Example #1
0
/* Convert a JSON value to a keyblock, filling in keyblock. */
static int
json_to_keyblock(k5_json_value v, krb5_keyblock *keyblock)
{
    k5_json_array array;
    k5_json_number n;
    k5_json_string s;
    size_t len;

    memset(keyblock, 0, sizeof(*keyblock));
    if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
        return -1;
    array = v;
    if (k5_json_array_length(array) != 2)
        return -1;

    n = check_element(array, 0, K5_JSON_TID_NUMBER);
    if (n == NULL)
        return -1;
    keyblock->enctype = k5_json_number_value(n);

    s = check_element(array, 1, K5_JSON_TID_STRING);
    if (s == NULL)
        return -1;
    if (k5_json_string_unbase64(s, &keyblock->contents, &len))
        return -1;
    keyblock->length = len;
    keyblock->magic = KV5M_KEYBLOCK;
    return 0;
}
Example #2
0
/* Convert a JSON value to a zero-terminated enctypes list or to NULL. */
static int
json_to_etypes(k5_json_value v, krb5_enctype **etypes_out)
{
    krb5_enctype *etypes = NULL;
    k5_json_array array;
    k5_json_number n;
    size_t len, i;

    *etypes_out = NULL;
    if (k5_json_get_tid(v) == K5_JSON_TID_NULL)
        return 0;
    if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
        return -1;
    array = v;
    len = k5_json_array_length(array);
    etypes = calloc(len + 1, sizeof(*etypes));
    for (i = 0; i < len; i++) {
        n = check_element(array, i, K5_JSON_TID_NUMBER);
        if (n == NULL)
            goto invalid;
        etypes[i] = k5_json_number_value(n);
    }
    *etypes_out = etypes;
    return 0;

invalid:
    free(etypes);
    return -1;
}
Example #3
0
/*
 * @description:
 * Checks if a mask, portraying a plane, is correct.
 * Correct in this context means, that all members of the plane
 * bitwise are DONTCARE or == id
 */
static char check_mask(const char *db, const char *basemask, \
											 const int id, const int bits)
{
	// Nr of free axis
	unsigned int n_dc = amount_in_ar(basemask, bits, 2);
	unsigned int constmask; // A mask that is fixed
	unsigned int db_size = 1 << bits;
	
	// varmask is xored with constmask, to give address to check
	// n_dc_der is a derivate of n_dc. n_dc_der cannot be 0 =>
	unsigned int n_dc_der = (n_dc > 0) ? n_dc : 1;
	unsigned int varmask[n_dc_der]; 
	unsigned int i; // local counter
	// Make the masks
	constmask = get_const_mask(basemask, bits);
	for (i = 0; i < n_dc; i++) {
		varmask[i] = get_var_mask(basemask, bits, i + 1);
	}
	
	// Now start checking all the addresses
	unsigned int times = 1 << n_dc; // How many times the loop is exec.
	for (i = 0; i < times; i++) {
		assert(constmask < db_size); // If otherwise, out of bound db
		if (!check_element(*(db + constmask), id)) return 0;
		// Alter constmask with the right varmask
		// The right varmask is given by th log2.. func
		// Sadly, the log2xorseq(times-1) is equal to n_dc, so I have to %
		
		constmask ^= varmask[log2xorseq(i) % n_dc_der];
	}
	
	// The mask appears to be valid
	return 1;
}
Example #4
0
 void Parent::toggle_remove(int id){
   check_element(gui::GUI_TYPE::TOGGLE,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(tog,gui::Toggle,gui::GUI_TYPE::TOGGLE,id);
     child_elements.erase(it);
     tog.parent_id = -1;
   }
 }
Example #5
0
 void Parent::button_remove(int id){
   check_element(gui::GUI_TYPE::BUTTON,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(but,gui::Button,gui::GUI_TYPE::BUTTON,id);
     child_elements.erase(it);
     but.parent_id = -1;
   }
 }
Example #6
0
 void Parent::textbox_remove(int id){
   check_element(gui::GUI_TYPE::TEXTBOX,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(tex,gui::Textbox,gui::GUI_TYPE::TEXTBOX,id);
     child_elements.erase(it);
     tex.parent_id = -1;
   }
 }
Example #7
0
static void *remove_element(mempool_t *pool)
{
	void *element = pool->elements[--pool->curr_nr];

