hreese/exim-encrypt-dlfunc
1
0
Fork 0
mirror of https://gitlab.kit.edu/kit/scc/sys/mail/exim-encrypt-dlfunc.git synced 2025-12-06 10:03:56 +01:00
Code Issues Releases Wiki Activity

switched key generation from secret key to pkc (sealed box)

Browse Source
This commit is contained in:
Heiko Reese
2021-08-07 12:55:40 +02:00
parent e97e2c2934
commit eee4c38a5b
2 changed files with 44 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1,4 +1,4 @@
src/secretkey.h
src/secretkey.bin
src/genkey src/genkey
src/libexim-kitencrypt-dlfunc.so src/libexim-kitencrypt-dlfunc.so
src/recipient_sk.raw
src/recipient_sk.h

67
src/genkey.c
View File

@ -3,12 +3,48 @@
void dumpkey(FILE* f, unsigned char * name, unsigned char * key, unsigned int keylen) { void dumpkey(FILE* f, unsigned char * name, unsigned char * key, unsigned int keylen) {
fprintf(f, "const unsigned char %s[] = { ", name); fprintf(f, "const unsigned char %s[] = { ", name);
for(int i=0; i < keylen; i++) { for(int i=0; i < keylen; i++) {
fprintf(f, "0x%02X", key[i]); fprintf(f, "0x%02x", key[i]);
if (i < keylen-1) { if (i < keylen-1) {
fprintf(f, ", "); fprintf(f, ", ");
} }
} }
fprintf(f, " };\n"); fprintf(f, " };\n");
fprintf(f, "const unsigned int %s_length = %d;\n", name, keylen);
}
void write_key_files(unsigned char * filebase, unsigned char * varname, unsigned char * key, unsigned int keylen) {
unsigned char header_filename[4096];
unsigned char raw_filename[4096];
sprintf(header_filename, "%s.h", filebase);
sprintf(raw_filename, "%s.raw", filebase);
// open header file
FILE *hfile = fopen(header_filename, "w+");
if (hfile == NULL) {
fprintf(stderr, "Unable to open %s for writing", header_filename);
exit(129);
}
// write key as C code
dumpkey(hfile, varname, key, keylen);
// close header file
fclose(hfile);
// open raw file
FILE *rfile = fopen(raw_filename, "w+");
if (rfile == NULL) {
fprintf(stderr, "Unable to open %s for writing", raw_filename);
exit(129);
}
// write key
fwrite(key, sizeof(key[0]), keylen, rfile);
// close raw file
fclose(rfile);
} }
int main(void) int main(void)
@ -18,31 +54,12 @@ int main(void)
exit(128); exit(128);
} }
unsigned char key[crypto_secretbox_KEYBYTES]; unsigned char recipient_pk[crypto_box_PUBLICKEYBYTES];
crypto_secretbox_keygen(key); unsigned char recipient_sk[crypto_box_SECRETKEYBYTES];
crypto_box_keypair(recipient_pk, recipient_sk);
FILE *keyfile = fopen("secretkey.h", "w+"); write_key_files("recipient_pk", "recipient_pk", recipient_pk, crypto_box_PUBLICKEYBYTES);
if (keyfile == NULL) { write_key_files("recipient_sk", "recipient_sk", recipient_sk, crypto_box_SECRETKEYBYTES);
fputs("Unable to open secretkey.h", stderr);
exit(129);
}
fputs("#ifndef EXIM4ENCRYPTSECRETKEY_H\n#define EXIM4ENCRYPTSECRETKEY_H\n\n", keyfile);
dumpkey(keyfile, "key", key, crypto_secretbox_KEYBYTES);
fprintf(keyfile, "unsigned int keylen = %u;\n", crypto_secretbox_KEYBYTES);
fputs("#endif // EXIM4ENCRYPTSECRETKEY_H\n", keyfile);
fclose(keyfile);
FILE *keyfilebin = fopen("secretkey.bin", "w+");
if (keyfilebin == NULL) {
fputs("Unable to open secretkey.bin", stderr);
exit(129);
}
fwrite(key, sizeof(key[0]), crypto_secretbox_KEYBYTES, keyfilebin);
fclose(keyfilebin);
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
} }