/* read a keyring and return it */ static void * readkeyring(netpgp_t *netpgp, const char *name) { pgp_keyring_t *keyring; const unsigned noarmor = 0; char f[MAXPATHLEN]; char *filename; char *homedir; homedir = netpgp_getvar(netpgp, "homedir"); if ((filename = netpgp_getvar(netpgp, name)) == NULL) { (void) snprintf(f, sizeof(f), "%s/%s.gpg", homedir, name); filename = f; } if ((keyring = calloc(1, sizeof(*keyring))) == NULL) { (void) fprintf(stderr, "readkeyring: bad alloc\n"); return NULL; } if (!pgp_keyring_fileread(keyring, noarmor, filename)) { free(keyring); (void) fprintf(stderr, "Can't read %s %s\n", name, filename); return NULL; } netpgp_setvar(netpgp, name, filename); return keyring; }
int main(int argc, char **argv) { struct stat st; netpgp_t netpgp; prog_t p; int homeset; int optindex; int ret; int ch; int i; (void) memset(&p, 0x0, sizeof(p)); (void) memset(&netpgp, 0x0, sizeof(netpgp)); homeset = 0; p.progname = argv[0]; p.numbits = DEFAULT_NUMBITS; if (argc < 2) { print_usage(usage, p.progname); exit(EXIT_ERROR); } /* set some defaults */ netpgp_setvar(&netpgp, "sshkeydir", "/etc/ssh"); netpgp_setvar(&netpgp, "res", "<stdout>"); netpgp_setvar(&netpgp, "hash", DEFAULT_HASH_ALG); netpgp_setvar(&netpgp, "format", "human"); optindex = 0; while ((ch = getopt_long(argc, argv, "S:Vglo:s", options, &optindex)) != -1) { if (ch >= LIST_KEYS) { /* getopt_long returns 0 for long options */ if (!setoption(&netpgp, &p, options[optindex].val, optarg, &homeset)) { (void) fprintf(stderr, "Bad setoption result %d\n", ch); } } else { switch (ch) { case 'S': netpgp_setvar(&netpgp, "ssh keys", "1"); netpgp_setvar(&netpgp, "sshkeyfile", optarg); break; case 'V': printf( "%s\nAll bug reports, praise and chocolate, please, to:\n%s\n", netpgp_get_info("version"), netpgp_get_info("maintainer")); exit(EXIT_SUCCESS); case 'g': p.cmd = GENERATE_KEY; break; case 'l': p.cmd = LIST_KEYS; break; case 'o': if (!parse_option(&netpgp, &p, optarg, &homeset)) { (void) fprintf(stderr, "Bad parse_option\n"); } break; case 's': p.cmd = LIST_SIGS; break; default: p.cmd = HELP_CMD; break; } } } if (!homeset) { netpgp_set_homedir(&netpgp, getenv("HOME"), netpgp_getvar(&netpgp, "ssh keys") ? "/.ssh" : "/.gnupg", 1); } /* initialise, and read keys from file */ if (!netpgp_init(&netpgp)) { if (stat(netpgp_getvar(&netpgp, "homedir"), &st) < 0) { (void) mkdir(netpgp_getvar(&netpgp, "homedir"), 0700); } if (stat(netpgp_getvar(&netpgp, "homedir"), &st) < 0) { (void) fprintf(stderr, "can't create home directory '%s'\n", netpgp_getvar(&netpgp, "homedir")); exit(EXIT_ERROR); } } /* now do the required action for each of the command line args */ ret = EXIT_SUCCESS; if (optind == argc) { if (!netpgp_cmd(&netpgp, &p, NULL)) { ret = EXIT_FAILURE; } } else { for (i = optind; i < argc; i++) { if (!netpgp_cmd(&netpgp, &p, argv[i])) { ret = EXIT_FAILURE; } } } netpgp_end(&netpgp); exit(ret); }
/* set the option */ static int setoption(netpgp_t *netpgp, prog_t *p, int val, char *arg, int *homeset) { switch (val) { case COREDUMPS: netpgp_setvar(netpgp, "coredumps", "allowed"); break; case GENERATE_KEY: netpgp_setvar(netpgp, "userid checks", "skip"); p->cmd = val; break; case LIST_KEYS: case LIST_SIGS: case FIND_KEY: case EXPORT_KEY: case IMPORT_KEY: case GET_KEY: case HELP_CMD: p->cmd = val; break; case VERSION_CMD: printf( "%s\nAll bug reports, praise and chocolate, please, to:\n%s\n", netpgp_get_info("version"), netpgp_get_info("maintainer")); exit(EXIT_SUCCESS); /* options */ case SSHKEYS: netpgp_setvar(netpgp, "ssh keys", "1"); break; case KEYRING: if (arg == NULL) { (void) fprintf(stderr, "No keyring argument provided\n"); exit(EXIT_ERROR); } snprintf(p->keyring, sizeof(p->keyring), "%s", arg); break; case USERID: if (optarg == NULL) { (void) fprintf(stderr, "no userid argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "userid", arg); break; case VERBOSE: netpgp_incvar(netpgp, "verbose", 1); break; case HOMEDIR: if (arg == NULL) { (void) fprintf(stderr, "no home directory argument provided\n"); exit(EXIT_ERROR); } netpgp_set_homedir(netpgp, arg, NULL, 