	BUG_ON(pool->curr_nr < 0);
	check_element(pool, element);
	kasan_unpoison_element(pool, element);
	return element;
}
Example #8
0
 void Parent::label_remove(int id){
   check_element(gui::GUI_TYPE::LABEL,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(lab,gui::Label,gui::GUI_TYPE::LABEL,id);
     child_elements.erase(it);
     lab.parent_id = -1;
   }
 }
Example #9
0
 void Parent::window_remove(int id){
   check_element(gui::GUI_TYPE::WINDOW,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(win,gui::Window,gui::GUI_TYPE::WINDOW,id);
     child_elements.erase(it);
     win.parent_id = -1;
   }
 }
Example #10
0
 void Parent::slider_remove(int id){
   check_element(gui::GUI_TYPE::SLIDER,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(sli,gui::Slider,gui::GUI_TYPE::SLIDER,id);
     child_elements.erase(it);
     sli.parent_id = -1;
   }
 }
Example #11
0
 void Parent::scrollbar_remove(int id){
   check_element(gui::GUI_TYPE::SCROLLBAR,id);
   auto it = find(child_elements.begin(), child_elements.end(), id);
   if (it != child_elements.end()){
     get_element(scr,gui::Scrollbar,gui::GUI_TYPE::SCROLLBAR,id);
     child_elements.erase(it);
     scr.parent_id = -1;
   }
 }
Example #12
0
OM_uint32 KRB5_CALLCONV
krb5_gss_import_cred(OM_uint32 *minor_status, gss_buffer_t token,
                     gss_cred_id_t *cred_handle)
{
    OM_uint32 status = GSS_S_COMPLETE;
    krb5_context context;
    krb5_error_code ret;
    krb5_gss_cred_id_t cred;
    k5_json_value v = NULL;
    k5_json_array array;
    k5_json_string str;
    char *copy = NULL;

    ret = krb5_gss_init_context(&context);
    if (ret) {
        *minor_status = ret;
        return GSS_S_FAILURE;
    }

    /* Decode token. */
    copy = k5memdup0(token->value, token->length, &ret);
    if (copy == NULL) {
        status = GSS_S_FAILURE;
        *minor_status = ret;
        goto cleanup;
    }
    if (k5_json_decode(copy, &v))
        goto invalid;

    /* Decode the CRED_EXPORT_MAGIC array wrapper. */
    if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
        goto invalid;
    array = v;
    if (k5_json_array_length(array) != 2)
        goto invalid;
    str = check_element(array, 0, K5_JSON_TID_STRING);
    if (str == NULL ||
        strcmp(k5_json_string_utf8(str), CRED_EXPORT_MAGIC) != 0)
        goto invalid;
    if (json_to_kgcred(context, k5_json_array_get(array, 1), &cred))
        goto invalid;

    *cred_handle = (gss_cred_id_t)cred;

cleanup:
    free(copy);
    k5_json_release(v);
    krb5_free_context(context);
    return status;

invalid:
    status = GSS_S_DEFECTIVE_TOKEN;
    goto cleanup;
}
Example #13
0
/* Convert a JSON value to an authdata element. */
static int
json_to_authdata_element(k5_json_value v, krb5_authdata **ad_out)
{
    k5_json_array array;
    krb5_authdata *ad = NULL;
    k5_json_number n;
    k5_json_string s;
    size_t len;

