summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog19
-rw-r--r--configure.ac15
-rwxr-xr-xsrc/analysis/Makefile.am1
-rwxr-xr-xsrc/analysis/db/Makefile.am14
-rw-r--r--src/analysis/db/keymgn.c166
-rw-r--r--src/analysis/db/keymgn.h37
-rw-r--r--src/core/core.c10
-rw-r--r--src/glibext/configuration.c4
8 files changed, 260 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 4b98bdc..a074ccd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,24 @@
16-04-09 Cyrille Bagard <nocbos@gmail.com>
+ * configure.ac:
+ Check for the availability of libSSL.
+
+ * src/analysis/Makefile.am:
+ Include db/libanalysiskeys.la into libanalysis_la_LIBADD.
+
+ * src/analysis/db/Makefile.am:
+ Define libanalysiskeys.la.
+
+ * src/analysis/db/keymgn.c:
+ * src/analysis/db/keymgn.h:
+ New entries: create user public and private RSA keys if needed.
+
+ * src/core/core.c:
+ * src/glibext/configuration.c:
+ Update code.
+
+16-04-09 Cyrille Bagard <nocbos@gmail.com>
+
* .gitignore:
Hide resources built by glib-compile-resources.
diff --git a/configure.ac b/configure.ac
index 6c7a62e..e326fe8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -220,6 +220,20 @@ AC_SUBST(LIBSQLITE_CFLAGS)
AC_SUBST(LIBSQLITE_LIBS)
+#--- Checks for libssl
+
+PKG_CHECK_MODULES(LIBSSL,libssl >= 1.0.1k,[libssl_found=yes],[libssl_found=no])
+
+if test "$libssl_found" = "yes"; then
+ libssl_version=`pkg-config libssl --modversion`
+else
+ libssl_version='-'
+fi
+
+AC_SUBST(LIBSSL_CFLAGS)
+AC_SUBST(LIBSSL_LIBS)
+
+
#--- Checks for Python
if test "x$enable_debug" = "xyes"; then
@@ -400,6 +414,7 @@ echo The GNU Image Manipulation Program Toolkit... : $libgtk_version
echo The XML C parser and toolkit of Gnome........ : $libxml_version
echo The flexible interface for archives I/O...... : $libarchive_version
echo The small, fast and reliable database engine. : $libsqlite_version
+echo The cryptography and SSL/TLS toolkit......... : $libssl_version
echo
echo Available Python programming language........ : $python3_version
diff --git a/src/analysis/Makefile.am b/src/analysis/Makefile.am
index 0b65bbe..c143e1b 100755
--- a/src/analysis/Makefile.am
+++ b/src/analysis/Makefile.am
@@ -18,6 +18,7 @@ libanalysis_la_LIBADD = \
blocks/libanalysisblocks.la \
contents/libanalysiscontents.la \
db/libanalysisdb.la \
+ db/libanalysiskeys.la \
decomp/libanalysisdecomp.la \
disass/libanalysisdisass.la \
types/libanalysistypes.la
diff --git a/src/analysis/db/Makefile.am b/src/analysis/db/Makefile.am
index 797025c..7e9f177 100755
--- a/src/analysis/db/Makefile.am
+++ b/src/analysis/db/Makefile.am
@@ -1,5 +1,6 @@
-noinst_LTLIBRARIES = libanalysisdb.la
+noinst_LTLIBRARIES = libanalysisdb.la libanalysiskeys.la
+
libanalysisdb_la_SOURCES = \
cdb.h cdb.c \
@@ -15,10 +16,19 @@ libanalysisdb_la_LIBADD = \
items/libanalysisdbitems.la \
misc/libanalysisdbmisc.la
-
libanalysisdb_la_LDFLAGS =
+libanalysiskeys_la_SOURCES = \
+ keymgn.h keymgn.c
+
+libanalysiskeys_la_LIBADD =
+
+libanalysiskeys_la_CFLAGS = $(LIBSSL_CFLAGS)
+
+libanalysiskeys_la_LDFLAGS = $(LIBSSL_LIBS)
+
+
AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBARCHIVE_CFLAGS) $(LIBSQLITE_CFLAGS)
AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/src/analysis/db/keymgn.c b/src/analysis/db/keymgn.c
new file mode 100644
index 0000000..bcd8d28
--- /dev/null
+++ b/src/analysis/db/keymgn.c
@@ -0,0 +1,166 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.c - mise en place et gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "keymgn.h"
+
+
+#include <glib.h>
+#include <malloc.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+
+
+#include <i18n.h>
+
+
+#include "../../common/xdg.h"
+
+
+
+/* Met en place de nouvelles clefs RSA. */
+static bool generate_user_rsa_keys(const char *, const char *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : S'assure que l'utilisateur dispose de clefs RSA. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool ensure_user_has_rsa_keys(void)
+{
+ bool result; /* Bilan à retourner */
+ char *priv; /* Chemin de la clef privée */
+ char *pub; /* Chemin de la clef publique */
+ int priv_check; /* Bilan d'une vérification #1 */
+ int pub_check; /* Bilan d'une vérification #2 */
+
+ result = NULL;
+
