diff options
Diffstat (limited to 'src/analysis')
| -rwxr-xr-x | src/analysis/Makefile.am | 1 | ||||
| -rwxr-xr-x | src/analysis/db/Makefile.am | 14 | ||||
| -rw-r--r-- | src/analysis/db/keymgn.c | 166 | ||||
| -rw-r--r-- | src/analysis/db/keymgn.h | 37 |
4 files changed, 216 insertions, 2 deletions
diff --git a/src/analysis/Makefile.am b/src/analysis/Makefile.am index 0b65bbe..c143e1b 100755 --- a/src/analysis/Makefile.am +++ b/src/analysis/Makefile.am @@ -18,6 +18,7 @@ libanalysis_la_LIBADD = \ blocks/libanalysisblocks.la \ contents/libanalysiscontents.la \ db/libanalysisdb.la \ + db/libanalysiskeys.la \ decomp/libanalysisdecomp.la \ disass/libanalysisdisass.la \ types/libanalysistypes.la diff --git a/src/analysis/db/Makefile.am b/src/analysis/db/Makefile.am index 797025c..7e9f177 100755 --- a/src/analysis/db/Makefile.am +++ b/src/analysis/db/Makefile.am @@ -1,5 +1,6 @@ -noinst_LTLIBRARIES = libanalysisdb.la +noinst_LTLIBRARIES = libanalysisdb.la libanalysiskeys.la + libanalysisdb_la_SOURCES = \ cdb.h cdb.c \ @@ -15,10 +16,19 @@ libanalysisdb_la_LIBADD = \ items/libanalysisdbitems.la \ misc/libanalysisdbmisc.la - libanalysisdb_la_LDFLAGS = +libanalysiskeys_la_SOURCES = \ + keymgn.h keymgn.c + +libanalysiskeys_la_LIBADD = + +libanalysiskeys_la_CFLAGS = $(LIBSSL_CFLAGS) + +libanalysiskeys_la_LDFLAGS = $(LIBSSL_LIBS) + + AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBARCHIVE_CFLAGS) $(LIBSQLITE_CFLAGS) AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/analysis/db/keymgn.c b/src/analysis/db/keymgn.c new file mode 100644 index 0000000..bcd8d28 --- /dev/null +++ b/src/analysis/db/keymgn.c @@ -0,0 +1,166 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * keymgn.c - mise en place et gestion des clefs cryptographiques + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "keymgn.h" + + +#include <glib.h> +#include <malloc.h> +#include <stdio.h> +#include <unistd.h> +#include <openssl/evp.h> +#include <openssl/rsa.h> + + +#include <i18n.h> + + +#include "../../common/xdg.h" + + + +/* Met en place de nouvelles clefs RSA. */ +static bool generate_user_rsa_keys(const char *, const char *); + + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : S'assure que l'utilisateur dispose de clefs RSA. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool ensure_user_has_rsa_keys(void) +{ + bool result; /* Bilan à retourner */ + char *priv; /* Chemin de la clef privée */ + char *pub; /* Chemin de la clef publique */ + int priv_check; /* Bilan d'une vérification #1 */ + int pub_check; /* Bilan d'une vérification #2 */ + + result = NULL; + + priv = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.priv"); + pub = get_xdg_config_dir("chrysalide" G_DIR_SEPARATOR_S "id_rsa.pub"); + + priv_check = access(priv, R_OK); + pub_check = access(pub, R_OK); + + result = (priv_check == 0 && pub_check == 0); + + if (!result) + { + result = generate_user_rsa_keys(priv, pub); + + if (!result) + fprintf(stderr, _("Unable to create new user RSA key pair.")); + + } + + free(priv); + free(pub); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : priv = chemin d'accès pour la clef privée. * +* pub = chemin d'accès pour la clef publique. * +* * +* Description : Met en place de nouvelles clefs RSA. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool generate_user_rsa_keys(const char *priv, const char *pub) +{ + bool result; /* Bilan à retourner */ + EVP_PKEY_CTX *ctx; /* Contexte de génération */ + int ret; /* Bilan d'un appel */ + EVP_PKEY *pair; /* Paire de clefs RSA générée */ + char *filename; /* Chemin d'accès */ + FILE *stream; /* Flux ouvert en écriture */ + + result = false; + + /** + * Cf. https://www.openssl.org/docs/manmaster/crypto/EVP_PKEY_keygen.html + */ + + ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); + if (ctx == NULL) goto euhrk_exit; + + ret = EVP_PKEY_keygen_init(ctx); + if (ret != 1) goto euhrk_exit; + + ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048); + if (ret != 1) goto euhrk_exit; + + ret = EVP_PKEY_keygen(ctx, &pair); + if (ret != 1) goto euhrk_exit; + + /* Clef privée */ + + stream = fopen(priv, "wt"); + if (stream == NULL) goto euhrk_bad_write; + + ret = PEM_write_PrivateKey(stream, pair, NULL, NULL, 0, NULL, NULL); + if (ret != 1) goto euhrk_bad_write; + + fclose(stream); + + /* Clef publique */ + + stream = fopen(pub, "wt"); + if (stream == NULL) goto euhrk_bad_write; + + ret = PEM_write_PUBKEY(stream, pair); + if (ret != 1) goto euhrk_bad_write; + + result = true; + + euhrk_bad_write: + + fclose(stream); + + EVP_PKEY_free(pair); + + euhrk_exit: + + EVP_PKEY_CTX_free(ctx); + + return result; + +} diff --git a/src/analysis/db/keymgn.h b/src/analysis/db/keymgn.h new file mode 100644 index 0000000..4aa33db --- /dev/null +++ b/src/analysis/db/keymgn.h @@ -0,0 +1,37 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * keymgn.h - prototypes pour la mise en place et la gestion des clefs cryptographiques + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ANALYSIS_DB_KEYMGN_H +#define _ANALYSIS_DB_KEYMGN_H + + +#include <stdbool.h> + + + +/* S'assure que l'utilisateur dispose de clefs RSA. */ +bool ensure_user_has_rsa_keys(void); + + + +#endif /* _ANALYSIS_DB_KEYMGN_H */ |