abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change
on this file since 4721618 was
4721618,
checked in by Mei <mei@…>, 11 years ago
|
1) tested out python and perl test scripts along with
abac_chunk_t calls in libabac's abac.hh
|
-
Property mode set to
100644
|
File size:
1.6 KB
|
Rev | Line | |
---|
[abd7c25] | 1 | |
---|
[461541a] | 2 | /* generate.c */ |
---|
[abd7c25] | 3 | |
---|
[461541a] | 4 | #include <unistd.h> |
---|
| 5 | #include <fcntl.h> |
---|
| 6 | #include <err.h> |
---|
[04f5da1] | 7 | |
---|
[4721618] | 8 | #include "libabac_common.h" |
---|
[04f5da1] | 9 | #include "creddy_common.h" |
---|
[abd7c25] | 10 | |
---|
| 11 | void generate_main(options_t *opts) { |
---|
[39fed7c] | 12 | int ret, fd; |
---|
[461541a] | 13 | abac_id_t *id; |
---|
[39fed7c] | 14 | char *filename; |
---|
| 15 | FILE *out; |
---|
| 16 | |
---|
[595a885] | 17 | // make sure we have at least a CN |
---|
| 18 | if (opts->cn == NULL) |
---|
| 19 | usage(opts); |
---|
| 20 | |
---|
[8231b92] | 21 | // if we have an outdir, chdir there |
---|
| 22 | if (opts->out) { |
---|
| 23 | ret = chdir(opts->out); |
---|
| 24 | if (ret < 0) |
---|
| 25 | err(1, "can't open output directory '%s'", opts->out); |
---|
| 26 | } |
---|
| 27 | |
---|
[a0772a2] | 28 | printf("Generating key, this will take a while. Create entropy!\n"); |
---|
| 29 | printf(" - move the mouse\n"); |
---|
| 30 | printf(" - generate disk activity (run find)\n"); |
---|
[abd7c25] | 31 | |
---|
| 32 | |
---|
[461541a] | 33 | ret = abac_id_generate(&id, opts->cn, opts->validity); |
---|
| 34 | |
---|
| 35 | if (ret == ABAC_GENERATE_INVALID_CN) { |
---|
[abd7c25] | 36 | printf("Invalid CN: must start with a letter and be alphanumeric\n"); |
---|
| 37 | usage(opts); |
---|
| 38 | } |
---|
[461541a] | 39 | if (ret == ABAC_GENERATE_INVALID_VALIDITY) { |
---|
[abd7c25] | 40 | printf("Validity must be >= 1 day\n"); |
---|
| 41 | usage(opts); |
---|
| 42 | } |
---|
[39fed7c] | 43 | // in both above cases: usage(opts) exits |
---|
[a0772a2] | 44 | |
---|
[39fed7c] | 45 | // |
---|
| 46 | // success! |
---|
| 47 | // |
---|
[abd7c25] | 48 | |
---|
[39fed7c] | 49 | // write the cert |
---|
[461541a] | 50 | filename = abac_id_cert_filename(id); |
---|
[39fed7c] | 51 | out = fopen(filename, "w"); |
---|
[bcf4c03] | 52 | if (out == NULL) |
---|
| 53 | err(1, "Can't open cert file %s", filename); |
---|
[461541a] | 54 | abac_id_write_cert(id, out); |
---|
[39fed7c] | 55 | fclose(out); |
---|
[abd7c25] | 56 | free(filename); |
---|
| 57 | |
---|
[39fed7c] | 58 | // write the key |
---|
[461541a] | 59 | filename = abac_id_privkey_filename(id); |
---|
[39fed7c] | 60 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); // mode 600 |
---|
[abd7c25] | 61 | if (fd < 0) |
---|
[39fed7c] | 62 | err(1, "Can't open private key file %s", filename); |
---|
| 63 | out = fdopen(fd, "w"); |
---|
[461541a] | 64 | abac_id_write_privkey(id, out); |
---|
[abd7c25] | 65 | fclose(out); |
---|
| 66 | |
---|
[461541a] | 67 | abac_id_free(id); |
---|
[abd7c25] | 68 | } |
---|
Note: See
TracBrowser
for help on using the repository browser.