0); *homeset = 1; break; case NUMBITS: if (arg == NULL) { (void) fprintf(stderr, "no number of bits argument provided\n"); exit(EXIT_ERROR); } p->numbits = atoi(arg); break; case HASH_ALG: if (arg == NULL) { (void) fprintf(stderr, "No hash algorithm argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "hash", arg); break; case PASSWDFD: if (arg == NULL) { (void) fprintf(stderr, "no pass-fd argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "pass-fd", arg); break; case RESULTS: if (arg == NULL) { (void) fprintf(stderr, "No output filename argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "res", arg); break; case SSHKEYFILE: netpgp_setvar(netpgp, "ssh keys", "1"); netpgp_setvar(netpgp, "sshkeyfile", arg); break; case FORMAT: netpgp_setvar(netpgp, "format", arg); break; case CIPHER: netpgp_setvar(netpgp, "cipher", arg); break; case OPS_DEBUG: netpgp_set_debug(arg); break; default: p->cmd = HELP_CMD; break; } return 1; }
/* read keys from ssh key files */ static int readsshkeys(netpgp_t *netpgp, char *homedir, const char *needseckey) { pgp_keyring_t *pubring; pgp_keyring_t *secring; struct stat st; unsigned hashtype; char *hash; char f[MAXPATHLEN]; char *filename; if ((filename = netpgp_getvar(netpgp, "sshkeyfile")) == NULL) { /* set reasonable default for RSA key */ (void) snprintf(f, sizeof(f), "%s/id_rsa.pub", homedir); filename = f; } else if (strcmp(&filename[strlen(filename) - 4], ".pub") != 0) { /* got ssh keys, check for pub file name */ (void) snprintf(f, sizeof(f), "%s.pub", filename); filename = f; } /* check the pub file exists */ if (stat(filename, &st) != 0) { (void) fprintf(stderr, "readsshkeys: bad pubkey filename '%s'\n", filename); return 0; } if ((pubring = calloc(1, sizeof(*pubring))) == NULL) { (void) fprintf(stderr, "readsshkeys: bad alloc\n"); return 0; } /* openssh2 keys use md5 by default */ hashtype = PGP_HASH_MD5; if ((hash = netpgp_getvar(netpgp, "hash")) != NULL) { /* openssh 2 hasn't really caught up to anything else yet */ if (netpgp_strcasecmp(hash, "md5") == 0) { hashtype = PGP_HASH_MD5; } else if (netpgp_strcasecmp(hash, "sha1") == 0) { hashtype = PGP_HASH_SHA1; } else if (netpgp_strcasecmp(hash, "sha256") == 0) { hashtype = PGP_HASH_SHA256; } } if (!pgp_ssh2_readkeys(netpgp->io, pubring, NULL, filename, NULL, hashtype)) { free(pubring); (void) fprintf(stderr, "readsshkeys: can't read %s\n", filename); return 0; } if (netpgp->pubring == NULL) { netpgp->pubring = pubring; } else { pgp_append_keyring(netpgp->pubring, pubring); } if (needseckey) { netpgp_setvar(netpgp, "sshpubfile", filename); /* try to take the ".pub" off the end */ if (filename == f) { f[strlen(f) - 4] = 0x0; } else { (void) snprintf(f, sizeof(f), "%.*s", (int)strlen(filename) - 4, filename); filename = f; } if ((secring = calloc(1, sizeof(*secring))) == NULL) { free(pubring); (void) fprintf(stderr, "readsshkeys: bad alloc\n"); return 0; } if (!pgp_ssh2_readkeys(netpgp->io, pubring, secring, NULL, filename, hashtype)) { free(pubring); free(secring); (void) fprintf(stderr, "readsshkeys: can't read sec %s\n", filename); return 0; } netpgp->secring = secring; netpgp_setvar(netpgp, "sshsecfile", filename); } return 1; }
int main(int argc, char **argv) { netpgp_t netpgp; prog_t p; int homeset; int optindex; int ret; int ch; int i; (void) memset(&p, 0x0, sizeof(p)); (void) memset(&netpgp, 0x0, sizeof(netpgp)); p.progname = argv[0]; p.overwrite = 1; p.output = NULL; if (argc < 2) { print_usage(usage, p.progname); exit(EXIT_ERROR); } /* set some defaults */ netpgp_setvar(&netpgp, "hash", DEFAULT_HASH_ALG); /* 4 MiB for a memory file */ netpgp_setvar(&netpgp, "max mem alloc", "4194304"); homeset = 0; optindex = 0; while ((ch = getopt_long(argc, argv, "S:Vdeo:sv", options, &optindex)) != -1) { if (ch >= ENCRYPT) { /* getopt_long returns 0 for long options */ if (!setoption(&netpgp, &p, options[optindex].val, optarg, &homeset)) { (void) fprintf(stderr, "Bad option\n"); } } else { switch (ch) { case 'S': netpgp_setvar(&netpgp, "ssh keys", "1"); netpgp_setvar(&netpgp, "sshkeyfile", optarg); break; case 