    *ad_out = NULL;
    if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
        return -1;
    array = v;
    if (k5_json_array_length(array) != 2)
        return -1;

    n = check_element(array, 0, K5_JSON_TID_NUMBER);
    if (n == NULL)
        return -1;
    s = check_element(array, 1, K5_JSON_TID_STRING);
    if (s == NULL)
        return -1;

    ad = malloc(sizeof(*ad));
    if (ad == NULL)
        return -1;
    ad->ad_type = k5_json_number_value(n);
    if (k5_json_string_unbase64(s, &ad->contents, &len)) {
        free(ad);
        return -1;
    }
    ad->length = len;
    ad->magic = KV5M_AUTHDATA;
    *ad_out = ad;
    return 0;
}
Example #14
0
 bool searchMatrix(vector<vector<int>>& matrix, int target) {
     int no_of_rows_check, len, column;
     len = matrix.size();
     if (len==0)
         return false;
     no_of_rows_check = give_row(matrix, target);
     if (no_of_rows_check==-1)
         return false;
     for (int i=0;i<=no_of_rows_check;i++) {
         column = matrix[i].size();
         if(matrix[i][0]<=target && target<=matrix[i][column-1]) {
             return check_element(matrix[i], target);
         }
     }
     return false;
 }
Example #15
0
void scan_owners(char *owner, char *user, char *instance)
{
	DIR *dirh;
	struct stat tmpstat;
	char tmpfile[500];
	char filename[400];
	struct dirent *fh;

	sprintf(filename, DATADIR DIRSEP "keys");
	dirh = opendir(filename);
	if (!dirh) {
		return;
	}
	while ((fh = readdir(dirh))) {
		char *fn = fh->d_name;
		if (!fn)
			continue;

		/* if owner doesn't match, skip it */
		if (owner && strcmp(owner, fn))
			continue;

		/* skip anything that couldn't be a valid owner */
		if (!strcmp(fn, ".") || !strcmp(fn, ".."))
			continue;

		/* skip anything we don't consider valid */
		if (check_element(fn))
			continue;

		/* stat it and skip if not a directory */
		sprintf(tmpfile, DATADIR DIRSEP "keys" DIRSEP "%s", fn);
		if (lstat(tmpfile, &tmpstat))
			continue;
		if (!S_ISDIR(tmpstat.st_mode))
			continue;

		scan_users(fn, user, instance);
	}
	closedir(dirh);
}
Example #16
0
/* Convert a JSON array value to a krb5 GSS credential. */
static int
json_to_kgcred(krb5_context context, k5_json_array array,
               krb5_gss_cred_id_t *cred_out)
{
    krb5_gss_cred_id_t cred;
    k5_json_number n;
    k5_json_bool b;
    krb5_boolean is_new;
    OM_uint32 tmp;

    *cred_out = NULL;
    if (k5_json_array_length(array) != 14)
        return -1;

    cred = calloc(1, sizeof(*cred));
    if (cred == NULL)
        return -1;
    if (k5_mutex_init(&cred->lock)) {
        free(cred);
        return -1;
    }

    n = check_element(array, 0, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    cred->usage = k5_json_number_value(n);

    if (json_to_kgname(context, k5_json_array_get(array, 1), &cred->name))
        goto invalid;

    if (json_to_principal(context, k5_json_array_get(array, 2),
                          &cred->impersonator))
        goto invalid;

    b = check_element(array, 3, K5_JSON_TID_BOOL);
    if (b == NULL)
        goto invalid;
    cred->default_identity = k5_json_bool_value(b);

    b = check_element(array, 4, K5_JSON_TID_BOOL);
    if (b == NULL)
        goto invalid;
    cred->iakerb_mech = k5_json_bool_value(b);

    if (json_to_keytab(context, k5_json_array_get(array, 5), &cred->keytab))
        goto invalid;

    if (json_to_rcache(context, k5_json_array_get(array, 6), &cred->rcache))
        goto invalid;

    if (json_to_ccache(context, k5_json_array_get(array, 7), &cred->ccache,
                       &is_new))
        goto invalid;
    cred->destroy_ccache = is_new;

    if (json_to_keytab(context, k5_json_array_get(array, 8),
                       &cred->client_keytab))
        goto invalid;

    b = check_element(array, 9, K5_JSON_TID_BOOL);
    if (b == NULL)
        goto invalid;
    cred->have_tgt = k5_json_bool_value(b);

    n = check_element(array, 10, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    cred->expire = k5_json_number_value(n);

    n = check_element(array, 11, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    cred->refresh_time = k5_json_number_value(n);

    if (json_to_etypes(k5_json_array_get(array, 12), &cred->req_enctypes))
        goto invalid;

    if (json_to_optional_string(k5_json_array_get(array, 13), &cred->password))
        goto invalid;

