3 files changed, 215 insertions, 2 deletions

diff --git a/src/analysis/db/Makefile.am b/src/analysis/db/Makefile.am
index 797025c..7e9f177 100755
--- a/src/analysis/db/Makefile.am
+++ b/src/analysis/db/Makefile.am
@@ -1,5 +1,6 @@
 
-noinst_LTLIBRARIES  = libanalysisdb.la
+noinst_LTLIBRARIES  = libanalysisdb.la libanalysiskeys.la
+
 
 libanalysisdb_la_SOURCES =				\
 	cdb.h cdb.c							\
@@ -15,10 +16,19 @@ libanalysisdb_la_LIBADD =				\
 	items/libanalysisdbitems.la			\
 	misc/libanalysisdbmisc.la
 
-
 libanalysisdb_la_LDFLAGS = 
 
 
+libanalysiskeys_la_SOURCES =			\
+	keymgn.h keymgn.c
+
+libanalysiskeys_la_LIBADD =
+
+libanalysiskeys_la_CFLAGS = $(LIBSSL_CFLAGS)
+
+libanalysiskeys_la_LDFLAGS = $(LIBSSL_LIBS)
+
+
 AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBARCHIVE_CFLAGS) $(LIBSQLITE_CFLAGS)
 
 AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/src/analysis/db/keymgn.c b/src/analysis/db/keymgn.c
new file mode 100644
index 0000000..bcd8d28
--- /dev/null
+++ b/src/analysis/db/keymgn.c
@@ -0,0 +1,166 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.c - mise en place et gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ *  This file is part of Chrysalide.
+ *
+ *  OpenIDA is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  OpenIDA is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "keymgn.h"
+
+
+#include <glib.h>
+#include <malloc.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+
+
+#include <i18n.h>
+
+
+#include "../../common/xdg.h"
+
+
+
+/* Met en place de nouvelles clefs RSA. */
+static bool generate_user_rsa_keys(const char *, const char *);
+
+
+
+/******************************************************************************
+*                                                                             *
+*  Paramètres  : -                                                            *
+*                                                                             *
+*  Description : S'assure que l'utilisateur dispose de clefs RSA.             *
+*                                                                             *
+*  Retour      : Bilan de l'opération.                                        *
+*                                                                             *
+*  Remarques   : -                                                            *
+*                                                                             *
+******************************************************************************/
+
+bool ensure_user_has_rsa_keys(void)
+{
+    bool result;                            /* Bilan à retourner           */
+    char *priv;                             /* Chemin de la clef privée    */
+    char *pub;                              /* Chemin de la clef publique  */
+    int priv_check;                         /* Bilan d'une vérification #1 */
+    int pub_check;                          /* Bilan d'une vérification #2 */
+
+    result = NULL;
+
+    priv = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.priv");
+    pub = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.pub");
+
+    priv_check = access(priv, R_OK);
+    pub_check = access(pub, R_OK);
+
+    result = (priv_check == 0 && pub_check == 0);
+
+    if (!result)
+    {
+        result = generate_user_rsa_keys(priv, pub);
+
+        if (!result)
+            fprintf(stderr, _("Unable to create new user RSA key pair."));
+
+    }
+
+    free(priv);
+    free(pub);
+
+    return result;
+
+}
+
+
+/******************************************************************************
+*                                                                             *
+*  Paramètres  : priv = chemin d'accès pour la clef privée.                   *
+*                pub  = chemin d'accès pour la clef publique.                 *
+*                                                                             *
+*  Description : Met en place de nouvelles clefs RSA.                         *
+*                                                                             *
+*  Retour      : Bilan de l'opération.                                        *
+*                                                                             *
+*  Remarques   : -                                                            *
+*                                                                             *
+******************************************************************************/
+
+static bool generate_user_rsa_keys(const char *priv, const char *pub)
+{
+    bool result;                            /* Bilan à retourner           */
+    EVP_PKEY_CTX *ctx;                      /* Contexte de génération      */
+    int ret;                                /* Bilan d'un appel            */
+    EVP_PKEY *pair;                         /* Paire de clefs RSA générée  */
+    char *filename;                         /* Chemin d'accès              */
+    FILE *stream;                           /* Flux ouvert en écriture     */
+
+    result = false;
+
+    /**
+     * Cf. https://www.openssl.org/docs/manmaster/crypto/EVP_PKEY_keygen.html
+     */
+
+    ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+    if (ctx == NULL) goto euhrk_exit;
+
+    ret = EVP_PKEY_keygen_init(ctx);
+    if (ret != 1) goto euhrk_exit;
+
+    ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048);
+    if (ret != 1) goto euhrk_exit;
+
+    ret = EVP_PKEY_keygen(ctx, &pair);
+    if (ret != 1) goto euhrk_exit;
+
+    /* Clef privée */
+
+    stream = fopen(priv, "wt");
+    if (stream == NULL) goto euhrk_bad_write;
+
+    ret = PEM_write_PrivateKey(stream, pair, NULL, NULL, 0, NULL, NULL);
+    if (ret != 1) goto euhrk_bad_write;
+
+    fclose(stream);
+
+    /* Clef publique */
+
+    stream = fopen(pub, "wt");
+    if (stream == NULL) goto euhrk_bad_write;
+
+    ret = PEM_write_PUBKEY(stream, pair);
+    if (ret != 1) goto euhrk_bad_write;
+
+    result = true;
+
+ euhrk_bad_write:
+
+    fclose(stream);
+
+    EVP_PKEY_free(pair);
+
+ euhrk_exit:
+
+    EVP_PKEY_CTX_free(ctx);
+
+    return result;
+
+}
diff --git a/src/analysis/db/keymgn.h b/src/analysis/db/keymgn.h
new file mode 100644
index 0000000..4aa33db
--- /dev/null
+++ b/src/analysis/db/keymgn.h
@@ -0,0 +1,37 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.h - prototypes pour la mise en place et la gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ *  This file is part of Chrysalide.
+ *
+ *  OpenIDA is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  OpenIDA is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _ANALYSIS_DB_KEYMGN_H
+#define _ANALYSIS_DB_KEYMGN_H
+
+
+#include <stdbool.h>
+
+
+
+/* S'assure que l'utilisateur dispose de clefs RSA. */
+bool ensure_user_has_rsa_keys(void);
+
+
+
+#endif  /* _ANALYSIS_DB_KEYMGN_H */