'V': printf( "%s\nAll bug reports, praise and chocolate, please, to:\n%s\n", netpgp_get_info("version"), netpgp_get_info("maintainer")); exit(EXIT_SUCCESS); case 'd': /* for decryption, we need the seckey */ netpgp_setvar(&netpgp, "need seckey", "1"); p.cmd = DECRYPT; break; case 'e': /* for encryption, we need a userid */ netpgp_setvar(&netpgp, "need userid", "1"); p.cmd = ENCRYPT; break; case 'o': if (!parse_option(&netpgp, &p, optarg, &homeset)) { (void) fprintf(stderr, "Bad option\n"); } break; case 's': /* for signing, we need a userid and a seckey */ netpgp_setvar(&netpgp, "need seckey", "1"); netpgp_setvar(&netpgp, "need userid", "1"); p.cmd = SIGN; break; case 'v': p.cmd = VERIFY; break; default: p.cmd = HELP_CMD; break; } } } if (!homeset) { netpgp_set_homedir(&netpgp, getenv("HOME"), netpgp_getvar(&netpgp, "ssh keys") ? "/.ssh" : "/.gnupg", 1); } /* initialise, and read keys from file */ if (!netpgp_init(&netpgp)) { printf("can't initialise\n"); exit(EXIT_ERROR); } /* now do the required action for each of the command line args */ ret = EXIT_SUCCESS; if (optind == argc) { if (!netpgp_cmd(&netpgp, &p, NULL)) { ret = EXIT_FAILURE; } } else { for (i = optind; i < argc; i++) { if (!netpgp_cmd(&netpgp, &p, argv[i])) { ret = EXIT_FAILURE; } } } netpgp_end(&netpgp); exit(ret); }
/* set an option */ static int setoption(netpgp_t *netpgp, prog_t *p, int val, char *arg, int *homeset) { switch (val) { case COREDUMPS: netpgp_setvar(netpgp, "coredumps", "allowed"); break; case ENCRYPT: /* for encryption, we need a userid */ netpgp_setvar(netpgp, "need userid", "1"); p->cmd = val; break; case SIGN: case CLEARSIGN: /* for signing, we need a userid and a seckey */ netpgp_setvar(netpgp, "need seckey", "1"); netpgp_setvar(netpgp, "need userid", "1"); p->cmd = val; break; case DECRYPT: /* for decryption, we need a seckey */ netpgp_setvar(netpgp, "need seckey", "1"); p->cmd = val; break; case VERIFY: case VERIFY_CAT: case LIST_PACKETS: case SHOW_KEYS: case HELP_CMD: p->cmd = val; break; case VERSION_CMD: printf( "%s\nAll bug reports, praise and chocolate, please, to:\n%s\n", netpgp_get_info("version"), netpgp_get_info("maintainer")); exit(EXIT_SUCCESS); /* options */ case SSHKEYS: netpgp_setvar(netpgp, "ssh keys", "1"); break; case KEYRING: if (arg == NULL) { (void) fprintf(stderr, "No keyring argument provided\n"); exit(EXIT_ERROR); } snprintf(p->keyring, sizeof(p->keyring), "%s", arg); break; case USERID: if (arg == NULL) { (void) fprintf(stderr, "No userid argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "userid", arg); break; case ARMOUR: p->armour = 1; break; case DETACHED: p->detached = 1; break; case VERBOSE: netpgp_incvar(netpgp, "verbose", 1); break; case HOMEDIR: if (arg == NULL) { (void) fprintf(stderr, "No home directory argument provided\n"); exit(EXIT_ERROR); } netpgp_set_homedir(netpgp, arg, NULL, 0); *homeset = 1; break; case HASH_ALG: if (arg == NULL) { (void) fprintf(stderr, "No hash algorithm argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "hash", arg); break; case PASSWDFD: if (arg == NULL) { (void) fprintf(stderr, "No pass-fd argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "pass-fd", arg); break; case OUTPUT: if (arg == NULL) { (void) fprintf(stderr, "No output filename argument provided\n"); exit(EXIT_ERROR); } if (p->output) { (void) free(p->output); } p->output = strdup(arg); break; case RESULTS: if (arg == NULL) { (void) fprintf(stderr, "No output filename argument provided\n"); exit(EXIT_ERROR); } netpgp_setvar(netpgp, "results", arg); break; case SSHKEYFILE: netpgp_setvar(netpgp, "ssh keys", "1"); netpgp_setvar(netpgp, "sshkeyfile", arg); break; case MAX_MEM_ALLOC: netpgp_setvar(netpgp, "max mem alloc", arg); break; case DURATION: netpgp_setvar(netpgp, "duration", arg); break; case BIRTHTIME: netpgp_setvar(netpgp, "birthtime", arg); break; case CIPHER: netpgp_setvar(netpgp, "cipher", arg); break; case NUMTRIES: netpgp_setvar(netpgp, "numtries", arg); break; case OPS_DEBUG: netpgp_set_debug(arg); break; default: p->cmd = HELP_CMD; break; } return 1; }