socsvn commit: r269996 - soc2013/def/crashdump-head/sbin/dumpkey
def at FreeBSD.org
def at FreeBSD.org
Wed Jun 25 00:57:08 UTC 2014
Author: def
Date: Wed Jun 25 00:57:07 2014
New Revision: 269996
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=269996
Log:
Style.
Modified:
soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Wed Jun 25 00:19:10 2014 (r269995)
+++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Wed Jun 25 00:57:07 2014 (r269996)
@@ -1,15 +1,17 @@
-#include <stdio.h>
-#include <unistd.h>
-#include <string.h>
+#include <sys/types.h>
#include <sys/sysctl.h>
#include <sys/kerneldump.h>
-#include <crypto/rijndael/rijndael-api-fst.h>
-#include <opencrypto/cryptodev.h>
+#include <crypto/rijndael/rijndael-api-fst.h>
#include <openssl/conf.h>
#include <openssl/err.h>
-#include <openssl/rsa.h>
#include <openssl/pem.h>
+#include <openssl/rsa.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
#define PATH_DEVRANDOM "/dev/random"
#define DEVBLK_SIZE 512
@@ -17,9 +19,8 @@
static void
usage(void)
{
- printf("%s\n%s\n",
- "usage: dumpkey -e public_key",
- " dumpkey -d private_key -k encrypted_key -c encrypted_core");
+ printf("%s\n%s\n", "usage: dumpkey -e public_key",
+ " dumpkey -d private_key -k encrypted_key -c encrypted_core");
}
static int
@@ -28,16 +29,13 @@
FILE *fp;
fp = fopen(fname, "r");
-
if (fp == NULL)
return (-1);
-
if (fread(buf, size, 1, fp) != 1) {
fclose(fp);
return (-1);
}
-
fclose(fp);
return (0);
@@ -56,16 +54,13 @@
FILE *fp;
fp = fopen(public_key_file, "r");
-
if (fp == NULL)
return (-1);
-
public_key = PEM_read_RSA_PUBKEY(fp, &public_key, NULL, NULL);
fclose(fp);
if (public_key == NULL)
return (-1);
-
if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE,
plain_dumpkey, dumpkey->ciphertext, public_key,
RSA_PKCS1_PADDING) == -1) {
@@ -76,27 +71,24 @@
}
static int
-decrypt_key(char *cipherkey, char *key, char *iv, RSA *private_key, char *private_key_file)
+decrypt_key(char *cipherkey, char *key, char *iv, RSA *private_key,
+ char *private_key_file)
{
- FILE *fp;
char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE];
+ FILE *fp;
fp = fopen(private_key_file, "r");
-
if (fp == NULL)
return (-1);
-
private_key = PEM_read_RSAPrivateKey(fp, &private_key, NULL, NULL);
fclose(fp);
if (private_key == NULL)
return (-1);
-
if (RSA_private_decrypt(KERNELDUMP_CIPHERTEXT_SIZE, cipherkey, buf,
private_key, RSA_PKCS1_PADDING) == -1) {
return (-1);
}
-
memcpy(key, buf, KERNELDUMP_KEY_SIZE);
memcpy(iv, buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_IV_SIZE);
@@ -106,7 +98,8 @@
static int
sysctl_dumpkey(struct kerneldumpkey *key)
{
- return (sysctlbyname("kern.dumpkey", NULL, NULL, key, sizeof(struct kerneldumpkey)));
+ return (sysctlbyname("kern.dumpkey", NULL, NULL, key,
+ sizeof(struct kerneldumpkey)));
}
static void
@@ -118,22 +111,26 @@
int error;
public_key = RSA_new();
-
if (random_data(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE)) {
printf("Error: cannot generate a symmetric key.\n");
goto out;
}
-
error = rijndael_makeKey(&dumpkey.ki, DIR_ENCRYPT,
8 * KERNELDUMP_KEY_SIZE, buf);
+ if (error <= 0) {
+ printf("Error: cannot initialize a key.\n");
+ goto out;
+ }