+ priv = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.priv");
+ pub = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.pub");
+
+ priv_check = access(priv, R_OK);
+ pub_check = access(pub, R_OK);
+
+ result = (priv_check == 0 && pub_check == 0);
+
+ if (!result)
+ {
+ result = generate_user_rsa_keys(priv, pub);
+
+ if (!result)
+ fprintf(stderr, _("Unable to create new user RSA key pair."));
+
+ }
+
+ free(priv);
+ free(pub);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : priv = chemin d'accès pour la clef privée. *
+* pub = chemin d'accès pour la clef publique. *
+* *
+* Description : Met en place de nouvelles clefs RSA. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool generate_user_rsa_keys(const char *priv, const char *pub)
+{
+ bool result; /* Bilan à retourner */
+ EVP_PKEY_CTX *ctx; /* Contexte de génération */
+ int ret; /* Bilan d'un appel */
+ EVP_PKEY *pair; /* Paire de clefs RSA générée */
+ char *filename; /* Chemin d'accès */
+ FILE *stream; /* Flux ouvert en écriture */
+
+ result = false;
+
+ /**
+ * Cf. https://www.openssl.org/docs/manmaster/crypto/EVP_PKEY_keygen.html
+ */
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (ctx == NULL) goto euhrk_exit;
+
+ ret = EVP_PKEY_keygen_init(ctx);
+ if (ret != 1) goto euhrk_exit;
+
+ ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048);
+ if (ret != 1) goto euhrk_exit;
+
+ ret = EVP_PKEY_keygen(ctx, &pair);
+ if (ret != 1) goto euhrk_exit;
+
+ /* Clef privée */
+
+ stream = fopen(priv, "wt");
+ if (stream == NULL) goto euhrk_bad_write;
+
+ ret = PEM_write_PrivateKey(stream, pair, NULL, NULL, 0, NULL, NULL);
+ if (ret != 1) goto euhrk_bad_write;
+
+ fclose(stream);
+
+ /* Clef publique */
+
+ stream = fopen(pub, "wt");
+ if (stream == NULL) goto euhrk_bad_write;
+
+ ret = PEM_write_PUBKEY(stream, pair);
+ if (ret != 1) goto euhrk_bad_write;
+
+ result = true;
+
+ euhrk_bad_write:
+
+ fclose(stream);
+
+ EVP_PKEY_free(pair);
+
+ euhrk_exit:
+
+ EVP_PKEY_CTX_free(ctx);
+
+ return result;
+
+}
diff --git a/src/analysis/db/keymgn.h b/src/analysis/db/keymgn.h
new file mode 100644
index 0000000..4aa33db
--- /dev/null
+++ b/src/analysis/db/keymgn.h
@@ -0,0 +1,37 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.h - prototypes pour la mise en place et la gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _ANALYSIS_DB_KEYMGN_H
+#define _ANALYSIS_DB_KEYMGN_H
+
+
+#include <stdbool.h>
+
+
+
+/* S'assure que l'utilisateur dispose de clefs RSA. */
+bool ensure_user_has_rsa_keys(void);
+
+
+
+#endif /* _ANALYSIS_DB_KEYMGN_H */
diff --git a/src/core/core.c b/src/core/core.c
index 0460a23..ec7b0fc 100644
--- a/src/core/core.c
+++ b/src/core/core.c
@@ -31,6 +31,9 @@
#include "formats.h"
#include "params.h"
#include "processors.h"
+#include "../analysis/db/keymgn.h"
+#include "../common/io.h"
+#include "../common/xdg.h"
#include "../gtkext/support.h"
@@ -50,6 +53,7 @@
bool load_all_basic_components(void)
{
static bool result = false; /* Bilan à retourner */
+ char *cfgdir; /* Répertoire de configuration */
/**
* On mémorise les passages réussis.
@@ -61,8 +65,14 @@ bool load_all_basic_components(void)
add_pixmap_directory(PACKAGE_DATA_DIR);
add_pixmap_directory(PACKAGE_SOURCE_DIR G_DIR_SEPARATOR_S "pixmaps");
+ cfgdir = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "chrysalide");
+ result &= (ensure_path_exists(cfgdir) == 0);
+ free(cfgdir);
+
result &= load_main_config_parameters();
+ result &= ensure_user_has_rsa_keys();
+
result &= g_generic_config_read(get_main_configuration());
result &= load_hard_coded_processors_definitions();
diff --git a/src/glibext/configuration.c b/src/glibext/configuration.c
index 069dbc3..d8547a6 100644
--- a/src/glibext/configuration.c
+++ b/src/glibext/configuration.c
@@ -1287,14 +1287,10 @@ bool g_generic_config_read(GGenConfig *config)
bool g_generic_config_write(GGenConfig *config)
{
bool result; /* Bilan à retourner */
- int ret; /* Bilan de l'assurance */
xmlDocPtr xdoc; /* Document XML de configurat° */
xmlXPathContextPtr context; /* Contexte de recherche XPath */
GList *iter; /* Boucle de parcours */
- ret = ensure_path_exists(config->filename);
- if (ret != 0) return false;
-
if (!create_new_xml_file(&xdoc, &context))
return false;