    *cred_out = cred;
    return 0;

invalid:
    (void)krb5_gss_release_cred(&tmp, (gss_cred_id_t *)&cred);
    return -1;
}
Example #17
0
/* Convert a JSON value to a krb5 credential structure, filling in creds. */
static int
json_to_creds(krb5_context context, k5_json_value v, krb5_creds *creds)
{
    k5_json_array array;
    k5_json_number n;
    k5_json_bool b;
    k5_json_string s;
    unsigned char *data;
    size_t len;

    memset(creds, 0, sizeof(*creds));
    if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
        return -1;
    array = v;
    if (k5_json_array_length(array) != 13)
        return -1;

    if (json_to_principal(context, k5_json_array_get(array, 0),
                          &creds->client))
        goto invalid;

    if (json_to_principal(context, k5_json_array_get(array, 1),
                          &creds->server))
        goto invalid;

    if (json_to_keyblock(k5_json_array_get(array, 2), &creds->keyblock))
        goto invalid;

    n = check_element(array, 3, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    creds->times.authtime = k5_json_number_value(n);

    n = check_element(array, 4, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    creds->times.starttime = k5_json_number_value(n);

    n = check_element(array, 5, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    creds->times.endtime = k5_json_number_value(n);

    n = check_element(array, 6, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    creds->times.renew_till = k5_json_number_value(n);

    b = check_element(array, 7, K5_JSON_TID_BOOL);
    if (b == NULL)
        goto invalid;
    creds->is_skey = k5_json_bool_value(b);

    n = check_element(array, 8, K5_JSON_TID_NUMBER);
    if (n == NULL)
        goto invalid;
    creds->ticket_flags = k5_json_number_value(n);

    if (json_to_addresses(context, k5_json_array_get(array, 9),
                          &creds->addresses))
        goto invalid;

    s = check_element(array, 10, K5_JSON_TID_STRING);
    if (s == NULL)
        goto invalid;
    if (k5_json_string_unbase64(s, &data, &len))
        goto invalid;
    creds->ticket.data = (char *)data;
    creds->ticket.length = len;

    s = check_element(array, 11, K5_JSON_TID_STRING);
    if (s == NULL)
        goto invalid;
    if (k5_json_string_unbase64(s, &data, &len))
        goto invalid;
    creds->second_ticket.data = (char *)data;
    creds->second_ticket.length = len;

    if (json_to_authdata(context, k5_json_array_get(array, 12),
                         &creds->authdata))
        goto invalid;

    creds->magic = KV5M_CREDS;
    return 0;

invalid:
    krb5_free_cred_contents(context, creds);
    memset(creds, 0, sizeof(*creds));
    return -1;
}
Example #18
0
int main(int argc, char *argv[])
{
	char *user, *instance, *owner = NULL;
	char filename[400];
#ifndef WINDOWS
	struct passwd *userpw;
#endif
	struct DataBlock *encrypted, *decrypted, *hk;

	if (argc != 3 && argc != 4) {
		fprintf(stderr, "Usage:\n");
		fprintf(stderr, "\t%s [<owner>] <user> <instance>\n", argv[0]);
		fprintf(stderr, "\t<owner> is the owning userid\n");
		fprintf(stderr, "\t<user> is the userid\n");
		fprintf(stderr, "\t<instance> is the instance\n");
		exit(1);
	}

	if (argc == 3) {
		user = argv[1];
		instance = argv[2];
	} else {
		owner = argv[1];
		user = argv[2];
		instance = argv[3];
	}

