/** * secrets_writeKeys * * This routine writes into a binary file the AES encryption key * and the AES Init Vector * * @param secret_file The file with secret keys * @return 0 on success and 1 on failure */ int secrets_writeKeys(char *secret_file) { int fd; MAXKEYS key; /* Open for writing | Create | Truncate the file for writing */ if ((fd = open(secret_file, O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR)) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed opening secret " "file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); return 1; } srand(time(NULL)); secrets_random_str(key.enckey, MAXSCALE_KEYLEN); secrets_random_str(key.initvector, MAXSCALE_IV_LEN); /* Write data */ if (write(fd, &key, sizeof(key)) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed writing into " "secret file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); return 1; } /* close file */ if (close(fd) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed closing the " "secret file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); } chmod(secret_file, S_IRUSR); return 0; }
/** * secrets_writeKeys * * This routine writes into a binary file the AES encryption key * and the AES Init Vector * * @param secret_file The file with secret keys * @return 0 on success and 1 on failure */ int secrets_writeKeys(char *path) { int fd,randfd; unsigned int randval; MAXKEYS key; char secret_file[PATH_MAX + 10]; if(strlen(path) > PATH_MAX) { skygw_log_write(LOGFILE_ERROR,"Error: Pathname too long."); return 1; } sprintf(secret_file,"%s/.secrets",path); /* Open for writing | Create | Truncate the file for writing */ if ((fd = open(secret_file, O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR)) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed opening secret " "file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); return 1; } /* Open for writing | Create | Truncate the file for writing */ if ((randfd = open("/dev/random", O_RDONLY)) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed opening /dev/random. Error %d, %s.", errno, strerror(errno)))); close(fd); return 1; } if(read(randfd,(void*)&randval,sizeof(unsigned int)) < 1) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed to read /dev/random."))); close(fd); close(randfd); return 1; } close(randfd); srand(randval); secrets_random_str(key.enckey, MAXSCALE_KEYLEN); secrets_random_str(key.initvector, MAXSCALE_IV_LEN); /* Write data */ if (write(fd, &key, sizeof(key)) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed writing into " "secret file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); close(fd); return 1; } /* close file */ if (close(fd) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed closing the " "secret file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); } if( chmod(secret_file, S_IRUSR) < 0) { LOGIF(LE, (skygw_log_write_flush( LOGFILE_ERROR, "Error : failed to change the permissions of the" "secret file [%s]. Error %d, %s.", secret_file, errno, strerror(errno)))); } return 0; }