/**
* Initialize crypto library, generate keys
*/
void key_init()
{
unsigned char *prf_buf;
time_t t;
uint32_t t2;
int explen, len;
if (keytype == KEY_NONE) {
return;
}
set_sys_keys(sys_keys);
get_key_info(keytype, &keylen, &ivlen);
hmaclen = get_hash_len(hashtype);
memset(groupkey, 0, sizeof(groupkey));
memset(groupsalt, 0, sizeof(groupsalt));
memset(grouphmackey, 0, sizeof(grouphmackey));
if (!get_random_bytes(groupmaster, sizeof(groupmaster))) {
log(0, 0, "Failed to generate group master");
exit(1);
}
groupmaster[0] = UFTP_VER_NUM;
if (!get_random_bytes(rand1, sizeof(rand1))) {
log(0, 0, "Failed to generate rand1");
exit(1);
}
// Sets the first 4 bytes of rand1 to the current time
t = time(NULL);
t2 = (uint32_t)(t & 0xFFFFFFFF);
*(uint32_t *)rand1 = t2;
explen = hmaclen + keylen + ivlen;
prf_buf = calloc(explen + hmaclen, 1);
if (prf_buf == NULL) {
syserror(0, 0, "calloc failed!");
exit(1);
}
PRF(hashtype, explen, groupmaster, sizeof(groupmaster), "key expansion",
rand1, sizeof(rand1), prf_buf, &len);
memcpy(grouphmackey, prf_buf, hmaclen);
memcpy(groupkey, prf_buf + hmaclen, keylen);
memcpy(groupsalt, prf_buf + hmaclen + keylen, ivlen);
free(prf_buf);
if ((!strcmp(keyfile, "")) || (newkeylen != 0)) {
privkey = gen_RSA_key(newkeylen, RSA_EXP, keyfile);
} else {
privkey = read_RSA_key(keyfile);
}
if (!privkey) {
log(0, 0, "Failed to read/generate private key");
exit(1);
}
rsalen = RSA_keylen(privkey);
}
/**
* Initialize crypto library, generate keys
*/
void key_init()
{
#ifndef NO_ENCRYPTION
int i;
crypto_init(sys_keys);
if ((keyfile_count == 0) || (newkeylen != 0)) {
privkey[0] = gen_RSA_key(newkeylen, RSA_EXP, keyfile[0]);
if (!privkey[0]) {
exit(1);
}
key_count = 1;
} else {
for (i = 0; i < keyfile_count; i++) {
privkey[key_count] = read_RSA_key(keyfile[i]);
if (!privkey[key_count]) {
exit(1);
}
key_count++;
}
}
#endif
}
/**
* Initialize crypto library, generate keys
*/
void key_init(void)
{
unsigned char *prf_buf;
time_t t;
uint32_t t2;
int explen, len;
if (keytype == KEY_NONE) {
return;
}
set_sys_keys(sys_keys);
get_key_info(keytype, &keylen, &ivlen);
hmaclen = get_hash_len(hashtype);
memset(groupkey, 0, sizeof(groupkey));
memset(groupsalt, 0, sizeof(groupsalt));
memset(grouphmackey, 0, sizeof(grouphmackey));
if (!get_random_bytes(groupmaster, sizeof(groupmaster))) {
log0(0, 0, 0, "Failed to generate group master");
exit(ERR_CRYPTO);
}
groupmaster[0] = UFTP_VER_NUM;
if (!get_random_bytes(rand1, sizeof(rand1))) {
log0(0, 0, 0, "Failed to generate rand1");
exit(ERR_CRYPTO);
}
// Sets the first 4 bytes of rand1 to the current time
t = time(NULL);
t2 = (uint32_t)(t & 0xFFFFFFFF);
*(uint32_t *)rand1 = t2;