#ifndef WINDOWS
	if (!(userpw = getpwuid(getuid()))) {
		Log("error-realuser", owner, user, instance);
		OUTPUT_ERROR("couldn't get real username\n");
		exit(1);
	}

	if (!owner) {
		owner = strdup(userpw->pw_name);
	} else if (getuid() != 0 && strcmp(owner, userpw->pw_name)) {
		Log("error-mismatch", owner, user, instance);
		OUTPUT_ERROR("owner does not match and you are not root\n");
		exit(1);
	}
#else
	/* No security on windows! Force owner to 'common' */
	owner = strdup("common");
#endif

	if (check_element(owner)) {
		Log("error-owner", owner, user, instance);
		OUTPUT_ERROR("error on owner: %s\n", check_element(owner));
		exit(1);
	}
	if (check_element(user)) {
		Log("error-user", owner, user, instance);
		OUTPUT_ERROR("error on user: %s\n", check_element(user));
		exit(1);
	}
	if (check_element(instance)) {
		Log("error-instance", owner, user, instance);
		OUTPUT_ERROR("error on instance: %s\n", check_element(instance));
		exit(1);
	}

	Log("decrypt", owner, user, instance);

	sprintf(filename, DATADIR DIRSEP "keys" DIRSEP "%s" DIRSEP "%s" DIRSEP "%s", owner, user, instance);

	encrypted = FileToDataBlock(filename);

	hk = FetchHostKey();
	decrypted = wrap_blowfish(hk, encrypted, BF_DECRYPT);
	FreeDataBlock(hk);

	printf("%s\n", decrypted->data);
	FreeDataBlock(decrypted);
	FreeDataBlock(encrypted);
	exit(0);
}
Example #19
0
int main(int argc, char *argv[])
{
	char *user = NULL, *instance = NULL, *owner = NULL;
#ifndef WINDOWS
	struct passwd *userpw;
#endif

	if ((argc == 2 || argc > 4) && !strcmp(argv[1], "-h")) {
		fprintf(stderr, "Usage:\n");
		fprintf(stderr, "\t%s <owner> <user> <instance>\n", argv[0]);
		fprintf(stderr, "\t<owner> is the owner to list (optional)\n");
		fprintf(stderr, "\t<user> is the user to list (optional)\n");
		fprintf(stderr, "\t<instance> is the instance to list (optional)\n");
		exit(1);
	}
#ifndef WINDOWS
	if (!(userpw = getpwuid(getuid()))) {
		OUTPUT_ERROR("couldn't get real username\n");
		exit(1);
	}
#endif

	if (argc > 1) {
		owner = argv[1];
	}

	if (argc > 2) {
		user = argv[2];
	}

	if (argc > 3) {
		instance = argv[3];
	}
#ifndef WINDOWS
	if (getuid() != 0 && !owner) {
		owner = strdup(userpw->pw_name);
	}

	if (getuid() != 0 && owner && strcmp(owner, userpw->pw_name)) {
		Log("error-mismatch", owner, user, instance);
		OUTPUT_ERROR("owner does not match and you are not root\n");
		exit(1);
	}
#else
	/* owner forced to 'common' on windows */
	owner = strdup("common");
#endif

	if (owner && check_element(owner)) {
		Log("error-owner", owner, user, instance);
		OUTPUT_ERROR("error on owner: %s\n", check_element(owner));
		exit(1);
	}
	if (user && check_element(user)) {
		Log("error-user", owner, user, instance);
		OUTPUT_ERROR("error on user: %s\n", check_element(user));
		exit(1);
	}
	if (instance && check_element(instance)) {
		Log("error-instance", owner, user, instance);
		OUTPUT_ERROR("error on instance: %s\n", check_element(instance));
		exit(1);
	}

	Log("list", owner ? owner : "*", user ? user : "******", instance ? instance : "*");

	scan_owners(owner, user, instance);
	exit(0);
}
Example #20
0
int main(int argc, char *argv[])
{
	char *owner, *user, *instance;
	char filename[400];
	struct DataBlock *data, *encrypted, *hk;
#ifndef WINDOWS
	struct passwd *userpw;
#endif
	int curlen = 0;
	char buf[MAX_DATA_LEN] = "";
	char passwd[MAX_DATA_LEN] = "";
	int i;

	umask(077);

	if (argc != 4) {
		fprintf(stderr, "Usage:\n");
		fprintf(stderr, "\t%s <owner> <user> <instance>\n", argv[0]);
		fprintf(stderr, "\t<owner> is the owner userid of this userid/password\n");
#ifdef WINDOWS
		fprintf(stderr, "\t<owner> is ignored on windows builds\n");
#endif
		fprintf(stderr, "\t<user> is the userid for this password\n");
		fprintf(stderr, "\t<instance> is the particular instance\n");
		fprintf(stderr, "\t<password> is passed via stdin\n");
		exit(1);
	}

	owner = argv[1];
	user = argv[2];
	instance = argv[3];

