer);
+
+	memcpy(enc_key, read_buffer+1, MAXSCALE_SECRETS_ONE);
+
+	memcpy(iv, read_buffer+1+MAXSCALE_SECRETS_ONE, MAXSCALE_SECRETS_INIT_VAL_ONE);
+
+	memcpy(enc_key+ MAXSCALE_SECRETS_ONE, read_buffer+1+MAXSCALE_SECRETS_ONE+MAXSCALE_SECRETS_INIT_VAL_ONE, MAXSCALE_SECRETS_TWO);
+	memcpy(iv+MAXSCALE_SECRETS_INIT_VAL_ONE, read_buffer+1+MAXSCALE_SECRETS_ONE+MAXSCALE_SECRETS_INIT_VAL_ONE+MAXSCALE_SECRETS_TWO, MAXSCALE_SECRETS_INIT_VAL_TWO);
+
+	fprintf(stderr, "<< Secret 32 is [%s]\n", enc_key);
+	fprintf(stderr, "<< Iv 16 is [%s]\n", iv);
+	
+	if (close(fd) < 0) {
+		fprintf(stderr, "%s, failed closing the secret file [%s]. Error %i, %s\n", argv[0], secret_file, errno, strerror(errno));
+	}
+
+	exit(0);
+}