Date: Wed, 25 Jun 2014 00:57:07 GMT From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r269996 - soc2013/def/crashdump-head/sbin/dumpkey Message-ID: <201406250057.s5P0v7Cr040778@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: def Date: Wed Jun 25 00:57:07 2014 New Revision: 269996 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=269996 Log: Style. Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c ============================================================================== --- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Wed Jun 25 00:19:10 2014 (r269995) +++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Wed Jun 25 00:57:07 2014 (r269996) @@ -1,15 +1,17 @@ -#include <stdio.h> -#include <unistd.h> -#include <string.h> +#include <sys/types.h> #include <sys/sysctl.h> #include <sys/kerneldump.h> -#include <crypto/rijndael/rijndael-api-fst.h> -#include <opencrypto/cryptodev.h> +#include <crypto/rijndael/rijndael-api-fst.h> #include <openssl/conf.h> #include <openssl/err.h> -#include <openssl/rsa.h> #include <openssl/pem.h> +#include <openssl/rsa.h> + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> #define PATH_DEVRANDOM "/dev/random" #define DEVBLK_SIZE 512 @@ -17,9 +19,8 @@ static void usage(void) { - printf("%s\n%s\n", - "usage: dumpkey -e public_key", - " dumpkey -d private_key -k encrypted_key -c encrypted_core"); + printf("%s\n%s\n", "usage: dumpkey -e public_key", + " dumpkey -d private_key -k encrypted_key -c encrypted_core"); } static int @@ -28,16 +29,13 @@ FILE *fp; fp = fopen(fname, "r"); - if (fp == NULL) return (-1); - if (fread(buf, size, 1, fp) != 1) { fclose(fp); return (-1); } - fclose(fp); return (0); @@ -56,16 +54,13 @@ FILE *fp; fp = fopen(public_key_file, "r"); - if (fp == NULL) return (-1); - public_key = PEM_read_RSA_PUBKEY(fp, &public_key, NULL, NULL); fclose(fp); if (public_key == NULL) return (-1); - if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE, plain_dumpkey, dumpkey->ciphertext, public_key, RSA_PKCS1_PADDING) == -1) { @@ -76,27 +71,24 @@ } static int -decrypt_key(char *cipherkey, char *key, char *iv, RSA *private_key, char *private_key_file) +decrypt_key(char *cipherkey, char *key, char *iv, RSA *private_key, + char *private_key_file) { - FILE *fp; char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE]; + FILE *fp; fp = fopen(private_key_file, "r"); - if (fp == NULL) return (-1); - private_key = PEM_read_RSAPrivateKey(fp, &private_key, NULL, NULL); fclose(fp); if (private_key == NULL) return (-1); - if (RSA_private_decrypt(KERNELDUMP_CIPHERTEXT_SIZE, cipherkey, buf, private_key, RSA_PKCS1_PADDING) == -1) { return (-1); } - memcpy(key, buf, KERNELDUMP_KEY_SIZE); memcpy(iv, buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_IV_SIZE); @@ -106,7 +98,8 @@ static int sysctl_dumpkey(struct kerneldumpkey *key) { - return (sysctlbyname("kern.dumpkey", NULL, NULL, key, sizeof(struct kerneldumpkey))); + return (sysctlbyname("kern.dumpkey", NULL, NULL, key, + sizeof(struct kerneldumpkey))); } static void @@ -118,22 +111,26 @@ int error; public_key = RSA_new(); - if (random_data(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE)) { printf("Error: cannot generate a symmetric key.\n"); goto out; } - error = rijndael_makeKey(&dumpkey.ki, DIR_ENCRYPT, 8 * KERNELDUMP_KEY_SIZE, buf); + if (error <= 0) { + printf("Error: cannot initialize a key.\n"); + goto out; + } error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC, buf + KERNELDUMP_KEY_SIZE); - + if (error <= 0) { + printf("Error: cannot initialize a cipher.\n"); + goto out; + } if (encrypt_key(buf, &dumpkey, public_key, public_key_file)) { printf("Error: cannot encrypt a key.\n"); goto out; } - if (sysctl_dumpkey(&dumpkey)) { printf("Error: cannot set a kernel crash dump key.\n"); goto out; @@ -146,37 +143,33 @@ } static void -decrypt_core(char *encrypted_core, char *private_key_file, char *encrypted_key_file) +decrypt_core(char *encrypted_core, char *private_key_file, + char *encrypted_key_file) { char buf[DEVBLK_SIZE]; char key[KERNELDUMP_KEY_SIZE], iv[KERNELDUMP_IV_SIZE]; struct kerneldumpkey dumpkey; + FILE *fp, *fp_w; RSA *private_key; int error, offset; size_t buf_used, bytes; - FILE *fp, *fp_w; private_key = RSA_new(); - memcpy(buf, encrypted_core, strlen(encrypted_core) + 1); strcat(buf, "-decrypted"); fp = fopen(encrypted_core, "r"); fp_w = fopen(buf, "w"); - if (fp == NULL || fp_w == NULL) goto out; - if (read_data(buf, KERNELDUMP_CIPHERTEXT_SIZE, encrypted_key_file)) { printf("Error: cannot read an encrypted key.\n"); goto out; } - if (decrypt_key(buf, key, iv, private_key, private_key_file)) { printf("Error: cannot decrypt a key.\n"); goto out; } - error = rijndael_makeKey(&dumpkey.ki, DIR_DECRYPT, 8 * KERNELDUMP_KEY_SIZE, key); if (error <= 0) { @@ -188,7 +181,6 @@ do { bytes = fread(buf + buf_used, 1, DEVBLK_SIZE - buf_used, fp); buf_used += bytes; - if (buf_used == DEVBLK_SIZE) { error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC, iv); if (error <= 0) { @@ -204,12 +196,10 @@ printf("Error: cannot decrypt data.\n"); goto out; } - if (fwrite(buf, 1, buf_used, fp_w) != buf_used) { printf("Error: cannot write a decrypted core.\n"); goto out; } - offset += buf_used; buf_used = 0; } @@ -228,18 +218,18 @@ int main(int argc, char **argv) { - char *public_key_file, *private_key_file, *encrypted_key_file, *encrypted_core; + char *encrypted_core, *encrypted_key_file; + char *public_key_file, *private_key_file; int ch, error; ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); OPENSSL_config(NULL); - error = 0; public_key_file = private_key_file = NULL; encrypted_key_file = encrypted_core = NULL; - while ((ch = getopt(argc, argv, "c:d:e:k:")) != -1) + while ((ch = getopt(argc, argv, "c:d:e:k:")) != -1) { switch (ch) { case 'c': encrypted_core = optarg; @@ -258,26 +248,25 @@ error = 1; goto out; } - + } if ((public_key_file == NULL && private_key_file == NULL) || - (public_key_file != NULL && private_key_file != NULL)) { + (public_key_file != NULL && private_key_file != NULL)) { usage(); error = 1; goto out; } - if (private_key_file != NULL && (encrypted_key_file == NULL || - encrypted_core == NULL)) { + encrypted_core == NULL)) { usage(); error = 1; goto out; } - if (public_key_file != NULL) generate_key(public_key_file); - - if (private_key_file != NULL) - decrypt_core(encrypted_core, private_key_file, encrypted_key_file); + if (private_key_file != NULL) { + decrypt_core(encrypted_core, private_key_file, + encrypted_key_file); + } out: ERR_free_strings(); @@ -285,4 +274,3 @@ return (0); } -
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201406250057.s5P0v7Cr040778>