	/* Check if valid */
	if (!owner || !user || !instance) {
		Log("error-parameters", owner, user, instance);
		OUTPUT_ERROR("Invalid parameters.\n");
		exit(1);
	}

	if (check_element(owner)) {
		Log("error-owner", owner, user, instance);
		OUTPUT_ERROR("error on owner: %s\n", check_element(owner));
		exit(1);
	}
	if (check_element(user)) {
		Log("error-user", owner, user, instance);
		OUTPUT_ERROR("error on user: %s\n", check_element(user));
		exit(1);
	}
	if (check_element(instance)) {
		Log("error-instance", owner, user, instance);
		OUTPUT_ERROR("error on instance: %s\n", check_element(instance));
		exit(1);
	}
#ifndef WINDOWS
	if (!(userpw = getpwuid(getuid()))) {
		Log("error-username", owner, user, instance);
		OUTPUT_ERROR("couldn't get real username\n");
		exit(1);
	}

	if (getuid() != 0 && strcmp(owner, userpw->pw_name)) {
		Log("error-mismatch", owner, user, instance);
		OUTPUT_ERROR("owner does not match and you are not root\n");
		exit(1);
	}
#else
	/* No security on windows! Force owner to 'common' */
	owner = strdup("common");
#endif

	buf[0] = 0;
	curlen = 0;
	passwd[0] = 0;

	while (curlen < (MAX_DATA_LEN - 1000)) {
		i = read(fileno(stdin), buf, 1000);
		if (i > 0) {
			memcpy(passwd + curlen, buf, i);
			curlen += i;
		} else {
			break;
		}
	}

	if (curlen == 0) {
		Log("error-pwlen", owner, user, instance);
		OUTPUT_ERROR("error on password: must be specified\n");
		exit(1);
	}

	if (check_content(passwd)) {
		Log("error-pw", owner, user, instance);
		OUTPUT_ERROR("error on password: %s\n", check_content(passwd));
		exit(1);
	}

	data = AllocDataBlock();
	data->data = (unsigned char *)passwd;
	data->length = strlen(passwd) + 1;

#ifndef WINDOWS
#define MKDIR(x,y) mkdir(x,y)
#else
#define MKDIR(x,y) mkdir(x)
#endif

	/* Make each directory and build the file name */
	sprintf(filename, DATADIR DIRSEP "keys" DIRSEP "%s", owner);
	if (MKDIR(filename, 0755) == -1 && errno != EEXIST) {
		Log("error-mkdir1", owner, user, instance);
		OUTPUT_ERROR("couldn't create dir (%s)\n", filename);
		exit(1);
	}

	sprintf(filename, DATADIR DIRSEP "keys" DIRSEP "%s" DIRSEP "%s", owner, user);
	if (MKDIR(filename, 0755) == -1 && errno != EEXIST) {
		Log("error-mkdir2", owner, user, instance);
		OUTPUT_ERROR("couldn't create dir (%s)\n", filename);
		exit(1);
	}

	sprintf(filename, DATADIR DIRSEP "keys" DIRSEP "%s" DIRSEP "%s" DIRSEP "%s", owner, user, instance);

	Log("encrypt", owner, user, instance);
	hk = FetchHostKey();

	encrypted = wrap_blowfish(hk, data, BF_ENCRYPT);
	FreeDataBlock(hk);

	DataBlockToFile(filename, encrypted);
	FreeDataBlock(encrypted);

	data->data = 0;
	FreeDataBlock(data);

	exit(0);
}