int main (int argc, char **argv) { /* argv[1] is the file name */ char raw_sk[2*CCA_STRENGTH]; if (argc != 2) { usage (argv[0]); } else { setprogname (argv[0]); /* first, let's create a new symmetric key */ ri (); /* Note that since we'll need to do both AES-CBC-MAC and HMAC-SHA1, there are actuall *two* symmetric keys, which could, e.g., be stored contiguosly in a buffer */ prng_getbytes(raw_sk, 2*CCA_STRENGTH); /* now let's armor and dump to disk the symmetric key buffer */ write_skfile(argv[1], raw_sk, 2*CCA_STRENGTH); /* finally, let's scrub the buffer that held the random bits by overwriting with a bunch of 0's */ bzero(raw_sk, 2*CCA_STRENGTH); } return 0; }
/* Creates the directory and files for the certificate mechanism */ void pki_init(void) { int status; int fdca; dckey *ca = NULL; if ((((status = mkdir ("./.pki", 0700)) != -1) || (errno == EEXIST)) && ((fdca = open ("./.pki/ca.priv", O_WRONLY|O_TRUNC|O_CREAT, 0600)) != -1)) { close (fdca); fdca = -1; /* key_type and nbits should be command-line options, but are just hard-coded for now */ ca = dckeygen (DC_RABIN, 1024, NULL); /* now sk contains the newly created ca private key */ write_skfile ("./.pki/ca.priv", ca); write_pkfile ("./.pki/ca.pub", ca); } else if (errno == EACCES) { perror (getprogname ()); exit (1); } else usage (getprogname ()); }
int main (int argc, char **argv) { /* YOUR CODE HERE */ ssize_t raw_sklen = 32; char* skfname = argv[1]; if (argc != 2) { usage (argv[0]); } else { setprogname (argv[0]); /* first, let's create a new symmetric key */ ri (); /* Note that since we'll need to do both AES-CTR and AES-CBC-MAC, there are actuall *two* symmetric keys, which could, e.g., be stored contiguosly in a buffer */ /* YOUR CODE HERE */ char* buffer = (char*)malloc(raw_sklen * sizeof(char)); prng_getbytes(buffer, raw_sklen); /* now let's armor and dump to disk the symmetric key buffer */ /* YOUR CODE HERE */ write_skfile(skfname, buffer, raw_sklen); bzero(buffer, raw_sklen); free(buffer); /* finally, let's scrub the buffer that held the random bits by overwriting with a bunch of 0's */ } return 0; }
dckey * g_option (const char *sk_file) { char *raw_pk = NULL; dckey *pk = NULL; dckey *sk = dckeygen (DC_RABIN, 1024, NULL); write_skfile (sk_file, sk); if (!(raw_pk = dcexport_pub (sk)) || ! (pk = dcimport_pub (raw_pk))) { fprintf (stderr, "%s: trouble exporting public key\n", getprogname ()); check_n_free (&raw_pk); dcfree (sk); exit (1); } check_n_free (&raw_pk); return pk; }