explen = hmaclen + keylen + SALT_LEN;
prf_buf = safe_calloc(explen + hmaclen, 1);
PRF(hashtype, explen, groupmaster, sizeof(groupmaster), "key expansion",
rand1, sizeof(rand1), prf_buf, &len);
memcpy(grouphmackey, prf_buf, hmaclen);
memcpy(groupkey, prf_buf + hmaclen, keylen);
memcpy(groupsalt, prf_buf + hmaclen + keylen, SALT_LEN);
ivctr = 0;
free(prf_buf);
if ((keyextype == KEYEX_RSA) || (keyextype == KEYEX_ECDH_RSA)) {
if ((!strcmp(keyfile, "")) || (newkeylen != 0)) {
privkey.rsa = gen_RSA_key(newkeylen, RSA_EXP, keyfile);
} else {
privkey.rsa = read_RSA_key(keyfile);
}
if (!privkey.key) {
log0(0, 0, 0, "Failed to read/generate private key");
exit(ERR_CRYPTO);
}
privkeylen = RSA_keylen(privkey.rsa);
} else {
if ((!strcmp(keyfile, "")) || (ecdsa_curve != 0)) {
privkey.ec = gen_EC_key(ecdsa_curve, 0, keyfile);
} else {
privkey.ec = read_EC_key(keyfile);
}
if (!privkey.key) {
log0(0, 0, 0, "Failed to read/generate private key");
exit(ERR_CRYPTO);
}
privkeylen = ECDSA_siglen(privkey.ec);
}
if ((keyextype == KEYEX_ECDH_RSA) || (keyextype == KEYEX_ECDH_ECDSA)) {
dhkey.ec = gen_EC_key(ecdh_curve, 1, NULL);
if (!dhkey.key) {
log0(0, 0, 0, "Failed to generate DH key");
exit(ERR_CRYPTO);
}
}
}
/**
* Initialize crypto library, generate keys
*/
void key_init(void)
{
#ifndef NO_ENCRYPTION
char *keyname;
int size, i;
uint8_t curve;
crypto_init(sys_keys);
if ((keyfile_count == 0) && (keyinfo_count == 0)) {
privkey[0].rsa = gen_RSA_key(0, RSA_EXP, NULL);
if (!privkey[0].key) {
exit(ERR_CRYPTO);
}
privkey_type[0] = KEYBLOB_RSA;
key_count = 1;
} else if (keyinfo_count != 0) {
key_count = 0;
for (i = 0; i < keyinfo_count; i++) {
if (keyfile_count <= i) {
keyname = NULL;
} else {
keyname = keyfile[i];
}
if (!strncmp(keyinfo[i], "ec:", 3)) {
curve = get_curve(&keyinfo[i][3]);
if (curve == 0) {
log0(0, 0, 0, "Invalid EC curve: %s", &keyinfo[i][3]);
exit(ERR_PARAM);
}
privkey[key_count].ec = gen_EC_key(curve, 0, keyname);
privkey_type[key_count] = KEYBLOB_EC;
if (!privkey[key_count].key) {
exit(ERR_CRYPTO);
}
} else if (!strncmp(keyinfo[i], "rsa:", 4)) {
size = atoi(&keyinfo[i][4]);
if ((size < 512) || (size > 2048)) {
log0(0, 0, 0, "Invalid RSA key size: %s", &keyinfo[i][4]);
exit(ERR_PARAM);
}
privkey[key_count].rsa = gen_RSA_key(size, RSA_EXP, keyname);
privkey_type[key_count] = KEYBLOB_RSA;
if (!privkey[key_count].key) {
exit(ERR_CRYPTO);
}
} else {
log0(0, 0, 0, "Invalid keyinfo entry: %s", keyinfo[i]);
exit(ERR_PARAM);
}
key_count++;
}
} else {
for (i = 0; i < keyfile_count; i++) {
privkey[key_count] =
read_private_key(keyfile[i], &privkey_type[key_count]);
if (privkey_type[key_count] == 0) {
exit(ERR_CRYPTO);
}
key_count++;
}
}
#endif
}