error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC,
buf + KERNELDUMP_KEY_SIZE);
-
+ if (error <= 0) {
+ printf("Error: cannot initialize a cipher.\n");
+ goto out;
+ }
if (encrypt_key(buf, &dumpkey, public_key, public_key_file)) {
printf("Error: cannot encrypt a key.\n");
goto out;
}
-
if (sysctl_dumpkey(&dumpkey)) {
printf("Error: cannot set a kernel crash dump key.\n");
goto out;
@@ -146,37 +143,33 @@
}
static void
-decrypt_core(char *encrypted_core, char *private_key_file, char *encrypted_key_file)
+decrypt_core(char *encrypted_core, char *private_key_file,
+ char *encrypted_key_file)
{
char buf[DEVBLK_SIZE];
char key[KERNELDUMP_KEY_SIZE], iv[KERNELDUMP_IV_SIZE];
struct kerneldumpkey dumpkey;
+ FILE *fp, *fp_w;
RSA *private_key;
int error, offset;
size_t buf_used, bytes;
- FILE *fp, *fp_w;
private_key = RSA_new();
-
memcpy(buf, encrypted_core, strlen(encrypted_core) + 1);
strcat(buf, "-decrypted");
fp = fopen(encrypted_core, "r");
fp_w = fopen(buf, "w");
-
if (fp == NULL || fp_w == NULL)
goto out;
-
if (read_data(buf, KERNELDUMP_CIPHERTEXT_SIZE, encrypted_key_file)) {
printf("Error: cannot read an encrypted key.\n");
goto out;
}
-
if (decrypt_key(buf, key, iv, private_key, private_key_file)) {
printf("Error: cannot decrypt a key.\n");
goto out;
}
-
error = rijndael_makeKey(&dumpkey.ki, DIR_DECRYPT,
8 * KERNELDUMP_KEY_SIZE, key);
if (error <= 0) {
@@ -188,7 +181,6 @@
do {
bytes = fread(buf + buf_used, 1, DEVBLK_SIZE - buf_used, fp);
buf_used += bytes;
-
if (buf_used == DEVBLK_SIZE) {
error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC, iv);
if (error <= 0) {
@@ -204,12 +196,10 @@
printf("Error: cannot decrypt data.\n");
goto out;
}
-
if (fwrite(buf, 1, buf_used, fp_w) != buf_used) {
printf("Error: cannot write a decrypted core.\n");
goto out;
}
-
offset += buf_used;
buf_used = 0;
}
@@ -228,18 +218,18 @@
int
main(int argc, char **argv)
{
- char *public_key_file, *private_key_file, *encrypted_key_file, *encrypted_core;
+ char *encrypted_core, *encrypted_key_file;
+ char *public_key_file, *private_key_file;
int ch, error;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
-
error = 0;
public_key_file = private_key_file = NULL;
encrypted_key_file = encrypted_core = NULL;
- while ((ch = getopt(argc, argv, "c:d:e:k:")) != -1)
+ while ((ch = getopt(argc, argv, "c:d:e:k:")) != -1) {
switch (ch) {
case 'c':
encrypted_core = optarg;
@@ -258,26 +248,25 @@
error = 1;
goto out;
}
-
+ }
if ((public_key_file == NULL && private_key_file == NULL) ||
- (public_key_file != NULL && private_key_file != NULL)) {
+ (public_key_file != NULL && private_key_file != NULL)) {
usage();
error = 1;
goto out;
}
-
if (private_key_file != NULL && (encrypted_key_file == NULL ||
- encrypted_core == NULL)) {
+ encrypted_core == NULL)) {
usage();
error = 1;
goto out;
}
-
if (public_key_file != NULL)
generate_key(public_key_file);
-
- if (private_key_file != NULL)
- decrypt_core(encrypted_core, private_key_file, encrypted_key_file);
+ if (private_key_file != NULL) {
+ decrypt_core(encrypted_core, private_key_file,
+ encrypted_key_file);
+ }
out:
ERR_free_strings();
@@ -285,4 +274,3 @@
return (0);
}
-
More information about the svn-soc-all
mailing list