summaryrefslogtreecommitdiff
path: root/src/analysis/db
diff options
context:
space:
mode:
Diffstat (limited to 'src/analysis/db')
-rwxr-xr-xsrc/analysis/db/Makefile.am14
-rw-r--r--src/analysis/db/keymgn.c166
-rw-r--r--src/analysis/db/keymgn.h37
3 files changed, 215 insertions, 2 deletions
diff --git a/src/analysis/db/Makefile.am b/src/analysis/db/Makefile.am
index 797025c..7e9f177 100755
--- a/src/analysis/db/Makefile.am
+++ b/src/analysis/db/Makefile.am
@@ -1,5 +1,6 @@
-noinst_LTLIBRARIES = libanalysisdb.la
+noinst_LTLIBRARIES = libanalysisdb.la libanalysiskeys.la
+
libanalysisdb_la_SOURCES = \
cdb.h cdb.c \
@@ -15,10 +16,19 @@ libanalysisdb_la_LIBADD = \
items/libanalysisdbitems.la \
misc/libanalysisdbmisc.la
-
libanalysisdb_la_LDFLAGS =
+libanalysiskeys_la_SOURCES = \
+ keymgn.h keymgn.c
+
+libanalysiskeys_la_LIBADD =
+
+libanalysiskeys_la_CFLAGS = $(LIBSSL_CFLAGS)
+
+libanalysiskeys_la_LDFLAGS = $(LIBSSL_LIBS)
+
+
AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBARCHIVE_CFLAGS) $(LIBSQLITE_CFLAGS)
AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/src/analysis/db/keymgn.c b/src/analysis/db/keymgn.c
new file mode 100644
index 0000000..bcd8d28
--- /dev/null
+++ b/src/analysis/db/keymgn.c
@@ -0,0 +1,166 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.c - mise en place et gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "keymgn.h"
+
+
+#include <glib.h>
+#include <malloc.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+
+
+#include <i18n.h>
+
+
+#include "../../common/xdg.h"
+
+
+
+/* Met en place de nouvelles clefs RSA. */
+static bool generate_user_rsa_keys(const char *, const char *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : S'assure que l'utilisateur dispose de clefs RSA. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool ensure_user_has_rsa_keys(void)
+{
+ bool result; /* Bilan à retourner */
+ char *priv; /* Chemin de la clef privée */
+ char *pub; /* Chemin de la clef publique */
+ int priv_check; /* Bilan d'une vérification #1 */
+ int pub_check; /* Bilan d'une vérification #2 */
+
+ result = NULL;
+
+ priv = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.priv");
+ pub = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.pub");
+
+ priv_check = access(priv, R_OK);
+ pub_check = access(pub, R_OK);
+
+ result = (priv_check == 0 && pub_check == 0);
+
+ if (!result)
+ {
+ result = generate_user_rsa_keys(priv, pub);
+
+ if (!result)
+ fprintf(stderr, _("Unable to create new user RSA key pair."));
+
+ }
+
+ free(priv);
+ free(pub);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : priv = chemin d'accès pour la clef privée. *
+* pub = chemin d'accès pour la clef publique. *
+* *
+* Description : Met en place de nouvelles clefs RSA. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool generate_user_rsa_keys(const char *priv, const char *pub)
+{
+ bool result; /* Bilan à retourner */
+ EVP_PKEY_CTX *ctx; /* Contexte de génération */
+ int ret; /* Bilan d'un appel */
+ EVP_PKEY *pair; /* Paire de clefs RSA générée */
+ char *filename; /* Chemin d'accès */
+ FILE *stream; /* Flux ouvert en écriture */
+
+ result = false;
+
+ /**
+ * Cf. https://www.openssl.org/docs/manmaster/crypto/EVP_PKEY_keygen.html
+ */
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (ctx == NULL) goto euhrk_exit;
+
+ ret = EVP_PKEY_keygen_init(ctx);
+ if (ret != 1) goto euhrk_exit;
+
+ ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048);
+ if (ret != 1) goto euhrk_exit;
+
+ ret = EVP_PKEY_keygen(ctx, &pair);
+ if (ret != 1) goto euhrk_exit;
+
+ /* Clef privée */
+
+ stream = fopen(priv, "wt");
+ if (stream == NULL) goto euhrk_bad_write;
+
+ ret = PEM_write_PrivateKey(stream, pair, NULL, NULL, 0, NULL, NULL);
+ if (ret != 1) goto euhrk_bad_write;
+
+ fclose(stream);
+
+ /* Clef publique */
+
+ stream = fopen(pub, "wt");
+ if (stream == NULL) goto euhrk_bad_write;
+
+ ret = PEM_write_PUBKEY(stream, pair);
+ if (ret != 1) goto euhrk_bad_write;
+
+ result = true;
+
+ euhrk_bad_write:
+
+ fclose(stream);
+
+ EVP_PKEY_free(pair);
+
+ euhrk_exit:
+
+ EVP_PKEY_CTX_free(ctx);
+
+ return result;
+
+}
diff --git a/src/analysis/db/keymgn.h b/src/analysis/db/keymgn.h
new file mode 100644
index 0000000..4aa33db
--- /dev/null
+++ b/src/analysis/db/keymgn.h
@@ -0,0 +1,37 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * keymgn.h - prototypes pour la mise en place et la gestion des clefs cryptographiques
+ *
+ * Copyright (C) 2016 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _ANALYSIS_DB_KEYMGN_H
+#define _ANALYSIS_DB_KEYMGN_H
+
+
+#include <stdbool.h>
+
+
+
+/* S'assure que l'utilisateur dispose de clefs RSA. */
+bool ensure_user_has_rsa_keys(void);
+
+
+
+#endif /* _ANALYSIS_DB_KEYMGN_H */